Feature | #4 | @lcomment | OAuth 관련 Provider 구현

cakk-client/src/main/java/com/cakk/client/web/GoogleAuthConfiguration.java → cakk-api/src/main/java/com/cakk/api/config/GoogleConfiguration.java

@@ -1,4 +1,4 @@
-package com.cakk.client.web;
+package com.cakk.api.config;
 
 import java.util.Collections;
 
@@ -10,11 +10,8 @@
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.gson.GsonFactory;
 
-import lombok.RequiredArgsConstructor;
-
 @Configuration
-@RequiredArgsConstructor
-public class GoogleAuthConfiguration {
+public class GoogleConfiguration {
 
 	@Value("${oauth.google.client-id}")
 	private String googleClientId;

cakk-api/src/main/java/com/cakk/api/provider/oauth/OidcProvider.java

@@ -0,0 +1,19 @@
+package com.cakk.api.provider.oauth;
+
+import static com.cakk.common.utils.DecodeUtils.*;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.util.Map;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+public abstract class OidcProvider {
+
+	public abstract String getProviderId(String idToken) throws GeneralSecurityException, IOException;
+
+	protected Map<String, String> parseHeaders(String token) throws IOException {
+		String header = token.split("\\.")[0];
+		return new ObjectMapper().readValue(decodeBase64(header), Map.class);
+	}
+}

cakk-api/src/main/java/com/cakk/api/provider/oauth/PublicKeyProvider.java

@@ -0,0 +1,41 @@
+package com.cakk.api.provider.oauth;
+
+import static com.cakk.common.enums.ReturnCode.*;
+import static com.cakk.common.utils.DecodeUtils.*;
+
+import java.math.BigInteger;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.RSAPublicKeySpec;
+import java.util.Map;
+
+import org.springframework.stereotype.Component;
+
+import com.cakk.client.vo.OidcPublicKey;
+import com.cakk.client.vo.OidcPublicKeyList;
+import com.cakk.common.exception.CakkException;
+
+@Component
+public class PublicKeyProvider {
+
+	public PublicKey generatePublicKey(Map<String, String> tokenHeaders, OidcPublicKeyList publicKeys) {
+		OidcPublicKey publicKey = publicKeys.getMatchedKey(tokenHeaders.get("kid"), tokenHeaders.get("alg"));
+
+		return getPublicKey(publicKey);
+	}
+
+	private PublicKey getPublicKey(OidcPublicKey publicKey) {
+		byte[] nBytes = decodeBase64(publicKey.n());
+		byte[] eBytes = decodeBase64(publicKey.e());
+
+		RSAPublicKeySpec publicKeySpec = new RSAPublicKeySpec(new BigInteger(1, nBytes), new BigInteger(1, eBytes));
+
+		try {
+			return KeyFactory.getInstance(publicKey.kty()).generatePublic(publicKeySpec);
+		} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+			throw new CakkException(EXTERNAL_SERVER_ERROR);
+		}
+	}
+}

cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/AppleAuthProvider.java

@@ -0,0 +1,11 @@
+package com.cakk.api.provider.oauth.impl;
+
+import com.cakk.api.provider.oauth.OidcProvider;
+
+public class AppleAuthProvider extends OidcProvider {
+
+	@Override
+	public String getProviderId(String idToken) {
+		return null;
+	}
+}

cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/GoogleAuthProvider.java

@@ -0,0 +1,36 @@
+package com.cakk.api.provider.oauth.impl;
+
+import static com.cakk.common.enums.ReturnCode.*;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+
+import org.springframework.stereotype.Component;
+
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
+
+import lombok.RequiredArgsConstructor;
+
+import com.cakk.api.provider.oauth.OidcProvider;
+import com.cakk.common.exception.CakkException;
+
+@Component
+@RequiredArgsConstructor
+public class GoogleAuthProvider extends OidcProvider {
+
+	private final GoogleIdTokenVerifier googleIdTokenVerifier;
+
+	@Override
+	public String getProviderId(String idToken) {
+		return getGoogleIdToken(idToken).getPayload().getSubject();
+	}
+
+	private GoogleIdToken getGoogleIdToken(String idToken) {
+		try {
+			return googleIdTokenVerifier.verify(idToken);
+		} catch (GeneralSecurityException | IOException e) {
+			throw new CakkException(EXTERNAL_SERVER_ERROR);
+		}
+	}
+}

cakk-api/src/main/java/com/cakk/api/provider/oauth/impl/KakaoAuthProvider.java

@@ -0,0 +1,19 @@
+package com.cakk.api.provider.oauth.impl;
+
+import org.springframework.stereotype.Component;
+import lombok.RequiredArgsConstructor;
+
+import com.cakk.api.provider.oauth.OidcProvider;
+import com.cakk.client.web.KakaoAuthClient;
+
+@Component
+@RequiredArgsConstructor
+public class KakaoAuthProvider extends OidcProvider {
+
+	private final KakaoAuthClient kakaoAuthClient;
+
+	@Override
+	public String getProviderId(String idToken) {
+		return null;
+	}
+}

cakk-api/src/main/java/com/cakk/api/vo/OAuthUserDetails.java

@@ -0,0 +1,91 @@
+package com.cakk.api.vo;
+
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
+import org.springframework.security.oauth2.core.oidc.user.OidcUser;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+
+import com.cakk.domain.entity.user.User;
+
+public class OAuthUserDetails implements UserDetails, OidcUser, OAuth2User {
+
+	private final User user;
+	private final Map<String, Object> attribute;
+
+	public OAuthUserDetails(User user, Map<String, Object> attribute) {
+		this.user = user;
+		this.attribute = attribute;
+	}
+
+	public OAuthUserDetails(User user) {
+		this.user = user;
+		this.attribute = Map.of("id", user.getId());
+	}
+
+	@Override
+	public String getName() {
+		return user.getId().toString();
+	}
+
+	@Override
+	public Map<String, Object> getAttributes() {
+		return attribute;
+	}
+
+	@Override
+	public Collection<? extends GrantedAuthority> getAuthorities() {
+		return List.of(new SimpleGrantedAuthority(user.getRole().getSecurityRole()));
+	}
+
+	@Override
+	public String getPassword() {
+		return "password";
+	}
+
+	@Override
+	public String getUsername() {
+		return user.getId().toString();
+	}
+
+	@Override
+	public boolean isAccountNonExpired() {
+		return true;
+	}
+
+	@Override
+	public boolean isAccountNonLocked() {
+		return true;
+	}
+
+	@Override
+	public boolean isCredentialsNonExpired() {
+		return true;
+	}
+
+	@Override
+	public boolean isEnabled() {
+		return true;
+	}
+
+	@Override
+	public Map<String, Object> getClaims() {
+		return null;
+	}
+
+	@Override
+	public OidcUserInfo getUserInfo() {
+		return null;
+	}
+
+	@Override
+	public OidcIdToken getIdToken() {
+		return null;
+	}
+}

cakk-client/build.gradle

@@ -4,8 +4,6 @@ dependencies {
 	implementation project(':cakk-common')
 
 	implementation('org.springframework.boot:spring-boot-starter-web')
-	implementation('com.google.api-client:google-api-client-jackson2:2.2.0')
-	implementation('com.google.api-client:google-api-client:2.2.0')
 }
 
 bootJar {