OMZigak · tkdwns414 · Aug 7, 2024 · Aug 7, 2024 · Aug 7, 2024 · Aug 7, 2024
diff --git a/src/main/java/org/kkumulkkum/server/controller/AuthController.java b/src/main/java/org/kkumulkkum/server/controller/AuthController.java
@@ -1,6 +1,7 @@
 package org.kkumulkkum.server.controller;
 
 import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
 import lombok.RequiredArgsConstructor;
 import org.kkumulkkum.server.annotation.UserId;
@@ -37,7 +38,7 @@ public ResponseEntity<Void> signout(
 
     @PostMapping("/v1/auth/reissue")
     public ResponseEntity<JwtTokenDto> reissue(
-            @NotNull @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String refreshToken
+            @NotBlank @RequestHeader(AuthConstant.AUTHORIZATION_HEADER) final String refreshToken
     ) {
         return ResponseEntity.ok(authService.reissue(refreshToken));
     }

diff --git a/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java b/src/main/java/org/kkumulkkum/server/exception/code/AuthErrorCode.java
@@ -15,7 +15,7 @@ public enum AuthErrorCode implements DefaultErrorCode {
     EXPIRED_APPLE_IDENTITY_TOKEN(HttpStatus.BAD_REQUEST, 40014, "Apple Identity Token 유효기간이 만료됐습니다."),
     // 401 UNAUTHORIZED
     UNAUTHORIZED(HttpStatus.UNAUTHORIZED, 40110, "인증되지 않은 사용자입니다."),
-    INVALID_TOKEN(HttpStatus.UNAUTHORIZED, 40111, "액세스 토큰의 형식이 올바르지 않습니다."),
+    INVALID_TOKEN(HttpStatus.UNAUTHORIZED, 40111, "올바르지 않은 토큰입니다."),
     EXPIRED_TOKEN(HttpStatus.UNAUTHORIZED, 40112, "액세스 토큰이 만료되었습니다."),
     UNSUPPORTED_TOKEN(HttpStatus.UNAUTHORIZED, 40113, "지원하지 않는 토큰 형식입니다."),
     EMPTY_TOKEN(HttpStatus.UNAUTHORIZED, 40114, "토큰이 제공되지 않았습니다."),

diff --git a/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java b/src/main/java/org/kkumulkkum/server/service/auth/AuthService.java
@@ -55,7 +55,12 @@ public void signout(final Long userId) {
 
     @Transactional
     public JwtTokenDto reissue(final String refreshToken) {
-        Long userId = jwtTokenProvider.getUserIdFromJwt(refreshToken);
+        Long userId;
+        try{
+            userId = jwtTokenProvider.getUserIdFromJwt(refreshToken);
+        } catch (Exception e) {
+            throw new AuthException(AuthErrorCode.INVALID_TOKEN);
+        }
         Token token = tokenRetriever.findByRefreshToken(refreshToken);
 
         if(!userId.equals(token.getId())) {