diff --git a/src/main/java/roomescape/system/auth/infrastructure/jwt/JwtHandler.kt b/src/main/java/roomescape/system/auth/infrastructure/jwt/JwtHandler.kt index 5b8afc69..4afd8e3e 100644 --- a/src/main/java/roomescape/system/auth/infrastructure/jwt/JwtHandler.kt +++ b/src/main/java/roomescape/system/auth/infrastructure/jwt/JwtHandler.kt @@ -1,64 +1,50 @@ -package roomescape.system.auth.infrastructure.jwt; +package roomescape.system.auth.infrastructure.jwt -import java.util.Date; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.http.HttpStatus; -import org.springframework.stereotype.Component; - -import io.jsonwebtoken.ExpiredJwtException; -import io.jsonwebtoken.Jwts; -import io.jsonwebtoken.MalformedJwtException; -import io.jsonwebtoken.SignatureAlgorithm; -import io.jsonwebtoken.SignatureException; -import io.jsonwebtoken.UnsupportedJwtException; -import roomescape.system.exception.ErrorType; -import roomescape.system.exception.RoomEscapeException; +import io.jsonwebtoken.* +import org.springframework.beans.factory.annotation.Value +import org.springframework.http.HttpStatus +import org.springframework.stereotype.Component +import roomescape.system.exception.ErrorType +import roomescape.system.exception.RoomEscapeException +import java.util.* @Component -public class JwtHandler { +class JwtHandler( + @Value("\${security.jwt.token.secret-key}") + private val secretKey: String, - @Value("${security.jwt.token.secret-key}") - private String secretKey; + @Value("\${security.jwt.token.access.expire-length}") + private val accessTokenExpireTime: Long +) { + fun createToken(memberId: Long): String { + val date = Date() + val accessTokenExpiredAt = Date(date.time + accessTokenExpireTime) - @Value("${security.jwt.token.access.expire-length}") - private long accessTokenExpireTime; + return Jwts.builder() + .claim("memberId", memberId) + .setIssuedAt(date) + .setExpiration(accessTokenExpiredAt) + .signWith(SignatureAlgorithm.HS256, secretKey.toByteArray()) + .compact() + } - public TokenDto createToken(Long memberId) { - Date date = new Date(); - Date accessTokenExpiredAt = new Date(date.getTime() + accessTokenExpireTime); - - String accessToken = Jwts.builder() - .claim("memberId", memberId) - .setIssuedAt(date) - .setExpiration(accessTokenExpiredAt) - .signWith(SignatureAlgorithm.HS256, secretKey.getBytes()) - .compact(); - - return new TokenDto(accessToken); - } - - public Long getMemberIdFromToken(String token) { - validateToken(token); - - return Jwts.parser().setSigningKey(secretKey.getBytes()).parseClaimsJws(token) - .getBody() - .get("memberId", Long.class); - } - - public void validateToken(String token) { - try { - Jwts.parser().setSigningKey(secretKey.getBytes()).parseClaimsJws(token); - } catch (ExpiredJwtException e) { - throw new RoomEscapeException(ErrorType.EXPIRED_TOKEN, HttpStatus.UNAUTHORIZED); - } catch (UnsupportedJwtException e) { - throw new RoomEscapeException(ErrorType.UNSUPPORTED_TOKEN, HttpStatus.UNAUTHORIZED); - } catch (MalformedJwtException e) { - throw new RoomEscapeException(ErrorType.MALFORMED_TOKEN, HttpStatus.UNAUTHORIZED); - } catch (SignatureException e) { - throw new RoomEscapeException(ErrorType.INVALID_SIGNATURE_TOKEN, HttpStatus.UNAUTHORIZED); - } catch (IllegalArgumentException e) { - throw new RoomEscapeException(ErrorType.ILLEGAL_TOKEN, HttpStatus.UNAUTHORIZED); - } - } + fun getMemberIdFromToken(token: String?): Long { + try { + return Jwts.parser() + .setSigningKey(secretKey.toByteArray()) + .parseClaimsJws(token) + .getBody() + .get("memberId", Number::class.java) + .toLong() + } catch (e: Exception) { + when (e) { + is ExpiredJwtException -> throw RoomEscapeException(ErrorType.EXPIRED_TOKEN, HttpStatus.UNAUTHORIZED) + is UnsupportedJwtException -> throw RoomEscapeException(ErrorType.UNSUPPORTED_TOKEN, HttpStatus.UNAUTHORIZED) + is MalformedJwtException -> throw RoomEscapeException(ErrorType.MALFORMED_TOKEN, HttpStatus.UNAUTHORIZED) + is SignatureException -> throw RoomEscapeException(ErrorType.INVALID_SIGNATURE_TOKEN, HttpStatus.UNAUTHORIZED) + is IllegalArgumentException -> throw RoomEscapeException(ErrorType.INVALID_TOKEN, HttpStatus.UNAUTHORIZED) + else -> throw RoomEscapeException(ErrorType.UNEXPECTED_ERROR, HttpStatus.INTERNAL_SERVER_ERROR) + } + } + } }