2626@ RequiredArgsConstructor
2727public class JwtProvider {
2828
29- private final JwtProperties jwtProperties ;
29+ @ Value ("${jwt.secret}" )
30+ private String secretKey ;
31+
3032 private final Long accessValidityInSecs = 86400000L ; // 1일 (24시간)
3133 private final Long refreshValidityInSecs = 7L * 86400000L ; // 7일 (1주일)
3234
@@ -40,11 +42,11 @@ public String createAccessToken(Long userId) {
4042 Date validity = new Date (now .getTime () + accessValidityInSecs );
4143
4244 return Jwts .builder ()
43- .setClaims (claims )
44- .setIssuedAt (now )
45- .setExpiration (validity )
46- .signWith (SignatureAlgorithm .HS256 , jwtProperties . getSecret () )
47- .compact ();
45+ .setClaims (claims )
46+ .setIssuedAt (now )
47+ .setExpiration (validity )
48+ .signWith (SignatureAlgorithm .HS256 , secretKey )
49+ .compact ();
4850 }
4951
5052 // 리프레시 토큰 발급
@@ -53,10 +55,10 @@ public String createRefreshToken() {
5355 Date validity = new Date (now .getTime () + refreshValidityInSecs );
5456
5557 return Jwts .builder ()
56- .setIssuedAt (now )
57- .setExpiration (validity )
58- .signWith (SignatureAlgorithm .HS256 , jwtProperties . getSecret () )
59- .compact ();
58+ .setIssuedAt (now )
59+ .setExpiration (validity )
60+ .signWith (SignatureAlgorithm .HS256 , secretKey )
61+ .compact ();
6062 }
6163
6264 public String getUserId (String token ) {
@@ -66,10 +68,10 @@ public String getUserId(String token) {
6668 private Claims getClaims (String token ) {
6769 try {
6870 return Jwts .parserBuilder ()
69- .setSigningKey (jwtProperties . getSecret () )
70- .build ()
71- .parseClaimsJws (token )
72- .getBody ();
71+ .setSigningKey (secretKey )
72+ .build ()
73+ .parseClaimsJws (token )
74+ .getBody ();
7375 } catch (ExpiredJwtException e ) {
7476 throw new JwtAuthenticationException (ErrorCode .ACCESS_TOKEN_EXPIRED );
7577 } catch (SignatureException e ) {
@@ -92,20 +94,20 @@ public String extractToken(String bearerToken) {
9294
9395 public Authentication getAuthentication (String token ) {
9496 CustomUserDetails customUserDetails = customUserDetailsService .loadUserByUsername (
95- getUserId (token )
97+ getUserId (token )
9698 );
9799
98100 return new UsernamePasswordAuthenticationToken (customUserDetails ,
99- customUserDetails .getPassword ());
101+ customUserDetails .getPassword ());
100102 }
101103
102104 public boolean isRefreshTokenExpired (String refreshToken ) {
103105 try {
104106 Claims claims = Jwts .parserBuilder ()
105- .setSigningKey (jwtProperties . getSecret () ) // 서명 키 설정
106- .build ()
107- .parseClaimsJws (refreshToken )
108- .getBody ();
107+ .setSigningKey (secretKey ) // 서명 키 설정
108+ .build ()
109+ .parseClaimsJws (refreshToken )
110+ .getBody ();
109111
110112 Date expiration = claims .getExpiration ();
111113 return expiration .before (new Date ()); // 만료 시간이 현재 시간보다 이전이면 만료됨
@@ -115,15 +117,19 @@ public boolean isRefreshTokenExpired(String refreshToken) {
115117 }
116118
117119 public RefreshTokenResponse recreateAccessToken (String refreshToken ) {
118- // 1. 토큰 존재 여부 확인
120+ // 유저에게 등록된 리프레시 토큰인지 확인
119121 RefreshToken existsRefreshToken = refreshTokenRepository .findByToken (refreshToken )
120- .orElseThrow (() -> new RefreshTokenException (ErrorCode .REFRESH_TOKEN_NOT_FOUND ));
121- // 2. 토큰 만료 여부 검사
122+ .orElseThrow (
123+ () -> new RefreshTokenException (ErrorCode .REFRESH_TOKEN_NOT_FOUND ));
124+ if (!existsRefreshToken .equals (refreshToken )) {
125+ new RefreshTokenException (ErrorCode .REFRESH_TOKEN_INVALID );
126+ }
127+ // 만료된 리프레시 토큰인지 확인
122128 if (isRefreshTokenExpired (refreshToken )) {
123129 throw new RefreshTokenException (ErrorCode .REFRESH_TOKEN_EXPIRED );
124130 }
125- // 3. 새로운 Access Token 생성
126- String accessToken = createAccessToken (existsRefreshToken .getUser ().getId ());
131+ // 해당 리프레시 토큰의 유저 정보를 통해 다시 엑세스 토큰 생성
132+ String accessToken = createAccessToken (Long . valueOf ( existsRefreshToken .getUser ().getId () ));
127133 return new RefreshTokenResponse (accessToken );
128134 }
129135
0 commit comments