feat: auth token service, oauth service, controller, test added

Author: helloJosh

auth/logs/auth.log

@@ -712,3 +712,33 @@ Caused by: java.lang.IllegalStateException: The following classes could not be e
 2026-04-01T00:02:23.655+09:00  INFO 21912 --- [main] com.woobeee.auth.AuthApplicationTests    : Starting AuthApplicationTests using Java 25.0.2 with PID 21912 (started by administrator in /Users/administrator/Documents/projects/art-market-place/auth)
 2026-04-01T00:02:23.657+09:00  INFO 21912 --- [main] com.woobeee.auth.AuthApplicationTests    : No active profile set, falling back to 1 default profile: "default"
 2026-04-01T00:02:24.107+09:00  INFO 21912 --- [main] com.woobeee.auth.AuthApplicationTests    : Started AuthApplicationTests in 0.572 seconds (process running for 1.241)
+2026-04-01T22:48:36.927+09:00  INFO 88456 --- [main] .UserCredentialControllerIntegrationTest : Starting UserCredentialControllerIntegrationTest using Java 25.0.2 with PID 88456 (started by administrator in /Users/administrator/Documents/projects/art-market-place/auth)
+2026-04-01T22:48:36.928+09:00  INFO 88456 --- [main] .UserCredentialControllerIntegrationTest : No active profile set, falling back to 1 default profile: "default"
+2026-04-01T22:48:37.411+09:00  INFO 88456 --- [main] o.s.b.t.m.w.SpringBootMockServletContext : Initializing Spring TestDispatcherServlet ''
+2026-04-01T22:48:37.411+09:00  INFO 88456 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Initializing Servlet ''
+2026-04-01T22:48:37.412+09:00  INFO 88456 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Completed initialization in 1 ms
+2026-04-01T22:48:37.425+09:00  INFO 88456 --- [main] .UserCredentialControllerIntegrationTest : Started UserCredentialControllerIntegrationTest in 0.676 seconds (process running for 1.23)
+2026-04-01T22:48:58.807+09:00  INFO 88456 --- [main] c.w.a.c.UserCredentialControllerImpl     : login request
+2026-04-01T22:48:58.896+09:00  INFO 88456 --- [main] c.w.a.c.UserCredentialControllerImpl     : logout request
+2026-04-01T22:48:58.903+09:00  INFO 88456 --- [main] c.w.a.c.UserCredentialControllerImpl     : sign in request
+2026-04-01T22:48:58.907+09:00  INFO 88456 --- [main] c.w.a.c.UserCredentialControllerImpl     : refresh request
+2026-04-01T22:49:14.738+09:00  INFO 88727 --- [main] .UserCredentialControllerIntegrationTest : Starting UserCredentialControllerIntegrationTest using Java 25.0.2 with PID 88727 (started by administrator in /Users/administrator/Documents/projects/art-market-place/auth)
+2026-04-01T22:49:14.739+09:00  INFO 88727 --- [main] .UserCredentialControllerIntegrationTest : No active profile set, falling back to 1 default profile: "default"
+2026-04-01T22:49:15.202+09:00  INFO 88727 --- [main] o.s.b.t.m.w.SpringBootMockServletContext : Initializing Spring TestDispatcherServlet ''
+2026-04-01T22:49:15.202+09:00  INFO 88727 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Initializing Servlet ''
+2026-04-01T22:49:15.203+09:00  INFO 88727 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Completed initialization in 1 ms
+2026-04-01T22:49:15.216+09:00  INFO 88727 --- [main] .UserCredentialControllerIntegrationTest : Started UserCredentialControllerIntegrationTest in 0.649 seconds (process running for 1.555)
+2026-04-01T22:49:36.613+09:00  INFO 88727 --- [main] c.w.a.c.UserCredentialControllerImpl     : login request
+2026-04-01T22:49:36.658+09:00  INFO 88727 --- [main] c.w.a.c.UserCredentialControllerImpl     : logout request
+2026-04-01T22:49:36.664+09:00  INFO 88727 --- [main] c.w.a.c.UserCredentialControllerImpl     : sign in request
+2026-04-01T22:49:36.669+09:00  INFO 88727 --- [main] c.w.a.c.UserCredentialControllerImpl     : refresh request
+2026-04-01T22:56:12.325+09:00  INFO 91028 --- [main] .UserCredentialControllerIntegrationTest : Starting UserCredentialControllerIntegrationTest using Java 25.0.2 with PID 91028 (started by administrator in /Users/administrator/Documents/projects/art-market-place/auth)
+2026-04-01T22:56:12.326+09:00  INFO 91028 --- [main] .UserCredentialControllerIntegrationTest : No active profile set, falling back to 1 default profile: "default"
+2026-04-01T22:56:12.760+09:00  INFO 91028 --- [main] o.s.b.t.m.w.SpringBootMockServletContext : Initializing Spring TestDispatcherServlet ''
+2026-04-01T22:56:12.760+09:00  INFO 91028 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Initializing Servlet ''
+2026-04-01T22:56:12.761+09:00  INFO 91028 --- [main] o.s.t.web.servlet.TestDispatcherServlet  : Completed initialization in 1 ms
+2026-04-01T22:56:12.773+09:00  INFO 91028 --- [main] .UserCredentialControllerIntegrationTest : Started UserCredentialControllerIntegrationTest in 0.66 seconds (process running for 1.306)
+2026-04-01T22:56:13.027+09:00  INFO 91028 --- [main] c.w.a.c.UserCredentialControllerImpl     : login request
+2026-04-01T22:56:13.099+09:00  INFO 91028 --- [main] c.w.a.c.UserCredentialControllerImpl     : logout request
+2026-04-01T22:56:13.105+09:00  INFO 91028 --- [main] c.w.a.c.UserCredentialControllerImpl     : sign in request
+2026-04-01T22:56:13.109+09:00  INFO 91028 --- [main] c.w.a.c.UserCredentialControllerImpl     : refresh request

