From 056146bc9179eca267173761cae887deac779da1 Mon Sep 17 00:00:00 2001 From: MoonJeWoong Date: Tue, 21 Nov 2023 13:32:07 +0900 Subject: [PATCH 1/3] =?UTF-8?q?refactor=20:=20RawToken=20=EB=82=B4?= =?UTF-8?q?=EB=B6=80=20=ED=81=B4=EB=9E=98=EC=8A=A4=EC=9D=98=20Lombok=20?= =?UTF-8?q?=EC=83=9D=EC=84=B1=EC=9E=90=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../harustudy/backend/auth/util/AccessTokenUtils.java | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/backend/src/main/java/harustudy/backend/auth/util/AccessTokenUtils.java b/backend/src/main/java/harustudy/backend/auth/util/AccessTokenUtils.java index 7fa9e9a6..57b71b51 100644 --- a/backend/src/main/java/harustudy/backend/auth/util/AccessTokenUtils.java +++ b/backend/src/main/java/harustudy/backend/auth/util/AccessTokenUtils.java @@ -5,8 +5,9 @@ import harustudy.backend.auth.exception.InvalidAccessTokenException; import java.nio.charset.StandardCharsets; import java.util.Date; +import lombok.AllArgsConstructor; import lombok.Getter; -import lombok.RequiredArgsConstructor; +import lombok.NoArgsConstructor; public class AccessTokenUtils { @@ -47,11 +48,12 @@ private static void validateExpiration(RawToken rawToken) { } @Getter - @RequiredArgsConstructor + @NoArgsConstructor + @AllArgsConstructor private static class RawToken { - private final Long subject; + private Long subject; - private final Date expireAt; + private Date expireAt; } } From cc237d5974ba861d430a2a97294174c2a82be417 Mon Sep 17 00:00:00 2001 From: MoonJeWoong Date: Wed, 22 Nov 2023 15:13:16 +0900 Subject: [PATCH 2/3] =?UTF-8?q?test:=20=EB=B6=88=ED=95=84=EC=9A=94?= =?UTF-8?q?=ED=95=9C=20SpringBootTest=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/util/AesTokenProviderTest.java | 27 ++++++++----------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/backend/src/test/java/harustudy/backend/auth/util/AesTokenProviderTest.java b/backend/src/test/java/harustudy/backend/auth/util/AesTokenProviderTest.java index daf60372..35c404bc 100644 --- a/backend/src/test/java/harustudy/backend/auth/util/AesTokenProviderTest.java +++ b/backend/src/test/java/harustudy/backend/auth/util/AesTokenProviderTest.java @@ -2,39 +2,34 @@ import static org.assertj.core.api.AssertionsForClassTypes.assertThatThrownBy; -import harustudy.backend.auth.config.TokenConfig; +import com.fasterxml.jackson.databind.ObjectMapper; import harustudy.backend.auth.exception.InvalidAccessTokenException; import org.assertj.core.api.SoftAssertions; import org.junit.jupiter.api.DisplayNameGeneration; import org.junit.jupiter.api.DisplayNameGenerator.ReplaceUnderscores; import org.junit.jupiter.api.Test; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.test.context.SpringBootTest; @SuppressWarnings("NonAsciiCharacters") @DisplayNameGeneration(ReplaceUnderscores.class) -@SpringBootTest class AesTokenProviderTest { - @Autowired - private AesTokenProvider aesTokenProvider; - - @Autowired - private TokenConfig tokenConfig; + private final AesTokenProvider aesTokenProvider = new AesTokenProvider(new ObjectMapper()); @Test void 액세스_토큰을_생성한다() { // given Long memberId = 1L; + String secretKey = "12345678901234567890123456789012"; + Long accessTokenExpireLength = 12345L; // when String accessToken = aesTokenProvider.createAccessToken(memberId, - tokenConfig.accessTokenExpireLength(), tokenConfig.secretKey()); + accessTokenExpireLength, secretKey); // then SoftAssertions.assertSoftly(softly -> { softly.assertThat(accessToken.length()).isGreaterThan(0); - softly.assertThat(aesTokenProvider.parseSubject(accessToken, tokenConfig.secretKey())) + softly.assertThat(aesTokenProvider.parseSubject(accessToken, secretKey)) .isEqualTo(memberId); }); } @@ -43,10 +38,10 @@ class AesTokenProviderTest { void 복호화되지_않는_액세스_토큰을_검증하면_예외를_던진다() { // given String invalidAccessToken = "invalid-access-token"; + String secretKey = "12345678901234567890123456789012"; // when, then - assertThatThrownBy(() -> aesTokenProvider.parseSubject(invalidAccessToken, - tokenConfig.secretKey())) + assertThatThrownBy(() -> aesTokenProvider.parseSubject(invalidAccessToken, secretKey)) .isInstanceOf(InvalidAccessTokenException.class); } @@ -54,12 +49,12 @@ class AesTokenProviderTest { void 만료된_액세스_토큰을_검증하면_예외를_던진다() { // given Long memberId = 1L; + String secretKey = "12345678901234567890123456789012"; String expiredAccessToken = aesTokenProvider.createAccessToken(memberId, -1L, - tokenConfig.secretKey()); + secretKey); // when, then - assertThatThrownBy(() -> aesTokenProvider.parseSubject(expiredAccessToken, - tokenConfig.secretKey())) + assertThatThrownBy(() -> aesTokenProvider.parseSubject(expiredAccessToken, secretKey)) .isInstanceOf(InvalidAccessTokenException.class); } } From 23dcf5523f659e1262f2b48b0ebd27507ed8d15b Mon Sep 17 00:00:00 2001 From: MoonJeWoong Date: Wed, 22 Nov 2023 15:24:49 +0900 Subject: [PATCH 3/3] =?UTF-8?q?refactor:=20BearerAuthorizationParser=20?