Merge branch 'develop-backend' into fix/#585

.github/workflows/cd-frontend.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   deploy:
-    runs-on: [self-hosted, dev]
+    runs-on: [self-hosted, develop]
 
     steps:
       - name: deploy

.github/workflows/cd-prod.yml

@@ -6,10 +6,35 @@ on:
       - develop
 
 jobs:
-  deploy:
-    runs-on: prod
+  deploy-on-prod1:
+    runs-on: [self-hosted, runner-prod1]
 
     steps:
+      - name: update properties if exists
+        run: |
+          if [ -n "${{ secrets.NEW_PROPERTIES }}" ]; then
+            cd ~/deploy
+            echo "${{ secrets.NEW_PROPERTIES }}" > new_properties
+            ./update-properties.sh
+          fi
+
+      - name: deploy
+        run: |
+          cd ~/deploy && ./deploy.sh
+
+  deploy-on-prod2:
+    runs-on: [self-hosted, runner-prod2]
+    needs: deploy-on-prod1
+
+    steps:
+      - name: update properties if exists
+        run: |
+          if [ -n "${{ secrets.NEW_PROPERTIES }}" ]; then
+            cd ~/deploy
+            echo "${{ secrets.NEW_PROPERTIES }}" > new_properties
+            ./update-properties.sh
+          fi
+
       - name: deploy
         run: |
           cd ~/deploy && ./deploy.sh

.github/workflows/cicd-backend-dev.yml

@@ -29,6 +29,11 @@ jobs:
           mkdir -p src/main/resources/firebase
           echo ${{ secrets.BACKEND_FIREBASE_JSON }} > src/main/resources/firebase/serviceAccountKey.json
 
+      - name: Apple Auth Key 파일 이동
+        run: |
+          mkdir -p src/main/resources/auth
+          printf "%s" "${{ secrets.APPLE_AUTH_KEY }}" > src/main/resources/auth/AuthKey.p8
+          
       - name: gradlew 권한 부여
         run: chmod +x ./gradlew
 
@@ -48,13 +53,9 @@ jobs:
 
   deploy:
     needs: build
-    runs-on: [self-hosted, dev]
+    runs-on: [self-hosted, develop]
 
     steps:
-      - name: change permission
-        run: |
-          sudo chown -R ubuntu:ubuntu /home/ubuntu/actions-runner/_work/2024-mouda
-
       - name: DockerHub login
         uses: docker/login-action@v1
         with:
@@ -63,6 +64,7 @@ jobs:
 
       - name: Docker Compose up
         run: |
-          docker compose -f ./backend/docker-compose.yml down mouda-be
-          docker compose -f ./backend/docker-compose.yml pull mouda-be
-          docker compose -f ./backend/docker-compose.yml up -d mouda-be
+          cd ~/deploy
+          docker compose -f docker-compose-be.yml down
+          docker compose -f docker-compose-be.yml pull
+          docker compose -f docker-compose-be.yml up -d 

.github/workflows/pr-test.yml

@@ -29,6 +29,11 @@ jobs:
           mkdir -p src/main/resources/firebase
           echo ${{ secrets.BACKEND_FIREBASE_JSON }} > src/main/resources/firebase/serviceAccountKey.json
 
+      - name: Apple Auth Key 파일 이동
+        run: |
+          mkdir -p src/main/resources/auth
+          printf "%s" "${{ secrets.APPLE_AUTH_KEY }}" > src/main/resources/auth/AuthKey.p8
+          
       - name: gradlew 권한 부여
         run: chmod +x ./gradlew
 

.gitignore

@@ -4,3 +4,4 @@
 /frontend/.idea
 /backend/htmlReport
 *.pem
+backend/src/main/resources/auth/AuthKey.p8

backend/.gitignore

@@ -7,4 +7,3 @@ build/
 out
 logs
 src/main/resources/firebase
-src/main/resources/application-prod.yml

backend/build.gradle

@@ -49,9 +49,13 @@ dependencies {
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
     testCompileOnly 'org.projectlombok:lombok'
     testAnnotationProcessor 'org.projectlombok:lombok'
+    testImplementation 'org.awaitility:awaitility:4.2.0'
 
     // notification
     implementation 'com.google.firebase:firebase-admin:9.3.0'
+
+    //Google Oauth
+    implementation 'com.google.api-client:google-api-client:1.32.1'
 }
 
 tasks.named('test') {

backend/src/main/java/mouda/backend/auth/Infrastructure/AppleOauthClient.java

@@ -10,58 +10,50 @@
 import org.springframework.web.client.RestClient;
 
 import lombok.RequiredArgsConstructor;
-import mouda.backend.auth.Infrastructure.response.TokenResponse;
-import mouda.backend.auth.implement.JwtProvider;
-import mouda.backend.member.domain.Member;
-import mouda.backend.member.implement.MemberFinder;
+import mouda.backend.auth.implement.jwt.ClientSecretProvider;
+import mouda.backend.auth.presentation.response.OauthResponse;
 
