woowacourse-teams · Cyma-s · Sep 26, 2023 · Sep 26, 2023 · Sep 27, 2023 · Sep 27, 2023
@@ -1,9 +1,7 @@
 package shook.shook.auth.application;
 
-import io.jsonwebtoken.Claims;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
-import shook.shook.auth.application.dto.ReissueAccessTokenResponse;
 import shook.shook.auth.application.dto.TokenPair;
 import shook.shook.auth.repository.InMemoryTokenPairRepository;
 import shook.shook.member.application.MemberService;
@@ -34,16 +32,4 @@ public TokenPair oAuthLogin(final String oauthType, final String authorizationCo
         inMemoryTokenPairRepository.addOrUpdateTokenPair(refreshToken, accessToken);
         return new TokenPair(accessToken, refreshToken);
     }
-
-    public ReissueAccessTokenResponse reissueAccessTokenByRefreshToken(final String refreshToken,
-                                                                       final String accessToken) {
-        final Claims claims = tokenProvider.parseClaims(refreshToken);
-        final Long memberId = claims.get("memberId", Long.class);
-        final String nickname = claims.get("nickname", String.class);
-
-        inMemoryTokenPairRepository.validateTokenPair(refreshToken, accessToken);
-        final String reissuedAccessToken = tokenProvider.createAccessToken(memberId, nickname);
-        inMemoryTokenPairRepository.addOrUpdateTokenPair(refreshToken, reissuedAccessToken);
-        return new ReissueAccessTokenResponse(reissuedAccessToken);
-    }
 }
@@ -50,6 +50,7 @@ private String createToken(final long memberId, final String nickname, final lon
         claims.put("memberId", memberId);
         claims.put("nickname", nickname);
         final Date now = new Date();
+
         return Jwts.builder()
             .setClaims(claims)
             .setIssuedAt(now)

@@ -0,0 +1,44 @@
+package shook.shook.auth.application;
+
+import io.jsonwebtoken.Claims;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import shook.shook.auth.application.dto.ReissueAccessTokenResponse;
+import shook.shook.auth.exception.AuthorizationException;
+import shook.shook.auth.repository.InMemoryTokenPairRepository;
+
+@Transactional(readOnly = true)
+@RequiredArgsConstructor
+@Service
+public class TokenService {
+
+    public static final String EMPTY_REFRESH_TOKEN = "none";
+    public static final String TOKEN_PREFIX = "Bearer ";
+
+    private final TokenProvider tokenProvider;
+    private final InMemoryTokenPairRepository inMemoryTokenPairRepository;
+
+    public void validateRefreshToken(final String refreshToken) {
+        if (refreshToken.equals(EMPTY_REFRESH_TOKEN)) {
+            throw new AuthorizationException.RefreshTokenNotFoundException();
+        }
+    }
+
+    public String extractAccessToken(final String authorization) {
+        return authorization.substring(TOKEN_PREFIX.length());
+    }
+
+    public ReissueAccessTokenResponse reissueAccessTokenByRefreshToken(final String refreshToken,
+                                                                       final String accessToken) {
+        final Claims claims = tokenProvider.parseClaims(refreshToken);
+        final Long memberId = claims.get("memberId", Long.class);
+        final String nickname = claims.get("nickname", String.class);
+
+        inMemoryTokenPairRepository.validateTokenPair(refreshToken, accessToken);
+        final String reissuedAccessToken = tokenProvider.createAccessToken(memberId, nickname);
+        inMemoryTokenPairRepository.addOrUpdateTokenPair(refreshToken, reissuedAccessToken);
+
+        return new ReissueAccessTokenResponse(reissuedAccessToken);
+    }
+}
@@ -7,9 +7,8 @@
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
-import shook.shook.auth.application.AuthService;
+import shook.shook.auth.application.TokenService;
 import shook.shook.auth.application.dto.ReissueAccessTokenResponse;
-import shook.shook.auth.exception.AuthorizationException;
 import shook.shook.auth.ui.openapi.AccessTokenReissueApi;
 
 @RequiredArgsConstructor
@@ -18,21 +17,18 @@ public class AccessTokenReissueController implements AccessTokenReissueApi {
 
     private static final String EMPTY_REFRESH_TOKEN = "none";
     private static final String REFRESH_TOKEN_KEY = "refreshToken";
-    private static final String TOKEN_PREFIX = "Bearer ";
 
-    private final AuthService authService;
+    private final TokenService tokenService;
 
     @PostMapping("/reissue")
     public ResponseEntity<ReissueAccessTokenResponse> reissueAccessToken(
         @CookieValue(value = REFRESH_TOKEN_KEY, defaultValue = EMPTY_REFRESH_TOKEN) final String refreshToken,
         @RequestHeader(HttpHeaders.AUTHORIZATION) final String authorization
     ) {
-        if (refreshToken.equals(EMPTY_REFRESH_TOKEN)) {
-            throw new AuthorizationException.RefreshTokenNotFoundException();
-        }
-        final String accessToken = authorization.split(TOKEN_PREFIX)[1];
-        final ReissueAccessTokenResponse response =
-            authService.reissueAccessTokenByRefreshToken(refreshToken, accessToken);
+        tokenService.validateRefreshToken(refreshToken);
+        final String accessToken = tokenService.extractAccessToken(authorization);
+        final ReissueAccessTokenResponse response = tokenService.reissueAccessTokenByRefreshToken(refreshToken,
+                                                                                                  accessToken);
 
         return ResponseEntity.ok(response);
     }

@@ -19,6 +19,7 @@ public Cookie createRefreshTokenCookie(final String refreshToken) {
         cookie.setPath("/api/reissue");
         cookie.setHttpOnly(true);
         cookie.setSecure(true);
+
         return cookie;
     }
 }
@@ -22,7 +22,6 @@ public enum ErrorCode {
     NOT_FOUND_OAUTH(1010, "현재 지원하지 않는 OAuth 요청입니다."),
     INVALID_REFRESH_TOKEN(1011, "존재하지 않는 refreshToken 입니다."),
     TOKEN_PAIR_NOT_MATCHING_EXCEPTION(1012, "올바르지 않은 TokenPair 입니다."),
-    DUPLICATE_NICKNAME(1013, "중복되는 닉네임입니다."),
 
     // 2000: 킬링파트 - 좋아요, 댓글
 
@@ -68,15 +67,17 @@ public enum ErrorCode {
     VOTING_SONG_NOT_EXIST(4008, "존재하지 않는 투표 노래입니다."),
     VOTE_FOR_OTHER_PART(4009, "해당 투표는 다른 파트에 대한 투표입니다."),
     DUPLICATE_VOTE_EXIST(4010, "중복된 투표입니다."),
-    // 5000: 사용자
 
+    // 5000: 사용자
     EMPTY_EMAIL(5001, "이메일은 비어있을 수 없습니다."),
     TOO_LONG_EMAIL(5002, "이메일은 100자를 초과할 수 없습니다."),
     INVALID_EMAIL_FORM(5003, "이메일 형식에 맞지 않습니다."),
     EMPTY_NICKNAME(5004, "닉네임은 비어있을 수 없습니다."),
-    TOO_LONG_NICKNAME(5005, "닉네임은 100자를 초과할 수 없습니다."),
+    TOO_LONG_NICKNAME(5005, "닉네임은 20자를 초과할 수 없습니다."),
     EXIST_MEMBER(5006, "이미 회원가입 된 멤버입니다."),
     MEMBER_NOT_EXIST(5007, "존재하지 않는 멤버입니다."),
+    DUPLICATE_NICKNAME(5008, "중복되는 닉네임입니다."),
+    TOO_SHORT_NICKNAME(5009, "닉네임은 2자 이상이어야 합니다."),
 
     REQUEST_BODY_VALIDATION_FAIL(10001, ""),
     WRONG_REQUEST_URL(10002, "URL의 pathVariable 은 비어있을 수 없습니다."),

