diff --git a/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt b/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt index c6cfe15..7cf2ae1 100644 --- a/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt +++ b/src/main/kotlin/com/toyProject7/karrot/SecurityConfig.kt @@ -29,18 +29,16 @@ class SecurityConfig( .authorizeHttpRequests { registry -> registry .requestMatchers( - "/", "/login", "/css/**", "/js/**", "/images/**", "/oauth2/**" + "/api/auth/**", "oauth2/**" ).permitAll() .anyRequest().authenticated() } .oauth2Login { oauth2login -> oauth2login - .loginPage("/login") .userInfoEndpoint { userInfo -> userInfo.userService(socialLoginUserService) } .successHandler(customAuthenticationSuccessHandler) - .failureUrl("/login?error=true") } .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter::class.java) .build() diff --git a/src/main/kotlin/com/toyProject7/karrot/socialLogin/controller/SocialLoginController.kt b/src/main/kotlin/com/toyProject7/karrot/socialLogin/controller/SocialLoginController.kt index e1999ba..a72be42 100644 --- a/src/main/kotlin/com/toyProject7/karrot/socialLogin/controller/SocialLoginController.kt +++ b/src/main/kotlin/com/toyProject7/karrot/socialLogin/controller/SocialLoginController.kt @@ -1,19 +1,38 @@ package com.toyProject7.karrot.socialLogin.service +import com.toyProject7.karrot.user.persistence.UserPrincipal +import org.springframework.http.ResponseEntity +import org.springframework.security.core.annotation.AuthenticationPrincipal +import org.springframework.web.bind.annotation.GetMapping +import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RestController import java.security.Principal @RestController -class MainController { +class SocialLoginController { - @RequestMapping("/") - fun home(): String { - return "Home" + // Endpoint to initiate OAuth2 login for a specific provider + @GetMapping("/api/social/login/{provider}") + fun socialLogin(@PathVariable provider: String): ResponseEntity> { + val redirectUrl = "/oauth2/authorization/$provider" + val responseBody = mapOf("redirectUrl" to redirectUrl) + return ResponseEntity.ok(responseBody) } - @RequestMapping("/user") - fun user(principal: Principal): Principal { - return principal + @GetMapping("/api/social/me") + fun getCurrentUser(@AuthenticationPrincipal userPrincipal: UserPrincipal?): ResponseEntity { + if (userPrincipal == null) { + return ResponseEntity.status(401).body("Unauthorized") + } + + // Build a response with user details + val response = mapOf( + "id" to userPrincipal.id, + "email" to userPrincipal.username, + "name" to userPrincipal.getNickname() + ) + + return ResponseEntity.ok(response) } } \ No newline at end of file diff --git a/src/main/kotlin/com/toyProject7/karrot/socialLogin/handler/CustomAuthenticationSuccessHandler.kt b/src/main/kotlin/com/toyProject7/karrot/socialLogin/handler/CustomAuthenticationSuccessHandler.kt index 3d6e2ca..673e305 100644 --- a/src/main/kotlin/com/toyProject7/karrot/socialLogin/handler/CustomAuthenticationSuccessHandler.kt +++ b/src/main/kotlin/com/toyProject7/karrot/socialLogin/handler/CustomAuthenticationSuccessHandler.kt @@ -11,6 +11,7 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authentic import org.springframework.security.oauth2.core.user.OAuth2User import org.springframework.security.web.authentication.AuthenticationSuccessHandler import org.springframework.stereotype.Component +import org.springframework.web.util.UriComponentsBuilder @Component class CustomAuthenticationSuccessHandler( @@ -36,11 +37,13 @@ class CustomAuthenticationSuccessHandler( // Generate JWT val accessToken = UserAccessTokenUtil.generateAccessToken(user.id) - // Send the JWT in the response body as JSON - val responseBody = mapOf("accessToken" to accessToken, "user" to user) - response.contentType = "application/json" - response.characterEncoding = "UTF-8" - response.writer.write(ObjectMapper().writeValueAsString(responseBody)) + // Redirect to frontend with JWT included in URL fragment + val redirectUri = UriComponentsBuilder.fromUriString("https://your-frontend-domain.com/oauth2/redirect") + .fragment("token=$accessToken") + .build() + .toUriString() + + response.sendRedirect(redirectUri) } private fun extractProviderId(attributes: Map, provider: String): String { diff --git a/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt b/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt index 697483a..47e8890 100644 --- a/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt +++ b/src/main/kotlin/com/toyProject7/karrot/user/persistence/UserPrincipal.kt @@ -7,6 +7,7 @@ import org.springframework.security.core.userdetails.UserDetails data class UserPrincipal( val id: String, private val email: String, + private val nickname: String, private val password: String?, private val authorities: Collection ) : UserDetails { @@ -18,6 +19,7 @@ data class UserPrincipal( return UserPrincipal( id = user.id!!, email = user.email, + nickname = user.nickname, password = null, // Password can be null for social login authorities = authorities ) @@ -26,6 +28,7 @@ data class UserPrincipal( override fun getAuthorities(): Collection = authorities override fun getPassword(): String? = password + fun getNickname(): String = nickname override fun getUsername(): String = email override fun isAccountNonExpired(): Boolean = true override fun isAccountNonLocked(): Boolean = true