[feature/InhaBas#329] JWT payload 형식 수정

whitem4rk · Jul 1, 2024 · deeacb8 · deeacb8
2 parents 854b916 + e2752ee
commit deeacb8
Show file tree

Hide file tree

Showing 5 changed files with 43 additions and 24 deletions.
diff --git a/module-auth/src/main/java/com/inhabas/api/auth/domain/oauth2/CustomOAuth2User.java b/module-auth/src/main/java/com/inhabas/api/auth/domain/oauth2/CustomOAuth2User.java
@@ -3,27 +3,30 @@
 import java.util.Collection;
 import java.util.Map;
 
+import lombok.Getter;
+import lombok.Setter;
+
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
 
+@Setter
+@Getter
 public class CustomOAuth2User extends DefaultOAuth2User {
 
   private Long memberId;
+  private String memberName;
+  private String memberPicture;
 
   public CustomOAuth2User(
       Collection<? extends GrantedAuthority> authorities,
       Map<String, Object> attributes,
       String nameAttributeKey,
-      Long memberId) {
+      Long memberId,
+      String memberName,
+      String memberPicture) {
     super(authorities, attributes, nameAttributeKey);
     this.memberId = memberId;
-  }
-
-  public Long getMemberId() {
-    return memberId;
-  }
-
-  public void setMemberId(Long memberId) {
-    this.memberId = memberId;
+    this.memberName = memberName;
+    this.memberPicture = memberPicture;
   }
 }
diff --git a/module-auth/src/main/java/com/inhabas/api/auth/domain/oauth2/CustomOAuth2UserService.java b/module-auth/src/main/java/com/inhabas/api/auth/domain/oauth2/CustomOAuth2UserService.java
@@ -46,7 +46,7 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic
     Member member =
         memberRepository
             .findByProviderAndUid(oAuth2UserInfo.getProvider(), new UID(oAuth2UserInfo.getId()))
-            .orElseThrow(() -> new InvalidOAuth2InfoException());
+            .orElseThrow(InvalidOAuth2InfoException::new);
 
     // 현재 로그인하려는 유저에 맞는 권한을 들고옴.
     Collection<SimpleGrantedAuthority> authorities =
@@ -59,6 +59,11 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic
             .getUserInfoEndpoint()
             .getUserNameAttributeName();
     return new CustomOAuth2User(
-        authorities, oAuth2UserInfo.getAttributes(), nameAttributeKey, member.getId());
+        authorities,
+        oAuth2UserInfo.getAttributes(),
+        nameAttributeKey,
+        member.getId(),
+        member.getName(),
+        member.getPicture());
   }
 }
diff --git a/module-auth/src/main/java/com/inhabas/api/auth/domain/token/jwtUtils/JwtTokenUtil.java b/module-auth/src/main/java/com/inhabas/api/auth/domain/token/jwtUtils/JwtTokenUtil.java
@@ -42,10 +42,10 @@ public class JwtTokenUtil implements TokenUtil {
 
   private final Long ACCESS_TOKEN_VALID_MILLISECOND = 30 * 60 * 1000L; // 0.5 hour
   private static final Long REFRESH_TOKEN_VALID_MILLI_SECOND = 7 * 24 * 60 * 60 * 1000L; // 7 days
-  private static final String PROVIDER = "provider";
   private static final String AUTHORITY = "authorities";
-  private static final String EMAIL = "email";
   private static final String MEMBER_ID = "memberId";
+  private static final String MEMBER_NAME = "memberName";
+  private static final String MEMBER_PICTURE = "memberPicture";
 
   @Override
   public String createAccessToken(Authentication authentication) {
@@ -72,12 +72,9 @@ private String createToken(Authentication authentication, Long expiration) {
 
     OAuth2UserInfo oAuth2UserInfo =
         OAuth2UserInfoFactory.getOAuth2UserInfo((OAuth2AuthenticationToken) authentication);
-    String provider = oAuth2UserInfo.getProvider().toString();
     String uid = oAuth2UserInfo.getId();
-    String email = oAuth2UserInfo.getEmail();
 
     CustomOAuth2User customOAuth2User = (CustomOAuth2User) authentication.getPrincipal();
-    Long memberId = customOAuth2User.getMemberId();
 
     List<String> authorities =
         authentication.getAuthorities().stream()
@@ -91,9 +88,9 @@ private String createToken(Authentication authentication, Long expiration) {
     return Jwts.builder()
         .setHeaderParam(Header.TYPE, Header.JWT_TYPE)
         .setSubject(uid)
-        .claim(MEMBER_ID, memberId)
-        .claim(PROVIDER, provider)
-        .claim(EMAIL, email)
+        .claim(MEMBER_ID, customOAuth2User.getMemberId())
+        .claim(MEMBER_NAME, customOAuth2User.getMemberName())
+        .claim(MEMBER_PICTURE, customOAuth2User.getMemberPicture())
         .claim(AUTHORITY, authorities)
         .setIssuedAt(now)
         .setExpiration(expiryDate)

diff --git a/module-auth/src/test/java/com/inhabas/api/auth/domain/token/JwtTokenUtilTest.java b/module-auth/src/test/java/com/inhabas/api/auth/domain/token/JwtTokenUtilTest.java
@@ -34,6 +34,9 @@ public class JwtTokenUtilTest {
 
   @InjectMocks private JwtTokenUtil jwtTokenUtil;
 
+  private static final String DEFAULT_PICTURE =
+      "https://ssl.pstatic.net/static/pwe/address/img_profile.png";
+
   @BeforeEach
   void setUp() {
     ReflectionTestUtils.setField(
@@ -61,7 +64,9 @@ public void createJwtTokenTest() {
         };
     OAuth2AuthenticationToken authentication =
         new OAuth2AuthenticationToken(
-            new CustomOAuth2User(authorities, attributes, "sub", 1L), authorities, "google");
+            new CustomOAuth2User(authorities, attributes, "sub", 1L, "조승현", DEFAULT_PICTURE),
+            authorities,
+            "google");
 
     // when
     String accessToken = jwtTokenUtil.createAccessToken(authentication);
@@ -96,7 +101,9 @@ public void getAuthenticationUsingToken() {
         };
     OAuth2AuthenticationToken authentication =
         new OAuth2AuthenticationToken(
-            new CustomOAuth2User(authorities, attributes, "sub", 1L), authorities, "google");
+            new CustomOAuth2User(authorities, attributes, "sub", 1L, "조승현", DEFAULT_PICTURE),
+            authorities,
+            "google");
 
     String accessToken = jwtTokenUtil.createAccessToken(authentication);
 
@@ -129,7 +136,9 @@ public void reissueAccessToken() {
         };
     OAuth2AuthenticationToken authentication =
         new OAuth2AuthenticationToken(
-            new CustomOAuth2User(authorities, attributes, "sub", 1L), authorities, "google");
+            new CustomOAuth2User(authorities, attributes, "sub", 1L, "조승현", DEFAULT_PICTURE),
+            authorities,
+            "google");
     String refreshToken = jwtTokenUtil.createRefreshToken(authentication);
 
     // when
@@ -180,7 +189,9 @@ public void validateValidToken() {
         };
     OAuth2AuthenticationToken authentication =
         new OAuth2AuthenticationToken(
-            new CustomOAuth2User(authorities, attributes, "sub", 1L), authorities, "google");
+            new CustomOAuth2User(authorities, attributes, "sub", 1L, "조승현", DEFAULT_PICTURE),
+            authorities,
+            "google");
 
     String accessToken = jwtTokenUtil.createAccessToken(authentication);
 

diff --git a/resource-server/src/test/java/com/inhabas/api/domain/signUp/SignUpIntegrationTest.java b/resource-server/src/test/java/com/inhabas/api/domain/signUp/SignUpIntegrationTest.java
@@ -65,6 +65,8 @@ public class SignUpIntegrationTest {
   @Autowired private SignUpScheduleRepository scheduleRepository;
 
   private static final String ROLE_PREFIX = "ROLE_";
+  private static final String DEFAULT_PICTURE =
+      "https://ssl.pstatic.net/static/pwe/address/img_profile.png";
 
   private String token;
 
@@ -336,7 +338,8 @@ public static RequestPostProcessor accessToken(String accessToken) {
         OAuth2UserInfoFactory.getOAuth2UserInfo("NAVER", nameAttributeKey);
     memberService.updateSocialAccountInfo(oAuth2UserInfo);
     CustomOAuth2User customOAuth2User =
-        new CustomOAuth2User(grantedAuthorities, nameAttributeKey, "response", 1L);
+        new CustomOAuth2User(
+            grantedAuthorities, nameAttributeKey, "response", 1L, "조승현", DEFAULT_PICTURE);
 
     return tokenUtil.createAccessToken(
         new OAuth2AuthenticationToken(customOAuth2User, grantedAuthorities, "NAVER"));