[BE] Feature/#388 refresh token 및 로그아웃 기능 구현

backend/src/docs/asciidoc/auth.adoc

@@ -0,0 +1,13 @@
+== 소셜 로그인
+
+=== KAKAO 로그인 URL 반환
+
+operation::login-controller-test/redirection[snippets='http-request,http-response']
+
+=== KAKAO 로그인
+
+operation::login-controller-test/login[snippets='http-request,http-response']
+
+=== 로그아웃
+
+operation::login-controller-test/logout[snippets='http-request,http-response']

backend/src/docs/asciidoc/index.adoc

@@ -13,6 +13,6 @@ include::pin.adoc[]
 include::atlas.adoc[]
 include::member.adoc[]
 include::permission.adoc[]
-include::oauth.adoc[]
+include::auth.adoc[]
 include::bookmark.adoc[]
 include::admin.adoc[]

backend/src/main/java/com/mapbefine/mapbefine/auth/application/AuthService.java

@@ -1,8 +1,11 @@
 package com.mapbefine.mapbefine.auth.application;
 
+import static com.mapbefine.mapbefine.auth.exception.AuthException.AuthUnauthorizedException;
+
 import com.mapbefine.mapbefine.auth.domain.AuthMember;
 import com.mapbefine.mapbefine.auth.domain.member.Admin;
 import com.mapbefine.mapbefine.auth.domain.member.User;
+import com.mapbefine.mapbefine.auth.exception.AuthErrorCode;
 import com.mapbefine.mapbefine.member.domain.Member;
 import com.mapbefine.mapbefine.member.domain.MemberRepository;
 import com.mapbefine.mapbefine.topic.domain.Topic;
@@ -22,11 +25,10 @@ public AuthService(MemberRepository memberRepository) {
         this.memberRepository = memberRepository;
     }
 
-    public boolean isMember(Long memberId) {
-        if (Objects.isNull(memberId)) {
-            return false;
+    public void validateMember(Long memberId) {
+        if (Objects.isNull(memberId) || !memberRepository.existsById(memberId)) {
+            throw new AuthUnauthorizedException(AuthErrorCode.ILLEGAL_MEMBER_ID);
         }
-        return memberRepository.existsById(memberId);
     }
 
     public AuthMember findAuthMemberByMemberId(Long memberId) {

backend/src/main/java/com/mapbefine/mapbefine/auth/application/TokenService.java

@@ -0,0 +1,62 @@
+package com.mapbefine.mapbefine.auth.application;
+
+import static com.mapbefine.mapbefine.auth.exception.AuthErrorCode.ILLEGAL_TOKEN;
+
+import com.mapbefine.mapbefine.auth.domain.token.RefreshToken;
+import com.mapbefine.mapbefine.auth.domain.token.RefreshTokenRepository;
+import com.mapbefine.mapbefine.auth.dto.LoginTokens;
+import com.mapbefine.mapbefine.auth.exception.AuthException.AuthUnauthorizedException;
+import com.mapbefine.mapbefine.auth.infrastructure.TokenProvider;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@Transactional
+public class TokenService {
+
+    private final TokenProvider tokenProvider;
+    private final RefreshTokenRepository refreshTokenRepository;
+
+    public TokenService(TokenProvider tokenProvider, RefreshTokenRepository refreshTokenRepository) {
+        this.tokenProvider = tokenProvider;
+        this.refreshTokenRepository = refreshTokenRepository;
+    }
+
+    public LoginTokens issueTokens(Long memberId) {
+        String accessToken = tokenProvider.createAccessToken(String.valueOf(memberId));
+        String refreshToken = tokenProvider.createRefreshToken();
+
+        refreshTokenRepository.findByMemberId(memberId)
+                .ifPresent(refreshTokenRepository::delete);
+
+        refreshTokenRepository.save(new RefreshToken(refreshToken, memberId));
+
+        return new LoginTokens(accessToken, refreshToken);
+    }
+
+    public LoginTokens reissueToken(String refreshToken, String accessToken) {
+        tokenProvider.validateTokensForReissue(refreshToken, accessToken);
+        Long memberId = findMemberIdByRefreshToken(refreshToken);
+
+        return issueTokens(memberId);
+    }
+
+    private Long findMemberIdByRefreshToken(String token) {
+        RefreshToken refreshToken = refreshTokenRepository.findById(token)
+                .orElseThrow(() -> new AuthUnauthorizedException(ILLEGAL_TOKEN));
+
+        return refreshToken.getMemberId();
+    }
+
+    public void removeRefreshToken(String refreshToken, String accessToken) {
+        tokenProvider.validateTokensForRemoval(refreshToken, accessToken);
+
+        String payload = tokenProvider.getPayload(accessToken);
+        Long memberId = Long.valueOf(payload);
+
+        refreshTokenRepository.deleteByMemberId(memberId);
+    }
+
+
+
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshToken.java

@@ -0,0 +1,27 @@
+package com.mapbefine.mapbefine.auth.domain.token;
+
+import static lombok.AccessLevel.PROTECTED;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
+@Entity
+@NoArgsConstructor(access = PROTECTED)
+@Getter
+public class RefreshToken {
+
+    @Id
+    private String token;
+
+    @Column(nullable = false, unique = true)
+    private Long memberId;
+
+    public RefreshToken(String token, Long memberId) {
+        this.token = token;
+        this.memberId = memberId;
+    }
+
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/domain/token/RefreshTokenRepository.java

@@ -0,0 +1,12 @@
+package com.mapbefine.mapbefine.auth.domain.token;
+
+import java.util.Optional;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface RefreshTokenRepository extends JpaRepository<RefreshToken, String> {
+
+    Optional<RefreshToken> findByMemberId(Long memberId);
+
+    void deleteByMemberId(Long memberId);
+
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/dto/AccessToken.java

@@ -0,0 +1,6 @@
+package com.mapbefine.mapbefine.auth.dto;
+
+public record AccessToken(
+        String accessToken
+) {
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/dto/LoginTokens.java

@@ -0,0 +1,11 @@
+package com.mapbefine.mapbefine.auth.dto;
+
+public record LoginTokens(
+        String accessToken,
+        String refreshToken
+) {
+
+    public AccessToken toAccessToken() {
+        return new AccessToken(accessToken);
+    }
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/dto/response/LoginInfoResponse.java

@@ -0,0 +1,9 @@
+package com.mapbefine.mapbefine.auth.dto.response;
+
+import com.mapbefine.mapbefine.member.dto.response.MemberDetailResponse;
+
+public record LoginInfoResponse(
+        String accessToken,
+        MemberDetailResponse member
+) {
+}

backend/src/main/java/com/mapbefine/mapbefine/auth/exception/AuthErrorCode.java

@@ -4,10 +4,11 @@
 
 @Getter
 public enum AuthErrorCode {
-    ILLEGAL_MEMBER_ID("03100", "로그인에 실패하였습니다."),
-    ILLEGAL_TOKEN("03101", "로그인에 실패하였습니다."),
-    FORBIDDEN_ADMIN_ACCESS("03102", "로그인에 실패하였습니다."),
-    BLOCKING_MEMBER_ACCESS("03103", "로그인에 실패하였습니다."),
+    ILLEGAL_MEMBER_ID("01100", "로그인에 실패하였습니다."),
+    ILLEGAL_TOKEN("01101", "로그인에 실패하였습니다."),
+    FORBIDDEN_ADMIN_ACCESS("01102", "로그인에 실패하였습니다."),
+    BLOCKING_MEMBER_ACCESS("01103", "로그인에 실패하였습니다."),
+    EXPIRED_TOKEN("01104", "기간이 만료된 토큰입니다.")
     ;
 
     private final String code;

backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/JwtTokenProvider.java

@@ -1,6 +1,11 @@
 package com.mapbefine.mapbefine.auth.infrastructure;
 
