feat: preRegister reCAPTCHA v3 추가

thatgirls00 · web-flow · commit a0ac7fbab663 · 2025-12-28T00:26:06.000+09:00
diff --git a/backend/src/main/java/com/back/api/preregister/controller/PreRegisterApi.java b/backend/src/main/java/com/back/api/preregister/controller/PreRegisterApi.java
@@ -3,6 +3,7 @@
 import java.util.List;
 
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestHeader;
 
 import com.back.api.preregister.dto.response.PreRegisterResponse;
 import com.back.global.config.swagger.ApiErrorCode;
@@ -40,7 +41,7 @@ public interface PreRegisterApi {
 
 	@Operation(
 		summary = "사전등록",
-		description = "이벤트에 사전등록합니다. (인증 제외)",
+		description = "이벤트에 사전등록합니다. (인증 제외). reCAPTCHA v3 토큰을 헤더(X-Recaptcha-Token)로 전달해야 합니다.",
 		security = @SecurityRequirement(name = "bearerAuth")
 	)
 	@ApiErrorCode({
@@ -51,11 +52,16 @@ public interface PreRegisterApi {
 		"INVALID_USER_INFO",
 		"TERMS_NOT_AGREED",
 		"PRIVACY_NOT_AGREED",
+		"RECAPTCHA_TOKEN_MISSING",
+		"RECAPTCHA_VERIFICATION_FAILED",
+		"RECAPTCHA_SCORE_TOO_LOW",
 		"UNAUTHORIZED"
 	})
 	ApiResponse<PreRegisterResponse> register(
 		@Parameter(description = "이벤트 ID", example = "1")
-		@PathVariable Long eventId
+		@PathVariable Long eventId,
+		@Parameter(description = "reCAPTCHA v3 토큰", example = "03AGdBq24...")
+		@RequestHeader(value = "X-Recaptcha-Token", required = false) String recaptchaToken
 	);
 
 	@Operation(
diff --git a/backend/src/main/java/com/back/api/preregister/controller/PreRegisterController.java b/backend/src/main/java/com/back/api/preregister/controller/PreRegisterController.java
@@ -6,12 +6,14 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import com.back.api.preregister.dto.response.PreRegisterResponse;
 import com.back.api.preregister.service.PreRegisterService;
 import com.back.global.http.HttpRequestContext;
+import com.back.global.recaptcha.service.ReCaptchaService;
 import com.back.global.response.ApiResponse;
 
 import lombok.RequiredArgsConstructor;
@@ -23,12 +25,15 @@ public class PreRegisterController implements PreRegisterApi {
 
 	private final PreRegisterService preRegisterService;
 	private final HttpRequestContext httpRequestContext;
+	private final ReCaptchaService reCaptchaService;
 
 	// 인증 있는 사전 등록 -> v2에서 사용 예정
 	// @Override
 	// @PostMapping
 	// public ApiResponse<PreRegisterResponse> register(
 	// 	@PathVariable Long eventId,
+	//	@RequestHeader(value = "X-Recaptcha-Token", required = false) String recaptchaToken) {
+	// 	reCaptchaService.verifyToken(recaptchaToken, null);
 	// 	@Valid @RequestBody PreRegisterCreateRequest request) {
 	// 	Long userId = httpRequestContext.getUserId();
 	// 	PreRegisterResponse response = preRegisterService.register(eventId, userId, request);
@@ -37,7 +42,10 @@ public class PreRegisterController implements PreRegisterApi {
 
 	@Override
 	@PostMapping("/events/{eventId}/pre-registers")
-	public ApiResponse<PreRegisterResponse> register(@PathVariable Long eventId) {
+	public ApiResponse<PreRegisterResponse> register(
+		@PathVariable Long eventId,
+		@RequestHeader(value = "X-Recaptcha-Token", required = false) String recaptchaToken) {
+		reCaptchaService.verifyToken(recaptchaToken, null);
 		Long userId = httpRequestContext.getUserId();
 		PreRegisterResponse response = preRegisterService.quickPreRegister(eventId, userId);
 		return ApiResponse.created("사전등록이 완료되었습니다.", response);
diff --git a/backend/src/main/java/com/back/global/error/code/CommonErrorCode.java b/backend/src/main/java/com/back/global/error/code/CommonErrorCode.java
@@ -20,6 +20,11 @@ public enum CommonErrorCode implements ErrorCode {
 	// ===== HTTP METHOD 오류 =====
 	METHOD_NOT_ALLOWED(HttpStatus.METHOD_NOT_ALLOWED, "지원하지 않는 HTTP 메서드입니다."),
 
