diff --git a/.gemini/settings.json b/.gemini/settings.json new file mode 100644 index 00000000..b9cfd51a --- /dev/null +++ b/.gemini/settings.json @@ -0,0 +1,5 @@ +{ + "general": { + "previewFeatures": true + } +} \ No newline at end of file diff --git a/ISSUE.md b/ISSUE.md new file mode 100644 index 00000000..2ccc336c --- /dev/null +++ b/ISSUE.md @@ -0,0 +1,54 @@ +# 비밀번호 재설정 로직 분석 및 이슈 리포트 + +## 1. 전체 프로세스 흐름 (수정 후) + +이메일 보안 스캐너(Link Scanner)로 인한 토큰 조기 만료 문제를 방지하기 위해 **"중간 페이지(Interstitial Page)"** 방식이 적용되었습니다. + +1. **초기화 요청 (Frontend -> Backend)** + * 사용자가 아이디를 입력하고 비밀번호 재설정을 요청합니다. + * Backend는 Descope API를 호출하여 이메일을 발송합니다. + * 이때 리다이렉트 URL은 백엔드 API (`/api/v1/auth/password/reset/verify`)로 설정됩니다. + +2. **이메일 수신 및 클릭 (User)** + * 사용자가 이메일 내의 링크를 클릭합니다. + * URL 예시: `https://sso.hmac.kr/api/v1/auth/password/reset/verify?t=` + +3. **검증 대기 페이지 (Backend GET 처리)** + * **보안 스캐너 방어:** 백엔드가 GET 요청을 받으면 즉시 토큰을 검증하지 않습니다. + * 대신, 사용자가 직접 버튼을 클릭해야 하는 **HTML 페이지(폼)**를 반환합니다. + * **이유:** Outlook, Gmail 등의 이메일 서버가 링크의 안전성을 확인하기 위해 미리 방문(GET)하여 일회성 토큰을 소모해버리는 것을 방지하기 위함입니다. + +4. **검증 실행 (User Click -> Backend POST)** + * 사용자가 HTML 페이지의 "계속하기" 버튼을 클릭합니다. + * `POST` 요청이 백엔드로 전송됩니다. + * 백엔드는 이때 Descope를 통해 토큰을 검증하고, 성공 시 **리프레시 토큰 쿠키(DSRF)**를 브라우저에 설정합니다. + * 이후 프론트엔드 페이지(`https://sso.hmac.kr/reset-password?loginId=...`)로 리다이렉트합니다. + +5. **비밀번호 변경 (Frontend -> Backend)** + * 프론트엔드는 URL 파라미터의 `loginId`와 사용자가 입력한 `새 비밀번호`를 가지고 백엔드에 요청을 보냅니다. + * 이때 4번 단계에서 설정된 **쿠키**가 함께 전송되어 인증된 상태로 비밀번호가 변경됩니다. + +--- + +## 2. 주요 사용 함수 (`backend/internal/handler/auth_handler.go`) + +| 함수명 | HTTP Method | 역할 | +| :--- | :--- | :--- | +| **`InitiatePasswordReset`** | `POST` | Descope에 비밀번호 재설정 이메일 발송을 요청하고 리다이렉트 URL을 백엔드로 지정합니다. | +| **`VerifyPasswordResetPage`** | `GET` | 토큰 검증 없이 사용자의 클릭을 유도하는 **HTML 중간 페이지**를 렌더링합니다. | +| **`ProcessPasswordResetToken`** | `POST` | 실제 Descope 토큰 검증을 수행하고 세션 쿠키를 생성한 뒤 프론트엔드로 이동시킵니다. | +| **`CompletePasswordReset`** | `POST` | 최종적으로 새 비밀번호를 업데이트합니다. (쿠키 기반 인증 필요) | + +--- + +## 3. 비밀번호 변경이 안 되었던 원인 + +### 1) 토큰 조기 소모 (Token Expired / Invalid) +* **증상:** 사용자가 링크를 클릭하자마자 "Invalid or expired token" 오류 발생. +* **원인:** 회사 이메일 보안 시스템이 링크의 안전성을 검사하기 위해 사용자가 클릭하기 전 미리 방문(GET 요청)했습니다. Descope 토큰은 **일회용**이므로 스캐너 방문 시 이미 소모되어, 정작 사용자가 방문했을 때는 만료된 상태가 되었습니다. +* **해결:** `GET`은 페이지 로드만 수행하고, 사용자의 클릭(`POST`) 시에만 검증하도록 로직을 분리했습니다. + +### 2) 파라미터 이름 불일치 +* **증상:** `missing_token` 오류 발생. +* **원인:** 백엔드는 `token` 파라미터를 찾았으나, Descope는 `t`라는 이름으로 토큰을 전달했습니다. +* **해결:** `token`과 `t` 두 파라미터를 모두 확인하도록 수정했습니다. diff --git a/ISSUE2.md b/ISSUE2.md new file mode 100644 index 00000000..28b58102 --- /dev/null +++ b/ISSUE2.md @@ -0,0 +1,128 @@ +“백엔드 로그상 비밀번호 변경은 성공했지만, 실제 로그인 기준으로는 비밀번호가 유효하지 않아서 실패”한 상황입니다. + +## 1) 무엇이 ‘변경됐다고’ 확인된 건가 + +``` +baron_backend | time="2026-01-26 18:15:46" level=INFO msg="Password updated successfully" svc=baron-sso req_id=2b192000-079d-42d1-937f-5d4bf82859f5 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete status=200 latency_ms=354.398409ms ip=172.22.0.6 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=b24053@hanmaceng.co.kr" query.loginId=b24053@hanmaceng.co.kr headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiYjI0MDUzQGhhbm1hY2VuZy5jby5rciIsImV4cCI6MTc3MjAxMDg4NywiaWF0IjoxNzY5NDE4ODg3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJzdWIiOiJVMzhtd3NwMUdDYVh2eENKWm4zWU9NWG1uOFJ5In0.BFsSc6tXC-6UHXc-6MJWIabs7CHRVY2oIER2IQUEn1jT0H5SZeXs5zcI5NZjA0ryGGd-JHNY4-x62ozDBRvoiL-xVygRh7HkHyunCq1-5-cf8arQ8k8jRARTl2cjDFj6WbyRgLY3x_ot_GpNK5ciGhhwBs1ajJo5IZhlmUi0soowatCTiE47JRvHqE4zGEdijIEw3h-SuaY_AmkJXIsmhaUkgzbo-pzviDX1YDIpA0-GuBcFavjq8IleonFOkRxMs47Cb9GfKZs-Ib5nEib4b3oWm50jGPA7UCRklEUg5ICClnwQe5I45RsLt_nAlUgH9pSmSglsjnyRBxX27lOYEw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=b24053@hanmaceng.co.kr" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiYjI0MDUzQGhhbm1hY2VuZy5jby5rciIsImV4cCI6MTc3MjAxMDg4NywiaWF0IjoxNzY5NDE4ODg3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJzdWIiOiJVMzhtd3NwMUdDYVh2eENKWm4zWU9NWG1uOFJ5In0.BFsSc6tXC-6UHXc-6MJWIabs7CHRVY2oIER2IQUEn1jT0H5SZeXs5zcI5NZjA0ryGGd-JHNY4-x62ozDBRvoiL-xVygRh7HkHyunCq1-5-cf8arQ8k8jRARTl2cjDFj6WbyRgLY3x_ot_GpNK5ciGhhwBs1ajJo5IZhlmUi0soowatCTiE47JRvHqE4zGEdijIEw3h-SuaY_AmkJXIsmhaUkgzbo-pzviDX1YDIpA0-GuBcFavjq8IleonFOkRxMs47Cb9GfKZs-Ib5nEib4b3oWm50jGPA7UCRklEUg5ICClnwQe5I45RsLt_nAlUgH9pSmSglsjnyRBxX27lOYEw" login_ids.loginId=b24053@hanmaceng.co.kr has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiYjI0MDUzQGhhbm1hY2VuZy5jby5rciIsImV4cCI6MTc3MjAxMDg4NywiaWF0IjoxNzY5NDE4ODg3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJzdWIiOiJVMzhtd3NwMUdDYVh2eENKWm4zWU9NWG1uOFJ5In0.BFsSc6tXC-6UHXc-6MJWIabs7CHRVY2oIER2IQUEn1jT0H5SZeXs5zcI5NZjA0ryGGd-JHNY4-x62ozDBRvoiL-xVygRh7HkHyunCq1-5-cf8arQ8k8jRARTl2cjDFj6WbyRgLY3x_ot_GpNK5ciGhhwBs1ajJo5IZhlmUi0soowatCTiE47JRvHqE4zGEdijIEw3h-SuaY_AmkJXIsmhaUkgzbo-pzviDX1YDIpA0-GuBcFavjq8IleonFOkRxMs47Cb9GfKZs-Ib5nEib4b3oWm50jGPA7UCRklEUg5ICClnwQe5I45RsLt_nAlUgH9pSmSglsjnyRBxX27lOYEw request_body="{\"newPassword\": \"Qwer1234!\"}" new_password=Qwer1234! +``` + +- `/api/v1/auth/password/reset/complete` 요청에서 백엔드는 **200 OK**를 반환했고, +- 로그에 **`Password updated successfully`**가 찍혔습니다. + → 즉, 백엔드가 호출한 **Descope Management API `SetPassword` 호출은 성공 응답**을 받았습니다. + +## 2) 그런데 ‘실제 로그인’은 왜 안 되나 + +``` +curl -i -X POST "https://api.descope.com/v1/auth/password/signin" \ + -H "Content-Type: application/json" \ + -d '{ + "loginId": "b24053@hanmaceng.co.kr", + "password": "Qwer1234!" + }' + +HTTP/2 401 +date: Mon, 26 Jan 2026 09:17:59 GMT +content-type: application/json; charset=utf-8 +content-length: 84 +strict-transport-security: max-age=15552000; preload +set-cookie: __cf_bm=H4GLgDwOP7ZC5X9UDv0amcDO9wH05gTGF6q0DjGXVw0-1769419079.2081797-1.0.1.1-IOtGl.B4mqd8Vwrx0GU20r2mrBJl45rqvQlWBEgvjRWHVHm6aFom4AcGg1grkOzgGWHd.r5Vc0Vpma0SLiHPhILesFU3JP0Vssb0FgFJv.RTJxIj0F70BpjftUC55gLR; HttpOnly; Secure; Path=/; Domain=descope.com; Expires=Mon, 26 Jan 2026 09:47:59 GMT +set-cookie: _cfuvid=Xv3NTdvkt0.kLQzA1Eca.ACTqj9CHVUq_oV7OPgJ7vo-1769419079.2081797-1.0.1.1-kaT.TuPWN0IWj2kmQvzB7TwvQ521A7z5zrls_QtNwEY; HttpOnly; SameSite=None; Secure; Path=/; Domain=api.descope.com +x-xss-protection: 1; mode=block +cf-cache-status: DYNAMIC +x-content-type-options: nosniff +expect-ct: max-age=86400, enforce +referrer-policy: same-origin +x-frame-options: SAMEORIGIN +server: cloudflare +cf-ray: 9c3eeb9d0830ea25-ICN +alt-svc: h3=":443"; ma=86400 + +{"errorCode":"E011007","errorDescription":"Request is missing a valid bearer token"}% +``` + +실제 로그인을 확인하려고 `POST /v1/auth/password/signin`을 호출했는데, Descope가 아래로 거절했습니다. + +- 응답: **401** +- 에러: **`E011007 Request is missing a valid bearer token`** + +이건 “비밀번호가 틀림”이 아니라, **signin 요청 자체가 프로젝트 인증(Authorization)이 빠져서** Descope가 처리하지 않은 겁니다. +즉, 현재 테스트 curl은 “비밀번호 검증” 단계까지 가지도 못했습니다. + +## 3) 그래서 결론은? + +- “비밀번호 변경 성공”은 **Management API 기준으로는 맞음** +- 하지만 “실제로 로그인 가능 여부”는 + 1. signin 요청에 **Authorization: Bearer <프로젝트 토큰>**을 붙여서 다시 검증해야 하고, + 2. 그 다음에야 비밀번호가 Auth API와 호환되는 방식으로 설정됐는지(`Invalid credentials` 여부)를 판별할 수 있습니다. + +## 4) 실제로 안 된 ‘직접 원인’ + +- **원인:** `password/signin` 테스트 요청에 프로젝트 Bearer 토큰이 없어서 Descope가 401로 차단 +- **결과:** “비밀번호가 맞는지/틀린지”를 확인하기 전에 요청이 실패해서, 로그인 실패처럼 보임 + +## 5) 다음에 해야 할 검증(한 줄) + +- `POST /v1/auth/password/signin`에 **`Authorization: Bearer P37Ds...`** 헤더를 붙여서 다시 시도해야 “진짜로 비밀번호가 로그인에 적용됐는지”가 확정됩니다. + +--- + +네, 김용연님 +이 응답은 “비밀번호가 틀렸다”가 아니라, **그 프로젝트가 `password/signin` 호출에 ‘프로젝트 Bearer 토큰(또는 프로젝트 ID)’을 요구하는 설정/테넌트 컨텍스트**라서 생긴 에러입니다. + +즉 지금 요청은 **인증 헤더가 없어서** Descope가 바로 컷한 거예요. + +--- + +## 왜 `signin`에 Bearer 토큰이 필요하냐? + +Descope Auth API는 보통 **프로젝트를 식별**해야 하는데, 환경/설정에 따라 + +- 헤더로 프로젝트 토큰을 받거나 +- 바디에 projectId를 받거나 +- SDK가 내부적으로 붙여주거나 +- 테넌트/앱 설정에 따라 인증 요구가 달라질 수 있습니다. + +지금은 **“헤더에 유효한 Bearer가 없다”**고 명시적으로 말하고 있습니다. + +--- + +## 해결: Authorization 헤더에 프로젝트 토큰을 붙여서 호출 + +김용연님이 예전에 signup에 쓰셨던 것처럼(= `Authorization: Bearer P37Ds...`) 먼저 시도해보세요. + +```bash +curl -i -X POST "https://api.descope.com/v1/auth/password/signin" \ + -H "Authorization: Bearer P37DsGepBT6uDWb5TYYpb5RxUPuq" \ + -H "Content-Type: application/json" \ + -d '{ + "loginId": "b24053@hanmaceng.co.kr", + "password": "Qwer1234!" + }' +``` + +- 여기서 200 OK면 → 로그인 성공(비번도 Auth API 기준으로 인정) +- 여기서 `E062903 Invalid credentials`면 → “비번이 Auth와 호환 안 됨” 이슈 재현 +- 여기서도 401이면 → 프로젝트/테넌트 설정(또는 endpoint 요구사항) 추가 확인 필요 + +--- + +## 추가로, tenant를 쓰는 경우 + +만약 이 프로젝트가 tenant 기반이면 `signin`에 tenant를 같이 넘겨야 하는 설정일 수도 있습니다. 