MOSU-216 feat: 카카오 심사 성공에 따른 필드 추가

[wlgns12370]

✨ 구현한 기능

• resolve [🛠 기능 구현] 카카오 심사 성공에 따른 필드 추가 #216
• 카카오 심사 성공에 따른 필드 추가

📢 논의하고 싶은 내용

• x

🎸 기타

• x

Summary by CodeRabbit

• New Features

  • Expanded Kakao OAuth2 integration to request additional user information, including email, name, gender, birthday, birth year, and phone number.
  • Added new error messages to inform users if required Kakao profile information is missing or if birthday parsing fails during login.

• Bug Fixes

  • Improved validation and error handling for incomplete or missing Kakao user data during OAuth login.

• Chores

  • Enhanced logging for OAuth2 user attributes during login.
  • Removed unnecessary logging from authentication filters and handlers for cleaner logs.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Caution

Review failed

The pull request is closed.

Walkthrough

The changes refactor Kakao OAuth user data parsing in OAuthUserInfo to add robust extraction, validation, and error handling for required fields. Additional error codes are introduced, logging is added to OAuthUserService, and logging is removed from other classes. The OAuth2 scopes for Kakao are expanded in the configuration.

Changes

Cohort / File(s)	Change Summary
Kakao OAuth User Data Parsing & Validation src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java	Refactored ofKakao to robustly extract, validate, and normalize Kakao user data; added error handling, removed dummy data.
OAuth User Service Logging src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserService.java	Added @Slf4j annotation and info-level logging of OAuth2 user attributes in loadUser.
Error Code Addition src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java	Added INSUFFICIENT_KAKAO_USER_DATA and DO_NOT_PARSE_KAKAO_BIRTHDAY error codes for Kakao user data issues.
KMC Token Filter Logging Removal src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java	Removed all logging statements and related unused imports/constants.
OAuth2 Login Success Handler Logging Removal src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginSuccessHandler.java	Removed logging annotation and login success log statement.
Kakao OAuth2 Scope Expansion src/main/resources/security-config.yml	Expanded Kakao OAuth2 scopes to include email, name, gender, birthday, birthyear, and phone number.

Sequence Diagram(s)

sequenceDiagram
    participant Kakao as Kakao OAuth2 Provider
    participant User as User
    participant Server as mosuserver (OAuthUserService / OAuthUserInfo)

    User->>Kakao: Initiate OAuth2 login
    Kakao-->>User: Return auth code
    User->>Server: Send auth code
    Server->>Kakao: Exchange code for user info (with expanded scopes)
    Kakao-->>Server: Return user info (with additional fields)
    Server->>Server: Parse & validate user info (OAuthUserInfo.ofKakao)
    alt Required fields present
        Server->>User: Complete login
    else Missing required fields
        Server->>User: Respond with INSUFFICIENT_KAKAO_USER_DATA error
    end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~15 minutes

Assessment against linked issues

Objective	Addressed	Explanation
Add Kakao fields after review success (#216)	✅

Assessment against linked issues: Out-of-scope changes

No out-of-scope changes found.

Possibly related PRs

• MOSU-165 feat: OAuth Auth 회원가입 로직 병합 #167: Refactors the same ofKakao method in OAuthUserInfo, but with a different approach to user data handling.
• Fix#175 토스페이먼츠 심사를 위한 Oauth 개인정보 제거 #181: Modifies ofKakao method with minor hardcoded phone number changes, related to user data parsing.

Suggested reviewers

• chominju02
• polyglot-k

Poem

In fields of code where rabbits roam,
Kakao data finds a home.
With logs trimmed back and errors clear,
New scopes and checks bring users near.
A hop, a leap, the data flows—
Now every bunny surely knows!
🐇✨

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6442797 and 60e58fc.

📒 Files selected for processing (3)

• src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java (2 hunks)
• src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java (1 hunks)
• src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java (2 hunks)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/mosu-216

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[gemini-code-assist]

Summary of Changes

Hello @wlgns12370, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request implements new functionality to correctly parse and utilize additional user information from Kakao OAuth, following a successful Kakao review process. It expands the data collected during Kakao login to include details such as name, email, phone number, gender, and birth date, ensuring a more comprehensive user profile can be created.

