fix: resolve OIDC session state issue and synchronize portal sessions

Details: - Backend: Extract Kratos session cookies and propagate via SetCookies in AuthInfo. - Backend: Include sessionJwt and token during OIDC flows in PasswordLogin. - UserFront: Add _silentSessionRecovery in main.dart to recover session via cookies if localStorage token is missing. - UserFront: Update AuthProxyService, AuthTokenStore, AuthNotifier to support silent recovery and immediate local state update before redirect. - AdminFront/DevFront: Fix OIDC authority to point directly to Gateway proxy and add recovery/error UI components.
2026-04-21 14:10:27 +09:00
parent 1024ad17d3
commit 0f79b7635b
12 changed files with 199 additions and 5 deletions
--- a/userfront/lib/core/notifiers/auth_notifier.dart
+++ b/userfront/lib/core/notifiers/auth_notifier.dart
@@ -1,8 +1,15 @@
 import 'package:flutter/foundation.dart';
+import '../services/auth_token_store.dart';

 class AuthNotifier extends ChangeNotifier {
  static final AuthNotifier instance = AuthNotifier();

+  Future<void> onLoginSuccess(String token, {String? provider}) async {
+    AuthTokenStore.setToken(token, provider: provider);
+    AuthTokenStore.clearPendingProvider();
+    notifyListeners();
+  }
+
  void notify() {
    notifyListeners();
  }
--- a/userfront/lib/core/services/auth_proxy_service.dart
+++ b/userfront/lib/core/services/auth_proxy_service.dart
@@ -92,6 +92,32 @@ class AuthProxyService {
    }
  }

+  static Future<Map<String, dynamic>> getMe({String? token, bool useCookie = true}) async {
+    final url = Uri.parse('$_baseUrl/api/v1/user/me');
+    final client = createHttpClient(withCredentials: useCookie);
+    try {
+      final headers = <String, String>{'Content-Type': 'application/json'};
+      if (!useCookie && token != null && token.isNotEmpty) {
+        headers['Authorization'] = 'Bearer $token';
+      }
+      final response = await client.get(
+        url,
+        headers: headers,
+      );
+
+      if (response.statusCode == 200) {
+        return jsonDecode(response.body);
+      }
+      throw _error(
+        'err.userfront.auth_proxy.profile_load',
+        '프로필을 불러오지 못했습니다: {{error}}',
+        detail: response.body,
+      );
+    } finally {
+      client.close();
+    }
+  }
+
  static Future<int> getSessionStatus({
    String? token,
    bool useCookie = false,
--- a/userfront/lib/core/services/auth_token_store.dart
+++ b/userfront/lib/core/services/auth_token_store.dart
@@ -2,6 +2,11 @@ import 'auth_token_store_stub.dart'
    if (dart.library.js_interop) 'auth_token_store_web.dart';

 class AuthTokenStore {
+  static bool hasToken() {
+    final token = getToken();
+    return token != null && token.isNotEmpty;
+  }
+
  static String? getToken() => authTokenStore.getToken();

  static String? getProvider() => authTokenStore.getProvider();