generated from pricelees/issue-pr-template
refactor: Jwt 버전업으로 Deprecated된 코드 수정
This commit is contained in:
parent
ac0e0e361e
commit
27a20bbe16
@ -2,39 +2,43 @@ package roomescape.auth.infrastructure.jwt
|
||||
|
||||
import io.jsonwebtoken.ExpiredJwtException
|
||||
import io.jsonwebtoken.Jwts
|
||||
import io.jsonwebtoken.SignatureAlgorithm
|
||||
import io.jsonwebtoken.security.Keys
|
||||
import org.springframework.beans.factory.annotation.Value
|
||||
import org.springframework.stereotype.Component
|
||||
import roomescape.auth.exception.AuthErrorCode
|
||||
import roomescape.auth.exception.AuthException
|
||||
import java.util.*
|
||||
import javax.crypto.SecretKey
|
||||
|
||||
@Component
|
||||
class JwtHandler(
|
||||
@Value("\${security.jwt.token.secret-key}")
|
||||
private val secretKey: String,
|
||||
private val secretKeyString: String,
|
||||
|
||||
@Value("\${security.jwt.token.ttl-seconds}")
|
||||
private val tokenTtlSeconds: Long
|
||||
) {
|
||||
private val secretKey: SecretKey = Keys.hmacShaKeyFor(secretKeyString.toByteArray())
|
||||
|
||||
fun createToken(memberId: Long): String {
|
||||
val date = Date()
|
||||
val accessTokenExpiredAt = Date(date.time + tokenTtlSeconds)
|
||||
|
||||
return Jwts.builder()
|
||||
.claim(MEMBER_ID_CLAIM_KEY, memberId)
|
||||
.setIssuedAt(date)
|
||||
.setExpiration(accessTokenExpiredAt)
|
||||
.signWith(SignatureAlgorithm.HS256, secretKey.toByteArray())
|
||||
.issuedAt(date)
|
||||
.expiration(accessTokenExpiredAt)
|
||||
.signWith(secretKey)
|
||||
.compact()
|
||||
}
|
||||
|
||||
fun getMemberIdFromToken(token: String?): Long {
|
||||
try {
|
||||
return Jwts.parser()
|
||||
.setSigningKey(secretKey.toByteArray())
|
||||
.parseClaimsJws(token)
|
||||
.body
|
||||
.verifyWith(secretKey)
|
||||
.build()
|
||||
.parseSignedClaims(token)
|
||||
.payload
|
||||
.get(MEMBER_ID_CLAIM_KEY, Number::class.java)
|
||||
.toLong()
|
||||
} catch (_: IllegalArgumentException) {
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
package roomescape.auth.infrastructure.jwt
|
||||
|
||||
import io.jsonwebtoken.Jwts
|
||||
import io.jsonwebtoken.SignatureAlgorithm
|
||||
import io.jsonwebtoken.security.Keys
|
||||
import io.kotest.assertions.throwables.shouldThrow
|
||||
import io.kotest.core.spec.style.FunSpec
|
||||
import io.kotest.matchers.shouldBe
|
||||
@ -45,12 +45,12 @@ class JwtHandlerTest : FunSpec({
|
||||
}
|
||||
|
||||
test("시크릿 키가 잘못된 경우 예외를 던진다.") {
|
||||
val now: Date = Date()
|
||||
val now = Date()
|
||||
val invalidSignatureToken: String = Jwts.builder()
|
||||
.claim("memberId", memberId)
|
||||
.setIssuedAt(now)
|
||||
.setExpiration(Date(now.time + JwtFixture.EXPIRATION_TIME))
|
||||
.signWith(SignatureAlgorithm.HS256, JwtFixture.SECRET_KEY.substring(1).toByteArray())
|
||||
.issuedAt(now)
|
||||
.expiration(Date(now.time + JwtFixture.EXPIRATION_TIME))
|
||||
.signWith(Keys.hmacShaKeyFor(JwtFixture.SECRET_KEY_STRING.substring(1).toByteArray()))
|
||||
.compact()
|
||||
|
||||
shouldThrow<AuthException> {
|
||||
|
||||
@ -110,11 +110,11 @@ object ReservationFixture {
|
||||
}
|
||||
|
||||
object JwtFixture {
|
||||
const val SECRET_KEY: String = "daijawligagaf@LIJ$@U)9nagnalkkgalijaddljfi"
|
||||
const val SECRET_KEY_STRING: String = "daijawligagaf@LIJ$@U)9nagnalkkgalijaddljfi"
|
||||
const val EXPIRATION_TIME: Long = 1000 * 60 * 60
|
||||
|
||||
fun create(
|
||||
secretKey: String = SECRET_KEY,
|
||||
secretKey: String = SECRET_KEY_STRING,
|
||||
expirationTime: Long = EXPIRATION_TIME
|
||||
): JwtHandler = JwtHandler(secretKey, expirationTime)
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user