diff --git a/src/main/java/com/gcms/v3/global/security/jwt/JwtTokenProvider.java b/src/main/java/com/gcms/v3/global/security/jwt/JwtTokenProvider.java index 77bb23a..0fa3f11 100644 --- a/src/main/java/com/gcms/v3/global/security/jwt/JwtTokenProvider.java +++ b/src/main/java/com/gcms/v3/global/security/jwt/JwtTokenProvider.java @@ -9,7 +9,6 @@ import jakarta.annotation.PostConstruct; import jakarta.servlet.http.HttpServletRequest; import lombok.RequiredArgsConstructor; -import org.springframework.beans.factory.annotation.Value; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.userdetails.UserDetails; @@ -20,24 +19,24 @@ import java.time.LocalDateTime; import java.util.Date; +import static com.gcms.v3.global.security.jwt.JwtProperties.*; + @Component @RequiredArgsConstructor public class JwtTokenProvider { - @Value("${jwt.secret}") - private String secretKey; - private static final String AUTHORITIES = "auth"; - private static final String GRANT_TYPE = "Bearer"; - private static final String TOKEN_PREFIX = "Bearer "; - private static final long ACCESS_TOKEN_TIME = 1000 * 60 * 30L; - private static final long REFRESH_TOKEN_TIME = 1000L * 60 * 60 * 24 * 7; - private static Key key; + private static Key accessTokenkey; + private static Key refreshtokenkey; private final AuthDetailsService authDetailsService; + private final JwtProperties jwtProperties; @PostConstruct public void init() { - byte[] keyBytes = Decoders.BASE64.decode(secretKey); - key = Keys.hmacShaKeyFor(keyBytes); + byte[] keyBytes = Decoders.BASE64.decode(jwtProperties.getAccessTokenKey()); + accessTokenkey = Keys.hmacShaKeyFor(keyBytes); + + byte[] refreshKeyBytes = Decoders.BASE64.decode(jwtProperties.getRefreshTokenKey()); + refreshtokenkey = Keys.hmacShaKeyFor(refreshKeyBytes); } public TokenInfoResponseDto generateToken(String email) { @@ -60,7 +59,7 @@ private String generateAccessToken(String email) { .setHeaderParam("typ", GRANT_TYPE) .claim(AUTHORITIES, "JWT") .setExpiration(accessTokenExpiresIn) - .signWith(key, SignatureAlgorithm.HS256) + .signWith(accessTokenkey, SignatureAlgorithm.HS256) .compact(); } @@ -72,7 +71,7 @@ private String generateRefreshToken(String email) { return Jwts.builder() .setSubject(email) .setHeaderParam("typ", "JWT") - .signWith(key, SignatureAlgorithm.HS256) + .signWith(refreshtokenkey, SignatureAlgorithm.HS256) .claim(AUTHORITIES, "JWT") .setIssuedAt(new Date()) .setExpiration(refreshTokenExpiresIn) @@ -92,7 +91,7 @@ public Authentication getAuthentication(String token) { private Claims parseClaims(String assessToken) { try { - return Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(assessToken).getBody(); + return Jwts.parserBuilder().setSigningKey(accessTokenkey).build().parseClaimsJws(assessToken).getBody(); } catch (ExpiredJwtException e) { return e.getClaims(); } @@ -108,7 +107,7 @@ public String resolveToken(HttpServletRequest request) { public boolean validateToken(String token) { try { - Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token); + Jwts.parserBuilder().setSigningKey(accessTokenkey).build().parseClaimsJws(token); return true; } catch (SecurityException | MalformedJwtException e) { throw new InvalidAuthTokenException(); diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index f4e822e..dbb1386 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -34,4 +34,6 @@ spring: port: 6379 jwt: - secret: ${JWT_SECRET} \ No newline at end of file + secret: + access-token: ${ACCESS_TOKEN_KEY} + refresh-token: ${REFRESH_TOKEN_KEY} \ No newline at end of file