CLAP-84 Feat: AuthException과 JwtException 분리

<footer>
- 관련: #43

Author: joowojr

src/main/java/clap/server/adapter/inbound/security/SecurityUserDetailsService.java

@@ -1,7 +1,7 @@
 package clap.server.adapter.inbound.security;
 
 import clap.server.adapter.outbound.persistense.repository.member.MemberRepository;
-import clap.server.exception.ApplicationException;
+import clap.server.exception.AuthException;
 import clap.server.exception.code.MemberErrorCode;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -18,6 +18,6 @@ public class SecurityUserDetailsService implements UserDetailsService {
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         return loadMemberPort.findById(Long.parseLong(username))
                 .map(SecurityUserDetails::from)
-                .orElseThrow(() -> new ApplicationException(MemberErrorCode.MEMBER_NOT_FOUND));
+                .orElseThrow(() -> new AuthException(MemberErrorCode.MEMBER_NOT_FOUND));
     }
 }

src/main/java/clap/server/adapter/inbound/security/filter/JwtErrorCodeUtil.java

@@ -36,9 +36,9 @@ public static BaseErrorCode determineErrorCode(Exception exception, BaseErrorCod
     public static JwtException determineAuthErrorException(Exception exception) {
         return findAuthErrorException(exception).orElseGet(
                 () -> {
-                    BaseErrorCode errorStatus = determineErrorCode(exception, CommonErrorCode.INTERNAL_SERVER_ERROR);
+                    BaseErrorCode errorCode = determineErrorCode(exception, CommonErrorCode.INTERNAL_SERVER_ERROR);
                     log.debug(exception.getMessage(), exception);
-                    return new JwtException(errorStatus);
+                    return new JwtException(errorCode);
                 }
         );
     }

src/main/java/clap/server/adapter/outbound/jwt/refresh/RefreshTokenProvider.java

@@ -4,6 +4,8 @@
 import clap.server.application.port.outbound.auth.JwtProvider;
 import clap.server.common.annotation.jwt.RefreshTokenStrategy;
 import clap.server.common.utils.DateUtil;
+import clap.server.exception.JwtException;
+import clap.server.exception.code.AuthErrorCode;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.security.Keys;
@@ -66,7 +68,7 @@ public boolean isTokenExpired(String token) {
             return claims.getExpiration().before(new Date());
         } catch (Exception e) {
             log.error("Token is expired: {}", e.getMessage());
-            throw e;
+            throw new JwtException(AuthErrorCode.EMPTY_ACCESS_KEY);
         }
     }
 
@@ -80,7 +82,7 @@ public Claims getClaimsFromToken(String token) {
                     .getBody();
         } catch (Exception e) {
             log.error("Token parsing error: {}", e.getMessage());
-            throw e;
+            throw new JwtException(AuthErrorCode.INVALID_TOKEN);
         }
     }
 

src/main/java/clap/server/application/service/auth/IssueTokenService.java

@@ -8,16 +8,18 @@
 import clap.server.domain.model.auth.CustomJwts;
 import clap.server.domain.model.auth.RefreshToken;
 import clap.server.domain.model.member.Member;
-import clap.server.exception.JwtException;
+import clap.server.exception.AuthException;
 import clap.server.exception.code.AuthErrorCode;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
 import java.time.Duration;
 import java.time.LocalDateTime;
 
 @RequiredArgsConstructor
 @Component
+@Slf4j
 public class IssueTokenService {
     private final JwtProvider accessTokenProvider;
     private final JwtProvider refreshTokenProvider;
@@ -48,7 +50,7 @@ public RefreshToken refresh(
             String newRefreshToken
     ) throws IllegalArgumentException, IllegalStateException {
         RefreshToken refreshToken = loadRefreshTokenPort.findByMemberId(memberId).orElseThrow(
-                ()-> new JwtException(AuthErrorCode.REFRESH_TOKEN_NOT_FOUND)
+                ()-> new AuthException(AuthErrorCode.REFRESH_TOKEN_NOT_FOUND)
         );
         validateToken(oldRefreshToken, refreshToken);
 
@@ -61,7 +63,7 @@ public RefreshToken refresh(
     private void validateToken(String oldRefreshToken, RefreshToken refreshToken) {
         if (isTakenAway(oldRefreshToken, refreshToken.getToken())) {
             commandRefreshTokenPort.delete(refreshToken);
-            throw new IllegalStateException("refresh token mismatched");
+            throw new AuthException(AuthErrorCode.REFRESH_TOKEN_MISMATCHED);
         }
     }
 

src/main/java/clap/server/exception/AuthException.java

@@ -0,0 +1,13 @@
+package clap.server.exception;
+
+import clap.server.exception.code.BaseErrorCode;
+
+public class AuthException extends BaseException {
+    public AuthException(BaseErrorCode code) {
+        super(code);
+    }
+
+    public BaseErrorCode getErrorCode() {
+        return (BaseErrorCode)super.getCode();
+    }
+}

src/main/java/clap/server/exception/code/AuthErrorCode.java

@@ -20,7 +20,8 @@ public enum AuthErrorCode implements BaseErrorCode {
     UNSUPPORTED_JWT_TOKEN(HttpStatus.UNAUTHORIZED, "AUTH_011", "지원하지 않는 토큰입니다."),
     FORBIDDEN_ACCESS_TOKEN(HttpStatus.FORBIDDEN, "AUTH_012","해당 토큰에는 엑세스 권한이 없습니다."),
     INVALID_TOKEN(HttpStatus.UNAUTHORIZED,"AUTH_013", "유효하지 않은 토큰입니다."),
-    REFRESH_TOKEN_NOT_FOUND(HttpStatus.UNAUTHORIZED, "AUTH_014", "리프레시 토큰을 찾을 수 없습니다.");
+    REFRESH_TOKEN_NOT_FOUND(HttpStatus.UNAUTHORIZED, "AUTH_014", "리프레시 토큰을 찾을 수 없습니다."),
+    REFRESH_TOKEN_MISMATCHED(HttpStatus.UNAUTHORIZED, "AUTH_014", "리프레시 토큰이 일치하지 않습니다");
 
     private final HttpStatus httpStatus;
     private final String customCode;