@@ -7,7 +7,6 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import shook.shook.auth.application.TokenProvider;
-import shook.shook.auth.application.dto.TokenPair;
 import shook.shook.auth.exception.AuthorizationException;
 import shook.shook.auth.repository.InMemoryTokenPairRepository;
 import shook.shook.auth.ui.argumentresolver.MemberInfo;
@@ -62,7 +61,7 @@ public Member findByIdAndNicknameThrowIfNotExist(final Long id, final Nickname n
 
     @Transactional
     public void deleteById(final Long id, final MemberInfo memberInfo) {
-        final Member member = getMemberIfValidRequest(id, memberInfo);
+        final Member member = getMemberIfValidRequest(id, memberInfo.getMemberId());
 
         final List<KillingPartLike> membersExistLikes = likeRepository.findAllByMemberAndIsDeleted(member, false);
 
@@ -71,8 +70,7 @@ public void deleteById(final Long id, final MemberInfo memberInfo) {
         memberRepository.delete(member);
     }
 
-    private Member getMemberIfValidRequest(final Long memberId, final MemberInfo memberInfo) {
-        final long requestMemberId = memberInfo.getMemberId();
+    private Member getMemberIfValidRequest(final Long memberId, final Long requestMemberId) {
         final Member requestMember = findById(requestMemberId);
         final Member targetMember = findById(memberId);
         validateMemberAuthentication(requestMember, targetMember);
@@ -99,28 +97,20 @@ private Member findById(final Long id) {
     }
 
     @Transactional
-    public TokenPair updateNickname(final Long memberId, final MemberInfo memberInfo,
-                                    final NicknameUpdateRequest request) {
-        final Member member = getMemberIfValidRequest(memberId, memberInfo);
+    public boolean updateNickname(final Long memberId, final Long requestMemberId,
+                                  final NicknameUpdateRequest request) {
+        final Member member = getMemberIfValidRequest(memberId, requestMemberId);
         final Nickname nickname = new Nickname(request.getNickname());
 
         if (member.hasSameNickname(nickname)) {
-            return null;
+            return false;
         }
 
         validateDuplicateNickname(nickname);
         member.updateNickname(nickname.getValue());
         memberRepository.save(member);
 
-        return reissueTokenPair(member.getId(), member.getNickname());
-    }
-
-    private TokenPair reissueTokenPair(final Long memberId, final String nickname) {
-        final String reissuedAccessToken = tokenProvider.createAccessToken(memberId, nickname);
-        final String reissuedRefreshToken = tokenProvider.createRefreshToken(memberId, nickname);
-        inMemoryTokenPairRepository.addOrUpdateTokenPair(reissuedRefreshToken, reissuedAccessToken);
-
-        return new TokenPair(reissuedAccessToken, reissuedRefreshToken);
+        return true;
     }
 
     private void validateDuplicateNickname(final Nickname nickname) {

diff --git a/backend/src/main/java/shook/shook/member/application/dto/NicknameUpdateResponse.java b/backend/src/main/java/shook/shook/member/application/dto/NicknameUpdateResponse.java
@@ -0,0 +1,20 @@
+package shook.shook.member.application.dto;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Schema(description = "닉네임 변경 응답")
+@AllArgsConstructor
+@NoArgsConstructor(access = AccessLevel.PRIVATE)
+@Getter
+public class NicknameUpdateResponse {
+
+    @Schema(description = "액세스 토큰", example = "lfahrg;aoiehflksejflakwjeglk")
+    private String accessToken;
+
+    @Schema(description = "변경된 닉네임", example = "shook")
+    private String nickname;
+}
@@ -17,6 +17,7 @@
 public class Nickname {
 
     private static final int NICKNAME_MAXIMUM_LENGTH = 20;
+    private static final int NICKNAME_MINIMUM_LENGTH = 2;
 
