MyongjiWay · sejineer · Aug 24, 2024 · Aug 21, 2024 · Aug 22, 2024 · Aug 22, 2024
diff --git a/core/core-api/src/main/kotlin/com/myongjiway/core/api/auth/security/domain/JwtProvider.kt b/core/core-api/src/main/kotlin/com/myongjiway/core/api/auth/security/domain/JwtProvider.kt
@@ -19,7 +19,7 @@ class JwtProvider(
 ) {
     fun validateAccessTokenFromRequest(servletRequest: ServletRequest, token: String?): Boolean {
         try {
-            tokenValidator.validateWithSecretKey(
+            tokenValidator.validate(
                 Keys.hmacShaKeyFor(jwtProperty.accessToken.secret.toByteArray()),
                 token!!,
             ).subject.toLong()
@@ -34,7 +34,7 @@ class JwtProvider(
         var user: User? = null
         try {
             val userId =
-                tokenValidator.validateWithSecretKey(
+                tokenValidator.validate(
                     Keys.hmacShaKeyFor(jwtProperty.accessToken.secret.toByteArray()),
                     token!!,
                 ).subject.toLong()

diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/error/CoreErrorType.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/error/CoreErrorType.kt
@@ -21,7 +21,7 @@ enum class CoreErrorType(
      * 토큰 관련 에러
      */
     UNAUTHORIZED_TOKEN(CoreErrorKind.SERVER_ERROR, CoreErrorCode.TOKEN0001, "토큰이 유효하지 않습니다. 로그인을 다시 해주세요.", CoreErrorLevel.INFO),
-    NOT_FOUND_TOKEN(CoreErrorKind.SERVER_ERROR, CoreErrorCode.TOKEN0002, "이미 로그아웃 된 유저입니다. 로그인을 다시 해주세요.", CoreErrorLevel.INFO),
+    TOKEN_NOT_FOUND(CoreErrorKind.SERVER_ERROR, CoreErrorCode.TOKEN0002, "이미 로그아웃 된 유저입니다. 로그인을 다시 해주세요.", CoreErrorLevel.INFO),
 
     /*
      * 공지사항 관련 에러

diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenGenerator.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenGenerator.kt
@@ -1,5 +1,6 @@
 package com.myongjiway.core.domain.token
 
+import io.jsonwebtoken.ExpiredJwtException
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.Jwts.SIG.HS512
 import io.jsonwebtoken.security.Keys
@@ -9,6 +10,8 @@ import java.util.Date
 @Component
 class TokenGenerator(
     private val jwtProperty: JwtProperty,
+    private val tokenValidator: TokenValidator,
+    private val tokenAppender: TokenAppender,
 ) {
     fun generateAccessTokenByUserId(userId: String): Token {
         val (expiration, secret) = getExpirationAndSecret(TokenType.ACCESS)
@@ -37,6 +40,18 @@ class TokenGenerator(
         )
     }
 
+    fun refresh(refreshToken: Token): Token {
+        val secret = getExpirationAndSecret(TokenType.REFRESH).second
+        try {
+            tokenValidator.validate(Keys.hmacShaKeyFor(secret.toByteArray()), refreshToken.token)
+        } catch (e: ExpiredJwtException) {
+            val newRefreshToken = generateRefreshTokenByUserId(refreshToken.userId)
+            tokenAppender.upsert(refreshToken.userId.toLong(), newRefreshToken.token, newRefreshToken.expiration)
+            return newRefreshToken
+        }
+        return refreshToken
+    }
+
     private fun getExpirationAndSecret(tokenType: TokenType) = when (tokenType) {
         TokenType.ACCESS -> jwtProperty.accessToken.expiration to jwtProperty.accessToken.secret
         TokenType.REFRESH -> jwtProperty.refreshToken.expiration to jwtProperty.refreshToken.secret

diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenReader.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenReader.kt
@@ -1,10 +1,12 @@
 package com.myongjiway.core.domain.token
 
+import com.myongjiway.core.domain.error.CoreErrorType
+import com.myongjiway.core.domain.error.CoreException
 import org.springframework.stereotype.Component
 
 @Component
 class TokenReader(
     private val tokenRepository: TokenRepository,
 ) {
-    fun findByToken(token: String): Token? = tokenRepository.find(token)
+    fun find(token: String): Token = tokenRepository.find(token) ?: throw CoreException(CoreErrorType.TOKEN_NOT_FOUND)
 }
diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenService.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenService.kt
@@ -1,41 +1,33 @@
 package com.myongjiway.core.domain.token
 
-import com.myongjiway.core.domain.error.CoreErrorType
 import com.myongjiway.core.domain.user.UserReader
 import org.springframework.stereotype.Service
 
 @Service
 class TokenService(
-    private val tokenAppender: TokenAppender,
     private val tokenGenerator: TokenGenerator,
     private val tokenReader: TokenReader,
     private val userReader: UserReader,
     private val tokenProcessor: TokenProcessor,
 ) {
+    /**
+     * RefreshToken을 이용하여 AccessToken을 재발급한다. RefreshToken 또한 만료되었다면 갱신한다.
+     * @param refreshData AccessToken을 재발급하기 위한 RefreshToken
+     * @return TokenResult 재발급된 AccessToken과 RefreshToken
+     */
     fun refresh(refreshData: RefreshData): TokenResult {
-        var refreshToken = tokenReader.findByToken(refreshData.refreshToken)
-            ?: throw com.myongjiway.core.domain.error.CoreException(CoreErrorType.UNAUTHORIZED_TOKEN)
+        var refreshToken = tokenReader.find(refreshData.refreshToken)
 
         val user = userReader.find(refreshToken.userId.toLong())
-            ?: throw com.myongjiway.core.domain.error.CoreException(CoreErrorType.USER_NOT_FOUND)
 
-        if (isExpired(refreshToken)) {
-            refreshToken = tokenGenerator.generateRefreshTokenByUserId(user.id.toString())
-            tokenAppender.upsert(user.id, refreshToken.token, refreshToken.expiration)
-        }
+        refreshToken = tokenGenerator.refresh(refreshToken)
 
         val newAccessToken = tokenGenerator.generateAccessTokenByUserId(user.id.toString())
         return TokenResult(newAccessToken.token, refreshToken.token)
     }
 
     fun delete(refreshToken: String) {
-        val findRefreshToken = (
-            tokenReader.findByToken(refreshToken)
-                ?: throw com.myongjiway.core.domain.error.CoreException(CoreErrorType.NOT_FOUND_TOKEN)
-            )
-
-        tokenProcessor.deleteToken(findRefreshToken.token)
+        val foundRefreshToken = tokenReader.find(refreshToken)
+        tokenProcessor.deleteToken(foundRefreshToken.token)
     }
-
-    private fun isExpired(refreshToken: Token?): Boolean = refreshToken?.expiration!! <= System.currentTimeMillis()
 }
diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenValidator.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/token/TokenValidator.kt
@@ -8,10 +8,10 @@ import javax.crypto.SecretKey
 
 @Component
 class TokenValidator {
-    fun validateWithPublicKey(key: PublicKey, token: String): Claims =
+    fun validate(key: PublicKey, token: String): Claims =
         validateToken { Jwts.parser().verifyWith(key).build().parseSignedClaims(token).payload }
 
-    fun validateWithSecretKey(key: SecretKey, token: String): Claims =
+    fun validate(key: SecretKey, token: String): Claims =
         validateToken { Jwts.parser().verifyWith(key).build().parseSignedClaims(token).payload }
 
     private inline fun validateToken(validation: () -> Claims): Claims = try {

diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/user/UserReader.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/user/UserReader.kt
@@ -1,11 +1,13 @@
 package com.myongjiway.core.domain.user
 
+import com.myongjiway.core.domain.error.CoreErrorType
+import com.myongjiway.core.domain.error.CoreException
 import org.springframework.stereotype.Component
 
 @Component
 class UserReader(
     private val userRepository: UserRepository,
 ) {
-    fun find(id: Long): User? = userRepository.findUserById(id)
-    fun find(providerId: String): User? = userRepository.findUserByProviderId(providerId)
+    fun find(id: Long): User = userRepository.findUserById(id) ?: throw CoreException(CoreErrorType.USER_NOT_FOUND)
+    fun find(providerId: String): User = userRepository.findUserByProviderId(providerId) ?: throw CoreException(CoreErrorType.USER_NOT_FOUND)
 }
diff --git a/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/user/UserService.kt b/core/core-domain/src/main/kotlin/com/myongjiway/core/domain/user/UserService.kt
@@ -4,7 +4,7 @@ import org.springframework.stereotype.Service
 
 @Service
 class UserService(
-    private val userUpdater: com.myongjiway.core.domain.user.UserUpdater,
+    private val userUpdater: UserUpdater,
 ) {
     fun inactive(providerId: String): Long = userUpdater.inactive(providerId)
 }
diff --git a/...n/com/myongjiway/CoreDomainContextTest.kt → ...iway/core/domain/CoreDomainContextTest.kt b/...n/com/myongjiway/CoreDomainContextTest.kt → ...iway/core/domain/CoreDomainContextTest.kt
@@ -1,4 +1,4 @@
-package com.myongjiway
+package com.myongjiway.core.domain
 
 import org.junit.jupiter.api.Tag
 import org.springframework.boot.test.context.SpringBootTest

diff --git a/...m/myongjiway/CoreDomainTestApplication.kt → .../core/domain/CoreDomainTestApplication.kt b/...m/myongjiway/CoreDomainTestApplication.kt → .../core/domain/CoreDomainTestApplication.kt
@@ -1,4 +1,4 @@
-package com.myongjiway
+package com.myongjiway.core.domain
 