+import static com.mapbefine.mapbefine.auth.exception.AuthErrorCode.EXPIRED_TOKEN;
+import static com.mapbefine.mapbefine.auth.exception.AuthErrorCode.ILLEGAL_TOKEN;
+
+import com.mapbefine.mapbefine.auth.exception.AuthException.AuthUnauthorizedException;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jws;
 import io.jsonwebtoken.JwtException;
 import io.jsonwebtoken.Jwts;
@@ -10,13 +15,36 @@
 import org.springframework.stereotype.Component;
 
 @Component
-public class JwtTokenProvider {
-    @Value("${security.jwt.token.secret-key}")
-    private String secretKey;
-    @Value("${security.jwt.token.expire-length}")
-    private long validityInMilliseconds;
+public class JwtTokenProvider implements TokenProvider {
+
+    private static final String EMPTY = "";
+
+    private final String secretKey;
+    private final long accessExpirationTime;
+    private final long refreshExpirationTime;
+
+    public JwtTokenProvider(
+            @Value("${security.jwt.token.secret-key}")
+            String secretKey,
+            @Value("${security.jwt.token.access-expire-length}")
+            long accessExpirationTime,
+            @Value("${security.jwt.token.refresh-expire-length}")
+            long refreshExpirationTime
+    ) {
+        this.secretKey = secretKey;
+        this.accessExpirationTime = accessExpirationTime;
+        this.refreshExpirationTime = refreshExpirationTime;
+    }
 
-    public String createToken(String payload) {
+    public String createAccessToken(String payload) {
+        return createToken(payload, accessExpirationTime);
+    }
+
+    public String createRefreshToken() {
+        return createToken(EMPTY, refreshExpirationTime);
+    }
+
+    private String createToken(String payload, Long validityInMilliseconds) {
         Claims claims = Jwts.claims().setSubject(payload);
         Date now = new Date();
         Date validity = new Date(now.getTime() + validityInMilliseconds);
@@ -33,14 +61,40 @@ public String getPayload(String token) {
         return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();
     }
 
-    public boolean validateToken(String token) {
+    public void validateTokensForReissue(String refreshToken, String accessToken) {
+        boolean canReissueAccessToken = !isExpired(refreshToken) && isExpired(accessToken);
+        if (canReissueAccessToken) {
+            return;
+        }
+        throw new AuthUnauthorizedException(ILLEGAL_TOKEN);
+    }
+
+    public void validateTokensForRemoval(String refreshToken, String accessToken) {
+        boolean canRemoveRefreshToken = !isExpired(refreshToken) && !isExpired(accessToken);
+        if (canRemoveRefreshToken) {
+            return;
+        }
+        throw new AuthUnauthorizedException(EXPIRED_TOKEN);
+    }
+
+    public void validateAccessToken(String accessToken) {
+        if (isExpired(accessToken)) {
+            throw new AuthUnauthorizedException(EXPIRED_TOKEN);
+        }
+    }
+
+    private boolean isExpired(String token) {
         try {
             Jws<Claims> claims = Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
+            Date expiration = claims.getBody().getExpiration();
 
-            return !claims.getBody().getExpiration().before(new Date());
+            return expiration.before(new Date());
+        } catch (ExpiredJwtException e) {
+            return true;
         } catch (JwtException | IllegalArgumentException e) {
-            return false;
+            throw new AuthUnauthorizedException(ILLEGAL_TOKEN);
         }
     }
+
 }
 

backend/src/main/java/com/mapbefine/mapbefine/auth/infrastructure/TokenProvider.java

@@ -0,0 +1,16 @@
+package com.mapbefine.mapbefine.auth.infrastructure;
+
+public interface TokenProvider {
+
+    String createAccessToken(String payload);
+
+    String createRefreshToken();
+
+    String getPayload(String token);
+
+    void validateTokensForReissue(String refreshToken, String accessToken);
+
+    void validateTokensForRemoval(String refreshToken, String accessToken);
+
+    void validateAccessToken(String accessToken);
+}