Skip to content

Commit 639e505

Browse files
huggywuggy1289huggywuggy1289
committed
🔒 Secure: OauthService log.info 개인정보 마스킹 처리
1 parent 20fd534 commit 639e505

1 file changed

Lines changed: 10 additions & 5 deletions

File tree

src/main/java/com/nitrogen/global/auth/service/kakao_apple/OauthService.java

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,7 @@ public AppleUserResponseDTO appleLoginOrCheck(String code, String platform){
275275
Map<String, String> appleInfo = decodeIdToken(tokenResponse.getIdToken());
276276
String appleSub = appleInfo.get("sub");
277277
String emailFromApple = appleInfo.get("email");
278-
log.info("애플 유저 식별자 추출 성공: {}", appleSub);
278+
log.info("애플 유저 식별자 추출 성공: {}", mask(appleSub));
279279

280280
Optional<User> optionalUser = userRepository.findByAppleSub(appleSub);
281281
if (optionalUser.isPresent()) {
@@ -340,7 +340,7 @@ private AppleTokenResponseDTO getAppleToken(String code, String clientId) {
340340
params.add("client_secret", makeClientSecretToken(clientId));
341341
params.add("code", code);
342342

343-
log.info("애플 서버로 쏘는 client_id: {}", clientId);
343+
log.info("애플 서버로 쏘는 client_id: {}", mask(clientId));
344344

345345
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);
346346

@@ -453,7 +453,7 @@ public Key resolveSigningKey(JwsHeader header, Claims claims) {
453453
Claims txClaims = txJws.getBody();
454454
String appleSub = txClaims.getSubject();
455455

456-
log.info("CONSENT_REVOKED 유저 sub={}", appleSub);
456+
log.info("CONSENT_REVOKED 유저 sub={}", mask(appleSub));
457457
handleUserRevoke(appleSub);
458458
}catch (Exception e) {
459459
log.error("애플 서명 검증 실패: {}", e.getMessage());
@@ -532,7 +532,7 @@ private PublicKey generateECPublicKey(ApplePublicKeyResponse.AppleKey appleKey)
532532
*/
533533
private void handleUserRevoke(String appleSub) {
534534
userRepository.findByAppleSub(appleSub).ifPresent(user -> {
535-
log.info("유저 연결 해제 처리: {}", user.getEmail());
535+
log.info("유저 연결 해제 처리: {}", mask(user.getEmail()));
536536

537537
userRepository.delete(user);
538538
});
@@ -547,7 +547,12 @@ public void logout(String socialId) {
547547
user.setRefreshToken(null);
548548
userRepository.save(user);
549549

550-
log.info("유저 로그아웃 성공 (ID: {})", socialId);
550+
log.info("유저 로그아웃 성공 (ID: {})", mask(socialId));
551+
}
552+
553+
private String mask(String value){
554+
if(value == null || value.length() <= 4) return "***";
555+
return value.substring(0,4) + "***";
551556
}
552557

553558
// 온보딩 완료 처리

0 commit comments

Comments
 (0)