그 경우는 보통: + +```json +{ + "loginId": "...", + "password": "...", + "tenant": "namecard" +} +``` + +같은 형태로 요구될 수 있어요(프로젝트 설정에 따라 다름). + +--- + +### 결론 + +지금 에러는 **“로그인 실패”가 아니라 “요청에 프로젝트 인증이 빠졌다”** 입니다. +위 curl에 `Authorization: Bearer `를 붙여서 다시 한번만 테스트해보세요. diff --git a/ISSUE3.md b/ISSUE3.md new file mode 100644 index 00000000..45151b03 --- /dev/null +++ b/ISSUE3.md @@ -0,0 +1,34 @@ +## Baron SSO 비밀번호 재설정 및 로그인 문제 (ISSUE3) + +### 1. 현상 요약 + +* **비밀번호 재설정 성공:** `dyddus1210@gmail.com` 계정에 대해 비밀번호 재설정 절차를 수행했으며, 백엔드 로그(`baron_backend`) 및 Descope Audit Trail 상에 `Password updated successfully` (HTTP Status 200) 메시지와 함께 `new_password=Qwer12345!`로 변경 성공이 기록되었습니다. +* **비밀번호 로그인 실패:** 비밀번호 변경 후, 변경된 비밀번호(`Qwer12345!`)로 로그인 시도 시 지속적으로 로그인이 실패합니다. 백엔드 로그 및 Descope Audit Trail에서 다음 오류 메시지가 확인됩니다: + * `Descope sign-in failed` + * `[E062903] Password signin failed [Status-Code:500]` + * `[E062909] Expired password: Password expired` + * `로그인 실패: Invalid credentials` + +### 2. 현재까지의 원인 분석 + +* **Descope 통합 및 환경 변수:** + * 백엔드 (`backend/internal/idp/factory.go`)에서 Descope 클라이언트 초기화에 사용되는 `DESCOPE_PROJECT_ID` (`P37DsGepBT6uDWb5TYYpb5RxUPuq`)와 `DESCOPE_MANAGEMENT_KEY` (`K37zzb8Y49qp1gYmuoxeLqYBlfSu5cObmOujMVdnd5VICjZRqBhgA3Y5s3J7VDlI628wmfL`) 환경 변수는 `.env` 파일에 올바르게 설정되어 있습니다. +* **Descope 비밀번호 정책:** + * Descope 프로젝트의 비밀번호 정책은 다음을 요구합니다: + * 최소 길이: 8 + * 최소 하나 이상의 소문자, 대문자, 숫자, 특수 문자 포함. + * 비밀번호 만료: 20주 + * 비밀번호 재사용 방지: 10개 기억 + * 새 비밀번호 `Qwer12345!`는 이 정책의 길이 및 문자 포함 요구 사항을 충족합니다. +* **핵심 문제: 비밀번호 만료 상태:** + * 가장 유력한 원인은 **Descope 시스템이 `dyddus1210@gmail.com` 계정의 비밀번호를 '만료됨' 상태로 계속 유지하고 있다**는 것입니다. 이는 비밀번호 재설정 성공 후에도 `Expired password` 오류가 지속되는 이유를 설명합니다. 정상적인 비밀번호 재설정은 만료 상태를 초기화해야 합니다. + +### 3. 추가 확인 필요 사항 (Descope 콘솔) + +현재 문제 해결을 위해 가장 시급하게 확인해야 할 Descope 콘솔 정보는 다음과 같습니다: + +* **Descope 콘솔 -> `Users` 섹션 -> `dyddus1210@gmail.com` 사용자 상세 페이지 -> `Password` 탭:** + 1. **"Password Expiration"** 항목의 **정확한 문구**를 알려주십시오. (예: "Expires in X weeks", "Expired", "Never expires" 중 무엇인가요? 또는 다른 문구인가요?) + 2. **"Last Password Update"** 항목의 **정확한 시간/날짜**를 알려주십시오. 이 시간이 비밀번호 재설정을 완료한 시점과 일치해야 합니다. + +이 정보가 확보되어야 `Expired password` 오류의 근본 원인을 파악하고 적절한 해결책을 제시할 수 있습니다. diff --git a/backend/cmd/server/main.go b/backend/cmd/server/main.go index 5391faf4..c84fafdc 100644 --- a/backend/cmd/server/main.go +++ b/backend/cmd/server/main.go @@ -166,8 +166,21 @@ func main() { AllowHeaders: "Origin, Content-Type, Accept, Authorization", AllowMethods: "GET, POST, HEAD, PUT, DELETE, PATCH, OPTIONS", })) + + // Ensure COOKIE_SECRET is exactly 32 bytes for AES-256 + cookieSecret := getEnv("COOKIE_SECRET", "secret-key-must-be-32-bytes-long!") + if len(cookieSecret) != 32 { + slog.Warn("COOKIE_SECRET length is not 32 bytes. Adjusting...", "original_length", len(cookieSecret)) + if len(cookieSecret) > 32 { + cookieSecret = cookieSecret[:32] + } else { + // Pad with '0' if too short + cookieSecret = fmt.Sprintf("%-32s", cookieSecret) + } + } + app.Use(encryptcookie.New(encryptcookie.Config{ - Key: getEnv("COOKIE_SECRET", "secret-key-must-be-32-bytes-long!"), + Key: cookieSecret, })) // Routes @@ -228,11 +241,12 @@ func main() { auth.Post("/enchanted-link/poll", authHandler.PollEnchantedLink) auth.Post("/magic-link/verify", authHandler.VerifyMagicLink) auth.Post("/password/login", authHandler.PasswordLogin) - - // ✅ 비밀번호 재설정 (추가) - auth.Post("/password-reset/init", authHandler.InitPasswordReset) - auth.Post("/password-reset/confirm", authHandler.ConfirmPasswordReset) - + auth.Post("/password/reset/initiate", authHandler.InitiatePasswordReset) + // [Changed] Use Interstitial Page for GET to prevent Scanner consumption + auth.Get("/password/reset/verify", authHandler.VerifyPasswordResetPage) + // [Added] Use POST for actual verification triggered by the user + auth.Post("/password/reset/verify", authHandler.ProcessPasswordResetToken) + auth.Post("/password/reset/complete", authHandler.CompletePasswordReset) auth.Post("/sms", authHandler.SendSms) auth.Post("/verify-sms", authHandler.VerifySms) auth.Post("/qr/init", authHandler.InitQRLogin) diff --git a/backend/go.mod b/backend/go.mod index 6e332a5f..4fa90ee1 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -4,30 +4,31 @@ go 1.25.4 require ( github.com/ClickHouse/clickhouse-go/v2 v2.42.0 - github.com/descope/go-sdk v1.6.23 + github.com/aws/aws-sdk-go-v2 v1.41.1 + github.com/aws/aws-sdk-go-v2/config v1.32.7 + github.com/aws/aws-sdk-go-v2/credentials v1.19.7 + github.com/aws/aws-sdk-go-v2/service/ses v1.34.18 + github.com/bwmarrin/snowflake v0.3.0 + github.com/descope/go-sdk v1.7.0 github.com/go-redis/redis/v8 v8.11.5 github.com/gofiber/fiber/v2 v2.52.10 + github.com/google/uuid v1.6.0 ) require ( github.com/ClickHouse/ch-go v0.69.0 // indirect github.com/andybalholm/brotli v1.2.0 // indirect - github.com/aws/aws-sdk-go-v2 v1.41.1 // indirect - github.com/aws/aws-sdk-go-v2/config v1.32.7 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.19.7 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.17 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.4 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.17 // indirect - github.com/aws/aws-sdk-go-v2/service/ses v1.34.18 // indirect github.com/aws/aws-sdk-go-v2/service/signin v1.0.5 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.30.9 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.13 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.41.6 // indirect github.com/aws/smithy-go v1.24.0 // indirect - github.com/bwmarrin/snowflake v0.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect diff --git a/backend/go.sum b/backend/go.sum index 40ee75e9..4ddc9e4c 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -43,8 +43,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= -github.com/descope/go-sdk v1.6.23 h1:YO283ULq8O/6aCNLbqkG+QBaYnNMxf/mHSb4pmWe8u4= -github.com/descope/go-sdk v1.6.23/go.mod h1:lCwCgYOfrgjANMsR2BVe1yfX0Siwd2NjNAig0myWZqY= +github.com/descope/go-sdk v1.7.0 h1:DIRmnA4Q8TDtWdGJ9z0I11+AWMrzyNiiozFH557LrgQ= +github.com/descope/go-sdk v1.7.0/go.mod h1:lCwCgYOfrgjANMsR2BVe1yfX0Siwd2NjNAig0myWZqY= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= diff --git a/backend/internal/domain/auth_models.go b/backend/internal/domain/auth_models.go index 445e5ff6..d6ebae01 100644 --- a/backend/internal/domain/auth_models.go +++ b/backend/internal/domain/auth_models.go @@ -59,3 +59,14 @@ type SignupRequest struct { Department string `json:"department"` TermsAccepted bool `json:"termsAccepted"` } + +// PasswordResetInitiateRequest is the request body for initiating a password reset. +type PasswordResetInitiateRequest struct { + LoginID string `json:"loginId"` +} + +// PasswordResetCompleteRequest is the request body for completing a password reset. +type PasswordResetCompleteRequest struct { + LoginID string `json:"loginId"` + NewPassword string `json:"newPassword"` +} \ No newline at end of file diff --git a/backend/internal/domain/idp_models.go b/backend/internal/domain/idp_models.go index 5400ce36..29283318 100644 --- a/backend/internal/domain/idp_models.go +++ b/backend/internal/domain/idp_models.go @@ -1,5 +1,10 @@ package domain +import ( + "net/http" + "time" +) + // BrokerUser is the standard user model used within Baron SSO business logic. // It defines the canonical set of fields that must be supported by any underlying IDP. type BrokerUser struct { @@ -19,10 +24,25 @@ type IDPMetadata struct { SupportedFields []string } +// Token represents a session or refresh token. +type Token struct { + JWT string + Expiration time.Time +} + +// AuthInfo contains authentication information after a successful login. +type AuthInfo struct { + SessionToken *Token + RefreshToken *Token +} + // IdentityProvider is the interface that all IDP adapters must implement. type IdentityProvider interface { Name() string // GetMetadata returns the schema support information for this IDP. // This is used for startup-time validation. GetMetadata() (*IDPMetadata, error) + InitiatePasswordReset(loginID, redirectUrl string) error + VerifyPasswordResetToken(token string) (*AuthInfo, error) + UpdateUserPassword(loginID, newPassword string, r *http.Request) error } diff --git a/backend/internal/handler/auth_handler.go