docs: 설명 추가

2021-07-27 13:54:35 +09:00
parent f1eed120de
commit f5398a277f
4 changed files with 26 additions and 27 deletions
--- a/src/main/java/com/example/oauthspringsecurity/config/SecurityConfig.java
+++ b/src/main/java/com/example/oauthspringsecurity/config/SecurityConfig.java
@@ -17,8 +17,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf().disable()
-            .headers().frameOptions().disable()
+        http.csrf().disable() // h2 console 접속을 위해
+            .headers().frameOptions().disable() // h2 console 접속을 위해
            .and()
            .oauth2Login() // OAuth2 로그인 설정 시작점
            .userInfoEndpoint() // OAuth2 로그인 성공 이후 사용자 정보를 가져올 때 설정 담당
--- a/src/main/java/com/example/oauthspringsecurity/service/OAuthService.java
+++ b/src/main/java/com/example/oauthspringsecurity/service/OAuthService.java
@@ -31,14 +31,14 @@ public class OAuthService implements OAuth2UserService<OAuth2UserRequest, OAuth2
        OAuth2User oAuth2User = delegate.loadUser(userRequest); // OAuth 서비스(github, google, naver)에서 가져온 유저 정보를 담고있음

        String registrationId = userRequest.getClientRegistration()
-                                           .getRegistrationId(); // OAuth 서비스 이름(github, naver, google)
+                                           .getRegistrationId(); // OAuth 서비스 이름(ex. github, naver, google)
        String userNameAttributeName = userRequest.getClientRegistration().getProviderDetails()
-                                                  .getUserInfoEndpoint().getUserNameAttributeName();
-        Map<String, Object> attributes = oAuth2User.getAttributes();
+                                                  .getUserInfoEndpoint().getUserNameAttributeName(); // OAuth 로그인 시 키(pk)가 되는 값
+        Map<String, Object> attributes = oAuth2User.getAttributes(); // OAuth 서비스의 유저 정보들

-        UserProfile userProfile = OAuthAttributes.extract(registrationId, attributes);
+        UserProfile userProfile = OAuthAttributes.extract(registrationId, attributes); // registrationId에 따라 유저 정보를 통해 공통된 UserProfile 객체로 만들어 줌

-        Member member = saveOrUpdate(userProfile);
+        Member member = saveOrUpdate(userProfile); // DB에 저장

        return new DefaultOAuth2User(
                Collections.singleton(new SimpleGrantedAuthority(member.getRoleKey())),
@@ -48,7 +48,7 @@ public class OAuthService implements OAuth2UserService<OAuth2UserRequest, OAuth2

    private Member saveOrUpdate(UserProfile userProfile) {
        Member member = memberRepository.findByOauthId(userProfile.getOauthId())
-                                        .map(m -> m.update(userProfile.getName(), userProfile.getEmail(), userProfile.getImageUrl()))
+                                        .map(m -> m.update(userProfile.getName(), userProfile.getEmail(), userProfile.getImageUrl())) // OAuth 서비스 사이트에서 유저 정보 변경이 있을 수 있기 때문에 우리 DB에도 update
                                        .orElse(userProfile.toMember());
        return memberRepository.save(member);
    }
--- a/src/main/resources/application-oauth.yml
+++ b/src/main/resources/application-oauth.yml
@@ -4,24 +4,23 @@ spring:
      client:
        registration:
          github:
-            client-id: "6c34d9a6903231c5a301"
-            client-secret: "비밀키"
-            scope: "name,email,avatar_url"
+            client-id: 6c34d9a6903231c5a301
+            client-secret: 비밀키
+            scope: name,email,avatar_url
          google:
-            client-id: "54767115914-gcla0mork6h3156h4qcutjerm0mdf4fu.apps.googleusercontent.com"
-            client-secret: "비밀키"
-            scope: "profile,email"
-          # 네이버는 spring security가 기본적을 제공해주지 않기 때문에 github, google과 달리 많은 정보를 적어줘야한다.
+            client-id: 54767115914-gcla0mork6h3156h4qcutjerm0mdf4fu.apps.googleusercontent.com
+            client-secret: 비밀키
+            scope: profile,email
          naver:
-            client-id: "sCfhQHgPVQFFf8RTGjVe"
-            client-secret: "비밀키"
+            client-id: sCfhQHgPVQFFf8RTGjVe
+            client-secret: 비밀키
            redirect-uri: "{baseUrl}/{action}/oauth2/code/{registrationId}"
-            authorization_grant_type: "authorization_code"
-            scope: "name,email,profile_image"
-            client-name: "Naver"
+            authorization_grant_type: authorization_code
+            scope: name,email,profile_image
+            client-name: Naver
        provider:
          naver:
-            authorization_uri: "https://nid.naver.com/oauth2.0/authorize"
-            token_uri: "https://nid.naver.com/oauth2.0/token"
-            user-info-uri: "https://openapi.naver.com/v1/nid/me"
-            user_name_attribute: "response"
+            authorization_uri: https://nid.naver.com/oauth2.0/authorize
+            token_uri: https://nid.naver.com/oauth2.0/token
+            user-info-uri: https://openapi.naver.com/v1/nid/me
+            user_name_attribute: response
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -1,9 +1,9 @@
 spring:
  profiles:
-    include: "oauth"
+    include: oauth
  datasource:
-    url: "jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE"
-    name: "sa"
+    url: jdbc:h2:mem:test;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
+    name: sa
    password:
  h2:
    console: