GoGetCustomer · fprh13 · Jan 23, 2025 · Jan 23, 2025 · Jan 23, 2025
diff --git a/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java b/lms/src/main/java/com/example/lms/domain/user/controller/UserController.java
@@ -58,10 +58,8 @@ public ResponseEntity<?> reissue(HttpServletRequest request) {
         }
 
         String newAccessToken = tokenProvider.createAccessToken(subject, role, new Date());
-        String newRefreshToken = tokenProvider.createRefreshToken(subject, role, new Date());
         return ResponseEntity.status(OK)
                 .header(AUTHORIZATION_HEADER, newAccessToken)
-                .header(COOKIE_PREFIX, createCookie(REFRESH_TOKEN_COOKIE_NAME, newRefreshToken, tokenProvider.getRefreshTokenExpirationSeconds()).toString())
                 .body(null);
     }
 

diff --git a/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java b/lms/src/main/java/com/example/lms/domain/user/controller/UserControllerDocs.java
@@ -29,7 +29,7 @@ public interface UserControllerDocs {
     })
     ResponseEntity<?> delete(HttpServletRequest request);
 
-    @Operation(summary = "재발급 요청", description = "**성공 데이터:** 헤더의 `토큰` 및 쿠키," +
+    @Operation(summary = "재발급 요청", description = "**성공 데이터:** 헤더의 `토큰`" +
             "무결성 침해 토큰으로 간주 시 `Refresh Token 초기화 진행 후 재로그인`을 유도합니다.")
     @ApiResponses(value = {
             @ApiResponse(responseCode = "200", description = "재발급 성공"),

diff --git a/lms/src/main/resources/application.yml b/lms/src/main/resources/application.yml
@@ -12,7 +12,7 @@ spring:
       port: ${REDIS_PORT:6379}
   jpa:
     hibernate:
-      ddl-auto: create
+      ddl-auto: none
       default_batch_fetch_size: 1000
       jdbc:
         time_zone: Asia/Seoul

diff --git a/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java b/lms/src/test/java/com/example/lms/domain/user/controller/UserControllerTest.java
@@ -214,10 +214,7 @@ void reissueToken() throws Exception {
         when(tokenProvider.validateRefreshTokenWithAccessTokenInfo(ROLE_STUDENT, TEST_SUBJECT, requestRefreshToken)).thenReturn(true);
 
         String newAccessToken = "newAccessToken";
-        String newRefreshToken = "newRefreshToken";
         Mockito.when(tokenProvider.createAccessToken(eq(TEST_SUBJECT), eq(ROLE_STUDENT), any(Date.class))).thenReturn(newAccessToken);
-        Mockito.when(tokenProvider.createRefreshToken(eq(TEST_SUBJECT), eq(ROLE_STUDENT), any(Date.class))).thenReturn(newRefreshToken);
-        Mockito.when(tokenProvider.getRefreshTokenExpirationSeconds()).thenReturn(3600L);
 
         // when
         ResultActions actions = mockMvc.perform(
@@ -229,12 +226,6 @@ void reissueToken() throws Exception {
         actions
                 .andExpect(status().isOk())
                 .andExpect(header().string(AUTHORIZATION_HEADER, newAccessToken))
-                .andExpect(header().exists(HttpHeaders.SET_COOKIE))
-                .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("refresh_token=" + newRefreshToken)))
-                .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("Path=/")))
-                .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("Max-Age=" + 3600L)))
-                .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("HttpOnly")))
-                .andExpect(header().string(HttpHeaders.SET_COOKIE, containsString("SameSite=Strict")))
                 .andDo(print());
     }