CLAP-61 Docs: 토큰 재발급 API 구현

joowojr · parkjaehak · commit ce3834c4a64e · 2025-01-24T14:49:04.000+09:00
<footer> - 관련: #21
diff --git a/src/main/java/clap/server/adapter/inbound/web/dto/auth/ReissueTokenResponse.java b/src/main/java/clap/server/adapter/inbound/web/dto/auth/ReissueTokenResponse.java
@@ -0,0 +1,7 @@
+package clap.server.adapter.inbound.web.dto.auth;
+
+public record ReissueTokenResponse(
+        String accessToken,
+        String refreshToken
+) {
+}
diff --git a/src/main/java/clap/server/application/mapper/response/AuthResponseMapper.java b/src/main/java/clap/server/application/mapper/response/AuthResponseMapper.java
@@ -2,6 +2,8 @@
 
 import clap.server.adapter.inbound.web.dto.auth.LoginResponse;
 import clap.server.adapter.inbound.web.dto.auth.MemberInfoResponse;
+import clap.server.adapter.inbound.web.dto.auth.ReissueTokenResponse;
+import clap.server.domain.model.auth.CustomJwts;
 import clap.server.domain.model.member.Member;
 
 public class AuthResponseMapper {
@@ -27,4 +29,11 @@ public static MemberInfoResponse toMemberInfoResponse(Member member) {
                 member.getStatus()
         );
     }
+
+    public static ReissueTokenResponse toReissueTokenResponse(final CustomJwts jwtTokens) {
+        return new ReissueTokenResponse(
+                jwtTokens.accessToken(),
+                jwtTokens.refreshToken()
+        );
+    }
 }
diff --git a/src/main/java/clap/server/application/port/inbound/auth/ReissueTokenUsecase.java b/src/main/java/clap/server/application/port/inbound/auth/ReissueTokenUsecase.java
@@ -0,0 +1,7 @@
+package clap.server.application.port.inbound.auth;
+
+import clap.server.adapter.inbound.web.dto.auth.ReissueTokenResponse;
+
+public interface ReissueTokenUsecase {
+    ReissueTokenResponse reissueToken(String oldRefreshToken);
+}
diff --git a/src/main/java/clap/server/application/service/auth/ReissueTokenService.java b/src/main/java/clap/server/application/service/auth/ReissueTokenService.java
@@ -0,0 +1,68 @@
+package clap.server.application.service.auth;
+
+import clap.server.adapter.inbound.web.dto.auth.ReissueTokenResponse;
+import clap.server.application.port.inbound.auth.ReissueTokenUsecase;
+import clap.server.application.port.outbound.auth.CommandRefreshTokenPort;
+import clap.server.application.port.outbound.auth.LoadRefreshTokenPort;
+import clap.server.common.annotation.architecture.ApplicationService;
+import clap.server.domain.model.auth.CustomJwts;
+import clap.server.domain.model.auth.RefreshToken;
+import clap.server.exception.AuthException;
+import clap.server.exception.code.AuthErrorCode;
+import lombok.RequiredArgsConstructor;
+import org.springframework.transaction.annotation.Transactional;
+
+import static clap.server.application.mapper.response.AuthResponseMapper.toReissueTokenResponse;
+
+@ApplicationService
+@RequiredArgsConstructor
+class ReissueTokenService implements ReissueTokenUsecase {
+    private final IssueTokenService issueTokenService;
+    private final LoadRefreshTokenPort loadRefreshTokenPort;
+    private final CommandRefreshTokenPort commandRefreshTokenPort;
+
+    @Transactional
+    public ReissueTokenResponse reissueToken(String oldRefreshToken) {
+        Long memberId = issueTokenService.resolveRefreshToken(oldRefreshToken);
+        RefreshToken newRefreshToken;
+        try {
+            newRefreshToken = refresh(memberId, oldRefreshToken,
+                    issueTokenService.issueRefreshToken(memberId).getToken());
+        } catch (IllegalArgumentException e) {
+            throw new AuthException(AuthErrorCode.EXPIRED_TOKEN);
+        } catch (IllegalStateException e) {
+            throw new AuthException(AuthErrorCode.TAKEN_AWAY_TOKEN);
+        }
+
+        String newAccessToken = issueTokenService.issueAccessToken(memberId);
+        CustomJwts tokens = CustomJwts.of(newAccessToken, newRefreshToken.getToken());
+        return toReissueTokenResponse(tokens);
+    }
+
+    private RefreshToken refresh(
+            Long memberId,
+            String oldRefreshToken,
+            String newRefreshToken
+    ) throws IllegalArgumentException, IllegalStateException {
+        RefreshToken refreshToken = loadRefreshTokenPort.findByMemberId(memberId).orElseThrow(
+                () -> new AuthException(AuthErrorCode.REFRESH_TOKEN_NOT_FOUND)
+        );
+        validateToken(oldRefreshToken, refreshToken);
+
+        refreshToken.rotation(newRefreshToken);
+        commandRefreshTokenPort.save(refreshToken);
+        return refreshToken;
+    }
+
+    private void validateToken(String oldRefreshToken, RefreshToken refreshToken) {
+        if (isTakenAway(oldRefreshToken, refreshToken.getToken())) {
+            commandRefreshTokenPort.delete(refreshToken);
+            throw new AuthException(AuthErrorCode.REFRESH_TOKEN_MISMATCHED);
+        }
+    }
+
+    private boolean isTakenAway(String requestRefreshToken, String expectedRefreshToken) {
+        return !requestRefreshToken.equals(expectedRefreshToken);
+    }
+
+}
