From 27a20bbe16f1893398085e92e86e701bbff89806 Mon Sep 17 00:00:00 2001
From: pricelees <priceelees@gmail.com>
Date: Thu, 24 Jul 2025 11:29:08 +0900
Subject: [PATCH] =?UTF-8?q?refactor:=20Jwt=20=EB=B2=84=EC=A0=84=EC=97=85?=
 =?UTF-8?q?=EC=9C=BC=EB=A1=9C=20Deprecated=EB=90=9C=20=EC=BD=94=EB=93=9C?=
 =?UTF-8?q?=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/infrastructure/jwt/JwtHandler.kt     | 20 +++++++++++--------
 .../auth/infrastructure/jwt/JwtHandlerTest.kt | 10 +++++-----
 src/test/kotlin/roomescape/util/Fixtures.kt   |  4 ++--
 3 files changed, 19 insertions(+), 15 deletions(-)

diff --git a/src/main/kotlin/roomescape/auth/infrastructure/jwt/JwtHandler.kt b/src/main/kotlin/roomescape/auth/infrastructure/jwt/JwtHandler.kt
index 29e7b38b..a3b89cf3 100644
--- a/src/main/kotlin/roomescape/auth/infrastructure/jwt/JwtHandler.kt
+++ b/src/main/kotlin/roomescape/auth/infrastructure/jwt/JwtHandler.kt
@@ -2,39 +2,43 @@ package roomescape.auth.infrastructure.jwt
 
 import io.jsonwebtoken.ExpiredJwtException
 import io.jsonwebtoken.Jwts
-import io.jsonwebtoken.SignatureAlgorithm
+import io.jsonwebtoken.security.Keys
 import org.springframework.beans.factory.annotation.Value
 import org.springframework.stereotype.Component
 import roomescape.auth.exception.AuthErrorCode
 import roomescape.auth.exception.AuthException
 import java.util.*
+import javax.crypto.SecretKey
 
 @Component
 class JwtHandler(
         @Value("\${security.jwt.token.secret-key}")
-        private val secretKey: String,
+        private val secretKeyString: String,
 
         @Value("\${security.jwt.token.ttl-seconds}")
         private val tokenTtlSeconds: Long
 ) {
+    private val secretKey: SecretKey = Keys.hmacShaKeyFor(secretKeyString.toByteArray())
+
     fun createToken(memberId: Long): String {
         val date = Date()
         val accessTokenExpiredAt = Date(date.time + tokenTtlSeconds)
 
         return Jwts.builder()
                 .claim(MEMBER_ID_CLAIM_KEY, memberId)
-                .setIssuedAt(date)
-                .setExpiration(accessTokenExpiredAt)
-                .signWith(SignatureAlgorithm.HS256, secretKey.toByteArray())
+                .issuedAt(date)
+                .expiration(accessTokenExpiredAt)
+                .signWith(secretKey)
                 .compact()
     }
 
     fun getMemberIdFromToken(token: String?): Long {
         try {
             return Jwts.parser()
-                    .setSigningKey(secretKey.toByteArray())
-                    .parseClaimsJws(token)
-                    .body
+                    .verifyWith(secretKey)
+                    .build()
+                    .parseSignedClaims(token)
+                    .payload
                     .get(MEMBER_ID_CLAIM_KEY, Number::class.java)
                     .toLong()
         } catch (_: IllegalArgumentException) {
diff --git a/src/test/kotlin/roomescape/auth/infrastructure/jwt/JwtHandlerTest.kt b/src/test/kotlin/roomescape/auth/infrastructure/jwt/JwtHandlerTest.kt
index a7ee570d..66af9c03 100644
--- a/src/test/kotlin/roomescape/auth/infrastructure/jwt/JwtHandlerTest.kt
+++ b/src/test/kotlin/roomescape/auth/infrastructure/jwt/JwtHandlerTest.kt
@@ -1,7 +1,7 @@
 package roomescape.auth.infrastructure.jwt
 
 import io.jsonwebtoken.Jwts
-import io.jsonwebtoken.SignatureAlgorithm
+import io.jsonwebtoken.security.Keys
 import io.kotest.assertions.throwables.shouldThrow
 import io.kotest.core.spec.style.FunSpec
 import io.kotest.matchers.shouldBe
@@ -45,12 +45,12 @@ class JwtHandlerTest : FunSpec({
         }
 
         test("시크릿 키가 잘못된 경우 예외를 던진다.") {
-            val now: Date = Date()
+            val now = Date()
             val invalidSignatureToken: String = Jwts.builder()
                     .claim("memberId", memberId)
-                    .setIssuedAt(now)
-                    .setExpiration(Date(now.time + JwtFixture.EXPIRATION_TIME))
-                    .signWith(SignatureAlgorithm.HS256, JwtFixture.SECRET_KEY.substring(1).toByteArray())
+                    .issuedAt(now)
+                    .expiration(Date(now.time + JwtFixture.EXPIRATION_TIME))
+                    .signWith(Keys.hmacShaKeyFor(JwtFixture.SECRET_KEY_STRING.substring(1).toByteArray()))
                     .compact()
 
             shouldThrow<AuthException> {
diff --git a/src/test/kotlin/roomescape/util/Fixtures.kt b/src/test/kotlin/roomescape/util/Fixtures.kt
index 5413b676..8e372f41 100644
--- a/src/test/kotlin/roomescape/util/Fixtures.kt
+++ b/src/test/kotlin/roomescape/util/Fixtures.kt
@@ -110,11 +110,11 @@ object ReservationFixture {
 }
 
 object JwtFixture {
-    const val SECRET_KEY: String = "daijawligagaf@LIJ$@U)9nagnalkkgalijaddljfi"
+    const val SECRET_KEY_STRING: String = "daijawligagaf@LIJ$@U)9nagnalkkgalijaddljfi"
     const val EXPIRATION_TIME: Long = 1000 * 60 * 60
 
     fun create(
-            secretKey: String = SECRET_KEY,
+            secretKey: String = SECRET_KEY_STRING,
             expirationTime: Long = EXPIRATION_TIME
     ): JwtHandler = JwtHandler(secretKey, expirationTime)
 }