Merge pull request #82 from Lets-Gu/sql

dd

Author: Juhye0k

src/main/java/avengers/lion/mission/service/CallbackService.java

@@ -56,6 +56,12 @@ public void verifySignatureOrThrow(String jobId, FastApiCallbackRequest request,
             String requestJson = objectMapper.writeValueAsString(request);
             String payload = jobId + requestJson;
 
+            // 디버깅 로그 추가
+            log.info("HMAC Verification - JobId: {}", jobId);
+            log.info("HMAC Verification - Request JSON: {}", requestJson);
+            log.info("HMAC Verification - Payload: {}", payload);
+            log.info("HMAC Verification - Received Signature: {}", signature);
+
             // HMAC-SHA256 서명 생성
             Mac mac = Mac.getInstance("HmacSHA256");
             SecretKeySpec signingKey = new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
@@ -64,8 +70,11 @@ public void verifySignatureOrThrow(String jobId, FastApiCallbackRequest request,
             byte[] rawHmac = mac.doFinal(payload.getBytes(StandardCharsets.UTF_8));
             String expectedSignature = HexFormat.of().formatHex(rawHmac);
 
+            log.info("HMAC Verification - Expected Signature: {}", expectedSignature);
+
             // 서명 비교 (타이밍 공격 방지)
             if (!constantTimeEquals(signature, expectedSignature)) {
+                log.error("HMAC signature mismatch - Expected: {}, Received: {}", expectedSignature, signature);
                 throw new BusinessException(ExceptionType.FAST_API_DENIED);
             }