diff --git a/backend/src/main/java/com/ody/auth/token/AccessToken.java b/backend/src/main/java/com/ody/auth/token/AccessToken.java index 7c04976fe..b03d860ea 100644 --- a/backend/src/main/java/com/ody/auth/token/AccessToken.java +++ b/backend/src/main/java/com/ody/auth/token/AccessToken.java @@ -29,7 +29,7 @@ public AccessToken(String rawValue) { } private void validate(String value) { - if (!value.startsWith(ACCESS_TOKEN_PREFIX)) { + if (value == null || !value.startsWith(ACCESS_TOKEN_PREFIX)) { throw new OdyBadRequestException("잘못된 액세스 토큰 형식입니다."); } } diff --git a/backend/src/main/java/com/ody/auth/token/RefreshToken.java b/backend/src/main/java/com/ody/auth/token/RefreshToken.java index 6f0e2fbda..f0d9df2b3 100644 --- a/backend/src/main/java/com/ody/auth/token/RefreshToken.java +++ b/backend/src/main/java/com/ody/auth/token/RefreshToken.java @@ -22,13 +22,21 @@ public class RefreshToken implements JwtToken { @Column(name = "refreshToken") private String value; + public RefreshToken(AuthProperties authProperties) { + Date validity = new Date(System.currentTimeMillis() + authProperties.getRefreshExpiration()); + this.value = Jwts.builder() + .setExpiration(validity) + .signWith(SignatureAlgorithm.HS256, authProperties.getRefreshKey()) + .compact(); + } + public RefreshToken(String rawValue) { validate(rawValue); this.value = parseRefreshToken(rawValue); } private void validate(String value) { - if (!value.startsWith(REFRESH_TOKEN_PREFIX)) { + if (value == null || !value.startsWith(REFRESH_TOKEN_PREFIX)) { throw new OdyBadRequestException("잘못된 리프레시 토큰 형식입니다."); } } @@ -37,14 +45,6 @@ private String parseRefreshToken(String rawValue) { return rawValue.substring(REFRESH_TOKEN_PREFIX.length()).trim(); } - public RefreshToken(AuthProperties authProperties) { - Date validity = new Date(System.currentTimeMillis() + authProperties.getRefreshExpiration()); - this.value = Jwts.builder() - .setExpiration(validity) - .signWith(SignatureAlgorithm.HS256, authProperties.getRefreshKey()) - .compact(); - } - @Override public String getSecretKey(AuthProperties authProperties) { return authProperties.getRefreshKey(); diff --git a/backend/src/test/java/com/ody/auth/token/AccessTokenTest.java b/backend/src/test/java/com/ody/auth/token/AccessTokenTest.java new file mode 100644 index 000000000..0c949b305 --- /dev/null +++ b/backend/src/test/java/com/ody/auth/token/AccessTokenTest.java @@ -0,0 +1,17 @@ +package com.ody.auth.token; + +import static org.assertj.core.api.Assertions.assertThatThrownBy; + +import com.ody.common.exception.OdyBadRequestException; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; + +class AccessTokenTest { + + @DisplayName("액세스 토큰이 널이면 400 에러가 발생한다.") + @Test + void nullAccessTokenException() { + assertThatThrownBy(() -> new AccessToken(null)) + .isInstanceOf(OdyBadRequestException.class); + } +} diff --git a/backend/src/test/java/com/ody/auth/token/RefreshTokenTest.java b/backend/src/test/java/com/ody/auth/token/RefreshTokenTest.java new file mode 100644 index 000000000..2ef3295f1 --- /dev/null +++ b/backend/src/test/java/com/ody/auth/token/RefreshTokenTest.java @@ -0,0 +1,17 @@ +package com.ody.auth.token; + +import static org.assertj.core.api.Assertions.assertThatThrownBy; + +import com.ody.common.exception.OdyBadRequestException; +import org.junit.jupiter.api.DisplayName; +import org.junit.jupiter.api.Test; + +class RefreshTokenTest { + + @DisplayName("리프레시 토큰이 널이면 400 에러가 발생한다.") + @Test + void nullRefreshTokenException() { + assertThatThrownBy(() -> new RefreshToken((String) null)) + .isInstanceOf(OdyBadRequestException.class); + } +}