Merge pull request #64 from YAPP-Github/fix/PC-624-refresh-token-bug-fix

[PC-624] 리프레시 토큰 버그 수정
YAPP-Github · Feb 16, 2025 · 959d2ad · 959d2ad
2 parents 3ea50f7 + 19e62ff
commit 959d2ad
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 8 deletions.
diff --git a/api/src/main/java/org/yapp/domain/auth/presentation/LoginController.java b/api/src/main/java/org/yapp/domain/auth/presentation/LoginController.java
@@ -3,7 +3,6 @@
 import io.swagger.v3.oas.annotations.Operation;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.ModelAttribute;
@@ -53,10 +52,9 @@ public ResponseEntity<CommonResponse<OauthLoginResponse>> oauthLogin(
   @PatchMapping("/token/refresh")
   @Operation(summary = "토큰 리프레시", description = "accessToken과 refreshToken을 갱신합니다.", tags = {"로그인"})
   public ResponseEntity<CommonResponse<RefreshedTokensResponse>> refreshToken(
-      @RequestBody RefreshTokenRequest request,
-      @AuthenticationPrincipal Long userId) {
+      @RequestBody RefreshTokenRequest request) {
     RefreshedTokens refreshedTokens = refreshTokenService.getUserRefreshedTokens(
-        userId, request.getRefreshToken());
+        request.getRefreshToken());
     RefreshedTokensResponse response = new RefreshedTokensResponse(
         refreshedTokens.accessToken(), refreshedTokens.refreshToken());
     return ResponseEntity.ok(CommonResponse.createSuccess(response));

diff --git a/core/auth/src/main/java/org/yapp/core/auth/token/RefreshTokenService.java b/core/auth/src/main/java/org/yapp/core/auth/token/RefreshTokenService.java
@@ -27,13 +27,14 @@ public RefreshToken getUserRefreshToken(Long userId) {
   }
 
   @Transactional
-  public RefreshedTokens getUserRefreshedTokens(Long userId,
-      String refreshToken) {
+  public RefreshedTokens getUserRefreshedTokens(String refreshToken) {
+    Long userId = jwtUtil.getUserId(refreshToken);
+    String oauthId = jwtUtil.getOauthId(refreshToken);
+    String role = jwtUtil.getRole(refreshToken);
+
     String expectedRefreshToken = getUserRefreshToken(userId).getToken();
     validateRefreshToken(refreshToken, expectedRefreshToken);
 
-    String oauthId = jwtUtil.getOauthId(refreshToken);
-    String role = jwtUtil.getRole(refreshToken);
     AuthToken token = authTokenGenerator.generate(userId, oauthId, role);
     saveRefreshToken(userId, token.refreshToken());