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.context.properties.ConfigurationPropertiesScan

diff --git a/...way/buslocation/BusLocationServiceTest.kt → ...ain/buslocation/BusLocationServiceTest.kt b/...way/buslocation/BusLocationServiceTest.kt → ...ain/buslocation/BusLocationServiceTest.kt
diff --git a/...om/myongjiway/notice/NoticeCreatorTest.kt → ...y/core/domain/notice/NoticeCreatorTest.kt b/...om/myongjiway/notice/NoticeCreatorTest.kt → ...y/core/domain/notice/NoticeCreatorTest.kt
@@ -1,9 +1,5 @@
-package com.myongjiway.notice
+package com.myongjiway.core.domain.notice
 
-import com.myongjiway.core.domain.notice.NoticeCreator
-import com.myongjiway.core.domain.notice.NoticeMetadata
-import com.myongjiway.core.domain.notice.NoticeRepository
-import com.myongjiway.core.domain.notice.NoticeService
 import io.kotest.core.spec.style.FeatureSpec
 import io.mockk.Runs
 import io.mockk.every

diff --git a/...om/myongjiway/notice/NoticeDeleterTest.kt → ...y/core/domain/notice/NoticeDeleterTest.kt b/...om/myongjiway/notice/NoticeDeleterTest.kt → ...y/core/domain/notice/NoticeDeleterTest.kt
@@ -1,7 +1,6 @@
-package com.myongjiway.notice
+package com.myongjiway.core.domain.notice
 
 import com.myongjiway.core.domain.error.CoreErrorType
-import com.myongjiway.core.domain.notice.NoticeRepository
 import io.kotest.assertions.throwables.shouldThrow
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.shouldBe

diff --git a/...com/myongjiway/notice/NoticeFinderTest.kt → ...ay/core/domain/notice/NoticeFinderTest.kt b/...com/myongjiway/notice/NoticeFinderTest.kt → ...ay/core/domain/notice/NoticeFinderTest.kt
@@ -1,10 +1,5 @@
-package com.myongjiway.notice
+package com.myongjiway.core.domain.notice
 
-import com.myongjiway.core.domain.notice.NoticeFinder
-import com.myongjiway.core.domain.notice.NoticeMetadata
-import com.myongjiway.core.domain.notice.NoticeRepository
-import com.myongjiway.core.domain.notice.NoticeService
-import com.myongjiway.core.domain.notice.NoticeView
 import com.myongjiway.core.domain.usernotice.UserNotice
 import com.myongjiway.core.domain.usernotice.UserNoticeRepository
 import io.kotest.core.spec.style.FeatureSpec

diff --git a/...om/myongjiway/notice/NoticeUpdaterTest.kt → ...y/core/domain/notice/NoticeUpdaterTest.kt b/...om/myongjiway/notice/NoticeUpdaterTest.kt → ...y/core/domain/notice/NoticeUpdaterTest.kt
@@ -1,10 +1,5 @@
-package com.myongjiway.notice
+package com.myongjiway.core.domain.notice
 
-import com.myongjiway.core.domain.notice.NoticeMetadata
-import com.myongjiway.core.domain.notice.NoticeRepository
-import com.myongjiway.core.domain.notice.NoticeService
-import com.myongjiway.core.domain.notice.NoticeUpdater
-import com.myongjiway.core.domain.notice.NoticeView
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.collections.shouldHaveSize
 import io.kotest.matchers.shouldBe

diff --git a/...com/myongjiway/token/TokenAppenderTest.kt → ...ay/core/domain/token/TokenAppenderTest.kt b/...com/myongjiway/token/TokenAppenderTest.kt → ...ay/core/domain/token/TokenAppenderTest.kt
@@ -1,7 +1,5 @@
-package com.myongjiway.token
+package com.myongjiway.core.domain.token
 
-import com.myongjiway.core.domain.token.TokenAppender
-import com.myongjiway.core.domain.token.TokenRepository
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.shouldBe
 import io.mockk.every

diff --git a/...om/myongjiway/token/TokenGeneratorTest.kt → ...y/core/domain/token/TokenGeneratorTest.kt b/...om/myongjiway/token/TokenGeneratorTest.kt → ...y/core/domain/token/TokenGeneratorTest.kt
@@ -1,33 +1,36 @@
-package com.myongjiway.token
+package com.myongjiway.core.domain.token
 
