chore: consolidate local integration changes

backend/internal/handler/auth_handler_client_test.go

@@ -28,6 +28,8 @@ func TestRevokeLinkedRp_Success(t *testing.T) {
 		}
 		// 2. Hydra Revoke
 		if r.Method == http.MethodDelete && r.URL.Path == "/oauth2/auth/sessions/consent" {
+			assert.Equal(t, "user-123", r.URL.Query().Get("subject"))
+			assert.Equal(t, "app-1", r.URL.Query().Get("client"))
 			return httpResponse(r, http.StatusNoContent, ""), nil
 		}
 		return httpResponse(r, http.StatusNotFound, "not found"), nil
@@ -40,12 +42,22 @@ func TestRevokeLinkedRp_Success(t *testing.T) {
 
 	auditRepo := &mockAuditRepo{}
 	rpUsageSink := &mockRPUsageEventSink{}
+	consentRepo := &mockConsentRepo{
+		consents: []domain.ClientConsent{
+			{
+				ClientID:      "app-1",
+				Subject:       "user-123",
+				GrantedScopes: []string{"openid", "profile"},
+			},
+		},
+	}
 	h := &AuthHandler{
 		Hydra: &service.HydraAdminService{
 			AdminURL:   "http://hydra.test",
 			HTTPClient: client,
 		},
 		AuditRepo:   auditRepo,
+		ConsentRepo: consentRepo,
 		RPUsageSink: rpUsageSink,
 	}
 	app := fiber.New()
@@ -67,6 +79,9 @@ func TestRevokeLinkedRp_Success(t *testing.T) {
 	assert.Equal(t, domain.RPUsageEventTypeAuthorizationRevoked, rpUsageSink.events[0].EventType)
 	assert.Equal(t, "user-123", rpUsageSink.events[0].Subject)
 	assert.Equal(t, "app-1", rpUsageSink.events[0].ClientID)
+	remaining, err := consentRepo.Find(req.Context(), "app-1", "user-123")
+	assert.NoError(t, err)
+	assert.Nil(t, remaining)
 }
 
 func TestRevokeLinkedRp_SendsBackchannelLogoutTokenWhenConfigured(t *testing.T) {