[Feat/refresh-token-abstraction] - 리프레쉬 로직 추상화, Profile 분리

[ekgns33]

작업내역

• Dev, Local, Test, Prod에 모두 인메모리 RefreshToken 저장소를 쓰던 로직을 개선했습니다.

1. RefreshToken에 대한 접근 Repository로 추상화
2. InMemory, Database 구현체를 Profile에 맞게 주입하도록 코드 수정

• 2대 이상의 서버에서 리프레쉬 로직을 동일하게 동작시키기위해, 중앙 저장소인 데이터베이스를 활용했습니다. 추후 캐시를 도입한다면 캐시레이어로 해당 로직을 이전하는 것을 고려해봐요!
• Database 저장을 위해 스키마를 수정했습니다.

Summary by CodeRabbit

• New Features
  • Added persistent refresh token storage and management for user authentication, supporting both production and development environments.
  • Introduced refresh token expiration handling and error responses for expired or invalid tokens.
• Bug Fixes
  • Improved exception handling and error codes for token refresh failures.
• Tests
  • Added comprehensive tests for refresh token storage, validation, and refresh scenarios in various environments.
• Chores
  • Updated database schema to include a new table for user refresh tokens.
  • Enhanced configuration for environment-specific database and token settings.

[coderabbitai]

Walkthrough

This change introduces a persistent refresh token system for authentication. It adds JPA entities, repositories, and service logic to store and manage refresh tokens in both database and in-memory cache, depending on the environment. The schema is updated to include a new table for refresh tokens. Acceptance and unit tests are added to verify token refresh behavior.

Changes

File(s)	Change Summary
src/main/java/org/runimo/runimo/auth/domain/RefreshToken.java src/main/java/org/runimo/runimo/common/CreateUpdateAuditEntity.java	Added a JPA entity for refresh tokens and an auditable superclass to track creation and update times.
src/main/java/org/runimo/runimo/auth/repository/JwtTokenRepository.java DatabaseTokenRepository.java InMemoryTokenRepository.java RefreshTokenJpaRepository.java	Introduced a repository interface for refresh tokens, with database and in-memory implementations, and a JPA repository for DB access.
src/main/java/org/runimo/runimo/auth/service/TokenRefreshService.java	Refactored to use repository-based refresh token storage and validation, replacing in-memory cache logic.
src/main/java/org/runimo/runimo/config/CacheConfig.java	Changed the refresh token cache key type from String to Long for user ID consistency.
src/main/java/org/runimo/runimo/user/enums/UserHttpResponseCode.java	Added a new enum constant for refresh token expiration errors.
src/main/resources/sql/schema.sql src/test/resources/sql/schema.sql	Added SQL to create and drop a user_refresh_token table for storing refresh tokens.
src/test/java/org/runimo/runimo/auth/service/TokenRefreshAcceptanceTest.java TokenRefreshDevTest.java TokenRefreshLocalTest.java	Added acceptance and unit tests for refresh token storage and validation in different environments.
src/test/resources/application.yml	Added a dev profile with MySQL datasource and JWT expiration overrides.

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant TokenRefreshService
  participant JwtTokenRepository
  participant UserFinder
  participant JwtResolver
  participant JwtTokenFactory

  Client->>TokenRefreshService: putRefreshToken(userPublicId, refreshToken)
  TokenRefreshService->>UserFinder: findByPublicId(userPublicId)
  UserFinder-->>TokenRefreshService: User
  TokenRefreshService->>JwtTokenRepository: saveRefreshTokenWithUserId(userId, refreshToken)

  Client->>TokenRefreshService: refreshAccessToken(refreshToken)
  TokenRefreshService->>JwtResolver: verifyRefreshToken(refreshToken)
  JwtResolver-->>TokenRefreshService: userPublicId
  TokenRefreshService->>UserFinder: findByPublicId(userPublicId)
  UserFinder-->>TokenRefreshService: User
  TokenRefreshService->>JwtTokenRepository: findRefreshTokenByUserId(userId)
  JwtTokenRepository-->>TokenRefreshService: Optional<refreshToken>
  TokenRefreshService->>JwtTokenFactory: generateAccessToken(user)
  JwtTokenFactory-->>TokenRefreshService: accessToken
  TokenRefreshService-->>Client: TokenPair(accessToken, refreshToken)

Loading

Poem

Hopping through fields of code anew,
Refresh tokens now persist and queue!
In memory or database, safe and sound,
With tests and audits all around.
If your token’s expired, don’t feel blue—
The rabbit’s got a fresh one just for you!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Free

📥 Commits

Reviewing files that changed from the base of the PR and between 336e1ee and 8b6b745.

📒 Files selected for processing (15)

• src/main/java/org/runimo/runimo/auth/domain/RefreshToken.java (1 hunks)
• src/main/java/org/runimo/runimo/auth/repository/DatabaseTokenRepository.java (1 hunks)
• src/main/java/org/runimo/runimo/auth/repository/InMemoryTokenRepository.java (1 hunks)
• src/main/java/org/runimo/runimo/auth/repository/JwtTokenRepository.java (1 hunks)
• src/main/java/org/runimo/runimo/auth/repository/RefreshTokenJpaRepository.java (1 hunks)
• src/main/java/org/runimo/runimo/auth/service/TokenRefreshService.java (1 hunks)
• src/main/java/org/runimo/runimo/common/CreateUpdateAuditEntity.java (1 hunks)
• src/main/java/org/runimo/runimo/config/CacheConfig.java (1 hunks)
• src/main/java/org/runimo/runimo/user/enums/UserHttpResponseCode.java (1 hunks)
• src/main/resources/sql/schema.sql (2 hunks)
• src/test/java/org/runimo/runimo/auth/service/TokenRefreshAcceptanceTest.java (1 hunks)
• src/test/java/org/runimo/runimo/auth/service/TokenRefreshDevTest.java (1 hunks)
• src/test/java/org/runimo/runimo/auth/service/TokenRefreshLocalTest.java (1 hunks)
• src/test/resources/application.yml (1 hunks)
• src/test/resources/sql/schema.sql (2 hunks)

---

Note

🎁 Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://app.coderabbit.ai/login.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[ekgns33]

/gemini-review

[ekgns33]

• CI 오류는 데이터베이스를 활용하는 리프레쉬 로직 검증에서 발생했습니다. CI에서는 h2만을 사용하도록 설정되어있고 mysql에 대한 로직이 없습니다. 기존의 H2를 그대로 활용하도록 commit을 롤백했습니다.