Merge branch 'develop' into feat/447-add-updating-interested-country-region-api

Author: whqtker

src/main/java/com/example/solidconnection/auth/controller/AuthController.java

@@ -3,7 +3,6 @@
 import com.example.solidconnection.auth.dto.EmailSignInRequest;
 import com.example.solidconnection.auth.dto.EmailSignUpTokenRequest;
 import com.example.solidconnection.auth.dto.EmailSignUpTokenResponse;
-import com.example.solidconnection.auth.dto.ReissueRequest;
 import com.example.solidconnection.auth.dto.ReissueResponse;
 import com.example.solidconnection.auth.dto.SignInResponse;
 import com.example.solidconnection.auth.dto.SignUpRequest;
@@ -19,6 +18,7 @@
 import com.example.solidconnection.common.exception.ErrorCode;
 import com.example.solidconnection.common.resolver.AuthorizedUser;
 import com.example.solidconnection.siteuser.domain.AuthType;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
@@ -118,10 +118,10 @@ public ResponseEntity<Void> quit(
 
     @PostMapping("/reissue")
     public ResponseEntity<ReissueResponse> reissueToken(
-            @AuthorizedUser long siteUserId,
-            @Valid @RequestBody ReissueRequest reissueRequest
+            HttpServletRequest request
     ) {
-        ReissueResponse reissueResponse = authService.reissue(siteUserId, reissueRequest);
+        String refreshToken = refreshTokenCookieManager.getRefreshToken(request);
+        ReissueResponse reissueResponse = authService.reissue(refreshToken);
         return ResponseEntity.ok(reissueResponse);
     }
 

src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java

@@ -1,25 +1,35 @@
 package com.example.solidconnection.auth.controller;
 
+import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_NOT_EXISTS;
+
+import com.example.solidconnection.auth.controller.config.RefreshTokenCookieProperties;
 import com.example.solidconnection.auth.domain.TokenType;
+import com.example.solidconnection.common.exception.CustomException;
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.ResponseCookie;
 import org.springframework.stereotype.Component;
 
 @Component
+@RequiredArgsConstructor
 public class RefreshTokenCookieManager {
 
     private static final String COOKIE_NAME = "refreshToken";
     private static final String PATH = "/";
-    private static final String SAME_SITE = "Strict";
+
+    private final RefreshTokenCookieProperties properties;
 
     public void setCookie(HttpServletResponse response, String refreshToken) {
         long maxAge = convertExpireTimeToCookieMaxAge(TokenType.REFRESH.getExpireTime());
         setRefreshTokenCookie(response, refreshToken, maxAge);
     }
 
     private long convertExpireTimeToCookieMaxAge(long milliSeconds) {
-        // jwt의 expireTime: millisecond, cookie의 maxAge: second
+        // jwt의 expireTime 단위인 millisecond를 cookie의 maxAge 단위인 second로 변환
         return milliSeconds / 1000;
     }
 
@@ -35,8 +45,31 @@ private void setRefreshTokenCookie(
                 .secure(true)
                 .path(PATH)
                 .maxAge(maxAge)
-                .sameSite(SAME_SITE)
+                .domain(properties.cookieDomain())
+                .sameSite(properties.sameSite())
                 .build();
         response.addHeader(HttpHeaders.SET_COOKIE, cookie.toString());
     }
+
+    public String getRefreshToken(HttpServletRequest request) {
+        // 쿠키가 없거나 비어있는 경우 예외 발생
+        Cookie[] cookies = request.getCookies();
+        if (cookies == null || cookies.length == 0) {
+            throw new CustomException(REFRESH_TOKEN_NOT_EXISTS);
+        }
+
+        // refreshToken 쿠키가 없는 경우 예외 발생
+        Cookie refreshTokenCookie = Arrays.stream(cookies)
+                .filter(cookie -> COOKIE_NAME.equals(cookie.getName()))
+                .findFirst()
+                .orElseThrow(() -> new CustomException(REFRESH_TOKEN_NOT_EXISTS));
+
+        // 쿠키 값이 비어있는 경우 예외 발생
+        String refreshToken = refreshTokenCookie.getValue();
+        if (refreshToken == null || refreshToken.isBlank()) {
+            throw new CustomException(REFRESH_TOKEN_NOT_EXISTS);
+        }
+        return refreshToken;
+    }
 }
+

src/main/java/com/example/solidconnection/auth/controller/config/RefreshTokenCookieProperties.java

