refactor: 소셜로그인 redirect uri 경로 수정 (#50)

* feat: 요청으로부터 origin 추출 로직 추가

* refactor: 요청 호스트에 따른 redirect_url 반환 적용

* chore: redirect_uri 수정

src/main/java/com/baro/auth/application/oauth/OAuthClient.java

@@ -6,7 +6,7 @@
 
 public interface OAuthClient {
 
-    String getSignInUrl();
+    String getSignInUrl(String host);
 
     OAuthServiceType getOAuthService();
 

src/main/java/com/baro/auth/application/oauth/OAuthInfoProvider.java

@@ -6,7 +6,6 @@
 import com.baro.auth.application.oauth.dto.OAuthMemberInfo;
 import com.baro.auth.application.oauth.dto.OAuthTokenInfo;
 import com.baro.auth.domain.oauth.OAuthServiceType;
-
 import java.util.Map;
 import java.util.Set;
 import org.springframework.stereotype.Component;
@@ -23,9 +22,9 @@ public OAuthInfoProvider(Set<OAuthClient> clients) {
                 .collect(toMap(OAuthClient::getOAuthService, identity()));
     }
 
-    public String getSignInUrl(String oAuthService) {
+    public String getSignInUrl(String oAuthService, String host) {
         OAuthClient client = getClient(oAuthService);
-        return client.getSignInUrl();
+        return client.getSignInUrl(host);
     }
 
     public OAuthMemberInfo getMemberInfo(String oAuthService, String code) {

src/main/java/com/baro/auth/infra/oauth/google/GoogleOAuthClient.java

@@ -1,19 +1,18 @@
 package com.baro.auth.infra.oauth.google;
 
+import com.baro.auth.application.oauth.OAuthClient;
 import com.baro.auth.application.oauth.dto.OAuthMemberInfo;
 import com.baro.auth.application.oauth.dto.OAuthTokenInfo;
 import com.baro.auth.domain.oauth.OAuthServiceType;
 import com.baro.auth.infra.oauth.google.config.GoogleOAuthProperty;
 import com.baro.auth.infra.oauth.google.dto.GoogleMemberResponse;
 import com.baro.auth.infra.oauth.google.dto.GoogleTokenResponse;
-import com.baro.auth.application.oauth.OAuthClient;
+import java.util.LinkedHashMap;
+import java.util.Map;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.springframework.web.util.UriComponentsBuilder;
 
-import java.util.LinkedHashMap;
-import java.util.Map;
-
 @RequiredArgsConstructor
 @Component
 public class GoogleOAuthClient implements OAuthClient {
@@ -22,12 +21,12 @@ public class GoogleOAuthClient implements OAuthClient {
     private final GoogleRequestApi googleRequestApi;
 
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return UriComponentsBuilder
                 .fromUriString(googleOAuthProperty.signInAuthorizeUrl())
                 .queryParam("client_id", googleOAuthProperty.clientId())
-                .queryParam("redirect_uri", googleOAuthProperty.redirectUri())
                 .queryParam("response_type", googleOAuthProperty.responseType())
+                .queryParam("redirect_uri", host + googleOAuthProperty.redirectUri())
                 .queryParam("scope", String.join(",", googleOAuthProperty.scope()))
                 .toUriString();
     }

src/main/java/com/baro/auth/infra/oauth/kakao/KakaoOAuthClient.java

@@ -1,16 +1,14 @@
 package com.baro.auth.infra.oauth.kakao;
 
+import com.baro.auth.application.oauth.OAuthClient;
 import com.baro.auth.application.oauth.dto.OAuthMemberInfo;
 import com.baro.auth.application.oauth.dto.OAuthTokenInfo;
 import com.baro.auth.domain.oauth.OAuthServiceType;
 import com.baro.auth.infra.oauth.kakao.config.KakaoOAuthProperty;
 import com.baro.auth.infra.oauth.kakao.dto.KakaoMemberResponse;
 import com.baro.auth.infra.oauth.kakao.dto.KakaoTokenResponse;
-import com.baro.auth.application.oauth.OAuthClient;
-
 import java.util.LinkedHashMap;
 import java.util.Map;
-
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.springframework.web.util.UriComponentsBuilder;
@@ -23,12 +21,12 @@ public class KakaoOAuthClient implements OAuthClient {
     private final KakaoRequestApi kakaoRequestApi;
 
