[REFACTOR] OAuth 로그인 관련 리팩토링

[msk226]

#️⃣ 연관된 이슈

• [REFACTOR] OAuth 로그인 관련 리팩토링 #32

🔎 작업 내용

• OAuthStrategy 수정 : 도메인 생성의 책임을 이동시켜 도메인 - 전략 간 결합 감소
• 전략 팩토리 관련 수정 :EnumMap 사용
• OAuthMemberProcessor 책임 분리

📷 스크린샷 (선택)

작업한 결과물에 대한 간단한 스크린샷을 올려주세요.

💬리뷰 요구사항 (선택)

리뷰어가 특별히 봐주었으면 하는 부분이 있다면 작성해주세요.

Summary by CodeRabbit

• New Features
  • Clearer error responses for expired or invalid tokens during authentication.
• Refactor
  • Streamlined social login to use a unified profile-based flow across providers for more reliable sign-in.
  • Improved handling of account conflicts and inactive accounts during OAuth login.
  • Standardized token creation, validation, and reissue for consistent behavior.
  • Simplified refresh token management to enhance session stability.
• Bug Fixes
  • Reduced login failures caused by provider mismatches or duplicate accounts.
  • More accurate detection of profile completeness, improving onboarding flow.

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Refactors OAuth login to use a new OAuthProfile DTO across strategies and processing. Introduces TokenProvider interface and makes JwtTokenProvider implement it. Renames TokenService to TokenReissueService and updates usages. Modularizes OAuth member handling with new components for conflict resolution, creation, profile completeness, and refresh token storage.

Changes

Cohort / File(s)	Summary
OAuth Strategy to OAuthProfile src/main/java/com/example/spot/auth/application/refactor/strategy/OAuthStrategy.java, .../strategy/provider/GoogleOAuthStrategy.java, .../strategy/provider/KakaoOAuthStrategy.java, .../strategy/provider/NaverOAuthStrategy.java, .../strategy/OAuthStrategyFactory.java, .../application/refactor/OAuthService.java	Strategy API now returns OAuthProfile via getOAuthProfile(code); providers updated accordingly; factory now builds an immutable EnumMap and logs registered strategies; OAuthService updated to pass OAuthProfile to processor.
OAuth processing modularization .../impl/OAuthMemberProcessor.java, .../dto/OAuthProfile.java, .../dto/SocialAccountResult.java, .../member/OAuthMemberCreator.java, .../member/OAuthMemberConflictProcessor.java, .../member/ProfileCompletenessChecker.java, .../member/RefreshTokenStore.java	Replaces repository-centric processor with modular services; new DTOs (OAuthProfile, SocialAccountResult); conflict resolution and member creation extracted; profile completeness check added; refresh token persistence centralized. Processor method now processOAuthMember(OAuthProfile).
Token API and reissue rename .../refactor/TokenProvider.java, .../refactor/TokenReissueService.java, .../impl/JwtTokenReissueService.java, .../presentation/controller/refactor/TokenController.java, src/main/java/com/example/spot/common/security/utils/JwtTokenProvider.java	Adds TokenProvider interface; JwtTokenProvider implements it with create/reissue/validate/resolve/extract methods; TokenService renamed to TokenReissueService with corresponding class rename and controller update.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant FE as Client
  participant OS as OAuthService
  participant SF as OAuthStrategyFactory
  participant ST as OAuthStrategy
  participant CP as OAuthMemberConflictProcessor
  participant MC as OAuthMemberCreator
  participant PC as ProfileCompletenessChecker
  participant TP as TokenProvider
  participant RS as RefreshTokenStore

  User->>FE: Click "Login with X"
  FE->>OS: loginOrSignUp(type, code)
  OS->>SF: getStrategy(type)
  SF-->>OS: strategy
  OS->>ST: getOAuthProfile(code)
  ST-->>OS: OAuthProfile
  OS->>CP: resolveConflict(OAuthProfile)
  alt Existing active member
    CP-->>OS: SocialAccountResult(existing Member)
    OS->>PC: isComplete(memberId)
    PC-->>OS: boolean
  else No existing or removed inactive
    CP-->>OS: SocialAccountResult.empty()
    OS->>MC: createFrom(OAuthProfile)
    MC-->>OS: Member
    OS->>PC: isComplete(memberId)
    PC-->>OS: boolean
  end
  OS->>TP: createToken(memberId)
  TP-->>OS: TokenDTO(access, refresh)
  OS->>RS: replace(memberId, refresh)
  RS-->>OS: ok
  OS-->>FE: SocialLoginSignInDTO
  FE-->>User: Signed in

Loading

sequenceDiagram
  autonumber
  actor User
  participant FE as Client
  participant TC as TokenController
  participant TR as TokenReissueService
  participant TP as TokenProvider

  User->>FE: Uses refresh token
  FE->>TC: POST /token/reissue (refreshToken)
  TC->>TR: reissueToken(refreshToken)
  TR->>TP: reissueToken(refreshToken)
  TP-->>TR: TokenDTO
  TR-->>TC: TokenDTO
  TC-->>FE: 200 OK + TokenDTO

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Possibly related issues

• [Infra] Dockerfile 내 prod 옵션 추가 Server-V2#32 — Touches the same OAuth strategy API change and processor refactor to OAuthProfile-driven flow.

Possibly related PRs

• [Feature] 게시글 커서 기반 페이징 조회 및 상세 조회 API 구현 Server-V2#27 — Continues the OAuthProfile-based strategy/processor refactor and token/provider abstraction alignment.

Suggested reviewers

• dvlp-sy

Poem

In burrows of code I twitch my nose,
Profiles hop in where Members once chose.
Tokens refreshed with a gentle thump,
Conflicts cleared in a single jump.
Strategies line up, ears in a row—
Refactor fields where carrots grow. 🥕

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 51c5110 and bdc34b4.

📒 Files selected for processing (18)

• src/main/java/com/example/spot/auth/application/refactor/OAuthService.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/TokenProvider.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/TokenReissueService.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/dto/OAuthProfile.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/dto/SocialAccountResult.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/impl/JwtTokenReissueService.java (2 hunks)
• src/main/java/com/example/spot/auth/application/refactor/impl/OAuthMemberProcessor.java (2 hunks)
• src/main/java/com/example/spot/auth/application/refactor/member/OAuthMemberConflictProcessor.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/member/OAuthMemberCreator.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/member/ProfileCompletenessChecker.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/member/RefreshTokenStore.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/strategy/OAuthStrategy.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/strategy/OAuthStrategyFactory.java (1 hunks)
• src/main/java/com/example/spot/auth/application/refactor/strategy/provider/GoogleOAuthStrategy.java (2 hunks)
• src/main/java/com/example/spot/auth/application/refactor/strategy/provider/KakaoOAuthStrategy.java (2 hunks)
• src/main/java/com/example/spot/auth/application/refactor/strategy/provider/NaverOAuthStrategy.java (2 hunks)
• src/main/java/com/example/spot/auth/presentation/controller/refactor/TokenController.java (3 hunks)
• src/main/java/com/example/spot/common/security/utils/JwtTokenProvider.java (9 hunks)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch SPOT-305/refactor

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.