Merge pull request #142 from Next-Room/feature/purchase-env

[FEAT] Environment 검증 로직 추가
Next-Room · Nov 1, 2024 · 7e2e197 · 7e2e197
2 parents 118ebcb + 4cbd5dd
commit 7e2e197
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 7 deletions.
diff --git a/src/main/java/com/nextroom/nextRoomServer/dto/SubscriptionDto.java b/src/main/java/com/nextroom/nextRoomServer/dto/SubscriptionDto.java
@@ -35,6 +35,11 @@ public static class PublishedMessage {
         private String packageName;
         private String eventTimeMillis;
         private SubscriptionNotification subscriptionNotification;
+        private TestNotification testNotification;
+
+        public boolean isTestNotification() {
+            return this.testNotification != null;
+        }
     }
 
     @Getter
@@ -45,6 +50,11 @@ public static class SubscriptionNotification {
         private String subscriptionId;
     }
 
+    @Getter
+    public static class TestNotification {
+        private String version;
+    }
+
     @Getter
     public static class SubscriptionInfoResponse {
         private final Long id;

diff --git a/src/main/java/com/nextroom/nextRoomServer/exceptions/StatusCode.java b/src/main/java/com/nextroom/nextRoomServer/exceptions/StatusCode.java
@@ -17,6 +17,8 @@ public enum StatusCode {
     THEME_COUNT_EXCEEDED(HttpStatus.BAD_REQUEST, "테마 생성 최대 개수를 초과하였습니다."),
     UNABLE_TO_SEND_EMAIL(HttpStatus.BAD_REQUEST, "이메일이 전송되지 않았습니다."),
     INVALID_FILE_NAME(HttpStatus.BAD_REQUEST, "파일 이름이 유효하지 않습니다."),
+    ENVIRONMENT_DOES_NOT_MATCH(HttpStatus.BAD_REQUEST, "운영 환경이 일치하지 않습니다."),
+    PACKAGE_NAME_DOES_NOT_MATCH(HttpStatus.BAD_REQUEST, "패키지명이 일치하지 않습니다."),
 
     /**
      * 401 Unauthorized

diff --git a/src/main/java/com/nextroom/nextRoomServer/util/inapp/AndroidPurchaseUtils.java b/src/main/java/com/nextroom/nextRoomServer/util/inapp/AndroidPurchaseUtils.java
@@ -32,15 +32,18 @@
 @Slf4j
 @Component
 public class AndroidPurchaseUtils {
+    private final String profile;
     private final String packageName;
     private final GoogleCredentials credentials;
     private final AndroidPublisher androidPublisher;
     private final ObjectMapper objectMapper;
 
     public AndroidPurchaseUtils(@Value("${iap.google.credentials}") String accountFilePath,
         @Value("${iap.google.packageName}") String packageName,
+        @Value("${spring.config.activate.on-profile}") String profile,
         @Autowired ObjectMapper objectMapper) throws IOException, GeneralSecurityException {
 
+        this.profile = profile;
         this.packageName = packageName;
         this.objectMapper = objectMapper;
 
@@ -116,15 +119,14 @@ public SubscriptionDto.SubscriptionNotification getSubscriptionNotification(Stri
         String decodedData = Base64Decoder.decode(data);
         SubscriptionDto.PublishedMessage publishedMessage = objectMapper.readValue(decodedData,
             SubscriptionDto.PublishedMessage.class);
+        SubscriptionDto.SubscriptionNotification subscriptionNotification = publishedMessage.getSubscriptionNotification();
 
-        log.info("PURCHASE TOKEN AT NOTIFICATION : {}",
-            publishedMessage.getSubscriptionNotification().getPurchaseToken());
+        log.info("PURCHASE TOKEN AT NOTIFICATION : {}", subscriptionNotification.getPurchaseToken());
 
-        if (!this.packageName.equals(publishedMessage.getPackageName())) {
-            throw new CustomException(INTERNAL_SERVER_ERROR);
-        }
+        validateEnvironment(publishedMessage);
+        validatePackageName(publishedMessage);
 
-        return publishedMessage.getSubscriptionNotification();
+        return subscriptionNotification;
     }
 
     private SubscriptionPurchaseV2 getSubscriptionPurchase(String purchaseToken) throws IOException {
@@ -133,11 +135,36 @@ private SubscriptionPurchaseV2 getSubscriptionPurchase(String purchaseToken) thr
             .get(packageName, purchaseToken);
         get.setAccessToken(getAccessToken().getTokenValue());
 
-        return get.execute();
+        SubscriptionPurchaseV2 subscriptionPurchaseV2 = get.execute();
+
+        validateEnvironment(subscriptionPurchaseV2);
+
+        return subscriptionPurchaseV2;
     }
 
     private AccessToken getAccessToken() throws IOException {
         credentials.refreshIfExpired();
         return credentials.getAccessToken();
     }
+
+    private void validateEnvironment(SubscriptionDto.PublishedMessage publishedMessage) {
+        if (("prod".equals(profile) && publishedMessage.isTestNotification())
+                || ("dev".equals(profile) && !publishedMessage.isTestNotification())) {
+            throw new CustomException(ENVIRONMENT_DOES_NOT_MATCH);
+        }
+    }
+
+    private void validateEnvironment(SubscriptionPurchaseV2 subscriptionPurchaseV2) {
+        boolean isTestPurchase = subscriptionPurchaseV2.getTestPurchase() != null;
+
+        if (("prod".equals(profile) && isTestPurchase) || ("dev".equals(profile) && !isTestPurchase)) {
+            throw new CustomException(ENVIRONMENT_DOES_NOT_MATCH);
+        }
+    }
+
+    private void validatePackageName(SubscriptionDto.PublishedMessage publishedMessage) {
+        if (!this.packageName.equals(publishedMessage.getPackageName())) {
+            throw new CustomException(PACKAGE_NAME_DOES_NOT_MATCH);
+        }
+    }
 }