fix: oauth 로그인시 refreshToken 정보 저장

core/core-security/src/main/java/com/pgms/coresecurity/security/service/CustomAuthenticationProvider.java

@@ -5,7 +5,6 @@
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Component;
 
@@ -34,11 +33,15 @@ public Authentication authenticate(Authentication authentication) throws Authent
 		String password = authentication.getCredentials().toString();
 		String accountType = authentication.getDetails().toString();
 
-		UserDetails userDetails;
+		UserDetailsImpl userDetails;
 		if (accountType.equals("member")) {
-			userDetails = memberUserDetailsService.loadUserByUsername(email);
+			userDetails = (UserDetailsImpl)memberUserDetailsService.loadUserByUsername(email);
 		} else {
-			userDetails = adminUserDetailsService.loadUserByUsername(email);
+			userDetails = (UserDetailsImpl)adminUserDetailsService.loadUserByUsername(email);
+		}
+
+		if (userDetails.getProvider() != null) {
+			throw new SecurityCustomException(MemberErrorCode.NOT_ALLOWED_BY_PROVIDER);
 		}
 
 		if (!passwordEncoder.matches(password, userDetails.getPassword())) {

core/core-security/src/main/java/com/pgms/coresecurity/security/service/MemberUserDetailsService.java

@@ -24,9 +24,6 @@ public class MemberUserDetailsService implements UserDetailsService {
 	public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
 		Member member = memberRepository.findByEmail(email)
 			.orElseThrow(() -> new SecurityCustomException(MemberErrorCode.MEMBER_NOT_FOUND));
-		if (member.isLoginByProvider()) {
-			throw new SecurityCustomException(MemberErrorCode.NOT_ALLOWED_BY_PROVIDER);
-		}
 		return UserDetailsImpl.from(member);
 	}
 }

core/core-security/src/main/java/com/pgms/coresecurity/security/service/OAuth2AuthenticationSuccessHandler.java

@@ -14,6 +14,8 @@
 
 import com.pgms.coredomain.domain.member.Member;
 import com.pgms.coredomain.domain.member.enums.Provider;
+import com.pgms.coredomain.domain.member.redis.RefreshToken;
+import com.pgms.coredomain.domain.member.redis.RefreshTokenRepository;
 import com.pgms.coredomain.domain.member.repository.MemberRepository;
 import com.pgms.coresecurity.security.jwt.JwtTokenProvider;
 import com.pgms.coresecurity.security.util.HttpResponseUtil;
@@ -31,6 +33,7 @@ public class OAuth2AuthenticationSuccessHandler implements AuthenticationSuccess
 
 	private final MemberRepository memberRepository;
 	private final JwtTokenProvider jwtTokenProvider;
+	private final RefreshTokenRepository refreshTokenRepository;
 
 	@Override
 	@Transactional
@@ -53,11 +56,15 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
 			userDetails.getAuthorities());
 
 		// 토큰 생성 후 반환
+		String accessToken = jwtTokenProvider.generateAccessToken((UserDetailsImpl)authenticated.getPrincipal());
+		String refreshToken = jwtTokenProvider.generateRefreshToken();
+
 		Map<String, Object> body = new HashMap<>();
-		body.put("accessToken", jwtTokenProvider.generateAccessToken((UserDetailsImpl)authenticated.getPrincipal()));
-		body.put("refreshToken", jwtTokenProvider.generateRefreshToken());
+		body.put("accessToken", accessToken);
+		body.put("refreshToken", refreshToken);
 
-		// TODO redis에 토큰 정보 저장
+		refreshTokenRepository.save(new RefreshToken(refreshToken, accessToken, "member",
+			((UserDetailsImpl)authenticated.getPrincipal()).getEmail()));
 		HttpResponseUtil.setSuccessResponse(response, HttpStatus.OK, body);
 	}
 

core/core-security/src/main/java/com/pgms/coresecurity/security/service/UserDetailsImpl.java

@@ -10,19 +10,35 @@
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.pgms.coredomain.domain.member.Admin;
 import com.pgms.coredomain.domain.member.Member;
+import com.pgms.coredomain.domain.member.enums.Provider;
 
-import lombok.AllArgsConstructor;
 import lombok.Getter;
 
 @Getter
-@AllArgsConstructor
 public class UserDetailsImpl implements UserDetails {
 
 	private Long id;
 	private String email;
 	@JsonIgnore
 	private String password;
 	private Collection<? extends GrantedAuthority> authorities;
+	private Provider provider;
+
+	public UserDetailsImpl(Long id, String email, String password, Collection<? extends GrantedAuthority> authorities) {
+		this.id = id;
+		this.email = email;
+		this.password = password;
+		this.authorities = authorities;
+	}
+
+	public UserDetailsImpl(Long id, String email, String password, Collection<? extends GrantedAuthority> authorities,
+		Provider provider) {
+		this.id = id;
+		this.email = email;
+		this.password = password;
+		this.authorities = authorities;
+		this.provider = provider;
+	}
 
 	public static UserDetails from(Admin admin) {
 		List<GrantedAuthority> authorities = admin.getRole() != null ?
@@ -35,7 +51,13 @@ public static UserDetails from(Member member) {
 		List<GrantedAuthority> authorities = member.getRole() != null ?
 			List.of(new SimpleGrantedAuthority(member.getRole().name()))
 			: null;
-		return new UserDetailsImpl(member.getId(), member.getEmail(), member.getPassword(), authorities);
+		return new UserDetailsImpl(
+			member.getId(),
+			member.getEmail(),
+			member.getPassword(),
+			authorities,
+			member.getProvider()
+		);
 	}
 
 	@Override