diff --git a/src/main/java/org/kkumulkkum/server/controller/AuthController.java b/src/main/java/org/kkumulkkum/server/controller/AuthController.java index 0fbd2a4..381b2d6 100644 --- a/src/main/java/org/kkumulkkum/server/controller/AuthController.java +++ b/src/main/java/org/kkumulkkum/server/controller/AuthController.java @@ -1,7 +1,7 @@ package org.kkumulkkum.server.controller; import jakarta.validation.Valid; -import jakarta.validation.constraints.NotNull; +import jakarta.validation.constraints.NotBlank; import lombok.RequiredArgsConstructor; import org.kkumulkkum.server.annotation.UserId; import org.kkumulkkum.server.constant.AuthConstant; @@ -20,7 +20,7 @@ public class AuthController { @PostMapping("/v1/auth/signin") public ResponseEntity signin( - @NotNull @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String providerToken, + @NotBlank @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String providerToken, @Valid @RequestBody final UserLoginDto userLoginDto ) { return ResponseEntity.ok(authService.signin(providerToken, userLoginDto)); @@ -37,7 +37,7 @@ public ResponseEntity signout( @PostMapping("/v1/auth/reissue") public ResponseEntity reissue( - @NotNull @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String refreshToken + @NotBlank @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String refreshToken ) { return ResponseEntity.ok(authService.reissue(refreshToken)); } diff --git a/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java b/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java index 15cf07d..2aeb3d6 100644 --- a/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java +++ b/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java @@ -15,7 +15,7 @@ public enum AuthErrorCode implements DefaultErrorCode { EXPIRED_APPLE_IDENTITY_TOKEN(HttpStatus.BAD_REQUEST, 40014, "Apple Identity Token 유효기간이 만료됐습니다."), // 401 UNAUTHORIZED UNAUTHORIZED(HttpStatus.UNAUTHORIZED, 40110, "인증되지 않은 사용자입니다."), - INVALID_TOKEN(HttpStatus.UNAUTHORIZED, 40111, "액세스 토큰의 형식이 올바르지 않습니다."), + INVALID_TOKEN(HttpStatus.UNAUTHORIZED, 40111, "올바르지 않은 토큰입니다."), EXPIRED_TOKEN(HttpStatus.UNAUTHORIZED, 40112, "액세스 토큰이 만료되었습니다."), UNSUPPORTED_TOKEN(HttpStatus.UNAUTHORIZED, 40113, "지원하지 않는 토큰 형식입니다."), EMPTY_TOKEN(HttpStatus.UNAUTHORIZED, 40114, "토큰이 제공되지 않았습니다."), diff --git a/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java b/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java index 26db6dc..50ee6ba 100644 --- a/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java +++ b/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java @@ -55,7 +55,12 @@ public void signout(final Long userId) { @Transactional public JwtTokenDto reissue(final String refreshToken) { - Long userId = jwtTokenProvider.getUserIdFromJwt(refreshToken); + Long userId; + try{ + userId = jwtTokenProvider.getUserIdFromJwt(refreshToken); + } catch (Exception e) { + throw new AuthException(AuthErrorCode.INVALID_TOKEN); + } Token token = tokenRetriever.findByRefreshToken(refreshToken); if(!userId.equals(token.getId())) {