feat: 액세스, 리프레시 토큰 널 체크 (#932)

woowacourse-teams · Dec 28, 2024 · 6dbedfc · 6dbedfc
1 parent 2611b30
commit 6dbedfc
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 10 deletions.
diff --git a/backend/src/main/java/com/ody/auth/token/AccessToken.java b/backend/src/main/java/com/ody/auth/token/AccessToken.java
@@ -29,7 +29,7 @@ public AccessToken(String rawValue) {
     }
 
     private void validate(String value) {
-        if (!value.startsWith(ACCESS_TOKEN_PREFIX)) {
+        if (value == null || !value.startsWith(ACCESS_TOKEN_PREFIX)) {
             throw new OdyBadRequestException("잘못된 액세스 토큰 형식입니다.");
         }
     }

diff --git a/backend/src/main/java/com/ody/auth/token/RefreshToken.java b/backend/src/main/java/com/ody/auth/token/RefreshToken.java
@@ -22,13 +22,21 @@ public class RefreshToken implements JwtToken {
     @Column(name = "refreshToken")
     private String value;
 
+    public RefreshToken(AuthProperties authProperties) {
+        Date validity = new Date(System.currentTimeMillis() + authProperties.getRefreshExpiration());
+        this.value = Jwts.builder()
+                .setExpiration(validity)
+                .signWith(SignatureAlgorithm.HS256, authProperties.getRefreshKey())
+                .compact();
+    }
+
     public RefreshToken(String rawValue) {
         validate(rawValue);
         this.value = parseRefreshToken(rawValue);
     }
 
     private void validate(String value) {
-        if (!value.startsWith(REFRESH_TOKEN_PREFIX)) {
+        if (value == null || !value.startsWith(REFRESH_TOKEN_PREFIX)) {
             throw new OdyBadRequestException("잘못된 리프레시 토큰 형식입니다.");
         }
     }
@@ -37,14 +45,6 @@ private String parseRefreshToken(String rawValue) {
         return rawValue.substring(REFRESH_TOKEN_PREFIX.length()).trim();
     }
 
-    public RefreshToken(AuthProperties authProperties) {
-        Date validity = new Date(System.currentTimeMillis() + authProperties.getRefreshExpiration());
-        this.value = Jwts.builder()
-                .setExpiration(validity)
-                .signWith(SignatureAlgorithm.HS256, authProperties.getRefreshKey())
-                .compact();
-    }
-
     @Override
     public String getSecretKey(AuthProperties authProperties) {
         return authProperties.getRefreshKey();

diff --git a/backend/src/test/java/com/ody/auth/token/AccessTokenTest.java b/backend/src/test/java/com/ody/auth/token/AccessTokenTest.java
@@ -0,0 +1,17 @@
+package com.ody.auth.token;
+
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import com.ody.common.exception.OdyBadRequestException;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+
+class AccessTokenTest {
+
+    @DisplayName("액세스 토큰이 널이면 400 에러가 발생한다.")
+    @Test
+    void nullAccessTokenException() {
+        assertThatThrownBy(() -> new AccessToken(null))
+                .isInstanceOf(OdyBadRequestException.class);
+    }
+}
diff --git a/backend/src/test/java/com/ody/auth/token/RefreshTokenTest.java b/backend/src/test/java/com/ody/auth/token/RefreshTokenTest.java
@@ -0,0 +1,17 @@
+package com.ody.auth.token;
+
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import com.ody.common.exception.OdyBadRequestException;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+
+class RefreshTokenTest {
+
+    @DisplayName("리프레시 토큰이 널이면 400 에러가 발생한다.")
+    @Test
+    void nullRefreshTokenException() {
+        assertThatThrownBy(() -> new RefreshToken((String) null))
+                .isInstanceOf(OdyBadRequestException.class);
+    }
+}