mosu-dev · wlgns12370 · Jul 2, 2025 · Jul 1, 2025 · Jul 1, 2025 · Jul 1, 2025
diff --git a/build.gradle b/build.gradle
@@ -28,13 +28,16 @@ dependencies {
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.boot:spring-boot-starter-validation'
-    implementation 'org.springdoc:springdoc-openapi-starter-webmvc-ui:2.2.0'
+
     developmentOnly 'org.springframework.boot:spring-boot-devtools'
     compileOnly 'org.projectlombok:lombok'
     annotationProcessor 'org.projectlombok:lombok'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 
+    // swagger
+    implementation "org.springdoc:springdoc-openapi-starter-webmvc-ui:2.7.0"
+
     // jwt
     implementation 'io.jsonwebtoken:jjwt-api:0.11.5'
     runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.11.5'

diff --git a/src/main/java/life/mosu/mosuserver/applicaiton/.gitkeep b/src/main/java/life/mosu/mosuserver/applicaiton/.gitkeep
diff --git a/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java b/src/main/java/life/mosu/mosuserver/global/config/SecurityConfig.java
@@ -40,7 +40,8 @@ public class SecurityConfig {
     public static final List<String> clients = List.of(
         "http://localhost:3000",
         "http://localhost:8080",
-        "https://mosuedu.com"
+        "https://mosuedu.com",
+        "https://api.mosuedu.com"
     );
 
     @Bean
@@ -57,19 +58,13 @@ public SecurityFilterChain securityFilterChain(final HttpSecurity http) throws E
             .logout(AbstractHttpConfigurer::disable)
             .authorizeHttpRequests(authorize -> authorize
                 .requestMatchers(
-                    "/swagger-ui/**",
-                    "/v3/api-docs/**",
-                    "/oauth2/**",
-                    "/api/v1/auth/**",
-                    "/api/v1/login/**"
+                    "/**"
                 )
                 .permitAll()
                 .requestMatchers(
                     "/api/v1/admin/**"
                 )
                 .hasRole("ADMIN")
-                .anyRequest()
-                .hasAnyRole("USER")
             )
             .oauth2Login(oauth2 -> oauth2.redirectionEndpoint(redirection ->
                     redirection.baseUri("/login/oauth2/code/{registrationId}"))

diff --git a/src/main/java/life/mosu/mosuserver/infra/config/SwaggerConfig.java b/src/main/java/life/mosu/mosuserver/infra/config/SwaggerConfig.java
@@ -10,8 +10,9 @@ public class SwaggerConfig {
     @Bean
     public OpenAPI customOpenAPI() {
         return new OpenAPI()
-                .info(new Info()
-                        .title("MOSU API 문서")
-                        .version("1.0.0"));
+            .info(new Info()
+                .title("MOSU API 문서")
+                .version("1.0.0")
+        );
     }
 }
diff --git a/src/main/java/life/mosu/mosuserver/presentation/oauth/OAuthController.java b/src/main/java/life/mosu/mosuserver/presentation/oauth/OAuthController.java
@@ -3,23 +3,22 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.view.RedirectView;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import static life.mosu.mosuserver.presentation.oauth.AuthorizationRequestRedirectResolver.REDIRECT_PARAM_KEY;
 
-
 @RestController
 @RequiredArgsConstructor
 @RequestMapping("/auth")
 public class OAuthController {
 
     @GetMapping("/login/{registrationId}")
     public RedirectView login(@PathVariable String registrationId, @RequestParam(REDIRECT_PARAM_KEY) String redirect) {
-        final String url = String.format(
-            "/oauth2/authorization/%s?%s=%s",
-            registrationId,
-            REDIRECT_PARAM_KEY,
-            redirect
-        );
+        final String url = UriComponentsBuilder
+            .fromPath("/oauth2/authorization/{registrationId}")
+            .queryParam(REDIRECT_PARAM_KEY, redirect)
+            .buildAndExpand(registrationId)
+            .toUriString();
         return new RedirectView(url);
     }
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -14,6 +14,7 @@ spring:
     import:
       - optional:file:.env[.properties]
       - security-config.yml
+      - swagger-config.yml
   datasource:
     url: ${DB_URL}
     username: ${DB_USERNAME}
@@ -43,10 +44,6 @@ spring:
       port: ${REDIS_EXPORTER}
       password: ${REDIS_PASSWORD}
 
-springdoc:
-  swagger-ui:
-    path: /swagger
-
 management:
   endpoints:
     web:

diff --git a/src/main/resources/swagger-config.yml b/src/main/resources/swagger-config.yml
@@ -0,0 +1,15 @@
+springdoc:
+  packages-to-scan: life.mosu.mosuserver
+  default-consumes-media-type: application/json;charset=UTF-8
+  default-produces-media-type: application/json;charset=UTF-8
+  cache:
+    disabled: true
+  api-docs:
+    path: /api-docs/json
+    groups:
+      enabled: true
+  swagger-ui:
+    enabled: true
+    path: /swagger
+    tags-sorter: alpha
+    operations-sorter: alpha