@@ -0,0 +1,21 @@
+package com.example.solidconnection.auth.controller.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.web.server.Cookie.SameSite;
+
+@ConfigurationProperties(prefix = "token.refresh")
+public record RefreshTokenCookieProperties(
+        String cookieDomain
+) {
+
+    public String sameSite() {
+        if (isDomainSet()) {
+            return SameSite.STRICT.attributeValue(); // 도메인을 지정한 경우 SameSite=Strict
+        }
+        return SameSite.NONE.attributeValue(); // 도메인을 지정하지 않은 경우 SameSite=None
+    }
+
+    private boolean isDomainSet() {
+        return cookieDomain != null && !cookieDomain.isBlank();
+    }
+}

src/main/java/com/example/solidconnection/auth/dto/ReissueRequest.java

@@ -3,7 +3,6 @@
 import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
 import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
-import com.example.solidconnection.auth.dto.ReissueRequest;
 import com.example.solidconnection.auth.dto.ReissueResponse;
 import com.example.solidconnection.auth.token.TokenBlackListService;
 import com.example.solidconnection.common.exception.CustomException;
@@ -28,12 +27,8 @@ public class AuthService {
      * - 리프레시 토큰을 삭제한다.
      * */
     public void signOut(String token) {
-        Subject subject = authTokenProvider.parseSubject(token);
-        long siteUserId = Long.parseLong(subject.value());
-        SiteUser siteUser = siteUserRepository.findById(siteUserId)
-                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
-
-        AccessToken accessToken = authTokenProvider.generateAccessToken(subject, siteUser.getRole());
+        SiteUser siteUser = authTokenProvider.parseSiteUser(token);
+        AccessToken accessToken = authTokenProvider.generateAccessToken(siteUser);
         authTokenProvider.deleteRefreshTokenByAccessToken(accessToken);
         tokenBlackListService.addToBlacklist(accessToken);
     }
@@ -58,17 +53,14 @@ public void quit(long siteUserId, String token) {
      * - 유효한 리프레시토큰이면, 액세스 토큰을 재발급한다.
      * - 그렇지 않으면 예외를 발생시킨다.
      * */
-    public ReissueResponse reissue(long siteUserId, ReissueRequest reissueRequest) {
+    public ReissueResponse reissue(String requestedRefreshToken) {
         // 리프레시 토큰 확인
-        String requestedRefreshToken = reissueRequest.refreshToken();
         if (!authTokenProvider.isValidRefreshToken(requestedRefreshToken)) {
             throw new CustomException(REFRESH_TOKEN_EXPIRED);
         }
         // 액세스 토큰 재발급
-        SiteUser siteUser = siteUserRepository.findById(siteUserId)
-                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
-        Subject subject = authTokenProvider.parseSubject(requestedRefreshToken);
-        AccessToken newAccessToken = authTokenProvider.generateAccessToken(subject, siteUser.getRole());
+        SiteUser siteUser = authTokenProvider.parseSiteUser(requestedRefreshToken);
+        AccessToken newAccessToken = authTokenProvider.generateAccessToken(siteUser);
         return ReissueResponse.from(newAccessToken);
     }
 }

src/main/java/com/example/solidconnection/auth/service/AuthService.java

@@ -1,8 +1,12 @@
 package com.example.solidconnection.auth.service;
 
