diff --git a/src/main/java/com/finfellows/domain/auth/application/KakaoService.java b/src/main/java/com/finfellows/domain/auth/application/KakaoService.java index 4d724aa..19498f9 100644 --- a/src/main/java/com/finfellows/domain/auth/application/KakaoService.java +++ b/src/main/java/com/finfellows/domain/auth/application/KakaoService.java @@ -138,7 +138,7 @@ public void accessRequest() throws IOException { String redirectURL = KAKAO_SNS_URL + "?" + parameterString; log.info("redirectURL = ", redirectURL); -// response.sendRedirect(redirectURL); + response.sendRedirect(redirectURL); } @Transactional @@ -172,7 +172,7 @@ public KakaoProfile getKakaoProfile(String accessToken) { @Transactional - public AuthRes kakaoLogin(KakaoProfile kakaoProfile, HttpServletResponse response) { + public AuthRes kakaoLogin(KakaoProfile kakaoProfile) { // 이미 DB에 회원 정보가 저장되어 있으면 로그인 시키고, 없다면 DB에 등록 후 로그인. @@ -214,13 +214,13 @@ public AuthRes kakaoLogin(KakaoProfile kakaoProfile, HttpServletResponse respons // 쿠키 생성 및 설정 - Cookie refreshTokenCookie = new Cookie("refreshToken", tokenMapping.getRefreshToken()); - refreshTokenCookie.setMaxAge(14 * 24 * 60 * 60); // 유효기간 2주일 - refreshTokenCookie.setHttpOnly(true); - refreshTokenCookie.setPath("/"); - refreshTokenCookie.setSecure(true); +// Cookie refreshTokenCookie = new Cookie("refreshToken", tokenMapping.getRefreshToken()); +// refreshTokenCookie.setMaxAge(14 * 24 * 60 * 60); // 유효기간 2주일 +// refreshTokenCookie.setHttpOnly(true); +// refreshTokenCookie.setPath("/"); +// refreshTokenCookie.setSecure(true); - response.addCookie(refreshTokenCookie); +// response.addCookie(refreshTokenCookie); return AuthRes.builder() diff --git a/src/main/java/com/finfellows/domain/auth/presentation/AuthController.java b/src/main/java/com/finfellows/domain/auth/presentation/AuthController.java index f210f93..d4dfd1e 100644 --- a/src/main/java/com/finfellows/domain/auth/presentation/AuthController.java +++ b/src/main/java/com/finfellows/domain/auth/presentation/AuthController.java @@ -38,15 +38,15 @@ public class AuthController { private final KakaoService kakaoService; - @Operation(summary = "카카오 code 발급", description = "카카오 API 서버에 접근 권한을 인가하는 code를 발급받습니다.") - @ApiResponses(value = { - @ApiResponse(responseCode = "200", description = "code 발급 성공", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AuthRes.class))}), - @ApiResponse(responseCode = "400", description = "code 발급 실패", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorResponse.class))}), - }) - @GetMapping(value = "/login") - public void socialLoginRedirect() throws IOException { - kakaoService.accessRequest(); - } +// @Operation(summary = "카카오 code 발급", description = "카카오 API 서버에 접근 권한을 인가하는 code를 발급받습니다.") +// @ApiResponses(value = { +// @ApiResponse(responseCode = "200", description = "code 발급 성공", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = AuthRes.class))}), +// @ApiResponse(responseCode = "400", description = "code 발급 실패", content = {@Content(mediaType = "application/json", schema = @Schema(implementation = ErrorResponse.class))}), +// }) +// @GetMapping(value = "/login") +// public void socialLoginRedirect() throws IOException { +// kakaoService.accessRequest(); +// } @Operation(summary = "유저 정보 확인", description = "현재 접속 중인 유저의 정보를 확인합니다.") @ApiResponses(value = { @@ -67,14 +67,13 @@ public ResponseCustom whoAmI( }) @GetMapping(value = "/kakao/sign-in") public ResponseCustom kakaoCallback( - @Parameter(description = "code를 입력해주세요.", required = true) @RequestParam("code") String code, - HttpServletResponse response + @Parameter(description = "code를 입력해주세요.", required = true) @RequestParam("code") String code ) { String accessToken = kakaoService.getKakaoAccessToken(code); KakaoProfile kakaoProfile = kakaoService.getKakaoProfile(accessToken); - return ResponseCustom.OK(kakaoService.kakaoLogin(kakaoProfile, response)); + return ResponseCustom.OK(kakaoService.kakaoLogin(kakaoProfile)); } diff --git a/src/main/java/com/finfellows/global/config/security/CustomSameSiteConfig.java b/src/main/java/com/finfellows/global/config/security/CustomSameSiteConfig.java deleted file mode 100644 index c95930f..0000000 --- a/src/main/java/com/finfellows/global/config/security/CustomSameSiteConfig.java +++ /dev/null @@ -1,15 +0,0 @@ -package com.finfellows.global.config.security; - -import org.springframework.boot.web.servlet.server.CookieSameSiteSupplier; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -@Configuration(proxyBeanMethods = false) -public class CustomSameSiteConfig { - - @Bean - public CookieSameSiteSupplier applicationCookieSameSiteSupplier() { - return CookieSameSiteSupplier.ofNone().whenHasNameMatching(".*"); - } - -} diff --git a/src/main/java/com/finfellows/global/config/security/WebMvcConfig.java b/src/main/java/com/finfellows/global/config/security/WebMvcConfig.java index b39d834..29940fb 100644 --- a/src/main/java/com/finfellows/global/config/security/WebMvcConfig.java +++ b/src/main/java/com/finfellows/global/config/security/WebMvcConfig.java @@ -18,9 +18,8 @@ public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins(allowedOrigins) .allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS") - .allowedHeaders("Authorization", "Content-Type", "X-Requested-With", "Accept", "Origin", "Access-Control-Request-Method", "Access-Control-Request-Headers", "Cache-Control") + .allowedHeaders("*") .allowCredentials(true) - .exposedHeaders("Set-Cookie") .maxAge(MAX_AGE_SECS); }