Merge pull request #61 from WishWesee/develop

jisujeong0 · web-flow · commit 5e972226f2a3 · 2025-02-01T16:53:44.000+09:00
[DEPLOY]
diff --git a/src/main/java/depth/main/wishwesee/global/config/security/OAuth2Config.java b/src/main/java/depth/main/wishwesee/global/config/security/OAuth2Config.java
@@ -1,37 +1,31 @@
 package depth.main.wishwesee.global.config.security;
 
+import lombok.Data;
 import lombok.Getter;
-import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
 import java.util.ArrayList;
 import java.util.List;
 
+@Getter
 @Configuration
 @ConfigurationProperties(prefix = "app")
-@Getter
 public class OAuth2Config {
     private final Auth auth = new Auth();
     private final OAuth2 oauth2 = new OAuth2();
 
-    @Getter
-    @Setter
+    @Data
     public static class Auth {
         private String tokenSecret;
         private long accessTokenExpirationMsec;
         private long refreshTokenExpirationMsec;
     }
 
     @Getter
-    @Setter
     public static final class OAuth2 {
         private List<String> authorizedRedirectUris = new ArrayList<>();
 
-        public List<String> getAuthorizedRedirectUris() {
-            return authorizedRedirectUris;
-        }
-
         public OAuth2 authorizedRedirectUris(List<String> authorizedRedirectUris) {
             this.authorizedRedirectUris = authorizedRedirectUris;
             return this;
diff --git a/src/main/java/depth/main/wishwesee/global/config/security/auth/OAuth2UserInfo.java b/src/main/java/depth/main/wishwesee/global/config/security/auth/OAuth2UserInfo.java
@@ -1,18 +1,17 @@
 package depth.main.wishwesee.global.config.security.auth;
 
+import lombok.Getter;
+
 import java.util.Map;
 
+@Getter
 public abstract class OAuth2UserInfo {
     protected Map<String, Object> attributes;
 
     public OAuth2UserInfo(Map<String, Object> attributes) {
         this.attributes = attributes;
     }
 
-    public Map<String, Object> getAttributes() {
-        return attributes;
-    }
-
     public abstract String getProvider();
 
     public abstract String getId();
diff --git a/src/main/java/depth/main/wishwesee/global/config/security/handler/CustomSimpleUrlAuthenticationSuccessHandler.java b/src/main/java/depth/main/wishwesee/global/config/security/handler/CustomSimpleUrlAuthenticationSuccessHandler.java
@@ -39,7 +39,6 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         DefaultAssert.isAuthentication(!response.isCommitted());
 
         String targetUrl = determineTargetUrl(request, response, authentication);
-
         UserPrincipal userPrincipal = (UserPrincipal) authentication.getPrincipal();
         TokenMapping token = customTokenProviderService.createToken(userPrincipal.getEmail());
         CustomCookie.addCookie(response, "Authorization", "Bearer_" + token.getAccessToken(), (int) oAuth2Config.getAuth().getAccessTokenExpirationMsec());
@@ -52,7 +51,7 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
     protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
         Optional<String> redirectUri = CustomCookie.getCookie(request, REDIRECT_URI_PARAM_COOKIE_NAME).map(Cookie::getValue);
 
-        DefaultAssert.isAuthentication( !(redirectUri.isPresent() && !isAuthorizedRedirectUri(redirectUri.get())) );
+        DefaultAssert.isAuthentication(!(redirectUri.isPresent() && !isAuthorizedRedirectUri(redirectUri.get())));
 
         String targetUrl = redirectUri.orElse(getDefaultTargetUrl());
 
@@ -64,12 +63,15 @@ protected String determineTargetUrl(HttpServletRequest request, HttpServletRespo
                 .build();
         tokenRepository.save(token);
 
-        return UriComponentsBuilder.fromUriString(targetUrl)
+        URI uri = URI.create(targetUrl);
+        return UriComponentsBuilder.fromUri(uri)
+                .host("localhost:3000")
                 .queryParam("token", tokenMapping.getAccessToken())
-                .build().toUriString();
+                .build()
+                .toUriString();
     }
 
-    protected void clearAuthenticationAttributes(HttpServletRequest request, HttpServletResponse response) {
+        protected void clearAuthenticationAttributes(HttpServletRequest request, HttpServletResponse response) {
         super.clearAuthenticationAttributes(request);
         customAuthorizationRequestRepository.removeAuthorizationRequestCookies(request, response);
     }