Highlights

• Enhanced Kakao OAuth User Data Parsing: The OAuthUserInfo class has been significantly updated to extract and process a wider range of user attributes (name, email, phone number, gender, birth year, birthday) from Kakao's OAuth response.
• Robust Birth Date Handling: Implemented logic to parse birth year and day into a LocalDate object, including error handling for invalid date formats.
• New Error Code for Incomplete Data: A new error code, INSUFFICIENT_KAKAO_USER_DATA, has been introduced to handle cases where essential user information is not provided by Kakao.
• Expanded Kakao OAuth Scopes: The security-config.yml has been updated to request additional permissions from Kakao, allowing the application to receive the newly processed user details.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments or fill out our survey to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates the Kakao OAuth integration to use additional user information fields, following a successful review by Kakao. The changes involve parsing more attributes from the Kakao API response, such as name, email, gender, and birthdate. My review focuses on improving the robustness of the parsing logic, ensuring proper validation of required fields, and cleaning up debugging logs.

[gemini-code-assist]

The validation for required fields from Kakao is inconsistent and incomplete.

• The check is missing validation for email, which is used as a unique loginId later. If email is null, it defaults to "NA", which can cause a DataIntegrityViolationException for subsequent users without an email.
• The check for birthYear == null is redundant, as birthDate will be null if birthYear is null.
• The error message on line 62 is inconsistent with the fields being checked. It mentions "이름, 이메일" (name, email), but the check is on name, birthYear, birthDate, and gender.

The check should be updated to include email and the error message should be made consistent.

Suggested change

	if (name == null || birthYear == null || birthDate == null || gender == null) {
	log.error("카카오 응답에서 필수 정보(이름, 이메일)를 찾을 수 없습니다. 응답: {}", account);
	throw new CustomRuntimeException(ErrorCode.INSUFFICIENT_KAKAO_USER_DATA);
	}
	if (name == null || email == null || birthDate == null || gender == null) {
	log.error("카카오 응답에서 필수 정보(이름, 이메일, 생년월일, 성별)를 찾을 수 없습니다. 응답: {}", account);
	throw new CustomRuntimeException(ErrorCode.INSUFFICIENT_KAKAO_USER_DATA);
	}

[gemini-code-assist]

It's a best practice to catch more specific exceptions rather than the generic Exception. This helps in handling different error cases properly and avoids accidentally catching unexpected exceptions like NullPointerException. In this case, LocalDate.parse throws DateTimeParseException.

Suggested change

	} catch (Exception e) {
	} catch (java.time.format.DateTimeParseException e) {

[gemini-code-assist]

This log message seems to be for debugging purposes. The "KKK" prefix is unconventional and not suitable for production code. If this log is intended for production, it should have a more descriptive message. If it's for debugging, it should be at the DEBUG or TRACE level, or removed before merging.

Suggested change

	log.info("KKK OAuth2User attributes: {}", oAuth2UserAttributes);
	log.debug("OAuth2User attributes: {}", oAuth2UserAttributes);

[coderabbitai]

Note

Generated docstrings for this pull request at #220

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (3)

src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserService.java (1)

33-33: Remove or adjust the debug logging.

The "KKK" prefix appears to be debugging code and is not suitable for production. OAuth attributes may contain sensitive information and should not be logged at INFO level.

-        log.info("KKK OAuth2User attributes: {}", oAuth2UserAttributes);
+        log.debug("OAuth2User attributes received from provider: {}", oAuth2UserAttributes);

src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java (2)

56-56: Use specific exception type instead of generic Exception.

Catching generic Exception can hide unexpected errors. Use the specific exception type thrown by LocalDate.parse.

-            } catch (Exception e) {
+            } catch (java.time.format.DateTimeParseException e) {

---

61-64: Fix validation logic and error message consistency.

The validation is missing email check while the error message mentions it. Email is critical as it's used as the unique loginId. The birthYear check is redundant since birthDate will be null if parsing fails.

