Feat: refresh token을 발급해서 반환하도록 필드 추가 (#200)

src/main/java/com/dnd/runus/auth/config/TokenConfig.java

@@ -17,4 +17,11 @@ TokenStrategy accessTokenStrategy(
  @Value("${app.auth.token.access.secret-key}") String secretKey) {
  return JwtTokenStrategy.of(secretKey, accessExpiration, Jwts.SIG.HS256);
  }
+
+ @Bean("refreshTokenStrategy")
+ TokenStrategy refreshTokenStrategy(
+ @Value("${app.auth.token.refresh.expiration}") Duration refreshExpiration,
+ @Value("${app.auth.token.refresh.secret-key}") String secretKey) {
+ return JwtTokenStrategy.of(secretKey, refreshExpiration, Jwts.SIG.HS256);
+ }
 }

src/main/java/com/dnd/runus/auth/token/TokenProviderModule.java

@@ -2,6 +2,7 @@
 
 import com.dnd.runus.auth.token.access.AccessTokenProvider;
 import com.dnd.runus.auth.token.dto.AuthTokenDto;
+import com.dnd.runus.auth.token.refresh.RefreshTokenProvider;
 import com.dnd.runus.global.constant.AuthConstant;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -12,12 +13,13 @@
 @RequiredArgsConstructor
 public class TokenProviderModule {
  private final AccessTokenProvider accessTokenProvider;
- // TODO: RefreshTokenProvider refreshTokenProvider;
+ private final RefreshTokenProvider refreshTokenProvider;
 
  public AuthTokenDto generate(String subject) {
  String accessToken = accessTokenProvider.issueToken(subject);
+ String refreshToken = refreshTokenProvider.issueToken(subject);
 
  log.info("Login success, sub: {}", subject);
- return new AuthTokenDto(accessToken, AuthConstant.TOKEN_TYPE);
+ return new AuthTokenDto(accessToken, refreshToken, AuthConstant.TOKEN_TYPE);
  }
 }

src/main/java/com/dnd/runus/auth/token/dto/AuthTokenDto.java

@@ -2,6 +2,7 @@
 
 public record AuthTokenDto(
  String accessToken,
+ String refreshToken,
  String type
 ) {
 }

src/main/java/com/dnd/runus/auth/token/refresh/RefreshTokenProvider.java

@@ -0,0 +1,32 @@
+package com.dnd.runus.auth.token.refresh;
+
+import com.dnd.runus.auth.token.dto.AuthTokenClaimDto;
+import com.dnd.runus.auth.token.strategry.TokenStrategy;
+import com.dnd.runus.global.constant.AuthConstant;
+import io.micrometer.common.util.StringUtils;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Component;
+
+@Component
+public class RefreshTokenProvider {
+ private final TokenStrategy strategy;
+
+ public RefreshTokenProvider(@Qualifier("refreshTokenStrategy") TokenStrategy tokenStrategy) {
+ this.strategy = tokenStrategy;
+ }
+
+ public String resolveToken(String rawToken) {
+ if (StringUtils.isNotBlank(rawToken) && rawToken.startsWith(AuthConstant.TOKEN_TYPE)) {
+ return rawToken.substring(AuthConstant.TOKEN_TYPE.length()).trim();
+ }
+ return "";
+ }
+
+ public String issueToken(String subject) {
+ return strategy.generateToken(subject);
+ }
+
+ public AuthTokenClaimDto getClaims(String token) {
+ return strategy.getClaims(token);
+ }
+}

src/main/java/com/dnd/runus/presentation/v1/oauth/dto/response/SignResponse.java

@@ -12,8 +12,7 @@ public record SignResponse(
  String email,
  @Schema(description = "엑세스 토큰")
  String accessToken,
- //todo refresh token 구현 되면
- @Schema(description = "리프레시토큰(아직 리프레시 토큰 구현이 아직 안되어서 발급하면 'refreshToken'으로 리턴될 거에요.")
+ @Schema(description = "리프레시 토큰")
  String refreshToken
 ) {
 
@@ -22,6 +21,6 @@ public static SignResponse from(String nickname, String email, AuthTokenDto toke
  nickname,
  email,
  tokenDto.accessToken(),
- "refreshToken");
+ tokenDto.refreshToken());
  }
 }

src/main/resources/.env.example

@@ -9,6 +9,9 @@ ALLOW_ORIGINS=
 ACCESS_TOKEN_EXPIRATION=
 ACCESS_TOKEN_SECRET_KEY=
 
+REFRESH_TOKEN_EXPIRATION=
+REFRESH_TOKEN_SECRET_KEY=
+
 APPLE_CLIENT_ID=
 APPLE_KEY_ID=
 APPLE_TEAM_ID=

src/main/resources/application.yml

@@ -27,6 +27,9 @@ app:
  access:
  expiration: ${ACCESS_TOKEN_EXPIRATION}
  secret-key: ${ACCESS_TOKEN_SECRET_KEY}
+ refresh:
+ expiration: ${REFRESH_TOKEN_EXPIRATION}
+ secret-key: ${REFRESH_TOKEN_SECRET_KEY}
  default-zone-offset: +09:00
 
 oauth:

src/test/java/com/dnd/runus/application/oauth/OauthServiceTest.java

@@ -128,7 +128,7 @@ void socialProfile_exist_then_signIn_success() {
  given(claims.get("email")).willReturn(email);
  given(socialProfileRepository.findBySocialTypeAndOauthId(socialType, oauthId))
  .willReturn(Optional.of(new SocialProfile(1L, member, socialType, oauthId, email)));
- AuthTokenDto tokenDto = new AuthTokenDto("access-token", "bearer");
+ AuthTokenDto tokenDto = new AuthTokenDto("access-token", "refresh-token", "bearer");
  given(tokenProviderModule.generate(String.valueOf(member.memberId())))
  .willReturn(tokenDto);
 
@@ -171,7 +171,7 @@ void socialProfile_not_exist_then_signUp_success() {
  SocialProfile socialProfile = new SocialProfile(1L, member, socialType, oauthId, email);
  given(socialProfileRepository.findBySocialTypeAndOauthId(socialType, oauthId))
  .willReturn(Optional.of(socialProfile));
- AuthTokenDto tokenDto = new AuthTokenDto("access-token", "bearer");
+ AuthTokenDto tokenDto = new AuthTokenDto("access-token", "refresh-token", "bearer");
  given(tokenProviderModule.generate(String.valueOf(member.memberId())))
  .willReturn(tokenDto);
 
@@ -202,7 +202,7 @@ void socialProfile_not_exist_then_signUp_save_social_profile() {
  SocialProfile socialProfile = new SocialProfile(1L, newMember, socialType, oauthId, email);
  given(socialProfileRepository.save(any(SocialProfile.class))).willReturn(socialProfile);
 
- AuthTokenDto tokenDto = new AuthTokenDto("access-token", "bearer");
+ AuthTokenDto tokenDto = new AuthTokenDto("access-token", "refresh-token", "bearer");
  given(tokenProviderModule.generate(String.valueOf(newMember.memberId())))
  .willReturn(tokenDto);
 

src/test/resources/application.yml

@@ -22,6 +22,9 @@ app:
  access:
  expiration: PT1H
  secret-key: test-long-long-long-secret-key
+ refresh:
+ expiration: PT1H
+ secret-key: test-long-long-long-secret-key
  default-zone-offset: +09:00
 
 oauth: