From d33d3a7af94d93040485d1bb7eb9e28a7f01353c Mon Sep 17 00:00:00 2001 From: Jeongmo Seo Date: Sun, 17 Aug 2025 19:08:26 +0900 Subject: [PATCH] =?UTF-8?q?:bug:=20fix:=20=ED=86=A0=ED=81=B0=20=EC=97=86?= =?UTF-8?q?=EB=8A=94=20=EA=B2=BD=EC=9A=B0=20400=EC=9C=BC=EB=A1=9C=20?= =?UTF-8?q?=EC=97=90=EB=9F=AC=20=EC=B2=98=EB=A6=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../service/command/AuthCommandServiceImpl.java | 12 ++++++++++-- .../global/error/code/TokenErrorCode.java | 3 ++- .../security/handler/CustomLogoutHandler.java | 17 ++++++++++++++--- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/withtime/be/withtimebe/domain/auth/service/command/AuthCommandServiceImpl.java b/src/main/java/org/withtime/be/withtimebe/domain/auth/service/command/AuthCommandServiceImpl.java index 4b2372d..b67cc1c 100644 --- a/src/main/java/org/withtime/be/withtimebe/domain/auth/service/command/AuthCommandServiceImpl.java +++ b/src/main/java/org/withtime/be/withtimebe/domain/auth/service/command/AuthCommandServiceImpl.java @@ -104,10 +104,18 @@ private Long getUserId(String token) { } private String getAccessToken(HttpServletRequest request) { - return CookieUtil.getCookie(request, AuthenticationConstants.ACCESS_TOKEN_NAME); + return this.getInCookie(request, AuthenticationConstants.ACCESS_TOKEN_NAME); } private String getRefreshToken(HttpServletRequest request) { - return CookieUtil.getCookie(request, AuthenticationConstants.REFRESH_TOKEN_NAME); + return this.getInCookie(request, AuthenticationConstants.REFRESH_TOKEN_NAME); + } + + private String getInCookie(HttpServletRequest request, String name) { + String cookieValue = CookieUtil.getCookie(request, name); + if (cookieValue == null) { + throw new TokenException(TokenErrorCode.NOT_EXISTS_TOKEN); + } + return cookieValue; } } diff --git a/src/main/java/org/withtime/be/withtimebe/global/error/code/TokenErrorCode.java b/src/main/java/org/withtime/be/withtimebe/global/error/code/TokenErrorCode.java index 972ccea..cb0be30 100644 --- a/src/main/java/org/withtime/be/withtimebe/global/error/code/TokenErrorCode.java +++ b/src/main/java/org/withtime/be/withtimebe/global/error/code/TokenErrorCode.java @@ -9,7 +9,8 @@ public enum TokenErrorCode implements BaseErrorCode { TOKEN_EXPIRED(HttpStatus.UNAUTHORIZED, "TOKEN401_1", "토큰의 기한이 만료되었습니다."), - INVALID_REFRESH_TOKEN(HttpStatus.UNAUTHORIZED, "TOKEN401_2", "리프레시 토큰이 유효하지 않습니다.") + INVALID_REFRESH_TOKEN(HttpStatus.UNAUTHORIZED, "TOKEN401_2", "리프레시 토큰이 유효하지 않습니다."), + NOT_EXISTS_TOKEN(HttpStatus.BAD_REQUEST, "TOKEN400_1", "토큰이 존재하지 않습니다."), ; private final HttpStatus httpStatus; diff --git a/src/main/java/org/withtime/be/withtimebe/global/security/handler/CustomLogoutHandler.java b/src/main/java/org/withtime/be/withtimebe/global/security/handler/CustomLogoutHandler.java index 844b82a..5df7b67 100644 --- a/src/main/java/org/withtime/be/withtimebe/global/security/handler/CustomLogoutHandler.java +++ b/src/main/java/org/withtime/be/withtimebe/global/security/handler/CustomLogoutHandler.java @@ -7,6 +7,8 @@ import org.withtime.be.withtimebe.domain.auth.service.command.TokenStorageCommandService; import org.withtime.be.withtimebe.domain.auth.service.query.TokenQueryService; import org.withtime.be.withtimebe.domain.auth.service.query.TokenStorageQueryService; +import org.withtime.be.withtimebe.global.error.code.TokenErrorCode; +import org.withtime.be.withtimebe.global.error.exception.TokenException; import org.withtime.be.withtimebe.global.security.constants.AuthenticationConstants; import org.withtime.be.withtimebe.global.util.CookieUtil; @@ -39,9 +41,18 @@ private Long getUserId(String token) { } private String getAccessToken(HttpServletRequest request) { - return CookieUtil.getCookie(request, AuthenticationConstants.ACCESS_TOKEN_NAME); + return this.getInCookie(request, AuthenticationConstants.ACCESS_TOKEN_NAME); } private String getRefreshToken(HttpServletRequest request) { - return CookieUtil.getCookie(request, AuthenticationConstants.REFRESH_TOKEN_NAME); - }} + return this.getInCookie(request, AuthenticationConstants.REFRESH_TOKEN_NAME); + } + + private String getInCookie(HttpServletRequest request, String name) { + String cookieValue = CookieUtil.getCookie(request, name); + if (cookieValue == null) { + throw new TokenException(TokenErrorCode.NOT_EXISTS_TOKEN); + } + return cookieValue; + } +}