|
8 | 8 | import com.wedvice.user.service.UserService; |
9 | 9 | import jakarta.servlet.http.Cookie; |
10 | 10 | import jakarta.servlet.http.HttpServletResponse; |
| 11 | +import java.time.Duration; |
11 | 12 | import java.util.HashMap; |
12 | 13 | import java.util.List; |
13 | 14 | import java.util.Map; |
@@ -72,107 +73,110 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti |
72 | 73 | ) |
73 | 74 |
|
74 | 75 | .oauth2Login(oauth2 -> oauth2 |
75 | | - .loginPage("/custom/redirect-to-oauth") |
76 | | - .authorizationEndpoint(auth -> auth.baseUri("/oauth2/authorization")) |
77 | | - .successHandler((request, response, authentication) -> { |
78 | | - OAuth2User oauth2User = (OAuth2User) authentication.getPrincipal(); |
79 | | - log.info("✅ 로그인 성공: " + oauth2User.getAttributes()); |
80 | | - |
81 | | - // ✅ 카카오 사용자 정보 추출 |
82 | | - Map<String, Object> kakaoAccount = (Map<String, Object>) oauth2User.getAttributes() |
83 | | - .get("kakao_account"); |
84 | | - Map<String, Object> profile = (Map<String, Object>) kakaoAccount.get("profile"); |
85 | | - |
86 | | - String oauthId = oauth2User.getAttribute("id").toString(); |
87 | | - String provider = "kakao"; |
88 | | - |
89 | | - String profileImageUrl = |
90 | | - profile.get("profile_image_url") != null ? profile.get("profile_image_url") |
91 | | - .toString() : null; |
92 | | - |
93 | | - // ✅ DB에 사용자 정보 저장 (이미 있으면 무시) |
94 | | - User user = userService.saveOrGetUser(oauthId, provider, profileImageUrl); |
95 | | - // ✅ JWT 생성 |
96 | | - String accessToken = jwtTokenProvider.generateAccessToken(user.getId().toString(), |
97 | | - user.getNickname(), user.getOauthId()); |
98 | | - String refreshToken = jwtTokenProvider.generateRefreshToken(user.getId().toString(), |
99 | | - user.getNickname(), user.getOauthId()); |
100 | | - user.updateRefreshToken(refreshToken); |
101 | | - |
102 | | - // ✅ 리다이렉션 URL 쿠키에서 추출 |
103 | | - String redirectUrl = "https://www.wedy.co.kr"; // fallback |
104 | | - boolean isLocalhost = false; |
105 | | - Cookie[] cookies = request.getCookies(); |
106 | | - if (cookies != null) { |
107 | | - for (Cookie cookie : cookies) { |
108 | | - if ("loginRedirectUrl".equals(cookie.getName())) { |
109 | | - redirectUrl = cookie.getValue(); |
110 | | - if (redirectUrl.contains("localhost")) { |
111 | | - log.info("[successHandler 쿠키] {} {}", cookie.getName(), cookie.getValue()); |
112 | | - isLocalhost = true; |
| 76 | + .loginPage("/custom/redirect-to-oauth") |
| 77 | + .authorizationEndpoint(auth -> auth.baseUri("/oauth2/authorization")) |
| 78 | + .successHandler((request, response, authentication) -> { |
| 79 | + OAuth2User oauth2User = (OAuth2User) authentication.getPrincipal(); |
| 80 | + log.info("✅ 로그인 성공: " + oauth2User.getAttributes()); |
| 81 | + |
| 82 | + // ✅ 카카오 사용자 정보 추출 |
| 83 | + Map<String, Object> kakaoAccount = (Map<String, Object>) oauth2User.getAttributes() |
| 84 | + .get("kakao_account"); |
| 85 | + Map<String, Object> profile = (Map<String, Object>) kakaoAccount.get("profile"); |
| 86 | + |
| 87 | + String oauthId = oauth2User.getAttribute("id").toString(); |
| 88 | + String provider = "kakao"; |
| 89 | + |
| 90 | + String profileImageUrl = |
