Skip to content

Commit 9931120

Browse files
authored
Merge pull request #148 from DevKor-github/develop
애플 로그인 main에 합병(develop -> main)
2 parents c70b083 + e8d0183 commit 9931120

File tree

7 files changed

+35
-9
lines changed

7 files changed

+35
-9
lines changed

src/main/java/devkor/com/teamcback/domain/user/validator/AppleValidator.java

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCDecodePayload;
1010
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeyDto;
1111
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeysResponse;
12+
import devkor.com.teamcback.global.redis.RedisUtil;
1213
import io.jsonwebtoken.Header;
1314
import lombok.RequiredArgsConstructor;
1415
import org.springframework.beans.factory.annotation.Value;
@@ -19,11 +20,14 @@
1920
public class AppleValidator {
2021
private final OIDCUtil oidcUtil;
2122
private final AppleClient appleClient;
23+
private final RedisUtil redisUtil;
2224
private static final String KID = "kid";
2325
private static final String ALG = "alg";
2426

2527
@Value("${jwt.social.apple.iss}")
2628
private String ISS;
29+
@Value("${jwt.social.apple.dev-aud}")
30+
private String DEV_AUD;
2731
@Value("${jwt.social.apple.aud}")
2832
private String AUD;
2933

@@ -34,7 +38,7 @@ public OIDCPublicKeysResponse getCachedData() {
3438
public String validateToken(String token) {
3539
try {
3640
// id_token 정보
37-
Header tokenInfo = oidcUtil.getUnsignedTokenClaims(token, AUD, ISS).getHeader();
41+
Header tokenInfo = oidcUtil.getUnsignedTokenClaims(token, new String[] {DEV_AUD, AUD}, ISS).getHeader();
3842
String kid = (String) tokenInfo.get(KID);
3943
String alg = (String) tokenInfo.get(ALG);
4044

@@ -51,7 +55,8 @@ public String validateToken(String token) {
5155

5256
return payload.getSub();
5357
} catch(GlobalException e) {
54-
throw new GlobalException(LOG_IN_REQUIRED);
58+
redisUtil.deleteCache("apple::data");
59+
throw new GlobalException(e.getResultCode());
5560
} catch (Exception e) {
5661
throw new GlobalException(INVALID_TOKEN);
5762
}

src/main/java/devkor/com/teamcback/domain/user/validator/GoogleValidator.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCDecodePayload;
1010
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeyDto;
1111
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeysResponse;
12+
import devkor.com.teamcback.global.redis.RedisUtil;
1213
import lombok.RequiredArgsConstructor;
1314
import org.springframework.beans.factory.annotation.Value;
1415
import org.springframework.stereotype.Component;
@@ -18,6 +19,7 @@
1819
public class GoogleValidator {
1920
private final OIDCUtil oidcUtil;
2021
private final GoogleClient googleClient;
22+
private final RedisUtil redisUtil;
2123

2224
@Value("${jwt.social.google.iss}")
2325
private String ISS;
@@ -46,7 +48,8 @@ public String validateToken(String token) {
4648

4749
return payload.getEmail();
4850
} catch(GlobalException e) {
49-
throw new GlobalException(LOG_IN_REQUIRED);
51+
redisUtil.deleteCache("google::data");
52+
throw new GlobalException(e.getResultCode());
5053
} catch (Exception e) {
5154
throw new GlobalException(INVALID_TOKEN);
5255
}

src/main/java/devkor/com/teamcback/domain/user/validator/KakaoValidator.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCDecodePayload;
1010
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeyDto;
1111
import devkor.com.teamcback.global.jwt.OIDC.dto.OIDCPublicKeysResponse;
12+
import devkor.com.teamcback.global.redis.RedisUtil;
1213
import lombok.RequiredArgsConstructor;
1314
import org.springframework.beans.factory.annotation.Value;
1415
import org.springframework.stereotype.Component;
@@ -18,6 +19,7 @@
1819
public class KakaoValidator{
1920
private final OIDCUtil oidcUtil;
2021
private final KakaoClient kakaoClient;
22+
private final RedisUtil redisUtil;
2123

2224
@Value("${jwt.social.kakao.iss}")
2325
private String ISS;
@@ -46,7 +48,8 @@ public String validateToken(String token) {
4648

4749
return payload.getEmail();
4850
} catch(GlobalException e) {
49-
throw new GlobalException(LOG_IN_REQUIRED);
51+
redisUtil.deleteCache("kakao::data");
52+
throw new GlobalException(e.getResultCode());
5053
} catch (Exception e) {
5154
throw new GlobalException(INVALID_TOKEN);
5255
}

src/main/java/devkor/com/teamcback/domain/user/validator/client/AppleClient.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@
77

88
@FeignClient(name = "appleClient", url = "https://appleid.apple.com")
99
public interface AppleClient {
10-
@Cacheable(value = "apple")
10+
@Cacheable(value = "apple", key = "'data'")
1111
@GetMapping("/auth/keys")
1212
OIDCPublicKeysResponse getPublicKeys();
1313
}

src/main/java/devkor/com/teamcback/global/jwt/OIDC/OIDCUtil.java

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
import java.security.NoSuchAlgorithmException;
1616
import java.security.spec.InvalidKeySpecException;
1717
import java.security.spec.RSAPublicKeySpec;
18+
import java.util.Arrays;
1819
import java.util.Base64;
1920
import lombok.RequiredArgsConstructor;
2021
import org.springframework.stereotype.Component;
@@ -24,16 +25,25 @@
2425
public class OIDCUtil {
2526
private static final String KID = "kid";
2627
public String getKidFromUnsignedTokenHeader(String token, String aud, String iss) {
27-
return (String) getUnsignedTokenClaims(token, aud, iss).getHeader().get(KID);
28+
return (String) getUnsignedTokenClaims(token, new String[] {aud}, iss).getHeader().get(KID);
2829
}
2930

30-
public Jwt<Header, Claims> getUnsignedTokenClaims(String token, String aud, String iss) {
31+
public Jwt<Header, Claims> getUnsignedTokenClaims(String token, String[] aud, String iss) {
3132
try {
32-
return Jwts.parserBuilder()
33-
.requireAudience(aud)
33+
Jwt<Header, Claims> claims = Jwts.parserBuilder()
3434
.requireIssuer(iss)
3535
.build()
3636
.parseClaimsJwt(getUnsignedToken(token));
37+
38+
// 추가적인 audience 검증
39+
String audience = claims.getBody().getAudience();
40+
if (audience == null || Arrays.stream(aud).noneMatch(audience::equals)) {
41+
throw new GlobalException(INVALID_TOKEN);
42+
}
43+
44+
return claims;
45+
} catch (GlobalException e) {
46+
throw new GlobalException(e.getResultCode());
3747
} catch (Exception e) {
3848
throw new GlobalException(INVALID_TOKEN);
3949
}

src/main/java/devkor/com/teamcback/global/redis/RedisUtil.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,5 +35,9 @@ public boolean delete(String key) {
3535
public boolean hasKey(String key) {
3636
return Boolean.TRUE.equals(redisTemplate.hasKey(key));
3737
}
38+
39+
public void deleteCache(String key) {
40+
redisTemplate.delete(key);
41+
}
3842
}
3943

src/main/resources/application.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,7 @@ jwt:
9393
apple:
9494
iss: ${APPLE_ISS}
9595
aud: ${APPLE_AUD}
96+
dev-aud: ${APPLE_DEV_AUD}
9697
admin:
9798
token: ${JWT_ADMIN_TOKEN}
9899

0 commit comments

Comments
 (0)