refactor: Java, SpringBoot 버전 업 & JJWT 버전 업 (#702)

* refactor: Spring Boot, Java 및 주요 의존성 버전업, commons-lang3 추가

- SpringBoot 버전업 (-> 3.5.11)
- Java 버전업 (-> 21)
- JJWT 버전업 (-> 0.12.6)
- 기존 EnumUtils deprecate 대응을 위해 org.apache.commons:commons-lang3 의존성 추가

* refactor: JJWT deprecated API를 신규 API로 마이그레이션

* chore: ci/cd 파일 및 도커파일Java 17 → 21, Spring Boot 버전 업 반영

* test: @MockBean, @spybean을 @MockitoBean, @MockitoSpyBean으로 마이그레이션

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: 누락된 변경사항 추가

* refactor: 코드래빗 리뷰사항 적용

- 테스트에서 Token 생성 시, TTL을 30초로 수정
- TTL이 너무 짧으면 테스트가 간헐적으로 꺠질 위험 존재

Author: sukangpunch

.github/workflows/ci.yml

@@ -15,10 +15,10 @@ jobs:
       - name: Checkout the code
         uses: actions/checkout@v4
 
-      - name: Set up JDK 17
+      - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
-          java-version: '17'
+          java-version: '21'
           distribution: 'temurin'
 
       - name: Setup Gradle

.github/workflows/dev-cd.yml

@@ -21,10 +21,10 @@ jobs:
         uses: actions/checkout@v4
 
       # --- Java, Gradle 설정 ---
-      - name: Set up JDK 17
+      - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
-          java-version: '17'
+          java-version: '21'
           distribution: 'temurin'
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v3

.github/workflows/prod-cd.yml

@@ -27,10 +27,10 @@ jobs:
         uses: actions/checkout@v4
 
       # --- Java, Gradle 설정 ---
-      - name: Set up JDK 17
+      - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
-          java-version: '17'
+          java-version: '21'
           distribution: 'temurin'
       - name: Setup Gradle
         uses: gradle/actions/setup-gradle@v3

Dockerfile

@@ -1,5 +1,5 @@
 # JDK 버전 설정
-FROM eclipse-temurin:17-jdk
+FROM eclipse-temurin:21-jdk
 
 # JAR_FILE 변수 정의
 ARG JAR_FILE=./build/libs/solid-connection-0.0.1-SNAPSHOT.jar

build.gradle

@@ -1,15 +1,15 @@
 plugins {
     id 'java'
-    id 'org.springframework.boot' version '3.1.5'
-    id 'io.spring.dependency-management' version '1.1.4'
-    id 'org.flywaydb.flyway' version '9.16.3'
+    id 'org.springframework.boot' version '3.5.11'
+    id 'io.spring.dependency-management' version '1.1.7'
+    id 'org.flywaydb.flyway' version '10.15.0'
 }
 
 group = 'com.example'
 version = '0.0.1-SNAPSHOT'
 
 java {
-    sourceCompatibility = '17'
+    sourceCompatibility = '21'
 }
 
 configurations {
@@ -43,8 +43,9 @@ dependencies {
     // Security
     implementation 'org.springframework.security:spring-security-config'
     implementation 'org.springframework.security:spring-security-web'
-    implementation 'io.jsonwebtoken:jjwt:0.9.1'
-    runtimeOnly 'javax.xml.bind:jaxb-api:2.4.0-b180830.0359' // for jjwt
+    implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
+    runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6'
+    runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
 
     // Monitoring
     implementation 'org.springframework.boot:spring-boot-starter-actuator'
@@ -70,6 +71,7 @@ dependencies {
     implementation 'io.awspring.cloud:spring-cloud-aws-starter-parameter-store:3.0.4'
     implementation 'org.hibernate.validator:hibernate-validator'
     implementation 'org.springframework.boot:spring-boot-starter-websocket'
+    implementation 'org.apache.commons:commons-lang3'
 
     // Database Proxy
     implementation 'net.ttddyy.observation:datasource-micrometer:1.2.0'

claude.md

@@ -7,8 +7,8 @@
 
 Solid Connect Server는 교환학생 준비생을 위해 대학 정보, 멘토 매칭, 모의지원 기능 등을 제공하는 교환학생 지원 통합 플랫폼입니다.
 
-- **언어**: Java 17
-- **프레임워크**: Spring Boot 3.1.5
+- **언어**: Java 21
+- **프레임워크**: Spring Boot 3.5.11
 - **빌드 도구**: Gradle
 - **데이터베이스**: MySQL (주), Redis (캐싱)
 - **마이그레이션**: Flyway

src/main/java/com/example/solidconnection/auth/client/AppleOAuthClient.java

@@ -81,9 +81,10 @@ private MultiValueMap<String, String> buildFormData(String code) {
     private String parseEmailFromToken(PublicKey applePublicKey, String idToken) {
         try {
             return Jwts.parser()
-                    .setSigningKey(applePublicKey)
-                    .parseClaimsJws(idToken)
-                    .getBody()
+                    .verifyWith(applePublicKey)
+                    .build()
+                    .parseSignedClaims(idToken)
+                    .getPayload()
                     .get("email", String.class);
         } catch (Exception e) {
             throw new CustomException(INVALID_APPLE_ID_TOKEN);

src/main/java/com/example/solidconnection/auth/client/AppleOAuthClientSecretProvider.java

@@ -5,16 +5,15 @@
 import com.example.solidconnection.auth.client.config.AppleOAuthClientProperties;
 import com.example.solidconnection.common.exception.CustomException;
 import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
 import jakarta.annotation.PostConstruct;
 import java.security.KeyFactory;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.Base64;
 import java.util.Date;
 import lombok.RequiredArgsConstructor;
-import org.apache.tomcat.util.codec.binary.Base64;
 import org.springframework.stereotype.Component;
 
 /*
@@ -42,20 +41,19 @@ public String generateClientSecret() {
         Date expiration = new Date(now.getTime() + TOKEN_DURATION);
 
         return Jwts.builder()
-                .setHeaderParam("alg", "ES256")
-                .setHeaderParam(KEY_ID_HEADER, appleOAuthClientProperties.keyId())
-                .setSubject(appleOAuthClientProperties.clientId())
-                .setIssuer(appleOAuthClientProperties.teamId())
-                .setAudience(appleOAuthClientProperties.clientSecretAudienceUrl())
-                .setExpiration(expiration)
-                .signWith(SignatureAlgorithm.ES256, privateKey)
+                .header().add(KEY_ID_HEADER, appleOAuthClientProperties.keyId()).and()
+                .subject(appleOAuthClientProperties.clientId())
+                .issuer(appleOAuthClientProperties.teamId())
+                .audience().add(appleOAuthClientProperties.clientSecretAudienceUrl()).and()
+                .expiration(expiration)
+                .signWith(privateKey, Jwts.SIG.ES256)
                 .compact();
     }
 
     private PrivateKey loadPrivateKey() {
         try {
             String secretKey = appleOAuthClientProperties.secretKey();
-            byte[] encoded = Base64.decodeBase64(secretKey);
+            byte[] encoded = Base64.getMimeDecoder().decode(secretKey);
             PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encoded);
             KeyFactory keyFactory = KeyFactory.getInstance("EC");
             return keyFactory.generatePrivate(keySpec);

src/main/java/com/example/solidconnection/auth/token/JwtTokenProvider.java

@@ -7,11 +7,14 @@
 import com.example.solidconnection.auth.token.config.JwtProperties;
 import com.example.solidconnection.common.exception.CustomException;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import java.nio.charset.StandardCharsets;
 import java.time.Duration;
 import java.util.Date;
 import java.util.Map;
+import javax.crypto.SecretKey;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
 
@@ -32,16 +35,18 @@ public String generateToken(Subject subject, Map<String, String> customClaims, D
     }
 
     private String generateJwtTokenValue(String subject, Map<String, String> claims, Duration expireTime) {
-        Claims jwtClaims = Jwts.claims().setSubject(subject);
-        jwtClaims.putAll(claims);
         Date now = new Date();
         Date expiredDate = new Date(now.getTime() + expireTime.toMillis());
-        return Jwts.builder()
-                .setClaims(jwtClaims)
-                .setIssuedAt(now)
-                .setExpiration(expiredDate)
-                .signWith(SignatureAlgorithm.HS512, jwtProperties.secret())
-                .compact();
+        JwtBuilder builder = Jwts.builder()
+                .subject(subject)
+                .issuedAt(now)
+                .expiration(expiredDate);
+        claims.forEach(builder::claim);
+        return builder.signWith(getSigningKey()).compact();
+    }
+
+    private SecretKey getSigningKey() {
+        return Keys.hmacShaKeyFor(jwtProperties.secret().getBytes(StandardCharsets.UTF_8));
     }
 
     @Override
@@ -61,9 +66,10 @@ public <T> T parseClaims(String token, String claimName, Class<T> claimType) {
     private Claims parseJwtClaims(String token) {
         try {
             return Jwts.parser()
-                    .setSigningKey(jwtProperties.secret())
-                    .parseClaimsJws(token)
-                    .getBody();
+                    .verifyWith(getSigningKey())
+                    .build()
+                    .parseSignedClaims(token)
+                    .getPayload();
         } catch (Exception e) {
             throw new CustomException(INVALID_TOKEN);
         }

src/test/java/com/example/solidconnection/admin/service/AdminHostUniversityServiceTest.java

@@ -29,7 +29,7 @@
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.test.mock.mockito.SpyBean;
+import org.springframework.test.context.bean.override.mockito.MockitoSpyBean;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
 
@@ -55,7 +55,7 @@ class AdminHostUniversityServiceTest {
     @Autowired
     private UnivApplyInfoFixtureBuilder univApplyInfoFixtureBuilder;
 
-    @SpyBean
+    @MockitoSpyBean
     private CustomCacheManager cacheManager;
 
     @Nested