Skip to content

Commit

Permalink
Merge pull request #167 from Team-Going/feature/166
Browse files Browse the repository at this point in the history
[fix] Access Token & Refresh Token 검증 오류 수정
  • Loading branch information
SunwoongH authored Jul 11, 2024
2 parents 65fa1aa + 13b7549 commit 91b7918
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ public String generateToken(Long userId, boolean isAccessToken) {
return Jwts.builder()
.setHeaderParam(Header.TYPE, Header.JWT_TYPE)
.setSubject(String.valueOf(userId))
.setIssuer(setIssuerBy(isAccessToken).toString())
.setIssuedAt(now)
.setExpiration(expiration)
.signWith(getSigningKey(), SignatureAlgorithm.HS256)
Expand Down Expand Up @@ -62,4 +63,11 @@ private String encodeSecretKey() {
return Base64.getEncoder()
.encodeToString(secretKey.getBytes());
}

private JwtType setIssuerBy(boolean isAccessToken) {
if (isAccessToken) {
return JwtType.AT;
}
return JwtType.RT;
}
}
6 changes: 6 additions & 0 deletions doorip-api/src/main/java/org/doorip/auth/jwt/JwtType.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
package org.doorip.auth.jwt;

public enum JwtType {
AT,
RT;
}
18 changes: 14 additions & 4 deletions doorip-api/src/main/java/org/doorip/auth/jwt/JwtValidator.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package org.doorip.auth.jwt;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtParser;
import lombok.RequiredArgsConstructor;
Expand All @@ -14,7 +15,11 @@ public class JwtValidator {

public void validateAccessToken(String accessToken) {
try {
parseToken(accessToken);
Claims claims = parseToken(accessToken);
String issuer = claims.getIssuer();
if (issuer.equals(JwtType.RT.toString())) {
throw new UnauthorizedException(ErrorMessage.INVALID_ACCESS_TOKEN_VALUE);
}
} catch (ExpiredJwtException e) {
throw new UnauthorizedException(ErrorMessage.EXPIRED_ACCESS_TOKEN);
} catch (Exception e) {
Expand All @@ -24,7 +29,11 @@ public void validateAccessToken(String accessToken) {

public void validateRefreshToken(String refreshToken) {
try {
parseToken(refreshToken);
Claims claims = parseToken(refreshToken);
String issuer = claims.getIssuer();
if (issuer.equals(JwtType.AT.toString())) {
throw new UnauthorizedException(ErrorMessage.INVALID_REFRESH_TOKEN_VALUE);
}
} catch (ExpiredJwtException e) {
throw new UnauthorizedException(ErrorMessage.EXPIRED_REFRESH_TOKEN);
} catch (Exception e) {
Expand All @@ -38,8 +47,9 @@ public void equalsRefreshToken(String refreshToken, String storedRefreshToken) {
}
}

private void parseToken(String token) {
private Claims parseToken(String token) {
JwtParser jwtParser = jwtGenerator.getJwtParser();
jwtParser.parseClaimsJws(token);
return jwtParser.parseClaimsJws(token)
.getBody();
}
}

0 comments on commit 91b7918

Please sign in to comment.