[deploy] v.1.2.9 운영서버로 배포

src/main/java/konkuk/thip/book/application/service/BookRecruitingRoomsService.java

@@ -11,8 +11,6 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import java.time.LocalDate;
-
 @Service
 @RequiredArgsConstructor
 public class BookRecruitingRoomsService implements BookRecruitingRoomsUseCase {
@@ -26,7 +24,7 @@ public class BookRecruitingRoomsService implements BookRecruitingRoomsUseCase {
     @Transactional(readOnly = true)
     public BookRecruitingRoomsResponse getRecruitingRoomsWithBook(String isbn, String cursorStr) {
         Integer totalRoomCount = (cursorStr == null || cursorStr.isBlank()) ? // 첫 요청 여부 판단
-                roomQueryPort.countRecruitingRoomsByBookAndStartDateAfter(isbn, LocalDate.now()) : null;
+                roomQueryPort.countRecruitingRoomsByBookIsbn(isbn) : null;
 
         Cursor cursor = Cursor.from(cursorStr, DEFAULT_PAGE_SIZE);
         CursorBasedList<RoomQueryDto> roomDtos = roomQueryPort.findRoomsByIsbnOrderByDeadline(isbn, cursor);

src/main/java/konkuk/thip/book/application/service/BookSearchService.java

@@ -113,9 +113,8 @@ public BookDetailSearchResult searchDetailBooks(String isbn,Long userId) {
     }
 
     private int getRecruitingRoomCount(Book book) {
-        //오늘 날짜 기준으로 방 활동 시작 기간이 이후인 방 찾기(모집중인 방)
-        LocalDate today = LocalDate.now();
-        return roomQueryPort.countRecruitingRoomsByBookAndStartDateAfter(book.getIsbn(), today);
+        // 모집 중인 방 개수
+        return roomQueryPort.countRecruitingRoomsByBookIsbn(book.getIsbn());
     }
 
     private int getReadCount(Book book) {

src/main/java/konkuk/thip/comment/application/service/CommentCreateService.java

@@ -11,8 +11,8 @@
 import konkuk.thip.comment.application.service.validator.CommentAuthorizationValidator;
 import konkuk.thip.comment.domain.Comment;
 import konkuk.thip.common.exception.InvalidStateException;
-import konkuk.thip.message.application.port.out.FeedEventCommandPort;
-import konkuk.thip.message.application.port.out.RoomEventCommandPort;
+import konkuk.thip.notification.application.port.in.FeedNotificationOrchestrator;
+import konkuk.thip.notification.application.port.in.RoomNotificationOrchestrator;
 import konkuk.thip.post.application.port.out.dto.PostQueryDto;
 import konkuk.thip.post.domain.CountUpdatable;
 import konkuk.thip.post.application.service.handler.PostHandler;
@@ -26,7 +26,6 @@
 import static konkuk.thip.common.exception.code.ErrorCode.INVALID_COMMENT_CREATE;
 import static konkuk.thip.post.domain.PostType.*;
 
-
 @Service
 @RequiredArgsConstructor
 public class CommentCreateService implements CommentCreateUseCase {
@@ -40,8 +39,8 @@ public class CommentCreateService implements CommentCreateUseCase {
     private final PostHandler postHandler;
     private final CommentAuthorizationValidator commentAuthorizationValidator;
 
-    private final FeedEventCommandPort feedEventCommandPort;
-    private final RoomEventCommandPort roomEventCommandPort;
+    private final FeedNotificationOrchestrator feedNotificationOrchestrator;
+    private final RoomNotificationOrchestrator roomNotificationOrchestrator;
 
