EscapeFrame · Hgyeol · Dec 1, 2025 · Dec 1, 2025
diff --git a/src/main/java/hello/cluebackend/infrastructure/security/jwt/AppJwtToken.java b/src/main/java/hello/cluebackend/infrastructure/security/jwt/AppJwtToken.java
@@ -0,0 +1,14 @@
+package hello.cluebackend.infrastructure.security.jwt;
+
+import lombok.*;
+
+@Getter
+@Setter
+@Builder
+@NoArgsConstructor
+@AllArgsConstructor
+public class AppJwtToken {
+
+    private String accessToken;
+    private String refreshToken;
+}
diff --git a/src/main/java/hello/cluebackend/infrastructure/security/jwt/AuthController.java b/src/main/java/hello/cluebackend/infrastructure/security/jwt/AuthController.java
@@ -23,11 +23,16 @@ public AuthController(RefreshTokenService refreshTokenService) {
     }
 
     @PostMapping("/reissue")
-    public ResponseEntity<?> refreshToken(HttpServletRequest request, HttpServletResponse response) {
+    public ResponseEntity<Void> refreshToken(HttpServletRequest request, HttpServletResponse response) {
         refreshTokenService.reissueRefreshToken(request, response);
         return new ResponseEntity<>(HttpStatus.OK);
     }
 
+    @PostMapping("/app/reissue")
+    public ResponseEntity<AppJwtToken> appRefreshToken(HttpServletRequest request) {
+        return ResponseEntity.status(HttpStatus.OK).body(refreshTokenService.reissueRefreshToken(request));
+    }
+
     @PostMapping("/api/logout")
     public ResponseEntity<?> logout(HttpServletRequest request, HttpServletResponse response) {
         System.out.println("logout request");

diff --git a/src/main/java/hello/cluebackend/infrastructure/security/jwt/RefreshTokenService.java b/src/main/java/hello/cluebackend/infrastructure/security/jwt/RefreshTokenService.java
@@ -64,6 +64,38 @@ public void reissueRefreshToken(HttpServletRequest request, HttpServletResponse
         response.addCookie(createCookie("refresh_token", newRefreshToken));
     }
 
+    public AppJwtToken reissueRefreshToken(HttpServletRequest request) throws AuthenticationCredentialsNotFoundException {
+        String refreshToken = getString(request);
+
+        jwtUtil.isExpired(refreshToken);
+
+        String category = jwtUtil.getCategory(refreshToken);
+
+        if (!"refresh".equals(category)) {
+            throw new AuthenticationCredentialsNotFoundException("Invalid refresh token");
+        }
+
+        if (!existsByRefresh(refreshToken)) {
+            throw new AuthenticationCredentialsNotFoundException("Invalid refresh token");
+        }
+
+        String username = jwtUtil.getUsername(refreshToken);
+        String role = jwtUtil.getRole(refreshToken).name();
+        UUID userId = jwtUtil.getUserId(refreshToken);
+        String email = jwtUtil.getEmail(refreshToken);
+
+
+        String newAccessToken = jwtUtil.createJwt("access", userId, username, email, role, 60*60*1000L);
+        String newRefreshToken = jwtUtil.createJwt("refresh", userId, username, email, role,24 * 60 * 60 * 1000L);
+
+        saveRefreshToken(newRefreshToken, username);
+        deleteByRefresh(refreshToken);
+        return AppJwtToken.builder()
+                .accessToken(newAccessToken)
+                .refreshToken(newRefreshToken)
+                .build();
+    }
+
     @NotNull
     private static String getString(HttpServletRequest request) {
         String refreshToken = null;