     @Column(name = "nickname", length = NICKNAME_MAXIMUM_LENGTH, nullable = false)
     private String value;
@@ -35,5 +36,10 @@ private void validateNickname(final String value) {
                 Map.of("Nickname", value)
             );
         }
+        if (value.length() < NICKNAME_MINIMUM_LENGTH) {
+            throw new MemberException.TooShortNicknameException(
+                Map.of("Nickname", value)
+            );
+        }
     }
 }
@@ -104,4 +104,15 @@ public ExistNicknameException(final Map<String, String> inputValuesByProperty) {
             super(ErrorCode.DUPLICATE_NICKNAME, inputValuesByProperty);
         }
     }
+
+    public static class TooShortNicknameException extends MemberException {
+
+        public TooShortNicknameException() {
+            super(ErrorCode.TOO_SHORT_NICKNAME);
+        }
+
+        public TooShortNicknameException(final Map<String, String> inputValuesByProperty) {
+            super(ErrorCode.TOO_SHORT_NICKNAME, inputValuesByProperty);
+        }
+    }
 }
@@ -1,7 +1,5 @@
 package shook.shook.member.ui;
 
-import jakarta.servlet.http.Cookie;
-import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
@@ -12,9 +10,6 @@
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import shook.shook.auth.application.dto.ReissueAccessTokenResponse;
-import shook.shook.auth.application.dto.TokenPair;
-import shook.shook.auth.ui.CookieProvider;
 import shook.shook.auth.ui.argumentresolver.Authenticated;
 import shook.shook.auth.ui.argumentresolver.MemberInfo;
 import shook.shook.member.application.MemberService;
@@ -27,7 +22,6 @@
 public class MemberController implements MemberApi {
 
     private final MemberService memberService;
-    private final CookieProvider cookieProvider;
 
     @DeleteMapping
     public ResponseEntity<Void> deleteMember(
@@ -40,23 +34,16 @@ public ResponseEntity<Void> deleteMember(
     }
 
     @PatchMapping("/nickname")
-    public ResponseEntity<ReissueAccessTokenResponse> updateNickname(
-        @PathVariable(name = "member_id") final Long memberId,
+    public ResponseEntity<Void> updateNickname(
         @Authenticated final MemberInfo memberInfo,
-        @Valid @RequestBody final NicknameUpdateRequest request,
-        final HttpServletResponse response
+        @PathVariable(name = "member_id") final Long memberId,
+        @Valid @RequestBody final NicknameUpdateRequest request
     ) {
-        final TokenPair tokenPair = memberService.updateNickname(memberId, memberInfo, request);
-
-        if (tokenPair == null) {
-            return ResponseEntity.noContent().build();
+        final boolean isUpdated = memberService.updateNickname(memberId, memberInfo.getMemberId(), request);
+        if (isUpdated) {
+            return ResponseEntity.ok().build();
         }
 
-        final Cookie cookie = cookieProvider.createRefreshTokenCookie(tokenPair.getRefreshToken());
-        response.addCookie(cookie);
-        final ReissueAccessTokenResponse reissueResponse = new ReissueAccessTokenResponse(
-            tokenPair.getAccessToken());
-
-        return ResponseEntity.ok(reissueResponse);
+        return ResponseEntity.noContent().build();
     }
 }
@@ -6,13 +6,12 @@
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.responses.ApiResponses;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import jakarta.servlet.http.HttpServletResponse;
+import jakarta.validation.Valid;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
-import shook.shook.auth.application.dto.ReissueAccessTokenResponse;
 import shook.shook.auth.ui.argumentresolver.Authenticated;
 import shook.shook.auth.ui.argumentresolver.MemberInfo;
 import shook.shook.member.application.dto.NicknameUpdateRequest;
@@ -61,6 +60,10 @@ ResponseEntity<Void> deleteMember(
     )
     @Parameters(
         value = {
+            @Parameter(
+                name = "memberInfo",
+                hidden = true
+            ),
             @Parameter(
                 name = "member_id",
                 description = "닉네임을 변경할 회원 id",
@@ -74,10 +77,9 @@ ResponseEntity<Void> deleteMember(
         }
     )
     @PatchMapping("/nickname")
-    ResponseEntity<ReissueAccessTokenResponse> updateNickname(
-        @PathVariable(name = "member_id") final Long memberId,
+    ResponseEntity<Void> updateNickname(
         @Authenticated final MemberInfo memberInfo,
-        @RequestBody final NicknameUpdateRequest request,
-        final HttpServletResponse response
+        @PathVariable(name = "member_id") final Long memberId,
+        @Valid @RequestBody final NicknameUpdateRequest request
     );
 }