From c540d833a907ecc64d2b631bcb9f9face40abefe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E1=84=8C=E1=85=A9=E1=84=8B=E1=85=A7=E1=86=BC=E1=84=86?= =?UTF-8?q?=E1=85=AE?= Date: Thu, 23 Jan 2025 14:03:44 +0900 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20=EC=9E=AC=EB=B0=9C=EA=B8=89=20?= =?UTF-8?q?=EC=8B=9C=EB=8F=84=20=EC=8B=9C=20refreshToken=EB=8F=84=20?= =?UTF-8?q?=EC=9E=AC=EB=B0=9C=EA=B8=89=ED=95=98=EB=8A=94=20=EC=84=A4?= =?UTF-8?q?=EA=B3=84=20=EC=98=A4=EB=A5=98=20=ED=95=B4=EA=B2=B0=20#5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../lms/domain/user/controller/UserController.java | 2 -- .../lms/domain/user/controller/UserControllerDocs.java | 2 +- .../lms/domain/user/controller/UserControllerTest.java | 9 --------- 3 files changed, 1 insertion(+), 12 deletions(-) diff --git a/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java b/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java index caf0e8d..abcb286 100644 --- a/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java +++ b/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java @@ -58,10 +58,8 @@ public ResponseEntity reissue(HttpServletRequest request) { } String newAccessToken = tokenProvider.createAccessToken(subject, role, new Date()); - String newRefreshToken = tokenProvider.createRefreshToken(subject, role, new Date()); return ResponseEntity.status(OK) .header(AUTHORIZATION_HEADER, newAccessToken) - .header(COOKIE_PREFIX, createCookie(REFRESH_TOKEN_COOKIE_NAME, newRefreshToken, tokenProvider.getRefreshTokenExpirationSeconds()).toString()) .body(null); } diff --git a/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java b/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java index 2985a8f..a7efa96 100644 --- a/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java +++ b/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java @@ -29,7 +29,7 @@ public interface UserControllerDocs { }) ResponseEntity delete(HttpServletRequest request); - @Operation(summary = "재발급 요청", description = "**성공 데이터:** 헤더의 `토큰` 및 쿠키," + + @Operation(summary = "재발급 요청", description = "**성공 데이터:** 헤더의 `토큰`" + "무결성 침해 토큰으로 간주 시 `Refresh Token 초기화 진행 후 재로그인`을 유도합니다.") @ApiResponses(value = { @ApiResponse(responseCode = "200", description = "재발급 성공"), diff --git a/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java b/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java index c1ef215..5ff6583 100644 --- a/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java +++ b/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java @@ -214,10 +214,7 @@ void reissueToken() throws Exception { when(tokenProvider.validateRefreshTokenWithAccessTokenInfo(ROLE_STUDENT, TEST_SUBJECT, requestRefreshToken)).thenReturn(true); String newAccessToken = "newAccessToken"; - String newRefreshToken = "newRefreshToken"; Mockito.when(tokenProvider.createAccessToken(eq(TEST_SUBJECT), eq(ROLE_STUDENT), any(Date.class))).thenReturn(newAccessToken); - Mockito.when(tokenProvider.createRefreshToken(eq(TEST_SUBJECT), eq(ROLE_STUDENT), any(Date.class))).thenReturn(newRefreshToken); - Mockito.when(tokenProvider.getRefreshTokenExpirationSeconds()).thenReturn(3600L); // when ResultActions actions = mockMvc.perform( @@ -229,12 +226,6 @@ void reissueToken() throws Exception { actions .andExpect(status().isOk()) .andExpect(header().string(AUTHORIZATION_HEADER, newAccessToken)) - .andExpect(header().exists(HttpHeaders.SET_COOKIE)) - .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("refresh_token=" + newRefreshToken))) - .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("Path=/"))) - .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("Max-Age=" + 3600L))) - .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("HttpOnly"))) - .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("SameSite=Strict"))) .andDo(print()); } From 40e06ea35a2b3915251980283f412da269621cc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E1=84=8C=E1=85=A9=E1=84=8B=E1=85=A7=E1=86=BC=E1=84=86?= =?UTF-8?q?=E1=85=AE?= Date: Thu, 23 Jan 2025 14:16:01 +0900 Subject: [PATCH 2/2] =?UTF-8?q?chore:=20ddl=20=EC=84=A4=EC=A0=95=20?= =?UTF-8?q?=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lms/src/main/resources/application.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lms/src/main/resources/application.yml b/lms/src/main/resources/application.yml index 9050a6a..f410515 100644 --- a/lms/src/main/resources/application.yml +++ b/lms/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: port: ${REDIS_PORT:6379} jpa: hibernate: - ddl-auto: create + ddl-auto: none default_batch_fetch_size: 1000 jdbc: time_zone: Asia/Seoul