+	// ===== reCAPTCHA 관련 =====
+	RECAPTCHA_VERIFICATION_FAILED(HttpStatus.BAD_REQUEST, "reCAPTCHA 검증에 실패했습니다."),
+	RECAPTCHA_SCORE_TOO_LOW(HttpStatus.BAD_REQUEST, "봇으로 의심되는 활동이 감지되었습니다."),
+	RECAPTCHA_TOKEN_MISSING(HttpStatus.BAD_REQUEST, "reCAPTCHA 토큰이 누락되었습니다."),
+
 	// ===== 서버 내부 오류 =====
 	INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, "서버 내부 오류가 발생했습니다.");
 
diff --git a/backend/src/main/java/com/back/global/recaptcha/config/ReCaptchaConfig.java b/backend/src/main/java/com/back/global/recaptcha/config/ReCaptchaConfig.java
@@ -0,0 +1,14 @@
+package com.back.global.recaptcha.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.client.RestTemplate;
+
+@Configuration
+public class ReCaptchaConfig {
+
+	@Bean
+	public RestTemplate restTemplate() {
+		return new RestTemplate();
+	}
+}
diff --git a/backend/src/main/java/com/back/global/recaptcha/config/ReCaptchaProperties.java b/backend/src/main/java/com/back/global/recaptcha/config/ReCaptchaProperties.java
@@ -0,0 +1,21 @@
+package com.back.global.recaptcha.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@Component
+@ConfigurationProperties(prefix = "google.captcha")
+public class ReCaptchaProperties {
+
+	private String secretKey;
+	private static final String VERIFY_URL = "https://www.google.com/recaptcha/api/siteverify";
+
+	public String getVerifyUrl() {
+		return VERIFY_URL;
+	}
+}
diff --git a/backend/src/main/java/com/back/global/recaptcha/dto/ReCaptchaRequest.java b/backend/src/main/java/com/back/global/recaptcha/dto/ReCaptchaRequest.java
@@ -0,0 +1,20 @@
+package com.back.global.recaptcha.dto;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public class ReCaptchaRequest {
+
+	@JsonProperty("secret")
+	private String secret;
+
+	@JsonProperty("response")
+	private String response;
+
+	@JsonProperty("remoteip")
+	private String remoteIp;
+}
diff --git a/backend/src/main/java/com/back/global/recaptcha/dto/ReCaptchaResponse.java b/backend/src/main/java/com/back/global/recaptcha/dto/ReCaptchaResponse.java
@@ -0,0 +1,34 @@
+package com.back.global.recaptcha.dto;
+
+import java.time.LocalDateTime;
+import java.util.List;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Getter
+@Setter
+@NoArgsConstructor
+public class ReCaptchaResponse {
+
+	@JsonProperty("success")
+	private boolean success;
+
+	@JsonProperty("score")
+	private Double score;
+
+	@JsonProperty("action")
+	private String action;
+
+	@JsonProperty("challenge_ts")
+	private LocalDateTime challengeTs;
+
+	@JsonProperty("hostname")
+	private String hostname;
+
+	@JsonProperty("error-codes")
+	private List<String> errorCodes;
+}
diff --git a/backend/src/main/java/com/back/global/recaptcha/service/ReCaptchaService.java b/backend/src/main/java/com/back/global/recaptcha/service/ReCaptchaService.java
@@ -0,0 +1,106 @@
+package com.back.global.recaptcha.service;
+
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Service;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.client.RestClientException;
+import org.springframework.web.client.RestTemplate;
+
+import com.back.global.error.code.CommonErrorCode;
+import com.back.global.error.exception.ErrorException;
+import com.back.global.recaptcha.config.ReCaptchaProperties;
+import com.back.global.recaptcha.dto.ReCaptchaResponse;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class ReCaptchaService {
+
+	private final ReCaptchaProperties reCaptchaProperties;
+	private final RestTemplate restTemplate;
+
+	private static final double MINIMUM_SCORE = 0.5;
+
+	/**
+	 * reCAPTCHA v3 토큰 검증
+	 *
+	 * @param token reCAPTCHA 토큰
+	 * @param remoteIp 클라이언트 IP
+	 */
+	public void verifyToken(String token, String remoteIp) {
+		if (token == null || token.isBlank()) {
+			log.warn("reCAPTCHA 토큰이 누락되었습니다.");
+			throw new ErrorException(CommonErrorCode.RECAPTCHA_TOKEN_MISSING);
+		}
+
+		ReCaptchaResponse response = sendVerificationRequest(token, remoteIp);
+
+		validateResponse(response);
+	}
+
+	/**
+	 * Google reCAPTCHA API로 검증 요청 전송
+	 */
+	private ReCaptchaResponse sendVerificationRequest(String token, String remoteIp) {
+		try {
+			HttpHeaders headers = new HttpHeaders();
+			headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+			MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
+			params.add("secret", reCaptchaProperties.getSecretKey());
+			params.add("response", token);
+			if (remoteIp != null && !remoteIp.isBlank()) {
+				params.add("remoteip", remoteIp);
+			}
+
+			HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);
+
+			ReCaptchaResponse response = restTemplate.postForObject(
+				reCaptchaProperties.getVerifyUrl(),
+				request,
+				ReCaptchaResponse.class
+			);
+
+			log.debug("reCAPTCHA 검증 응답: success={}, score={}, action={}, errorCodes={}",
+				response != null ? response.isSuccess() : null,
+				response != null ? response.getScore() : null,
+				response != null ? response.getAction() : null,
+				response != null ? response.getErrorCodes() : null
+			);
+
+			return response;
+
+		} catch (RestClientException e) {
+			log.error("reCAPTCHA API 호출 중 오류 발생", e);
+			throw new ErrorException(CommonErrorCode.RECAPTCHA_VERIFICATION_FAILED);
+		}
+	}
+
+	/**
+	 * reCAPTCHA 응답 검증
+	 */
+	private void validateResponse(ReCaptchaResponse response) {
+		if (response == null) {
+			log.error("reCAPTCHA 응답이 null입니다.");
+			throw new ErrorException(CommonErrorCode.RECAPTCHA_VERIFICATION_FAILED);
+		}
+
+		if (!response.isSuccess()) {
+			log.warn("reCAPTCHA 검증 실패: {}", response.getErrorCodes());
+			throw new ErrorException(CommonErrorCode.RECAPTCHA_VERIFICATION_FAILED);
+		}
+
+		if (response.getScore() == null || response.getScore() < MINIMUM_SCORE) {
+			log.warn("reCAPTCHA 점수가 너무 낮습니다: {} (최소: {})", response.getScore(), MINIMUM_SCORE);
+			throw new ErrorException(CommonErrorCode.RECAPTCHA_SCORE_TOO_LOW);
+		}
+
+		log.info("reCAPTCHA 검증 성공: score={}, action={}", response.getScore(), response.getAction());
+	}
+}
diff --git a/backend/src/main/resources/application-dev.yml b/backend/src/main/resources/application-dev.yml
@@ -19,4 +19,9 @@ cookie:
 sms:
   test:
     enabled: true        # 고정 인증번호 활성화
-    fixed-code: "123456" # HTTP 파일에서 123456 사용
+    fixed-code: "123456" # HTTP 파일에서 123456 사용
+
+# reCAPTCHA
+google:
+  captcha:
+    secret-key: ${RECAPTCHA_SECRET_KEY}
diff --git a/backend/src/main/resources/application-prod.yml b/backend/src/main/resources/application-prod.yml
@@ -115,4 +115,9 @@ cloud:
       bucket: ${S3_BUCKET_NAME}
     presigned:
       put-expire-minutes: 5
-      get-expire-minutes: 10
+      get-expire-minutes: 10
+
+# reCAPTCHA
+google:
+  captcha:
+    secret-key: ${RECAPTCHA_SECRET_KEY}
diff --git a/backend/src/main/resources/application-test.yml b/backend/src/main/resources/application-test.yml
@@ -46,4 +46,9 @@ cloud:
       bucket: test-waitfair-bucket
     presigned:
       put-expire-minutes: 5
-      get-expire-minutes: 10
+      get-expire-minutes: 10
+
+# reCAPTCHA
+google:
+  captcha:
+    secret-key: ${RECAPTCHA_SECRET_KEY}
diff --git a/backend/src/main/resources/application.yml b/backend/src/main/resources/application.yml
@@ -79,6 +79,7 @@ custom:
       - "X-Requested-With"
       - "Cache-Control"
       - "Pragma"
+      - "X-Recaptcha-Token"
 
