@@ -73,110 +73,117 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
7373 )
7474
7575 .oauth2Login (oauth2 -> oauth2
76- .loginPage ("/custom/redirect-to-oauth" )
77- .authorizationEndpoint (auth -> auth .baseUri ("/oauth2/authorization" ))
78- .successHandler ((request , response , authentication ) -> {
79- OAuth2User oauth2User = (OAuth2User ) authentication .getPrincipal ();
80- log .info ("✅ 로그인 성공: " + oauth2User .getAttributes ());
81-
82- // ✅ 카카오 사용자 정보 추출
83- Map <String , Object > kakaoAccount = (Map <String , Object >) oauth2User .getAttributes ()
84- .get ("kakao_account" );
85- Map <String , Object > profile = (Map <String , Object >) kakaoAccount .get ("profile" );
86-
87- String oauthId = oauth2User .getAttribute ("id" ).toString ();
88- String provider = "kakao" ;
89-
90- String profileImageUrl =
91- profile .get ("profile_image_url" ) != null ? profile .get ("profile_image_url" )
92- .toString () : null ;
93-
94- // ✅ DB에 사용자 정보 저장 (이미 있으면 무시)
95- User user = userService .saveOrGetUser (oauthId , provider , profileImageUrl );
96- // ✅ JWT 생성
97- String accessToken = jwtTokenProvider .generateAccessToken (user .getId ().toString (),
98- user .getNickname (), user .getOauthId ());
99- String refreshToken = jwtTokenProvider .generateRefreshToken (user .getId ().toString (),
100- user .getNickname (), user .getOauthId ());
101- user .updateRefreshToken (refreshToken );
102-
103- // ✅ 리다이렉션 URL 쿠키에서 추출
104- String redirectUrl = "https://www.wedy.co.kr" ; // fallback
105- boolean isLocalhost = false ;
106- Cookie [] cookies = request .getCookies ();
107- if (cookies != null ) {
108- for (Cookie cookie : cookies ) {
109- if ("loginRedirectUrl" .equals (cookie .getName ())) {
110- redirectUrl = cookie .getValue ();
111- if (redirectUrl .contains ("localhost" )) {
112- log .info ("[successHandler 쿠키] {} {}" , cookie .getName (), cookie .getValue ());
113- isLocalhost = true ;
114- }
115- break ;
116- }
76+ .loginPage ("/custom/redirect-to-oauth" )
77+ .authorizationEndpoint (auth -> auth .baseUri ("/oauth2/authorization" ))
78+ .successHandler ((request , response , authentication ) -> {
79+ OAuth2User oauth2User = (OAuth2User ) authentication .getPrincipal ();
80+ log .info ("✅ 로그인 성공: " + oauth2User .getAttributes ());
81+
82+ // ✅ 카카오 사용자 정보 추출
83+ Map <String , Object > kakaoAccount = (Map <String , Object >) oauth2User .getAttributes ()
84+ .get ("kakao_account" );
85+ Map <String , Object > profile = (Map <String , Object >) kakaoAccount .get ("profile" );
86+
87+ String oauthId = oauth2User .getAttribute ("id" ).toString ();
88+ String provider = "kakao" ;
89+
90+ String profileImageUrl =
91+ profile .get ("profile_image_url" ) != null ? profile .get ("profile_image_url" )
92+ .toString () : null ;
93+
94+ // ✅ DB에 사용자 정보 저장 (이미 있으면 무시)
95+ User user = userService .saveOrGetUser (oauthId , provider , profileImageUrl );
96+ // ✅ JWT 생성
97+ String accessToken = jwtTokenProvider .generateAccessToken (user .getId ().toString (),
98+ user .getNickname (), user .getOauthId ());
99+ String refreshToken = jwtTokenProvider .generateRefreshToken (user .getId ().toString (),
100+ user .getNickname (), user .getOauthId ());
101+ user .updateRefreshToken (refreshToken );
102+
103+ // ✅ 리다이렉션 URL 쿠키에서 추출
104+ String redirectUrl = "https://www.wedy.co.kr" ; // fallback
105+ boolean isLocalhost = false ;
106+ Cookie [] cookies = request .getCookies ();
107+ if (cookies != null ) {
108+ for (Cookie cookie : cookies ) {
109+ if ("loginRedirectUrl" .equals (cookie .getName ())) {
110+ redirectUrl = cookie .getValue ();
111+ if (redirectUrl .contains ("localhost" )) {
112+ log .info ("[successHandler 쿠키] {} {}" , cookie .getName (), cookie .getValue ());
113+ isLocalhost = true ;
117114 }
115+ break ;
118116 }
119- // ✅ 리다이렉션 쿠키 삭제
120- ResponseCookie deleteCookie = ResponseCookie .from ("loginRedirectUrl" , "" )
121- .path ("/" )
122- .httpOnly (true )
123- .secure (true )
124- .sameSite ("Lax" )
125- .maxAge (0 )
126- .build ();
127- response .addHeader ("Set-Cookie" , deleteCookie .toString ());
128-
129- // ✅ Set-Cookie 헤더 직접 설정
130- StringBuilder accessCookie = new StringBuilder ();
131- // ✅ accessToken 쿠키
132- ResponseCookie accessTokenCookie = ResponseCookie .from ("accessToken" , accessToken )
