Merge branch 'dev'

docker-compose-dev.yml

@@ -2,13 +2,13 @@ version: "3.7"
 
 services:
   web:
-    platform: linux/amd64
+#    platform: linux/amd64
     container_name: spring-reddi-server
     build:
       context: .
       dockerfile: Dockerfile
     ports:
-      - "8080:8080"
+      - "8081:8080"
     environment:
       - SPRING_PROFILES_ACTIVE=dev
     env_file:
@@ -17,4 +17,4 @@ services:
     image: "redis:latest"
     container_name: redis
     ports:
-      - "6379:6379"
+      - "6380:6379"

run_dev.sh

@@ -0,0 +1,2 @@
+./gradlew clean build
+docker compose -f docker-compose-dev.yml up --build

src/main/java/com/example/reddiserver/common/ApiExceptionHandler.java

@@ -10,7 +10,7 @@
 @RestControllerAdvice
 public class ApiExceptionHandler {
     @ExceptionHandler(Exception.class)
-    public ResponseEntity<ApiResponse<?>> handleExceptions(RuntimeException exception) {
+    public ResponseEntity<ApiResponse<?>> handleExceptions(Exception exception) {
 
         log.error("Exception occurred:", exception); // 스택 트레이스 정보를 포함한 로깅
 

src/main/java/com/example/reddiserver/security/config/WebSecurityConfig.java

@@ -12,6 +12,7 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
@@ -31,6 +32,7 @@ public class WebSecurityConfig {
     private final OAuthSuccessHandler oAuthSuccessHandler;
     private final OAuthFailureHandler oAuthFailureHandler;
 
+
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http
@@ -49,7 +51,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                         .userInfoEndpoint()
                         .userService(customOAuth2UserService))
                 .authorizeHttpRequests((authorize) -> authorize
-                        .requestMatchers("/**").permitAll()
+                        .requestMatchers("/static/**", "/resources/**", "/css/**", "/js/**", "/images/**", "/**", "/swagger-ui/**", "/v3/api-docs/**").permitAll()
+                        .requestMatchers(HttpMethod.GET, "/**").permitAll()
                         .requestMatchers(HttpMethod.GET, "/swagger-ui/**").permitAll()
                         .requestMatchers(HttpMethod.GET, "/v3/api-docs/**").permitAll()
                         .anyRequest().authenticated()

src/main/java/com/example/reddiserver/security/jwt/JwtExceptionHandlerFilter.java

@@ -1,6 +1,5 @@
 package com.example.reddiserver.security.jwt;
 
-import com.example.reddiserver.dto.security.response.JwtErrorResponse;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.MalformedJwtException;
@@ -9,7 +8,6 @@
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
-import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
 
@@ -32,16 +30,4 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             throw new JwtException("Jwt 토큰이 잘못되었습니다.", e);
         }
     }
-
-    public void setErrorResponse(HttpStatus status, HttpServletResponse response, Throwable e) throws IOException {
-        response.setStatus(status.value());
-        response.setContentType("application/json; charset=UTF-8");
-
-        response.getWriter().write(
-                JwtErrorResponse.of(
-                        HttpServletResponse.SC_UNAUTHORIZED,
-                        e.getMessage()
-                ).convertToJson()
-        );
-    }
 }

src/main/java/com/example/reddiserver/security/jwt/TokenProvider.java

@@ -76,7 +76,6 @@ public TokenDto createAccessToken(Authentication authentication) {
                     .build();
 
             refreshTokenRepository.save(refreshToken);
-            System.out.println("test");
         }
 
         return TokenDto.builder()

src/main/java/com/example/reddiserver/security/oauth/handler/OAuthSuccessHandler.java

@@ -1,33 +1,42 @@
 package com.example.reddiserver.security.oauth.handler;
 
+import com.example.reddiserver.dto.security.response.TokenDto;
 import com.example.reddiserver.security.jwt.TokenProvider;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import java.io.IOException;
 
 @RequiredArgsConstructor
 @Component
+@Slf4j
 public class OAuthSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
 
     private final TokenProvider tokenProvider;
     private static final ObjectMapper mapper = new ObjectMapper();
 
+    // 구글 설정과 상관없이 프론트 주소로 직접 리다이렉트
+    @Value("${front-redirection-url}")
+    private String frontRedirectionUrl;
+
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
-        // Access, Refresh Token Body 저장
-        response.setContentType("application/json");
-        response.setCharacterEncoding("utf-8");
+        TokenDto tokenDto = tokenProvider.createAccessToken(authentication);
 
-        String tokenDto = mapper.writeValueAsString(tokenProvider.createAccessToken(authentication));
-        response.getWriter().write(tokenDto);
+        String targetUrl = UriComponentsBuilder.fromUriString(frontRedirectionUrl)
+                .queryParam("access", tokenDto.getAccessToken())
+                .queryParam("refresh", tokenDto.getRefreshToken())
+                .build().toUriString();
 
-        response.getWriter().flush();
+        getRedirectStrategy().sendRedirect(request, response, targetUrl);
     }
 }

src/main/resources/application.yml

@@ -7,6 +7,15 @@ spring:
   jpa:
     hibernate:
       ddl-auto: update
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: ${CLIENT_ID}
+            client-secret: ${CLIENT_SECRET}
+#            redirectUri: http://localhost:8080/login/oauth2/code/google
+            scope: profile, email
 
 ---
 spring:
@@ -17,6 +26,15 @@ spring:
   jpa:
     hibernate:
       ddl-auto: update # 추후 수정
+  security:
+    oauth2:
+      client:
+        registration:
+          google:
+            client-id: ${CLIENT_ID}
+            client-secret: ${CLIENT_SECRET}
+#            redirectUri: http://localhost:8081/login/oauth2/code/google
+            scope: profile, email
 ---
 
 # default 공통 설정
@@ -39,15 +57,6 @@ spring:
         format_sql: true
   jwt:
     secret: ${JWT_SECRET}
-  security:
-    oauth2:
-      client:
-        registration:
-          google:
-            client-id: ${CLIENT_ID}
-            client-secret: ${CLIENT_SECRET}
-#            redirectUri: https://reddi-client.vercel.app/callback
-            scope: profile, email
   data:
     redis:
       host: ${REDIS_HOST}
@@ -74,4 +83,4 @@ notion:
   marketingDB:
     id: ${NOTION_MARKETING_DB_ID}
 
-
+front-redirection-url : ${FRONT_REDIRECTION_URL}