feat: GraphQL 예외 처리 표준 적용 (#8)

* feat: GraphQL 예외 처리 표준 적용 (sealed LoopException + @ControllerAdvice 핸들러)

VO의 require() → InvalidInputException, Service의 범용 예외를 도메인 예외로 교체하고
@ControllerAdvice 핸들러로 예외 → GraphQL ErrorType 매핑을 구현하여
클라이언트가 BAD_REQUEST, NOT_FOUND 등을 구분할 수 있도록 개선

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* docs: SpectaQL 문서 대상에 auth API 스키마 추가

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

Author: robinjoon

docs/plan/graphql-error-handling/checklist.md

@@ -0,0 +1,8 @@
+# GraphQL 예외 처리 표준 적용 검증 체크리스트
+
+## 필수 항목
+- [x] 아키텍처 원칙 준수 (docs/architecture.md 기준)
+- [x] 레이어 의존성 규칙 위반 없음
+- [x] 테스트 코드 작성 완료 (Domain, Application 필수)
+- [x] 모든 테스트 통과
+- [x] 기존 테스트 깨지지 않음

docs/plan/graphql-error-handling/context.md

@@ -0,0 +1,21 @@
+# GraphQL 예외 처리 표준 적용 맥락
+
+## 배경
+현재 auth, common BC의 코드가 `docs/graphql-error-handling.md`에 정의된 예외 처리 표준을 따르지 않음.
+- VO에서 `require()` → `IllegalArgumentException` (클라이언트에 `INTERNAL`로 전달)
+- Service에서 `NoSuchElementException`, `require()` 사용 (역시 `INTERNAL`로 전달)
+- 예외 → GraphQL ErrorType 매핑 핸들러 부재
+
+## 목표
+- sealed `LoopException` 예외 계층 도입
+- 기존 코드의 범용 예외를 도메인 예외로 교체
+- `@ControllerAdvice` 핸들러로 예외 → GraphQL ErrorType 자동 매핑
+
+## 제약조건
+- Domain 순수성 유지 (프레임워크 의존 없음)
+- 기존 테스트 모두 통과
+- Architecture 규칙 준수
+
+## 관련 문서
+- `docs/graphql-error-handling.md`
+- `docs/architecture.md`

docs/plan/graphql-error-handling/plan.md

@@ -0,0 +1,10 @@
+# GraphQL 예외 처리 표준 적용 계획
+
+## 단계
+
+- [x] 1단계: `Exceptions.kt` 생성 (sealed LoopException + 6개 하위 클래스)
+- [x] 2단계: Domain VO 마이그레이션 (MemberId, LoginId, Nickname) + 테스트 업데이트
+- [x] 3단계: AuthService 마이그레이션 + 테스트 업데이트
+- [x] 4단계: AuthorizeArgumentResolver 마이그레이션
+- [x] 5단계: `GraphQlExceptionHandler.kt` 생성
+- [x] 6단계: 전체 테스트 실행 검증

spectaql/config.yml

@@ -3,10 +3,8 @@ spectaql:
 
 introspection:
   schemaFile:
-    - src/main/resources/schema/learning.graphqls
-    # BC별 스키마 추가 시 여기에 경로 추가하고 learning.graphqls는 제거
+    - src/main/resources/schema/auth.graphqls
     # - src/main/resources/schema/task.graphqls
-    # - src/main/resources/schema/auth.graphqls
 
 info:
   title: Loop GraphQL API

src/main/kotlin/kr/io/team/loop/auth/application/service/AuthService.kt

@@ -5,6 +5,9 @@ import kr.io.team.loop.auth.domain.model.LoginId
 import kr.io.team.loop.auth.domain.model.MemberCommand
 import kr.io.team.loop.auth.domain.repository.MemberRepository
 import kr.io.team.loop.common.config.JwtTokenProvider
+import kr.io.team.loop.common.domain.exception.AuthenticationException
+import kr.io.team.loop.common.domain.exception.DuplicateEntityException
+import kr.io.team.loop.common.domain.exception.EntityNotFoundException
 import org.springframework.security.crypto.password.PasswordEncoder
 import org.springframework.stereotype.Service
 import org.springframework.transaction.annotation.Transactional
@@ -17,8 +20,8 @@ class AuthService(
 ) {
     @Transactional
     fun register(command: MemberCommand.Register): AuthTokenDto {
-        require(!memberRepository.existsByLoginId(command.loginId)) {
-            "LoginId already exists: ${command.loginId.value}"
+        if (memberRepository.existsByLoginId(command.loginId)) {
+            throw DuplicateEntityException("LoginId already exists: ${command.loginId.value}")
         }
         val encodedPassword = checkNotNull(passwordEncoder.encode(command.rawPassword))
         val member = memberRepository.save(command, encodedPassword)
@@ -33,9 +36,9 @@ class AuthService(
     ): AuthTokenDto {
         val member =
             memberRepository.findByLoginId(loginId)
-                ?: throw NoSuchElementException("Member not found: ${loginId.value}")
-        require(passwordEncoder.matches(rawPassword, member.password)) {
-            "Password does not match"
+                ?: throw EntityNotFoundException("Member not found: ${loginId.value}")
+        if (!passwordEncoder.matches(rawPassword, member.password)) {
+            throw AuthenticationException("Password does not match")
         }
         val token = jwtTokenProvider.generateToken(member.id.value)
         return AuthTokenDto(accessToken = token)

