Merge pull request #47 from GP-DriveU/refactor/#46/token-argumentresolver

[Refactor] JWT 토큰 처리 로직 리펙토링 (@loginuser) & S3 인코딩 버그 해결

Author: yeonju73

src/main/java/com/driveu/server/domain/auth/application/OauthTokenService.java

@@ -65,7 +65,7 @@ public LoginResponse handleGoogleLogin(String code, String redirectUri) {
                 .toList();
 
         // 디렉토리 트리 조회
-        List<DirectoryTreeResponse> directories = directoryService.getDirectoryTree("Bearer " + jwtToken.getAccessToken(), userSemester.getId());
+        List<DirectoryTreeResponse> directories = directoryService.getDirectoryTree(user, userSemester.getId());
 
         return LoginResponse.builder()
                 .user(LoginResponse.UserInfo.builder()

src/main/java/com/driveu/server/domain/auth/enhancer/JwtAuthenticationFilter.java

@@ -1,6 +1,7 @@
 package com.driveu.server.domain.auth.enhancer;
 
 import com.driveu.server.domain.auth.infra.JwtProvider;
+import com.driveu.server.global.util.TokenExtractor;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.ServletRequest;
@@ -9,27 +10,21 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.util.StringUtils;
 import org.springframework.web.filter.GenericFilterBean;
 
 import java.io.IOException;
 
-
-
 @RequiredArgsConstructor
 public class JwtAuthenticationFilter extends GenericFilterBean {
 
-    public static final String AUTHORIZATION_HEADER = "Authorization";
-    public static final String BEARER_PREFIX = "Bearer ";
-
     private final JwtProvider jwtTokenProvider;
-
+    private final TokenExtractor tokenExtractor;
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
         // 1. Request Header에서 JWT 토큰 추출
-        String token = resolveToken((HttpServletRequest) request);
+        String token = tokenExtractor.extractToken((HttpServletRequest) request);
         // 2. validateToken으로 토큰 유효성 검사
         if (token != null && jwtTokenProvider.validateToken(token)) {
             // 토큰이 유효할 경우 토큰에서 Authentication 객체를 가지고 와서 SecurityContext에 저장
@@ -39,13 +34,4 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
         // 에러 핸들링 필요
         chain.doFilter(request, response);
     }
-
-    // Request Header에서 토큰 정보 추출
-    private String resolveToken(HttpServletRequest request) {
-        String bearerToken = request.getHeader(AUTHORIZATION_HEADER);
-        if (StringUtils.hasText(bearerToken)) {
-            return bearerToken.substring(7);
-        }
-        return null;
-    }
 }

src/main/java/com/driveu/server/domain/auth/infra/JwtProvider.java

@@ -81,10 +81,9 @@ private Claims parseClaims(String accessToken) {
         }
     }
 
-    // 사용자 email 가져오기
+    // 토큰으로 사용자 email 가져오기
     public String getUserEmailFromToken(String accessToken) {
-        String token = accessToken.substring(7);
-        Claims claims = parseClaims(token);
+        Claims claims = parseClaims(accessToken);
         return claims.getSubject();
     }
 }

src/main/java/com/driveu/server/domain/directory/api/DirectoryApi.java

@@ -6,7 +6,10 @@
 import com.driveu.server.domain.directory.dto.request.DirectoryOrderUpdateRequest;
 import com.driveu.server.domain.directory.dto.request.DirectoryRenameRequest;
 import com.driveu.server.domain.directory.dto.response.*;
+import com.driveu.server.domain.user.domain.User;
+import com.driveu.server.global.config.security.auth.LoginUser;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.ArraySchema;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
@@ -42,10 +45,10 @@ public class DirectoryApi {
     })
     public ResponseEntity<?> getDirectories(
             @PathVariable Long userSemesterId,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
-            List<DirectoryTreeResponse> tree = directoryService.getDirectoryTree(token, userSemesterId);
+            List<DirectoryTreeResponse> tree = directoryService.getDirectoryTree(user, userSemesterId);
             return ResponseEntity.ok(tree);
         } catch (EntityNotFoundException e){
             return ResponseEntity.status(HttpStatus.NOT_FOUND)
@@ -74,10 +77,10 @@ public ResponseEntity<?> getDirectories(
     public ResponseEntity<?> createDirectory(
             @PathVariable Long userSemesterId,
             @RequestBody DirectoryCreateRequest request,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
-            DirectoryCreateResponse response = directoryService.createDirectory(token, userSemesterId, request);
+            DirectoryCreateResponse response = directoryService.createDirectory(user, userSemesterId, request);
             return ResponseEntity.ok(response);
         } catch (EntityNotFoundException e){
             return ResponseEntity.status(HttpStatus.NOT_FOUND)
@@ -103,7 +106,7 @@ public ResponseEntity<?> createDirectory(
     public ResponseEntity<?> renameDirectory(
             @PathVariable Long id,
             @RequestBody DirectoryRenameRequest request,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
             DirectoryRenameResponse response = directoryService.renameDirectory(id, request);
@@ -131,7 +134,7 @@ public ResponseEntity<?> renameDirectory(
     })
     public ResponseEntity<?> deleteDirectory(
             @PathVariable Long id,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
             directoryService.softDeleteDirectory(id);
@@ -161,7 +164,7 @@ public ResponseEntity<?> deleteDirectory(
     public ResponseEntity<?> moveDirectoryParent(
             @PathVariable Long id,
             @RequestBody DirectoryMoveParentRequest request,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
             DirectoryMoveParentResponse response = directoryService.moveDirectoryParent(id, request);
@@ -186,7 +189,7 @@ public ResponseEntity<?> moveDirectoryParent(
     })
     public ResponseEntity<?> updateDirectoryOrder(
             @RequestBody DirectoryOrderUpdateRequest request,
-            @RequestHeader("Authorization") String token
+            @Parameter(hidden = true) @LoginUser User user
     ) {
         try {
             DirectoryOrderUpdateResponse response = directoryService.updateDirectoryOrder(request);

src/main/java/com/driveu/server/domain/directory/application/DirectoryService.java

@@ -1,7 +1,6 @@
 package com.driveu.server.domain.directory.application;
 
 import com.amazonaws.services.kms.model.NotFoundException;
-import com.driveu.server.domain.auth.infra.JwtProvider;
 import com.driveu.server.domain.directory.dao.DirectoryHierarchyRepository;
 import com.driveu.server.domain.directory.dao.DirectoryRepository;
 import com.driveu.server.domain.directory.domain.Directory;
@@ -13,7 +12,6 @@
 import com.driveu.server.domain.resource.domain.ResourceDirectory;
 import com.driveu.server.domain.semester.dao.UserSemesterRepository;
 import com.driveu.server.domain.semester.domain.UserSemester;
-import com.driveu.server.domain.user.dao.UserRepository;
 import com.driveu.server.domain.user.domain.User;
 import jakarta.persistence.EntityNotFoundException;
 import lombok.RequiredArgsConstructor;
@@ -30,8 +28,6 @@ public class DirectoryService {
 
     private final DirectoryRepository directoryRepository;
     private final DirectoryHierarchyRepository directoryHierarchyRepository;
-    private final JwtProvider jwtProvider;
-    private final UserRepository userRepository;
     private final UserSemesterRepository userSemesterRepository;
     private final ResourceDirectoryRepository resourceDirectoryRepository;
 
@@ -78,9 +74,9 @@ private void saveHierarchy(Directory parent, Directory descendant, int depth) {
     }
 
     @Transactional
-    public List<DirectoryTreeResponse> getDirectoryTree(String token, Long userSemesterId) {
+    public List<DirectoryTreeResponse> getDirectoryTree(User user, Long userSemesterId) {
         System.out.println("start getDirectoryTree");
-        validateUserSemester(token, userSemesterId);
+        validateUserSemester(user, userSemesterId);
 
         List<Object[]> result = directoryHierarchyRepository.findAllHierarchiesWithDescendantsByUserSemesterId(userSemesterId);
 
@@ -126,8 +122,8 @@ public List<DirectoryTreeResponse> getDirectoryTree(String token, Long userSemes
     }
 
     @Transactional
-    public DirectoryCreateResponse createDirectory(String token, Long userSemesterId, DirectoryCreateRequest request) {
-        UserSemester userSemester = validateUserSemester(token, userSemesterId);
+    public DirectoryCreateResponse createDirectory(User user, Long userSemesterId, DirectoryCreateRequest request) {
+        UserSemester userSemester = validateUserSemester(user, userSemesterId);
 
         if (request.getParentDirectoryId() == 0) {
             return createTopLevelDirectory(userSemester, request);
@@ -191,12 +187,7 @@ private DirectoryCreateResponse createDescendentDirectory(UserSemester userSemes
         return DirectoryCreateResponse.from(newDirectory);
     }
 
