refactor : 리프레쉬 토큰 예외처리

AdultOfNineteen · Feb 18, 2024 · c839ded · c839ded
1 parent c8929a6
commit c839ded
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 2 deletions.
diff --git a/Winey-API/src/main/java/com/example/wineyapi/security/JwtService.java b/Winey-API/src/main/java/com/example/wineyapi/security/JwtService.java
@@ -1,5 +1,6 @@
 package com.example.wineyapi.security;
 
+import com.example.wineycommon.exception.UnauthorizedException;
 import com.example.wineycommon.properties.JwtProperties;
 import com.example.wineydomain.redis.entity.AccessToken;
 import com.example.wineydomain.redis.entity.RefreshToken;
@@ -28,7 +29,7 @@
 
 import static com.example.wineycommon.constants.WineyStatic.AUTHORIZATION_HEADER;
 import static com.example.wineycommon.constants.WineyStatic.REFRESH_TOKEN_HEADER;
-
+import static com.example.wineydomain.user.exception.UserAuthErrorCode.*;
 
 @RequiredArgsConstructor
 @Component
@@ -151,11 +152,22 @@ public Date getExpiredTime(String token){
 
  public Long getUserIdByRefreshToken(String refreshToken) {
  Jws<Claims> claims;
- claims = Jwts.parser()
+ try {
+ claims = Jwts.parser()
  .setSigningKey(getRefreshKey())
  .parseClaimsJws(refreshToken);
 
+ }catch (io.jsonwebtoken.security.SecurityException | MalformedJwtException e) {
+ throw new UnauthorizedException(INVALID_TOKEN_EXCEPTION);
+ } catch (ExpiredJwtException e) {
+ throw new UnauthorizedException(EXPIRED_JWT_EXCEPTION);
+ } catch (UnsupportedJwtException e) {
+ throw new UnauthorizedException(UNSUPPORTED_JWT_TOKEN);
+ } catch (IllegalArgumentException e) {
+ throw new UnauthorizedException(INVALID_TOKEN);
+ }
  return claims.getBody().get("userId",Long.class);
+
  }
 
  @Bean

diff --git a/Winey-Domain/src/main/java/com/example/wineydomain/user/exception/UserAuthErrorCode.java b/Winey-Domain/src/main/java/com/example/wineydomain/user/exception/UserAuthErrorCode.java
@@ -40,6 +40,8 @@ public enum UserAuthErrorCode implements BaseErrorCode {
  NOT_EXISTS_USER_HAVE_TOKEN(UNAUTHORIZED,"AUTH011", "해당 토큰을 가진 유저가 존재하지 않습니다."),
  @ExplainError("유저가 존재하지 않는 경우")
  NOT_EXIST_USER(UNAUTHORIZED,"U009" , "해당 유저가 존재하지 않습니다."),
+ UNSUPPORTED_JWT_TOKEN(UNAUTHORIZED,"AUTH012","지원하지 않는 토큰입니다."),
+ INVALID_TOKEN(UNAUTHORIZED, "AUTH013", "JWT 토큰이 잘못되었습니다."),
 
  @ExplainError("해당 유저에게 URI 접근권한이 없을 때")
  NOT_ALLOWED_ACCESS(UNAUTHORIZED,"U010","접근 권한이 없습니다.");