삭제된 사용자 RP 관계 정리

2026-05-28 09:50:15 +09:00
parent f8d0cf411a
commit 041b0724be
7 changed files with 434 additions and 25 deletions
--- a/backend/internal/handler/dev_handler_test.go
+++ b/backend/internal/handler/dev_handler_test.go
@@ -155,6 +155,14 @@ func (m *devMockKetoOutboxRepository) FindPending(ctx context.Context, limit int
 	return args.Get(0).([]domain.KetoOutbox), args.Error(1)
 }

+func (m *devMockKetoOutboxRepository) ListCurrentBySubject(ctx context.Context, namespace, subject string) ([]domain.KetoOutbox, error) {
+	args := m.Called(ctx, namespace, subject)
+	if args.Get(0) == nil {
+		return nil, args.Error(1)
+	}
+	return args.Get(0).([]domain.KetoOutbox), args.Error(1)
+}
+
 func (m *devMockKetoOutboxRepository) UpdateStatus(ctx context.Context, id string, status string, retryCount int, lastError string) error {
 	return m.Called(ctx, id, status, retryCount, lastError).Error(0)
 }
@@ -678,13 +686,13 @@ func TestUpdateClient_AuditDetailsIncludeGeneralSettingChanges(t *testing.T) {
 				"scope":                      "openid profile email",
 				"token_endpoint_auth_method": "client_secret_basic",
 				"metadata": map[string]any{
-					"status":                     "active",
-					"tenant_id":                  "tenant-1",
-					"tenant_access_restricted":    false,
-					"allowed_tenants":             []any{},
-					"id_token_claims":             []any{},
-					"headless_login_enabled":      false,
-					"headless_jwks_uri":           "",
+					"status":                              "active",
+					"tenant_id":                           "tenant-1",
+					"tenant_access_restricted":            false,
+					"allowed_tenants":                     []any{},
+					"id_token_claims":                     []any{},
+					"headless_login_enabled":              false,
+					"headless_jwks_uri":                   "",
 					"headless_token_endpoint_auth_method": "",
 				},
 			}), nil
@@ -701,13 +709,13 @@ func TestUpdateClient_AuditDetailsIncludeGeneralSettingChanges(t *testing.T) {
 				"scope":                      "openid profile email tenant",
 				"token_endpoint_auth_method": "private_key_jwt",
 				"metadata": map[string]any{
-					"status":                     "active",
-					"tenant_id":                  "tenant-1",
-					"tenant_access_restricted":    true,
-					"allowed_tenants":             []any{"tenant-1", "tenant-2"},
-					"id_token_claims":             []any{map[string]any{"namespace": "top_level", "key": "locale", "valueType": "text", "value": "ko-KR"}},
-					"headless_login_enabled":      true,
-					"headless_jwks_uri":           "https://rp.example.com/jwks.json",
+					"status":                              "active",
+					"tenant_id":                           "tenant-1",
+					"tenant_access_restricted":            true,
+					"allowed_tenants":                     []any{"tenant-1", "tenant-2"},
+					"id_token_claims":                     []any{map[string]any{"namespace": "top_level", "key": "locale", "valueType": "text", "value": "ko-KR"}},
+					"headless_login_enabled":              true,
+					"headless_jwks_uri":                   "https://rp.example.com/jwks.json",
 					"headless_token_endpoint_auth_method": "private_key_jwt",
 				},
 			}), nil
@@ -738,7 +746,7 @@ func TestUpdateClient_AuditDetailsIncludeGeneralSettingChanges(t *testing.T) {
 	app.Put("/api/v1/dev/clients/:id", h.UpdateClient)

 	body, _ := json.Marshal(map[string]any{
-		"name": "App One Updated",
+		"name":   "App One Updated",
 		"scopes": []string{"openid", "profile", "email", "tenant"},
 		"metadata": map[string]any{
 			"tenant_access_restricted": true,
@@ -751,15 +759,15 @@ func TestUpdateClient_AuditDetailsIncludeGeneralSettingChanges(t *testing.T) {
 					"value":     "ko-KR",
 				},
 			},
-			"headless_login_enabled":               true,
-			"headless_jwks_uri":                    "https://rp.example.com/jwks.json",
-			"headless_token_endpoint_auth_method":   "private_key_jwt",
-			"backchannel_logout_uri":               "https://rp.example.com/logout",
-			"backchannel_logout_session_required":  true,
+			"headless_login_enabled":              true,
+			"headless_jwks_uri":                   "https://rp.example.com/jwks.json",
+			"headless_token_endpoint_auth_method": "private_key_jwt",
+			"backchannel_logout_uri":              "https://rp.example.com/logout",
+			"backchannel_logout_session_required": true,
 		},
-		"tokenEndpointAuthMethod": "private_key_jwt",
-		"jwksUri":                 "https://rp.example.com/jwks.json",
-		"backchannelLogoutUri":    "https://rp.example.com/logout",
+		"tokenEndpointAuthMethod":          "private_key_jwt",
+		"jwksUri":                          "https://rp.example.com/jwks.json",
+		"backchannelLogoutUri":             "https://rp.example.com/logout",
 		"backchannelLogoutSessionRequired": true,
 	})
 	req := httptest.NewRequest(http.MethodPut, "/api/v1/dev/clients/client-1", bytes.NewReader(body))