Merge pull request #46 from Block-Guard/feat/#41/phone-number-fraud-api

[Feat] 전화번호 사기분석 API

Author: yeonju73

src/main/java/com/blockguard/server/domain/fraud/api/FraudApi.java

@@ -1,10 +1,13 @@
 package com.blockguard.server.domain.fraud.api;
 
 import com.blockguard.server.domain.fraud.application.FraudService;
+import com.blockguard.server.domain.fraud.dto.request.FraudPhoneNumberRequest;
 import com.blockguard.server.domain.fraud.dto.request.FraudUrlRequest;
-import com.blockguard.server.domain.fraud.dto.response.FraudUrlResponse;
+import com.blockguard.server.domain.fraud.dto.response.FraudRiskLevelResponse;
 import com.blockguard.server.global.common.codes.SuccessCode;
 import com.blockguard.server.global.common.response.BaseResponse;
+import com.blockguard.server.global.config.swagger.CustomExceptionDescription;
+import com.blockguard.server.global.config.swagger.SwaggerResponseDescription;
 import io.swagger.v3.oas.annotations.Operation;
 import jakarta.validation.Valid;
 import lombok.AllArgsConstructor;
@@ -21,9 +24,17 @@ public class FraudApi {
 
     @PostMapping("/url")
     @Operation(summary = "입력된 url 사기 분석")
-    public BaseResponse<FraudUrlResponse> fraudUrl(@Valid @RequestBody FraudUrlRequest fraudUrlRequest){
-        FraudUrlResponse fraudUrlResponse = fraudService.checkFraudUrl(fraudUrlRequest);
-        return BaseResponse.of(SuccessCode.CHECK_URL_FRAUD_SUCCESS, fraudUrlResponse);
+    public BaseResponse<FraudRiskLevelResponse> fraudUrl(@Valid @RequestBody FraudUrlRequest fraudUrlRequest){
+        FraudRiskLevelResponse fraudRiskLevelResponse = fraudService.checkFraudUrl(fraudUrlRequest);
+        return BaseResponse.of(SuccessCode.CHECK_URL_FRAUD_SUCCESS, fraudRiskLevelResponse);
+    }
+
+    @PostMapping("/number")
+    @CustomExceptionDescription(SwaggerResponseDescription.CHECK_FRAUD_PHONE_NUMBER_FAIL)
+    @Operation(summary = "입력된 전화번호 사기 분석", description = "전화번호의 입력 형식 상관없음")
+    public BaseResponse<FraudRiskLevelResponse> fraudPhoneNumber(@Valid @RequestBody FraudPhoneNumberRequest fraudPhoneNumberRequest){
+        FraudRiskLevelResponse fraudRiskLevelResponse = fraudService.checkFraudPhoneNumber(fraudPhoneNumberRequest);
+        return BaseResponse.of(SuccessCode.CHECK_PHONE_NUMBER_FRAUD_SUCCESS, fraudRiskLevelResponse);
     }
 
 }

src/main/java/com/blockguard/server/domain/fraud/application/FraudService.java

@@ -2,21 +2,26 @@
 
 import com.blockguard.server.domain.analysis.domain.enums.RiskLevel;
 import com.blockguard.server.domain.fraud.dao.FraudUrlRepository;
+import com.blockguard.server.domain.fraud.dto.request.FraudPhoneNumberRequest;
 import com.blockguard.server.domain.fraud.dto.request.FraudUrlRequest;
-import com.blockguard.server.domain.fraud.dto.response.FraudUrlResponse;
+import com.blockguard.server.domain.fraud.dto.response.FraudRiskLevelResponse;
 import com.blockguard.server.global.common.codes.ErrorCode;
 import com.blockguard.server.global.exception.BusinessExceptionHandler;
 import com.blockguard.server.infra.google.GoogleSafeBrowsingClient;
+import com.blockguard.server.infra.number.FraudNumberClient;
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
+@Slf4j
 @Service
 @AllArgsConstructor
 public class FraudService {
     private final FraudUrlRepository fraudUrlRepository;
     private final GoogleSafeBrowsingClient googleSafeBrowsingService;
+    private final FraudNumberClient fraudNumberClient;
 
-    public FraudUrlResponse checkFraudUrl(FraudUrlRequest fraudUrlRequest) {
+    public FraudRiskLevelResponse checkFraudUrl(FraudUrlRequest fraudUrlRequest) {
         String url = fraudUrlRequest.getUrl();
 
         if (url == null || url.trim().isEmpty()){
@@ -25,21 +30,52 @@ public FraudUrlResponse checkFraudUrl(FraudUrlRequest fraudUrlRequest) {
 
         // 1차: DB 검사
         if(fraudUrlRepository.existsByUrl(url)){
-            return FraudUrlResponse.builder()
+            return FraudRiskLevelResponse.builder()
                     .riskLevel(RiskLevel.Dangers)
                     .build();
         }
 
