Merge remote-tracking branch 'origin/main' into dev/mypage

backend/internal/domain/auth_models.go

@@ -78,3 +78,14 @@ type UpdateUserRequest struct {
 	Department       string `json:"department"`
 	VerificationCode string `json:"verificationCode,omitempty"` // For phone change
 }
+
+// PasswordResetInitiateRequest is the request body for initiating a password reset.
+type PasswordResetInitiateRequest struct {
+	LoginID string `json:"loginId"`
+}
+
+// PasswordResetCompleteRequest is the request body for completing a password reset.
+type PasswordResetCompleteRequest struct {
+	LoginID     string `json:"loginId"`
+	NewPassword string `json:"newPassword"`
+}

backend/internal/domain/idp_models.go

@@ -1,5 +1,10 @@
 package domain
 
+import (
+	"net/http"
+	"time"
+)
+
 // BrokerUser is the standard user model used within Baron SSO business logic.
 // It defines the canonical set of fields that must be supported by any underlying IDP.
 type BrokerUser struct {
@@ -19,10 +24,25 @@ type IDPMetadata struct {
 	SupportedFields []string
 }
 
+// Token represents a session or refresh token.
+type Token struct {
+	JWT        string
+	Expiration time.Time
+}
+
+// AuthInfo contains authentication information after a successful login.
+type AuthInfo struct {
+	SessionToken *Token
+	RefreshToken *Token
+}
+
 // IdentityProvider is the interface that all IDP adapters must implement.
 type IdentityProvider interface {
 	Name() string
 	// GetMetadata returns the schema support information for this IDP.
 	// This is used for startup-time validation.
 	GetMetadata() (*IDPMetadata, error)
+	InitiatePasswordReset(loginID, redirectUrl string) error
+	VerifyPasswordResetToken(token string) (*AuthInfo, error)
+	UpdateUserPassword(loginID, newPassword string, r *http.Request) error
 }