kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

권한 동의 거부 api 구현 및 hydra 연동

Browse Source
This commit is contained in:
김용연
2026-02-03 15:03:06 +09:00
parent a6836cad09
commit 4e068f76a7
3 changed files with 85 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
backend/internal/service/hydra_admin_service.go
View File

@@ -377,7 +377,11 @@ type AcceptConsentRequestResponse struct {
RedirectTo string `json:"redirectTo"`
}
func (s *HydraAdminService) GetConsentRequest(ctx context.Context, challenge string) (*domain.HydraConsentRequest, error) {
type RejectConsentRequestResponse struct {
RedirectTo string `json:"redirectTo"`
}
func (s *HydraAdminService) GetConsentRequest(ctx context.Context, challenge string) (*HydraConsentRequest, error) {
params := map[string]string{
"consent_challenge": challenge,
}
@@ -410,6 +414,48 @@ func (s *HydraAdminService) GetConsentRequest(ctx context.Context, challenge str
return &consentReq, nil
}
func (s *HydraAdminService) RejectConsentRequest(ctx context.Context, challenge string) (*RejectConsentRequestResponse, error) {
params := map[string]string{
"consent_challenge": challenge,
}
endpoint, err := s.buildURLWithParams("/oauth2/auth/requests/consent/reject", params)
if err != nil {
return nil, err
}
payload := map[string]interface{}{
"error": "access_denied",
"error_description": "The user decided to reject the consent request.",
}
body, _ := json.Marshal(payload)
req, err := http.NewRequestWithContext(ctx, "PUT", endpoint, bytes.NewReader(body))
if err != nil {
return nil, fmt.Errorf("hydra admin: create request for reject consent failed: %w", err)
}
req.Header.Set("Content-Type", "application/json")
resp, err := s.httpClient().Do(req)
if err != nil {
return nil, fmt.Errorf("hydra admin: reject consent request failed: %w", err)
}
defer resp.Body.Close()
respBody, _ := io.ReadAll(resp.Body)
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("hydra admin: reject consent failed status=%d body=%s", resp.StatusCode, string(respBody))
}
var hydraResp struct {
RedirectTo string `json:"redirect_to"`
}
if err := json.Unmarshal(respBody, &hydraResp); err != nil {
return nil, fmt.Errorf("hydra admin: decode reject consent response failed: %w", err)
}
return &RejectConsentRequestResponse{RedirectTo: hydraResp.RedirectTo}, nil
}
func (s *HydraAdminService) GetLoginRequest(ctx context.Context, challenge string) (*HydraLoginRequest, error) {
params := map[string]string{
"login_challenge": challenge,