src/main/kotlin/kr/io/team/loop/auth/domain/model/LoginId.kt

@@ -1,11 +1,13 @@
 package kr.io.team.loop.auth.domain.model
 
+import kr.io.team.loop.common.domain.exception.InvalidInputException
+
 @JvmInline
 value class LoginId(
     val value: String,
 ) {
     init {
-        require(value.isNotBlank()) { "LoginId must not be blank" }
-        require(value.length <= 50) { "LoginId must not exceed 50 characters" }
+        if (value.isBlank()) throw InvalidInputException("LoginId must not be blank")
+        if (value.length > 50) throw InvalidInputException("LoginId must not exceed 50 characters")
     }
 }

src/main/kotlin/kr/io/team/loop/auth/domain/model/Nickname.kt

@@ -1,11 +1,13 @@
 package kr.io.team.loop.auth.domain.model
 
+import kr.io.team.loop.common.domain.exception.InvalidInputException
+
 @JvmInline
 value class Nickname(
     val value: String,
 ) {
     init {
-        require(value.isNotBlank()) { "Nickname must not be blank" }
-        require(value.length <= 30) { "Nickname must not exceed 30 characters" }
+        if (value.isBlank()) throw InvalidInputException("Nickname must not be blank")
+        if (value.length > 30) throw InvalidInputException("Nickname must not exceed 30 characters")
     }
 }

src/main/kotlin/kr/io/team/loop/common/config/AuthorizeArgumentResolver.kt

@@ -3,6 +3,7 @@ package kr.io.team.loop.common.config
 import com.netflix.graphql.dgs.context.DgsContext
 import com.netflix.graphql.dgs.internal.method.ArgumentResolver
 import graphql.schema.DataFetchingEnvironment
+import kr.io.team.loop.common.domain.exception.AuthenticationException
 import org.springframework.core.MethodParameter
 import org.springframework.core.Ordered
 import org.springframework.core.annotation.Order
@@ -28,7 +29,7 @@ class AuthorizeArgumentResolver(
         }
 
         if (authorize.require) {
-            throw IllegalArgumentException("Authentication required")
+            throw AuthenticationException("Authentication required")
         }
         return null
     }

src/main/kotlin/kr/io/team/loop/common/config/GraphQlExceptionHandler.kt

@@ -0,0 +1,78 @@
+package kr.io.team.loop.common.config
+
+import com.netflix.graphql.types.errors.ErrorType
+import graphql.GraphQLError
+import kr.io.team.loop.common.domain.exception.AccessDeniedException
+import kr.io.team.loop.common.domain.exception.AuthenticationException
+import kr.io.team.loop.common.domain.exception.BusinessRuleException
+import kr.io.team.loop.common.domain.exception.DuplicateEntityException
+import kr.io.team.loop.common.domain.exception.EntityNotFoundException
+import kr.io.team.loop.common.domain.exception.InvalidInputException
+import org.slf4j.LoggerFactory
+import org.springframework.graphql.data.method.annotation.GraphQlExceptionHandler
+import org.springframework.web.bind.annotation.ControllerAdvice
+
+@ControllerAdvice
+class GraphQlExceptionHandler {
+    private val log = LoggerFactory.getLogger(javaClass)
+
+    @GraphQlExceptionHandler
+    fun handleInvalidInput(ex: InvalidInputException): GraphQLError {
+        log.warn("[BAD_REQUEST] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.BAD_REQUEST)
+            .message(ex.message)
+            .build()
+    }
+
+    @GraphQlExceptionHandler
+    fun handleEntityNotFound(ex: EntityNotFoundException): GraphQLError {
+        log.warn("[NOT_FOUND] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.NOT_FOUND)
+            .message(ex.message)
+            .build()
+    }
+
+    @GraphQlExceptionHandler
+    fun handleDuplicateEntity(ex: DuplicateEntityException): GraphQLError {
+        log.warn("[FAILED_PRECONDITION] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.FAILED_PRECONDITION)
+            .message(ex.message)
+            .build()
+    }
+
+    @GraphQlExceptionHandler
+    fun handleBusinessRule(ex: BusinessRuleException): GraphQLError {
+        log.warn("[FAILED_PRECONDITION] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.FAILED_PRECONDITION)
+            .message(ex.message)
+            .build()
+    }
+
+    @GraphQlExceptionHandler
+    fun handleAuthentication(ex: AuthenticationException): GraphQLError {
+        log.warn("[UNAUTHENTICATED] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.UNAUTHENTICATED)
+            .message(ex.message)
+            .build()
+    }
+
+    @GraphQlExceptionHandler
+    fun handleAccessDenied(ex: AccessDeniedException): GraphQLError {
+        log.warn("[PERMISSION_DENIED] {}", ex.message, ex)
+        return GraphQLError
+            .newError()
+            .errorType(ErrorType.PERMISSION_DENIED)
+            .message(ex.message)
+            .build()
+    }
+}

src/main/kotlin/kr/io/team/loop/common/domain/MemberId.kt

@@ -1,10 +1,12 @@
 package kr.io.team.loop.common.domain
 
+import kr.io.team.loop.common.domain.exception.InvalidInputException
+
 @JvmInline
 value class MemberId(
     val value: Long,
 ) {
     init {
-        require(value > 0) { "MemberId must be positive" }
+        if (value <= 0) throw InvalidInputException("MemberId must be positive")
     }
 }