FlipNote-User/src/main/java/flipnote/user/auth/presentation/OAuthController.java at d703857d1fe35ba1497295df42060706aaa8b728 · FlipNoteTeam/FlipNote-User · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package flipnote.user.auth.presentation;

import flipnote.user.auth.application.OAuthService;
import flipnote.user.auth.domain.AuthErrorCode;
import flipnote.user.global.exception.BizException;
import flipnote.user.auth.domain.TokenPair;
import flipnote.user.global.config.ClientProperties;
import flipnote.user.global.constants.HttpConstants;
import flipnote.user.global.util.CookieUtil;
import flipnote.user.auth.infrastructure.jwt.JwtProvider;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;

import java.net.URI;

@Slf4j
@RestController
@RequiredArgsConstructor
public class OAuthController {

    private final OAuthService oAuthService;
    private final JwtProvider jwtProvider;
    private final ClientProperties clientProperties;

    @GetMapping("/oauth2/authorization/{provider}")
    public ResponseEntity<Void> redirectToProvider(
            @PathVariable String provider,
            @RequestHeader(value = HttpConstants.USER_ID_HEADER, required = false) Long userId,
            HttpServletRequest request) {
        OAuthService.AuthorizationRedirect redirect = oAuthService.getAuthorizationUri(provider, request, userId);

        return ResponseEntity.status(HttpStatus.FOUND)
                .header(HttpHeaders.SET_COOKIE, redirect.verifierCookie().toString())
                .location(URI.create(redirect.authorizeUri()))
                .build();
    }

    @GetMapping("/oauth2/callback/{provider}")
    public ResponseEntity<Void> handleCallback(
            @PathVariable String provider,
            @RequestParam String code,
            @RequestParam(required = false) String state,
            @CookieValue(HttpConstants.OAUTH_VERIFIER_COOKIE) String codeVerifier,
            HttpServletRequest request,
            HttpServletResponse response) {

        CookieUtil.deleteCookie(response, HttpConstants.OAUTH_VERIFIER_COOKIE);

        boolean isSocialLinkRequest = StringUtils.hasText(state);
        if (isSocialLinkRequest) {
            return handleSocialLink(provider, code, state, codeVerifier, request);
        }
        return handleSocialLogin(provider, code, codeVerifier, request, response);
    }

    private ResponseEntity<Void> handleSocialLogin(String provider, String code, String codeVerifier,
                                                    HttpServletRequest request, HttpServletResponse response) {
        try {
            TokenPair tokenPair = oAuthService.socialLogin(provider, code, codeVerifier, request);
            CookieUtil.addCookie(response, HttpConstants.ACCESS_TOKEN_COOKIE, tokenPair.accessToken(),
                    jwtProvider.getAccessTokenExpiration() / 1000);
            CookieUtil.addCookie(response, HttpConstants.REFRESH_TOKEN_COOKIE, tokenPair.refreshToken(),
                    jwtProvider.getRefreshTokenExpiration() / 1000);
            return ResponseEntity.status(HttpStatus.FOUND)
                    .location(URI.create(clientProperties.getUrl() + clientProperties.getPaths().getSocialLoginSuccess()))
                    .build();
        } catch (Exception e) {
            log.warn("소셜 로그인 처리 실패. provider: {}", provider, e);
            return ResponseEntity.status(HttpStatus.FOUND)
                    .location(URI.create(clientProperties.getUrl() + clientProperties.getPaths().getSocialLoginFailure()))
                    .build();
        }
    }

    private ResponseEntity<Void> handleSocialLink(String provider, String code, String state,
                                                   String codeVerifier, HttpServletRequest request) {
        try {
            oAuthService.linkSocialAccount(provider, code, state, codeVerifier, request);
            return ResponseEntity.status(HttpStatus.FOUND)
                    .location(URI.create(clientProperties.getUrl() + clientProperties.getPaths().getSocialLinkSuccess()))
                    .build();
        } catch (BizException e) {
            log.warn("소셜 계정 연동 처리 실패. provider: {}", provider, e);
            if (e.getErrorCode() == AuthErrorCode.ALREADY_LINKED_SOCIAL_ACCOUNT) {
                return ResponseEntity.status(HttpStatus.FOUND)
                        .location(URI.create(clientProperties.getUrl() + clientProperties.getPaths().getSocialLinkConflict()))
                        .build();
            }
            return ResponseEntity.status(HttpStatus.FOUND)
                    .location(URI.create(clientProperties.getUrl() + clientProperties.getPaths().getSocialLinkFailure()))
                    .build();
        }
    }
}