애플 로그인 검증 로직 추가

2026-01-27 10:09:20 +09:00
parent 8957fd5c3f
commit 81f3bc0bad
15 changed files with 311 additions and 20 deletions
--- a/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberController.kt
+++ b/src/main/kotlin/kr/co/vividnext/sodalive/member/MemberController.kt
@@ -343,7 +343,8 @@ class MemberController(
        @RequestHeader("Authorization") authHeader: String,
        @RequestBody request: SocialLoginRequest
    ): ApiResponse<LoginResponse> {
-        return processSocialLogin(MemberProvider.GOOGLE, authHeader, request)
+        val token = extractBearerToken(authHeader, MemberProvider.GOOGLE)
+        return processSocialLogin(MemberProvider.GOOGLE, token, request, null)
    }

    @PostMapping("/login/kakao")
@@ -351,27 +352,37 @@ class MemberController(
        @RequestHeader("Authorization") authHeader: String,
        @RequestBody request: SocialLoginRequest
    ): ApiResponse<LoginResponse> {
-        return processSocialLogin(MemberProvider.KAKAO, authHeader, request)
+        val token = extractBearerToken(authHeader, MemberProvider.KAKAO)
+        return processSocialLogin(MemberProvider.KAKAO, token, request, null)
+    }
+
+    @PostMapping("/login/apple")
+    fun loginApple(
+        @RequestBody request: SocialLoginRequest
+    ): ApiResponse<LoginResponse> {
+        val errorKey = socialLoginErrorKey(MemberProvider.APPLE)
+        val token = request.identityToken?.takeIf { it.isNotBlank() }
+            ?: throw SodaException(messageKey = errorKey)
+        val nonce = request.nonce?.takeIf { it.isNotBlank() }
+            ?: throw SodaException(messageKey = errorKey)
+
+        return processSocialLogin(MemberProvider.APPLE, token, request, nonce)
    }

    private fun processSocialLogin(
        provider: MemberProvider,
-        authHeader: String,
-        request: SocialLoginRequest
+        token: String,
+        request: SocialLoginRequest,
+        nonce: String?
    ): ApiResponse<LoginResponse> {
-        val errorKey = when (provider) {
-            MemberProvider.GOOGLE -> "member.social.google_login_failed"
-            MemberProvider.KAKAO -> "member.social.kakao_login_failed"
-            else -> "common.error.bad_request"
-        }
-
-        if (!authHeader.startsWith("Bearer ")) {
-            throw SodaException(messageKey = errorKey)
-        }
-
-        val token = authHeader.substring(7)
        val authService = socialAuthServiceResolver.resolve(provider)
-        val response = authService.authenticate(token, request.container, request.marketingPid, request.pushToken)
+        val response = authService.authenticate(
+            token = token,
+            container = request.container,
+            marketingPid = request.marketingPid,
+            pushToken = request.pushToken,
+            nonce = nonce
+        )

        if (!response.marketingPid.isNullOrBlank()) {
            trackingService.saveTrackingHistory(
@@ -392,4 +403,21 @@ class MemberController(
        val message = messageSource.getMessage("member.signup.success", langContext.lang)
        return ApiResponse.ok(message = message, data = response.loginResponse)
    }
+
+    private fun extractBearerToken(authHeader: String, provider: MemberProvider): String {
+        val errorKey = socialLoginErrorKey(provider)
+        if (!authHeader.startsWith("Bearer ")) {
+            throw SodaException(messageKey = errorKey)
+        }
+        return authHeader.substring(7)
+    }
+
+    private fun socialLoginErrorKey(provider: MemberProvider): String {
+        return when (provider) {
+            MemberProvider.GOOGLE -> "member.social.google_login_failed"
+            MemberProvider.KAKAO -> "member.social.kakao_login_failed"
+            MemberProvider.APPLE -> "member.social.apple_login_failed"
+            else -> "common.error.bad_request"
+        }
+    }
 }