auth/pom.xml

@@ -27,6 +27,10 @@
     </dependencyManagement>
 
     <dependencies>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-webmvc</artifactId>
@@ -36,6 +40,11 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webmvc-test</artifactId>
+            <scope>test</scope>
+        </dependency>
 
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -55,6 +64,10 @@
             <groupId>org.springframework.session</groupId>
             <artifactId>spring-session-data-redis</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.kafka</groupId>
+            <artifactId>spring-kafka</artifactId>
+        </dependency>
 
         <!-- jwt token dependency -->
         <dependency>
@@ -74,6 +87,25 @@
             <version>0.12.3</version>
             <scope>runtime</scope>
         </dependency>
+
+        <!-- google -->
+        <dependency>
+            <groupId>com.google.api-client</groupId>
+            <artifactId>google-api-client</artifactId>
+            <version>2.7.2</version>
+        </dependency>
+
+
+        <!-- security -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-crypto</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>3.0.2</version>
+        </dependency>
     </dependencies>
 
     <build>

auth/src/main/java/com/woobeee/auth/config/GoogleOauthConfig.java

@@ -0,0 +1,24 @@
+package com.woobeee.auth.config;
+
+import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
+import com.google.api.client.http.javanet.NetHttpTransport;
+import com.google.api.client.json.gson.GsonFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.Collections;
+
+@Configuration
+public class GoogleOauthConfig {
+    @Value("${oauth.google.client-id}")
+    private String clientId;
+
+    @Bean
+    public GoogleIdTokenVerifier googleIdTokenVerifier() {
+        return new GoogleIdTokenVerifier
+                .Builder(new NetHttpTransport(), new GsonFactory())
+                .setAudience(Collections.singletonList(clientId))
+                .build();
+    }
+}