133- .path ("/" )
134- .maxAge (Duration .ofMinutes (5 ))
135- .httpOnly (false ) // access는 FE가 읽을 수 있어야 함
136- .sameSite (isLocalhost ? "Lax" : "None" )
137- .secure (!isLocalhost )
138- .domain (isLocalhost ? null : "wedy.co.kr" )
139- .build ();
140-
141- // ✅ refreshToken 쿠키
142- ResponseCookie refreshTokenCookie = ResponseCookie .from ("refreshToken" , refreshToken )
143- .path ("/" )
144- .maxAge (Duration .ofDays (14 ))
145- .httpOnly (true )
146- .sameSite (isLocalhost ? "Lax" : "None" )
147- .secure (!isLocalhost )
148- .domain (isLocalhost ? null : "wedy.co.kr" )
149- .build ();
150- response .addHeader ("Set-Cookie" , accessTokenCookie .toString ());
151- response .addHeader ("Set-Cookie" , refreshTokenCookie .toString ());
152-
153- // ✅ 리다이렉트 처리
154- String host = request .getHeader ("Host" );
155-
156- log .info ("[success] host {}" , host );
157- log .info ("[success] redirectUrl {}" , redirectUrl );
158- response .sendRedirect (redirectUrl );
159- })
160- .failureHandler ((request , response , exception ) -> {
161- log .info ("❌ 로그인 실패: {}" , exception .getLocalizedMessage ());
162- String host = request .getHeader ("Host" );
163- String referer = request .getHeader ("Referer" );
164-
165- String redirectUrl ;
166-
167- if ((host != null && host .contains ("localhost" )) ||
168- (referer != null && referer .contains ("localhost" ))) {
169- redirectUrl = "http://localhost:3000/Redirection" ;
170- } else {
171- redirectUrl = "https://www.wedy.co.kr/Redirection" ;
172- }
117+ }
118+ }
119+ // ✅ 리다이렉션 쿠키 삭제
120+ ResponseCookie deleteCookie = ResponseCookie .from ("loginRedirectUrl" , "" )
121+ .path ("/" )
122+ .httpOnly (true )
123+ .secure (true )
124+ .sameSite ("Lax" )
125+ .maxAge (0 )
126+ .build ();
127+ response .addHeader ("Set-Cookie" , deleteCookie .toString ());
128+
129+ // ✅ accessToken 쿠키 설정
130+ ResponseCookie .ResponseCookieBuilder accessTokenCookieBuilder = ResponseCookie .from (
131+ "accessToken" , accessToken )
132+ .path ("/" )
133+ .maxAge (Duration .ofMinutes (5 ))
134+ .httpOnly (false ) // FE가 읽어야 하므로 false
135+ .sameSite (isLocalhost ? "Lax" : "None" )
136+ .secure (!isLocalhost );
137+
138+ if (!isLocalhost ) {
139+ accessTokenCookieBuilder .domain ("wedy.co.kr" );
140+ }
141+ ResponseCookie accessTokenCookie = accessTokenCookieBuilder .build ();
142+
143+ // ✅ refreshToken 쿠키 설정
144+ ResponseCookie .ResponseCookieBuilder refreshTokenCookieBuilder = ResponseCookie .from (
145+ "refreshToken" , refreshToken )
146+ .path ("/" )
147+ .maxAge (Duration .ofDays (14 ))
148+ .httpOnly (true ) // FE에서 접근 못하게
149+ .sameSite (isLocalhost ? "Lax" : "None" )
150+ .secure (!isLocalhost );
151+
152+ if (!isLocalhost ) {
153+ refreshTokenCookieBuilder .domain ("wedy.co.kr" );
154+ }
155+ ResponseCookie refreshTokenCookie = refreshTokenCookieBuilder .build ();
156+
157+ response .addHeader ("Set-Cookie" , accessTokenCookie .toString ());
158+ response .addHeader ("Set-Cookie" , refreshTokenCookie .toString ());
159+
160+ // ✅ 리다이렉트 처리
161+ String host = request .getHeader ("Host" );
162+
163+ log .info ("[success] host {}" , host );
164+ log .info ("[success] redirectUrl {}" , redirectUrl );
165+ response .sendRedirect (redirectUrl );
166+ })
167+ .failureHandler ((request , response , exception ) -> {
168+ log .info ("❌ 로그인 실패: {}" , exception .getLocalizedMessage ());
169+ String host = request .getHeader ("Host" );
170+ String referer = request .getHeader ("Referer" );
171+
172+ String redirectUrl ;
173173
174- log .info ("[fail] host {}" , host );
175- log .info ("[fail] referer {}" , referer );
176- log .info ("[fail] redirectUrl {}" , redirectUrl );
174+ if ((host != null && host .contains ("localhost" )) ||
175+ (referer != null && referer .contains ("localhost" ))) {
176+ redirectUrl = "http://localhost:3000/Redirection" ;
177+ } else {
178+ redirectUrl = "https://www.wedy.co.kr/Redirection" ;
179+ }
177180
178- response .sendRedirect (redirectUrl );
179- })
181+ log .info ("[fail] host {}" , host );
182+ log .info ("[fail] referer {}" , referer );
183+ log .info ("[fail] redirectUrl {}" , redirectUrl );
184+
185+ response .sendRedirect (redirectUrl );
186+ })
180187 )
181188 .logout (logout -> logout
182189 .logoutUrl ("/auth/logout" )
0 commit comments