custom claim 권한체크 확인

2026-06-11 08:29:25 +09:00
parent 839ca9d407
commit 4d77060b5d
79 changed files with 4268 additions and 670 deletions
--- a/devfront/tests/devfront-clients-lifecycle.spec.ts
+++ b/devfront/tests/devfront-clients-lifecycle.spec.ts
@@ -155,14 +155,21 @@ test.describe("DevFront clients lifecycle", () => {
      .getByLabel(/Claim value type|Claim 값 타입/i)
      .first()
      .selectOption("date");
+    await expect(
+      page.getByRole("columnheader", { name: /Default Value|기본값/i }),
+    ).toBeVisible();
    await page
-      .getByPlaceholder(/Claim 값을 입력하세요|Enter the claim value/i)
+      .getByPlaceholder(/기본값을 입력하세요|Enter the default value/i)
      .first()
      .fill("2026-06-09");
    await page
-      .getByLabel(/읽기 권한|Read permission/i)
+      .getByLabel(/Nullable|Null 허용/i)
      .first()
-      .selectOption("user_and_admin");
+      .click();
+    await page
+      .getByLabel(/Read 사용자 허용|Read user allowed/i)
+      .first()
+      .click();

    await page.getByRole("button", { name: /Claim 추가|Add Claim/i }).click();
    await page
@@ -174,7 +181,7 @@ test.describe("DevFront clients lifecycle", () => {
      .nth(1)
      .selectOption("number");
    await page
-      .getByPlaceholder(/Claim 값을 입력하세요|Enter the claim value/i)
+      .getByPlaceholder(/기본값을 입력하세요|Enter the default value/i)
      .nth(1)
      .fill("2");

@@ -238,6 +245,7 @@ test.describe("DevFront clients lifecycle", () => {
                  key?: string;
                  value?: string;
                  valueType?: string;
+                  nullable?: boolean;
                  readPermission?: string;
                  writePermission?: string;
                }>
@@ -245,6 +253,18 @@ test.describe("DevFront clients lifecycle", () => {
          )?.[0]?.valueType,
      )
      .toBe("date");
+    await expect
+      .poll(
+        () =>
+          (
+            state.clients[0]?.metadata?.id_token_claims as
+              | Array<{
+                  nullable?: boolean;
+                }>
+              | undefined
+          )?.[0]?.nullable,
+      )
+      .toBe(true);
    await expect
      .poll(
        () =>
@@ -313,18 +333,25 @@ test.describe("DevFront clients lifecycle", () => {
      page.getByPlaceholder(/e\.g\. locale|예: locale/i).nth(1),
    ).toHaveValue("tier");
    await expect(
-      page.getByPlaceholder(/Claim 값을 입력하세요|Enter the claim value/i),
+      page.getByPlaceholder(/기본값을 입력하세요|Enter the default value/i),
    ).toHaveCount(2);
    await expect(
      page
-        .getByPlaceholder(/Claim 값을 입력하세요|Enter the claim value/i)
+        .getByPlaceholder(/기본값을 입력하세요|Enter the default value/i)
        .first(),
    ).toHaveValue("2026-06-09");
    await expect(
      page
-        .getByPlaceholder(/Claim 값을 입력하세요|Enter the claim value/i)
+        .getByPlaceholder(/기본값을 입력하세요|Enter the default value/i)
        .nth(1),
    ).toHaveValue("2");
+    await expect(page.getByLabel(/Nullable|Null 허용/i).first()).toBeChecked();
+    await expect(
+      page.getByLabel(/Read 사용자 허용|Read user allowed/i).first(),
+    ).toBeChecked();
+    await expect(
+      page.getByLabel(/Write 사용자 허용|Write user allowed/i).first(),
+    ).not.toBeChecked();
  });

  test("headless login uses jwks uri only and shows cache actions", async ({