auth/src/main/java/com/woobeee/auth/config/KafkaConfig.java

@@ -0,0 +1,71 @@
+package com.woobeee.auth.config;
+
+import org.apache.kafka.clients.consumer.ConsumerConfig;
+import org.apache.kafka.clients.producer.ProducerConfig;
+import org.apache.kafka.common.config.SaslConfigs;
+import org.apache.kafka.common.serialization.StringDeserializer;
+import org.apache.kafka.common.serialization.StringSerializer;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.kafka.config.ConcurrentKafkaListenerContainerFactory;
+import org.springframework.kafka.core.*;
+
+import java.util.HashMap;
+import java.util.Map;
+
+@Configuration
+public class KafkaConfig {
+    @Value("${spring.kafka.bootstrap-servers}")
+    private String bootstrapServers;
+    @Value("${spring.kafka.username}")
+    private String username;
+    @Value("${spring.kafka.password}")
+    private String password;
+
+    @Value("${spring.cloud.config.profile}")
+    private String profile;
+
+    @Bean
+    public ConsumerFactory<String, String> consumerFactory() {
+        Map<String, Object> config = new HashMap<>();
+        config.put(ConsumerConfig.BOOTSTRAP_SERVERS_CONFIG, bootstrapServers);
+        config.put(ConsumerConfig.GROUP_ID_CONFIG, "auth-" + profile);
+        config.put(ConsumerConfig.KEY_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
+        config.put(ConsumerConfig.VALUE_DESERIALIZER_CLASS_CONFIG, StringDeserializer.class);
+
+        config.put("security.protocol", "SASL_PLAINTEXT");
+        config.put("sasl.mechanism", "PLAIN");
+        config.put(SaslConfigs.SASL_JAAS_CONFIG,
+                String.format("org.apache.kafka.common.security.plain.PlainLoginModule required username=\"%s\" password=\"%s\";",
+                        username, password));
+        return new DefaultKafkaConsumerFactory<>(config);
+    }
+
+    @Bean
+    public ConcurrentKafkaListenerContainerFactory<String, String> kafkaListenerContainerFactory() {
+        var factory = new ConcurrentKafkaListenerContainerFactory<String, String>();
+        factory.setConsumerFactory(consumerFactory());
+        return factory;
+    }
+
+    @Bean
+    public ProducerFactory<String, String> producerFactory() {
+        Map<String, Object> config = new HashMap<>();
+        config.put(ProducerConfig.BOOTSTRAP_SERVERS_CONFIG, bootstrapServers);
+        config.put(ProducerConfig.KEY_SERIALIZER_CLASS_CONFIG, StringSerializer.class);
+        config.put(ProducerConfig.VALUE_SERIALIZER_CLASS_CONFIG, StringSerializer.class);
+
+        config.put("security.protocol", "SASL_PLAINTEXT");
+        config.put("sasl.mechanism", "PLAIN");
+        config.put(SaslConfigs.SASL_JAAS_CONFIG,
+                String.format("org.apache.kafka.common.security.plain.PlainLoginModule required username=\"%s\" password=\"%s\";",
+                        username, password));
+        return new DefaultKafkaProducerFactory<>(config);
+    }
+
+    @Bean
+    public KafkaTemplate<String, String> kafkaTemplate() {
+        return new KafkaTemplate<>(producerFactory());
+    }
+}

auth/src/main/java/com/woobeee/auth/config/RedisConfig.java

@@ -0,0 +1,24 @@
+package com.woobeee.auth.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+@Configuration
+public class RedisConfig {
+
+    @Bean
+    public StringRedisTemplate redisTemplate(RedisConnectionFactory connectionFactory) {
+        StringRedisTemplate template = new StringRedisTemplate();
+        template.setConnectionFactory(connectionFactory);
+
+        template.setKeySerializer(new StringRedisSerializer());
+        template.setValueSerializer(new StringRedisSerializer());
+        template.setHashKeySerializer(new StringRedisSerializer());
+        template.setHashValueSerializer(new StringRedisSerializer());
+
+        return template;
+    }
+}

auth/src/main/java/com/woobeee/auth/config/SecurityConfig.java

@@ -0,0 +1,19 @@
+package com.woobeee.auth.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+public class SecurityConfig {
+
+
+    /**
+     * Encoding Method Bean.
+     */
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}

auth/src/main/java/com/woobeee/auth/controller/UserCredentialController.java

@@ -0,0 +1,49 @@
+package com.woobeee.auth.controller;
+
+import com.woobeee.auth.dto.request.OauthTokenRequest;
+import com.woobeee.auth.dto.response.ApiResponse;
+import com.woobeee.auth.dto.response.AuthTokenResponse;
+import io.swagger.v3.oas.annotations.Operation;
+import io.swagger.v3.oas.annotations.tags.Tag;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.web.bind.annotation.*;
+
+@RequestMapping("/api/auth")
+@Tag(name = "User Credential Controller", description = "유저 인증 컨트롤러")
+public interface UserCredentialController {
+    @Operation(
+            summary = "로그인 API"
+    )
+    @PostMapping("/login")
+    ApiResponse<AuthTokenResponse> login(
+            @RequestBody OauthTokenRequest request,
+            HttpServletResponse response
+    );
+
+    @Operation(
+            summary = "로그아웃 API"
+    )
+    @PostMapping("/signIn")
+    ApiResponse<AuthTokenResponse> signIn(
+            @RequestBody OauthTokenRequest request,
+            HttpServletResponse response
+    );
+
+    @Operation(
+            summary = "토큰 재발급 API"
+    )
+    @PostMapping("/refresh")
+    ApiResponse<AuthTokenResponse> refresh(
+            @CookieValue(value = "refreshToken", required = false) String refreshToken,
+            HttpServletResponse response
+    );
+
+    @Operation(
+            summary = "로그아웃 API"
+    )
+    @GetMapping("/logout")
+    ApiResponse<Void> logout(
+            @CookieValue(value = "refreshToken", required = false) String refreshToken,
+            HttpServletResponse response
+    );
+}

