solid-connect-server/src/main/java/com/example/solidconnection/auth/service/SignUpTokenProvider.java at 91feb3dda5df5068110340ffb6a87d70ec88883a · solid-connection/solid-connect-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package com.example.solidconnection.auth.service;

import static com.example.solidconnection.common.exception.ErrorCode.SIGN_UP_TOKEN_INVALID;
import static com.example.solidconnection.common.exception.ErrorCode.SIGN_UP_TOKEN_NOT_ISSUED_BY_SERVER;

import com.example.solidconnection.auth.domain.TokenType;
import com.example.solidconnection.auth.token.config.JwtProperties;
import com.example.solidconnection.common.exception.CustomException;
import com.example.solidconnection.siteuser.domain.AuthType;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import lombok.RequiredArgsConstructor;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;

@Component
@RequiredArgsConstructor
public class SignUpTokenProvider {

    private static final String AUTH_TYPE_CLAIM_KEY = "authType";

    private final JwtProperties jwtProperties;
    private final RedisTemplate<String, String> redisTemplate;
    private final TokenProvider tokenProvider;

    public String generateAndSaveSignUpToken(String email, AuthType authType) {
        Map<String, Object> authTypeClaim = new HashMap<>(Map.of(AUTH_TYPE_CLAIM_KEY, authType));
        Claims claims = Jwts.claims(authTypeClaim).setSubject(email);
        Date now = new Date();
        Date expiredDate = new Date(now.getTime() + TokenType.SIGN_UP.getExpireTime());

        String signUpToken = Jwts.builder()
                .setClaims(claims)
                .setIssuedAt(now)
                .setExpiration(expiredDate)
                .signWith(SignatureAlgorithm.HS512, jwtProperties.secret())
                .compact();
        return tokenProvider.saveToken(signUpToken, TokenType.SIGN_UP);
    }

    public void deleteByEmail(String email) {
        String key = TokenType.SIGN_UP.addPrefix(email);
        redisTemplate.delete(key);
    }

    public void validateSignUpToken(String token) {
        validateFormatAndExpiration(token);
        String email = parseEmail(token);
        validateIssuedByServer(email);
    }

    private void validateFormatAndExpiration(String token) { // 파싱되는지, AuthType이 포함되어있는지 검증
        try {
            Claims claims = tokenProvider.parseClaims(token);
            Objects.requireNonNull(claims.getSubject());
            String serializedAuthType = claims.get(AUTH_TYPE_CLAIM_KEY, String.class);
            AuthType.valueOf(serializedAuthType);
        } catch (Exception e) {
            throw new CustomException(SIGN_UP_TOKEN_INVALID);
        }
    }

    private void validateIssuedByServer(String email) {
        String key = TokenType.SIGN_UP.addPrefix(email);
        if (redisTemplate.opsForValue().get(key) == null) {
            throw new CustomException(SIGN_UP_TOKEN_NOT_ISSUED_BY_SERVER);
        }
    }

    public String parseEmail(String token) {
        return tokenProvider.parseSubject(token);
    }

    public AuthType parseAuthType(String token) {
        Claims claims = tokenProvider.parseClaims(token);
        String authTypeStr = claims.get(AUTH_TYPE_CLAIM_KEY, String.class);
        return AuthType.valueOf(authTypeStr);
    }
}