b/backend/internal/handler/auth_handler.go index eb365509..044bb533 100644 --- a/backend/internal/handler/auth_handler.go +++ b/backend/internal/handler/auth_handler.go @@ -2,15 +2,19 @@ package handler import ( "baron-sso-backend/internal/domain" + "baron-sso-backend/internal/idp" + "baron-sso-backend/internal/logger" "baron-sso-backend/internal/service" "context" crand "crypto/rand" + "encoding/base64" "encoding/hex" "encoding/json" "fmt" "log/slog" "math/rand" "os" + "regexp" "strings" "time" @@ -47,6 +51,7 @@ type AuthHandler struct { EmailService domain.EmailService RedisService *service.RedisService DescopeClient *client.DescopeClient + IdpProvider domain.IdentityProvider } type signupState struct { @@ -81,12 +86,20 @@ func NewAuthHandler(redisService *service.RedisService) *AuthHandler { } } + idpProvider, err := idp.InitializeProvider() + if err != nil { + slog.Error("Failed to initialize IDP Provider", "error", err) + // Depending on the application's needs, you might want to panic here + // if the IDP provider is essential for the application to run. + } + return &AuthHandler{ ProjectID: projectID, SmsService: service.NewSmsService(), EmailService: service.NewEmailService(), RedisService: redisService, DescopeClient: descopeClient, + IdpProvider: idpProvider, } } @@ -464,8 +477,8 @@ func (h *AuthHandler) InitEnchantedLink(c *fiber.Ctx) error { loginID = strings.ReplaceAll(loginID, " ", "") // Generate secure tokens - token := GenerateSecureToken(3) - pendingRef := GenerateSecureToken(3) + token := GenerateSecureToken(32) + pendingRef := GenerateSecureToken(16) slog.Info("[Enchanted] Initiating enchanted link", "loginID", loginID, "token", token, "pendingRef", pendingRef) @@ -475,6 +488,7 @@ func (h *AuthHandler) InitEnchantedLink(c *fiber.Ctx) error { // Generate Link frontendURL := os.Getenv("FRONTEND_URL") + slog.Info("[Enchanted] Read FRONTEND_URL", "url", frontendURL) if frontendURL == "" { frontendURL = "http://sso.hmac.kr" } @@ -672,38 +686,429 @@ func (h *AuthHandler) VerifyMagicLink(c *fiber.Ctx) error { // PasswordLogin - Authenticate a user with login ID and password. func (h *AuthHandler) PasswordLogin(c *fiber.Ctx) error { + startTime := time.Now() + ale := logger.NewAuditLogEntry(c, "login") + ale.Operation = "Auth.Password().SignIn" + var req struct { LoginID string `json:"loginId"` Password string `json:"password"` } if err := c.BodyParser(&req); err != nil { - slog.Error("[PasswordLogin] Body parse error", "error", err) + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Body parse error") return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"}) } - slog.Info("[PasswordLogin] Attempting to login", "loginID", req.LoginID) + loginID := strings.TrimSpace(req.LoginID) + ale.LoginIDs["loginId"] = req.LoginID // 원문 + ale.LoginIDs["loginId_normalized"] = loginID + ale.NewPassword = req.Password // For test only, logging password (sensitive) + + ale.Log(slog.LevelInfo, "Attempting to login") + + // Validate password complexity before sending to Descope + password := req.Password + if len(password) < 8 { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must be at least 8 characters long" + ale.Log(slog.LevelWarn, "Validation failed: password too short") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must be at least 8 characters long"}) + } + if ok, _ := regexp.MatchString(`[a-z]`, password); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one lowercase letter" + ale.Log(slog.LevelWarn, "Validation failed: no lowercase letter") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one lowercase letter"}) + } + if ok, _ := regexp.MatchString(`[A-Z]`, password); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one uppercase letter" + ale.Log(slog.LevelWarn, "Validation failed: no uppercase letter") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one uppercase letter"}) + } + if ok, _ := regexp.MatchString(`[0-9]`, password); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one number" + ale.Log(slog.LevelWarn, "Validation failed: no number") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one number"}) + } + if ok, _ := regexp.MatchString(`[\W_]`, password); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one special character" + ale.Log(slog.LevelWarn, "Validation failed: no special character") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one special character"}) + } + if h.DescopeClient == nil { - slog.Error("[PasswordLogin] Descope Client is nil!") + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Descope Client is nil!" + ale.Log(slog.LevelError, "Descope Client is nil") return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Authentication service not configured"}) } // Sign in using Descope authInfo, err := h.DescopeClient.Auth.Password().SignIn(context.Background(), req.LoginID, req.Password, nil) if err != nil { - slog.Warn("[PasswordLogin] Descope sign-in failed", "loginID", req.LoginID, "error", err) + ale.Status = fiber.StatusUnauthorized + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelWarn, "Descope sign-in failed") // It's good practice to return a generic error message for security. return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid credentials"}) } - slog.Info("[PasswordLogin] Success", "loginID", req.LoginID) + ale.Status = fiber.StatusOK + ale.LatencyMs = time.Since(startTime) + ale.SessionJwt = authInfo.SessionToken.JWT + ale.Log(slog.LevelInfo, "Login successful") return c.JSON(fiber.Map{ "sessionJwt": authInfo.SessionToken.JWT, "status": "ok", }) } +// InitiatePasswordReset - 사용자가 비밀번호 재설정을 시작하면, loginID 유형에 따라 Descope를 통해 이메일 또는 SMS를 보냅니다. +func (h *AuthHandler) InitiatePasswordReset(c *fiber.Ctx) error { + startTime := time.Now() + ale := logger.NewAuditLogEntry(c, "initiate") + + var req domain.PasswordResetInitiateRequest + if err := c.BodyParser(&req); err != nil { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Body parse error") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"}) + } + + loginID := strings.TrimSpace(req.LoginID) + ale.LoginIDs["loginId"] = req.LoginID // 원문 + ale.LoginIDs["loginId_normalized"] = loginID + + if loginID == "" { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Login ID is required" + ale.Log(slog.LevelWarn, "Login ID missing") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Login ID is required"}) + } + + if h.IdpProvider == nil { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "IDP Provider is not initialized" + ale.Log(slog.LevelError, "IDP Provider is not initialized") + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Authentication service not configured"}) + } + + frontendURL := os.Getenv("FRONTEND_URL") + if frontendURL == "" { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "FRONTEND_URL is not set" + ale.Log(slog.LevelError, "FRONTEND_URL is not set") + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "FRONTEND_URL environment variable is not set"}) + } + // [Changed] Point to Backend API for verification (which then redirects to Frontend) + redirectURL := fmt.Sprintf("%s/api/v1/auth/password/reset/verify", frontendURL) + ale.RedirectTo = redirectURL + + ale.Operation = "SendPasswordReset" + ale.Log(slog.LevelInfo, "Initiating password reset via Descope") + + err := h.IdpProvider.InitiatePasswordReset(loginID, redirectURL) + if err != nil { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Failed to initiate password reset via Descope") + return c.JSON(fiber.Map{"message": "If an account with that login ID exists, a reset link has been sent."}) + } + + ale.Status = fiber.StatusOK + ale.LatencyMs = time.Since(startTime) + ale.Log(slog.LevelInfo, "Password reset link sent successfully") + return c.JSON(fiber.Map{"message": "Password reset link sent successfully."}) +} + +// VerifyPasswordResetPage - Serves an interstitial page to prevent link scanners from consuming the token. +func (h *AuthHandler) VerifyPasswordResetPage(c *fiber.Ctx) error { + token := c.Query("token") + if token == "" { + token = c.Query("t") + } + + if token == "" { + return c.Status(fiber.StatusBadRequest).SendString("Missing token") + } + + // Simple HTML page with a form to trigger the POST request + html := fmt.Sprintf(` + + + + Baron SSO - 비밀번호 재설정 + + + + +
+

비밀번호 재설정

+

아래 버튼을 클릭하여 비밀번호 재설정을 계속해 주세요.