= =?UTF-8?q?=EB=B6=88=ED=95=84=EC=9A=94=ED=95=9C=20Component=20=EB=93=B1?= =?UTF-8?q?=EB=A1=9D=20=EC=A0=9C=EA=B1=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/harustudy/backend/auth/AuthInterceptor.java | 3 +-- .../backend/auth/util/BearerAuthorizationParser.java | 5 ++--- .../auth/util/BearerAuthorizationParserTest.java | 10 +++------- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/backend/src/main/java/harustudy/backend/auth/AuthInterceptor.java b/backend/src/main/java/harustudy/backend/auth/AuthInterceptor.java index e9983bc3..9cfa7285 100644 --- a/backend/src/main/java/harustudy/backend/auth/AuthInterceptor.java +++ b/backend/src/main/java/harustudy/backend/auth/AuthInterceptor.java @@ -15,7 +15,6 @@ public class AuthInterceptor implements HandlerInterceptor { private final AuthService authService; - private final BearerAuthorizationParser bearerAuthorizationParser; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, @@ -24,7 +23,7 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons return true; } String authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION); - String accessToken = bearerAuthorizationParser.parse(authorizationHeader); + String accessToken = BearerAuthorizationParser.parse(authorizationHeader); Long memberId = authService.parseMemberId(accessToken); request.setAttribute("memberId", memberId); return HandlerInterceptor.super.preHandle(request, response, handler); diff --git a/backend/src/main/java/harustudy/backend/auth/util/BearerAuthorizationParser.java b/backend/src/main/java/harustudy/backend/auth/util/BearerAuthorizationParser.java index 97825ddf..66b8069f 100644 --- a/backend/src/main/java/harustudy/backend/auth/util/BearerAuthorizationParser.java +++ b/backend/src/main/java/harustudy/backend/auth/util/BearerAuthorizationParser.java @@ -4,7 +4,6 @@ import java.util.Objects; import org.springframework.stereotype.Component; -@Component public class BearerAuthorizationParser { private static final String TOKEN_TYPE = "Bearer"; @@ -12,7 +11,7 @@ public class BearerAuthorizationParser { private static final int ACCESS_TOKEN_LOCATION = 1; private static final int HEADER_SIZE = 2; - public String parse(String authorizationHeader) { + public static String parse(String authorizationHeader) { validateIsNonNull(authorizationHeader); String[] split = authorizationHeader.split(" "); if (split.length != HEADER_SIZE || !split[TOKEN_TYPE_LOCATION].equals(TOKEN_TYPE)) { @@ -21,7 +20,7 @@ public String parse(String authorizationHeader) { return split[ACCESS_TOKEN_LOCATION]; } - private void validateIsNonNull(String authorizationHeader) { + private static void validateIsNonNull(String authorizationHeader) { if (Objects.isNull(authorizationHeader)) { throw new InvalidAuthorizationHeaderException(); } diff --git a/backend/src/test/java/harustudy/backend/auth/util/BearerAuthorizationParserTest.java b/backend/src/test/java/harustudy/backend/auth/util/BearerAuthorizationParserTest.java index 2c3a48f7..0b147a8a 100644 --- a/backend/src/test/java/harustudy/backend/auth/util/BearerAuthorizationParserTest.java +++ b/backend/src/test/java/harustudy/backend/auth/util/BearerAuthorizationParserTest.java @@ -12,12 +12,8 @@ @SuppressWarnings("NonAsciiCharacters") @DisplayNameGeneration(ReplaceUnderscores.class) -@SpringBootTest class BearerAuthorizationParserTest { - @Autowired - private BearerAuthorizationParser bearerAuthorizationParser; - @Test void 인증_헤더에서_액세스_토큰을_파싱한다() { // given @@ -26,7 +22,7 @@ class BearerAuthorizationParserTest { String authorizationHeader = tokenType + " " + accessToken; // when - String parsed = bearerAuthorizationParser.parse(authorizationHeader); + String parsed = BearerAuthorizationParser.parse(authorizationHeader); // then assertThat(parsed).isEqualTo(accessToken); @@ -35,7 +31,7 @@ class BearerAuthorizationParserTest { @Test void 인증_헤더가_없으면_예외를_던진다() { // given, when, then - assertThatThrownBy(() -> bearerAuthorizationParser.parse(null)) + assertThatThrownBy(() -> BearerAuthorizationParser.parse(null)) .isInstanceOf(InvalidAuthorizationHeaderException.class); } @@ -47,7 +43,7 @@ class BearerAuthorizationParserTest { String authorizationHeader = tokenType + " " + email; // when, then - assertThatThrownBy(() -> bearerAuthorizationParser.parse(authorizationHeader)) + assertThatThrownBy(() -> BearerAuthorizationParser.parse(authorizationHeader)) .isInstanceOf(InvalidAuthorizationHeaderException.class); } }