⚙️ ON-226 프로파일에 따른 인증로직 분리

src/main/java/OneQ/OnSurvey/global/auth/application/strategy/AuthStrategy.java

@@ -0,0 +1,8 @@
+package OneQ.OnSurvey.global.auth.application.strategy;
+
+import OneQ.OnSurvey.domain.member.Member;
+import jakarta.servlet.http.HttpServletRequest;
+
+public interface AuthStrategy {
+    Member authenticate(HttpServletRequest request);
+}

src/main/java/OneQ/OnSurvey/global/auth/application/strategy/LocalAuthStrategy.java

@@ -0,0 +1,31 @@
+package OneQ.OnSurvey.global.auth.application.strategy;
+
+import OneQ.OnSurvey.domain.member.Member;
+import OneQ.OnSurvey.domain.member.value.MemberStatus;
+import OneQ.OnSurvey.domain.member.value.Role;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.NoArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Profile;
+import org.springframework.stereotype.Component;
+
+@Slf4j
+@Profile({"local", "docker-local"})
+@Component
+@NoArgsConstructor
+public class LocalAuthStrategy implements AuthStrategy {
+
+    static {
+        log.info("===== LocalAuthStrategy authenticate called =====");
+    }
+
+    @Override
+    public Member authenticate(HttpServletRequest request) {
+        return Member.builder()
+            .id(1L)
+            .userKey(1234567890L)
+            .role(Role.ROLE_MEMBER)
+            .status(MemberStatus.ACTIVE)
+            .build();
+    }
+}

src/main/java/OneQ/OnSurvey/global/auth/application/strategy/TossAuthStrategy.java

@@ -0,0 +1,33 @@
+package OneQ.OnSurvey.global.auth.application.strategy;
+
+import OneQ.OnSurvey.domain.member.Member;
+import OneQ.OnSurvey.domain.member.repository.MemberRepository;
+import OneQ.OnSurvey.global.auth.application.AuthUseCase;
+import OneQ.OnSurvey.global.infra.toss.common.dto.auth.LoginMeResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.stereotype.Component;
+
+@Slf4j
+@Profile("prod")
+@Component
+@RequiredArgsConstructor
+public class TossAuthStrategy implements AuthStrategy {
+
+    private final AuthUseCase authUseCase;
+    private final MemberRepository memberRepository;
+
+    static {
+        log.info("===== ProdAuthStrategy authenticate called =====");
+    }
+
+    @Override
+    public Member authenticate(HttpServletRequest request) {
+        LoginMeResponse.Success me = authUseCase.authenticateWithToss(request);
+        return memberRepository.findMemberByUserKey(me.userKey())
+            .orElseThrow(() -> new BadCredentialsException("member not found"));
+    }
+}

src/main/java/OneQ/OnSurvey/global/auth/filter/TossAuthFilter.java → src/main/java/OneQ/OnSurvey/global/auth/filter/AuthFilter.java

@@ -1,12 +1,10 @@
 package OneQ.OnSurvey.global.auth.filter;
 
 import OneQ.OnSurvey.domain.member.Member;
-import OneQ.OnSurvey.domain.member.repository.MemberRepository;
 import OneQ.OnSurvey.domain.member.value.MemberStatus;
-import OneQ.OnSurvey.global.auth.application.AuthUseCase;
+import OneQ.OnSurvey.global.auth.application.strategy.AuthStrategy;
 import OneQ.OnSurvey.global.auth.custom.CustomUserDetails;
 import OneQ.OnSurvey.global.common.exception.CustomException;
-import OneQ.OnSurvey.global.infra.toss.common.dto.auth.LoginMeResponse;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
@@ -26,10 +24,9 @@
 @Component
 @RequiredArgsConstructor
 @Slf4j
-public class TossAuthFilter extends OncePerRequestFilter {
+public class AuthFilter extends OncePerRequestFilter {
 
-    private final AuthUseCase authUseCase;
-    private final MemberRepository memberRepository;
+    private final AuthStrategy authStrategy;
     private final AuthenticationEntryPoint authenticationEntryPoint;
 
     @Override
@@ -57,22 +54,13 @@ protected boolean shouldNotFilter(HttpServletRequest req) {
     protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain)
             throws IOException, ServletException {
         try {
-            LoginMeResponse.Success me = authUseCase.authenticateWithToss(req);
-
-            Member member = memberRepository.findMemberByUserKey(me.userKey())
-                    .orElseThrow(() -> new BadCredentialsException("member not found"));
+            Member member = authStrategy.authenticate(req);
 
             if (!MemberStatus.isSameMemberStatus(member.getStatus(), MemberStatus.ACTIVE)) {
                 throw new BadCredentialsException("session expired");
             }
 
-            CustomUserDetails principal = new CustomUserDetails(
-                    Member.builder()
-                            .id(member.getId())
-                            .userKey(me.userKey())
-                            .role(member.getRole())
-                            .build()
-            );
+            CustomUserDetails principal = new CustomUserDetails(member);
             UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(principal, null, principal.getAuthorities());
             SecurityContextHolder.getContext().setAuthentication(auth);
 

src/main/java/OneQ/OnSurvey/global/common/config/SecurityConfig.java

@@ -1,9 +1,7 @@
 package OneQ.OnSurvey.global.common.config;
 
-import OneQ.OnSurvey.domain.member.repository.MemberRepository;
-import OneQ.OnSurvey.global.auth.application.AuthUseCase;
+import OneQ.OnSurvey.global.auth.filter.AuthFilter;
 import OneQ.OnSurvey.global.auth.filter.ExactBasicHeaderFilter;
-import OneQ.OnSurvey.global.auth.filter.TossAuthFilter;
 import OneQ.OnSurvey.global.common.handler.CustomAccessDeniedHandler;
 import OneQ.OnSurvey.global.common.handler.JWTAuthenticationEntryPoint;
 import lombok.RequiredArgsConstructor;
@@ -32,62 +30,54 @@ public class SecurityConfig {
 
     private final JWTAuthenticationEntryPoint jwtAuthenticationEntryPoint;
     private final CustomAccessDeniedHandler customAccessDeniedHandler;
-    private final MemberRepository memberRepository;
-    private final AuthUseCase authUseCase;
 
     private final String[] allowedUrls = {
-            "/",
-            "/swagger-ui/**",
-            "/v3/api-docs/**",
-            "/actuator/health",
-            "/auth/toss/login",
-            "/auth/reissue",
-            "/connect-out",
-            "/sentry-test/**",
-            "/toss/promotion/recheck-pending"
+        "/",
+        "/swagger-ui/**",
+        "/v3/api-docs/**",
+        "/actuator/health",
+        "/auth/toss/login",
+        "/auth/reissue",
+        "/connect-out",
+        "/sentry-test/**",
+        "/toss/promotion/recheck-pending"
     };
 
     @Bean
     public BCryptPasswordEncoder bCryptPasswordEncoder(){
         return new BCryptPasswordEncoder();
     }
 
-    @Bean
-    public TossAuthFilter tossAuthFilter() {
-        return new TossAuthFilter(authUseCase, memberRepository, jwtAuthenticationEntryPoint);
-    }
-
     @Bean @Order(2)
-    public SecurityFilterChain filterChain(HttpSecurity http, TossAuthFilter tossAuthFilter) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity http, AuthFilter authFilter) throws Exception {
         http
-                .csrf(AbstractHttpConfigurer::disable)
-                .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-                .authorizeHttpRequests(auth -> auth
-                        .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-                        .requestMatchers(allowedUrls).permitAll()
-                        .anyRequest().hasRole("MEMBER")
-                )
-                .addFilterBefore(tossAuthFilter, UsernamePasswordAuthenticationFilter.class)
-                .exceptionHandling(e -> e
-                        .authenticationEntryPoint(jwtAuthenticationEntryPoint)
-                        .accessDeniedHandler(customAccessDeniedHandler));
+            .csrf(AbstractHttpConfigurer::disable)
+            .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+            .authorizeHttpRequests(auth -> auth
+                .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+                .requestMatchers(allowedUrls).permitAll()
+                .anyRequest().hasRole("MEMBER")
+            )
+            .addFilterBefore(authFilter, UsernamePasswordAuthenticationFilter.class)
+            .exceptionHandling(e -> e
+                .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+                .accessDeniedHandler(customAccessDeniedHandler));
         return http.build();
     }
 
     @Bean @Order(1)
-    public SecurityFilterChain tossUnlinkChain(HttpSecurity http)
-            throws Exception {
+    public SecurityFilterChain tossUnlinkChain(HttpSecurity http) throws Exception {
         http
-                .securityMatcher("/connect-out")
-                .csrf(AbstractHttpConfigurer::disable)
-                .authorizeHttpRequests(auth -> auth
-                        .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-                        .anyRequest().permitAll())
-                .httpBasic(AbstractHttpConfigurer::disable)
-                .addFilterBefore(new ExactBasicHeaderFilter(expectedHeader), UsernamePasswordAuthenticationFilter.class)
-                .exceptionHandling(e -> e
-                        .authenticationEntryPoint(jwtAuthenticationEntryPoint)
-                        .accessDeniedHandler(customAccessDeniedHandler));
+            .securityMatcher("/connect-out")
+            .csrf(AbstractHttpConfigurer::disable)
+            .authorizeHttpRequests(auth -> auth
+                .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+                .anyRequest().permitAll())
+            .httpBasic(AbstractHttpConfigurer::disable)
+            .addFilterBefore(new ExactBasicHeaderFilter(expectedHeader), UsernamePasswordAuthenticationFilter.class)
+            .exceptionHandling(e -> e
+                .authenticationEntryPoint(jwtAuthenticationEntryPoint)
+                .accessDeniedHandler(customAccessDeniedHandler));
         return http.build();
     }
 }