auth/src/main/java/com/woobeee/auth/controller/UserCredentialControllerImpl.java

@@ -0,0 +1,72 @@
+package com.woobeee.auth.controller;
+
+import com.woobeee.auth.aop.Idempotent;
+import com.woobeee.auth.dto.request.OauthTokenRequest;
+import com.woobeee.auth.dto.response.ApiResponse;
+import com.woobeee.auth.dto.response.AuthTokenResponse;
+import com.woobeee.auth.dto.response.IssuedAuthTokens;
+import com.woobeee.auth.service.OauthUserCredentialService;
+import com.woobeee.auth.token.RefreshTokenCookieProvider;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.CookieValue;
+import org.springframework.web.bind.annotation.RestController;
+
+@RequiredArgsConstructor
+@Slf4j
+@RestController
+public class UserCredentialControllerImpl implements UserCredentialController{
+    private final OauthUserCredentialService oauthUserCredentialService;
+    private final RefreshTokenCookieProvider refreshTokenCookieProvider;
+
+    /// GET /api/auth/login
+    @Override
+    public ApiResponse<AuthTokenResponse> login(OauthTokenRequest request, HttpServletResponse response) {
+        log.info("login request");
+        IssuedAuthTokens issuedAuthTokens = oauthUserCredentialService.logIn(request.idToken());
+        refreshTokenCookieProvider.addRefreshTokenCookie(response, issuedAuthTokens.refreshToken());
+        return ApiResponse.success(
+                issuedAuthTokens.response(),
+                "login request success"
+        );
+    }
+
+    /// POST /api/auth/signIn
+    @Override
+    @Idempotent
+    public ApiResponse<AuthTokenResponse> signIn(OauthTokenRequest request, HttpServletResponse response) {
+        log.info("sign in request");
+        IssuedAuthTokens issuedAuthTokens = oauthUserCredentialService.signIn(request.idToken());
+        refreshTokenCookieProvider.addRefreshTokenCookie(response, issuedAuthTokens.refreshToken());
+        return ApiResponse.success(
+                issuedAuthTokens.response(),
+                "sign in success");
+    }
+
+    @Override
+    public ApiResponse<AuthTokenResponse> refresh(
+            @CookieValue(value = "refreshToken", required = false) String refreshToken,
+            HttpServletResponse response
+    ) {
+        log.info("refresh request");
+        IssuedAuthTokens issuedAuthTokens = oauthUserCredentialService.refresh(refreshToken);
+        refreshTokenCookieProvider.addRefreshTokenCookie(response, issuedAuthTokens.refreshToken());
+        return ApiResponse.success(
+                issuedAuthTokens.response(),
+                "refresh success"
+        );
+    }
+
+    /// GET /api/auth/logout
+    @Override
+    public ApiResponse<Void> logout(
+            @CookieValue(value = "refreshToken", required = false) String refreshToken,
+            HttpServletResponse response
+    ) {
+        log.info("logout request");
+        oauthUserCredentialService.logout(refreshToken);
+        refreshTokenCookieProvider.clearRefreshTokenCookie(response);
+        return ApiResponse.success("logout success");
+    }
+}

auth/src/main/java/com/woobeee/auth/dto/provider/MessageEvent.java

@@ -0,0 +1,14 @@
+package com.woobeee.auth.dto.provider;
+
+import lombok.Builder;
+
+import java.util.UUID;
+
+@Builder
+public record MessageEvent(
+        UUID eventId,
+        String topic,
+        String key,
+        Object message
+) {
+}

auth/src/main/java/com/woobeee/auth/dto/request/OauthTokenRequest.java

@@ -0,0 +1,7 @@
+package com.woobeee.auth.dto.request;
+
+import lombok.Builder;
+
+@Builder
+public record OauthTokenRequest (String idToken){
+}