4
4
import java .util .Collections ;
5
5
import lombok .RequiredArgsConstructor ;
6
6
import lombok .extern .slf4j .Slf4j ;
7
- import org .springframework .security .core .Authentication ;
8
7
import org .springframework .security .core .authority .SimpleGrantedAuthority ;
9
8
import org .springframework .security .core .context .SecurityContextHolder ;
10
9
import org .springframework .stereotype .Service ;
@@ -48,26 +47,24 @@ public TokenServiceResponse kakaoLogin(String code) throws JsonProcessingExcepti
48
47
@ Transactional
49
48
public void logout (TokenServiceRequest tokenServiceRequest ) {
50
49
String accessToken = tokenServiceRequest .getAccessToken ();
50
+ String refreshToken = tokenServiceRequest .getRefreshToken ();
51
51
52
52
if (accessToken == null || !tokenProvider .validate (accessToken )) {
53
53
throw new CustomException (ErrorCode .INVALID_ACCESS_TOKEN );
54
54
}
55
55
56
56
long expiration = tokenProvider .getExpiration (accessToken );
57
-
58
57
blacklistTokenRedisRepository .save (BlacklistToken .builder ()
59
58
.token (accessToken )
60
59
.expiration (expiration / 1000 )
61
60
.build ());
62
61
63
- Authentication authentication = tokenProvider .getAuthentication (accessToken );
64
- String userId = authentication .getName ();
65
-
66
- refreshTokenRedisRepository .deleteById (userId );
62
+ refreshTokenRedisRepository .deleteById (refreshToken );
67
63
68
64
SecurityContextHolder .clearContext ();
69
65
}
70
66
67
+ @ Transactional
71
68
public TokenServiceResponse reissueAccessToken (TokenServiceRequest tokenServiceRequest ) {
72
69
String refreshToken = tokenServiceRequest .getRefreshToken ();
73
70
@@ -76,34 +73,44 @@ public TokenServiceResponse reissueAccessToken(TokenServiceRequest tokenServiceR
76
73
throw new CustomException (ErrorCode .INVALID_REFRESH_TOKEN );
77
74
}
78
75
79
- RefreshToken findToken = refreshTokenRedisRepository .findByRefreshToken (refreshToken );
76
+ RefreshToken findToken = refreshTokenRedisRepository .findById (refreshToken )
77
+ .orElseThrow (() -> new CustomException (
78
+ ErrorCode .NOT_EXIST_REFRESH_TOKEN ));
79
+ refreshTokenRedisRepository .deleteById (refreshToken );
80
80
81
+ // 새 AccessToken 생성
81
82
TokenServiceResponse tokenServiceResponse = tokenProvider .createToken (
82
83
String .valueOf (findToken .getId ()),
83
84
findToken .getEmail (),
84
- findToken .getAuthority ());
85
-
86
- refreshTokenRedisRepository .save (RefreshToken .builder ()
87
- .id (findToken .getId ())
88
- .email (findToken .getEmail ())
89
- .authorities (findToken .getAuthorities ())
90
- .refreshToken (tokenServiceResponse .getRefreshToken ())
91
- .build ());
85
+ findToken .getAuthority ()
86
+ );
87
+
88
+ // 새로 발급된 RefreshToken 을 다시 저장
89
+ refreshTokenRedisRepository .save (
90
+ RefreshToken .builder ()
91
+ .id (findToken .getId ())
92
+ .email (findToken .getEmail ())
93
+ .authorities (findToken .getAuthorities ())
94
+ .refreshToken (tokenServiceResponse .getRefreshToken ())
95
+ .build ()
96
+ );
92
97
93
98
SecurityContextHolder .getContext ()
94
99
.setAuthentication (
95
- tokenProvider .getAuthentication (tokenServiceResponse .getAccessToken ()));
100
+ tokenProvider .getAuthentication (tokenServiceResponse .getAccessToken ())
101
+ );
96
102
97
103
return tokenServiceResponse ;
98
104
}
99
105
100
106
private void saveRefreshTokenOnRedis (User user , TokenServiceResponse response ) {
101
- refreshTokenRedisRepository .save (RefreshToken .builder ()
102
- .id (user .getId ())
103
- .email (user .getEmail ())
104
- .authorities (Collections .singleton (
105
- new SimpleGrantedAuthority ("USER" )))
106
- .refreshToken (response .getRefreshToken ())
107
- .build ());
107
+ RefreshToken refreshToken = RefreshToken .builder ()
108
+ .id (user .getId ())
109
+ .email (user .getEmail ())
110
+ .authorities (Collections .singleton (
111
+ new SimpleGrantedAuthority ("USER" )))
112
+ .refreshToken (response .getRefreshToken ())
113
+ .build ();
114
+ refreshTokenRedisRepository .save (refreshToken );
108
115
}
109
116
}
0 commit comments