refactor : 디버깅용 로그 추가 및 설정 변경

Author: seungwookc97

build.gradle.kts

@@ -53,6 +53,12 @@ dependencies {
 
     annotationProcessor("org.projectlombok:lombok")
 
+    //json
+    implementation("io.jsonwebtoken:jjwt-api:0.11.5")
+    runtimeOnly("io.jsonwebtoken:jjwt-impl:0.11.5")
+    runtimeOnly("io.jsonwebtoken:jjwt-jackson:0.11.5")
+// json 파싱용
+
     //Spring AI
     implementation(platform("org.springframework.ai:spring-ai-bom:1.0.0-M4"))
 

cookies.txt

@@ -0,0 +1,4 @@
+# Netscape HTTP Cookie File
+# https://curl.se/docs/http-cookies.html
+# This file was generated by libcurl! Edit at your own risk.
+

src/main/java/com/back/domain/user/controller/UserAuthController.java

@@ -34,10 +34,10 @@ public class UserAuthController {
     })
     @PostMapping("/refresh")
     public RsData<RefreshTokenResDto> refreshToken(HttpServletRequest request, HttpServletResponse response) {
-        RefreshTokenResDto refreshToken = userAuthService.refreshTokens(request, response);
+        RefreshTokenResDto refreshTokenData = userAuthService.refreshTokens(request, response);
 
-        if (refreshToken != null) {
-            return RsData.of(200, "토큰이 갱신 성공.", refreshToken);
+        if (refreshTokenData != null) {
+            return RsData.of(200, "토큰이 갱신 성공.", refreshTokenData);
         } else {
             return RsData.of(401, "토큰 갱신에 실패했습니다. 다시 로그인해주세요.");
         }

src/main/java/com/back/domain/user/service/UserAuthService.java

@@ -137,15 +137,24 @@ public void issueTokens(HttpServletResponse response, Long userId, String email,
         String accessToken = jwtUtil.generateAccessToken(userId, email, nickname);
         String refreshToken = refreshTokenService.generateRefreshToken(userId);
 
+        log.debug("토큰 발급 완료 - userId: {}, accessToken: {}, refreshToken: {}", userId, accessToken, refreshToken);
+
         jwtUtil.addAccessTokenToCookie(response, accessToken);
         jwtUtil.addRefreshTokenToCookie(response, refreshToken);
     }
 
     public RefreshTokenResDto refreshTokens(HttpServletRequest request, HttpServletResponse response) {
         try {
             String oldRefreshToken = jwtUtil.getRefreshTokenFromCookie(request);
+            log.debug("토큰 갱신 시도 - 받은 RefreshToken: {}", oldRefreshToken);
+
+            if (oldRefreshToken == null) {
+                log.error("RefreshToken이 쿠키에서 발견되지 않음");
+                return null;
+            }
 
-            if (oldRefreshToken == null || !refreshTokenService.validateToken(oldRefreshToken)) {
+            if (!refreshTokenService.validateToken(oldRefreshToken)) {
+                log.error("RefreshToken 검증 실패: {}", oldRefreshToken);
                 return null;
             }
 

src/main/java/com/back/global/globalExceptionHandler/GlobalExceptionHandler.java

@@ -5,9 +5,12 @@
 import com.back.global.rsData.RsData;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import jakarta.validation.ConstraintViolationException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.dao.DataAccessException;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.transaction.TransactionException;
 import org.springframework.validation.FieldError;
 import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.MissingRequestHeaderException;
@@ -30,6 +33,7 @@
  * 500: Internal Server Error
  */
 
+@Slf4j
 @RestControllerAdvice
 public class GlobalExceptionHandler {
 

src/main/java/com/back/global/jwt/JwtUtil.java

@@ -19,26 +19,29 @@ public class JwtUtil {
 
     private final SecretKey secretKey;
     private final long accessTokenExpiration;
+    private final String cookieDomain;
     private static final String ACCESS_TOKEN_COOKIE_NAME = "accessToken";
     private static final String REFRESH_TOKEN_COOKIE_NAME = "refreshToken";
 
     public JwtUtil(@Value("${custom.jwt.secretKey}") String secretKey,
-                   @Value("${custom.accessToken.expirationSeconds}") long accessTokenExpiration) {
+                   @Value("${custom.accessToken.expirationSeconds}") long accessTokenExpiration,
+                   @Value("${custom.site.cookieDomain}") String cookieDomain) {
         this.secretKey = Keys.hmacShaKeyFor(secretKey.getBytes(StandardCharsets.UTF_8));
         this.accessTokenExpiration = accessTokenExpiration * 1000;
+        this.cookieDomain = cookieDomain;
     }
 
     public String generateAccessToken(Long userId, String email, String nickname) {
         Date now = new Date();
         Date expiration = new Date(now.getTime() + accessTokenExpiration);
 
         return Jwts.builder()
-                .subject(String.valueOf(userId))
+                .setSubject(String.valueOf(userId))
                 .claim("email", email)
                 .claim("nickname", nickname)
-                .issuedAt(now)
-                .expiration(expiration)
-                .signWith(secretKey)
+                .setIssuedAt(now)
+                .setExpiration(expiration)
+                .signWith(secretKey) // javax.crypto.SecretKey 타입
                 .compact();
     }
 
