diff --git a/backend/src/main/java/com/twtw/backend/config/security/SecurityConfig.java b/backend/src/main/java/com/twtw/backend/config/security/SecurityConfig.java index 50519700..49061102 100644 --- a/backend/src/main/java/com/twtw/backend/config/security/SecurityConfig.java +++ b/backend/src/main/java/com/twtw/backend/config/security/SecurityConfig.java @@ -34,7 +34,7 @@ public SecurityFilterChain configure(HttpSecurity http) throws Exception { "/v3/api-docs/**", "/swagger-ui/**", "/swagger-ui.html", - "auth/**") + "auth/refresh") .permitAll()) .authorizeHttpRequests( x -> x.requestMatchers("/test/**").permitAll().anyRequest().authenticated()) diff --git a/backend/src/test/java/com/twtw/backend/domain/member/controller/AuthControllerTest.java b/backend/src/test/java/com/twtw/backend/domain/member/controller/AuthControllerTest.java index 5212c90b..048c031a 100644 --- a/backend/src/test/java/com/twtw/backend/domain/member/controller/AuthControllerTest.java +++ b/backend/src/test/java/com/twtw/backend/domain/member/controller/AuthControllerTest.java @@ -6,6 +6,7 @@ import static org.mockito.ArgumentMatchers.any; import static org.mockito.BDDMockito.given; import static org.springframework.restdocs.mockmvc.MockMvcRestDocumentation.document; +import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post; import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; @@ -34,6 +35,25 @@ class AuthControllerTest extends RestDocsTest { @MockBean private AuthService authService; + @Test + @DisplayName("토큰이 만료되었는가") + void validate() throws Exception { + + // when + final ResultActions perform = + mockMvc.perform( + get("/auth/validate") + .contentType(MediaType.APPLICATION_JSON) + .header("Authorization", + "Bearer wefa3fsdczf32.gaoiuergf92.gb5hsa2jgh")); + // then + perform.andExpect(status().isNoContent()); + //docs + + perform.andDo(print()) + .andDo(document("토큰 유효성 검사 성공", getDocumentRequest(), getDocumentResponse())); + } + @Test @DisplayName("JWT 리프레시 API가 수행되는가") void authorize() throws Exception {