From b489fd3b5388846fd38eae6e6a86024cde4446f9 Mon Sep 17 00:00:00 2001 From: sukangpunch Date: Tue, 5 May 2026 21:05:10 +0900 Subject: [PATCH] =?UTF-8?q?fix:=20dev(stage)=20=ED=99=98=EA=B2=BD=EC=9D=98?= =?UTF-8?q?=20refreshToken=20=EC=BF=A0=ED=82=A4=20=EC=9D=B4=EB=A6=84=20?= =?UTF-8?q?=EB=B6=84=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - prod와 stage가 동일한 쿠키 도메인을 공유하여 발생하는 로그인 충돌 문제 해결 - 쿠키 이름을 환경별로 분리할 수 있도록 cookie-name 설정 추가 --- .../auth/controller/RefreshTokenCookieManager.java | 5 ++--- .../auth/controller/config/RefreshTokenCookieProperties.java | 1 + src/main/resources/config/application-variable.yml | 3 +++ .../auth/controller/RefreshTokenCookieManagerTest.java | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java b/src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java index 6b22aa326..a44ed6153 100644 --- a/src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java +++ b/src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java @@ -20,7 +20,6 @@ @RequiredArgsConstructor public class RefreshTokenCookieManager { - private static final String COOKIE_NAME = "refreshToken"; private static final String PATH = "/"; private final RefreshTokenCookieProperties properties; @@ -44,7 +43,7 @@ public void deleteCookie(HttpServletResponse response) { private void setRefreshTokenCookie( HttpServletResponse response, String refreshToken, long maxAge ) { - ResponseCookie cookie = ResponseCookie.from(COOKIE_NAME, refreshToken) + ResponseCookie cookie = ResponseCookie.from(properties.cookieName(), refreshToken) .httpOnly(true) .secure(true) .path(PATH) @@ -64,7 +63,7 @@ public String getRefreshToken(HttpServletRequest request) { // refreshToken 쿠키가 없는 경우 예외 발생 Cookie refreshTokenCookie = Arrays.stream(cookies) - .filter(cookie -> COOKIE_NAME.equals(cookie.getName())) + .filter(cookie -> properties.cookieName().equals(cookie.getName())) .findFirst() .orElseThrow(() -> new CustomException(REFRESH_TOKEN_NOT_EXISTS)); diff --git a/src/main/java/com/example/solidconnection/auth/controller/config/RefreshTokenCookieProperties.java b/src/main/java/com/example/solidconnection/auth/controller/config/RefreshTokenCookieProperties.java index ce6588f14..1e3b060f3 100644 --- a/src/main/java/com/example/solidconnection/auth/controller/config/RefreshTokenCookieProperties.java +++ b/src/main/java/com/example/solidconnection/auth/controller/config/RefreshTokenCookieProperties.java @@ -4,6 +4,7 @@ @ConfigurationProperties(prefix = "token.refresh") public record RefreshTokenCookieProperties( + String cookieName, String cookieDomain ) { diff --git a/src/main/resources/config/application-variable.yml b/src/main/resources/config/application-variable.yml index 400f3b396..25bed6138 100644 --- a/src/main/resources/config/application-variable.yml +++ b/src/main/resources/config/application-variable.yml @@ -81,6 +81,7 @@ sentry: token: refresh: + cookie-name: "refreshToken" cookie-domain: ".solid-connection.com" --- @@ -118,6 +119,7 @@ sentry: token: refresh: + cookie-name: "stageRefreshToken" cookie-domain: ".stage.solid-connection.com" --- @@ -152,4 +154,5 @@ sentry: token: refresh: + cookie-name: "refreshToken" cookie-domain: "localhost" diff --git a/src/test/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManagerTest.java b/src/test/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManagerTest.java index c3df27fce..62fa43a37 100644 --- a/src/test/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManagerTest.java +++ b/src/test/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManagerTest.java @@ -38,6 +38,7 @@ class RefreshTokenCookieManagerTest { @BeforeEach void setUp() { + given(refreshTokenCookieProperties.cookieName()).willReturn(REFRESH_TOKEN_COOKIE_NAME); given(refreshTokenCookieProperties.cookieDomain()).willReturn(domain); }