diff --git a/bootstrap/pom.xml b/bootstrap/pom.xml
index a691544..1af24ca 100755
--- a/bootstrap/pom.xml
+++ b/bootstrap/pom.xml
@@ -40,6 +40,17 @@
infrastructure
${project.version}
+
+
+ com.dh7789dev
+ data
+ ${project.version}
+
+
+ com.dh7789dev
+ spi
+ ${project.version}
+
org.projectlombok
diff --git a/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java b/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java
index 6400c5c..535de9b 100644
--- a/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java
+++ b/bootstrap/src/main/java/com/dh7789dev/xpeditis/configuration/OAuth2AuthenticationSuccessHandler.java
@@ -1,10 +1,8 @@
package com.dh7789dev.xpeditis.configuration;
import com.dh7789dev.xpeditis.AuthenticationRepository;
-import com.dh7789dev.xpeditis.CommonUtil;
import com.dh7789dev.xpeditis.UserRepository;
import com.dh7789dev.xpeditis.dto.app.UserAccount;
-import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest;
import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.ServletException;
@@ -35,11 +33,11 @@ public class OAuth2AuthenticationSuccessHandler implements AuthenticationSuccess
DefaultOAuth2User oAuth2User = (DefaultOAuth2User) authentication.getPrincipal();
String email = (String) oAuth2User.getAttributes().get("email");
- String password = CommonUtil.generatePassword(12);
+ String password = "oauth-generated";
+ // Ensure the user exists, but do not try to re-authenticate with password
UserAccount user = userRepository.findOrCreateOAuthUser(email, oAuth2User.getAttributes(), password);
- AuthenticationResponse authResponse = authenticationRepository.authenticate(
- new AuthenticationRequest(user.getEmail(), user.getPassword()));
+ AuthenticationResponse authResponse = authenticationRepository.authenticateOAuthByEmail(user.getEmail());
response.setContentType("application/json");
response.setCharacterEncoding("UTF-8");
diff --git a/bootstrap/src/main/resources/application-dev.yml b/bootstrap/src/main/resources/application-dev.yml
index 9e03ac7..9b282f3 100644
--- a/bootstrap/src/main/resources/application-dev.yml
+++ b/bootstrap/src/main/resources/application-dev.yml
@@ -9,6 +9,7 @@ spring:
scope:
- profile
- email
+ redirect-uri: "http://localhost:8080/login/oauth2/code/{registrationId}"
provider:
google:
authorization-uri: https://accounts.google.com/o/oauth2/v2/auth
@@ -76,4 +77,4 @@ application:
expiration: 604800000 # 7 days
server:
- port: 8083
\ No newline at end of file
+ port: 8080
\ No newline at end of file
diff --git a/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java b/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java
index 6107d94..46a8707 100644
--- a/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java
+++ b/domain/spi/src/main/java/com/dh7789dev/xpeditis/AuthenticationRepository.java
@@ -1,11 +1,14 @@
-package com.dh7789dev.xpeditis;
-
-import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest;
-import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse;
-import com.dh7789dev.xpeditis.dto.request.RegisterRequest;
-
-public interface AuthenticationRepository {
-
- AuthenticationResponse authenticate(AuthenticationRequest request);
- AuthenticationResponse register(RegisterRequest request);
-}
+package com.dh7789dev.xpeditis;
+
+import com.dh7789dev.xpeditis.dto.request.AuthenticationRequest;
+import com.dh7789dev.xpeditis.dto.response.AuthenticationResponse;
+import com.dh7789dev.xpeditis.dto.request.RegisterRequest;
+
+public interface AuthenticationRepository {
+
+ AuthenticationResponse authenticate(AuthenticationRequest request);
+ AuthenticationResponse register(RegisterRequest request);
+
+ // Issue JWT tokens for an already-authenticated OAuth2 user identified by email
+ AuthenticationResponse authenticateOAuthByEmail(String email);
+}
diff --git a/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java b/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java
index 3954a12..dde22be 100644
--- a/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java
+++ b/infrastructure/src/main/java/com/dh7789dev/xpeditis/repository/AuthenticationJwtRepository.java
@@ -57,6 +57,25 @@ public class AuthenticationJwtRepository implements AuthenticationRepository {
.setExpiresAt(jwtUtil.extractExpiration(jwtToken));
}
+ @Override
+ public AuthenticationResponse authenticateOAuthByEmail(String email) {
+ log.info("OAuth2 authenticate by email: {}", email);
+ var userEntity = userDao.findByUsernameOrEmail(email)
+ .orElseThrow(() -> new UsernameNotFoundException("User not found: " + email));
+
+ var jwtToken = jwtUtil.generateToken(userEntity);
+ var refreshToken = jwtUtil.generateRefreshToken(userEntity);
+
+ revokeAllUserTokens(userEntity);
+ saveUserToken(userEntity, jwtToken);
+
+ return new AuthenticationResponse()
+ .setAccessToken(jwtToken)
+ .setRefreshToken(refreshToken)
+ .setCreatedAt(jwtUtil.extractCreatedAt(jwtToken))
+ .setExpiresAt(jwtUtil.extractExpiration(jwtToken));
+ }
+
@Override
public AuthenticationResponse register(RegisterRequest request) {
if (userDao.existsByUsername(request.getUsername())) {