refresh token 요청시 token 자체 검증만 진행

11 months ago · 38d210acd3
3 changed files with 39 additions and 2 deletions
--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/service/JwtService.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/service/JwtService.java
@ -15,6 +15,7 @@ import com.palnet.comn.code.ErrorCode;
 import com.palnet.comn.exception.CustomException;
 import com.palnet.comn.utils.EncryptUtils;
 import com.palnet.comn.utils.HttpUtils;
+import io.jsonwebtoken.Claims;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@ -217,12 +218,22 @@ public class JwtService {
     * @return
     */
    public JwtRsModel findRefreshtoken(int cstmrSno, String refreshToken) throws Exception {
+        // refresh 토큰 검증 - DB에서 저장한 refresh token 비교 - 최근 로그인한 정보만 가지고 있음
+        /*
        JwtUserModel userDetails = query.findRefreshtoken(cstmrSno, refreshToken);

        if (userDetails == null) {
            return null;
        }

+         */
+        // refresh 토큰 검증 - refresh token의 유효성만 판단.
+        Claims claims = jwtTokenUtil.getAllClaimsFromToken(refreshToken);
+        Integer cstmrSnoByRefreshToken = claims.get("cstmrSno", Integer.class);
+        if(cstmrSnoByRefreshToken != cstmrSno) return null;
+
+        JwtUserModel userDetails = query.findByIdForrefreshToken(cstmrSno);
+
        String createAccessToken = jwtTokenUtil.generateToken(userDetails);
        String createRefreshToken = jwtTokenUtil.generateRefreshToken(userDetails);

--- a/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
+++ b/pav-server/src/main/java/com/palnet/biz/api/acnt/jwt/utils/JwtTokenUtil.java
@ -51,15 +51,16 @@ public class JwtTokenUtil implements Serializable {
    }

    //for retrieveing any information from token we will need the secret key
-    private Claims getAllClaimsFromToken(String token) {
+    public Claims getAllClaimsFromToken(String token) {
        return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
    }

+
    //check if the token has expired
    // 토큰이 만료되었는지 확인한다.
    private Boolean isTokenExpired(String token) {
        final Date expiration = getExpirationDateFromToken(token);
-//        log.debug(">>>" + expiration);
+//        log.debug(">>>" + expiration);getExpirationDateFromToken
        return expiration.before(new Date());
    }

--- a/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
+++ b/pav-server/src/main/java/com/palnet/biz/jpa/repository/pty/PtyCstmrQueryRepository.java
@ -238,6 +238,31 @@ public class PtyCstmrQueryRepository {
        }
    }

+
+    public JwtUserModel findByIdForrefreshToken(int cstmrSno) {
+        QPtyCstmrBas basEntity = QPtyCstmrBas.ptyCstmrBas;
+        BooleanBuilder builder = new BooleanBuilder();
+        builder.and(basEntity.cstmrSno.eq(cstmrSno));
+
+        PtyCstmrBas entity = query.select(basEntity)
+                .from(basEntity)
+                .where(builder)
+                .fetchFirst();
+
+        if (entity != null) {
+            JwtUserModel model = new JwtUserModel();
+            model.setAuth(entity.getAuthId());
+            model.setUserId(entity.getUserId());
+            model.setCstmrSno(entity.getCstmrSno());
+            model.setCstmrStatusCd(entity.getCstmrStatusCd());
+            model.setUserPswd(entity.getUserPswd());
+
+            return model;
+
+        } else {
+            return null;
+        }
+    }
    public List<AnctCstmerRlModel> list(int cstmrSno) {
        QPtyCstmrBas bas = QPtyCstmrBas.ptyCstmrBas;
        QPtyCstmrDtl dtl = QPtyCstmrDtl.ptyCstmrDtl;