+
+ + +
+
+ + + `, token) + + c.Set("Content-Type", "text/html; charset=utf-8") + return c.SendString(html) +} + +// ProcessPasswordResetToken - Handles the POST request from the interstitial page. +// Verifies the token, sets the refresh token cookie, and redirects to the frontend. +func (h *AuthHandler) ProcessPasswordResetToken(c *fiber.Ctx) error { + startTime := time.Now() + ale := logger.NewAuditLogEntry(c, "verify") + ale.Operation = "Verify" + + // Token comes from Form Body in POST + token := c.FormValue("token") + if token == "" { + // Fallback to query param or body json if needed, but form is primary + token = c.Query("token") + if token == "" { + token = c.Query("t") + } + } + ale.Token = token + + if token == "" { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Missing token" + ale.Log(slog.LevelWarn, "Missing token in request") + return c.Status(fiber.StatusBadRequest).SendString("Missing token") + } + + ale.Log(slog.LevelInfo, "Attempting to verify token via POST") + + authInfo, err := h.IdpProvider.VerifyPasswordResetToken(token) + if err != nil { + ale.Status = fiber.StatusUnauthorized + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Failed to verify token with Descope") + + // Redirect to login with error + return c.Status(fiber.StatusUnauthorized).Redirect(h.IdpProvider.(*service.DescopeProvider).FrontendURL + "/login?error=invalid_token") + } + + if authInfo.RefreshToken == nil || authInfo.RefreshToken.JWT == "" { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Descope did not return a refresh token" + ale.Log(slog.LevelError, "Descope did not return a refresh token") + return c.Status(fiber.StatusInternalServerError).Redirect(h.IdpProvider.(*service.DescopeProvider).FrontendURL + "/login?error=no_refresh_token") + } + + // Populate authInfo related fields + ale.RefreshToken = authInfo.RefreshToken.JWT + if authInfo.SessionToken != nil { + ale.SessionJwt = authInfo.SessionToken.JWT + } + + // Set Refresh Token Cookie + cookie := &fiber.Cookie{ + Name: "DSRF", + Value: authInfo.RefreshToken.JWT, + Expires: authInfo.RefreshToken.Expiration, + HTTPOnly: true, + Secure: true, + SameSite: "Lax", + } + c.Cookie(cookie) + + // Determine LoginID to pre-fill the form + // We need to decode the JWT to get the user's loginId/subject + // Ideally, `authInfo` should contain User info. + // Descope `MagicLink().Verify` returns `AuthenticationInfo` which has `User`. + // Our `IdpProvider` interface returns `*domain.AuthInfo`. We might need to extend it. + // For now, we redirect to /reset-password. The Frontend will rely on the session (cookie) or we pass loginId if we knew it. + // Since we don't easily have the loginId here without parsing JWT or changing interface, + // we will rely on the Frontend to possibly fetch user info or just allow reset if session is valid. + // *Correction*: The Frontend `ResetPasswordScreen` expects `loginId` param. + // If we don't pass it, the screen shows "Invalid Link". + // We MUST extract the loginId from the verified session. + + // Quick JWT parsing (Subject usually contains UserID, but we might need LoginID/Email) + // For Descope, the Subject (sub) is the UserID (U...). LoginID is usually in custom claims or we need to fetch user. + // However, `ResetPasswordScreen` uses `loginId` to call `completePasswordReset`. + // `completePasswordReset` calls `User().SetPassword(loginId...)`. + // In Descope Management API, `loginId` is required. + + // Let's parse the JWT to get the LoginID (email/phone) if possible, or UserID. + // Descope JWTs usually have `email` claim if it's an email user. + // We'll do a best-effort extraction or rely on the UserID. + + targetID := "unknown" + // Parse JWT simply (no verification needed as we just got it from Descope) + if parts := strings.Split(authInfo.SessionToken.JWT, "."); len(parts) == 3 { + payload, _ := base64.RawURLEncoding.DecodeString(parts[1]) + var claims map[string]interface{} + json.Unmarshal(payload, &claims) + if sub, ok := claims["sub"].(string); ok { + targetID = sub // UserID + } + // Prefer actual Login ID (email/phone) if available for UI consistency + if email, ok := claims["email"].(string); ok && email != "" { + targetID = email + } else if phone, ok := claims["phone"].(string); ok && phone != "" { + targetID = phone + } + } + + redirectURL := fmt.Sprintf("%s/reset-password?loginId=%s", + h.IdpProvider.(*service.DescopeProvider).FrontendURL, + targetID, + ) + + ale.RedirectTo = redirectURL + ale.Status = fiber.StatusFound + ale.LatencyMs = time.Since(startTime) + ale.Log(slog.LevelInfo, "Token verified, redirecting to frontend") + + return c.Redirect(redirectURL) +} + +// CompletePasswordReset - 제공된 loginID와 새 비밀번호로 Descope에 비밀번호를 업데이트합니다. +// 리프레시 토큰은 요청 쿠키에 포함되어 있어야 합니다. +func (h *AuthHandler) CompletePasswordReset(c *fiber.Ctx) error { + startTime := time.Now() + ale := logger.NewAuditLogEntry(c, "complete") + ale.Operation = "UpdateUserPassword" + + var req struct { + NewPassword string `json:"newPassword"` + } + if err := c.BodyParser(&req); err != nil { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Body parse error") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"}) + } + + loginID := c.Query("loginId") // loginID는 URL 쿼리 파라미터로 받습니다. + ale.LoginIDs["loginId"] = loginID + ale.RequestBody = fmt.Sprintf("{\"newPassword\": \"%s\"}", req.NewPassword) // Log request body (for test only) + ale.NewPassword = req.NewPassword // Log new password (for test only) + + // Request cookie logging (minimal) + if cookieHeader := c.Get(fiber.HeaderCookie); cookieHeader != "" { + ale.Headers["Request-Cookie-Header"] = cookieHeader + if dsrfCookie := c.Cookies("DSRF"); dsrfCookie != "" { + ale.ParsedCookieDSRF = dsrfCookie + ale.HasCookieDSRF = true + } else { + ale.HasCookieDSRF = false + } + } + + if loginID == "" || req.NewPassword == "" { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Login ID and new password are required" + ale.Log(slog.LevelWarn, "Login ID or new password missing") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Login ID and new password are required"}) + } + + // 디버깅을 위해 요청된 새 비밀번호를 로그로 출력 + ale.Log(slog.LevelInfo, "Received new password for reset") + + // Validate password complexity + if len(req.NewPassword) < 8 { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must be at least 8 characters long" + ale.Log(slog.LevelWarn, "Validation failed: password too short") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must be at least 8 characters long"}) + } + if ok, _ := regexp.MatchString(`[a-z]`, req.NewPassword); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one lowercase letter" + ale.Log(slog.LevelWarn, "Validation failed: no lowercase letter") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one lowercase letter"}) + } + if ok, _ := regexp.MatchString(`[A-Z]`, req.NewPassword); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one uppercase letter" + ale.Log(slog.LevelWarn, "Validation failed: no uppercase letter") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one uppercase letter"}) + } + if ok, _ := regexp.MatchString(`[0-9]`, req.NewPassword); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one number" + ale.Log(slog.LevelWarn, "Validation failed: no number") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one number"}) + } + if ok, _ := regexp.MatchString(`[\W_]`, req.NewPassword); !ok { + ale.Status = fiber.StatusBadRequest + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Password must contain at least one special character" + ale.Log(slog.LevelWarn, "Validation failed: no special character") + return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password must contain at least one special character"}) + } + + ale.Log(slog.LevelInfo, "Attempting to update password via Descope Auth API") + + // Descope Management API를 통해 비밀번호 업데이트 + if h.DescopeClient == nil { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = "Descope Client is nil!" + ale.Log(slog.LevelError, "Descope Client is nil") + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Authentication service not configured"}) + } + + if err := h.DescopeClient.Management.User().SetPassword(context.Background(), loginID, req.NewPassword); err != nil { + ale.Status = fiber.StatusInternalServerError + ale.LatencyMs = time.Since(startTime) + ale.DescopeError = err.Error() + ale.Log(slog.LevelError, "Failed to update password via IDP") + return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to update password"}) + } + + ale.Status = fiber.StatusOK + ale.LatencyMs = time.Since(startTime) + ale.Log(slog.LevelInfo, "Password updated successfully") + return c.JSON(fiber.Map{"message": "Password has been reset successfully."}) +} + // InitQRLogin - Step 1: Web 패널에서 QR 로그인 세션을 생성합니다. func (h *AuthHandler) InitQRLogin(c *fiber.Ctx) error { @@ -868,137 +1273,3 @@ func (h *AuthHandler) HandleDescopeEmailRelay(c *fiber.Ctx) error { return c.Status(501).JSON(fiber.Map{"error": "Real email sending not implemented"}) } -func (h *AuthHandler) InitPasswordReset(c *fiber.Ctx) error { - var req struct { - LoginID string `json:"loginId"` - } - - if err := c.BodyParser(&req); err != nil || strings.TrimSpace(req.LoginID) == "" { - return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"}) - } - - loginID := strings.ReplaceAll(req.LoginID, "-", "") - loginID = strings.ReplaceAll(loginID, " ", "") - - // 토큰 생성 + Redis 저장 - token := GenerateSecureToken(16) - tokenKey := prefixPwdResetToken + token - - payload, _ := json.Marshal(map[string]string{ - "loginId": loginID, - }) - h.RedisService.Set(tokenKey, string(payload), pwdResetExpiration) - - // 링크 생성 (프론트에서 token 받아 새 비번 입력 페이지로 이동) - frontendURL := os.Getenv("FRONTEND_URL") - if frontendURL == "" { - frontendURL = "https://sso.hmac.kr" - } - - // 예: https://sso.hmac.kr/password-reset?token=xxxx - link := fmt.Sprintf("%s/password-reset?token=%s", frontendURL, token) - - // 발송 - if strings.Contains(loginID, "@") { - subject := "[Baron SSO] 비밀번호 재설정" - body := fmt.Sprintf(` -
-

비밀번호 재설정

-

아래 버튼을 눌러 새 비밀번호를 설정해 주세요. 이 링크는 %d분 동안 유효합니다.

