Skip to content

SW-rocket-dan/card-capture-be

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

106 Commits
docs
docs
ย 
ย 
gradle/wrapper
gradle/wrapper
ย 
ย 
src
src
ย 
ย 
.gitignore
.gitignore
ย 
ย 
build.gradle
build.gradle
ย 
ย 
gradlew
gradlew
ย 
ย 
gradlew.bat
gradlew.bat
ย 
ย 
settings.gradle
settings.gradle
ย 
ย 

Repository files navigation

[์œ ์ €]

  • ์œ ์ €๋Š” ํšŒ์›๊ฐ€์ž…์„ ํ†ตํ•ด ํšŒ์›๊ฐ€์ž…์„ ํ•  ์ˆ˜ ์žˆ๋‹ค. OAuthV3.png
    • ์œ ์ €๋Š” Google ๊ฐ„ํŽธ ๋กœ๊ทธ์ธ์„ ํ•  ์ˆ˜ ์žˆ๋‹ค. (OAuth2.0)
      • Google๋กœ๋ถ€ํ„ฐ ๋ฐ›์•„์˜ฌ ๊ฐœ์ธ์ •๋ณด๋Š” ์ด๋ฆ„, email์ด๋‹ค.
      • ํ”„๋ก ํŠธ์—”๋“œ์—์„œ ๊ฐœ์ธ์ •๋ณด๋ฅผ ์กฐํšŒํ•  ์ˆ˜ ์žˆ๋‹ค.
        • GET localhost:8080/api/v1/user/me
          • ๋ธŒ๋ผ์šฐ์ € ํ—ค๋”์— JWT๊ฐ€ ํ•„์š”ํ•˜๋‹ค.
          • JWT๊ฐ€ ์—†์œผ๋ฉด 401 Unauthorized403 Forbidden๋ฅผ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
          • JWT๊ฐ€ ์œ ํšจํ•˜์ง€ ์•Š์œผ๋ฉด 401 Unauthorized403 Forbidden๋ฅผ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
        • MySQL RDB์— ์œ ์ € ๊ฐœ์ธ ์ •๋ณด๊ฐ€ ์ €์žฅ๋˜์–ด ์žˆ๋‹ค.
        • RDB์—์„œ ์œ ์ € ๊ฐœ์ธ ์ •๋ณด๋ฅผ ์กฐํšŒํ•  ์ˆ˜ ์žˆ๋‹ค.
          • ์œ ์ €id๋กœ_๊ฐœ์ธ_์ •๋ณด๋ฅผ_์กฐํšŒํ• _์ˆ˜_์—†์œผ๋ฉด_์˜ˆ์™ธ๊ฐ€_๋ฐœ์ƒํ•œ๋‹ค
          • ์œ ์ €๋ฅผ_์ƒ์„ฑํ• _์ˆ˜_์žˆ๋‹ค
      • ํ”„๋ก ํŠธ์—”๋“œ์— ๊ตฌ๊ธ€ ์ธ๊ฐ€ ์„œ๋ฒ„์— ๋ณด๋‚ผ ๋ฐ์ดํ„ฐ๋ฅผ HTTP API๋กœ ์ œ๊ณตํ•œ๋‹ค.
        • GET/POST localhost:8080/api/v1/auth/google/login
        • ์ด๋ฏธ ๋กœ๊ทธ์ธ๋œ ์‚ฌ์šฉ์ž๊ฐ€ ์š”์ฒญํ•˜๋ฉด 400 Bad Request๋ฅผ ๋ฐ˜ํ™˜ํ•œ๋‹ค.
          • ์ด๋ฏธ ๋กœ๊ทธ์ธ๋˜์—ˆ๋‹ค๋Š” ๊ธฐ์ค€์€ JWT๊ฐ€ ์œ ํšจํ•œ์ง€ ์—ฌ๋ถ€์ด๋‹ค. (์ด ๋ถ€๋ถ„ ํ…Œ์ŠคํŠธ ์–ด๋–ป๊ฒŒ ํ•  ์ง€ ๊ณ ๋ฏผ ์ค‘)
      • ๋ณด๋‚ด์ค„ ๋ฐ์ดํ„ฐ ์˜ˆ์‹œ
        • client_id: ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜์˜ ํด๋ผ์ด์–ธํŠธ ID.
        • redirect_uri: ์ธ์ฆ ํ›„ ์‚ฌ์šฉ์ž๊ฐ€ ๋Œ์•„์˜ฌ URI.
        • response_type: ๋ฐ˜ํ™˜๋˜๋Š” ์ธ์ฆ ์ฝ”๋“œ(code).
        • scope: ์š”์ฒญํ•˜๋Š” ๊ถŒํ•œ(์˜ˆ: openid, email, profile).
        • state(์„ ํƒ): CSRF ๊ณต๊ฒฉ์„ ๋ฐฉ์ง€ํ•˜๊ธฐ ์œ„ํ•œ ์ž„์˜์˜ ๋ฌธ์ž์—ด.
  • ์˜ˆ์‹œ
GET HTTP/1.1 302 Found
Location: https://accounts.google.com/o/oauth2/v2/auth?
client_id=YOUR_CLIENT_ID&
redirect_uri=https://localhost:8080/api/v1/auth/google/redirect
response_type=code&
scope=openid%20email%20profile&
state=xyz