+import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
+
 import com.example.solidconnection.auth.domain.TokenType;
+import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.siteuser.domain.Role;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import java.util.Map;
 import java.util.Objects;
 import lombok.RequiredArgsConstructor;
@@ -17,15 +21,21 @@ public class AuthTokenProvider {
 
     private final RedisTemplate<String, String> redisTemplate;
     private final TokenProvider tokenProvider;
+    private final SiteUserRepository siteUserRepository;
 
-    public AccessToken generateAccessToken(Subject subject, Role role) {
+    public AccessToken generateAccessToken(SiteUser siteUser) {
+        Subject subject = toSubject(siteUser);
+        Role role = siteUser.getRole();
         String token = tokenProvider.generateToken(
-                subject.value(), Map.of(ROLE_CLAIM_KEY, role.name()), TokenType.ACCESS
+                subject.value(),
+                Map.of(ROLE_CLAIM_KEY, role.name()),
+                TokenType.ACCESS
         );
         return new AccessToken(subject, role, token);
     }
 
-    public RefreshToken generateAndSaveRefreshToken(Subject subject) {
+    public RefreshToken generateAndSaveRefreshToken(SiteUser siteUser) {
+        Subject subject = toSubject(siteUser);
         String token = tokenProvider.generateToken(subject.value(), TokenType.REFRESH);
         tokenProvider.saveToken(token, TokenType.REFRESH);
         return new RefreshToken(subject, token);
@@ -49,9 +59,11 @@ public void deleteRefreshTokenByAccessToken(AccessToken accessToken) {
         redisTemplate.delete(refreshTokenKey);
     }
 
-    public Subject parseSubject(String token) {
+    public SiteUser parseSiteUser(String token) {
         String subject = tokenProvider.parseSubject(token);
-        return new Subject(subject);
+        long siteUserId = Long.parseLong(subject);
+        return siteUserRepository.findById(siteUserId)
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
     }
 
     public Subject toSubject(SiteUser siteUser) {

src/main/java/com/example/solidconnection/auth/service/AuthTokenProvider.java

@@ -15,9 +15,8 @@ public class SignInService {
     @Transactional
     public SignInResponse signIn(SiteUser siteUser) {
         resetQuitedAt(siteUser);
-        Subject subject = authTokenProvider.toSubject(siteUser);
-        AccessToken accessToken = authTokenProvider.generateAccessToken(subject, siteUser.getRole());
-        RefreshToken refreshToken = authTokenProvider.generateAndSaveRefreshToken(subject);
+        AccessToken accessToken = authTokenProvider.generateAccessToken(siteUser);
+        RefreshToken refreshToken = authTokenProvider.generateAndSaveRefreshToken(siteUser);
         return SignInResponse.of(accessToken, refreshToken);
     }
 

src/main/java/com/example/solidconnection/auth/service/SignInService.java

@@ -1,6 +1,7 @@
 package com.example.solidconnection.chat.controller;
 
 import com.example.solidconnection.chat.dto.ChatMessageResponse;
+import com.example.solidconnection.chat.dto.ChatParticipantResponse;
 import com.example.solidconnection.chat.dto.ChatRoomListResponse;
 import com.example.solidconnection.chat.service.ChatService;
 import com.example.solidconnection.common.dto.SliceResponse;
@@ -41,6 +42,15 @@ public ResponseEntity<SliceResponse<ChatMessageResponse>> getChatMessages(
         return ResponseEntity.ok(response);
     }
 
