Add OpenAPI support and enhance JWT error handling

[subsub97]

This pull request introduces improvements to authentication error handling, updates environment variable usage for deployment, and adds Swagger API documentation configuration. The main changes enhance JWT token validation, provide more specific error responses, and improve developer experience with API docs.

Authentication & Error Handling Improvements:

• Refactored JwtAuthenticationFilter to handle expired JWT tokens explicitly, returning an EXPIRED_TOKEN error code and message when a token is expired, and using a generic unauthorized error for other failures. The filter now catches ExpiredJwtException and distinguishes between missing, invalid, and expired tokens.
• Added new error code EXPIRED_TOKEN to the ErrorCode enum, replacing the previous OIDC_PROVIDER_ERROR. This allows for clearer error messaging when tokens expire.
• Expanded the list of excluded paths in JwtAuthenticationFilter to allow unauthenticated access to Swagger and API documentation endpoints, improving developer access to docs.

API Documentation:

• Added a new SwaggerConfig class to configure OpenAPI/Swagger documentation, including JWT bearer authentication setup and ignoring the AuthenticatedMember annotation for documentation generation.

Deployment Configuration:

• Updated the Docker deployment workflow to use the SPRING_PROFILES_ACTIVE environment variable instead of PROFILE for specifying the active Spring profile, aligning with Spring Boot conventions. (.github/workflows/prod-deploy.yml)

Submodule Update:

• Updated the moa-secret submodule to a new commit, potentially updating secrets or configuration for the project.

[github-actions]

Test Results

8 tests   8 ✅  0s ⏱️
1 suites  0 💤
1 files    0 ❌

Results for commit 72932d5.

♻️ This comment has been updated with latest results.

[subsub97]

이것저것 추가하려다가 당장 필요할 거 같은 것만 추가해뒀어

[jeyongsong]

구우웃