@@ -48,6 +51,7 @@ public void addAccessTokenToCookie(HttpServletResponse response, String accessTo
         cookie.setHttpOnly(true);
         cookie.setSecure(false); // 개발환경에서는 false, 프로덕션에서는 true
         cookie.setPath("/");
+        cookie.setDomain(cookieDomain);
         cookie.setMaxAge((int) (accessTokenExpiration / 1000));
         response.addCookie(cookie);
     }
@@ -58,16 +62,17 @@ public void removeAccessTokenCookie(HttpServletResponse response) {
         cookie.setHttpOnly(true);
         cookie.setSecure(false);
         cookie.setPath("/");
+        cookie.setDomain(cookieDomain);
         cookie.setMaxAge(0);
         response.addCookie(cookie);
     }
 
     public boolean validateAccessToken(String token) {
         try {
-            Jwts.parser()
-                    .verifyWith(secretKey)
+            Jwts.parserBuilder()
+                    .setSigningKey(secretKey)
                     .build()
-                    .parseSignedClaims(token);
+                    .parseClaimsJws(token);
             return true;
         } catch (SecurityException | MalformedJwtException e) {
             log.error("Invalid JWT signature: {}", e.getMessage());
@@ -90,35 +95,41 @@ public String getEmailFromToken(String token) {
     }
 
     public String getNicknameFromToken(String token) {
-        return parseToken(token).get("nickname", String.class);
+        return parseToken(token).get("nickname").toString();
     }
 
     private Claims parseToken(String token) {
-        return Jwts.parser()
-                .verifyWith(secretKey)
+        return Jwts.parserBuilder()
+                .setSigningKey(secretKey)
                 .build()
-                .parseSignedClaims(token)
-                .getPayload();
+                .parseClaimsJws(token)
+                .getBody();
     }
 
     public void addRefreshTokenToCookie(HttpServletResponse response, String refreshToken) {
         Cookie cookie = new Cookie(REFRESH_TOKEN_COOKIE_NAME, refreshToken);
         cookie.setHttpOnly(true);
         cookie.setSecure(false);
         cookie.setPath("/");
+        cookie.setDomain(cookieDomain);
         cookie.setMaxAge(60 * 60 * 24 * 30);
         response.addCookie(cookie);
     }
 
     public String getRefreshTokenFromCookie(HttpServletRequest request) {
         Cookie[] cookies = request.getCookies();
+        log.debug("받은 쿠키 개수: {}", cookies != null ? cookies.length : 0);
+
         if (cookies != null) {
             for (Cookie cookie : cookies) {
+                log.debug("쿠키 확인 - 이름: {}, 값: {}", cookie.getName(), cookie.getValue());
                 if (REFRESH_TOKEN_COOKIE_NAME.equals(cookie.getName())) {
+                    log.debug("RefreshToken 쿠키 발견: {}", cookie.getValue());
                     return cookie.getValue();
                 }
             }
         }
+        log.debug("RefreshToken 쿠키를 찾을 수 없음");
         return null;
     }
 
@@ -127,6 +138,7 @@ public void removeRefreshTokenCookie(HttpServletResponse response) {
         cookie.setHttpOnly(true);
         cookie.setSecure(false);
         cookie.setPath("/");
+        cookie.setDomain(cookieDomain);
         cookie.setMaxAge(0);
         response.addCookie(cookie);
     }

src/main/java/com/back/global/rq/Rq.java

@@ -25,9 +25,13 @@ public class Rq {
     private final HttpServletResponse resp;
     private final UserService userService;
 
-    @Value("${custom.cookie.secure:false}")
+    @Value("${custom.cookie.secure}")
     private boolean cookieSecure;
 
+    @Value("${custom.cookie.same}")
+    private String cookieSameSite;
+
+
     public User getActor() {
         return Optional.ofNullable(
                         SecurityContextHolder
@@ -90,7 +94,7 @@ public void setCrossDomainCookie(String name, String value, int maxAge) {
                 .path("/")
                 .maxAge(maxAge)
                 .secure(cookieSecure)
-                .sameSite("None")
+                .sameSite(cookieSameSite)
                 .httpOnly(true)
                 .build();
         resp.addHeader("Set-Cookie", cookie.toString());

src/main/java/com/back/global/security/CustomOAuth2LoginSuccessHandler.java

@@ -28,10 +28,15 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         // Access Token과 Refresh Token 발급
         userAuthService.issueTokens(response, securityUser.getId(), securityUser.getEmail(), securityUser.getNickname());
 
-        if (securityUser.isFirstLogin()) {
+        boolean isFirstLogin = securityUser.isFirstLogin();
+
+        if (isFirstLogin) {
+            // DB에서 isFirstLogin을 false로 업데이트
             userAuthService.setFirstLoginFalse(securityUser.getId());
+            // 첫 로그인이므로 first-user 페이지로 리다이렉트
             response.sendRedirect(frontendUrl + "/login/first-user");
         } else {
+            // 기존 사용자는 success 페이지로 리다이렉트
             response.sendRedirect(frontendUrl + "/login/success");
         }
     }

src/main/java/com/back/global/security/SecurityUser.java

@@ -32,7 +32,13 @@ public SecurityUser(
             Collection<? extends GrantedAuthority> authorities,
             Map<String, Object> attributes
     ) {
-        super(email, "", authorities); // OAuth2에서는 빈 패스워드
+        super(
+                (email != null && !email.isBlank()) ? email : String.valueOf(id), // ★★★ 핵심 수정
+                "",
+                authorities
+        );
+
+
         this.id = id;
         this.nickname = nickname;
         this.email = email;

src/main/resources/application-dev.yml

@@ -41,7 +41,8 @@ logging:
 # 쿠키 보안 설정 (HTTP 환경용)
 custom:
   cookie:
-    secure: false
+    secure: true
+    same: "Lax"
 
 #  # AI 설정
 #  ai: