feat: casper sso

CASPER-REPSAC · Feb 17, 2025 · 84b093a · 84b093a
1 parent b99fe10
commit 84b093a
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 1 deletion.
diff --git a/src/main/java/com/example/newsper/api/UserApiController.java b/src/main/java/com/example/newsper/api/UserApiController.java
@@ -224,6 +224,17 @@ public ResponseEntity<?> githubLogin(@RequestBody OauthDto dto, HttpServletRespo
         return ResponseEntity.status(HttpStatus.OK).body(userService.login(user, response));
     }
 
+    @Operation(summary = "SSO 로그인", description = "OAuth2를 사용하여 로그인 합니다.")
+    @PostMapping("/sso")
+    public ResponseEntity<?> ssoLogin(@RequestBody OauthDto dto, HttpServletResponse response) {
+
+        log.info("ssoCode : " + dto.getCode());
+        log.info("redirectUri : " + dto.getRedirectUri());
+
+        UserEntity user = oAuthService.sso(dto.getCode(), dto.getRedirectUri());
+        return ResponseEntity.status(HttpStatus.OK).body(userService.login(user, response));
+    }
+
     @PostMapping("/logout")
     @Operation(summary = "로그아웃", description = "유저 토큰과 쿠키를 제거합니다. 액세스 토큰 필요.")
     public ResponseEntity logout(HttpServletRequest request, HttpServletResponse response) {

diff --git a/src/main/java/com/example/newsper/service/OAuthService.java b/src/main/java/com/example/newsper/service/OAuthService.java
@@ -30,6 +30,12 @@ public class OAuthService {
 
     @Value("${spring.security.oauth2.client.registration.github.client-secret}")
     String githubClientSecret;
+
+    @Value("${spring.security.oauth2.client.registration.sso.client-id}")
+    String ssoClientId;
+
+    @Value("${spring.security.oauth2.client.registration.sso.client-secret}")
+    String ssoClientSecret;
     @Autowired
     private UserService userService;
 
@@ -134,4 +140,49 @@ private JsonNode getGithubUserResource(String accessToken) {
         HttpEntity entity = new HttpEntity(headers);
         return restTemplate.exchange(resourceUri, HttpMethod.GET, entity, JsonNode.class).getBody();
     }
+
+    public UserEntity sso(String code, String redirectUri) {
+
+        String accessToken = getSsoAccessToken(code, redirectUri);
+        log.info("AccessToken = " + accessToken);
+        JsonNode userResourceNode = getSsoUserResource(accessToken);
+
+        String id = userResourceNode.get("id").asText();
+        String email = userResourceNode.get("email").asText();
+        String name = userResourceNode.get("name").asText();
+        log.info("email = " + email);
+
+        if (userService.findByEmail(email) == null) {
+            UserDto dto = new UserDto(email, id + email, email, name, email, null, null, null, "associate");
+            return userService.newUser(dto);
+        } else return userService.findByEmail(email);
+    }
+
+    private String getSsoAccessToken(String authorizationCode, String redirectUri) {
+        String tokenUri = "https://sso.casper.or.kr/application/o/token/";
+        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
+        params.add("code", authorizationCode);
+        params.add("client_id", ssoClientId);
+        params.add("client_secret", ssoClientSecret);
+        params.add("redirect_uri", redirectUri);
+        params.add("grant_type", "authorization_code");
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+        HttpEntity entity = new HttpEntity(params, headers);
+
+        ResponseEntity<JsonNode> responseNode = restTemplate.exchange(tokenUri, HttpMethod.POST, entity, JsonNode.class);
+        JsonNode accessTokenNode = responseNode.getBody();
+        return accessTokenNode.get("access_token").asText();
+    }
+
+    private JsonNode getSsoUserResource(String accessToken) {
+        String resourceUri = "https://sso.casper.or.kr/application/o/userinfo/";
+
+        HttpHeaders headers = new HttpHeaders();
+        headers.set("Authorization", "Bearer " + accessToken);
+        HttpEntity entity = new HttpEntity(headers);
+        return restTemplate.exchange(resourceUri, HttpMethod.GET, entity, JsonNode.class).getBody();
+    }
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -49,4 +49,14 @@ spring:
             client-secret: ${GOOGLE_CLIENT_SECRET}
           github:
             client-id: ${GITHUB_CLIENT_ID}
-            client-secret: ${GITHUB_CLIENT_SECRET}
+            client-secret: ${GITHUB_CLIENT_SECRET}
+          sso:
+            client-id: ${SSO_CLIENT_ID}
+            client-secret: ${SSO_CLIENT_SECRET}
+            authorization-grant-type: authorization_code
+            redirect-uri: "https://www.casper.or.kr/login/sso-login"
+        provider:
+          sso:
+            authorization-uri: https://sso.casper.or.kr/application/o/authorize/
+            token-uri: https://sso.casper.or.kr/application/o/token/
+            user-info-uri: https://sso.casper.or.kr/application/o/userinfo/