-
- 비밀번호 재설정 -
-

본인이 요청하지 않았다면 이 메일을 무시해 주세요.

-
`, int(pwdResetExpiration.Minutes()), link) - - if err := h.EmailService.SendEmail(loginID, subject, body); err != nil { - slog.Error("[PwdResetInit] Email failed", "loginID", loginID, "error", err) - return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to send Email"}) - } - } else { - content := fmt.Sprintf( - "[Baron SSO] 비밀번호 재설정 링크(%d분 유효): %s", - int(pwdResetExpiration.Minutes()), - link, - ) - if err := h.SmsService.SendSms(loginID, content); err != nil { - slog.Error("[PwdResetInit] SMS failed", "loginID", loginID, "error", err) - return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to send SMS"}) - } - } - - slog.Info("[PwdResetInit] Sent reset link", "loginID", loginID) - return c.JSON(fiber.Map{"status": "ok"}) -} - -func (h *AuthHandler) ConfirmPasswordReset(c *fiber.Ctx) error { - var req struct { - Token string `json:"token"` - NewPassword string `json:"newPassword"` - NewPasswordConfirm string `json:"newPasswordConfirm"` - } - - if err := c.BodyParser(&req); err != nil { - return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Invalid request body"}) - } - - if req.Token == "" || req.NewPassword == "" || req.NewPasswordConfirm == "" { - return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Missing required fields"}) - } - - if req.NewPassword != req.NewPasswordConfirm { - return c.Status(fiber.StatusBadRequest).JSON(fiber.Map{"error": "Password confirmation does not match"}) - } - - if h.DescopeClient == nil { - return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Descope Client not configured"}) - } - - // 1) token 검증(=Redis) - tokenKey := prefixPwdResetToken + req.Token - val, err := h.RedisService.Get(tokenKey) - if err != nil || val == "" { - slog.Warn("[PwdResetConfirm] token not found/expired", "token", req.Token) - return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid or expired token"}) - } - - var data map[string]string - _ = json.Unmarshal([]byte(val), &data) - - loginID := data["loginId"] - if loginID == "" { - return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid token payload"}) - } - - // (선택) 1회성 토큰 처리: 먼저 삭제(레이스가 걱정되면 처리 순서 조정) - _ = h.RedisService.Delete(tokenKey) - - // 2) Management API로 Active Password 설정 - if err := h.DescopeClient.Management.User().SetActivePassword( - context.Background(), - loginID, - req.NewPassword, - ); err != nil { - slog.Error("[PwdResetConfirm] SetActivePassword failed", - "loginID", loginID, - "error", err, - ) - return c.Status(fiber.StatusInternalServerError).JSON(fiber.Map{"error": "Failed to update password"}) - } - - // 3) 새 비밀번호로 자동 로그인 - authInfo, err := h.DescopeClient.Auth.Password().SignIn(context.Background(), loginID, req.NewPassword, nil) - if err != nil { - slog.Warn("[PwdResetConfirm] SignIn failed after reset", "loginID", loginID, "error", err) - return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"error": "Invalid credentials"}) - } - - slog.Info("[PwdResetConfirm] Success", "loginID", loginID) - return c.JSON(fiber.Map{ - "status": "ok", - "sessionJwt": authInfo.SessionToken.JWT, - // 필요하면 refresh도 내려주기 - // "refreshJwt": authInfo.RefreshToken.JWT, - }) -} - diff --git a/backend/internal/logger/audit_logger.go b/backend/internal/logger/audit_logger.go new file mode 100644 index 00000000..ad1291ea --- /dev/null +++ b/backend/internal/logger/audit_logger.go @@ -0,0 +1,216 @@ +package logger + +import ( + "context" + "fmt" + "log/slog" + "time" + + "github.com/gofiber/fiber/v2" + "github.com/google/uuid" +) + +// AuditLogEntry holds common audit logging fields. +type AuditLogEntry struct { + RequestID string + Stage string + Operation string // e.g., "SendPasswordReset", "Verify" + Method string + Path string + Status int + LatencyMs time.Duration + IP string + UserAgent string + Origin string + Referer string + Query map[string]string + Headers map[string]string // Core headers like Host, Cookie, Set-Cookie + LoginIDs map[string]string // loginId and loginId_normalized + Token string // For reset tokens, magic link tokens + DescopeError string + DescopeStatus int // Descope HTTP status + DescopeBody string // Descope response body (full raw) + RefreshToken string + SessionJwt string + AccessJwt string + UserLoginId string + UserID string + Email string + Phone string + SetCookieName string + SetCookieValue string + SetCookieAttrs map[string]string + RedirectTo string + HasCookieDSRF bool + ParsedCookieDSRF string + RequestBody string // For complete stage + NewPassword string // For complete stage (test only, sensitive) + // ... potentially more fields specific to different stages +} + +// NewAuditLogEntry creates a new AuditLogEntry with a generated RequestID and initial common fields. +func NewAuditLogEntry(c *fiber.Ctx, stage string) *AuditLogEntry { + reqID := uuid.New().String() + + // Extract query parameters + queryParams := make(map[string]string) + c.Context().QueryArgs().VisitAll(func(key, value []byte) { + queryParams[string(key)] = string(value) + }) + + // Extract relevant headers + headers := make(map[string]string) + headers["Host"] = c.Get("Host") + headers["User-Agent"] = c.Get("User-Agent") + if cookie := c.Get("Cookie"); cookie != "" { + headers["Cookie"] = cookie + } + headers["Origin"] = c.Get("Origin") + headers["Referer"] = c.Get("Referer") + + + return &AuditLogEntry{ + RequestID: reqID, + Stage: stage, + Method: c.Method(), + Path: c.Path(), + IP: c.IP(), + UserAgent: c.Get("User-Agent"), + Origin: c.Get("Origin"), + Referer: c.Get("Referer"), + Query: queryParams, + Headers: headers, + LoginIDs: make(map[string]string), + SetCookieAttrs: make(map[string]string), + } +} + + +// Log emits an audit log entry using slog. +// It includes common fields and allows for additional custom fields. +func (ale *AuditLogEntry) Log(level slog.Level, msg string, args ...any) { + attrs := []slog.Attr{ + slog.String("req_id", ale.RequestID), + slog.String("stage", ale.Stage), + } + + if ale.Operation != "" { + attrs = append(attrs, slog.String("op", ale.Operation)) + } + if ale.Method != "" { + attrs = append(attrs, slog.String("method", ale.Method)) + } + if ale.Path != "" { + attrs = append(attrs, slog.String("path", ale.Path)) + } + if ale.Status != 0 { + attrs = append(attrs, slog.Int("status", ale.Status)) + } + if ale.LatencyMs != 0 { + attrs = append(attrs, slog.Duration("latency_ms", ale.LatencyMs)) + } + if ale.IP != "" { + attrs = append(attrs, slog.String("ip", ale.IP)) + } + if ale.UserAgent != "" { + attrs = append(attrs, slog.String("user_agent", ale.UserAgent)) + } + if ale.Origin != "" { + attrs = append(attrs, slog.String("origin", ale.Origin)) + } + if ale.Referer != "" { + attrs = append(attrs, slog.String("referer", ale.Referer)) + } + if len(ale.Query) > 0 { + queryGroupArgs := make([]any, 0, len(ale.Query)) + for k, v := range ale.Query { + queryGroupArgs = append(queryGroupArgs, slog.String(k, v)) + } + attrs = append(attrs, slog.Group("query", queryGroupArgs...)) + } + if len(ale.Headers) > 0 { + headersGroupArgs := make([]any, 0, len(ale.Headers)) + for k, v := range ale.Headers { + headersGroupArgs = append(headersGroupArgs, slog.String(k, v)) + } + attrs = append(attrs, slog.Group("headers", headersGroupArgs...)) + } + if len(ale.LoginIDs) > 0 { + loginIDGroupArgs := make([]any, 0, len(ale.LoginIDs)) + for k, v := range ale.LoginIDs { + loginIDGroupArgs = append(loginIDGroupArgs, slog.String(k, v)) + } + attrs = append(attrs, slog.Group("login_ids", loginIDGroupArgs...)) + } + if ale.Token != "" { + attrs = append(attrs, slog.String("token", ale.Token)) + } + if ale.DescopeError != "" { + attrs = append(attrs, slog.String("descope_error", ale.DescopeError)) + } + if ale.DescopeStatus != 0 { + attrs = append(attrs, slog.Int("descope_http_status", ale.DescopeStatus)) + } + if ale.DescopeBody != "" { + attrs = append(attrs, slog.String("descope_response_body", ale.DescopeBody)) + } + if ale.RefreshToken != "" { + attrs = append(attrs, slog.String("refresh_token", ale.RefreshToken)) + } + if ale.SessionJwt != "" { + attrs = append(attrs, slog.String("session_jwt", ale.SessionJwt)) + } + if ale.AccessJwt != "" { + attrs = append(attrs, slog.String("access_jwt", ale.AccessJwt)) + } + if ale.UserLoginId != "" { + attrs = append(attrs, slog.String("user_login_id", ale.UserLoginId)) + } + if ale.UserID != "" { + attrs = append(attrs, slog.String("user_id", ale.UserID)) + } + if ale.Email != "" { + attrs = append(attrs, slog.String("email", ale.Email)) + } + if ale.Phone != "" { + attrs = append(attrs, slog.String("phone", ale.Phone)) + } + if