Apply stashed changes after rebase

backend/internal/handler/auth_handler.go

@@ -3304,7 +3304,7 @@ func (h *AuthHandler) ListLinkedRps(c *fiber.Ctx) error {
 					Name:   name,
 					Logo:   extractHydraClientLogo(client.Metadata),
 					URL:    clientURL,
-					Status: hydraClientStatus(client.Metadata),
+					Status: "active", // Hydra 세션이 있으면 활성
 					Scopes: scopes,
 				},
 				lastAuth: lastAuth,
@@ -3327,6 +3327,65 @@ func (h *AuthHandler) ListLinkedRps(c *fiber.Ctx) error {
 		}
 	}
 
+	// [New] DB에서 과거 동의 내역 가져와 병합 (비활성 RP 포함)
+	if h.ConsentRepo != nil {
+		for _, subject := range subjects {
+			dbConsents, err := h.ConsentRepo.ListBySubject(c.Context(), subject)
+			if err != nil {
+				slog.Error("failed to list db consents for subject", "subject", subject, "error", err)
+				continue
+			}
+
+			for _, dc := range dbConsents {
+				if _, exists := records[dc.ClientID]; exists {
+					// 이미 Hydra 세션으로 존재하면 skip (active 우선)
+					continue
+				}
+
+				// Hydra에서 클라이언트 정보 조회 (메타데이터용)
+				client, err := h.Hydra.GetClient(c.Context(), dc.ClientID)
+				if err != nil {
+					slog.Error("failed to get client info from hydra for inactive rp", "client_id", dc.ClientID, "error", err)
+					// Hydra에 정보가 없더라도 기본 정보로 추가
+					records[dc.ClientID] = &linkedRpRecord{
+						linkedRpSummary: linkedRpSummary{
+							ID:     dc.ClientID,
+							Name:   dc.ClientID,
+							Status: "inactive",
+							Scopes: dc.GrantedScopes,
+						},
+						lastAuth: dc.UpdatedAt,
+					}
+					continue
+				}
+
+				name := strings.TrimSpace(client.ClientName)
+				if name == "" {
+					name = client.ClientID
+				}
+
+				clientURL := strings.TrimSpace(client.ClientURI)
+				if clientURL == "" && len(client.RedirectURIs) > 0 {
+					if parsed, err := url.Parse(client.RedirectURIs[0]); err == nil {
+						clientURL = fmt.Sprintf("%s://%s", parsed.Scheme, parsed.Host)
+					}
+				}
+
+				records[dc.ClientID] = &linkedRpRecord{
+					linkedRpSummary: linkedRpSummary{
+						ID:     dc.ClientID,
+						Name:   name,
+						Logo:   extractHydraClientLogo(client.Metadata),
+						URL:    clientURL,
+						Status: "inactive",
+						Scopes: dc.GrantedScopes,
+					},
+					lastAuth: dc.UpdatedAt,
+				}
+			}
+		}
+	}
+
 	ordered := make([]*linkedRpRecord, 0, len(records))
 	for _, record := range records {
 		ordered = append(ordered, record)
@@ -3336,7 +3395,10 @@ func (h *AuthHandler) ListLinkedRps(c *fiber.Ctx) error {
 	})
 
 	items := make([]linkedRpSummary, 0, len(ordered))
-	for _, record := range ordered {
+	for i, record := range ordered {
+		if i >= 100 {
+			break
+		}
 		if !record.lastAuth.IsZero() {
 			record.LastAuthenticatedAt = record.lastAuth.Format(time.RFC3339)
 		}

backend/internal/repository/client_consent_repository.go

@@ -12,6 +12,7 @@ type ClientConsentRepository interface {
 	Delete(ctx context.Context, subject, clientID string) error
 	List(ctx context.Context, clientID string, limit, offset int) ([]domain.ClientConsentWithTenantInfo, int64, error)
 	ListByTenant(ctx context.Context, clientID, tenantID string, limit, offset int) ([]domain.ClientConsentWithTenantInfo, int64, error)
+	ListBySubject(ctx context.Context, subject string) ([]domain.ClientConsent, error)
 }
 
 type clientConsentRepo struct {
@@ -90,3 +91,12 @@ func (r *clientConsentRepo) ListByTenant(ctx context.Context, clientID, tenantID
 
 	return consents, total, err
 }
+
+func (r *clientConsentRepo) ListBySubject(ctx context.Context, subject string) ([]domain.ClientConsent, error) {
+	var consents []domain.ClientConsent
+	err := r.db.WithContext(ctx).
+		Where("subject = ?", subject).
+		Order("updated_at DESC").
+		Find(&consents).Error
+	return consents, err
+}

backend/internal/service/federation_service.go

@@ -8,7 +8,6 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/coreos/go-oidc/v3/oidc"
 	"golang.org/x/oauth2"
 )