   jwt:
     secret: ${JWT_SECRET}
@@ -157,4 +158,7 @@ cloud:
       put-expire-minutes: 5
       get-expire-minutes: 10
 
-
+# reCAPTCHA
+google:
+  captcha:
+    secret-key: ${RECAPTCHA_SECRET_KEY}
diff --git a/backend/src/test/java/com/back/api/event/service/EventServiceTest.java b/backend/src/test/java/com/back/api/event/service/EventServiceTest.java
@@ -336,7 +336,7 @@ void updateEventSuccess() {
 				preCloseAt,
 				ticketOpenAt,
 				ticketCloseAt,
-			now.plusDays(35),
+				now.plusDays(35),
 				200,
 				EventStatus.PRE_OPEN
 			);
@@ -529,7 +529,7 @@ void updateEventFailWhenDuplicateWithOtherEvent() {
 				preCloseAt,
 				ticketOpenAt, // 첫 번째 이벤트와 동일한 ticketOpenAt
 				ticketCloseAt,
-			now.plusDays(35),
+				now.plusDays(35),
 				200,
 				EventStatus.PRE_OPEN
 			);
@@ -574,7 +574,7 @@ void updateEventSuccessWhenSameInfoForSelf() {
 				preCloseAt,
 				ticketOpenAt, // 동일한 ticketOpenAt
 				ticketCloseAt,
-			now.plusDays(35),
+				now.plusDays(35),
 				200,
 				EventStatus.PRE_OPEN
 			);
diff --git a/backend/src/test/java/com/back/api/preregister/controller/PreRegisterControllerTest.java b/backend/src/test/java/com/back/api/preregister/controller/PreRegisterControllerTest.java
diff --git a/backend/src/test/java/com/back/api/preregister/service/PreRegisterServiceTest.java b/backend/src/test/java/com/back/api/preregister/service/PreRegisterServiceTest.java
diff --git a/backend/src/test/java/com/back/global/recaptcha/service/ReCaptchaServiceTest.java b/backend/src/test/java/com/back/global/recaptcha/service/ReCaptchaServiceTest.java
diff --git a/backend/test-recaptcha-token-generator.html b/backend/test-recaptcha-token-generator.html
