refactor: Cookie SameSite None 적용

koddyy · Feb 19, 2024 · 240839e · 240839e
1 parent e9f9bd2
commit 240839e
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/main/java/com/koddy/server/auth/utils/TokenResponseWriter.java b/src/main/java/com/koddy/server/auth/utils/TokenResponseWriter.java
@@ -3,6 +3,7 @@
 import com.koddy.server.auth.domain.model.AuthToken;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.web.server.Cookie;
 import org.springframework.http.ResponseCookie;
 import org.springframework.stereotype.Component;
 
@@ -31,6 +32,7 @@ private void applyAccessToken(final HttpServletResponse response, final String a
     private void applyRefreshToken(final HttpServletResponse response, final String refreshToken) {
         final ResponseCookie cookie = ResponseCookie.from(REFRESH_TOKEN_HEADER, refreshToken)
                 .maxAge(refreshTokenCookieAge)
+                .sameSite(Cookie.SameSite.NONE.attributeValue())
                 .secure(true)
                 .httpOnly(true)
                 .path("/")