From 948fa399b23e9eda018299fb4b0793d7ff412563 Mon Sep 17 00:00:00 2001 From: Ethan Date: Mon, 18 Sep 2023 19:37:16 +0900 Subject: [PATCH] =?UTF-8?q?refresh=20=EB=A5=BC=20=ED=98=B8=EC=B6=9C?= =?UTF-8?q?=ED=95=A0=20=EB=95=8C=20=EB=A7=8C=EB=A3=8C=EA=B8=B0=ED=95=9C?= =?UTF-8?q?=EC=9D=84=20=ED=99=95=EC=9D=B8=ED=95=98=EB=8A=94=20=EB=A1=9C?= =?UTF-8?q?=EC=A7=81=20=EC=A0=9C=EA=B1=B0=20(#510)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit refactor: /refresh 를 호출할 때 만료기한을 확인하는 로직 제거 --- .../common/exception/ClientErrorCode.java | 1 - .../baton/infra/auth/jwt/JwtDecoder.java | 4 +-- .../oauth/OauthRefreshTokenAssuredTest.java | 28 ------------------- 3 files changed, 1 insertion(+), 32 deletions(-) diff --git a/backend/baton/src/main/java/touch/baton/domain/common/exception/ClientErrorCode.java b/backend/baton/src/main/java/touch/baton/domain/common/exception/ClientErrorCode.java index 7d329545a..a8fea6fc7 100644 --- a/backend/baton/src/main/java/touch/baton/domain/common/exception/ClientErrorCode.java +++ b/backend/baton/src/main/java/touch/baton/domain/common/exception/ClientErrorCode.java @@ -39,7 +39,6 @@ public enum ClientErrorCode { JWT_CLAIM_IS_WRONG(HttpStatus.UNAUTHORIZED, "JW003", "JWT 에 기대한 정보를 모두 포함하고 있지 않습니다."), JWT_CLAIM_SOCIAL_ID_IS_WRONG(HttpStatus.UNAUTHORIZED, "JW004", "사용자의 잘못된 소셜 아이디(SocialId) 정보를 가진 JWT 입니다."), JWT_CLAIM_IS_ALREADY_EXPIRED(HttpStatus.UNAUTHORIZED, "JW005", "기간이 만료된 JWT 입니다."), - JWT_CLAIM_IS_NOT_EXPIRED(HttpStatus.UNAUTHORIZED, "JW006", "만료되지 않은 JWT로 새로운 JWT를 발급 받을 수 없습니다."), REFRESH_TOKEN_IS_NOT_FOUND(HttpStatus.UNAUTHORIZED, "JW007", "해당 사용자의 Refresh Token이 존재하지 않습니다."), ACCESS_TOKEN_AND_REFRESH_TOKEN_HAVE_DIFFERENT_OWNER(HttpStatus.UNAUTHORIZED, "JW008", "Access Token 과 Refresh Token 의 주인이 다릅니다."), REFRESH_TOKEN_IS_ALREADY_EXPIRED(HttpStatus.UNAUTHORIZED, "JW009", "기간이 만료된 Refresh Token 입니다."), diff --git a/backend/baton/src/main/java/touch/baton/infra/auth/jwt/JwtDecoder.java b/backend/baton/src/main/java/touch/baton/infra/auth/jwt/JwtDecoder.java index 97d6b0244..ab1870e8a 100644 --- a/backend/baton/src/main/java/touch/baton/infra/auth/jwt/JwtDecoder.java +++ b/backend/baton/src/main/java/touch/baton/infra/auth/jwt/JwtDecoder.java @@ -50,9 +50,7 @@ public Claims parseExpiredAuthorizationHeader(final AuthorizationHeader authoriz .build(); final String token = authorizationHeader.parseBearerAccessToken(); - jwtParser.parseClaimsJws(token).getBody(); - - throw new OauthRequestException(ClientErrorCode.JWT_CLAIM_IS_NOT_EXPIRED); + return jwtParser.parseClaimsJws(token).getBody(); } catch (final SignatureException e) { throw new OauthRequestException(ClientErrorCode.JWT_SIGNATURE_IS_WRONG); } catch (final MalformedJwtException e) { diff --git a/backend/baton/src/test/java/touch/baton/assure/oauth/OauthRefreshTokenAssuredTest.java b/backend/baton/src/test/java/touch/baton/assure/oauth/OauthRefreshTokenAssuredTest.java index 687d10acf..0b7bb1939 100644 --- a/backend/baton/src/test/java/touch/baton/assure/oauth/OauthRefreshTokenAssuredTest.java +++ b/backend/baton/src/test/java/touch/baton/assure/oauth/OauthRefreshTokenAssuredTest.java @@ -79,34 +79,6 @@ class OauthRefreshTokenAssuredTest extends AssuredTestConfig { .새로운_액세스_토큰과_리프레시_토큰을_반환한다(); } - @Test - void 만료되지_않은_JWT와_리프레시_토큰을_가지고_리프레시_요청을_보내면_실패한다() { - OauthAssuredSupport - .클라이언트_요청() - .소셜_로그인을_위한_리다이렉트_URL을_요청한다(OauthType.GITHUB) - - .서버_응답() - .소셜_로그인을_위한_리다이렉트_URL_요청_성공을_검증한다(); - - final Tokens 액세스_토큰과_리프레시_토큰 = OauthAssuredSupport - .클라이언트_요청() - .AuthCode를_통해_소셜_토큰을_발급_받은_후_사용자를_회원가입_한다(OauthType.GITHUB, MockAuthCodes.ethanAuthCode()) - - .서버_응답() - .AuthCode를_통해_소셜_토큰_발급_및_사용자_회원가입에_성공한다() - .액세스_토큰과_리프레시_토큰을_반환한다(MemberFixture.createEthan()); - - final String 유효_액세스_토큰 = 액세스_토큰과_리프레시_토큰.accessToken().getValue(); - final String 리프레시_토큰 = 리프레시_토큰을_가져온다(액세스_토큰과_리프레시_토큰); - - OauthAssuredSupport - .클라이언트_요청() - .기간_만료_액세스_토큰과_리프레시_토큰으로_리프레시_요청한다(유효_액세스_토큰, 리프레시_토큰) - - .서버_응답() - .오류가_발생한다(ClientErrorCode.JWT_CLAIM_IS_NOT_EXPIRED); - } - @Test void 다른_사람의_JWT와_리프레시_토큰을_가지고_리프레시_요청을_보내면_실패한다() { OauthAssuredSupport