diff --git a/src/main/java/jungle/HandTris/application/impl/ReissueServiceImpl.java b/src/main/java/jungle/HandTris/application/impl/ReissueServiceImpl.java index c6b8ff0..69d2958 100644 --- a/src/main/java/jungle/HandTris/application/impl/ReissueServiceImpl.java +++ b/src/main/java/jungle/HandTris/application/impl/ReissueServiceImpl.java @@ -4,6 +4,7 @@ import jungle.HandTris.application.service.ReissueService; import jungle.HandTris.domain.Member; import jungle.HandTris.domain.exception.InvalidTokenFormatException; +import jungle.HandTris.domain.exception.MemberNotFoundException; import jungle.HandTris.domain.exception.RefreshTokenExpiredException; import jungle.HandTris.domain.exception.UnauthorizedAccessException; import jungle.HandTris.domain.repo.MemberRepository; @@ -19,7 +20,7 @@ public class ReissueServiceImpl implements ReissueService { private final JWTUtil jwtUtil; private final MemberRepository memberRepository; - public ReissueTokenRes reissue (HttpServletRequest request, String requestUsername) { + public ReissueTokenRes reissue (HttpServletRequest request) { String refreshToken = jwtUtil.resolveRefreshToken(request); //토큰 소멸 시간 검증 @@ -34,7 +35,8 @@ public ReissueTokenRes reissue (HttpServletRequest request, String requestUserna } String nickname = jwtUtil.getNickname(refreshToken); - Member member = memberRepository.findByUsername(requestUsername); + Member member = memberRepository.findByNickname(nickname). + orElseThrow(MemberNotFoundException::new); if(!member.getRefreshToken().equals(refreshToken)) { throw new UnauthorizedAccessException(); diff --git a/src/main/java/jungle/HandTris/application/service/ReissueService.java b/src/main/java/jungle/HandTris/application/service/ReissueService.java index ebeb775..55c614e 100644 --- a/src/main/java/jungle/HandTris/application/service/ReissueService.java +++ b/src/main/java/jungle/HandTris/application/service/ReissueService.java @@ -4,5 +4,5 @@ import jungle.HandTris.presentation.dto.response.ReissueTokenRes; public interface ReissueService { - ReissueTokenRes reissue (HttpServletRequest request, String requestUsername); + ReissueTokenRes reissue (HttpServletRequest request); } diff --git a/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java b/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java index 79c7a6f..4139436 100644 --- a/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java +++ b/src/main/java/jungle/HandTris/global/config/security/SecurityConfig.java @@ -2,10 +2,7 @@ import jungle.HandTris.application.service.CustomOAuth2MemberService; import jungle.HandTris.global.filter.JWTFilter; -import jungle.HandTris.global.handler.JWTAccessDeniedHandler; -import jungle.HandTris.global.handler.JWTAuthenticateDeniedHandler; -import jungle.HandTris.global.handler.OAuth2FailureHandler; -import jungle.HandTris.global.handler.OAuth2SuccessHandler; +import jungle.HandTris.global.handler.*; import jungle.HandTris.global.jwt.JWTUtil; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; @@ -47,7 +44,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .httpBasic((auth) -> auth.disable() ) .authorizeHttpRequests((auth) -> auth - .requestMatchers("/", "/auth/signin", "/auth/signup", "/reissue/**", "/oauth2/loginSuccess", "ws/**").permitAll() + .requestMatchers("/", "/auth/signin", "/auth/signup", + "/reissue", "/oauth2/loginSuccess", "ws/**", "/actuator/prometheus").permitAll() .anyRequest().authenticated() ) .cors(Customizer.withDefaults() diff --git a/src/main/java/jungle/HandTris/presentation/ReissueController.java b/src/main/java/jungle/HandTris/presentation/ReissueController.java index 47685d2..b4ac202 100644 --- a/src/main/java/jungle/HandTris/presentation/ReissueController.java +++ b/src/main/java/jungle/HandTris/presentation/ReissueController.java @@ -15,9 +15,9 @@ public class ReissueController { private final ReissueService reissueService; - @PostMapping("/reissue/{username}") - public ResponseEnvelope reissue (HttpServletRequest request, @PathVariable("username") String requestUsername) { - ReissueTokenRes token = reissueService.reissue(request, requestUsername); + @PostMapping("/reissue") + public ResponseEnvelope reissue (HttpServletRequest request) { + ReissueTokenRes token = reissueService.reissue(request); return ResponseEnvelope.of(token); }