wafflestudio · Hank-Choi · Jan 10, 2025 · Jan 2, 2025 · Jan 4, 2025 · Jan 5, 2025
@@ -61,6 +61,12 @@ class AuthHandler(
             userService.loginKakao(socialLoginRequest)
         }
 
+    suspend fun loginAppleLegacy(req: ServerRequest): ServerResponse =
+        handle(req) {
+            val socialLoginRequest: SocialLoginRequest = req.awaitBodyOrNull() ?: throw ServerWebInputException("Invalid body")
+            userService.loginApple(socialLoginRequest)
+        }
+
     suspend fun loginApple(req: ServerRequest): ServerResponse =
         handle(req) {
             val socialLoginRequest: SocialLoginRequest = req.awaitBodyOrNull() ?: throw ServerWebInputException("Invalid body")

@@ -86,6 +86,7 @@ class MainRouter(
                 POST("/login/facebook", authHandler::loginFacebook)
                 POST("/login/google", authHandler::loginGoogle)
                 POST("/login/kakao", authHandler::loginKakao)
+                POST("/login_apple", authHandler::loginAppleLegacy)
                 POST("/login/apple", authHandler::loginApple)
                 POST("/logout", authHandler::logout)
                 POST("/password/reset/email/check", authHandler::getMaskedEmail)

@@ -167,6 +167,54 @@ import org.springframework.web.bind.annotation.RequestMethod
                 ],
             ),
     ),
+    RouterOperation(
+        path = "/v1/auth/login_apple",
+        method = [RequestMethod.POST],
+        produces = [MediaType.APPLICATION_JSON_VALUE],
+        operation =
+            Operation(
+                operationId = "loginAppleLegacy",
+                requestBody =
+                    RequestBody(
+                        content = [
+                            Content(
+                                schema = Schema(implementation = SocialLoginRequest::class),
+                                mediaType = MediaType.APPLICATION_JSON_VALUE,
+                            ),
+                        ],
+                    ),
+                responses = [
+                    ApiResponse(
+                        responseCode = "200",
+                        content = [Content(schema = Schema(implementation = LoginResponse::class))],
+                    ),
+                ],
+            ),
+    ),
+    RouterOperation(
+        path = "/v1/auth/login/apple",
+        method = [RequestMethod.POST],
+        produces = [MediaType.APPLICATION_JSON_VALUE],
+        operation =
+            Operation(
+                operationId = "loginApple",
+                requestBody =
+                    RequestBody(
+                        content = [
+                            Content(
+                                schema = Schema(implementation = SocialLoginRequest::class),
+                                mediaType = MediaType.APPLICATION_JSON_VALUE,
+                            ),
+                        ],
+                    ),
+                responses = [
+                    ApiResponse(
+                        responseCode = "200",
+                        content = [Content(schema = Schema(implementation = LoginResponse::class))],
+                    ),
+                ],
+            ),
+    ),
     RouterOperation(
         path = "/v1/auth/logout",
         method = [RequestMethod.POST],

@@ -1,5 +1,6 @@
 package com.wafflestudio.snu4t.auth.apple
 
+import com.fasterxml.jackson.databind.ObjectMapper
 import com.wafflestudio.snu4t.auth.OAuth2Client
 import com.wafflestudio.snu4t.auth.OAuth2UserResponse
 import com.wafflestudio.snu4t.common.extension.get
@@ -18,6 +19,7 @@ import java.util.Base64
 @Component("APPLE")
 class AppleClient(
     webClientBuilder: WebClient.Builder,
+    private val objectMapper: ObjectMapper,
 ) : OAuth2Client {
     private val webClient =
         webClientBuilder.clientConnector(
@@ -35,9 +37,9 @@ class AppleClient(
     override suspend fun getMe(token: String): OAuth2UserResponse? {
         val jwtHeader = extractJwtHeader(token)
         val appleJwk =
-            webClient.get<List<AppleJwk>>(uri = APPLE_JWK_URI).getOrNull()
-                ?.find {
-                    it.kid == jwtHeader.keyId && it.alg == jwtHeader.algorithm
+            webClient.get<Map<String, List<AppleJwk>>>(uri = APPLE_JWK_URI).getOrNull()
+                ?.get("keys")?.find {
+                    it.kid == jwtHeader["kid"] && it.alg == jwtHeader["alg"]
                 } ?: return null
         val publicKey = convertJwkToPublicKey(appleJwk)
         val jwtPayload = verifyAndDecodeToken(token, publicKey)
@@ -51,7 +53,16 @@ class AppleClient(
         )
     }
 
-    private suspend fun extractJwtHeader(token: String) = Jwts.parser().parseClaimsJws(token).header
+    private suspend fun extractJwtHeader(token: String): Map<String, String> {
+        val headerJson = Base64.getDecoder().decode(token.substringBefore(".")).toString(Charsets.UTF_8)
+        val headerMap = objectMapper.readValue(headerJson, Map::class.java)
+        val kid = headerMap["kid"] as? String ?: throw IllegalArgumentException("유효하지 않은 애플 로그인 토큰")
+        val alg = headerMap["alg"] as? String ?: throw IllegalArgumentException("유효하지 않은 애플 로그인 토큰")
+        return mapOf(
+            "kid" to kid,
+            "alg" to alg,
+        )
+    }
 
     private suspend fun convertJwkToPublicKey(jwk: AppleJwk): PublicKey {
         val modulus = BigInteger(1, Base64.getUrlDecoder().decode(jwk.n))

@@ -3,6 +3,6 @@ package com.wafflestudio.snu4t.users.dto
 import com.fasterxml.jackson.annotation.JsonAlias
 
 data class SocialLoginRequest(
-    @JsonAlias("fb_token")
+    @JsonAlias("fb_token", "apple_token")
     val token: String,
 )