diff --git a/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/auth/mapper/JwtMapper.java b/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/auth/mapper/JwtMapper.java index 2e14aa10..8fd533cc 100644 --- a/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/auth/mapper/JwtMapper.java +++ b/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/auth/mapper/JwtMapper.java @@ -131,6 +131,11 @@ public boolean isTokenExpired(String token, JwtType type) { return jwtProviderMap.get(type).isTokenExpired(token); } + /** + * 토큰을 블랙 리스트에 등록하는 메서드 + * @param token : 블랙 리스트에 등록할 토큰 + * @param type : 토큰의 타입 + */ public void ban(String token, JwtType type) { AccessToken forbiddenToken = AccessToken.of(token, getSubInfoFromToken(token, type).id(), getExpiryDate(token, type)); forbiddenTokenService.register(forbiddenToken); diff --git a/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/oauth/usecase/OauthUseCase.java b/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/oauth/usecase/OauthUseCase.java index 03719211..421931ff 100644 --- a/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/oauth/usecase/OauthUseCase.java +++ b/fitapet-app-external-api/src/main/java/kr/co/fitapet/api/apis/oauth/usecase/OauthUseCase.java @@ -60,14 +60,11 @@ public class OauthUseCase { private final OauthClientMapper oauthClientMapper; private final JwtMapper jwtMapper; - - private final ForbiddenTokenService forbiddenTokenService; + private final SmsRedisMapper smsRedisMapper; private final OIDCTokenService oidcTokenService; private final SmsProvider smsProvider; - private final SmsRedisMapper smsRedisMapper; - @Transactional public Optional> signInByOIDC(String id, String idToken, ProviderType provider, String nonce) { OIDCDecodePayload payload = getPayload(provider, idToken, nonce); @@ -102,10 +99,7 @@ public Pair signUpByOIDC(String id, ProviderType provider, String req oauthAccount.updateMember(member); oidcTokenService.deleteOIDCToken(req.idToken()); - forbiddenTokenService.register( - AccessToken.of(smsOauthToken, subs.id(), jwtMapper.getExpiryDate(smsOauthToken, JwtType.SMS_OAUTH_TOKEN)) - ); - + jwtMapper.ban(smsOauthToken, JwtType.SMS_OAUTH_TOKEN); log.info("success oauth signup member id : {} - oauth id : {} [provider: {}]", member.getId(), oauthAccount.getOauthId(), oauthAccount.getProvider()); return Pair.of(member.getId(), jwtMapper.login(JwtUserInfo.from(member))); @@ -117,8 +111,8 @@ public SmsRes sendCode(OauthSmsReq dto, ProviderType provider) { String key = makeTopic(dto.to(), provider); - smsRedisHelper.saveSmsAuthToken(key, smsInfo.code(), SmsPrefix.OAUTH); - LocalDateTime expireTime = smsRedisHelper.getExpiredTime(key, SmsPrefix.OAUTH); + smsRedisMapper.saveSmsAuthToken(key, smsInfo.code(), SmsPrefix.OAUTH); + LocalDateTime expireTime = smsRedisMapper.getExpiredTime(key, SmsPrefix.OAUTH); log.info("인증번호 만료 시간: {}", expireTime); return SmsRes.of(dto.to(), smsInfo.requestTime(), expireTime); } @@ -127,11 +121,11 @@ public SmsRes sendCode(OauthSmsReq dto, ProviderType provider) { public Pair checkCertificationNumber(OauthSmsReq req, String id, String code, ProviderType provider) { String key = makeTopic(req.to(), provider); log.info("key: {}", key); - if (!smsRedisHelper.isCorrectCode(key, code, SmsPrefix.OAUTH)) { + if (!smsRedisMapper.isCorrectCode(key, code, SmsPrefix.OAUTH)) { log.warn("인증번호 불일치 -> 사용자 입력 인증 번호 : {}", code); throw new GlobalErrorException(SmsErrorCode.INVALID_AUTH_CODE); } - smsRedisHelper.removeCode(key, SmsPrefix.OAUTH); + smsRedisMapper.removeCode(key, SmsPrefix.OAUTH); if (memberSearchService.isExistByPhone(req.to())) { Member member = memberSearchService.findByPhone(req.to()); @@ -174,7 +168,7 @@ private String makeTopic(String phoneNumber, ProviderType provider) { } private void validateToken(String accessToken, String value, ProviderType provider) { - if (forbiddenTokenService.isForbidden(accessToken)) + if (jwtMapper.isForbidden(accessToken)) throw new AuthErrorException(AuthErrorCode.FORBIDDEN_ACCESS_TOKEN, "forbidden access token"); ProviderType tokenProvider = getProviderByTopic(value);