refactor: 문자열 토큰을 Token 클래스로 (#297)

* feat: 토큰 객체 생성

* refactor: authTokenProvider에 토큰 객체 적용

* refactor: authService에 토큰 객체 적용

* refactor: signInService에 토큰 객체 적용

* test: AuthTokenProvider 테스트 보충

* test: AuthService 테스트 보충

* refactor: 인터페이스로 DIP 구현

* test: 리프레시토큰 조회 함수 변경에 따른 테스트 수정

* test: 블랙리스트 저장 방법 변경에 따른 테스트 수정

* test: 깨진 테스트 수정

* refactor: 엑세스 토큰 자체를 블랙리스트로 저장하도록

* refactor: AuthController에서 인증 정보를 String으로 받도록

Author: nayonsoso

src/main/java/com/example/solidconnection/auth/controller/AuthController.java

@@ -97,11 +97,11 @@ public ResponseEntity<SignInResponse> signUp(
     public ResponseEntity<Void> signOut(
             Authentication authentication
     ) {
-        String token = authentication.getCredentials().toString();
-        if (token == null) {
+        String accessToken = (String) authentication.getCredentials();
+        if (accessToken == null || accessToken.isBlank()) {
             throw new CustomException(ErrorCode.AUTHENTICATION_FAILED, "토큰이 없습니다.");
         }
-        authService.signOut(token);
+        authService.signOut(accessToken);
         return ResponseEntity.ok().build();
     }
 

src/main/java/com/example/solidconnection/auth/dto/ReissueResponse.java

@@ -1,5 +1,12 @@
 package com.example.solidconnection.auth.dto;
 
+import com.example.solidconnection.auth.service.AccessToken;
+
 public record ReissueResponse(
-        String accessToken) {
+        String accessToken
+) {
+
+    public static ReissueResponse from(AccessToken accessToken) {
+        return new ReissueResponse(accessToken.token());
+    }
 }

src/main/java/com/example/solidconnection/auth/dto/SignInResponse.java

@@ -1,7 +1,14 @@
 package com.example.solidconnection.auth.dto;
 
+import com.example.solidconnection.auth.service.AccessToken;
+import com.example.solidconnection.auth.service.RefreshToken;
+
 public record SignInResponse(
         String accessToken,
         String refreshToken
 ) {
+
+    public static SignInResponse of(AccessToken accessToken, RefreshToken refreshToken) {
+        return new SignInResponse(accessToken.token(), refreshToken.token());
+    }
 }

src/main/java/com/example/solidconnection/auth/service/AccessToken.java

@@ -0,0 +1,11 @@
+package com.example.solidconnection.auth.service;
+
+public record AccessToken(
+        Subject subject,
+        String token
+) {
+
+    public AccessToken(String subject, String token) {
+        this(new Subject(subject), token);
+    }
+}

src/main/java/com/example/solidconnection/auth/service/AuthService.java

@@ -1,35 +1,30 @@
 package com.example.solidconnection.auth.service;
 
-
 import com.example.solidconnection.auth.dto.ReissueRequest;
 import com.example.solidconnection.auth.dto.ReissueResponse;
-import com.example.solidconnection.config.security.JwtProperties;
 import com.example.solidconnection.custom.exception.CustomException;
 import com.example.solidconnection.siteuser.domain.SiteUser;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
 import java.time.LocalDate;
-import java.util.Objects;
-import java.util.Optional;
 
 import static com.example.solidconnection.custom.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
-import static com.example.solidconnection.util.JwtUtils.parseSubject;
 
 @RequiredArgsConstructor
 @Service
 public class AuthService {
 
     private final AuthTokenProvider authTokenProvider;
-    private final JwtProperties jwtProperties;
 
     /*
      * 로그아웃 한다.
      * - 엑세스 토큰을 블랙리스트에 추가한다.
      * */
-    public void signOut(String accessToken) {
-        authTokenProvider.generateAndSaveBlackListToken(accessToken);
+    public void signOut(String token) {
+        AccessToken accessToken = authTokenProvider.toAccessToken(token);
+        authTokenProvider.addToBlacklist(accessToken);
     }
 
     /*
@@ -45,19 +40,18 @@ public void quit(SiteUser siteUser) {
 
     /*
      * 액세스 토큰을 재발급한다.
-     * - 요청된 리프레시 토큰과 동일한 subject 의 토큰이 저장되어 있으며 값이 일치할 경우, 액세스 토큰을 재발급한다.
-     * - 그렇지 않으면 예외를 반환한다.
+     * - 유효한 리프레시토큰이면, 액세스 토큰을 재발급한다.
+     * - 그렇지 않으면 예외를 발생시킨다.
      * */
     public ReissueResponse reissue(ReissueRequest reissueRequest) {
         // 리프레시 토큰 확인
         String requestedRefreshToken = reissueRequest.refreshToken();
-        String subject = parseSubject(requestedRefreshToken, jwtProperties.secret());
-        Optional<String> savedRefreshToken = authTokenProvider.findRefreshToken(subject);
-        if (!Objects.equals(requestedRefreshToken, savedRefreshToken.orElse(null))) {
+        if (!authTokenProvider.isValidRefreshToken(requestedRefreshToken)) {
             throw new CustomException(REFRESH_TOKEN_EXPIRED);
         }
         // 액세스 토큰 재발급
-        String newAccessToken = authTokenProvider.generateAccessToken(subject);
-        return new ReissueResponse(newAccessToken);
+        Subject subject = authTokenProvider.parseSubject(requestedRefreshToken);
+        AccessToken newAccessToken = authTokenProvider.generateAccessToken(subject);
+        return ReissueResponse.from(newAccessToken);
     }
 }

src/main/java/com/example/solidconnection/auth/service/AuthTokenProvider.java

@@ -3,49 +3,68 @@
 import com.example.solidconnection.auth.domain.TokenType;
 import com.example.solidconnection.config.security.JwtProperties;
 import com.example.solidconnection.siteuser.domain.SiteUser;
+import com.example.solidconnection.util.JwtUtils;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 
-import java.util.Optional;
+import java.util.Objects;
 
 @Component
-public class AuthTokenProvider extends TokenProvider {
+public class AuthTokenProvider extends TokenProvider implements BlacklistChecker {
 
     public AuthTokenProvider(JwtProperties jwtProperties, RedisTemplate<String, String> redisTemplate) {
         super(jwtProperties, redisTemplate);
     }
 
-    public String generateAccessToken(SiteUser siteUser) {
-        String subject = getSubject(siteUser);
-        return generateToken(subject, TokenType.ACCESS);
+    public AccessToken generateAccessToken(Subject subject) {
+        String token = generateToken(subject.value(), TokenType.ACCESS);
+        return new AccessToken(subject, token);
     }
 
-    public String generateAccessToken(String subject) {
-        return generateToken(subject, TokenType.ACCESS);
+    public RefreshToken generateAndSaveRefreshToken(Subject subject) {
+        String token = generateToken(subject.value(), TokenType.REFRESH);
+        saveToken(token, TokenType.REFRESH);
+        return new RefreshToken(subject, token);
     }
 
-    public String generateAndSaveRefreshToken(SiteUser siteUser) {
-        String subject = getSubject(siteUser);
-        String refreshToken = generateToken(subject, TokenType.REFRESH);
-        return saveToken(refreshToken, TokenType.REFRESH);
+    /*
+    * 액세스 토큰을 블랙리스트에 저장한다.
+    * - key = BLACKLIST:{accessToken}
+    * - value = "signOut" -> key 의 존재만 확인하므로, value 에는 무슨 값이 들어가도 상관없다.
+    * */
+    public void addToBlacklist(AccessToken accessToken) {
+        String blackListKey = TokenType.BLACKLIST.addPrefix(accessToken.token());
+        redisTemplate.opsForValue().set(blackListKey, "signOut");
     }
 