-import com.myongjiway.core.domain.token.JwtProperty
-import com.myongjiway.core.domain.token.Token
-import com.myongjiway.core.domain.token.TokenGenerator
-import com.myongjiway.core.domain.token.TokenType
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.shouldBe
 import io.kotest.matchers.types.shouldBeInstanceOf
+import io.mockk.mockk
 import java.util.Date
 
 class TokenGeneratorTest :
     FeatureSpec(
         {
             lateinit var jwtProperty: JwtProperty
+            lateinit var tokenValidator: TokenValidator
+            lateinit var tokenAppender: TokenAppender
             lateinit var sut: TokenGenerator
             val userId = "1234"
 
             beforeTest {
                 jwtProperty = JwtProperty().apply {
                     accessToken = JwtProperty.TokenProperties().apply {
                         expiration = 10000
-                        secret = "lnp1ISIafo9E+U+xZ4xr0kaRGD5uNVCT1tiJ8gXmqWvp32L7JoXC9EjAy0z2F6NVSwrKLxbCkpzT+DZJazy3Pg=="
+                        secret =
+                            "lnp1ISIafo9E+U+xZ4xr0kaRGD5uNVCT1tiJ8gXmqWvp32L7JoXC9EjAy0z2F6NVSwrKLxbCkpzT+DZJazy3Pg=="
                     }
                     refreshToken = JwtProperty.TokenProperties().apply {
                         expiration = 1000000
-                        secret = "lnp1ISIafo9E+U+xZ4xr0kaRGD5uNVCT1tiJ8gXmqWvp32L7JoXC9EjAy0z2F6NVSwrKLxbCkpzT+DZJazy3Pg=="
+                        secret =
+                            "lnp1ISIafo9E+U+xZ4xr0kaRGD5uNVCT1tiJ8gXmqWvp32L7JoXC9EjAy0z2F6NVSwrKLxbCkpzT+DZJazy3Pg=="
                     }
                 }
-                sut = TokenGenerator(jwtProperty)
+                tokenAppender = mockk()
+                tokenValidator = mockk()
+                sut = TokenGenerator(jwtProperty, tokenValidator, tokenAppender)
             }
 
             feature("토큰 생성") {

diff --git a/...om/myongjiway/token/TokenProcessorTest.kt → ...y/core/domain/token/TokenProcessorTest.kt b/...om/myongjiway/token/TokenProcessorTest.kt → ...y/core/domain/token/TokenProcessorTest.kt
@@ -1,7 +1,5 @@
-package com.myongjiway.token
+package com.myongjiway.core.domain.token
 
-import com.myongjiway.core.domain.token.TokenProcessor
-import com.myongjiway.core.domain.token.TokenRepository
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.shouldBe
 import io.mockk.every

diff --git a/...n/com/myongjiway/token/TokenReaderTest.kt → ...iway/core/domain/token/TokenReaderTest.kt b/...n/com/myongjiway/token/TokenReaderTest.kt → ...iway/core/domain/token/TokenReaderTest.kt
@@ -1,9 +1,7 @@
-package com.myongjiway.token
+package com.myongjiway.core.domain.token
 
-import com.myongjiway.core.domain.token.Token
-import com.myongjiway.core.domain.token.TokenReader
-import com.myongjiway.core.domain.token.TokenRepository
-import com.myongjiway.core.domain.token.TokenType
+import com.myongjiway.core.domain.error.CoreErrorType
+import com.myongjiway.core.domain.error.CoreException
 import io.kotest.core.spec.style.FeatureSpec
 import io.kotest.matchers.shouldBe
 import io.mockk.every
@@ -32,22 +30,22 @@ class TokenReaderTest :
                     )
 
                     // when
-                    val refreshToken = sut.findByToken(token)
+                    val refreshToken = sut.find(token)
 
                     // then
                     refreshToken?.token shouldBe token
                     refreshToken?.userId shouldBe "1000"
                 }
 
-                scenario("토큰이 존재하지 않으면 null을 반환한다.") {
+                scenario("토큰이 존재하지 않으면 TOKEN_NOT_FOUND 에러를 반환한다.") {
                     // given
-                    every { tokenRepository.find("token") } returns null
+                    every { tokenRepository.find("token") } throws CoreException(CoreErrorType.TOKEN_NOT_FOUND)
 
                     // when
-                    val refreshToken = sut.findByToken("token")
+                    val actual = kotlin.runCatching { sut.find("token") }
 
                     // then
-                    refreshToken shouldBe null
+                    actual.exceptionOrNull() shouldBe CoreException(CoreErrorType.TOKEN_NOT_FOUND)
                 }
             }
         },