From 6414d32e4fa72d1b292b4bebd0f83a95cfbf21a5 Mon Sep 17 00:00:00 2001
From: Zoonmy <pjm2571@naver.com>
Date: Tue, 22 Oct 2024 16:47:39 +0900
Subject: [PATCH] =?UTF-8?q?feat:=20cookie=20same=20site=20none=20=EC=84=A4?=
 =?UTF-8?q?=EC=A0=95=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .github/workflows/github-action-server.yaml           |  2 +-
 .../blog/security/handler/LoginSuccessHandler.java    | 11 ++++++++---
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/github-action-server.yaml b/.github/workflows/github-action-server.yaml
index 4ce0efc..8c3fcc0 100644
--- a/.github/workflows/github-action-server.yaml
+++ b/.github/workflows/github-action-server.yaml
@@ -3,7 +3,7 @@ name: Deploy Spring Application to EC2
 # test/dev에 대한 브랜치 push가 수행되었을 때 동작
 on:
   push:
-    branches: [ "dev-be" ]
+    branches: [ "dev-be", "test/dev" ]
 
 # 워크플로우가 저장소의 콘텐츠를 읽을 수 있는 권한을 갖도록 설정
 permissions:
diff --git a/BE/Blog/src/main/java/hyundai/blog/security/handler/LoginSuccessHandler.java b/BE/Blog/src/main/java/hyundai/blog/security/handler/LoginSuccessHandler.java
index 94b6820..03e74ff 100644
--- a/BE/Blog/src/main/java/hyundai/blog/security/handler/LoginSuccessHandler.java
+++ b/BE/Blog/src/main/java/hyundai/blog/security/handler/LoginSuccessHandler.java
@@ -52,15 +52,20 @@ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletRespo
         // 4. JWT 토큰을 쿠키에 저장
         Cookie accessTokenCookie = new Cookie("accessToken", accessToken);
         accessTokenCookie.setHttpOnly(false);
-        accessTokenCookie.setSecure(true);
-        accessTokenCookie.setPath("/");
-        accessTokenCookie.setMaxAge(60 * 60);
+        accessTokenCookie.setSecure(true);   // HTTPS 연결에서만 쿠키가 전송되도록 설정
+        accessTokenCookie.setPath("/");      // 쿠키가 모든 경로에서 유효하도록 설정
+        accessTokenCookie.setMaxAge(60 * 60); // 1시간 동안 유효
 
+        // SameSite=None으로 설정하여 크로스 도메인에서 쿠키가 전송될 수 있도록 설정
+        accessTokenCookie.setAttribute("SameSite", "None");
+
+        // refreshToken도 동일하게 설정
         Cookie refreshTokenCookie = new Cookie("refreshToken", refreshToken);
         refreshTokenCookie.setHttpOnly(true);
         refreshTokenCookie.setSecure(true);
         refreshTokenCookie.setPath("/");
         refreshTokenCookie.setMaxAge(7 * 24 * 60 * 60);
+        refreshTokenCookie.setAttribute("SameSite", "None");
 
         // 5. 응답에 쿠키 추가
         response.addCookie(accessTokenCookie);