-    private @NotNull UserSemester validateUserSemester(String token, Long userSemesterId) {
-        String email = jwtProvider.getUserEmailFromToken(token);
-
-        User user = userRepository.findByEmail(email)
-                .orElseThrow(() -> new EntityNotFoundException("User not found"));
-
+    private @NotNull UserSemester validateUserSemester(User user, Long userSemesterId) {
         UserSemester userSemester = userSemesterRepository.findById(userSemesterId)
                 .orElseThrow(() -> new EntityNotFoundException("UserSemester not found"));
 

src/main/java/com/driveu/server/domain/question/api/QuestionApi.java

@@ -5,7 +5,10 @@
 import com.driveu.server.domain.question.dto.request.QuestionCreateRequest;
 import com.driveu.server.domain.question.dto.response.QuestionListResponse;
 import com.driveu.server.domain.question.dto.response.QuestionResponse;
+import com.driveu.server.domain.user.domain.User;
+import com.driveu.server.global.config.security.auth.LoginUser;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
@@ -40,9 +43,10 @@ public class QuestionApi {
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> createQuestion(
-            @RequestHeader("Authorization") String token,
             @PathVariable Long directoryId,
-            @RequestBody List<QuestionCreateRequest> requestList){
+            @RequestBody List<QuestionCreateRequest> requestList,
+            @Parameter(hidden = true) @LoginUser User user
+    ){
         try {
             QuestionResponse response = questionCreatorService.createQuestion(directoryId, requestList);
             return ResponseEntity.ok(response);
@@ -74,8 +78,9 @@ public ResponseEntity<?> createQuestion(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> getQuestionById(
-            @RequestHeader("Authorization") String token,
-            @PathVariable Long questionId){
+            @PathVariable Long questionId,
+            @Parameter(hidden = true) @LoginUser User user
+    ){
         try {
             QuestionResponse response = questionQueryService.getQuestionById(questionId);
             return ResponseEntity.ok(response);
@@ -107,8 +112,9 @@ public ResponseEntity<?> getQuestionById(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> getQuestionsByUserSemester(
-            @RequestHeader("Authorization") String token,
-            @PathVariable Long userSemesterId){
+            @PathVariable Long userSemesterId,
+            @Parameter(hidden = true) @LoginUser User user
+    ){
         try {
             List<QuestionListResponse> response = questionQueryService.getQuestionsByUserSemester(userSemesterId);
             return ResponseEntity.ok(response);

src/main/java/com/driveu/server/domain/resource/api/NoteApi.java

@@ -9,7 +9,10 @@
 import com.driveu.server.domain.resource.dto.response.NoteResponse;
 import com.driveu.server.domain.resource.dto.response.NoteUpdateTagResponse;
 import com.driveu.server.domain.resource.dto.response.NoteUpdateTitleResponse;
+import com.driveu.server.domain.user.domain.User;
+import com.driveu.server.global.config.security.auth.LoginUser;
 import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
@@ -42,9 +45,10 @@ public class NoteApi {
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> createNote(
-            @RequestHeader("Authorization") String token,
             @PathVariable Long directoryId,
-            @RequestBody NoteCreateRequest request){
+            @RequestBody NoteCreateRequest request,
+            @Parameter(hidden = true) @LoginUser User user
+    ){
         try {
             NoteCreateResponse response = noteService.createNote(directoryId, request);
             return ResponseEntity.ok(response);
@@ -73,8 +77,9 @@ public ResponseEntity<?> createNote(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> getNoteById(
-            @RequestHeader("Authorization") String token,
-            @PathVariable Long noteId){
+            @PathVariable Long noteId,
+            @Parameter(hidden = true) @LoginUser User user
+    ){
         try {
             NoteResponse response = noteService.getNoteWithTagById(noteId);
             return ResponseEntity.ok(response);
@@ -103,9 +108,9 @@ public ResponseEntity<?> getNoteById(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> updateNoteTitle(
-            @RequestHeader("Authorization") String token,
             @PathVariable Long noteId,
-            @RequestBody NoteUpdateTitleRequest request
+            @RequestBody NoteUpdateTitleRequest request,
+            @Parameter(hidden = true) @LoginUser User user
     ){
         try {
             NoteUpdateTitleResponse response = noteService.updateNoteTitle(noteId, request);
@@ -135,9 +140,9 @@ public ResponseEntity<?> updateNoteTitle(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> updateNoteContent(
-            @RequestHeader("Authorization") String token,
             @PathVariable Long noteId,
-            @RequestBody NoteUpdateContentRequest request
+            @RequestBody NoteUpdateContentRequest request,
+            @Parameter(hidden = true) @LoginUser User user
     ){
         try {
             NoteCreateResponse response = noteService.updateNoteContent(noteId, request);
@@ -167,9 +172,9 @@ public ResponseEntity<?> updateNoteContent(
             @ApiResponse(responseCode = "500", description = "서버 내부 오류")
     })
     public ResponseEntity<?> updateNoteTag(
-            @RequestHeader("Authorization") String token,
             @PathVariable Long noteId,
-            @RequestBody NoteUpdateTagRequest request
+            @RequestBody NoteUpdateTagRequest request,
+            @Parameter(hidden = true) @LoginUser User user
     ){
         try {
             NoteUpdateTagResponse response = noteService.updateNoteTag(noteId, request);