custom claim 권한체크 확인

2026-06-11 08:29:25 +09:00
parent 839ca9d407
commit 4d77060b5d
79 changed files with 4268 additions and 670 deletions
--- a/backend/internal/handler/dev_handler_rp_metadata_test.go
+++ b/backend/internal/handler/dev_handler_rp_metadata_test.go
@@ -48,6 +48,18 @@ func TestDevHandler_RPUserMetadataRoundTrip(t *testing.T) {
 							"valueType": "text",
 							"value":     "A",
 						},
+						{
+							"namespace": "rp_claims",
+							"key":       "activeMember",
+							"valueType": "boolean",
+							"value":     "true",
+						},
+						{
+							"namespace": "rp_claims",
+							"key":       "score",
+							"valueType": "number",
+							"value":     "1",
+						},
 					},
 				},
 			}), nil
@@ -60,6 +72,8 @@ func TestDevHandler_RPUserMetadataRoundTrip(t *testing.T) {
 		return row.ClientID == "client-1" &&
 			row.UserID == "user-1" &&
 			row.Metadata["approvalLevel"] == "A" &&
+			row.Metadata["activeMember"] == false &&
+			row.Metadata["score"] == float64(42) &&
 			row.Metadata["approvalLevel_permissions"].(map[string]any)["readPermission"] == "admin_only" &&
 			row.Metadata["approvalLevel_permissions"].(map[string]any)["writePermission"] == "user_and_admin"
 	})).Return(nil).Once()
@@ -87,6 +101,8 @@ func TestDevHandler_RPUserMetadataRoundTrip(t *testing.T) {
 	body, _ := json.Marshal(map[string]any{
 		"metadata": map[string]any{
 			"approvalLevel": "A",
+			"activeMember":  false,
+			"score":         42,
 			"approvalLevel_permissions": map[string]any{
 				"writePermission": "user_and_admin",
 			},
@@ -148,6 +164,7 @@ func TestDevHandler_RPUserMetadataMirrorsToKratosTraits(t *testing.T) {
 	kratos.On("UpdateIdentity", mock.Anything, "user-1", mock.Anything, "active").Run(func(args mock.Arguments) {
 		capturedTraits = args.Get(2).(map[string]any)
 	}).Return(&service.KratosIdentity{ID: "user-1", State: "active", Traits: map[string]any{}}, nil).Once()
+	identityWriter := service.NewIdentityWriteService(kratos, nil)

 	h := &DevHandler{
 		Hydra: &service.HydraAdminService{
@@ -155,6 +172,7 @@ func TestDevHandler_RPUserMetadataMirrorsToKratosTraits(t *testing.T) {
 			HTTPClient: &http.Client{Transport: transport},
 		},
 		KratosAdmin:        kratos,
+		IdentityWriter:     identityWriter,
 		RPUserMetadataRepo: repo,
 	}
 	app := fiber.New()