-        if (name == null || birthYear == null || birthDate == null || gender == null) {
-            log.error("카카오 응답에서 필수 정보(이름, 이메일)를 찾을 수 없습니다. 응답: {}", account);
+        if (name == null || email == null || birthDate == null || gender == null) {
+            log.error("카카오 응답에서 필수 정보(이름, 이메일, 생년월일, 성별)를 찾을 수 없습니다. 응답: {}", account);
             throw new CustomRuntimeException(ErrorCode.INSUFFICIENT_KAKAO_USER_DATA);
         }

🧹 Nitpick comments (1)

src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java (1)

30-33: Consider renaming the constant for clarity.

The current name UnskippedUrlPrefixes is misleading. The logic skips the filter when the URL doesn't match, meaning the filter only applies to URLs that start with this prefix.

-    private static final String UnskippedUrlPrefixes = "/api/v1/user/me/password";
+    private static final String FILTERED_URL_PREFIX = "/api/v1/user/me/password";

     // ...
-        if (!request.getRequestURI().startsWith(UnskippedUrlPrefixes)) {
+        if (!request.getRequestURI().startsWith(FILTERED_URL_PREFIX)) {

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 34aa232 and 6442797.

📒 Files selected for processing (6)

• src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java (2 hunks)
• src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserService.java (2 hunks)
• src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java (1 hunks)
• src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java (2 hunks)
• src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginSuccessHandler.java (0 hunks)
• src/main/resources/security-config.yml (1 hunks)

💤 Files with no reviewable changes (1)

• src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginSuccessHandler.java

🔇 Additional comments (2)

src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java (1)

20-20: LGTM!

The new error code is well-placed in the OAuth section and follows the existing pattern with appropriate HTTP status.

src/main/resources/security-config.yml (1)

12-18: LGTM!

The expanded OAuth scopes align well with the PR objective and match the fields being parsed in the OAuth user info handling.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (3)

src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserService.java (1)

33-33: The "KKK" log prefix issue was previously raised.

This logging statement with the unconventional "KKK" prefix was already flagged in a previous review. Consider using a more descriptive prefix or DEBUG level logging.

src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java (2)

56-56: Use specific exception type instead of generic Exception.

This was previously raised - catching DateTimeParseException specifically is better practice than catching generic Exception.

---

61-64: Email validation is still missing from required field checks.

This critical issue was previously identified. The email field should be included in the validation as it's used as the unique loginId. Also, the error message mentions "이름, 이메일" but email is not actually being validated.

🧹 Nitpick comments (1)

src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java (1)

19-19: Fix constant naming convention.

Java constants should use UPPER_SNAKE_CASE naming convention.

-    private static final String UnskippedUrlPrefixes = "/api/v1/user/me/password";
+    private static final String UNSKIPPED_URL_PREFIXES = "/api/v1/user/me/password";

Also update the reference at line 30:

-        if (!request.getRequestURI().startsWith(UnskippedUrlPrefixes)) {
+        if (!request.getRequestURI().startsWith(UNSKIPPED_URL_PREFIXES)) {

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 34aa232 and 6442797.

📒 Files selected for processing (6)

• src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserInfo.java (2 hunks)
• src/main/java/life/mosu/mosuserver/application/oauth/OAuthUserService.java (2 hunks)
• src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java (1 hunks)
• src/main/java/life/mosu/mosuserver/global/filter/KmcTokenProcessingFilter.java (2 hunks)
• src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginSuccessHandler.java (0 hunks)
• src/main/resources/security-config.yml (1 hunks)

💤 Files with no reviewable changes (1)

• src/main/java/life/mosu/mosuserver/global/handler/OAuth2LoginSuccessHandler.java

🔇 Additional comments (2)

src/main/java/life/mosu/mosuserver/global/exception/ErrorCode.java (1)

20-20: LGTM! Error code addition is appropriate.

The new INSUFFICIENT_KAKAO_USER_DATA error code properly handles missing required fields from Kakao OAuth responses.

src/main/resources/security-config.yml (1)

12-18: OAuth2 scope expansion looks good.

The expanded Kakao OAuth2 scopes appropriately match the PR objective of adding fields following Kakao's successful review process.