 @Component
 @RequiredArgsConstructor
 public class AppleOauthClient implements OauthClient {
 
-	private static final String CLIENT_ID = "ca3adf9a52671fdbb847b809c0fdb980";
+	public static final String CLIENT_ID = "site.mouda.backend";
 	private static final String APPLE_API_URL = "https://appleid.apple.com/auth/token";
 	private static final String GRANT_TYPE = "authorization_code";
-	
+
 	private final RestClient restClient;
-	private final JwtProvider jwtProvider;
-	private final MemberFinder memberFinder;
+	private final ClientSecretProvider clientSecretProvider;
 
 	@Value("${oauth.apple.redirect-uri}")
 	private String redirectUri;
 
 	@Override
 	public String getIdToken(String code) {
-		HttpHeaders headers = getHttpHeaders();
 		MultiValueMap<String, String> formData = getFormData(code);
-		TokenResponse tokenResponse = restClient.method(HttpMethod.POST)
+
+		OauthResponse oauthResponse = restClient.method(HttpMethod.POST)
 			.uri(APPLE_API_URL)
-			.headers(httpHeaders -> httpHeaders.addAll(headers))
+			.headers(httpHeaders -> httpHeaders.addAll(getHttpHeaders()))
 			.body(formData)
 			.retrieve()
-			.body(TokenResponse.class);
-		return tokenResponse.accessToken();
+			.body(OauthResponse.class);
+		return oauthResponse.id_token();
 	}
 
 	private HttpHeaders getHttpHeaders() {
-		HttpHeaders headers = new org.springframework.http.HttpHeaders();
+		HttpHeaders headers = new HttpHeaders();
 		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 		return headers;
 	}
 
 	private MultiValueMap<String, String> getFormData(String code) {
 		MultiValueMap<String, String> formData = new LinkedMultiValueMap<>();
 		formData.add("client_id", CLIENT_ID);
-		formData.add("client_secret", getClientSecret(code));
+		formData.add("client_secret", clientSecretProvider.provide());
 		formData.add("code", code);
 		formData.add("grant_type", GRANT_TYPE);
 		formData.add("redirect_uri", redirectUri);
 		return formData;
 	}
 
-	private String getClientSecret(String code) {
-		long memberId = jwtProvider.extractMemberId(code);
-		Member member = memberFinder.find(memberId);
-		return jwtProvider.createToken(member);
-	}
 }

backend/src/main/java/mouda/backend/auth/Infrastructure/GoogleOauthClient.java

@@ -0,0 +1,74 @@
+package mouda.backend.auth.Infrastructure;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.client.RestClient;
+
+import com.fasterxml.jackson.databind.JsonNode;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Component
+@Slf4j
+@RequiredArgsConstructor
+public class GoogleOauthClient implements OauthClient {
+
+	private static final String CLIENT_ID = "630308965506-4eiek02jh2a5fbj7as1o84l4mks3s2tu.apps.googleusercontent.com";
+	private static final String GRANT_TYPE = "authorization_code";
+	private static final String GOOGLE_API_URL = "https://oauth2.googleapis.com/token";
+
+	@Value("${oauth.google.client-secret}")
+	private String clientSecret;
+
+	@Value("${oauth.google.redirect-uri}")
+	private String redirectUri;
+
+	private final RestClient restClient;
+
+	@Override
+	public String getIdToken(String code) {
+		try {
+			HttpHeaders headers = getHttpHeaders();
+			MultiValueMap<String, String> formData = getFormData(code);
+
+			JsonNode oauthResponse = restClient.method(HttpMethod.POST)
+				.uri(GOOGLE_API_URL)
+				.headers(httpHeaders -> httpHeaders.addAll(headers))
+				.body(formData)
+				.retrieve()
+				.body(JsonNode.class);
+			return oauthResponse.get("id_token").asText();
+		} catch (Exception e) {
+			log.warn(e.getMessage());
+			// throw new AuthException(HttpStatus.BAD_GATEWAY, TOKEN_ISSUE_FAILED);
+			throw e;
+		}
+	}
+
+	private HttpHeaders getHttpHeaders() {
+		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+		return headers;
+	}
+
+	private MultiValueMap<String, String> getFormData(String code) {
+		String scope = "https://www.googleapis.com/auth/userinfo.email " +
+			"https://www.googleapis.com/auth/userinfo.profile " +
+			"openid";
+
+		MultiValueMap<String, String> formData = new LinkedMultiValueMap<>();
+		formData.add("client_id", CLIENT_ID);
+		formData.add("client_secret", clientSecret);
+		formData.add("code", code);
+		formData.add("grant_type", GRANT_TYPE);
+		formData.add("redirect_uri", redirectUri);
+		formData.add("scope", scope);
+		return formData;
+	}
+}

backend/src/main/java/mouda/backend/auth/business/AppleAuthService.java

@@ -2,16 +2,27 @@
 
 import org.springframework.stereotype.Service;
 