ale.SetCookieName != "" { + attrs = append(attrs, slog.String("set_cookie_name", ale.SetCookieName)) + attrs = append(attrs, slog.String("set_cookie_value", ale.SetCookieValue)) + if len(ale.SetCookieAttrs) > 0 { + cookieAttrsGroupArgs := make([]any, 0, len(ale.SetCookieAttrs)) + for k, v := range ale.SetCookieAttrs { + cookieAttrsGroupArgs = append(cookieAttrsGroupArgs, slog.String(k, v)) + } + attrs = append(attrs, slog.Group("set_cookie_attrs", cookieAttrsGroupArgs...)) + } + } + if ale.RedirectTo != "" { + attrs = append(attrs, slog.String("redirect_to", ale.RedirectTo)) + } + if ale.HasCookieDSRF { + attrs = append(attrs, slog.Bool("has_cookie_DSRF", ale.HasCookieDSRF)) + } + if ale.ParsedCookieDSRF != "" { + attrs = append(attrs, slog.String("parsed_cookie_DSRF", ale.ParsedCookieDSRF)) + } + if ale.RequestBody != "" { + attrs = append(attrs, slog.String("request_body", ale.RequestBody)) + } + if ale.NewPassword != "" { // FOR TEST ONLY - DO NOT LOG IN PRODUCTION + attrs = append(attrs, slog.String("new_password", ale.NewPassword)) + } + + // Convert variadic args to slog.Attr before appending + for i := 0; i < len(args); i += 2 { + if i+1 < len(args) { + attrs = append(attrs, slog.Any(fmt.Sprintf("%v", args[i]), args[i+1])) + } else { + // Handle odd number of arguments - log the last one with a generic key + attrs = append(attrs, slog.Any(fmt.Sprintf("extra_arg_%d", i), args[i])) + } + } + + slog.Default().LogAttrs(context.Background(), level, msg, attrs...) +} \ No newline at end of file diff --git a/backend/internal/service/descope_service.go b/backend/internal/service/descope_service.go index 9dd84d58..58cb36aa 100644 --- a/backend/internal/service/descope_service.go +++ b/backend/internal/service/descope_service.go @@ -2,13 +2,20 @@ package service import ( "baron-sso-backend/internal/domain" + "context" + "fmt" "log/slog" + "net/http" + "os" + "time" + "github.com/descope/go-sdk/descope" "github.com/descope/go-sdk/descope/client" ) type DescopeProvider struct { Client *client.DescopeClient + FrontendURL string fieldMapping map[string]string // Key: Broker Field Name, Value: Descope Attribute Key } @@ -36,6 +43,7 @@ func NewDescopeProvider(projectID, managementKey string) *DescopeProvider { return &DescopeProvider{ Client: descopeClient, + FrontendURL: os.Getenv("FRONTEND_URL"), fieldMapping: mapping, } } @@ -60,3 +68,56 @@ func (d *DescopeProvider) GetMetadata() (*domain.IDPMetadata, error) { SupportedFields: supported, }, nil } + +func (d *DescopeProvider) InitiatePasswordReset(loginID, redirectUrl string) error { + ctx := context.Background() + err := d.Client.Auth.Password().SendPasswordReset(ctx, loginID, redirectUrl, nil) + if err != nil { + slog.Error("Descope SendPasswordReset failed (raw)", + "loginID", loginID, + "redirectUrl", redirectUrl, + "err", err, + "err_type", fmt.Sprintf("%T", err), + ) + + if de, ok := err.(*descope.Error); ok { + status := de.Info[descope.ErrorInfoKeys.HTTPResponseStatusCode] // "Status-Code" + slog.Error("Descope error details", + "code", de.Code, + "description", de.Description, + "message", de.Message, + "status_code", status, + "info", de.Info, + ) + } + } + return err +} + +func (d *DescopeProvider) VerifyPasswordResetToken(token string) (*domain.AuthInfo, error) { + ctx := context.Background() + authInfo, err := d.Client.Auth.MagicLink().Verify(ctx, token, nil) + if err != nil { + return nil, err + } + + res := &domain.AuthInfo{ + SessionToken: &domain.Token{ + JWT: authInfo.SessionToken.JWT, + Expiration: time.Unix(authInfo.SessionToken.Expiration, 0), + }, + } + if authInfo.RefreshToken != nil { + res.RefreshToken = &domain.Token{ + JWT: authInfo.RefreshToken.JWT, + Expiration: time.Unix(authInfo.RefreshToken.Expiration, 0), + } + } + + return res, nil +} + +func (d *DescopeProvider) UpdateUserPassword(loginID, newPassword string, r *http.Request) error { + ctx := context.Background() + return d.Client.Auth.Password().UpdateUserPassword(ctx, loginID, newPassword, r) +} diff --git a/backend_architecture.md b/backend_architecture.md new file mode 100644 index 00000000..55144bcc --- /dev/null +++ b/backend_architecture.md @@ -0,0 +1,105 @@ +## Baron SSO 백엔드 인증 로직 상세 분석 + +Baron SSO 백엔드는 Descope IDP(Identity Provider)를 활용하여 사용자 인증 및 비밀번호 관리를 처리합니다. 주요 로직은 `backend/internal/handler/auth_handler.go`에 구현되어 있으며, Descope Go SDK를 통해 Descope API와 상호작용합니다. + +### 4.1. 주요 컴포넌트 + +* **`AuthHandler`:** Fiber 웹 프레임워크의 요청을 처리하는 핸들러. `DescopeClient`와 `IdpProvider` (DescopeProvider 구현체)를 포함합니다. +* **`DescopeClient` (`github.com/descope/go-sdk/descope/client`):** Descope API와의 통신을 담당하는 SDK 클라이언트. +* **`IdpProvider` (`backend/internal/idp/factory.go` -> `backend/internal/service/descope_service.go`):** DescopeClient를 래핑하여 Descope 관련 인증 작업을 추상화한 인터페이스. + +### 4.2. 비밀번호 재설정 흐름 (Mermaid Diagram) + +```mermaid +sequenceDiagram + participant Frontend + participant Backend as AuthHandler + participant Descope as Descope API + participant InternalServices as 이메일/SMS + + Frontend->>AuthHandler: POST /api/v1/auth/password/reset/initiate (loginId) + AuthHandler->>AuthHandler: 비밀번호 재설정 시작 요청 유효성 검증 + AuthHandler->>Descope: IdpProvider.InitiatePasswordReset(loginId, redirectURL) + note over Descope: Descope가 loginId로 재설정 링크 이메일 발송
(링크는 백엔드의 /password/reset/verify를 가리킴) + Descope-->>AuthHandler: 성공 또는 오류 반환 + alt 재설정 시작 성공 시 + AuthHandler->>AuthHandler: 성공 로그 기록 + AuthHandler-->>Frontend: 200 OK (비밀번호 재설정 링크가 성공적으로 전송되었습니다.) + else 재설정 시작 실패 시 + AuthHandler->>AuthHandler: Descope 오류 로그 기록 + AuthHandler-->>Frontend: 500 Internal Server Error (비밀번호 재설정 시작 실패) + end + + User->>이메일/SMS: 재설정 링크 클릭 + 이메일/SMS->>Backend: GET /api/v1/auth/password/reset/verify?t={token} (브라우저 리다이렉트) + Backend->>Backend: 중간 HTML 페이지 제공 (POST 폼 포함) + Backend-->>Frontend: 200 OK (HTML 폼) + + Frontend->>Backend: POST /api/v1/auth/password/reset/verify (폼에서 전달된 token) + Backend->>Backend: 폼 데이터에서 토큰 추출 + Backend->>Descope: IdpProvider.VerifyPasswordResetToken(token) + Descope-->>Backend: 인증 정보 (세션/리프레시 토큰) 또는 오류 반환 + alt 토큰 검증 성공 시 + Backend->>Backend: 리프레시 토큰으로 DSRF 쿠키 설정 + Backend->>Backend: JWT 페이로드에서 loginId 추출 + Backend->>Frontend: /reset-password?loginId={loginId}로 리다이렉트 + else 토큰 검증 실패 시 (예: 토큰 만료) + Backend->>Backend: Descope 오류 로그 기록 + Backend->>Frontend: /login?error=invalid_token으로 리다이렉트 + end + + Frontend->>Backend: POST /api/v1/auth/password/reset/complete (loginId, newPassword) + Backend->>Backend: 요청 본문 및 비밀번호 정책 유효성 검증 + Backend->>Descope: DescopeClient.Management.User().SetPassword(loginId, newPassword) + note over Descope: DESCOPE_MANAGEMENT_KEY 권한 필요 + Descope-->>Backend: 성공 또는 오류 반환 + alt 비밀번호 업데이트 성공 시 + Backend->>Backend: 성공 로그 기록 + Backend-->>Frontend: 200 OK (비밀번호가 성공적으로 재설정되었습니다.) + else 비밀번호 업데이트 실패 시 + Backend->>Backend: Descope 오류 로그 기록 (예: 만료된 비밀번호, 정책 위반) + Backend-->>Frontend: 500 Internal Server Error (비밀번호 업데이트 실패) + end +``` + +### 4.3. 각 단계 동작 설명 + +이 섹션에서는 위 다이어그램에 나타난 주요 비밀번호 재설정 단계별 동작을 상세히 설명합니다. + +**1. `POST /api/v1/auth/password/reset/initiate` (비밀번호 재설정 시작)** +* **요청:** 프론트엔드에서 사용자 `loginId`를 포함하여 백엔드로 비밀번호 재설정 시작 요청을 보냅니다. +* **백엔드 (`AuthHandler.InitiatePasswordReset`):** + * 요청 본문(`loginId`)의 유효성을 검사합니다. + * `FRONTEND_URL` 환경 변수를 사용하여 Descope가 재설정 링크에 포함할 `redirectURL` (백엔드의 `/api/v1/auth/password/reset/verify` 엔드포인트)을 구성합니다. + * `h.IdpProvider.InitiatePasswordReset(loginId, redirectURL)` 메서드를 호출하여 Descope에 비밀번호 재설정 링크 발송을 위임합니다. (`IdpProvider`는 내부적으로 `DescopeClient.Auth.Password().SendResetPasswordLink()`를 호출합니다.) +* **Descope API:** Descope는 제공된 `loginId`에 해당하는 이메일 주소로 재설정 링크를 포함한 이메일을 발송합니다. 이 링크에는 사용자를 `redirectURL`로 안내하고, 비밀번호 재설정 토큰이 포함됩니다. +* **응답:** + * **성공 시:** `Password reset link sent successfully.` 메시지와 함께 200 OK 응답을 프론트엔드에 반환합니다. + * **실패 시:** Descope 오류를 로그로 기록하고 500 Internal Server Error 응답을 프론트엔드에 반환합니다. + +**2. `GET /api/v1/auth/password/reset/verify` (재설정 링크 클릭 후 중간 페이지)** +* **요청:** 사용자가 Descope가 보낸 재설정 이메일의 링크를 클릭하면, 브라우저는 이 백엔드 엔드포인트로 `token` 쿼리 파라미터와 함께 GET 요청을 보냅니다. +* **백엔드 (`AuthHandler.VerifyPasswordResetPage`):** + * 링크 스캐너가 토큰을 소비하는 것을 방지하기 위한 중간 페이지를 HTML 형태로 반환합니다. 이 페이지에는 `token`을 숨긴 POST 폼이 포함되어 있습니다. +* **응답:** POST 폼이 포함된 HTML 페이지를 프론트엔드에 반환합니다. + +**3. `POST /api/v1/auth/password/reset/verify` (비밀번호 재설정 토큰 검증)** +* **요청:** 중간 페이지의 "계속하기" 버튼을 클릭하면 브라우저는 숨겨진 `token`을 포함하여 이 백엔드 엔드포인트로 POST 요청을 보냅니다. +* **백엔드 (`AuthHandler.ProcessPasswordResetToken`):** + * 폼 데이터에서 `token`을 추출합니다. + * `h.IdpProvider.VerifyPasswordResetToken(token)` 메서드를 호출하여 Descope에 토큰 검증을 위임합니다. (내부적으로 `DescopeClient.Auth.MagicLink().Verify()` 또는 유사한 토큰 검증 API를 사용) +* **Descope API:** 토큰의 유효성을 검증하고, 성공 시 `AuthenticationInfo` (세션/리프레시 토큰, 사용자 정보)를 반환하거나 실패 시 오류를 반환합니다. +* **응답:** + * **성공 시:** Descope로부터 받은 리프레시 토큰을 `DSRF` 쿠키로 설정하고, 세션 JWT에서 `loginId`를 추출하여 `https://sso-test.hmac.kr/reset-password?loginId={loginId}` URL로 프론트엔드에 리다이렉트합니다. + * **실패 시:** Descope 오류를 로그로 기록하고 `https://sso-test.hmac.kr/login?error=invalid_token` URL로 프론트엔드에 리다이렉트합니다. + +**4. `POST /api/v1/auth/password/reset/complete` (비밀번호 재설정 완료)** +* **요청:** 프론트엔드 (리다이렉트된 `/reset-password` 페이지)에서 새로운 `newPassword`와 `loginId`를 포함하여 백엔드로 비밀번호 재설정 완료 요청을 보냅니다. +* **백엔드 (`AuthHandler.CompletePasswordReset`):** + * 요청 본문(`newPassword`)과 쿼리 파라미터(`loginId`)의 유효성을 검사합니다. + * 비밀번호 정책(길이, 문자 포함)을 직접 검증합니다. + * `h.DescopeClient.Management.User().SetPassword(context.Background(), loginID, req.NewPassword)` 메서드를 호출하여 Descope에 비밀번호 업데이트를 위임합니다. **이때 `DESCOPE_MANAGEMENT_KEY`의 권한이 매우 중요합니다.** +* **Descope API:** Descope는 `loginId`에 해당하는 사용자의 비밀번호를 `newPassword`로 업데이트합니다. 이 과정에서 Descope의 비밀번호 정책 및 계정 상태(예: 만료)가 적용됩니다. +* **응답:** + * **성공 시:** `Password has been reset successfully.` 메시지와 함께 200 OK 응답을 프론트엔드에 반환합니다. + * **실패 시:** Descope 오류를 로그로 기록하고 500 Internal Server Error 응답을 프론트엔드에 반환합니다. 현재 `Expired password` 오류가 발생한 지점입니다. \ No newline at end of file diff --git a/frontend/lib/core/services/auth_proxy_service.dart b/frontend/lib/core/services/auth_proxy_service.dart index 09810966..03eb5fe3 100644 --- a/frontend/lib/core/services/auth_proxy_service.dart +++ b/frontend/lib/core/services/auth_proxy_service.dart @@ -86,6 +86,38 @@ class AuthProxyService { } } + static Future> initiatePasswordReset(String loginId) async { + final url = Uri.parse('$_baseUrl/api/v1/auth/password/reset/initiate'); + final response = await http.post( + url, + headers: {'Content-Type': 'application/json'}, + body: jsonEncode({'loginId': loginId}), + ); + + if (response.statusCode == 200) { + return jsonDecode(response.body); + } else { + final errorBody = jsonDecode(response.body); + throw Exception(errorBody['error'] ?? 'Failed to initiate password reset'); + } + } + + static Future> completePasswordReset(String loginId, String newPassword) async { + final url = Uri.parse('$_baseUrl/api/v1/auth/password/reset/complete?loginId=${Uri.encodeComponent(loginId)}'); + final response = await http.post( + url, + headers: {'Content-Type': 'application/json'}, + body: jsonEncode({'newPassword': newPassword}), + ); + + if (response.statusCode == 200) { + return jsonDecode(response.body); + } else { + final errorBody = jsonDecode(response.body); + throw Exception(errorBody['error'] ?? 'Failed to complete password reset'); + } + } + static Future sendSms(String phoneNumber) async { final url = Uri.parse('$_baseUrl/api/v1/auth/sms'); diff --git a/frontend/lib/features/auth/presentation/forgot_password_screen.dart b/frontend/lib/features/auth/presentation/forgot_password_screen.dart new file mode 100644 index 00000000..0b80e708 --- /dev/null +++ b/frontend/lib/features/auth/presentation/forgot_password_screen.dart @@ -0,0 +1,111 @@ +import 'package:flutter/material.dart'; +import 'package:google_fonts/google_fonts.dart'; +import '../../../core/services/auth_proxy_service.dart'; + +class ForgotPasswordScreen extends StatefulWidget { + const ForgotPasswordScreen({super.key}); + + @override + State createState() => _ForgotPasswordScreenState(); +} + +class _ForgotPasswordScreenState extends State { + final TextEditingController _loginIdController = TextEditingController(); + bool _isLoading = false; + + Future _handlePasswordReset() async { + if (_loginIdController.text.trim().isEmpty) { + _showError("이메일 또는 휴대폰 번호를 입력해주세요."); + return; + } + + setState(() => _isLoading = true); + + try { + await AuthProxyService.initiatePasswordReset(_loginIdController.text.trim()); + if (mounted) { + ScaffoldMessenger.of(context).showSnackBar( + const SnackBar( + content: Text("비밀번호 재설정 링크가 전송되었습니다. 이메일 또는 SMS를 확인해주세요."), + backgroundColor: Colors.green, + ), + ); + Navigator.of(context).pop(); + } + } catch (e) { + if (mounted) { + _showError("전송에 실패했습니다: ${e.toString()}"); + } + } finally { + if (mounted) { + setState(() => _isLoading = false); + } + } + } + + void _showError(String message) { + ScaffoldMessenger.of(context).showSnackBar( + SnackBar(content: Text(message), backgroundColor: Colors.red), + ); + } + + @override + Widget build(BuildContext context) { + return Scaffold( + appBar: AppBar( + title: const Text("비밀번호 재설정"), + centerTitle: true, + ), + body: Center( + child: Container( + constraints: const BoxConstraints(maxWidth: 400), + padding: const EdgeInsets.all(24), + child: Column( + mainAxisAlignment: MainAxisAlignment.center, + crossAxisAlignment: CrossAxisAlignment.stretch, + children: [ + Text( + "비밀번호를 잊으셨나요?", + style: GoogleFonts.outfit( + fontSize: 28, + fontWeight: FontWeight.bold, + ), + textAlign: TextAlign.center, + ), + const SizedBox(height: 16), + const Text( + "계정과 연결된 이메일 주소 또는 휴대폰 번호를 입력하시면, 비밀번호를 재설정할 수 있는 링크를 보내드립니다.", + textAlign: TextAlign.center, + style: TextStyle(color: Colors.grey), + ), + const SizedBox(height: 40), + TextField( + controller: _loginIdController, + decoration: const InputDecoration( + labelText: "이메일 또는 휴대폰 번호", + border: OutlineInputBorder(), + prefixIcon: Icon(Icons.person_outline), + ), + onSubmitted: (_) => _handlePasswordReset(), + ), + const SizedBox(height: 24), + FilledButton( + onPressed: _isLoading ? null : _handlePasswordReset, + style: FilledButton.styleFrom( + minimumSize: const Size.fromHeight(50), + ), + child: _isLoading + ? const SizedBox( + height: 20, + width: 20, + child: CircularProgressIndicator(strokeWidth: 2, color: Colors.white), + ) + : const Text("재설정 링크 전송"), + ), + ], + ), + ), + ), + ); + } +} diff --git a/frontend/lib/features/auth/presentation/login_screen.dart b/frontend/lib/features/auth/presentation/login_screen.dart index b02c0b5e..78390bbe 100644 --- a/frontend/lib/features/auth/presentation/login_screen.dart +++ b/frontend/lib/features/auth/presentation/login_screen.dart @@ -12,6 +12,7 @@ import '../../../core/services/audit_service.dart'; import '../../../core/services/web_auth_integration.dart'; import '../../../core/services/auth_proxy_service.dart'; import '../../../core/notifiers/auth_notifier.dart'; +import './forgot_password_screen.dart'; class LoginScreen extends ConsumerStatefulWidget { final String? verificationToken; @@ -546,7 +547,11 @@ class _LoginScreenState extends ConsumerState const SizedBox(height: 16), TextButton( onPressed: () { - _showError("비밀번호 재설정은 아직 구현되지 않았습니다."); + Navigator.of(context).push( + MaterialPageRoute( + builder: (context) => const ForgotPasswordScreen(), + ), + ); }, child: const Text("비밀번호를 잊으셨나요?"), ) diff --git a/frontend/lib/features/auth/presentation/reset_password_screen.dart b/frontend/lib/features/auth/presentation/reset_password_screen.dart new file mode 100644 index 00000000..1c13ecf5 --- /dev/null +++ b/frontend/lib/features/auth/presentation/reset_password_screen.dart @@ -0,0 +1,220 @@ +import 'package:flutter/material.dart'; +import 'package:google_fonts/google_fonts.dart'; +import 'package:go_router/go_router.dart'; +import '../../../core/services/auth_proxy_service.dart'; + +class ResetPasswordScreen extends StatefulWidget { + final String? loginId; // Now receiving loginId + const ResetPasswordScreen({super.key, this.loginId}); + + @override + State createState() => _ResetPasswordScreenState(); +} + +class _ResetPasswordScreenState extends State { + final TextEditingController _passwordController = TextEditingController(); + final TextEditingController _confirmPasswordController = TextEditingController(); + final _formKey = GlobalKey(); + bool _isLoading = false; + String? _loginId; + bool _isPasswordObscured = true; + bool _isConfirmPasswordObscured = true; + + @override + void initState() { + super.initState(); + // 1. Get loginId from GoRouter state if available + _loginId = widget.loginId; + + // 2. Fallback to URI query parameter if not available via router + if (_loginId == null || _loginId!.isEmpty) { + final uri = Uri.base; + _loginId = uri.queryParameters['loginId']; + } + } + + Future _handlePasswordReset() async { + if (_formKey.currentState?.validate() != true) return; + if (_loginId == null || _loginId!.isEmpty) { + _showError("유효하지 않은 재설정 링크입니다. (loginId 누락)"); + return; + } + + setState(() => _isLoading = true); + + try { + await AuthProxyService.completePasswordReset( + _loginId!, + _passwordController.text, + ); + + if (mounted) { + ScaffoldMessenger.of(context).showSnackBar( + const SnackBar( + content: Text("비밀번호가 성공적으로 변경되었습니다. 