feat: refresh 토큰 추가 - [merged]

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 2, 2021, 17:29

Merges feat/61-security -> develop

Issue Number

• 61

  What?

• refresh 토큰 추가

  Why?

• 짧은 유효기간을 가진 엑세스 토큰의 사용성 개선

  How?

• Redis DB를 별도 구축하여 발급된 엑세스 토큰에 대한 refresh 토큰을 저장하여, 엑세스 토큰의 유효기간이 만료되는 경우 refresh 토큰의 유효기간을 연장시키고 access token 재발급.

  Testing?

• 단위 테스트 및 통합 테스트

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 2, 2021, 17:37

added 1 commit

• 7994a148 - test: jacoco 시각화

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 2, 2021, 17:47

added 1 commit

• da599aca - test: visualize

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 09:24

approved this merge request

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 09:59

added 1 commit

• 90efb6f0 - ci: 배포 서버 변경 및 api 문서 업데이트

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 10:26

added 1 commit

• b2a6bc75 - refactor: changed test directory

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 11:41

added 1 commit

• ff721211 - feat: refresh token 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202985 on Jul 5, 2021, 14:19

Commented on src/main/java/gabia/cronMonitoring/exception/auth/InvalidTokenException.java line 5

각 exception 에 대한 Http status 지정과 Test 코드 작성할 때 Exception 에 대한 테스트도 있으면 좋을 것 같습니다.
참고 : https://velog.io/@max9106/Spring-Boot-ExceptionHandler

[JuyeoungJun]

In GitLab by @gm2202985 on Jul 5, 2021, 14:19

Commented on src/main/java/gabia/cronMonitoring/service/RefreshTokenService.java line 31

해당하는 방식으로 인증을 한다면 Access Token만을 가지고도 계속해서 새로운 Access Token을 발급 받을 수 있기 때문에 위험하지 않을까요?? 추가적인 로직이 필요할 것 같아요

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 17:19

added 1 commit

• 32804a6e - refactor: 로그인 실패 테스트케이스 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 17:48

added 1 commit

• 8f4a3924 - test: 컨트롤러 테스트 수정

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 5, 2021, 17:57

added 1 commit

• 2bda28c5 - ci: redis 테스트 환경 변경

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:12

added 6 commits

• e53118c8 - chore: gitignore 수정
• 2ddbc4f2 - chore: gitignore 수정
• 08bf15cc - chore: gitignore 수정
• 26552bf5 - test: 테스트 케이스 추가 및 완성
• 838bc555 - feat: refresh token 완성
• b493cd97 - feat: refresh token 완성

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202985 on Jul 6, 2021, 09:13

approved this merge request

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:14

enabled an automatic merge when the pipeline for b493cd97dce854c6e823ab3404e508d78219b68e succeeds

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:14

canceled the automatic merge

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:15

enabled an automatic merge when the pipeline for b493cd97dce854c6e823ab3404e508d78219b68e succeeds

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:24

canceled the automatic merge

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:31

added 1 commit

• 7010041a - feat: refresh 토큰 기능 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:39

added 1 commit

• f77d31cd - feat: refresh 토큰 기능 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 09:52

added 1 commit

• 6d2509e8 - feat: refresh 토큰 기능 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 10:58

added 1 commit

• b0e2e2a8 - feat: refresh 토큰 기능 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 11:11

Commented on src/main/java/gabia/cronMonitoring/service/RefreshTokenService.java line 31

changed this line in version 15 of the diff

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 11:11

added 1 commit

• 0b86d8db - feat: refresh 토큰 기능 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 11:12

enabled an automatic merge when the pipeline for 0b86d8db1a298fc2445317bc5b3bf724c79bbbc3 succeeds

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 11:16

canceled the automatic merge

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 16:39

added 2 commits

• 62b02908 - style: 코드 주석 추가
• 3f1f3f53 - style: jwt 토큰 생성 주석 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 16:51

added 1 commit

• 6ebebea0 - style: 클래스 주석 추가

Compare with previous version

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 17:21

Commented on src/main/java/gabia/cronMonitoring/exception/auth/InvalidTokenException.java line 5

해당 부분 확인하고 Exception Handler 추가했습니다.

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 17:22

Commented on src/main/java/gabia/cronMonitoring/service/RefreshTokenService.java line 31

인증시에 클라이언트에 Refresh 토큰을 발급하고 그러한 토큰으로 Access 토큰을 재발급받는 형태로 로직을 변경했습니다.

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 17:22

resolved all threads

[JuyeoungJun]

In GitLab by @gm2202981 on Jul 6, 2021, 17:23

mentioned in commit 286c28952ea2c7c2ac24fd42f5297564401b7ede