From 81d312eb0477ca07b2455ea1e422911fdcedbf52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EB=B0=95=EC=9B=90=EC=97=BD?= Date: Fri, 19 Jun 2026 15:51:58 +0900 Subject: [PATCH] Restore custom JWT principal --- .../core/config/jwt/JwtProvider.kt | 17 ++++++-- .../core/config/jwt/JwtProviderTest.kt | 43 +++++++++++++++++++ 2 files changed, 57 insertions(+), 3 deletions(-) create mode 100644 src/test/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProviderTest.kt diff --git a/src/main/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProvider.kt b/src/main/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProvider.kt index 26df401..92502f2 100644 --- a/src/main/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProvider.kt +++ b/src/main/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProvider.kt @@ -10,7 +10,6 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.core.Authentication import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.authority.SimpleGrantedAuthority -import org.springframework.security.core.userdetails.User import org.springframework.stereotype.Component import java.util.* import javax.crypto.SecretKey @@ -90,7 +89,19 @@ class JwtProvider( .map { SimpleGrantedAuthority(it) } // UserDetails 객체를 생성하여 Authentication에 담음 (비밀번호는 불필요하므로 빈 문자열) - val principal = User(claims.subject, "", authorities) + val memberId = when (val claim = claims["memberId"]) { + is Number -> claim.toLong() + is String -> claim.toLong() + else -> throw RuntimeException("memberId claim is missing.") + } + val nickname = claims["nickname"]?.toString() ?: claims.subject + val principal = CustomUserDetails( + memberId = memberId, + nickname = nickname, + username = claims.subject, + password = "", + authorities = authorities + ) return UsernamePasswordAuthenticationToken(principal, "", authorities) } @@ -126,4 +137,4 @@ class JwtProvider( e.claims } } -} \ No newline at end of file +} diff --git a/src/test/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProviderTest.kt b/src/test/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProviderTest.kt new file mode 100644 index 0000000..6c3c605 --- /dev/null +++ b/src/test/kotlin/me/wypark/blogbackend/core/config/jwt/JwtProviderTest.kt @@ -0,0 +1,43 @@ +package me.wypark.blogbackend.core.config.jwt + +import me.wypark.blogbackend.domain.auth.CustomUserDetails +import org.junit.jupiter.api.Test +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken +import org.springframework.security.core.authority.SimpleGrantedAuthority +import kotlin.test.assertEquals +import kotlin.test.assertIs + +class JwtProviderTest { + + private val jwtProvider = JwtProvider( + secretKey = "c2VjcmV0LWtleS1mb3ItdGVzdC1hZG1pbi1kYXNoYm9hcmQtMzItYnl0ZXM=", + accessTokenValidity = 600000, + refreshTokenValidity = 604800000 + ) + + @Test + fun `access token authentication restores custom user details`() { + val originalPrincipal = CustomUserDetails( + memberId = 2L, + nickname = "tester", + username = "tester@example.com", + password = "", + authorities = listOf(SimpleGrantedAuthority("ROLE_ADMIN")) + ) + val token = jwtProvider.generateTokenDto( + UsernamePasswordAuthenticationToken( + originalPrincipal, + "", + originalPrincipal.authorities + ) + ) + + val authentication = jwtProvider.getAuthentication(token.accessToken) + val principal = assertIs(authentication.principal) + + assertEquals(2L, principal.memberId) + assertEquals("tester", principal.nickname) + assertEquals("tester@example.com", principal.username) + assertEquals("ROLE_ADMIN", authentication.authorities.single().authority) + } +}