+    @GetMapping("rooms/{room-id}/partner")
+    public ResponseEntity<ChatParticipantResponse> getChatPartner(
+            @AuthorizedUser long siteUserId,
+            @PathVariable("room-id") Long roomId
+    ) {
+        ChatParticipantResponse response = chatService.getChatPartner(siteUserId, roomId);
+        return ResponseEntity.ok(response);
+    }
+
     @PutMapping("/rooms/{room-id}/read")
     public ResponseEntity<Void> markChatMessagesAsRead(
             @AuthorizedUser long siteUserId,

src/main/java/com/example/solidconnection/chat/controller/ChatController.java

@@ -84,16 +84,6 @@ private ChatRoomResponse toChatRoomResponse(ChatRoom chatRoom, long siteUserId)
         return ChatRoomResponse.of(chatRoom.getId(), lastChatMessage, lastReceivedTime, partner, unReadCount);
     }
 
-    private ChatParticipant findPartner(ChatRoom chatRoom, long siteUserId) {
-        if (chatRoom.isGroup()) {
-            throw new CustomException(INVALID_CHAT_ROOM_STATE);
-        }
-        return chatRoom.getChatParticipants().stream()
-                .filter(participant -> participant.getSiteUserId() != siteUserId)
-                .findFirst()
-                .orElseThrow(() -> new CustomException(CHAT_PARTNER_NOT_FOUND));
-    }
-
     @Transactional(readOnly = true)
     public SliceResponse<ChatMessageResponse> getChatMessages(long siteUserId, long roomId, Pageable pageable) {
         validateChatRoomParticipant(siteUserId, roomId);
@@ -107,6 +97,26 @@ public SliceResponse<ChatMessageResponse> getChatMessages(long siteUserId, long
         return SliceResponse.of(content, chatMessages);
     }
 
+    @Transactional(readOnly = true)
+    public ChatParticipantResponse getChatPartner(long siteUserId, Long roomId) {
+        ChatRoom chatRoom = chatRoomRepository.findById(roomId)
+                .orElseThrow(() -> new CustomException(INVALID_CHAT_ROOM_STATE));
+        ChatParticipant partnerParticipant = findPartner(chatRoom, siteUserId);
+        SiteUser siteUser = siteUserRepository.findById(partnerParticipant.getSiteUserId())
+                .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
+        return ChatParticipantResponse.of(siteUser.getId(), siteUser.getNickname(), siteUser.getProfileImageUrl());
+    }
+
+    private ChatParticipant findPartner(ChatRoom chatRoom, long siteUserId) {
+        if (chatRoom.isGroup()) {
+            throw new CustomException(INVALID_CHAT_ROOM_STATE);
+        }
+        return chatRoom.getChatParticipants().stream()
+                .filter(participant -> participant.getSiteUserId() != siteUserId)
+                .findFirst()
+                .orElseThrow(() -> new CustomException(CHAT_PARTNER_NOT_FOUND));
+    }
+
     public void validateChatRoomParticipant(long siteUserId, long roomId) {
         boolean isParticipant = chatParticipantRepository.existsByChatRoomIdAndSiteUserId(roomId, siteUserId);
         if (!isParticipant) {

src/main/java/com/example/solidconnection/chat/service/ChatService.java

@@ -56,6 +56,7 @@ public enum ErrorCode {
     ACCESS_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "액세스 토큰이 만료되었습니다. 재발급 api를 호출해주세요."),
     REFRESH_TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED.value(), "리프레시 토큰이 만료되었습니다. 다시 로그인을 진행해주세요."),
     ACCESS_DENIED(HttpStatus.FORBIDDEN.value(), "접근 권한이 없습니다."),
+    REFRESH_TOKEN_NOT_EXISTS(HttpStatus.BAD_REQUEST.value(), "리프레시 토큰이 존재하지 않습니다."),
     PASSWORD_MISMATCH(HttpStatus.BAD_REQUEST.value(), "비밀번호가 일치하지 않습니다."),
     PASSWORD_NOT_CHANGED(HttpStatus.BAD_REQUEST.value(), "현재 비밀번호와 새 비밀번호가 동일합니다."),
     PASSWORD_NOT_CONFIRMED(HttpStatus.BAD_REQUEST.value(), "새 비밀번호가 일치하지 않습니다."),