fix: apple resolver 추가 (#382)

Ssamssamukja · web-flow · commit a58781026696 · 2026-03-03T02:51:53.000+09:00
diff --git a/clokey-api/src/main/java/org/clokey/global/config/security/SecurityConfig.java b/clokey-api/src/main/java/org/clokey/global/config/security/SecurityConfig.java
@@ -7,6 +7,7 @@
 import org.clokey.domain.auth.handler.OidcLoginSuccessHandler;
 import org.clokey.domain.auth.service.CustomOAuth2UserService;
 import org.clokey.domain.auth.service.JwtTokenService;
+import org.clokey.global.security.AppleAwareOAuth2AuthorizationRequestResolver;
 import org.clokey.global.security.JwtAuthenticationFilter;
 import org.clokey.helper.SpringEnvironmentHelper;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,7 +27,6 @@
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestCustomizers;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@@ -169,8 +169,8 @@ public OAuth2AuthorizationRequestResolver oauth2AuthorizationRequestResolver() {
         if (clientRegistrationRepository == null) {
             throw new IllegalStateException("ClientRegistrationRepository is required for OAuth2");
         }
-        DefaultOAuth2AuthorizationRequestResolver resolver =
-                new DefaultOAuth2AuthorizationRequestResolver(
+        AppleAwareOAuth2AuthorizationRequestResolver resolver =
+                new AppleAwareOAuth2AuthorizationRequestResolver(
                         clientRegistrationRepository, "/oauth2/authorization");
         resolver.setAuthorizationRequestCustomizer(
                 OAuth2AuthorizationRequestCustomizers.withPkce());
diff --git a/clokey-api/src/main/java/org/clokey/global/security/AppleAwareOAuth2AuthorizationRequestResolver.java b/clokey-api/src/main/java/org/clokey/global/security/AppleAwareOAuth2AuthorizationRequestResolver.java
@@ -0,0 +1,64 @@
+package org.clokey.global.security;
+
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
+import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+
+@RequiredArgsConstructor
+public class AppleAwareOAuth2AuthorizationRequestResolver
+        implements OAuth2AuthorizationRequestResolver {
+
+    private final DefaultOAuth2AuthorizationRequestResolver delegate;
+
+    public AppleAwareOAuth2AuthorizationRequestResolver(
+            ClientRegistrationRepository clientRegistrationRepository,
+            String authorizationBaseUri) {
+        this.delegate =
+                new DefaultOAuth2AuthorizationRequestResolver(
+                        clientRegistrationRepository, authorizationBaseUri);
+    }
+
+    @Override
+    public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
+        OAuth2AuthorizationRequest authorizationRequest = delegate.resolve(request);
+        return customizeIfApple(request, authorizationRequest);
+    }
+
+    @Override
+    public OAuth2AuthorizationRequest resolve(
+            HttpServletRequest request, String clientRegistrationId) {
+        OAuth2AuthorizationRequest authorizationRequest =
+                delegate.resolve(request, clientRegistrationId);
+        if (authorizationRequest == null) {
+            return null;
+        }
+        return "apple".equals(clientRegistrationId)
+                ? OAuth2AuthorizationRequest.from(authorizationRequest)
+                        .additionalParameters(params -> params.put("response_mode", "form_post"))
+                        .build()
+                : authorizationRequest;
+    }
+
+    public void setAuthorizationRequestCustomizer(
+            java.util.function.Consumer<OAuth2AuthorizationRequest.Builder>
+                    authorizationRequestCustomizer) {
+        delegate.setAuthorizationRequestCustomizer(authorizationRequestCustomizer);
+    }
+
+    private OAuth2AuthorizationRequest customizeIfApple(
+            HttpServletRequest request, OAuth2AuthorizationRequest authorizationRequest) {
+        if (authorizationRequest == null) {
+            return null;
+        }
+        String requestUri = request.getRequestURI();
+        if (requestUri != null && requestUri.endsWith("/apple")) {
+            return OAuth2AuthorizationRequest.from(authorizationRequest)
+                    .additionalParameters(params -> params.put("response_mode", "form_post"))
+                    .build();
+        }
+        return authorizationRequest;
+    }
+}