         // 2차: Google Safe Browsing API 호출
         boolean isSafe = googleSafeBrowsingService.isUrlSafe(url);
         if (!isSafe){
-            return FraudUrlResponse.builder()
+            return FraudRiskLevelResponse.builder()
                     .riskLevel(RiskLevel.Dangers)
                     .build();
         }
 
-        return FraudUrlResponse.builder()
+        return FraudRiskLevelResponse.builder()
                 .riskLevel(RiskLevel.Safety)
                 .build();
     }
+
+    public FraudRiskLevelResponse checkFraudPhoneNumber(FraudPhoneNumberRequest fraudPhoneNumberRequest) {
+        String phoneNumber = fraudPhoneNumberRequest.getPhoneNumber().replaceAll("\\s+", "");
+
+        // 사기 전화번호 조회 api 호출
+        String spamCount = fraudNumberClient.checkSpamNumber(phoneNumber).getSpamCount();
+
+        if (isFraudNumber(spamCount)){
+            return FraudRiskLevelResponse.builder()
+                    .riskLevel(RiskLevel.Dangers)
+                    .build();
+        }
+
+        return FraudRiskLevelResponse.builder()
+                .riskLevel(RiskLevel.Safety)
+                .build();
+    }
+
+    private Boolean isFraudNumber(String spamCount) {
+        try {
+            // spam count 최대 "1000+" 가 나오는 경우 고려
+            String numericPart = spamCount.replaceAll("\\D+", "");
+            if (numericPart.isEmpty()){
+                throw new BusinessExceptionHandler(ErrorCode.FRAUD_NUMBER_SERVER_ERROR);
+            }
+            return Integer.parseInt(numericPart) > 0;
+        } catch (NumberFormatException e) {
+            log.error("Invalid spam count format: {}", spamCount, e);
+            throw new BusinessExceptionHandler(ErrorCode.FRAUD_NUMBER_SERVER_ERROR);
+        }
+    }
 }

src/main/java/com/blockguard/server/domain/fraud/dto/request/FraudPhoneNumberRequest.java

@@ -0,0 +1,14 @@
+package com.blockguard.server.domain.fraud.dto.request;
+
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+@Getter
+@AllArgsConstructor
+public class FraudPhoneNumberRequest {
+    @NotBlank
+    @Size(max = 20)
+    private String phoneNumber;
+}

…fraud/dto/response/FraudUrlResponse.java …dto/response/FraudRiskLevelResponse.javasrc/main/java/com/blockguard/server/domain/fraud/dto/response/FraudUrlResponse.java renamed to src/main/java/com/blockguard/server/domain/fraud/dto/response/FraudRiskLevelResponse.java src/main/java/com/blockguard/server/domain/fraud/dto/response/FraudUrlResponse.java renamed to src/main/java/com/blockguard/server/domain/fraud/dto/response/FraudRiskLevelResponse.java

@@ -6,6 +6,6 @@
 
 @Getter
 @Builder
-public class FraudUrlResponse {
+public class FraudRiskLevelResponse {
     private RiskLevel riskLevel;
 }

src/main/java/com/blockguard/server/global/common/codes/ErrorCode.java

@@ -40,7 +40,8 @@ public enum ErrorCode {
 
     // 5000~ : server error
     INTERNAL_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 5000, "서버 오류가 발생했습니다."),
-    AI_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 5001, "AI 서버와의 통신 오류가 발생했습니다.");
+    AI_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 5001, "AI 서버와의 통신 오류가 발생했습니다."),
+    FRAUD_NUMBER_SERVER_ERROR(HttpStatus.INTERNAL_SERVER_ERROR, 5002, "사기 전화번호 제공 서버와의 통신 오류가 발생했습니다.");
 
     private final HttpStatus status;
     private final int code;

src/main/java/com/blockguard/server/global/config/SecurityConfig.java

@@ -55,7 +55,7 @@ public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Excepti
                         registry
                                 .requestMatchers("/api/auth/**").permitAll()   // 로그인 및 회원가입
                                 .requestMatchers("/api/admin/login").permitAll()   // 관리자 로그인
-                                .requestMatchers("/api/fraud/url", "/api/fraud-analysis").permitAll() // 사기 분석
+                                .requestMatchers("/api/fraud/url", "/api/fraud/number","/api/fraud-analysis").permitAll() // 사기 분석
                                 .requestMatchers("/api/news").permitAll() // 뉴스 조회
                                 .requestMatchers("/actuator/health").permitAll() // 헬스체크 허용
                                 .requestMatchers("/", "/index.html", "/favicon.ico").permitAll()

src/main/java/com/blockguard/server/global/config/swagger/SwaggerResponseDescription.java

@@ -86,10 +86,6 @@ public enum SwaggerResponseDescription {
             ErrorCode.REPORT_ALREADY_IN_PROGRESS
     ))),
 
