Develop

src/auth/controllers/auth.controller.ts

@@ -1,5 +1,5 @@
 import { Request, Response } from "express";
-import AuthService, { assertAllowedRedirectUri } from "../services/auth.service";
+import AuthService, { resolveRedirectUri } from "../services/auth.service";
 import { AppError } from "../../errors/AppError";
 import { CompleteSignupDto } from "../dtos/complete-signup.dto";
 import { validate } from "class-validator";
@@ -328,8 +328,8 @@ class AuthController {
         });
       }
 
-      const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
-      const result = await AuthService.exchangeKakaoToken(code, validatedRedirectUri);
+      const resolvedRedirectUri = resolveRedirectUri("KAKAO", redirect_uri);
+      const result = await AuthService.exchangeKakaoToken(code, resolvedRedirectUri);
 
       res.status(200).json({
         message: "카카오 로그인이 완료되었습니다.",
@@ -365,8 +365,8 @@ class AuthController {
         });
       }
 
-      const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
-      const result = await AuthService.exchangeGoogleToken(code, validatedRedirectUri);
+      const resolvedRedirectUri = resolveRedirectUri("GOOGLE", redirect_uri);
+      const result = await AuthService.exchangeGoogleToken(code, resolvedRedirectUri);
 
       res.status(200).json({
         message: "구글 로그인이 완료되었습니다.",
@@ -402,8 +402,8 @@ class AuthController {
         });
       }
 
-      const validatedRedirectUri = assertAllowedRedirectUri(redirect_uri);
-      const result = await AuthService.exchangeNaverToken(code, validatedRedirectUri);
+      const resolvedRedirectUri = resolveRedirectUri("NAVER", redirect_uri);
+      const result = await AuthService.exchangeNaverToken(code, resolvedRedirectUri);
 
       res.status(200).json({
         message: "네이버 로그인이 완료되었습니다.",

src/auth/services/auth.service.ts

@@ -35,6 +35,23 @@ export const assertAllowedRedirectUri = (redirectUri: string | undefined): strin
   return redirectUri;
 };
 
+// 호환성 fallback: body의 redirect_uri가 없을 때 환경변수의 provider별 callback URL을 사용한다.
+// 프론트 단계적 반영을 위한 임시 호환 경로.
+export const resolveRedirectUri = (
+  provider: "GOOGLE" | "KAKAO" | "NAVER",
+  bodyRedirectUri: string | undefined
+): string => {
+  if (bodyRedirectUri) {
+    return assertAllowedRedirectUri(bodyRedirectUri);
+  }
+  const envKey = `${provider}_CALLBACK_URL` as const;
+  const fallback = process.env[envKey];
+  if (!fallback) {
+    throw new AppError("redirect_uri가 필요합니다.", 400, "BadRequest");
+  }
+  return fallback;
+};
+
 class AuthService {
   async generateTokens(user: any): Promise<Tokens> {
     const accessToken = jwt.sign(