     @Override
     @Transactional
@@ -96,10 +95,10 @@ private void sendNotificationsToPostWriter(PostQueryDto postQueryDto, User actor
 
         if (postQueryDto.postType().equals(FEED.getType())) {
             // 피드 댓글 알림 이벤트 발행
-            feedEventCommandPort.publishFeedCommentedEvent(postQueryDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.postId());
+            feedNotificationOrchestrator.notifyFeedCommented(postQueryDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.postId());
         } else if (postQueryDto.postType().equals(RECORD.getType()) || postQueryDto.postType().equals(VOTE.getType())) {
             // 모임방 게시글 댓글 알림 이벤트 발행
-            roomEventCommandPort.publishRoomPostCommentedEvent(postQueryDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
+            roomNotificationOrchestrator.notifyRoomPostCommented(postQueryDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
         }
     }
 
@@ -108,10 +107,10 @@ private void sendNotificationsToParentCommentWriter(PostQueryDto postQueryDto, C
 
         if (postQueryDto.postType().equals(FEED.getType())) {
             // 피드 답글 알림 이벤트 발행
-            feedEventCommandPort.publishFeedRepliedEvent(parentCommentDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.postId());
+            feedNotificationOrchestrator.notifyFeedReplied(parentCommentDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.postId());
         } else if (postQueryDto.postType().equals(RECORD.getType()) || postQueryDto.postType().equals(VOTE.getType())) {
             // 모임방 게시글 답글 알림 이벤트 발행
-            roomEventCommandPort.publishRoomPostCommentRepliedEvent(parentCommentDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
+            roomNotificationOrchestrator.notifyRoomPostCommentReplied(parentCommentDto.creatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
         }
     }
 

src/main/java/konkuk/thip/comment/application/service/CommentLikeService.java

@@ -8,8 +8,8 @@
 import konkuk.thip.comment.application.port.out.CommentLikeQueryPort;
 import konkuk.thip.comment.application.service.validator.CommentAuthorizationValidator;
 import konkuk.thip.comment.domain.Comment;
-import konkuk.thip.message.application.port.out.FeedEventCommandPort;
-import konkuk.thip.message.application.port.out.RoomEventCommandPort;
+import konkuk.thip.notification.application.port.in.FeedNotificationOrchestrator;
+import konkuk.thip.notification.application.port.in.RoomNotificationOrchestrator;
 import konkuk.thip.post.application.port.out.dto.PostQueryDto;
 import konkuk.thip.post.application.service.handler.PostHandler;
 import konkuk.thip.post.domain.CountUpdatable;
@@ -32,8 +32,8 @@ public class CommentLikeService implements CommentLikeUseCase {
     private final PostHandler postHandler;
     private final CommentAuthorizationValidator commentAuthorizationValidator;
 
-    private final FeedEventCommandPort feedEventCommandPort;
-    private final RoomEventCommandPort roomEventCommandPort;
+    private final FeedNotificationOrchestrator feedNotificationOrchestrator;
+    private final RoomNotificationOrchestrator roomNotificationOrchestrator;
 
     @Override
     @Transactional
@@ -73,11 +73,11 @@ private void sendNotifications(CommentIsLikeCommand command, Comment comment) {
         User actorUser = userCommandPort.findById(command.userId());
         // 좋아요 푸쉬알림 전송
         if (comment.getPostType() == PostType.FEED) {
-            feedEventCommandPort.publishFeedCommentLikedEvent(comment.getCreatorId(), actorUser.getId(), actorUser.getNickname(), comment.getTargetPostId());
+            feedNotificationOrchestrator.notifyFeedCommentLiked(comment.getCreatorId(), actorUser.getId(), actorUser.getNickname(), comment.getTargetPostId());
         }
         if (comment.getPostType() == PostType.RECORD || comment.getPostType() == PostType.VOTE) {
             PostQueryDto postQueryDto = postHandler.getPostQueryDto(comment.getPostType(), comment.getTargetPostId());
-            roomEventCommandPort.publishRoomCommentLikedEvent(comment.getCreatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
+            roomNotificationOrchestrator.notifyRoomCommentLiked(comment.getCreatorId(), actorUser.getId(), actorUser.getNickname(), postQueryDto.roomId(), postQueryDto.page(), postQueryDto.postId(), postQueryDto.postType());
         }
     }
 }

src/main/java/konkuk/thip/comment/application/service/policy/RoomPostCommentAccessPolicy.java