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return UriComponentsBuilder
                 .fromUriString(kakaoOAuthProperty.signInAuthorizeUrl())
                 .queryParam("response_type", kakaoOAuthProperty.responseType())
                 .queryParam("client_id", kakaoOAuthProperty.clientId())
-                .queryParam("redirect_uri", kakaoOAuthProperty.redirectUrl())
+                .queryParam("redirect_uri", host + kakaoOAuthProperty.redirectUri())
                 .queryParam("scope", String.join(",", kakaoOAuthProperty.scope()))
                 .toUriString();
     }
@@ -38,7 +36,7 @@ public OAuthTokenInfo requestAccessToken(String authCode) {
         Map<String, String> params = new LinkedHashMap<>();
         params.put("grant_type", "authorization_code");
         params.put("client_id", kakaoOAuthProperty.clientId());
-        params.put("redirect_uri", kakaoOAuthProperty.redirectUrl());
+        params.put("redirect_uri", kakaoOAuthProperty.redirectUri());
         params.put("code", authCode);
         params.put("client_secret", kakaoOAuthProperty.clientSecret());
         KakaoTokenResponse kakaoTokenResponse = kakaoRequestApi.requestToken(params);

src/main/java/com/baro/auth/infra/oauth/kakao/config/KakaoOAuthProperty.java

@@ -5,7 +5,7 @@
 @ConfigurationProperties(prefix = "oauth.kakao")
 public record KakaoOAuthProperty(
         String clientId,
-        String redirectUrl,
+        String redirectUri,
         String responseType,
         String signInAuthorizeUrl,
         String[] scope,

src/main/java/com/baro/auth/infra/oauth/naver/NaverOAuthClient.java

@@ -21,12 +21,12 @@ public class NaverOAuthClient implements OAuthClient {
     private final NaverRequestApi naverRequestApi;
 
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return UriComponentsBuilder
                 .fromUriString(naverOAuthProperty.signInAuthorizeUrl())
                 .queryParam("response_type", naverOAuthProperty.responseType())
                 .queryParam("client_id", naverOAuthProperty.clientId())
-                .queryParam("redirect_uri", naverOAuthProperty.redirectUri())
+                .queryParam("redirect_uri", host + naverOAuthProperty.redirectUri())
                 .queryParam("state", naverOAuthProperty.state())
                 .toUriString();
     }

src/main/java/com/baro/auth/presentation/AuthController.java

@@ -7,6 +7,7 @@
 import com.baro.auth.domain.AuthMember;
 import com.baro.auth.domain.Token;
 import com.baro.auth.presentation.dto.OAuthServiceUrlResponse;
+import com.baro.common.presentation.RequestHost;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -24,8 +25,8 @@ public class AuthController {
     private final OAuthInfoProvider oAuthInfoProvider;
 
     @GetMapping("/oauth/{oauthType}")
-    ResponseEntity<OAuthServiceUrlResponse> signInRequestUrl(@PathVariable String oauthType) {
-        String signInUrl = oAuthInfoProvider.getSignInUrl(oauthType);
+    ResponseEntity<OAuthServiceUrlResponse> signInRequestUrl(@PathVariable String oauthType, @RequestHost String host) {
+        String signInUrl = oAuthInfoProvider.getSignInUrl(oauthType, host);
         return ResponseEntity.ok(new OAuthServiceUrlResponse(signInUrl));
     }
 

src/main/java/com/baro/common/config/WebConfig.java

@@ -2,6 +2,7 @@
 
 import com.baro.auth.presentation.AuthInterceptor;
 import com.baro.auth.presentation.AuthenticationArgumentResolver;
+import com.baro.common.presentation.RequestHostArgumentResolver;
 import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Configuration;
@@ -15,10 +16,12 @@ public class WebConfig implements WebMvcConfigurer {
 
     private final AuthenticationArgumentResolver authenticationArgumentResolver;
     private final AuthInterceptor authInterceptor;
+    private final RequestHostArgumentResolver requestHostArgumentResolver;
 
     @Override
     public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
         resolvers.add(authenticationArgumentResolver);
+        resolvers.add(requestHostArgumentResolver);
     }
 
     @Override
@@ -27,6 +30,7 @@ public void addInterceptors(InterceptorRegistry registry) {
                 .addPathPatterns("/**")
                 .excludePathPatterns("/docs/**")
                 .excludePathPatterns("/auth/**")
-                .excludePathPatterns("/favicon.ico");
+                .excludePathPatterns("/favicon.ico")
+                .excludePathPatterns("/test/**");
     }
 }

src/main/java/com/baro/common/exception/CommonRequestExceptionType.java

@@ -8,6 +8,7 @@ public enum CommonRequestExceptionType implements RequestExceptionType {
 
     MISSING_PARAMETER_EXCEPTION("CM01", "Request parameter is empty", HttpStatus.BAD_REQUEST),
     INVALID_TYPE_REQUEST_EXCEPTION("CM02", "Request type is invalid", HttpStatus.BAD_REQUEST),
+    REQUIRED_HEADER_EXCEPTION("CM03", "Request header is empty", HttpStatus.BAD_REQUEST),
     ;
 
     private final String errorCode;

src/main/java/com/baro/common/presentation/RequestHost.java

@@ -0,0 +1,11 @@
+package com.baro.common.presentation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(value = RetentionPolicy.RUNTIME)
+@Target(ElementType.PARAMETER)
+public @interface RequestHost {
+}

