[refac] 인증 비즈니스 로직 리팩토링 (#253)

* [refac] make user info dto * [refac] extract external service from transaction * [refac] handle feign exception * [refac] rename variable * [refac] apply facade pattern * [refac] use final keyword * [refac] use final keyword * [refac] delete unnecessary transaction * [refac] delete unnecessary logout logic in validation * [refac] add transactional annotation * [refac] extract external network from transactional * [refac] rename class * [refac] move package * [docs] update README.md * [refac] delete static method * [fix] validate null name * [refac] separate responsibilities by creating dedicated classes * [refac] delete AuthValidator.java * [refac] summarize parameter * [refac] refactor to use string constants * [refac] move location of validation logic * [refac] divide method * [fix] Revoke refresh token renewal on access token reissuance * [fix] change access modifier to public for apply transactional annotation
Team-Hankki · Jan 27, 2025 · 08a80e0 · 08a80e0
1 parent 223e05d
commit 08a80e0
Show file tree

Hide file tree

Showing 26 changed files with 199 additions and 128 deletions.
diff --git a/README.md b/README.md
@@ -28,7 +28,7 @@
 
 
 # 🏗️Architecture
-![한끼아키텍쳐](https://github.com/user-attachments/assets/e2c71966-893a-478e-bb68-26f66ecd17de)
+![한끼아키텍쳐](https://github.com/user-attachments/assets/3ed4c337-3e4f-426b-999e-8f1c0c796cd8)
 
 <br><br>
 # 📍ERD

diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/controller/AuthController.java b/src/main/java/org/hankki/hankkiserver/api/auth/controller/AuthController.java
@@ -4,7 +4,7 @@
 import jakarta.validation.Valid;
 import lombok.RequiredArgsConstructor;
 import org.hankki.hankkiserver.api.auth.controller.request.UserLoginRequest;
-import org.hankki.hankkiserver.api.auth.service.AuthService;
+import org.hankki.hankkiserver.api.auth.service.AuthFacade;
 import org.hankki.hankkiserver.api.auth.service.response.UserLoginResponse;
 import org.hankki.hankkiserver.api.auth.service.response.UserReissueResponse;
 import org.hankki.hankkiserver.api.common.annotation.UserId;
@@ -24,32 +24,31 @@
 @RequestMapping("/api/v1")
 public class AuthController {
 
-    private final AuthService authService;
+    private final AuthFacade authFacade;
 
     @PostMapping("/auth/login")
     public HankkiResponse<UserLoginResponse> login(@RequestHeader(HttpHeaders.AUTHORIZATION) final String token,
                                                    @Valid @RequestBody final UserLoginRequest request) {
-        UserLoginResponse response = authService.login(token, request);
+        UserLoginResponse response = authFacade.login(token, request);
         return HankkiResponse.success(CommonSuccessCode.OK, response);
     }
 
     @PatchMapping("/auth/logout")
     public HankkiResponse<Void> signOut(@UserId final Long userId) {
-        authService.logout(userId);
+        authFacade.logout(userId);
         return HankkiResponse.success(CommonSuccessCode.OK);
     }
 
     @DeleteMapping("/auth/withdraw")
     public HankkiResponse<Void> withdraw(@UserId final Long userId,
                                          @Nullable @RequestHeader("X-Apple-Code") final String code) {
-        authService.withdraw(userId, code);
+        authFacade.withdraw(userId, code);
         return HankkiResponse.success(CommonSuccessCode.NO_CONTENT);
     }
 
     @PostMapping("/auth/reissue")
-    public HankkiResponse<UserReissueResponse> reissue(
-            @RequestHeader(HttpHeaders.AUTHORIZATION) final String refreshToken) {
-        UserReissueResponse response = authService.reissue(refreshToken);
+    public HankkiResponse<UserReissueResponse> reissue(@RequestHeader(HttpHeaders.AUTHORIZATION) final String token) {
+        UserReissueResponse response = authFacade.reissue(token);
         return HankkiResponse.success(CommonSuccessCode.OK, response);
     }
 }
diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/controller/request/UserLoginRequest.java b/src/main/java/org/hankki/hankkiserver/api/auth/controller/request/UserLoginRequest.java
@@ -1,12 +1,13 @@
 package org.hankki.hankkiserver.api.auth.controller.request;
 
