feat: (#22) 로그인 시 헤더 검증 방법 변경

codesquad-members-2021 · Jun 21, 2021 · 80519c3 · 80519c3
1 parent 21eb6f9
commit 80519c3
Show file tree

Hide file tree

Showing 11 changed files with 77 additions and 64 deletions.
diff --git a/BE/src/main/java/com/issuetracker/auth/GitHubOAuth.java b/BE/src/main/java/com/issuetracker/auth/GitHubOAuth.java
@@ -35,10 +35,10 @@ public GitHubOAuth(GitHubService gitHubService,
     }
 
     @Override
-    public AccessTokenResponseDTO getToken(String code, String host) {
+    public AccessTokenResponseDTO getToken(String code, String userAgent) {
         AccessTokenRequestDTO accessTokenRequest = AccessTokenRequestDTO.builder()
-                .clientId(gitHubService.getClientId(host))
-                .clientSecret(gitHubService.getClientSecret(host))
+                .clientId(gitHubService.getClientId(userAgent))
+                .clientSecret(gitHubService.getClientSecret(userAgent))
                 .code(code)
                 .build();
 

diff --git a/BE/src/main/java/com/issuetracker/auth/OAuth.java b/BE/src/main/java/com/issuetracker/auth/OAuth.java
@@ -5,7 +5,7 @@
 
 public interface OAuth {
 
-    AccessTokenResponseDTO getToken(String code, String host);
+    AccessTokenResponseDTO getToken(String code, String userAgent);
 
     OAuthUserResponseDTO getUserInfo(String token);
 }
diff --git a/BE/src/main/java/com/issuetracker/auth/dto/UserAgentDTO.java b/BE/src/main/java/com/issuetracker/auth/dto/UserAgentDTO.java
@@ -0,0 +1,15 @@
+package com.issuetracker.auth.dto;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Setter;
+
+@Setter
+public class UserAgentDTO {
+
+    @JsonProperty("User-Agent")
+    private String userAgent;
+
+    public String getUserAgent() {
+        return userAgent.split("/")[0];
+    }
+}
diff --git a/.../auth/exception/UnknownHostException.java → .../exception/UnknownUserAgentException.java b/.../auth/exception/UnknownHostException.java → .../exception/UnknownUserAgentException.java
@@ -4,9 +4,9 @@
 import org.springframework.web.bind.annotation.ResponseStatus;
 
 @ResponseStatus(HttpStatus.BAD_REQUEST)
-public class UnknownHostException extends OAuthException {
+public class UnknownUserAgentException extends OAuthException {
 
-    public UnknownHostException() {
-        super("Unknown host detected.");
+    public UnknownUserAgentException() {
+        super("Unknown User-Agent detected.");
     }
 }
diff --git a/BE/src/main/java/com/issuetracker/auth/service/GitHubService.java b/BE/src/main/java/com/issuetracker/auth/service/GitHubService.java
@@ -1,6 +1,6 @@
 package com.issuetracker.auth.service;
 
-import com.issuetracker.auth.exception.UnknownHostException;
+import com.issuetracker.auth.exception.UnknownUserAgentException;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
@@ -22,23 +22,23 @@ public GitHubService(@Value("${github.web.client.id}") String frontClientId,
         this.iOSClientSecret = iOSClientSecret;
     }
 
-    public String getClientId(String host) {
-        if (Host.isFront(host)) {
+    public String getClientId(String userAgent) {
+        if (UserAgent.isFront(userAgent)) {
             return frontClientId;
         }
-        if (Host.isIOS(host)) {
+        if (UserAgent.isIOS(userAgent)) {
             return iOSClientId;
         }
-        throw new UnknownHostException();
+        throw new UnknownUserAgentException();
     }
 
