Fix audit timeline app names and stabilize backend tests

backend/internal/middleware/audit_middleware.go

@@ -144,6 +144,19 @@ func AuditMiddleware(config AuditConfig) fiber.Handler {
 			"tenant_id":    tenantID,
 			"request_body": maskedBody,
 		}
+		// 핸들러에서 추가한 상세 정보를 병합합니다.
+		if extra := c.Locals("audit_details_extra"); extra != nil {
+			switch v := extra.(type) {
+			case map[string]string:
+				for key, value := range v {
+					details[key] = value
+				}
+			case map[string]interface{}:
+				for key, value := range v {
+					details[key] = value
+				}
+			}
+		}
 		if skipTimeline, ok := c.Locals("auth_timeline_skip").(bool); ok && skipTimeline {
 			details["auth_timeline_skip"] = true
 		}

backend/internal/middleware/rbac.go

@@ -2,7 +2,6 @@ package middleware
 
 import (
 	"baron-sso-backend/internal/domain"
-	"baron-sso-backend/internal/handler"
 	"baron-sso-backend/internal/service"
 	"github.com/gofiber/fiber/v2"
 	"log/slog"
@@ -11,10 +10,15 @@ import (
 // RBACConfig defines the configuration for RBAC middleware
 type RBACConfig struct {
 	AllowedRoles []string
-	AuthHandler  *handler.AuthHandler
+	AuthHandler  AuthProfileProvider
 	KetoService  service.KetoService
 }
 
+// AuthProfileProvider는 미들웨어에서 사용자 정보를 조회하기 위한 최소 인터페이스입니다.
+type AuthProfileProvider interface {
+	GetEnrichedProfile(c *fiber.Ctx) (*domain.UserProfileResponse, error)
+}
+
 // RequireKetoPermission enforces permissions using Ory Keto (ReBAC)
 func RequireKetoPermission(config RBACConfig, namespace, relation string) fiber.Handler {
 	return func(c *fiber.Ctx) error {