 import jakarta.annotation.Nullable;
-import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
+import org.hankki.hankkiserver.domain.user.model.Platform;
 
 public record UserLoginRequest(
         @Nullable
         String name,
-        @NotBlank
-        String platform
+        @NotNull
+        Platform platform
 ) {
 }
diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/service/AuthFacade.java b/src/main/java/org/hankki/hankkiserver/api/auth/service/AuthFacade.java
@@ -0,0 +1,50 @@
+package org.hankki.hankkiserver.api.auth.service;
+
+import lombok.RequiredArgsConstructor;
+import org.hankki.hankkiserver.api.auth.controller.request.UserLoginRequest;
+import org.hankki.hankkiserver.api.auth.service.response.UserInfoResponse;
+import org.hankki.hankkiserver.api.auth.service.response.UserLoginResponse;
+import org.hankki.hankkiserver.api.auth.service.response.UserReissueResponse;
+import org.hankki.hankkiserver.api.user.service.UserFinder;
+import org.hankki.hankkiserver.api.user.service.UserInfoFinder;
+import org.hankki.hankkiserver.auth.jwt.Token;
+import org.hankki.hankkiserver.domain.user.model.User;
+import org.hankki.hankkiserver.domain.user.model.UserInfo;
+import org.hankki.hankkiserver.external.openfeign.oauth.SocialInfoResponse;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+@RequiredArgsConstructor
+public class AuthFacade {
+
+    private final UserFinder userFinder;
+    private final UserInfoFinder userInfoFinder;
+    private final ExternalService externalService;
+    private final AuthService authService;
+
+    public UserLoginResponse login(final String token, final UserLoginRequest request) {
+        SocialInfoResponse response = externalService.getUserInfo(token, request.platform(), request.name());
+        UserInfoResponse userInfoResponse = UserInfoResponse.of(request.platform(), response.serialId(),
+                response.name(), response.email());
+        return authService.saveOrGetUser(userInfoResponse);
+    }
+
+    public void withdraw(final long userId, final String code) {
+        User user = userFinder.getUser(userId);
+        externalService.revoke(user.getPlatform(), code, user.getSerialId());
+        authService.deleteUser(user);
+    }
+
+    @Transactional
+    public void logout(final long userId) {
+        UserInfo findUserInfo = userInfoFinder.getUserInfo(userId);
+        findUserInfo.updateRefreshToken(null);
+    }
+
+    @Transactional
+    public UserReissueResponse reissue(final String refreshToken) {
+        Token issuedTokens = authService.generateAccessToken(refreshToken);
+        return UserReissueResponse.of(issuedTokens);
+    }
+}
diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/service/AuthService.java b/src/main/java/org/hankki/hankkiserver/api/auth/service/AuthService.java
@@ -6,20 +6,21 @@
 
 import java.util.Optional;
 import lombok.RequiredArgsConstructor;
-import org.hankki.hankkiserver.api.auth.controller.request.UserLoginRequest;
+import org.hankki.hankkiserver.api.auth.service.response.UserInfoResponse;
 import org.hankki.hankkiserver.api.auth.service.response.UserLoginResponse;
-import org.hankki.hankkiserver.api.auth.service.response.UserReissueResponse;
+import org.hankki.hankkiserver.api.user.service.UserFinder;
+import org.hankki.hankkiserver.api.user.service.UserInfoFinder;
+import org.hankki.hankkiserver.api.user.service.UserInfoUpdater;
+import org.hankki.hankkiserver.api.user.service.UserUpdater;
 import org.hankki.hankkiserver.auth.jwt.JwtProvider;
 import org.hankki.hankkiserver.auth.jwt.JwtValidator;
 import org.hankki.hankkiserver.auth.jwt.Token;
-import org.hankki.hankkiserver.common.exception.UnauthorizedException;
 import org.hankki.hankkiserver.domain.user.model.Platform;
 import org.hankki.hankkiserver.domain.user.model.User;
 import org.hankki.hankkiserver.domain.user.model.UserInfo;
 import org.hankki.hankkiserver.domain.user.model.UserStatus;
 import org.hankki.hankkiserver.event.EventPublisher;
 import org.hankki.hankkiserver.event.user.CreateUserEvent;
-import org.hankki.hankkiserver.external.openfeign.oauth.SocialInfoResponse;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -33,44 +34,29 @@ public class AuthService {
     private final UserInfoUpdater userInfoUpdater;
     private final JwtProvider jwtProvider;
     private final JwtValidator jwtValidator;
-    private final OAuthProviderFactory oAuthProviderFactory;
     private final EventPublisher eventPublisher;
 