+import lombok.RequiredArgsConstructor;
+import mouda.backend.auth.implement.AppleOauthManager;
+import mouda.backend.auth.implement.LoginManager;
 import mouda.backend.auth.presentation.request.OauthRequest;
 import mouda.backend.auth.presentation.response.LoginResponse;
 import mouda.backend.member.domain.Member;
+import mouda.backend.member.domain.OauthType;
 
 @Service
+@RequiredArgsConstructor
 public class AppleAuthService implements AuthService {
 
+	private final AppleOauthManager oauthManager;
+	private final LoginManager loginManager;
+
 	@Override
 	public LoginResponse oauthLogin(OauthRequest oauthRequest) {
-		return null;
+		String socialLoginId = oauthManager.getSocialLoginId(oauthRequest.code());
+		String accessToken = loginManager.processSocialLogin(OauthType.APPLE, socialLoginId);
+
+		return new LoginResponse(accessToken);
 	}
 
 	@Override

backend/src/main/java/mouda/backend/auth/business/GoogleAuthService.java

@@ -0,0 +1,34 @@
+package mouda.backend.auth.business;
+
+import org.springframework.stereotype.Service;
+
+import lombok.RequiredArgsConstructor;
+import mouda.backend.auth.implement.GoogleOauthManager;
+import mouda.backend.auth.implement.LoginManager;
+import mouda.backend.auth.presentation.request.GoogleOauthReqeust;
+import mouda.backend.auth.presentation.response.LoginResponse;
+import mouda.backend.member.domain.Member;
+import mouda.backend.member.domain.OauthType;
+
+@Service
+@RequiredArgsConstructor
+public class GoogleAuthService {
+
+	private final GoogleOauthManager googleOauthManager;
+	private final LoginManager loginManager;
+
+	public LoginResponse oauthLogin(GoogleOauthReqeust googleOauthReqeust) {
+		String memberName = googleOauthManager.getMemberName(googleOauthReqeust.idToken());
+		String socialLoginId = googleOauthManager.getSocialLoginId(googleOauthReqeust.idToken());
+		String accessToken = loginManager.processSocialLogin(OauthType.GOOGLE, socialLoginId);
+		return new LoginResponse(accessToken);
+	}
+
+	public Member findMember(String token) {
+		return null;
+	}
+
+	public void checkAuthentication(String token) {
+
+	}
+}

backend/src/main/java/mouda/backend/auth/business/KakaoAuthService.java

@@ -3,9 +3,9 @@
 import org.springframework.stereotype.Service;
 
 import lombok.RequiredArgsConstructor;
-import mouda.backend.auth.implement.JwtProvider;
+import mouda.backend.auth.implement.KakaoOauthManager;
 import mouda.backend.auth.implement.LoginManager;
-import mouda.backend.auth.implement.OauthManager;
+import mouda.backend.auth.implement.jwt.AccessTokenProvider;
 import mouda.backend.auth.presentation.request.OauthRequest;
 import mouda.backend.auth.presentation.response.LoginResponse;
 import mouda.backend.member.domain.LoginDetail;
@@ -18,31 +18,32 @@
 @RequiredArgsConstructor
 public class KakaoAuthService implements AuthService {
 
-	private final JwtProvider jwtProvider;
-	private final OauthManager oauthManager;
+	private final AccessTokenProvider accessTokenProvider;
+	private final KakaoOauthManager oauthManager;
 	private final LoginManager loginManager;
 	private final MemberFinder memberFinder;
 	private final MemberWriter memberWriter;
 
 	public LoginResponse oauthLogin(OauthRequest oauthRequest) {
-		Long kakaoId = oauthManager.getKakaoId(oauthRequest.code());
-		String token = loginManager.processKakaoLogin(kakaoId);
+		String kakaoId = oauthManager.getSocialLoginId(oauthRequest.code());
+		String token = loginManager.processSocialLogin(OauthType.KAKAO, kakaoId);
+
 		return new LoginResponse(token);
 	}
 
 	public Member findMember(String token) {
-		long memberId = jwtProvider.extractMemberId(token);
+		long memberId = accessTokenProvider.extractMemberId(token);
 		return memberFinder.find(memberId);
 	}
 
 	public void checkAuthentication(String token) {
-		jwtProvider.validateExpiration(token);
+		accessTokenProvider.validateExpiration(token);
 	}
 
 	public LoginResponse basicLogin() {
 		Member member = new Member("nickname",
-			new LoginDetail(OauthType.KAKAO, 1L));
+			new LoginDetail(OauthType.KAKAO, "1"));
 		memberWriter.append(member);
-		return new LoginResponse(jwtProvider.createToken(member));
+		return new LoginResponse(accessTokenProvider.provide(member));
 	}
 }