@@ -2,6 +2,7 @@
 
 import konkuk.thip.post.domain.CountUpdatable;
 import konkuk.thip.room.application.service.validator.RoomParticipantValidator;
+import konkuk.thip.room.application.service.validator.RoomValidator;
 import konkuk.thip.roompost.domain.RoomPost;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
@@ -11,11 +12,13 @@
 public class RoomPostCommentAccessPolicy implements CommentAccessPolicy {
 
     private final RoomParticipantValidator roomParticipantValidator;
+    private final RoomValidator roomValidator;
 
     @Override
     public void validateCommentAccess(CountUpdatable post, Long userId) {
         RoomPost roomPost = (RoomPost) post;
         roomParticipantValidator.validateUserIsRoomMember(roomPost.getRoomId(), userId);
+        roomValidator.validateRoomInProgress(roomPost.getRoomId());
     }
 
 }

src/main/java/konkuk/thip/common/exception/code/ErrorCode.java

@@ -24,9 +24,11 @@ public enum ErrorCode implements ResponseCode {
     AUTH_UNSUPPORTED_SOCIAL_LOGIN(HttpStatus.UNAUTHORIZED, 40105, "지원하지 않는 소셜 로그인입니다."),
     AUTH_INVALID_LOGIN_TOKEN_KEY(HttpStatus.UNAUTHORIZED, 40106, "유효하지 않은 로그인 토큰 키입니다."),
     AUTH_BLACKLIST_TOKEN(HttpStatus.UNAUTHORIZED, 40107, "블랙리스트에 등록된 토큰입니다."),
+    AUTH_INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 40108, "인증 처리 중 서버 오류가 발생했습니다."),
 
     JSON_PROCESSING_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 50100, "JSON 직렬화/역직렬화에 실패했습니다."),
     AWS_BUCKET_BASE_URL_NOT_CONFIGURED(HttpStatus.INTERNAL_SERVER_ERROR, 50101, "aws s3 bucket base url 설정이 누락되었습니다."),
+    WEB_DOMAIN_ORIGIN_EMPTY(HttpStatus.INTERNAL_SERVER_ERROR, 50102, "허용된 웹 도메인 설정이 비어있습니다."),
 
     PERSISTENCE_TRANSACTION_REQUIRED(HttpStatus.INTERNAL_SERVER_ERROR, 50110, "@Transactional 컨텍스트가 필요합니다. 트랜잭션 범위 내에서만 사용할 수 있습니다."),
 
@@ -99,8 +101,9 @@ public enum ErrorCode implements ResponseCode {
     INVALID_ROOM_SEARCH_SORT(HttpStatus.BAD_REQUEST, 100005, "방 검색 시 정렬 조건이 잘못되었습니다."),
     ROOM_MEMBER_COUNT_EXCEEDED(HttpStatus.BAD_REQUEST, 100006, "방의 최대 인원 수를 초과했습니다."),
     ROOM_MEMBER_COUNT_UNDERFLOW(HttpStatus.BAD_REQUEST, 100007, "방의 인원 수가 1 이하(방장 포함)입니다."),
-    ROOM_IS_EXPIRED(HttpStatus.BAD_REQUEST, 100008, "방이 만료되었습니다."),
+    ROOM_IS_EXPIRED(HttpStatus.BAD_REQUEST, 100008, " 완료된 모임방에서는 기존 기록에 대한 조회만 가능해요."),
     ROOM_POST_TYPE_NOT_MATCH(HttpStatus.BAD_REQUEST, 100009, "일치하는 방 게시물 타입 이름이 없습니다. [RECORD, VOTE] 중 하나여야 합니다."),
+    ROOM_NOT_IN_PROGRESS(HttpStatus.BAD_REQUEST, 100010, "진행 중인 방이 아닙니다."),
 
     /**
      * 110000 : vote error
@@ -221,7 +224,13 @@ public enum ErrorCode implements ResponseCode {
     FCM_TOKEN_NOT_FOUND(HttpStatus.NOT_FOUND, 200000, "존재하지 않는 FCM TOKEN 입니다."),
     FCM_TOKEN_ENABLED_STATE_ALREADY(HttpStatus.BAD_REQUEST, 200001, "요청한 상태로 이미 푸쉬 알림 여부가 설정되어 있습니다."),
     FCM_TOKEN_ACCESS_FORBIDDEN(HttpStatus.FORBIDDEN, 200002, "토큰을 소유하고 있는 계정이 아닙니다."),
-    FIREBASE_SEND_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 200003, "FCM 푸쉬 알림 전송에 실패했습니다.")
+    FIREBASE_SEND_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 200003, "FCM 푸쉬 알림 전송에 실패했습니다."),
+
+
+    /**
+     * 205000 : notification error
+     */
+    INVALID_NOTIFICATION_TYPE(HttpStatus.BAD_REQUEST, 205000, "유효하지 않은 알림 타입입니다."),
 
     ;
 

src/main/java/konkuk/thip/common/security/constant/AuthParameters.java

@@ -19,6 +19,9 @@ public enum AuthParameters {
     COOKIE_ACCESS_TOKEN("access_token"),
     COOKIE_TEMP_TOKEN("temp_token"),
 
+    REDIRECT_URL_KEY("redirect_url"),
+    REDIRECT_SESSION_KEY("oauth2_return_to"),
+
     ;
 
     private final String value;

src/main/java/konkuk/thip/common/security/constant/SecurityWhitelist.java

@@ -0,0 +1,39 @@
+package konkuk.thip.common.security.constant;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+import java.util.Arrays;
+import java.util.List;
+
+@RequiredArgsConstructor
+@Getter
+public enum SecurityWhitelist {
+
+    SWAGGER_UI("/swagger-ui/**"),
+    API_DOCS("/api-docs/**"),
+    SWAGGER_UI_HTML("/swagger-ui.html"),
+    V3_API_DOCS("/v3/api-docs/**"),
+    OAUTH2_AUTHORIZATION("/oauth2/authorization/**"),
+    LOGIN_OAUTH2_CODE("/login/oauth2/code/**"),
+    ACTUATOR_HEALTH("/actuator/health"),
+    AUTH_USERS("/auth/users"),
+    AUTH_TOKEN("/auth/token"),
+    API_TEST("/api/test/**"),
+    AUTH_EXCHANGE_TEMP_TOKEN("/auth/exchange-temp-token"),
+    AUTH_SET_COOKIE("/auth/set-cookie");
+
+    private final String pattern;
+
+    // SecurityConfig 용 전체 리스트
+    public static String[] patterns() {
+        return Arrays.stream(values())
+                .map(SecurityWhitelist::getPattern)
+                .toArray(String[]::new);
+    }
+
+    // JwtAuthenticationFilter.shouldNotFilter() 용 편의 메서드
+    public static List<String> patternsList() {
+        return Arrays.asList(patterns());
+    }
+}

src/main/java/konkuk/thip/common/security/filter/JwtAuthenticationEntryPoint.java

@@ -3,6 +3,8 @@
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import konkuk.thip.common.exception.AuthException;
+import konkuk.thip.common.exception.code.ErrorCode;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.AuthenticationEntryPoint;
@@ -15,16 +17,32 @@
 public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
     private final HandlerExceptionResolver resolver;
 
-    public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver") HandlerExceptionResolver resolver){
+    public JwtAuthenticationEntryPoint(@Qualifier("handlerExceptionResolver")
+                                       HandlerExceptionResolver resolver) {
         this.resolver = resolver;
     }
 
