From c919c3eb048f502ff3d93176e2a041d6005a71bc Mon Sep 17 00:00:00 2001 From: SeungGyu Date: Fri, 21 Feb 2025 14:37:02 +0900 Subject: [PATCH] =?UTF-8?q?[refactor]=20=EC=BF=A0=ED=82=A4=20=EC=A0=95?= =?UTF-8?q?=EC=B1=85=20=EB=B3=80=EA=B2=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pickyfy/auth/filter/CustomLoginFilter.java | 4 ++-- .../auth/handler/OAuth2SuccessHandler.java | 4 ++-- .../pickyfy/web/controller/AuthController.java | 16 ++++++++-------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/main/java/com/pickyfy/pickyfy/auth/filter/CustomLoginFilter.java b/src/main/java/com/pickyfy/pickyfy/auth/filter/CustomLoginFilter.java index fa5237f..af71b1e 100644 --- a/src/main/java/com/pickyfy/pickyfy/auth/filter/CustomLoginFilter.java +++ b/src/main/java/com/pickyfy/pickyfy/auth/filter/CustomLoginFilter.java @@ -87,8 +87,8 @@ private void setBody(String role, HttpServletResponse response) throws IOExcepti private ResponseCookie createCookie(String name, String token, String path) { return ResponseCookie.from(name, token) .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path(path) .maxAge(Duration.ofMillis(Constant.COOKIE_EXPIRATION).getSeconds()) .build(); diff --git a/src/main/java/com/pickyfy/pickyfy/auth/handler/OAuth2SuccessHandler.java b/src/main/java/com/pickyfy/pickyfy/auth/handler/OAuth2SuccessHandler.java index d6fd734..0c33a1c 100644 --- a/src/main/java/com/pickyfy/pickyfy/auth/handler/OAuth2SuccessHandler.java +++ b/src/main/java/com/pickyfy/pickyfy/auth/handler/OAuth2SuccessHandler.java @@ -49,8 +49,8 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo private ResponseCookie createCookie(String name, String token, String path) { return ResponseCookie.from(name, token) .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path(path) .maxAge(Duration.ofMillis(Constant.COOKIE_EXPIRATION).getSeconds()) .build(); diff --git a/src/main/java/com/pickyfy/pickyfy/web/controller/AuthController.java b/src/main/java/com/pickyfy/pickyfy/web/controller/AuthController.java index 472f74b..1658ee9 100644 --- a/src/main/java/com/pickyfy/pickyfy/web/controller/AuthController.java +++ b/src/main/java/com/pickyfy/pickyfy/web/controller/AuthController.java @@ -62,16 +62,16 @@ public ApiResponse isAuthenticated( private void createCookie(HttpServletResponse response, AuthResponse token) { ResponseCookie expiredAccessToken = ResponseCookie.from(ACCESS_TOKEN_COOKIE_NAME, token.accessToken()) .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path("/") .maxAge(Duration.ofMillis(Constant.COOKIE_EXPIRATION).getSeconds()) .build(); ResponseCookie expiredRefreshToken = ResponseCookie.from(REFRESH_TOKEN_COOKIE_NAME, token.refreshToken()) .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path("/auth") .maxAge(Duration.ofMillis(Constant.COOKIE_EXPIRATION).getSeconds()) .build(); @@ -83,16 +83,16 @@ private void createCookie(HttpServletResponse response, AuthResponse token) { private void clearCookie(HttpServletResponse response) { ResponseCookie expiredAccessToken = ResponseCookie.from(ACCESS_TOKEN_COOKIE_NAME, "") .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path("/") .maxAge(0) .build(); ResponseCookie expiredRefreshToken = ResponseCookie.from(REFRESH_TOKEN_COOKIE_NAME, "") .httpOnly(true) - .secure(false) - .sameSite("Lax") + .secure(true) + .sameSite("None") .path("/auth") .maxAge(0) .build();