App 카드 로고 이미지 표시

backend/internal/handler/auth_handler.go

@@ -4602,6 +4602,48 @@ func (h *AuthHandler) ListLinkedRps(c *fiber.Ctx) error {
 		}
 	}
 
+	// Consent session payload may omit metadata fields such as logo_url.
+	// Rehydrate missing display fields from the full Hydra client object.
+	for clientID, record := range records {
+		if record == nil {
+			continue
+		}
+		needsHydraLookup := record.Logo == "" || record.URL == "" || record.InitURL == ""
+		if !needsHydraLookup {
+			continue
+		}
+
+		client, err := h.Hydra.GetClient(c.Context(), clientID)
+		if err != nil {
+			continue
+		}
+
+		if record.Name == "" {
+			name := strings.TrimSpace(client.ClientName)
+			if name == "" {
+				name = client.ClientID
+			}
+			record.Name = name
+		}
+		if record.Logo == "" {
+			record.Logo = extractHydraClientLogo(client.Metadata)
+		}
+		if record.URL == "" {
+			record.URL = resolveLinkedRPURL(
+				client.ClientID,
+				client.ClientURI,
+				client.RedirectURIs,
+			)
+		}
+		if record.InitURL == "" {
+			record.InitURL = resolveLinkedRPInitURL(
+				client.ClientID,
+				record.Scopes,
+				client.RedirectURIs,
+			)
+		}
+	}
+
 	// [New] DB에서 과거 동의 내역 가져와 병합 (비활성 RP 포함)
 	if h.ConsentRepo != nil {
 		for _, subject := range subjects {

backend/internal/handler/auth_handler_linked_test.go

@@ -165,3 +165,88 @@ func TestListLinkedRps_PriorityAndAggregation(t *testing.T) {
 	assert.Equal(t, "1", parsedInitURL.Query().Get("auto"))
 	assert.Equal(t, "/clients", parsedInitURL.Query().Get("returnTo"))
 }
+
+func TestListLinkedRps_EnrichesLogoFromHydraClientWhenConsentSessionOmitsMetadata(t *testing.T) {
+	transport := roundTripFunc(func(r *http.Request) (*http.Response, error) {
+		switch r.URL.Host {
+		case "kratos.test":
+			if r.URL.Path == "/sessions/whoami" {
+				return httpJSONAny(r, http.StatusOK, map[string]interface{}{
+					"identity": map[string]interface{}{
+						"id": "user-123",
+					},
+				}), nil
+			}
+		case "hydra.test":
+			if r.URL.Path == "/oauth2/auth/sessions/consent" {
+				return httpJSONAny(r, http.StatusOK, []map[string]interface{}{
+					{
+						"client": map[string]interface{}{
+							"client_id":   "gitea-client",
+							"client_name": "Gitea",
+							"redirect_uris": []string{
+								"https://gitea.example.com/callback",
+							},
+						},
+						"grant_scope": []string{"openid", "profile"},
+						"handled_at":  time.Now().Format(time.RFC3339),
+					},
+				}), nil
+			}
+			if r.URL.Path == "/clients/gitea-client" {
+				return httpJSONAny(r, http.StatusOK, map[string]interface{}{
+					"client_id":   "gitea-client",
+					"client_name": "Gitea",
+					"redirect_uris": []string{
+						"https://gitea.example.com/callback",
+					},
+					"metadata": map[string]interface{}{
+						"logo_url": "https://cdn.example.com/gitea.svg",
+					},
+				}), nil
+			}
+		}
+		return httpResponse(r, http.StatusNotFound, "not found"), nil
+	})
+
+	client := &http.Client{Transport: transport}
+
+	origDefault := http.DefaultClient
+	http.DefaultClient = client
+	defer func() {
+		http.DefaultClient = origDefault
+	}()
+
+	h := &AuthHandler{
+		Hydra: &service.HydraAdminService{
+			AdminURL:   "http://hydra.test",
+			HTTPClient: client,
+		},
+		KratosAdmin: new(MockKratosAdminService),
+	}
+
+	t.Setenv("KRATOS_PUBLIC_URL", "http://kratos.test")
+	t.Setenv("KRATOS_ADMIN_URL", "http://kratos.test")
+	t.Setenv("HYDRA_PUBLIC_URL", "https://sso.example.com/oidc")
+
+	app := newLinkedRpTestApp(h)
+
+	req := httptest.NewRequest(http.MethodGet, "/api/v1/user/rp/linked", nil)
+	req.Header.Set("Cookie", "ory_kratos_session=valid")
+
+	resp, err := app.Test(req)
+	assert.NoError(t, err)
+	assert.Equal(t, http.StatusOK, resp.StatusCode)
+
+	var res struct {
+		Items []struct {
+			ID   string `json:"id"`
+			Logo string `json:"logo"`
+		} `json:"items"`
+	}
+	json.NewDecoder(resp.Body).Decode(&res)
+
+	assert.Len(t, res.Items, 1)
+	assert.Equal(t, "gitea-client", res.Items[0].ID)
+	assert.Equal(t, "https://cdn.example.com/gitea.svg", res.Items[0].Logo)
+}