     @Override
-    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
-        Exception e = (Exception) request.getAttribute("exception");
-        if(e == null){
-            e = authException;
+    public void commence(HttpServletRequest request,
+                         HttpServletResponse response,
+                         AuthenticationException authException) throws IOException, ServletException {
+
+        // 필터에서 set한 예외 우선
+        Exception original = (Exception) request.getAttribute("exception");
+        if (original == null) {
+            original = authException;
+        }
+
+        Exception mapped = wrapAsAuthException(original);
+
+        resolver.resolveException(request, response, null, mapped);
+    }
+
+    // 모든 예외를 AuthException(401)으로 감싸는 메서드
+    private Exception wrapAsAuthException(Exception e) {
+        if (e instanceof AuthException) {
+            return e;
         }
-        resolver.resolveException(request, response, null, e);
+        return new AuthException(ErrorCode.AUTH_INTERNAL_SERVER_ERROR, e);
     }
-}
+}

src/main/java/konkuk/thip/common/security/filter/JwtAuthenticationFilter.java

@@ -1,23 +1,29 @@
 package konkuk.thip.common.security.filter;
 
+import jakarta.annotation.PostConstruct;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import konkuk.thip.common.exception.AuthException;
+import konkuk.thip.common.security.constant.SecurityWhitelist;
 import konkuk.thip.common.security.oauth2.CustomOAuth2User;
 import konkuk.thip.common.security.oauth2.LoginUser;
 import konkuk.thip.common.security.util.JwtUtil;
 import konkuk.thip.user.application.port.UserTokenBlacklistQueryPort;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.server.PathContainer;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.pattern.PathPattern;
+import org.springframework.web.util.pattern.PathPatternParser;
 
 import java.io.IOException;
+import java.util.List;
 
 import static konkuk.thip.common.exception.code.ErrorCode.*;
 import static konkuk.thip.common.security.constant.AuthParameters.*;
@@ -30,6 +36,31 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     private final JwtUtil jwtUtil;
     private final UserTokenBlacklistQueryPort userTokenBlacklistQueryPort;
 
+    private List<PathPattern> whitelistPatterns;
+    private final PathPatternParser pathPatternParser = new PathPatternParser();
+
+    @PostConstruct
+    void initWhitelistPatterns() {
+        this.whitelistPatterns = SecurityWhitelist.patternsList().stream()
+                .map(pathPatternParser::parse)   // 애플리케이션 시작 시 1회 컴파일
+                .toList();
+    }
+
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        // 컨텍스트 패스 고려한 실제 경로(= path) 추출
+        String requestUri = request.getRequestURI();
+        String contextPath = request.getContextPath();
+        String path = (contextPath != null && !contextPath.isEmpty() && requestUri.startsWith(contextPath))
+                ? requestUri.substring(contextPath.length())
+                : requestUri;
+
+        PathContainer container = PathContainer.parsePath(path);
+
+        // PathPattern으로 세그먼트 기반 매칭
+        return whitelistPatterns.stream().anyMatch(p -> p.matches(container));
+    }
+
     @Override
     protected void doFilterInternal(HttpServletRequest request,
                                     HttpServletResponse response,
@@ -92,24 +123,4 @@ private String extractToken(HttpServletRequest request) {
         log.info("토큰이 없습니다.");
         return null;
     }
-
-    @Override
-    protected boolean shouldNotFilter(HttpServletRequest request) {
-        String path = request.getRequestURI();
-
-        // 화이트리스트 경로에 대해서는 JWT 필터 제외
-        return path.startsWith("/swagger-ui")
-                || path.startsWith("/v3/api-docs")
-                || path.startsWith("/api-docs")
-                || path.startsWith("/actuator/health")
-                || path.startsWith("/oauth2/authorization")
-                || path.startsWith("/login/oauth2/code")
-                || path.startsWith("/auth/users")
-                || path.equals("/auth/token")
-
-//                || path.equals("/auth/set-cookie")
-//                || path.equals("/auth/exchange-temp-token")
-                ;
-    }
-
 }