리다이렉트 후속 로직 업데이트

2026-02-19 12:40:56 +09:00
parent 1a5b04d688
commit 6fd0e5c800
6 changed files with 228 additions and 200 deletions
--- a/backend/internal/handler/auth_handler.go
+++ b/backend/internal/handler/auth_handler.go
@@ -1504,6 +1504,30 @@ func (h *AuthHandler) VerifyLoginShortCode(c *fiber.Ctx) error {
 }

 // PasswordLogin - Authenticate a user with login ID and password.
+func logOidcRedirectSummary(source, redirectTo string) {
+	parsed, err := url.Parse(redirectTo)
+	if err != nil {
+		slog.Warn(
+			"OIDC redirect parse failed",
+			"source", source,
+			"redirectToLength", len(redirectTo),
+			"error", err,
+		)
+		return
+	}
+
+	query := parsed.Query()
+	slog.Info(
+		"OIDC redirect summary",
+		"source", source,
+		"redirectToLength", len(redirectTo),
+		"redirectToHost", parsed.Host,
+		"redirectToPath", parsed.Path,
+		"redirectHasLoginVerifier", query.Has("login_verifier"),
+		"redirectHasRedirectURI", query.Has("redirect_uri"),
+	)
+}
+
 func (h *AuthHandler) PasswordLogin(c *fiber.Ctx) error {
 	startTime := time.Now()
 	ale := logger.NewAuditLogEntry(c, "login")
@@ -1586,7 +1610,7 @@ func (h *AuthHandler) PasswordLogin(c *fiber.Ctx) error {
 			slog.Error("failed to accept hydra login request", "error", err)
 			return fiber.NewError(fiber.StatusInternalServerError, "Failed to accept OIDC login request")
 		}
-		slog.Info("Hydra login request accepted", "redirectTo", acceptResp.RedirectTo)
+		logOidcRedirectSummary("password_login", acceptResp.RedirectTo)
 		return c.JSON(fiber.Map{
 			"redirectTo": acceptResp.RedirectTo,
 		})
@@ -3841,6 +3865,7 @@ func (h *AuthHandler) AcceptOidcLoginRequest(c *fiber.Ctx) error {
 		slog.Error("failed to accept hydra login request", "error", err)
 		return fiber.NewError(fiber.StatusInternalServerError, "Failed to accept OIDC login request")
 	}
+	logOidcRedirectSummary("accept_oidc_login_request", acceptResp.RedirectTo)

 	return c.JSON(acceptResp)
 }