     @Transactional
-    public UserLoginResponse login(final String token, final UserLoginRequest request) {
-        Platform platform = Platform.getEnumPlatformFromStringPlatform(request.platform());
-        SocialInfoResponse socialInfo = getSocialInfo(token, platform, request.name());
-        Optional<User> user = userFinder.findUserByPlatFormAndSeralId(platform, socialInfo.serialId());
+    public UserLoginResponse saveOrGetUser(final UserInfoResponse userInfo) {
+        Optional<User> user = userFinder.findUserByPlatFormAndSeralId(userInfo.platform(), userInfo.serialId());
         boolean isRegistered = isRegistered(user);
-        User findUser = loadOrCreateUser(user, platform, socialInfo);
+        User findUser = loadOrCreateUser(user, userInfo);
         Token issuedToken = generateTokens(findUser.getId());
         return UserLoginResponse.of(issuedToken, isRegistered);
     }
 
     @Transactional
-    public void logout(final long userId) {
-        UserInfo findUserInfo = userInfoFinder.getUserInfo(userId);
-        findUserInfo.updateRefreshToken(null);
-    }
-
-    @Transactional
-    public void withdraw(final long userId, final String code) {
-        User user = userFinder.getUser(userId);
-        Platform platform = user.getPlatform();
-        OAuthProvider oAuthProvider = oAuthProviderFactory.findProvider(platform);
-        oAuthProvider.requestRevoke(code, user.getSerialId());
+    public void deleteUser(final User user) {
         user.softDelete();
-        userInfoFinder.getUserInfo(userId).softDelete();
+        userInfoFinder.getUserInfo(user.getId()).softDelete();
     }
 
-    @Transactional
-    public UserReissueResponse reissue(final String refreshToken) {
-        Long userId = jwtProvider.getSubject(refreshToken.substring(BEARER.length()));
+    protected Token generateAccessToken(final String refreshToken) {
+        String strippedToken = refreshToken.substring(BEARER.length());
+        long userId = jwtProvider.getSubject(strippedToken);
         validateRefreshToken(refreshToken, userId);
-        UserInfo findUserInfo = userInfoFinder.getUserInfo(userId);
-        Token issuedTokens = jwtProvider.issueTokens(userId, getUserRole(userId));
-        findUserInfo.updateRefreshToken(issuedTokens.refreshToken());
-        return UserReissueResponse.of(issuedTokens);
+        String accessToken = jwtProvider.generateAccessToken(userId, getUserRole(userId));
+        return Token.of(accessToken, strippedToken);
     }
 
     private Token generateTokens(final long userId) {
@@ -80,63 +66,49 @@ private Token generateTokens(final long userId) {
         return issuedTokens;
     }
 
-    private String getUserRole(final long userId) {
-        return userFinder.getUser(userId).getRole().getValue();
+    private void validateRefreshToken(final String refreshToken, final long userId) {
+        jwtValidator.validateRefreshToken(refreshToken);
+        String storedRefreshToken = userInfoFinder.getUserInfo(userId).getRefreshToken();
+        jwtValidator.checkTokenEquality(refreshToken, storedRefreshToken);
     }
 
     private boolean isRegistered(final Optional<User> user) {
         return user.map(u -> u.getStatus() == ACTIVE)
                 .orElse(false);
     }
 
-    private SocialInfoResponse getSocialInfo(final String providerToken, final Platform platform, final String name) {
-        OAuthProvider oAuthProvider = oAuthProviderFactory.findProvider(platform);
-        return oAuthProvider.getUserInfo(providerToken, name);
-    }
-
-    private User loadOrCreateUser(final Optional<User> findUser, final Platform platform, final SocialInfoResponse socialInfo) {
-        return findUser.map(user -> updateOrGetUserInfo(user, user.getStatus(), socialInfo))
-                .orElseGet(() -> createNewUser(socialInfo, platform));
+    private User loadOrCreateUser(final Optional<User> findUser, final UserInfoResponse userInfo) {
+        return findUser.map(user -> updateOrGetUserInfo(user, user.getStatus(), userInfo))
+                .orElseGet(() -> createNewUser(userInfo, userInfo.platform()));
     }
 
-    private User updateOrGetUserInfo(final User user, final UserStatus status, final SocialInfoResponse socialInfo) {
+    private User updateOrGetUserInfo(final User user, final UserStatus status, final UserInfoResponse userInfo) {
         if (status == ACTIVE) {
             return user;
         }
-        return updateUserInfo(user, socialInfo);
+        return updateUserInfo(user, userInfo);
     }
 
-    private User updateUserInfo(final User user, final SocialInfoResponse socialInfo) {
-        user.rejoin(socialInfo);
-        userInfoFinder.getUserInfo(user.getId()).updateNickname(socialInfo.name());
+    private User updateUserInfo(final User user, final UserInfoResponse userInfo) {
+        user.rejoin(userInfo.name(), userInfo.email());
+        userInfoFinder.getUserInfo(user.getId()).updateNickname(userInfo.name());
         return user;
     }
 
-    private User createNewUser(final SocialInfoResponse socialInfo, final Platform platform) {
-        User newUser = createUser(socialInfo.name(), socialInfo.email(), socialInfo.serialId(), platform);
+    private User createNewUser(final UserInfoResponse userInfo, final Platform platform) {
+        User newUser = createUser(userInfo.name(), userInfo.email(), userInfo.serialId(), platform);
         saveUserAndUserInfo(newUser);
         eventPublisher.publish(CreateUserEvent.of(newUser.getId(), newUser.getName(), newUser.getPlatform().toString()));
         return newUser;
     }
 
-    private String getRefreshToken(final long userId) {
-        return userInfoFinder.getUserInfo(userId).getRefreshToken();
+    private String getUserRole(final long userId) {
+        return userFinder.getUser(userId).getRole().getValue();
     }
 
     private void saveUserAndUserInfo(final User user) {
         userUpdater.saveUser(user);
         UserInfo userInfo = UserInfo.createMemberInfo(user, null);
         userInfoUpdater.saveUserInfo(userInfo);
     }
-
-    private void validateRefreshToken(final String refreshToken, final Long userId) {
-        try {
-            jwtValidator.validateRefreshToken(refreshToken);
-            String storedRefreshToken = getRefreshToken(userId);
-            jwtValidator.equalsRefreshToken(refreshToken, storedRefreshToken);
-        } catch (UnauthorizedException e) {
-            logout(userId);
-            throw e;
-        }
-    }
 }
diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/service/ExternalService.java b/src/main/java/org/hankki/hankkiserver/api/auth/service/ExternalService.java
@@ -0,0 +1,23 @@
+package org.hankki.hankkiserver.api.auth.service;
+
+import lombok.RequiredArgsConstructor;
+import org.hankki.hankkiserver.domain.user.model.Platform;
+import org.hankki.hankkiserver.external.openfeign.oauth.SocialInfoResponse;
+import org.springframework.stereotype.Service;
+
+@Service
+@RequiredArgsConstructor
+public class ExternalService {
+
+    private final OAuthProviderFactory oAuthProviderFactory;
+
+    protected SocialInfoResponse getUserInfo(final String token, final Platform platform, final String name) {
+        OAuthProvider oAuthProvider = oAuthProviderFactory.findProvider(platform);
+        return oAuthProvider.getUserInfo(token, name);
+    }
+
+    protected void revoke(final Platform platform, final String code, final String serialId) {
+        OAuthProvider oAuthProvider = oAuthProviderFactory.findProvider(platform);
+        oAuthProvider.requestRevoke(code, serialId);
+    }
+}
diff --git a/src/main/java/org/hankki/hankkiserver/api/auth/service/response/UserInfoResponse.java b/src/main/java/org/hankki/hankkiserver/api/auth/service/response/UserInfoResponse.java
@@ -0,0 +1,14 @@
+package org.hankki.hankkiserver.api.auth.service.response;
+
+import org.hankki.hankkiserver.domain.user.model.Platform;
+
+public record UserInfoResponse(
+        Platform platform,
+        String serialId,
+        String name,
+        String email
+) {
+    public static UserInfoResponse of(final Platform platform, final String serialId, final String name, final String email) {
+        return new UserInfoResponse(platform, serialId, name, email);
+    }
+}
diff --git a/src/main/java/org/hankki/hankkiserver/api/common/advice/GlobalExceptionHandler.java b/src/main/java/org/hankki/hankkiserver/api/common/advice/GlobalExceptionHandler.java
@@ -1,8 +1,10 @@
 package org.hankki.hankkiserver.api.common.advice;
 
+import feign.FeignException;
 import jakarta.validation.ConstraintViolationException;
 import lombok.extern.slf4j.Slf4j;
 import org.hankki.hankkiserver.api.dto.HankkiResponse;
+import org.hankki.hankkiserver.common.code.AuthErrorCode;
 import org.hankki.hankkiserver.common.code.BusinessErrorCode;
 import org.hankki.hankkiserver.common.code.StoreErrorCode;
 import org.hankki.hankkiserver.common.code.StoreImageErrorCode;
@@ -108,4 +110,10 @@ public HankkiResponse<Void> handleConstraintViolationException(ConstraintViolati
         log.warn("handleConstraintViolationException() in GlobalExceptionHandler throw ConstraintViolationException : {}", e.getMessage());
         return HankkiResponse.fail(BusinessErrorCode.BAD_REQUEST);
     }
+
+    @ExceptionHandler(FeignException.class)
+    public HankkiResponse<Void> handleFeignException(FeignException e) {
+        log.warn("handleFeignException() in GlobalExceptionHandler throw FeignException : {}", e.getMessage());
+        return HankkiResponse.fail(AuthErrorCode.INTERNAL_SERVER_ERROR);
+    }
 }
diff --git a/src/main/java/org/hankki/hankkiserver/api/config/WebConfig.java b/src/main/java/org/hankki/hankkiserver/api/config/WebConfig.java
@@ -1,5 +1,6 @@
 package org.hankki.hankkiserver.api.config;
 
+import java.util.List;
 import lombok.RequiredArgsConstructor;
 import org.hankki.hankkiserver.api.common.PriceCategoryConverter;
 import org.hankki.hankkiserver.api.common.UserIdArgumentResolver;
@@ -8,13 +9,12 @@
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
-import java.util.List;
-
 @RequiredArgsConstructor
 @Configuration
 public class WebConfig implements WebMvcConfigurer {
 
     private final UserIdArgumentResolver userIdArgumentResolver;
+    private final PriceCategoryConverter priceCategoryConverter;
 
     @Override
     public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
@@ -23,6 +23,6 @@ public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers)
 
     @Override
     public void addFormatters(FormatterRegistry registry) {
-        registry.addConverter(new PriceCategoryConverter());
+        registry.addConverter(priceCategoryConverter);
     }
 }
diff --git a/src/main/java/org/hankki/hankkiserver/api/favorite/service/FavoriteCommandService.java b/src/main/java/org/hankki/hankkiserver/api/favorite/service/FavoriteCommandService.java
@@ -2,7 +2,7 @@
 
 import java.util.List;
 import lombok.RequiredArgsConstructor;
-import org.hankki.hankkiserver.api.auth.service.UserFinder;
+import org.hankki.hankkiserver.api.user.service.UserFinder;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoriteSharedPostCommand;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoriteStoreDeleteCommand;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoriteStorePostCommand;

diff --git a/src/main/java/org/hankki/hankkiserver/api/favorite/service/FavoriteQueryService.java b/src/main/java/org/hankki/hankkiserver/api/favorite/service/FavoriteQueryService.java
@@ -2,7 +2,7 @@
 
 import java.util.ArrayList;
 import lombok.RequiredArgsConstructor;
-import org.hankki.hankkiserver.api.auth.service.UserInfoFinder;
+import org.hankki.hankkiserver.api.user.service.UserInfoFinder;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoriteOwnershipGetCommand;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoritesGetCommand;
 import org.hankki.hankkiserver.api.favorite.service.command.FavoritesWithStatusGetCommand;