ใ…ค

  • ์‚ฌ์šฉ์ž๊ฐ€ ๊ตฌ๊ธ€ ์ธ๊ฐ€ ํŽ˜์ด์ง€์—์„œ ๋กœ๊ทธ์ธ์„ ์„ฑ๊ณต์‹œ์ผฐ์œผ๋ฉด, ๊ตฌ๊ธ€์ด ํ”„๋ก ํŠธ ์„œ๋ฒ„๋ฅผ ํ†ตํ•ด https://localhost:8080/api/v1/auth/google/redirect ๋กœ ๋ณด๋‚ด๋Š” ๋ฆฌ๋‹ค์ด๋ ‰ํŠธ๋ฅผ ๋ฐ›๋Š”๋‹ค.
    • ์ด ์š”์ฒญ์—๋Š” ๊ตฌ๊ธ€ ์ธ๊ฐ€ ์„œ๋ฒ„์—์„œ ๋ฐœ๊ธ‰ํ•œ ์œ ์ €์˜ Access Token๊ณผ Refresh Token์ด ๋‹ด๊ฒจ์žˆ๋‹ค.
  • ๊ตฌ๊ธ€ ๋ฐ์ดํ„ฐ ์„œ๋ฒ„์— Access Token์„ ํ†ตํ•ด ์œ ์ €์˜ ์ •๋ณด๋ฅผ ์š”์ฒญํ•˜๊ณ  ๋ฐ›์•„์˜จ๋‹ค.
POST https://oauth2.googleapis.com/token
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=AUTH_CODE&redirect_uri=YOUR_REDIRECT_URI&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET

  • JWT๋ฅผ ๋ฐœํ–‰ํ•œ๋‹ค.

  • JWT๋ฅผ response body์— ๋‹ด์•„ jsonํ˜•ํƒœ๋กœ ๋ฐ˜ํ™˜ํ•œ๋‹ค.

  • API๋Š” Swagger์—์„œ ํ™•์ธ ๊ฐ€๋Šฅํ•˜๋‹ค.

  • ์œ ์ €๋Š” ์ž๋™ ๋กœ๊ทธ์ธ์„ ํ•  ์ˆ˜ ์žˆ๋‹ค.

    • refresh token์„ ๋ฐœ๊ธ‰ํ•  ์ˆ˜ ์žˆ๋‹ค.
    • refresh token์„ ํ†ตํ•ด access token์„ ์žฌ๋ฐœ๊ธ‰ ๋ฐ›๋Š”๋‹ค.
    • ํ”„๋ก ํŠธ์—์„œ access token ๋ณด๋‚ผ ๋•Œ 401 => refresh token ์•ˆ๋ณด๋ƒ„(์‚ฌ์šฉ์ž๊ฐ€ ์ง์ ‘ ๋กœ๊ทธ์•„์›ƒ/๋ธ”๋ž™๋ฆฌ์ŠคํŠธ ๋“ฑ)
    • ํ”„๋ก ํŠธ์—์„œ access token ๋ณด๋‚ผ ๋•Œ 403 => refresh token์ด ์žˆ์œผ๋ฉด ๋ณด๋‚ด์ฃผ์„ธ์šฅ(๋ชจ์ข…์˜ ์ด์œ ๋กœ ํ† ํฐ์ด ์˜ฌ๋ฐ”๋ฅด์ง€ ์•Š์Œ. ์žฌ์ธ์ฆ ํ•„์š”)

  • ์œ ์ €๋Š” ๋กœ๊ทธ์•„์›ƒ์„ ํ•  ์ˆ˜ ์žˆ๋‹ค.

  • ์œ ์ €๋Š” ํšŒ์›ํƒˆํ‡ด๋ฅผ ํ•  ์ˆ˜ ์žˆ๋‹ค.

  • (์œ ์ €๋Š” ํšŒ์›์ •๋ณด๋ฅผ ์ˆ˜์ •ํ•  ์ˆ˜ ์žˆ๋‹ค.)

  • ๋ธ”๋ž™๋ฆฌ์ŠคํŠธ๋ฅผ ์ง์ ‘ ๋“ฑ๋กํ•˜์—ฌ ์ฐจ๋‹จํ•  ์ˆ˜ ์žˆ๋‹ค.

About

๐Ÿš€ SW Maestro 15th "Card Capture" BE

Resources

Readme
Activity
Custom properties

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages