Merge pull request #97 from Central-MakeUs/dev

[Refactor] access와 refresh token 에러코드 분리
Central-MakeUs · Feb 11, 2025 · 1255b12 · 1255b12
2 parents f08c681 + 3c4363b
commit 1255b12
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/src/main/java/com/cmc/mercury/global/exception/ErrorCode.java b/src/main/java/com/cmc/mercury/global/exception/ErrorCode.java
@@ -62,6 +62,7 @@ public enum ErrorCode {
     // JWT
     INVALID_TOKEN(HttpStatus.UNAUTHORIZED, "Jwt401", "유효하지 않은 토큰입니다."),
     EXPIRED_TOKEN(HttpStatus.UNAUTHORIZED, "Jwt401", "만료된 토큰입니다."),
+    EXPIRED_ACCESS_TOKEN(HttpStatus.UNAUTHORIZED, "Jwt401", "만료된 access 토큰입니다."),
     EXPIRED_REFRESH_TOKEN(HttpStatus.UNAUTHORIZED, "Jwt401", "만료된 refresh 토큰입니다."),
     TOKEN_TYPE_MISMATCH(HttpStatus.UNAUTHORIZED, "Jwt401", "토큰 타입이 일치하지 않습니다."),
     EMPTY_TOKEN(HttpStatus.UNAUTHORIZED, "Jwt401", "토큰이 없습니다.");

diff --git a/src/main/java/com/cmc/mercury/global/jwt/JwtAuthenticationFilter.java b/src/main/java/com/cmc/mercury/global/jwt/JwtAuthenticationFilter.java
@@ -78,7 +78,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 
             } catch (CustomException e) {
                 // Access Token이 만료된 경우, Refresh Token 확인
-                if (e.getErrorCode() == ErrorCode.EXPIRED_TOKEN) {
+                if (e.getErrorCode() == ErrorCode.EXPIRED_ACCESS_TOKEN) {
                     String refreshToken = extractRefreshToken(request);
 
                     if (StringUtils.hasText(refreshToken)) {

diff --git a/src/main/java/com/cmc/mercury/global/jwt/JwtProvider.java b/src/main/java/com/cmc/mercury/global/jwt/JwtProvider.java
@@ -79,8 +79,13 @@ public void validateToken(String token, String expectedType) {
             verifier.verify(token);
 
         } catch (TokenExpiredException e) {
-            // 토큰이 만료된 경우
-            throw new CustomException(ErrorCode.EXPIRED_TOKEN);
+            // 토큰이 만료된 경우: Access Token과 Refresh Token을 구분하여 만료 예외 던지기
+            if ("AccessToken".equals(expectedType)) {
+                throw new CustomException(ErrorCode.EXPIRED_ACCESS_TOKEN);
+
+            } else {
+                throw new CustomException(ErrorCode.EXPIRED_REFRESH_TOKEN);
+            }
 
         } catch (SignatureVerificationException | JWTDecodeException e) {
             // 서명이 유효하지 않거나 토큰 형식이 잘못된 경우