SamProject/sam-api
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: MNG→API 토큰 교환 엔드포인트 추가

Browse Source 
- POST /api/v1/internal/exchange-token 추가
- HMAC-SHA256 서명 기반 서버간 인증
- InternalTokenService: 서명 검증 및 Sanctum 토큰 발급
- ExchangeTokenRequest: 요청 검증 (user_id, tenant_id, exp, signature)
- ApiKeyMiddleware: 내부 통신 경로 화이트리스트 추가
- i18n 메시지 추가 (error.internal.*, message.internal.*)

환경변수 필요: INTERNAL_EXCHANGE_SECRET (MNG와 동일)
This commit is contained in:
권혁성
2025-12-18 14:21:37 +09:00
parent 98645316fc
commit 8b30a555d2
7 changed files with 312 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
app/Http/Requests/Internal/ExchangeTokenRequest.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
namespace App\Http\Requests\Internal;
use Illuminate\Foundation\Http\FormRequest;
/**
* 토큰 교환 요청 검증
*/
class ExchangeTokenRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
'user_id' => ['required', 'integer', 'min:1'],
'tenant_id' => ['required', 'integer', 'min:1'],
'exp' => ['required', 'integer', 'min:1'],
'signature' => ['required', 'string', 'size:64'], // SHA256 hex = 64 chars
];
}
/**
* Get custom messages for validator errors.
*
* @return array<string, string>
*/
public function messages(): array
{
return [
'user_id.required' => __('validation.required', ['attribute' => 'user_id']),
'user_id.integer' => __('validation.integer', ['attribute' => 'user_id']),
'tenant_id.required' => __('validation.required', ['attribute' => 'tenant_id']),
'tenant_id.integer' => __('validation.integer', ['attribute' => 'tenant_id']),
'exp.required' => __('validation.required', ['attribute' => 'exp']),
'exp.integer' => __('validation.integer', ['attribute' => 'exp']),
'signature.required' => __('validation.required', ['attribute' => 'signature']),
'signature.size' => __('validation.size.string', ['attribute' => 'signature', 'size' => 64]),
];
}
}