Skip to content

Commit

Permalink
fix: 모든 쿠키 secure 적용되도록 변경
Browse files Browse the repository at this point in the history
  • Loading branch information
@parksey
parksey committed Nov 11, 2023
1 parent 30225cb commit 495938b
Show file tree
Hide file tree
Showing 9 changed files with 19 additions and 23 deletions.
3 changes: 1 addition & 2 deletions src/main/java/com/moabam/api/application/AuthorizationService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,8 +121,7 @@ private MultiValueMap<String, String> generateTokenRequest(AuthorizationTokenReq

public void issueServiceToken(HttpServletResponse response, PublicClaim publicClaim) {
response.addCookie(
CookieUtils.typeCookie("token_type", "Bearer",
tokenConfig.getRefreshExpire()));
CookieUtils.typeCookie("Bearer", tokenConfig.getRefreshExpire()));
response.addCookie(
CookieUtils.tokenCookie("access_token", jwtProviderService.provideAccessToken(publicClaim),
tokenConfig.getRefreshExpire()));
Expand Down
2 changes: 1 addition & 1 deletion ...abam/global/common/util/PathResolver.java → ...m/global/common/handler/PathResolver.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.moabam.global.common.util;
package com.moabam.global.common.handler;

import static java.util.Objects.*;

Expand Down
19 changes: 7 additions & 12 deletions src/main/java/com/moabam/global/common/util/CookieUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,25 +8,20 @@
public class CookieUtils {

public static Cookie tokenCookie(String name, String value, long expireTime) {
Cookie cookie = new Cookie(name, value);
basic(cookie, expireTime);
secure(cookie);
return cookie;
return basic(name, value, expireTime);
}

public static Cookie typeCookie(String name, String value, long expireTime) {
Cookie cookie = new Cookie(name, value);
basic(cookie, expireTime);
return cookie;
public static Cookie typeCookie(String value, long expireTime) {
return basic("token_type", value, expireTime);
}

private static void secure(Cookie cookie) {
private static Cookie basic(String name, String value, long expireTime) {
Cookie cookie = new Cookie(name, value);
cookie.setSecure(true);
}

private static void basic(Cookie cookie, long expireTime) {
cookie.setHttpOnly(true);
cookie.setPath("/");
cookie.setMaxAge((int)expireTime);

return cookie;
}
}
2 changes: 1 addition & 1 deletion src/main/java/com/moabam/global/config/WebConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

import com.moabam.global.common.handler.CurrentMemberArgumentResolver;
import com.moabam.global.common.util.PathResolver;
import com.moabam.global.common.handler.PathResolver;

@Configuration
public class WebConfig implements WebMvcConfigurer {
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/com/moabam/global/filter/PathFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import com.moabam.global.common.util.PathResolver;
import com.moabam.global.common.handler.PathResolver;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
Expand Down
4 changes: 3 additions & 1 deletion .../global/common/util/PathResolverTest.java → ...obal/common/handler/PathResolverTest.java
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.moabam.global.common.util;
package com.moabam.global.common.handler;

import static com.moabam.api.domain.entity.enums.Role.*;
import static org.assertj.core.api.Assertions.*;
Expand All @@ -10,6 +10,8 @@
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;

import com.moabam.global.common.handler.PathResolver;

class PathResolverTest {

@DisplayName("path 기본 생성 성공")
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/com/moabam/global/filter/PathFilterTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

import com.moabam.global.common.util.PathResolver;
import com.moabam.global.common.handler.PathResolver;

import jakarta.servlet.ServletException;

Expand Down
6 changes: 3 additions & 3 deletions src/test/java/com/moabam/support/common/WithFilterSupporter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,11 @@ void setUpMockMvc(RestDocumentationContextProvider contextProvider) {
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext)
.apply(RestDocsFactory.restdocs(contextProvider))
.defaultRequest(get("/")
.cookie(CookieUtils.typeCookie("token_type", "Bearer", tokenConfig.getRefreshExpire()))
.cookie(CookieUtils.typeCookie("access_token",
.cookie(CookieUtils.typeCookie("Bearer", tokenConfig.getRefreshExpire()))
.cookie(CookieUtils.tokenCookie("access_token",
jwtProviderService.provideAccessToken(PublicClaimFixture.publicClaim()),
tokenConfig.getRefreshExpire()))
.cookie(CookieUtils.typeCookie("refresh_token",
.cookie(CookieUtils.tokenCookie("refresh_token",
jwtProviderService.provideRefreshToken(),
tokenConfig.getRefreshExpire())))
.build();
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/com/moabam/support/common/WithoutFilterSupporter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
import com.moabam.api.application.AuthorizationService;
import com.moabam.api.application.JwtAuthenticationService;
import com.moabam.api.domain.entity.enums.Role;
import com.moabam.global.common.util.PathResolver;
import com.moabam.global.common.handler.PathResolver;

@ExtendWith({FilterProcessExtension.class})
public class WithoutFilterSupporter {
Expand Down

0 comments on commit 495938b

Please sign in to comment.