bsideproject · snanoh · Aug 18, 2022 · Aug 19, 2022 · Aug 23, 2022 · Aug 27, 2022
diff --git a/src/main/kotlin/com/bside/common/util/CookieUtil.kt b/src/main/kotlin/com/bside/common/util/CookieUtil.kt
@@ -1,21 +1,18 @@
 package com.bside.common.util
 
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.http.ResponseCookie
+import org.springframework.stereotype.Component
 import org.springframework.util.SerializationUtils
 import java.util.*
 import javax.servlet.http.Cookie
 import javax.servlet.http.HttpServletRequest
 import javax.servlet.http.HttpServletResponse
 
-
-
-
-
-
-
-class CookieUtil {
+class CookieUtil() {
 
     companion object {
+
         fun getCookie(request: HttpServletRequest, name: String): Cookie? {
             val cookies: Array<Cookie>? = request.cookies
             if (cookies != null && cookies.isNotEmpty()) {
@@ -36,6 +33,14 @@ class CookieUtil {
             response.addCookie(cookie)
         }
 
+        fun addLocalCookie(response: HttpServletResponse, name: String?, value: String?, maxAge: Int) {
+            val cookie = Cookie(name, value)
+            cookie.path = "/"
+            cookie.isHttpOnly = true
+            cookie.maxAge = maxAge
+            response.addCookie(cookie)
+        }
+
         fun addSecureCookie(
             response: HttpServletResponse,
             cookieMaxAge: Long,
@@ -44,13 +49,9 @@ class CookieUtil {
         ) {
             val cookie: ResponseCookie = ResponseCookie.from(key, value)
                 .path("/")
-                .secure(true)
-                .sameSite("None")
-                .httpOnly(false)
                 .maxAge(cookieMaxAge)
                 .domain("localhost")
                 .build()
-
             response.addHeader("Set-Cookie", cookie.toString())
         }
 

diff --git a/src/main/kotlin/com/bside/config/WebConfig.kt b/src/main/kotlin/com/bside/config/WebConfig.kt
@@ -9,8 +9,9 @@ class WebConfig: WebMvcConfigurer {
 
     override fun addCorsMappings(registry: CorsRegistry) {
         registry.addMapping("/**")
-            .exposedHeaders("X-AUTH_TOKEN")
+            //.exposedHeaders("X-AUTH_TOKEN")
             .allowCredentials(true)
+            .allowedMethods("*")
             .allowedOriginPatterns("*")
     }
 }
diff --git a/src/main/kotlin/com/bside/oauth/handler/OAuth2AuthenticationSuccessHandler.kt b/src/main/kotlin/com/bside/oauth/handler/OAuth2AuthenticationSuccessHandler.kt
@@ -81,11 +81,11 @@ class OAuth2AuthenticationSuccessHandler(
             tokenDto: TokenResponseDto,
             refreshToken: RefreshToken
     ) {
-        val cookieMaxAge: Long = (TokenProvider.REFRESH_TOKEN_EXPIRE_TIME / 1000).toLong()
-        CookieUtil.addSecureCookie(response, cookieMaxAge, ACCESS_TOKEN, tokenDto.accessToken!!)
-        CookieUtil.addSecureCookie(response, cookieMaxAge, REFRESH_TOKEN, refreshToken.value)
-        //CookieUtil.addCookie(response, ACCESS_TOKEN, tokenDto.accessToken!!, cookieMaxAge)
-        //CookieUtil.addCookie(response, REFRESH_TOKEN, refreshToken.value, cookieMaxAge)
+        val cookieMaxAge = TokenProvider.REFRESH_TOKEN_EXPIRE_TIME / 1000
+        //CookieUtil.addSecureCookie(response, cookieMaxAge, ACCESS_TOKEN, tokenDto.accessToken!!)
+        //CookieUtil.addSecureCookie(response, cookieMaxAge, REFRESH_TOKEN, refreshToken.value)
+        CookieUtil.addCookie(response, ACCESS_TOKEN, tokenDto.accessToken!!, cookieMaxAge)
+        CookieUtil.addCookie(response, REFRESH_TOKEN, refreshToken.value, cookieMaxAge)
     }