common auth/session bootstrap과 renew policy 공용화

adminfront/src/lib/auth.ts

@@ -1,31 +1,23 @@
 import { UserManager, WebStorageStateStore } from "oidc-client-ts";
 import type { AuthProviderProps } from "react-oidc-context";
 import {
-  buildAdminAuthRedirectUris,
-  resolveAdminPublicOrigin,
-} from "./authConfig";
+  buildCommonOidcRuntimeConfig,
+  buildCommonUserManagerSettings,
+} from "../../../common/core/auth";
+import { resolveAdminPublicOrigin } from "./authConfig";
 
 const adminPublicOrigin = resolveAdminPublicOrigin(
   import.meta.env.VITE_ADMIN_PUBLIC_URL,
   window.location.origin,
 );
-const adminRedirectUris = buildAdminAuthRedirectUris(adminPublicOrigin);
 
-export const oidcConfig: AuthProviderProps = {
-  authority: import.meta.env.VITE_OIDC_AUTHORITY || "https://sso.hmac.kr/oidc", // Gateway Proxy URL
-  client_id: import.meta.env.VITE_OIDC_CLIENT_ID || "adminfront",
-  redirect_uri: adminRedirectUris.redirectUri,
-  response_type: "code",
-  scope: "openid offline_access profile email", // offline_access for refresh token
-  post_logout_redirect_uri: adminRedirectUris.postLogoutRedirectUri,
-  popup_redirect_uri: adminRedirectUris.popupRedirectUri,
+export const oidcConfig: AuthProviderProps = buildCommonOidcRuntimeConfig({
+  authority: import.meta.env.VITE_OIDC_AUTHORITY || "https://sso.hmac.kr/oidc",
+  clientId: import.meta.env.VITE_OIDC_CLIENT_ID || "adminfront",
+  origin: adminPublicOrigin,
   userStore: new WebStorageStateStore({ store: window.localStorage }),
-  automaticSilentRenew: false,
-};
-
-export const userManager = new UserManager({
-  ...oidcConfig,
-  authority: oidcConfig.authority || "",
-  client_id: oidcConfig.client_id || "",
-  redirect_uri: oidcConfig.redirect_uri || "",
 });
+
+export const userManager = new UserManager(
+  buildCommonUserManagerSettings(oidcConfig),
+);

adminfront/src/lib/sessionSliding.ts

@@ -1,106 +1,6 @@
-export const SESSION_RENEW_THRESHOLD_MS = 10 * 60 * 1000;
-export const SESSION_RENEW_THROTTLE_MS = 30 * 1000;
-
-type SlidingSessionRenewDecisionParams = {
-  expiresAtSec?: number | null;
-  nowMs: number;
-  isEnabled: boolean;
-  isAuthenticated: boolean;
-  isLoading: boolean;
-  isRenewInFlight: boolean;
-  lastAttemptAtMs: number;
-  thresholdMs?: number;
-  throttleMs?: number;
-};
-
-export function shouldAttemptSlidingSessionRenew({
-  expiresAtSec,
-  nowMs,
-  isEnabled,
-  isAuthenticated,
-  isLoading,
-  isRenewInFlight,
-  lastAttemptAtMs,
-  thresholdMs = SESSION_RENEW_THRESHOLD_MS,
-  throttleMs = SESSION_RENEW_THROTTLE_MS,
-}: SlidingSessionRenewDecisionParams) {
-  if (!isEnabled || !isAuthenticated || isLoading || isRenewInFlight) {
-    return false;
-  }
-
-  if (typeof expiresAtSec !== "number") {
-    console.debug(
-      "[sessionSliding] expiresAtSec is not a number, skipping renew",
-    );
-    return false;
-  }
-
-  const remainingMs = expiresAtSec * 1000 - nowMs;
-  const remainingMin = Math.floor(remainingMs / 1000 / 60);
-
-  if (remainingMs <= 0) {
-    console.debug("[sessionSliding] Session already expired, skipping renew");
-    return false;
-  }
-
-  if (remainingMs > thresholdMs) {
-    return false;
-  }
-
-  if (nowMs - lastAttemptAtMs < throttleMs) {
-    console.debug("[sessionSliding] Throttling renewal attempt");
-    return false;
-  }
-
-  console.info(
-    `[sessionSliding] Attempting sliding session renewal. Remaining: ${remainingMin}m`,
-  );
-  return true;
-}
-
-export function shouldAttemptUnlimitedSessionRenew({
-  expiresAtSec,
-  nowMs,
-  isEnabled,
-  isAuthenticated,
-  isLoading,
-  isRenewInFlight,
-  lastAttemptAtMs,
-  thresholdMs = SESSION_RENEW_THRESHOLD_MS,
-  throttleMs = SESSION_RENEW_THROTTLE_MS,
-}: SlidingSessionRenewDecisionParams) {
-  if (isEnabled || !isAuthenticated || isLoading || isRenewInFlight) {
-    return false;
-  }
-
-  if (typeof expiresAtSec !== "number") {
-    console.debug(
-      "[sessionSliding] expiresAtSec is not a number, skipping unlimited renew",
-    );
-    return false;
-  }
-
-  const remainingMs = expiresAtSec * 1000 - nowMs;
-  const remainingMin = Math.floor(remainingMs / 1000 / 60);
-
-  if (remainingMs <= 0) {
-    console.debug(
-      "[sessionSliding] Session already expired, skipping unlimited renew",
-    );
-    return false;
-  }
-
-  if (remainingMs > thresholdMs) {
-    return false;
-  }
-
-  if (nowMs - lastAttemptAtMs < throttleMs) {
-    console.debug("[sessionSliding] Throttling unlimited renewal attempt");
-    return false;
-  }
-
-  console.info(
-    `[sessionSliding] Attempting unlimited session renewal. Remaining: ${remainingMin}m`,
-  );
-  return true;
-}
+export {
+  DEFAULT_SESSION_RENEW_THROTTLE_MS as SESSION_RENEW_THROTTLE_MS,
+  DEFAULT_SESSION_RENEW_THRESHOLD_MS as SESSION_RENEW_THRESHOLD_MS,
+  shouldAttemptSlidingSessionRenew,
+  shouldAttemptUnlimitedSessionRenew,
+} from "../../../common/core/session";