Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] Access Token & Refresh Token 검증 오류 수정 #167

Merged
merged 9 commits into from
Jul 11, 2024
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ public String generateToken(Long userId, boolean isAccessToken) {
return Jwts.builder()
.setHeaderParam(Header.TYPE, Header.JWT_TYPE)
.setSubject(String.valueOf(userId))
.setIssuer(setIssuerBy(isAccessToken).toString())
.setIssuedAt(now)
.setExpiration(expiration)
.signWith(getSigningKey(), SignatureAlgorithm.HS256)
Expand Down Expand Up @@ -62,4 +63,11 @@ private String encodeSecretKey() {
return Base64.getEncoder()
.encodeToString(secretKey.getBytes());
}

private JwtType setIssuerBy(boolean isAccessToken) {
if (isAccessToken) {
return JwtType.AT;
}
return JwtType.RT;
}
}
6 changes: 6 additions & 0 deletions doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
package org.doorip.auth.jwt;

public enum JwtType {
AT,
RT;
}
18 changes: 14 additions & 4 deletions doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package org.doorip.auth.jwt;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtParser;
import lombok.RequiredArgsConstructor;
Expand All @@ -14,7 +15,11 @@ public class JwtValidator {

public void validateAccessToken(String accessToken) {
try {
parseToken(accessToken);
Claims claims = parseToken(accessToken);
String issuer = claims.getIssuer();
if (issuer.equals(JwtType.RT.toString())) {
throw new UnauthorizedException(ErrorMessage.INVALID_ACCESS_TOKEN_VALUE);
}
} catch (ExpiredJwtException e) {
throw new UnauthorizedException(ErrorMessage.EXPIRED_ACCESS_TOKEN);
} catch (Exception e) {
Expand All @@ -24,7 +29,11 @@ public void validateAccessToken(String accessToken) {

public void validateRefreshToken(String refreshToken) {
try {
parseToken(refreshToken);
Claims claims = parseToken(refreshToken);
String issuer = claims.getIssuer();
if (issuer.equals(JwtType.AT.toString())) {
throw new UnauthorizedException(ErrorMessage.INVALID_REFRESH_TOKEN_VALUE);
}
} catch (ExpiredJwtException e) {
throw new UnauthorizedException(ErrorMessage.EXPIRED_REFRESH_TOKEN);
} catch (Exception e) {
Expand All @@ -38,8 +47,9 @@ public void equalsRefreshToken(String refreshToken, String storedRefreshToken) {
}
}

private void parseToken(String token) {
private Claims parseToken(String token) {
JwtParser jwtParser = jwtGenerator.getJwtParser();
jwtParser.parseClaimsJws(token);
return jwtParser.parseClaimsJws(token)
.getBody();
}
}
Loading