fix: SSO 팝업 로그인 시 postMessage 흐름 보장 및 콜백 페이지 팝업 대응 #243

2026-02-11 15:41:27 +09:00
parent 6c7e80eb3e
commit 50209a1506
3 changed files with 24 additions and 10 deletions
--- a/adminfront/src/features/auth/AuthCallbackPage.tsx
+++ b/adminfront/src/features/auth/AuthCallbackPage.tsx
@@ -10,8 +10,15 @@ function AuthCallbackPage() {
    const token = searchParams.get("token");
    if (token) {
      window.localStorage.setItem("admin_session", token);
-      // Redirect to home after a short delay or immediately
-      navigate("/", { replace: true });
+      
+      // 만약 팝업창에서 실행 중이라면 부모 창에 알리고 닫기
+      if (window.opener) {
+        window.opener.postMessage({ type: "LOGIN_SUCCESS", token }, "*");
+        window.close();
+      } else {
+        // 일반 리다이렉트 방식인 경우 홈으로 이동
+        navigate("/", { replace: true });
+      }
    } else {
      console.error("No token found in callback URL");
      navigate("/login", { replace: true });
--- a/adminfront/src/features/auth/LoginPage.tsx
+++ b/adminfront/src/features/auth/LoginPage.tsx
@@ -32,7 +32,11 @@ function LoginPage() {
  const handleSSOLogin = (mode: "popup" | "redirect" = "popup") => {
    const userfrontUrl = import.meta.env.USERFRONT_URL || "https://sso.hmac.kr";
    const callbackUrl = `${window.location.origin}/auth/callback`;
-    const loginUrl = `${userfrontUrl}/signin?source=adminfront&redirect_uri=${encodeURIComponent(callbackUrl)}`;
+    
+    // 팝업 방식일 때는 redirect_uri를 보내지 않아야 postMessage 로직이 작동함
+    const loginUrl = mode === "redirect" 
+        ? `${userfrontUrl}/signin?source=adminfront&redirect_uri=${encodeURIComponent(callbackUrl)}`
+        : `${userfrontUrl}/signin?source=adminfront`;
    
    if (mode === "redirect") {
        window.location.href = loginUrl;
--- a/userfront/lib/features/auth/presentation/login_screen.dart
+++ b/userfront/lib/features/auth/presentation/login_screen.dart
@@ -117,6 +117,8 @@ class _LoginScreenState extends ConsumerState<LoginScreen>

      if (uri.queryParameters.containsKey('redirect_url')) {
        _redirectUrl = uri.queryParameters['redirect_url'];
+      } else if (uri.queryParameters.containsKey('redirect_uri')) {
+        _redirectUrl = uri.queryParameters['redirect_uri'];
      }
    });
  }
@@ -1124,13 +1126,14 @@ class _LoginScreenState extends ConsumerState<LoginScreen>
    if (WebAuthIntegration.isPopup()) {
      debugPrint("[Auth] Popup detected. Notifying opener and attempting to close.");
      WebAuthIntegration.sendLoginSuccess(token);
-    } else {
-      if (_redirectUrl != null && _redirectUrl!.isNotEmpty) {
-        debugPrint("[Auth] Redirecting standalone window to: $_redirectUrl");
-        final target = "$_redirectUrl?token=$token";
-        launchUrlString(target, webOnlyWindowName: '_self');
-        return;
-      }
+      return; // Stop here for popups
+    }
+
+    if (_redirectUrl != null && _redirectUrl!.isNotEmpty) {
+      debugPrint("[Auth] Redirecting standalone window to: $_redirectUrl");
+      final target = "$_redirectUrl?token=$token";
+      launchUrlString(target, webOnlyWindowName: '_self');
+      return;
    }

    debugPrint("[Auth] Login success. Navigating to root.");