-    public String getClientSecret(String host) {
-        if (Host.isFront(host)) {
+    public String getClientSecret(String userAgent) {
+        if (UserAgent.isFront(userAgent)) {
             return frontClientSecret;
         }
-        if (Host.isIOS(host)) {
+        if (UserAgent.isIOS(userAgent)) {
             return iOSClientSecret;
         }
-        throw new UnknownHostException();
+        throw new UnknownUserAgentException();
     }
 }
diff --git a/BE/src/main/java/com/issuetracker/auth/service/Host.java b/BE/src/main/java/com/issuetracker/auth/service/Host.java
diff --git a/BE/src/main/java/com/issuetracker/auth/service/UserAgent.java b/BE/src/main/java/com/issuetracker/auth/service/UserAgent.java
@@ -0,0 +1,23 @@
+package com.issuetracker.auth.service;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+@Getter
+@RequiredArgsConstructor
+enum UserAgent {
+
+    POSTMAN("PostmanRuntime"),
+    FRONT("Mozilla"),
+    IOS("IssueTrackerIOS");
+
+    private final String userAgent;
+
+    public static boolean isFront(String userAgent) {
+        return FRONT.userAgent.equals(userAgent) || POSTMAN.userAgent.equals(userAgent);
+    }
+
+    public static boolean isIOS(String userAgent) {
+        return IOS.userAgent.equals(userAgent) || POSTMAN.userAgent.equals(userAgent);
+    }
+}
diff --git a/BE/src/main/java/com/issuetracker/config/HostHeaderConverter.java b/BE/src/main/java/com/issuetracker/config/HostHeaderConverter.java
diff --git a/BE/src/main/java/com/issuetracker/config/UserAgentHeaderConverter.java b/BE/src/main/java/com/issuetracker/config/UserAgentHeaderConverter.java
@@ -0,0 +1,16 @@
+package com.issuetracker.config;
+
+import com.issuetracker.auth.dto.UserAgentDTO;
+import org.springframework.core.convert.converter.Converter;
+import org.springframework.stereotype.Component;
+
+@Component
+public class UserAgentHeaderConverter implements Converter<String, UserAgentDTO> {
+
+    @Override
+    public UserAgentDTO convert(String userAgent) {
+        UserAgentDTO userAgentDTO = new UserAgentDTO();
+        userAgentDTO.setUserAgent(userAgent);
+        return userAgentDTO;
+    }
+}
diff --git a/BE/src/main/java/com/issuetracker/service/UserService.java b/BE/src/main/java/com/issuetracker/service/UserService.java
@@ -2,8 +2,8 @@
 
 import com.issuetracker.auth.OAuth;
 import com.issuetracker.auth.dto.AccessTokenResponseDTO;
-import com.issuetracker.auth.dto.HostDTO;
 import com.issuetracker.auth.dto.OAuthUserResponseDTO;
+import com.issuetracker.auth.dto.UserAgentDTO;
 import com.issuetracker.auth.service.JwtService;
 import com.issuetracker.domain.user.User;
 import com.issuetracker.domain.user.UserRepository;
@@ -33,8 +33,8 @@ public List<User> findAssignees(List<Long> assigneeIdList) {
         return userRepository.findAllById(assigneeIdList);
     }
 
-    public UserResponseDTO login(String code, HostDTO host) {
-        AccessTokenResponseDTO token = oauth.getToken(code, host.getHost());
+    public UserResponseDTO login(String code, UserAgentDTO userAgentDTO) {
+        AccessTokenResponseDTO token = oauth.getToken(code, userAgentDTO.getUserAgent());
         OAuthUserResponseDTO userInfo = oauth.getUserInfo(token.getAccessToken());
         if (verifyUser(userInfo.getLogin())) {
             User user = findUserByUserName(userInfo.getLogin());

diff --git a/BE/src/main/java/com/issuetracker/web/UserController.java b/BE/src/main/java/com/issuetracker/web/UserController.java
@@ -2,7 +2,7 @@
 
 import com.issuetracker.auth.annotation.LoginRequired;
 import com.issuetracker.auth.annotation.UserId;
-import com.issuetracker.auth.dto.HostDTO;
+import com.issuetracker.auth.dto.UserAgentDTO;
 import com.issuetracker.service.UserService;
 import com.issuetracker.web.dto.response.AssigneesResponseDTO;
 import com.issuetracker.web.dto.response.AuthorsResponseDTO;
@@ -21,10 +21,10 @@ public class UserController {
     private final Logger logger = LoggerFactory.getLogger(UserController.class);
 
     @PostMapping("/login")
-    public UserResponseDTO login(@RequestHeader(name = "Host") HostDTO host, @RequestParam String code) {
+    public UserResponseDTO login(@RequestHeader(name = "User-Agent") UserAgentDTO userAgentDTO, @RequestParam String code) {
         logger.debug("로그인 요청");
-        logger.info("호스트 헤더 확인: {}", host.toString());
-        return userService.login(code, host);
+        logger.info("호스트 헤더 확인: {}", userAgentDTO.getUserAgent());
+        return userService.login(code, userAgentDTO);
     }
 
     @GetMapping("/logout")