-    public String generateAndSaveBlackListToken(String accessToken) {
-        String blackListToken = generateToken(accessToken, TokenType.BLACKLIST);
-        return saveToken(blackListToken, TokenType.BLACKLIST);
+    /*
+    * 유효한 리프레시 토큰인지 확인한다.
+    * - 요청된 토큰과 같은 subject 의 리프레시 토큰을 조회한다.
+    * - 조회된 리프레시 토큰과 요청된 토큰이 같은지 비교한다.
+    * */
+    public boolean isValidRefreshToken(String requestedRefreshToken) {
+        String subject = JwtUtils.parseSubject(requestedRefreshToken, jwtProperties.secret());
+        String refreshTokenKey = TokenType.REFRESH.addPrefix(subject);
+        String foundRefreshToken = redisTemplate.opsForValue().get(refreshTokenKey);
+        return Objects.equals(requestedRefreshToken, foundRefreshToken);
     }
 
-    public Optional<String> findRefreshToken(String subject) {
-        String refreshTokenKey = TokenType.REFRESH.addPrefix(subject);
-        return Optional.ofNullable(redisTemplate.opsForValue().get(refreshTokenKey));
+    @Override
+    public boolean isTokenBlacklisted(String accessToken) {
+        String blackListTokenKey = TokenType.BLACKLIST.addPrefix(accessToken);
+        return redisTemplate.hasKey(blackListTokenKey);
+    }
+
+    public Subject parseSubject(String token) {
+        String subject = JwtUtils.parseSubject(token, jwtProperties.secret());
+        return new Subject(subject);
     }
 
-    public Optional<String> findBlackListToken(String subject) {
-        String blackListTokenKey = TokenType.BLACKLIST.addPrefix(subject);
-        return Optional.ofNullable(redisTemplate.opsForValue().get(blackListTokenKey));
+    public Subject toSubject(SiteUser siteUser) {
+        return new Subject(siteUser.getId().toString());
     }
 
-    private String getSubject(SiteUser siteUser) {
-        return siteUser.getId().toString();
+    public AccessToken toAccessToken(String token) {
+        return new AccessToken(parseSubject(token), token);
     }
 }

src/main/java/com/example/solidconnection/auth/service/BlacklistChecker.java

@@ -0,0 +1,6 @@
+package com.example.solidconnection.auth.service;
+
+public interface BlacklistChecker {
+
+    boolean isTokenBlacklisted(String token);
+}

src/main/java/com/example/solidconnection/auth/service/RefreshToken.java

@@ -0,0 +1,11 @@
+package com.example.solidconnection.auth.service;
+
+public record RefreshToken(
+        Subject subject,
+        String token
+) {
+
+    RefreshToken(String subject, String token) {
+        this(new Subject(subject), token);
+    }
+}

src/main/java/com/example/solidconnection/auth/service/SignInService.java

@@ -15,9 +15,10 @@ public class SignInService {
     @Transactional
     public SignInResponse signIn(SiteUser siteUser) {
         resetQuitedAt(siteUser);
-        String accessToken = authTokenProvider.generateAccessToken(siteUser);
-        String refreshToken = authTokenProvider.generateAndSaveRefreshToken(siteUser);
-        return new SignInResponse(accessToken, refreshToken);
+        Subject subject = authTokenProvider.toSubject(siteUser);
+        AccessToken accessToken = authTokenProvider.generateAccessToken(subject);
+        RefreshToken refreshToken = authTokenProvider.generateAndSaveRefreshToken(subject);
+        return SignInResponse.of(accessToken, refreshToken);
     }
 
     private void resetQuitedAt(SiteUser siteUser) {

src/main/java/com/example/solidconnection/auth/service/Subject.java

@@ -0,0 +1,6 @@
+package com.example.solidconnection.auth.service;
+
+public record Subject(
+        String value
+) {
+}