From 8c2b000c83f96dddc1d826ed42d848d15695f214 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=B9=80=EA=B5=90=ED=9C=98?= Date: Sun, 2 Jun 2024 04:46:30 +0900 Subject: [PATCH] =?UTF-8?q?refresh=20token=20=EB=B0=9C=EA=B8=89=EB=B0=A9?= =?UTF-8?q?=EC=8B=9D=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../config/oauth2/CustomSuccessHandler.java | 43 ++++++++----------- .../service/RefreshTokenService.java | 34 +++++---------- 2 files changed, 29 insertions(+), 48 deletions(-) diff --git a/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java b/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java index 9787923..037befb 100644 --- a/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java +++ b/src/main/java/com/soongsil/CoffeeChat/config/oauth2/CustomSuccessHandler.java @@ -6,6 +6,7 @@ import java.util.Iterator; import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseCookie; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; @@ -68,43 +69,35 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo GrantedAuthority auth = iterator.next(); String role = auth.getAuthority(); - String accessToken = jwtUtil.createJwt("access", username, role, 600000L); //10분 + String accessToken = jwtUtil.createJwt("access", username, role, 600000L); // 10분 System.out.println("accessToken = " + accessToken); - String refreshToken = jwtUtil.createJwt("refresh", username, role, 86400000L); //24시간 + String refreshToken = jwtUtil.createJwt("refresh", username, role, 86400000L); // 24시간 addRefreshEntity(username, refreshToken, 86400000L); // Refresh 토큰 쿠키에 추가 - addSameSiteCookie(response, createCookie("refresh", refreshToken)); + addSameSiteCookie(response, "refresh", refreshToken); // loginStatus 쿠키 추가 - if (role.equals("ROLE_USER")) - addSameSiteCookie(response, createCookie("loginStatus", "signup")); - else if (role.equals("ROLE_MENTEE") || role.equals("ROLE_MENTOR")) - addSameSiteCookie(response, createCookie("loginStatus", "main")); + if (role.equals("ROLE_USER")) { + addSameSiteCookie(response, "loginStatus", "signup"); + } else if (role.equals("ROLE_MENTEE") || role.equals("ROLE_MENTOR")) { + addSameSiteCookie(response, "loginStatus", "main"); + } response.setStatus(HttpStatus.OK.value()); response.sendRedirect("https://cogo.life/swagger-ui/index.html"); } - private Cookie createCookie(String key, String value) { - Cookie cookie = new Cookie(key, value); - cookie.setMaxAge(24 * 60 * 60); // 24시간 - cookie.setSecure(true); // https에서만 쿠키가 사용되게끔 설정 - cookie.setPath("/"); // 전역에서 쿠키가 보이게끔 설정 - cookie.setHttpOnly(true); // JS가 쿠키를 가져가지 못하게 HTTPOnly 설정 - return cookie; - } - - private void addSameSiteCookie(HttpServletResponse response, Cookie cookie) { - StringBuilder cookieString = new StringBuilder(); - cookieString.append(cookie.getName()).append("=").append(cookie.getValue()).append("; "); - cookieString.append("Max-Age=").append(cookie.getMaxAge()).append("; "); - cookieString.append("Path=").append(cookie.getPath()).append("; "); - cookieString.append("HttpOnly; "); - cookieString.append("SameSite=None; "); - cookieString.append("Secure"); + private void addSameSiteCookie(HttpServletResponse response, String name, String value) { + ResponseCookie responseCookie = ResponseCookie.from(name, value) + .httpOnly(true) + .secure(true) + .path("/") + .maxAge(24 * 60 * 60) + .sameSite("None") + .build(); - response.addHeader("Set-Cookie", cookieString.toString()); + response.addHeader("Set-Cookie", responseCookie.toString()); } } diff --git a/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java b/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java index 240f6dc..f32962f 100644 --- a/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java +++ b/src/main/java/com/soongsil/CoffeeChat/service/RefreshTokenService.java @@ -3,6 +3,7 @@ import java.util.Date; import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseCookie; import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Service; @@ -40,7 +41,6 @@ private void addRefreshEntity(String username, String refresh, Long expiredMs) { public ResponseEntity reissueByRefreshToken(HttpServletRequest request, HttpServletResponse response) { // Get refresh token - System.out.println("리이슈 api실행"); String refresh = null; String loginStatus = null; Cookie[] cookies = request.getCookies(); @@ -98,31 +98,19 @@ public ResponseEntity reissueByRefreshToken(HttpServletRequest request, HttpS // Response response.setHeader("access", newAccess); - response.setHeader("refresh", newRefresh); response.setHeader("loginStatus", loginStatus); - addSameSiteCookie(response, createCookie("refresh", newRefresh)); - return new ResponseEntity<>(HttpStatus.OK); - } + // SameSite 설정을 포함한 쿠키 추가 + ResponseCookie responseCookie = ResponseCookie.from("refresh", newRefresh) + .httpOnly(true) + .secure(true) + .path("/") + .maxAge(24 * 60 * 60) + .sameSite("None") + .build(); - private Cookie createCookie(String key, String value) { - Cookie cookie = new Cookie(key, value); - cookie.setMaxAge(24 * 60 * 60); // 24시간 - cookie.setSecure(true); // https에서만 쿠키가 사용되게끔 설정 - cookie.setPath("/"); // 전역에서 쿠키가 보이게끔 설정 - cookie.setHttpOnly(true); // JS가 쿠키를 가져가지 못하게 HTTPOnly 설정 - return cookie; - } + response.addHeader("Set-Cookie", responseCookie.toString()); - private void addSameSiteCookie(HttpServletResponse response, Cookie cookie) { - StringBuilder cookieString = new StringBuilder(); - cookieString.append(cookie.getName()).append("=").append(cookie.getValue()).append("; "); - cookieString.append("Max-Age=").append(cookie.getMaxAge()).append("; "); - cookieString.append("Path=").append(cookie.getPath()).append("; "); - cookieString.append("HttpOnly; "); - cookieString.append("SameSite=None; "); - cookieString.append("Secure"); - - response.addHeader("Set-Cookie", cookieString.toString()); + return new ResponseEntity<>(HttpStatus.OK); } }