[fix #134] 콜백 인증 방식 변경 (#137)

YAPP-Github · Aug 25, 2024 · d5cfe33 · d5cfe33
1 parent 3b6070b
commit d5cfe33
Show file tree

Hide file tree

Showing 8 changed files with 48 additions and 5 deletions.
diff --git a/adapters/in-web/build.gradle.kts b/adapters/in-web/build.gradle.kts
@@ -16,6 +16,7 @@ dependencies {
     implementation("org.springframework.boot:spring-boot-starter-actuator")
     implementation("io.micrometer:micrometer-registry-prometheus")
     implementation("org.springframework.boot:spring-boot-starter-security")
+    implementation("org.springframework.boot:spring-boot-starter-aop")
     implementation("org.springframework.data:spring-data-commons")
     implementation("org.springframework.boot:spring-boot-starter-validation")
     implementation("org.springdoc:springdoc-openapi-starter-webmvc-ui:2.5.0")

diff --git a/adapters/in-web/src/main/kotlin/com/pokit/auth/aop/KakaoAuth.kt b/adapters/in-web/src/main/kotlin/com/pokit/auth/aop/KakaoAuth.kt
@@ -0,0 +1,5 @@
+package com.pokit.auth.aop
+
+@Target(AnnotationTarget.FUNCTION)
+@Retention(AnnotationRetention.RUNTIME)
+annotation class KakaoAuth
diff --git a/adapters/in-web/src/main/kotlin/com/pokit/auth/aop/KakaoAuthenticationAspect.kt b/adapters/in-web/src/main/kotlin/com/pokit/auth/aop/KakaoAuthenticationAspect.kt
@@ -0,0 +1,34 @@
+package com.pokit.auth.aop
+
+import com.pokit.common.exception.ClientValidationException
+import com.pokit.common.exception.InvalidRequestException
+import com.pokit.token.exception.AuthErrorCode
+import jakarta.servlet.http.HttpServletRequest
+import org.aspectj.lang.annotation.Aspect
+import org.aspectj.lang.annotation.Before
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.http.HttpHeaders
+import org.springframework.stereotype.Component
+
+@Aspect
+@Component
+class KakaoAuthenticationAspect(
+    private val request: HttpServletRequest
+) {
+    @Value("\${auth.kakao.app-admin-key}")
+    lateinit var adminKey: String
+
+    @Before("@annotation(com.pokit.auth.aop.KakaoAuth)")
+    fun checkCallbackHeader() {
+        val authorizationHeader = request.getHeader(HttpHeaders.AUTHORIZATION)
+
+        if (authorizationHeader.isNullOrBlank()) {
+            throw ClientValidationException(AuthErrorCode.TOKEN_REQUIRED)
+        }
+
+        val (type, token) = authorizationHeader.split(" ", limit = 2)
+        if (type != "KakaoAK" || adminKey != token) {
+            throw InvalidRequestException(AuthErrorCode.INVALID_TOKEN)
+        }
+    }
+}
diff --git a/adapters/in-web/src/main/kotlin/com/pokit/auth/config/SecurityConfig.kt b/adapters/in-web/src/main/kotlin/com/pokit/auth/config/SecurityConfig.kt
@@ -21,6 +21,7 @@ class SecurityConfig(
             "/api/v1/auth/signin",
             "/api/v1/auth/reissue",
             "/api/v1/user/interests",
+            "/api/v1/category/share/callback",
             "/swagger-ui/index.html#/",
             "/swagger",
             "/swagger-ui.html",

diff --git a/adapters/in-web/src/main/kotlin/com/pokit/auth/filter/CustomAuthenticationFilter.kt b/adapters/in-web/src/main/kotlin/com/pokit/auth/filter/CustomAuthenticationFilter.kt
@@ -30,6 +30,7 @@ class CustomAuthenticationFilter(
             "/api/v1/auth/signin",
             "/api/v1/auth/reissue",
             "/api/v1/user/interests",
+            "/api/v1/category/share/callback",
             "/swagger-ui/index.html#/",
             "/swagger", "/swagger-ui.html",
             "/swagger-ui/**",

diff --git a/adapters/in-web/src/main/kotlin/com/pokit/category/CategoryShareController.kt b/adapters/in-web/src/main/kotlin/com/pokit/category/CategoryShareController.kt
@@ -1,5 +1,6 @@
 package com.pokit.category
 
+import com.pokit.auth.aop.KakaoAuth
 import com.pokit.auth.model.PrincipalUser
 import com.pokit.category.dto.request.DuplicateCategoryRequest
 import com.pokit.category.dto.response.SharedContentsResponse
@@ -20,13 +21,13 @@ class CategoryShareController(
     private val categoryUseCase: CategoryUseCase,
     private val contentUseCase: ContentUseCase,
 ) {
+    @KakaoAuth
     @Operation(summary = "포킷 공유 후 callback API")
     @PostMapping("/callback")
     fun completeShare(
-        @AuthenticationPrincipal user: PrincipalUser,
         @RequestParam("categoryId") categoryId: Long,
     ): ResponseEntity<Unit> {
-        return categoryUseCase.completeShare(categoryId, user.id)
+        return categoryUseCase.completeShare(categoryId)
             .wrapOk()
     }
 

diff --git a/application/src/main/kotlin/com/pokit/category/port/in/CategoryUseCase.kt b/application/src/main/kotlin/com/pokit/category/port/in/CategoryUseCase.kt
@@ -16,6 +16,6 @@ interface CategoryUseCase {
     fun getCategories(userId: Long, pageable: Pageable, filterUncategorized: Boolean): Slice<CategoriesResponse>
     fun getCategory(userId: Long, categoryId: Long): Category
     fun getSharedCategory(categoryId: Long, userId: Long): Category
-    fun completeShare(categoryId: Long, userId: Long)
+    fun completeShare(categoryId: Long)
     fun duplicateCategory(originCategoryId: Long, categoryName: String, userId: Long, categoryImageId: Int)
 }
diff --git a/application/src/main/kotlin/com/pokit/category/port/service/CategoryService.kt b/application/src/main/kotlin/com/pokit/category/port/service/CategoryService.kt
@@ -120,8 +120,8 @@ class CategoryService(
     }
 
     @Transactional
-    override fun completeShare(categoryId: Long, userId: Long) {
-        val category = categoryPort.loadCategoryOrThrow(categoryId, userId)
+    override fun completeShare(categoryId: Long) {
+        val category = categoryPort.loadByIdOrThrow(categoryId)
             .completeShare()
 
         categoryPort.persist(category)