| 91 | + profile.get("profile_image_url") != null ? profile.get("profile_image_url") |
| 92 | + .toString() : null; |
| 93 | + |
| 94 | + // ✅ DB에 사용자 정보 저장 (이미 있으면 무시) |
| 95 | + User user = userService.saveOrGetUser(oauthId, provider, profileImageUrl); |
| 96 | + // ✅ JWT 생성 |
| 97 | + String accessToken = jwtTokenProvider.generateAccessToken(user.getId().toString(), |
| 98 | + user.getNickname(), user.getOauthId()); |
| 99 | + String refreshToken = jwtTokenProvider.generateRefreshToken(user.getId().toString(), |
| 100 | + user.getNickname(), user.getOauthId()); |
| 101 | + user.updateRefreshToken(refreshToken); |
| 102 | + |
| 103 | + // ✅ 리다이렉션 URL 쿠키에서 추출 |
| 104 | + String redirectUrl = "https://www.wedy.co.kr"; // fallback |
| 105 | + boolean isLocalhost = false; |
| 106 | + Cookie[] cookies = request.getCookies(); |
| 107 | + if (cookies != null) { |
| 108 | + for (Cookie cookie : cookies) { |
| 109 | + if ("loginRedirectUrl".equals(cookie.getName())) { |
| 110 | + redirectUrl = cookie.getValue(); |
| 111 | + if (redirectUrl.contains("localhost")) { |
| 112 | + log.info("[successHandler 쿠키] {} {}", cookie.getName(), cookie.getValue()); |
| 113 | + isLocalhost = true; |
| 114 | + } |
| 115 | + break; |
| 116 | + } |
113 | 117 | } |
114 | | - break; |
115 | 118 | } |
116 | | - } |
117 | | - } |
118 | | - // ✅ 리다이렉션 쿠키 삭제 |
119 | | - ResponseCookie deleteCookie = ResponseCookie.from("loginRedirectUrl", "") |
120 | | - .path("/") |
121 | | - .httpOnly(true) |
122 | | - .secure(true) |
123 | | - .sameSite("Lax") |
124 | | - .maxAge(0) |
125 | | - .build(); |
126 | | - response.addHeader("Set-Cookie", deleteCookie.toString()); |
127 | | - |
128 | | - // ✅ Set-Cookie 헤더 직접 설정 |
129 | | - StringBuilder accessCookie = new StringBuilder(); |
130 | | - accessCookie.append("accessToken=").append(accessToken) |
131 | | - .append("; Path=/") |
132 | | - .append("; Max-Age=1800"); |
133 | | - if (!isLocalhost) { |
134 | | - accessCookie.append("; Secure; SameSite=None; Domain=wedy.co.kr"); |
135 | | - } |
136 | | - |
137 | | - StringBuilder refreshCookie = new StringBuilder(); |
138 | | - refreshCookie.append("refreshToken=").append(refreshToken) |
139 | | - .append("; Path=/") |
140 | | - .append("; Max-Age=").append(60 * 60 * 24 * 14) |
141 | | - .append("; HttpOnly"); |
142 | | - if (!isLocalhost) { |
143 | | - refreshCookie.append("; Secure; SameSite=None; Domain=wedy.co.kr"); |
144 | | - } |
145 | | - |
146 | | - response.addHeader("Set-Cookie", accessCookie.toString()); |
147 | | - response.addHeader("Set-Cookie", refreshCookie.toString()); |
148 | | - |
149 | | - // ✅ 리다이렉트 처리 |
150 | | - String host = request.getHeader("Host"); |
151 | | - |
152 | | - log.info("[success] host {}", host); |
153 | | - log.info("[success] redirectUrl {}", redirectUrl); |
154 | | - response.sendRedirect(redirectUrl); |
155 | | - }) |
156 | | - .failureHandler((request, response, exception) -> { |
157 | | - log.info("❌ 로그인 실패: {}", exception.getLocalizedMessage()); |
158 | | - String host = request.getHeader("Host"); |
159 | | - String referer = request.getHeader("Referer"); |
160 | | - |
161 | | - String redirectUrl; |
