common auth/session bootstrap과 renew policy 공용화

devfront/src/lib/auth.ts

@@ -1,32 +1,23 @@
 import { UserManager, WebStorageStateStore } from "oidc-client-ts";
 import type { AuthProviderProps } from "react-oidc-context";
 import {
-  buildDevFrontAuthRedirectUris,
-  resolveDevFrontPublicOrigin,
-} from "./authConfig";
+  buildCommonOidcRuntimeConfig,
+  buildCommonUserManagerSettings,
+} from "../../../common/core/auth";
+import { resolveDevFrontPublicOrigin } from "./authConfig";
 
 const devFrontPublicOrigin = resolveDevFrontPublicOrigin(
   import.meta.env.VITE_DEVFRONT_PUBLIC_URL,
   window.location.origin,
 );
-const devFrontRedirectUris =
-  buildDevFrontAuthRedirectUris(devFrontPublicOrigin);
 
-export const oidcConfig: AuthProviderProps = {
-  authority: import.meta.env.VITE_OIDC_AUTHORITY || "https://sso.hmac.kr/oidc", // Gateway Proxy URL
-  client_id: import.meta.env.VITE_OIDC_CLIENT_ID || "devfront",
-  redirect_uri: devFrontRedirectUris.redirectUri,
-  response_type: "code",
-  scope: "openid offline_access profile email", // offline_access for refresh token
-  post_logout_redirect_uri: devFrontRedirectUris.postLogoutRedirectUri,
-  popup_redirect_uri: devFrontRedirectUris.popupRedirectUri,
+export const oidcConfig: AuthProviderProps = buildCommonOidcRuntimeConfig({
+  authority: import.meta.env.VITE_OIDC_AUTHORITY || "https://sso.hmac.kr/oidc",
+  clientId: import.meta.env.VITE_OIDC_CLIENT_ID || "devfront",
+  origin: devFrontPublicOrigin,
   userStore: new WebStorageStateStore({ store: window.localStorage }),
-  automaticSilentRenew: false,
-};
-
-export const userManager = new UserManager({
-  ...oidcConfig,
-  authority: oidcConfig.authority || "",
-  client_id: oidcConfig.client_id || "",
-  redirect_uri: oidcConfig.redirect_uri || "",
 });
+
+export const userManager = new UserManager(
+  buildCommonUserManagerSettings(oidcConfig),
+);

devfront/src/lib/sessionSliding.ts

@@ -1,76 +1,6 @@
-export const SESSION_RENEW_THRESHOLD_MS = 10 * 60 * 1000;
-export const SESSION_RENEW_THROTTLE_MS = 30 * 1000;
-
-type SlidingSessionRenewDecisionParams = {
-  expiresAtSec?: number | null;
-  nowMs: number;
-  isEnabled: boolean;
-  isAuthenticated: boolean;
-  isLoading: boolean;
-  isRenewInFlight: boolean;
-  lastAttemptAtMs: number;
-  thresholdMs?: number;
-  throttleMs?: number;
-};
-
-export function shouldAttemptSlidingSessionRenew({
-  expiresAtSec,
-  nowMs,
-  isEnabled,
-  isAuthenticated,
-  isLoading,
-  isRenewInFlight,
-  lastAttemptAtMs,
-  thresholdMs = SESSION_RENEW_THRESHOLD_MS,
-  throttleMs = SESSION_RENEW_THROTTLE_MS,
-}: SlidingSessionRenewDecisionParams) {
-  if (!isEnabled || !isAuthenticated || isLoading || isRenewInFlight) {
-    return false;
-  }
-
-  if (typeof expiresAtSec !== "number") {
-    return false;
-  }
-
-  const remainingMs = expiresAtSec * 1000 - nowMs;
-  if (remainingMs <= 0 || remainingMs > thresholdMs) {
-    return false;
-  }
-
-  if (nowMs - lastAttemptAtMs < throttleMs) {
-    return false;
-  }
-
-  return true;
-}
-
-export function shouldAttemptUnlimitedSessionRenew({
-  expiresAtSec,
-  nowMs,
-  isEnabled,
-  isAuthenticated,
-  isLoading,
-  isRenewInFlight,
-  lastAttemptAtMs,
-  thresholdMs = SESSION_RENEW_THRESHOLD_MS,
-  throttleMs = SESSION_RENEW_THROTTLE_MS,
-}: SlidingSessionRenewDecisionParams) {
-  if (isEnabled || !isAuthenticated || isLoading || isRenewInFlight) {
-    return false;
-  }
-
-  if (typeof expiresAtSec !== "number") {
-    return false;
-  }
-
-  const remainingMs = expiresAtSec * 1000 - nowMs;
-  if (remainingMs <= 0 || remainingMs > thresholdMs) {
-    return false;
-  }
-
-  if (nowMs - lastAttemptAtMs < throttleMs) {
-    return false;
-  }
-
-  return true;
-}
+export {
+  DEFAULT_SESSION_RENEW_THROTTLE_MS as SESSION_RENEW_THROTTLE_MS,
+  DEFAULT_SESSION_RENEW_THRESHOLD_MS as SESSION_RENEW_THRESHOLD_MS,
+  shouldAttemptSlidingSessionRenew,
+  shouldAttemptUnlimitedSessionRenew,
+} from "../../../common/core/session";