refactor: Token VO 적용, 제공과 저장 관심사 분리, 환경변수 사용하도록 수정

src/main/java/com/example/solidconnection/auth/client/AppleOAuthClient.java

@@ -25,8 +25,9 @@
 import org.springframework.web.client.RestTemplate;
 
 /*
- * 애플 인증을 위한 OAuth2 클라이언트
- * https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens
+ * - 애플 인증을 위한 OAuth2 클라이언트
+ *   - https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens
+ * - OAuthClient 인터페이스를 사용하는 전략 패턴으로 구현됨
  * */
 @Component
 @RequiredArgsConstructor

src/main/java/com/example/solidconnection/auth/client/KakaoOAuthClient.java

@@ -23,10 +23,11 @@
 import org.springframework.web.util.UriComponentsBuilder;
 
 /*
- * 카카오 인증을 위한 OAuth2 클라이언트
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-code
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-token
- * https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#req-user-info
+ * - 카카오 인증을 위한 OAuth2 클라이언트
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-code
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#request-token
+ *   - https://developers.kakao.com/docs/latest/ko/kakaologin/rest-api#req-user-info
+ * - OAuthClient 인터페이스를 사용하는 전략 패턴으로 구현됨
  * */
 @Component
 @RequiredArgsConstructor

src/main/java/com/example/solidconnection/auth/controller/AuthController.java

@@ -10,10 +10,10 @@
 import com.example.solidconnection.auth.dto.oauth.OAuthResponse;
 import com.example.solidconnection.auth.dto.oauth.OAuthSignInResponse;
 import com.example.solidconnection.auth.service.AuthService;
-import com.example.solidconnection.auth.service.EmailSignInService;
-import com.example.solidconnection.auth.service.EmailSignUpTokenProvider;
-import com.example.solidconnection.auth.service.SignUpService;
 import com.example.solidconnection.auth.service.oauth.OAuthService;
+import com.example.solidconnection.auth.service.signin.EmailSignInService;
+import com.example.solidconnection.auth.service.signup.EmailSignUpTokenProvider;
+import com.example.solidconnection.auth.service.signup.SignUpService;
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.common.exception.ErrorCode;
 import com.example.solidconnection.common.resolver.AuthorizedUser;

src/main/java/com/example/solidconnection/auth/controller/RefreshTokenCookieManager.java

@@ -3,11 +3,12 @@
 import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_NOT_EXISTS;
 
 import com.example.solidconnection.auth.controller.config.RefreshTokenCookieProperties;
-import com.example.solidconnection.auth.domain.TokenType;
+import com.example.solidconnection.auth.token.config.TokenProperties;
 import com.example.solidconnection.common.exception.CustomException;
 import jakarta.servlet.http.Cookie;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import java.time.Duration;
 import java.util.Arrays;
 import lombok.RequiredArgsConstructor;
 import org.springframework.boot.web.server.Cookie.SameSite;
@@ -23,15 +24,17 @@ public class RefreshTokenCookieManager {
     private static final String PATH = "/";
 
     private final RefreshTokenCookieProperties properties;
+    private final TokenProperties tokenProperties;
 
     public void setCookie(HttpServletResponse response, String refreshToken) {
-        long maxAge = convertExpireTimeToCookieMaxAge(TokenType.REFRESH.getExpireTime());
-        setRefreshTokenCookie(response, refreshToken, maxAge);
+        Duration tokenExpireTime = tokenProperties.refresh().expireTime();
+        long cookieMaxAge = convertExpireTimeToCookieMaxAge(tokenExpireTime);
+        setRefreshTokenCookie(response, refreshToken, cookieMaxAge);
     }
 
-    private long convertExpireTimeToCookieMaxAge(long milliSeconds) {
+    private long convertExpireTimeToCookieMaxAge(Duration tokenExpireTime) {
         // jwt의 expireTime 단위인 millisecond를 cookie의 maxAge 단위인 second로 변환
-        return milliSeconds / 1000;
+        return tokenExpireTime.toSeconds();
     }
 
     public void deleteCookie(HttpServletResponse response) {

src/main/java/com/example/solidconnection/auth/domain/AccessToken.java

@@ -0,0 +1,7 @@
+package com.example.solidconnection.auth.domain;
+
+public record AccessToken(
+        String token
+) implements Token {
+
+}

src/main/java/com/example/solidconnection/auth/domain/RefreshToken.java

@@ -0,0 +1,7 @@
+package com.example.solidconnection.auth.domain;
+
+public record RefreshToken(
+        String token
+) implements Token {
+
+}

src/main/java/com/example/solidconnection/auth/domain/SignUpToken.java

@@ -0,0 +1,7 @@
+package com.example.solidconnection.auth.domain;
+
+public record SignUpToken(
+        String token
+) implements Token {
+
+}

src/main/java/com/example/solidconnection/auth/service/Subject.java → src/main/java/com/example/solidconnection/auth/domain/Subject.java

@@ -1,4 +1,4 @@
-package com.example.solidconnection.auth.service;
+package com.example.solidconnection.auth.domain;
 
 public record Subject(
         String value

src/main/java/com/example/solidconnection/auth/domain/Token.java

@@ -0,0 +1,6 @@
+package com.example.solidconnection.auth.domain;
+
+public interface Token {
+
+    String token();
+}

src/main/java/com/example/solidconnection/auth/dto/ReissueResponse.java

@@ -1,6 +1,6 @@
 package com.example.solidconnection.auth.dto;
 
-import com.example.solidconnection.auth.service.AccessToken;
+import com.example.solidconnection.auth.domain.AccessToken;
 
 public record ReissueResponse(
         String accessToken

src/main/java/com/example/solidconnection/auth/dto/SignInResponse.java

@@ -1,7 +1,7 @@
 package com.example.solidconnection.auth.dto;
 