src/main/java/com/baro/common/presentation/RequestHostArgumentResolver.java

@@ -0,0 +1,45 @@
+package com.baro.common.presentation;
+
+import static com.baro.common.exception.CommonRequestExceptionType.REQUIRED_HEADER_EXCEPTION;
+
+import com.baro.common.exception.RequestException;
+import com.baro.common.exception.RequestExceptionType;
+import java.util.Objects;
+import org.springframework.core.MethodParameter;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.support.WebDataBinderFactory;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.method.support.HandlerMethodArgumentResolver;
+import org.springframework.web.method.support.ModelAndViewContainer;
+
+@Component
+public class RequestHostArgumentResolver implements HandlerMethodArgumentResolver {
+
+    private static final String HOST_HEADER_KEY = "Origin";
+
+    @Override
+    public boolean supportsParameter(MethodParameter parameter) {
+        return parameter.hasParameterAnnotation(RequestHost.class);
+    }
+
+    @Override
+    public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer,
+                                  NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
+        String host = webRequest.getHeader(HOST_HEADER_KEY);
+        validateHeaderIsNonNull(host);
+        return host;
+    }
+
+    private void validateHeaderIsNonNull(String host) {
+        if (Objects.nonNull(host)) {
+            return;
+        }
+
+        throw new RequestException() {
+            @Override
+            public RequestExceptionType exceptionType() {
+                return REQUIRED_HEADER_EXCEPTION;
+            }
+        };
+    }
+}

src/test/java/com/baro/auth/application/oauth/OAuthInfoProviderTest.java

@@ -33,36 +33,39 @@ void setUp() {
     void 카카오의_SignInUrl을_가져온다() {
         // given
         String oAuthService = OAuthServiceType.KAKAO.name();
+        String host = "http://localhost:3000";
 
         // when
-        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService);
+        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService, host);
 
         // then
-        assertThat(signInUrl).isEqualTo(fakeKakaoOAuthClient.getSignInUrl());
+        assertThat(signInUrl).isEqualTo(fakeKakaoOAuthClient.getSignInUrl(host));
     }
 
     @Test
     void 네이버의_SignInUrl을_가져온다() {
         // given
         String oAuthService = OAuthServiceType.NAVER.name();
+        String host = "http://localhost:3000";
 
         // when
-        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService);
+        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService, host);
 
         // then
-        assertThat(signInUrl).isEqualTo(fakeNaverOAuthClient.getSignInUrl());
+        assertThat(signInUrl).isEqualTo(fakeNaverOAuthClient.getSignInUrl(host));
     }
 
     @Test
     void 구글의_SignInUrl을_가져온다() {
         // given
         String oAuthService = OAuthServiceType.GOOGLE.name();
+        String host = "http://localhost:3000";
 
         // when
-        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService);
+        String signInUrl = oAuthInfoProvider.getSignInUrl(oAuthService, host);
 
         // then
-        assertThat(signInUrl).isEqualTo(fakeGoogleOAuthClient.getSignInUrl());
+        assertThat(signInUrl).isEqualTo(fakeGoogleOAuthClient.getSignInUrl(host));
     }
 
     @Test

src/test/java/com/baro/auth/fake/oauth/FakeGoogleOAuthClient.java

@@ -8,7 +8,7 @@
 public class FakeGoogleOAuthClient implements OAuthClient {
 
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return null;
     }
 

src/test/java/com/baro/auth/fake/oauth/FakeKakaoOAuthClient.java

@@ -8,7 +8,7 @@
 public class FakeKakaoOAuthClient implements OAuthClient {
 
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return null;
     }
 

src/test/java/com/baro/auth/fake/oauth/FakeNaverOAuthClient.java

@@ -7,7 +7,7 @@
 
 public class FakeNaverOAuthClient implements OAuthClient {
     @Override
-    public String getSignInUrl() {
+    public String getSignInUrl(String host) {
         return null;
     }
 

src/test/java/com/baro/auth/presentation/oauth/OAuthApiTest.java

@@ -17,8 +17,11 @@ class OAuthApiTest extends RestApiTest {
 
     @Test
     void OAuth_로그인시_필요한_url을_반환한다() {
+        // givne
+        var 요청_호스트 = "http://localhost:3000";
+
         // when
-        var 응답 = 리다이렉트_URI_요청("kakao");
+        var 응답 = 리다이렉트_URI_요청("kakao", 요청_호스트);
 
         // then
         응답값을_검증한다(응답, 성공);

src/test/java/com/baro/common/acceptance/auth/OAuthAcceptanceSteps.java

@@ -16,7 +16,7 @@
 
 public class OAuthAcceptanceSteps {
 
-    public static ExtractableResponse<Response> 리다이렉트_URI_요청(String oauthServiceType) {
+    public static ExtractableResponse<Response> 리다이렉트_URI_요청(String oauthServiceType, String 요청_호스트) {
         var url = "/auth/oauth/{oauthType}";
 
         return given(requestSpec).log().all()
@@ -29,6 +29,7 @@ public class OAuthAcceptanceSteps {
                         )
                 ))
                 .contentType(MediaType.APPLICATION_JSON_VALUE)
+                .header("Origin", 요청_호스트)
                 .when().get(url, oauthServiceType)
                 .then().log().all()
                 .extract();