162 | | - |
163 | | - if ((host != null && host.contains("localhost")) || |
164 | | - (referer != null && referer.contains("localhost"))) { |
165 | | - redirectUrl = "http://localhost:3000/Redirection"; |
166 | | - } else { |
167 | | - redirectUrl = "https://www.wedy.co.kr/Redirection"; |
168 | | - } |
| 119 | + // ✅ 리다이렉션 쿠키 삭제 |
| 120 | + ResponseCookie deleteCookie = ResponseCookie.from("loginRedirectUrl", "") |
| 121 | + .path("/") |
| 122 | + .httpOnly(true) |
| 123 | + .secure(true) |
| 124 | + .sameSite("Lax") |
| 125 | + .maxAge(0) |
| 126 | + .build(); |
| 127 | + response.addHeader("Set-Cookie", deleteCookie.toString()); |
| 128 | + |
| 129 | + // ✅ Set-Cookie 헤더 직접 설정 |
| 130 | + StringBuilder accessCookie = new StringBuilder(); |
| 131 | + // ✅ accessToken 쿠키 |
| 132 | + ResponseCookie accessTokenCookie = ResponseCookie.from("accessToken", accessToken) |
| 133 | + .path("/") |
| 134 | + .maxAge(Duration.ofMinutes(5)) |
| 135 | + .httpOnly(false) // access는 FE가 읽을 수 있어야 함 |
| 136 | + .sameSite(isLocalhost ? "Lax" : "None") |
| 137 | + .secure(!isLocalhost) |
| 138 | + .domain(isLocalhost ? null : "wedy.co.kr") |
| 139 | + .build(); |
| 140 | + |
| 141 | +// ✅ refreshToken 쿠키 |
| 142 | + ResponseCookie refreshTokenCookie = ResponseCookie.from("refreshToken", refreshToken) |
| 143 | + .path("/") |
| 144 | + .maxAge(Duration.ofDays(14)) |
| 145 | + .httpOnly(true) |
| 146 | + .sameSite(isLocalhost ? "Lax" : "None") |
| 147 | + .secure(!isLocalhost) |
| 148 | + .domain(isLocalhost ? null : "wedy.co.kr") |
| 149 | + .build(); |
| 150 | + response.addHeader("Set-Cookie", accessTokenCookie.toString()); |
| 151 | + response.addHeader("Set-Cookie", refreshTokenCookie.toString()); |
| 152 | + |
| 153 | + // ✅ 리다이렉트 처리 |
| 154 | + String host = request.getHeader("Host"); |
| 155 | + |
| 156 | + log.info("[success] host {}", host); |
| 157 | + log.info("[success] redirectUrl {}", redirectUrl); |
| 158 | + response.sendRedirect(redirectUrl); |
| 159 | + }) |
| 160 | + .failureHandler((request, response, exception) -> { |
| 161 | + log.info("❌ 로그인 실패: {}", exception.getLocalizedMessage()); |
| 162 | + String host = request.getHeader("Host"); |
| 163 | + String referer = request.getHeader("Referer"); |
| 164 | + |
| 165 | + String redirectUrl; |
| 166 | + |
| 167 | + if ((host != null && host.contains("localhost")) || |
| 168 | + (referer != null && referer.contains("localhost"))) { |
| 169 | + redirectUrl = "http://localhost:3000/Redirection"; |
| 170 | + } else { |
| 171 | + redirectUrl = "https://www.wedy.co.kr/Redirection"; |
| 172 | + } |
169 | 173 |
|
170 | | - log.info("[fail] host {}", host); |
171 | | - log.info("[fail] referer {}", referer); |
172 | | - log.info("[fail] redirectUrl {}", redirectUrl); |
| 174 | + log.info("[fail] host {}", host); |
| 175 | + log.info("[fail] referer {}", referer); |
| 176 | + log.info("[fail] redirectUrl {}", redirectUrl); |
173 | 177 |
|
174 | | - response.sendRedirect(redirectUrl); |
175 | | - }) |
| 178 | + response.sendRedirect(redirectUrl); |
| 179 | + }) |
176 | 180 | ) |
177 | 181 | .logout(logout -> logout |
178 | 182 | .logoutUrl("/auth/logout") |
|
0 commit comments