-import com.example.solidconnection.auth.service.AccessToken;
-import com.example.solidconnection.auth.service.RefreshToken;
+import com.example.solidconnection.auth.domain.AccessToken;
+import com.example.solidconnection.auth.domain.RefreshToken;
 
 public record SignInResponse(
         String accessToken,

src/main/java/com/example/solidconnection/auth/service/AuthService.java

@@ -3,6 +3,7 @@
 import static com.example.solidconnection.common.exception.ErrorCode.REFRESH_TOKEN_EXPIRED;
 import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
+import com.example.solidconnection.auth.domain.AccessToken;
 import com.example.solidconnection.auth.dto.ReissueResponse;
 import com.example.solidconnection.auth.token.TokenBlackListService;
 import com.example.solidconnection.common.exception.CustomException;
@@ -26,11 +27,9 @@ public class AuthService {
      * - 엑세스 토큰을 블랙리스트에 추가한다.
      * - 리프레시 토큰을 삭제한다.
      * */
-    public void signOut(String token) {
-        SiteUser siteUser = authTokenProvider.parseSiteUser(token);
-        AccessToken accessToken = authTokenProvider.generateAccessToken(siteUser);
-        authTokenProvider.deleteRefreshTokenByAccessToken(accessToken);
+    public void signOut(String accessToken) {
         tokenBlackListService.addToBlacklist(accessToken);
+        authTokenProvider.deleteRefreshTokenByAccessToken(accessToken);
     }
 
     /*

src/main/java/com/example/solidconnection/auth/service/AuthTokenProvider.java

@@ -2,15 +2,17 @@
 
 import static com.example.solidconnection.common.exception.ErrorCode.USER_NOT_FOUND;
 
-import com.example.solidconnection.auth.domain.TokenType;
+import com.example.solidconnection.auth.domain.AccessToken;
+import com.example.solidconnection.auth.domain.RefreshToken;
+import com.example.solidconnection.auth.domain.Subject;
+import com.example.solidconnection.auth.token.config.TokenProperties;
 import com.example.solidconnection.common.exception.CustomException;
 import com.example.solidconnection.siteuser.domain.Role;
 import com.example.solidconnection.siteuser.domain.SiteUser;
 import com.example.solidconnection.siteuser.repository.SiteUserRepository;
 import java.util.Map;
 import java.util.Objects;
 import lombok.RequiredArgsConstructor;
-import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 
 @Component
@@ -19,26 +21,30 @@ public class AuthTokenProvider {
 
     private static final String ROLE_CLAIM_KEY = "role";
 
-    private final RedisTemplate<String, String> redisTemplate;
     private final TokenProvider tokenProvider;
+    private final TokenStorage tokenStorage;
     private final SiteUserRepository siteUserRepository;
+    private final TokenProperties tokenProperties;
 
     public AccessToken generateAccessToken(SiteUser siteUser) {
         Subject subject = toSubject(siteUser);
         Role role = siteUser.getRole();
         String token = tokenProvider.generateToken(
-                subject.value(),
+                subject,
                 Map.of(ROLE_CLAIM_KEY, role.name()),
-                TokenType.ACCESS
+                tokenProperties.access().expireTime()
         );
-        return new AccessToken(subject, role, token);
+        return new AccessToken(token);
     }
 
     public RefreshToken generateAndSaveRefreshToken(SiteUser siteUser) {
         Subject subject = toSubject(siteUser);
-        String token = tokenProvider.generateToken(subject.value(), TokenType.REFRESH);
-        tokenProvider.saveToken(token, TokenType.REFRESH);
-        return new RefreshToken(subject, token);
+        String token = tokenProvider.generateToken(
+                subject,
+                tokenProperties.refresh().expireTime()
+        );
+        RefreshToken refreshToken = new RefreshToken(token);
+        return tokenStorage.saveToken(subject, refreshToken);
     }
 
     /*
@@ -47,21 +53,20 @@ public RefreshToken generateAndSaveRefreshToken(SiteUser siteUser) {
      * - 조회된 리프레시 토큰과 요청된 토큰이 같은지 비교한다.
      * */
     public boolean isValidRefreshToken(String requestedRefreshToken) {
-        String subject = tokenProvider.parseSubject(requestedRefreshToken);
-        String refreshTokenKey = TokenType.REFRESH.addPrefix(subject);
-        String foundRefreshToken = redisTemplate.opsForValue().get(refreshTokenKey);
-        return Objects.equals(requestedRefreshToken, foundRefreshToken);
+        Subject subject = tokenProvider.parseSubject(requestedRefreshToken);
+        return tokenStorage.findToken(subject, RefreshToken.class)
+                .map(foundRefreshToken -> Objects.equals(foundRefreshToken, requestedRefreshToken))
+                .orElse(false);
     }
 
-    public void deleteRefreshTokenByAccessToken(AccessToken accessToken) {
-        String subject = accessToken.subject().value();
-        String refreshTokenKey = TokenType.REFRESH.addPrefix(subject);
-        redisTemplate.delete(refreshTokenKey);
+    public void deleteRefreshTokenByAccessToken(String accessToken) {
+        Subject subject = tokenProvider.parseSubject(accessToken);
+        tokenStorage.deleteToken(subject, RefreshToken.class);
     }
 
     public SiteUser parseSiteUser(String token) {
-        String subject = tokenProvider.parseSubject(token);
-        long siteUserId = Long.parseLong(subject);
+        Subject subject = tokenProvider.parseSubject(token);
+        long siteUserId = Long.parseLong(subject.value());
         return siteUserRepository.findById(siteUserId)
                 .orElseThrow(() -> new CustomException(USER_NOT_FOUND));
     }