-    INVALID_TOKEN(new LinkedHashSet<>(Set.of(
-            ErrorCode.INVALID_TOKEN
-    ))),
-
     GET_STEP_INFO_FAIL(new LinkedHashSet<>(Set.of(
             ErrorCode.INVALID_TOKEN,
             ErrorCode.REPORT_NOT_FOUND,
@@ -107,6 +103,14 @@ public enum SwaggerResponseDescription {
             ErrorCode.INVALID_CHECKBOX_COUNT,
             ErrorCode.INVALID_STEP_COMPLETION,
             ErrorCode.REPORT_STEP_ALREADY_COMPLETED
+    ))),
+
+    CHECK_FRAUD_PHONE_NUMBER_FAIL(new LinkedHashSet<>(Set.of(
+            ErrorCode.FRAUD_NUMBER_SERVER_ERROR
+    ))),
+
+    INVALID_TOKEN(new LinkedHashSet<>(Set.of(
+            ErrorCode.INVALID_TOKEN
     )));
 
     private final Set<ErrorCode> errorCodeList;

src/main/java/com/blockguard/server/infra/number/CheckFraudNumberResponse.java

@@ -0,0 +1,43 @@
+package com.blockguard.server.infra.number;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Builder;
+import lombok.Getter;
+
+@Getter
+@Builder
+public class CheckFraudNumberResponse {
+    private DataBlock data;
+    private ApiBlock api;
+
+    @Getter
+    @Builder
+    public static class DataBlock {
+        private String number;
+        private String spam;
+
+        @JsonProperty("spam_count")
+        private String spamCount;
+
+        @JsonProperty("registed_date")
+        private String registedDate;
+
+        @JsonProperty("cyber_crime")
+        private String cyberCrime;
+
+        /** 1=성공, 0=실패, 3: 실패(timeout) */
+        private int success;
+    }
+
+    @Getter
+    @Builder
+    public static class ApiBlock {
+        private boolean success;
+        private int cost;
+        private int ms;
+
+        @JsonProperty("pl_id")
+        private int plId;
+    }
+
+}

src/main/java/com/blockguard/server/infra/number/FraudNumberClient.java

@@ -0,0 +1,71 @@
+package com.blockguard.server.infra.number;
+
+import com.blockguard.server.global.common.codes.ErrorCode;
+import com.blockguard.server.global.exception.BusinessExceptionHandler;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Component;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.client.RestClientException;
+import org.springframework.web.client.RestTemplate;
+
+@Slf4j
+@Component
+@RequiredArgsConstructor
+public class FraudNumberClient {
+    private final RestTemplate restTemplate;
+
+    @Value("${open-api.fraud-number.base-url}")
+    private String apiUrl;
+
+    @Value("${open-api.fraud-number.secret-key}")
+    private String apiKey;
+
+    /**
+     * 주어진 번호에 대해 스팸 여부를 조회합니다.
+     * @param number 전화번호(국제전화, 번호 중간 "-" 허용, "-" 없이 숫자만 이어 붙인 번호 허용)
+     * @return CheckSpamNumberResponse.DataBlock
+     */
+    public CheckFraudNumberResponse.DataBlock checkSpamNumber(String number){
+        HttpHeaders headers = new HttpHeaders();
+        headers.add("CL_AUTH_KEY", apiKey);
+        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+        MultiValueMap<String, Object> body = new LinkedMultiValueMap<>();
+        body.add("number", number);
+
+        HttpEntity<MultiValueMap<String, Object>> request = new HttpEntity<>(body, headers);
+
+        try{
+            ResponseEntity<CheckFraudNumberResponse> response =
+                    restTemplate.postForEntity(
+                            apiUrl,
+                            request,
+                            CheckFraudNumberResponse.class
+                    );
+            if (!response.getStatusCode().is2xxSuccessful() || response.getBody() == null) {
+                log.error("FraudNumber API error: status={}, body={}", response.getStatusCode(), response.getBody());
+                throw new BusinessExceptionHandler(ErrorCode.FRAUD_NUMBER_SERVER_ERROR);
+            }
+
+            CheckFraudNumberResponse.DataBlock data = response.getBody().getData();
+            if (data.getSuccess() != 1) {
+                log.error("SpamNumber API returned success!=1: {}", data);
+                throw new BusinessExceptionHandler(ErrorCode.FRAUD_NUMBER_SERVER_ERROR);
+            }
+            log.info("FraudNumber API Success, getSpamCount: {}", response.getBody().getData().getSpamCount());
+            return data;
+
+        } catch (RestClientException ex){
+            log.error("Failed to call FraudNumber API", ex);
+            throw new BusinessExceptionHandler(ErrorCode.FRAUD_NUMBER_SERVER_ERROR);
+        }
+    }
+
+}