🚀 :: v0.1.5-3

depromeet · Dec 30, 2022 · 009891f · 009891f
2 parents 16c72ca + 94988e3
commit 009891f
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 11 deletions.
diff --git a/...depromeet/knockknockbackend/domain/credential/exception/RefreshTokenExpiredException.java b/...depromeet/knockknockbackend/domain/credential/exception/RefreshTokenExpiredException.java
@@ -0,0 +1,13 @@
+package io.github.depromeet.knockknockbackend.domain.credential.exception;
+
+
+import io.github.depromeet.knockknockbackend.global.error.exception.ErrorCode;
+import io.github.depromeet.knockknockbackend.global.error.exception.KnockException;
+
+public class RefreshTokenExpiredException extends KnockException {
+    public static final KnockException EXCEPTION = new RefreshTokenExpiredException();
+
+    private RefreshTokenExpiredException() {
+        super(ErrorCode.REGISTER_EXPIRED_TOKEN);
+    }
+}
diff --git a/...va/io/github/depromeet/knockknockbackend/domain/credential/service/CredentialService.java b/...va/io/github/depromeet/knockknockbackend/domain/credential/service/CredentialService.java
@@ -5,6 +5,7 @@
 import io.github.depromeet.knockknockbackend.domain.credential.domain.repository.RefreshTokenRedisEntityRepository;
 import io.github.depromeet.knockknockbackend.domain.credential.exception.AlreadySignUpUserException;
 import io.github.depromeet.knockknockbackend.domain.credential.exception.ForbiddenUserException;
+import io.github.depromeet.knockknockbackend.domain.credential.exception.RefreshTokenExpiredException;
 import io.github.depromeet.knockknockbackend.domain.credential.presentation.dto.request.RegisterRequest;
 import io.github.depromeet.knockknockbackend.domain.credential.presentation.dto.response.AfterOauthResponse;
 import io.github.depromeet.knockknockbackend.domain.credential.presentation.dto.response.AuthTokensResponse;
@@ -16,7 +17,6 @@
 import io.github.depromeet.knockknockbackend.global.exception.UserNotFoundException;
 import io.github.depromeet.knockknockbackend.global.security.JwtTokenProvider;
 import io.github.depromeet.knockknockbackend.global.utils.user.UserUtils;
-import java.util.Date;
 import java.util.Optional;
 import lombok.AllArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -88,11 +88,11 @@ public AfterOauthResponse oauthCodeToUser(OauthProvider oauthProvider, String co
     // 레디스 ttl
     private String generateRefreshToken(Long userId) {
         String refreshToken = jwtTokenProvider.generateRefreshToken(userId);
-        Date tokenExpiredAt = jwtTokenProvider.getTokenExpiredAt(refreshToken);
+        Long tokenExpiredAt = jwtTokenProvider.getRefreshTokenTTlSecond();
         RefreshTokenRedisEntity build =
                 RefreshTokenRedisEntity.builder()
                         .id(userId.toString())
-                        .ttl(tokenExpiredAt.getTime())
+                        .ttl(tokenExpiredAt)
                         .refreshToken(refreshToken)
                         .build();
         refreshTokenRedisEntityRepository.save(build);
@@ -101,13 +101,14 @@ private String generateRefreshToken(Long userId) {
 
     // 토큰 리프레쉬 하기
     public AuthTokensResponse tokenRefresh(String requestRefreshToken) {
-        Long userId = jwtTokenProvider.parseRefreshToken(requestRefreshToken);
 
         Optional<RefreshTokenRedisEntity> entityOptional =
                 refreshTokenRedisEntityRepository.findByRefreshToken(requestRefreshToken);
 
         RefreshTokenRedisEntity refreshTokenRedisEntity =
-                entityOptional.orElseThrow(() -> InvalidTokenException.EXCEPTION);
+                entityOptional.orElseThrow(() -> RefreshTokenExpiredException.EXCEPTION);
+
+        Long userId = jwtTokenProvider.parseRefreshToken(requestRefreshToken);
 
         if (!userId.toString().equals(refreshTokenRedisEntity.getId())) {
             throw InvalidTokenException.EXCEPTION;

diff --git a/src/main/java/io/github/depromeet/knockknockbackend/global/error/exception/ErrorCode.java b/src/main/java/io/github/depromeet/knockknockbackend/global/error/exception/ErrorCode.java
@@ -13,6 +13,8 @@ public enum ErrorCode {
     ARGUMENT_NOT_VALID_ERROR(HttpStatus.BAD_REQUEST.value(), "GLOBAL-400-1", "validation error"),
 
     EXPIRED_TOKEN(HttpStatus.UNAUTHORIZED.value(), "GLOBAL-401-1", "Expired Jwt Token."),
+    REGISTER_EXPIRED_TOKEN(HttpStatus.FORBIDDEN.value(), "GLOBAL-403-1", "refreshToken expired."),
+
     INVALID_TOKEN(HttpStatus.UNAUTHORIZED.value(), "GLOBAL-401-1", "Invalid Jwt Token."),
 
     USER_NOT_FOUND(HttpStatus.NOT_FOUND.value(), "GLOBAL-404-1", "User Not Found."),

diff --git a/src/main/java/io/github/depromeet/knockknockbackend/global/security/JwtTokenProvider.java b/src/main/java/io/github/depromeet/knockknockbackend/global/security/JwtTokenProvider.java
@@ -1,6 +1,7 @@
 package io.github.depromeet.knockknockbackend.global.security;
 
 
+import io.github.depromeet.knockknockbackend.domain.credential.exception.RefreshTokenExpiredException;
 import io.github.depromeet.knockknockbackend.domain.user.domain.AccountRole;
 import io.github.depromeet.knockknockbackend.global.exception.ExpiredTokenException;
 import io.github.depromeet.knockknockbackend.global.exception.InvalidTokenException;
@@ -104,7 +105,7 @@ public String generateAccessToken(Long id, AccountRole accountRole) {
     public String generateRefreshToken(Long id) {
         final Date issuedAt = new Date();
         final Date refreshTokenExpiresIn =
-                new Date(issuedAt.getTime() + jwtProperties.getAccessExp() * 1000);
+                new Date(issuedAt.getTime() + jwtProperties.getRefreshExp() * 1000);
         return buildRefreshToken(id, issuedAt, refreshTokenExpiresIn);
     }
 
@@ -125,14 +126,18 @@ public Long parseAccessToken(String token) {
     }
 
     public Long parseRefreshToken(String token) {
-        if (isRefreshToken(token)) {
-            Claims claims = getJws(token).getBody();
-            return Long.parseLong(claims.getSubject());
+        try {
+            if (isRefreshToken(token)) {
+                Claims claims = getJws(token).getBody();
+                return Long.parseLong(claims.getSubject());
+            }
+        } catch (ExpiredTokenException e) {
+            throw RefreshTokenExpiredException.EXCEPTION;
         }
         throw InvalidTokenException.EXCEPTION;
     }
 
-    public Date getTokenExpiredAt(String token) {
-        return getJws(token).getBody().getExpiration();
+    public Long getRefreshTokenTTlSecond() {
+        return jwtProperties.getRefreshExp();
     }
 }