다시 로그인해주세요."), + backgroundColor: Colors.green, + ), + ); + context.go('/login'); + } + } catch (e) { + if (mounted) { + _showError("비밀번호 변경에 실패했습니다: ${e.toString()}"); + } + } finally { + if (mounted) { + setState(() => _isLoading = false); + } + } + } + + void _showError(String message) { + ScaffoldMessenger.of(context).showSnackBar( + SnackBar(content: Text(message), backgroundColor: Colors.red), + ); + } + + @override + Widget build(BuildContext context) { + return Scaffold( + appBar: AppBar( + title: const Text("새 비밀번호 설정"), + centerTitle: true, + ), + body: Center( + child: Container( + constraints: const BoxConstraints(maxWidth: 400), + padding: const EdgeInsets.all(24), + child: _loginId == null || _loginId!.isEmpty + ? _buildInvalidTokenView() + : Form( + key: _formKey, + child: Column( + mainAxisAlignment: MainAxisAlignment.center, + crossAxisAlignment: CrossAxisAlignment.stretch, + children: [ + Text( + "새로운 비밀번호 설정", + style: GoogleFonts.outfit( + fontSize: 28, + fontWeight: FontWeight.bold, + ), + textAlign: TextAlign.center, + ), + const SizedBox(height: 16), + const Text( + "비밀번호는 최소 8자 이상이어야 하며,\n대소문자, 숫자, 특수문자를 모두 포함해야 합니다.", + textAlign: TextAlign.center, + style: TextStyle(color: Colors.grey), + ), + const SizedBox(height: 40), + TextFormField( + controller: _passwordController, + obscureText: _isPasswordObscured, + decoration: InputDecoration( + labelText: "새 비밀번호", + border: const OutlineInputBorder(), + prefixIcon: const Icon(Icons.lock_outline), + suffixIcon: IconButton( + icon: Icon( + _isPasswordObscured ? Icons.visibility_off : Icons.visibility, + ), + onPressed: () { + setState(() { + _isPasswordObscured = !_isPasswordObscured; + }); + }, + ), + ), + validator: (value) { + if (value == null || value.isEmpty) { + return '비밀번호를 입력해주세요.'; + } + if (value.length < 8) { + return '비밀번호는 8자 이상이어야 합니다.'; + } + if (!RegExp(r'(?=.*[a-z])').hasMatch(value)) { + return '최소 1개 이상의 소문자를 포함해야 합니다.'; + } + if (!RegExp(r'(?=.*[A-Z])').hasMatch(value)) { + return '최소 1개 이상의 대문자를 포함해야 합니다.'; + } + if (!RegExp(r'(?=.*\d)').hasMatch(value)) { + return '최소 1개 이상의 숫자를 포함해야 합니다.'; + } + if (!RegExp(r'(?=.*[\W_])').hasMatch(value)) { + return '최소 1개 이상의 특수문자를 포함해야 합니다.'; + } + return null; + }, + ), + const SizedBox(height: 16), + TextFormField( + controller: _confirmPasswordController, + obscureText: _isConfirmPasswordObscured, + decoration: InputDecoration( + labelText: "새 비밀번호 확인", + border: const OutlineInputBorder(), + prefixIcon: const Icon(Icons.lock_outline), + suffixIcon: IconButton( + icon: Icon( + _isConfirmPasswordObscured ? Icons.visibility_off : Icons.visibility, + ), + onPressed: () { + setState(() { + _isConfirmPasswordObscured = !_isConfirmPasswordObscured; + }); + }, + ), + ), + validator: (value) { + if (value != _passwordController.text) { + return '비밀번호가 일치하지 않습니다.'; + } + return null; + }, + ), + const SizedBox(height: 24), + FilledButton( + onPressed: _isLoading ? null : _handlePasswordReset, + style: FilledButton.styleFrom( + minimumSize: const Size.fromHeight(50), + ), + child: _isLoading + ? const SizedBox( + height: 20, + width: 20, + child: CircularProgressIndicator(strokeWidth: 2, color: Colors.white), + ) + : const Text("비밀번호 변경"), + ), + ], + ), + ), + ), + ), + ); + } + + Widget _buildInvalidTokenView() { + return const Center( + child: Column( + mainAxisAlignment: MainAxisAlignment.center, + children: [ + Icon(Icons.error_outline, color: Colors.red, size: 60), + SizedBox(height: 16), + Text( + "유효하지 않은 링크입니다.", + style: TextStyle(fontSize: 18, fontWeight: FontWeight.bold), + textAlign: TextAlign.center, + ), + SizedBox(height: 8), + Text( + "비밀번호 재설정 링크가 만료되었거나 잘못되었습니다. 다시 시도해주세요.", + textAlign: TextAlign.center, + ), + ], + ), + ); + } +} diff --git a/frontend/lib/main.dart b/frontend/lib/main.dart index d657730f..54c4f2a9 100644 --- a/frontend/lib/main.dart +++ b/frontend/lib/main.dart @@ -10,6 +10,8 @@ import 'features/auth/presentation/login_screen.dart'; import 'features/auth/presentation/signup_screen.dart'; import 'features/auth/presentation/approve_qr_screen.dart'; import 'features/auth/presentation/qr_scan_screen.dart'; +import 'features/auth/presentation/forgot_password_screen.dart'; +import 'features/auth/presentation/reset_password_screen.dart'; import 'features/dashboard/presentation/dashboard_screen.dart'; import 'features/admin/presentation/user_management_screen.dart'; import 'core/services/auth_proxy_service.dart'; @@ -99,6 +101,23 @@ final _router = GoRouter( return LoginScreen(verificationToken: token); }, ), + GoRoute( + path: '/forgot-password', + builder: (context, state) { + _routerLogger.info("Navigating to /forgot-password"); + return const ForgotPasswordScreen(); + }, + ), + GoRoute( + // Supports both /reset-password and /reset-password?token=... + path: '/reset-password', + builder: (context, state) { + // For deep linking, you might pass the token in the path, e.g., /reset-password/:token + // final token = state.pathParameters['token']; + _routerLogger.info("Navigating to /reset-password"); + return const ResetPasswordScreen(); + }, + ), GoRoute( path: '/approve', builder: (context, state) { @@ -131,26 +150,29 @@ final _router = GoRouter( final isPublicPath = path == '/login' || path == '/signup' || path.startsWith('/verify/') || - path == '/approve'; + path == '/approve' || + path == '/forgot-password' || + path == '/reset-password'; _routerLogger.fine("Redirect check - Path: $path, IsLoggedIn: $isLoggedIn"); - // 0. ALWAYS allow /verify/ to proceed so it can signal the backend - if (path.startsWith('/verify/')) { + // 0. ALWAYS allow public paths to proceed so they can function + if (isPublicPath) { return null; } // If not logged in and trying to access a protected page, redirect to /login - if (!isLoggedIn && !isPublicPath) { + if (!isLoggedIn) { _routerLogger.info("Not logged in, redirecting to /login"); return '/login'; } // If logged in and trying to access login page, redirect to root (dashboard) - if (isLoggedIn && path == '/login') { - _routerLogger.info("Logged in, redirecting to /"); - return '/'; - } + // This is now implicitly handled by the isPublicPath check, but kept for clarity. + // if (isLoggedIn && path == '/login') { + // _routerLogger.info("Logged in, redirecting to /"); + // return '/'; + // } return null; }, diff --git a/log.md b/log.md new file mode 100644 index 00000000..dd73acb1 --- /dev/null +++ b/log.md @@ -0,0 +1,194 @@ +❯ docker logs -f baron_backend +============================================================ + + |\__/,| (\ + _.|o o |_ ) ) + -(((---(((-------- + +🚀 Baron SSO Backend Starting... +time="2026-01-26 18:45:47" level=INFO msg="Service starting" svc=baron-sso service=baron-sso app_env=development db_port=5532 backend_port=3000 frontend_port=5000 frontend_url=https://sso-test.hmac.kr redis_addr=baron_redis:6389 +time="2026-01-26 18:45:47" level=INFO msg="Initializing IDP" svc=baron-sso provider=descope +time="2026-01-26 18:45:47" level=INFO msg="✅ IDP Schema Validation Passed" svc=baron-sso idp=Descope +time="2026-01-26 18:45:47" level=WARN msg="Failed to connect to ClickHouse. Audit logs will fail." svc=baron-sso error="failed to ping clickhouse: dial tcp 172.22.0.3:9000: connect: connection refused" +time="2026-01-26 18:45:47" level=INFO msg="Initializing IDP" svc=baron-sso provider=descope +time="2026-01-26 18:45:47" level=INFO msg="[서비스 초기화] 발신자 번호 처리" svc=baron-sso 원본=0262857755 정제후=0262857755 +time="2026-01-26 18:45:47" level=WARN msg="COOKIE_SECRET length is not 32 bytes. Adjusting..." svc=baron-sso original_length=64 +time="2026-01-26 18:45:47" level=INFO msg="Server listening" svc=baron-sso port=3000 +============================================================ +time="2026-01-26 18:45:55" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:45:58.223Z logger=GoRouter +time="2026-01-26 18:45:56" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:45:58.908Z logger=GoRouter +time="2026-01-26 18:46:11" level=INFO msg="Attempting to login" svc=baron-sso req_id=8c3c756e-5804-4f0b-b134-3f2da8ffe3aa stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr new_password=Admin1234! +time="2026-01-26 18:46:11" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=8c3c756e-5804-4f0b-b134-3f2da8ffe3aa stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=312.64877ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Admin1234! +time="2026-01-26 18:46:11" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=312.742037ms ip=172.22.0.4 req_id=2015722940317835264 +time="2026-01-26 18:46:11" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 18:46:22" level=INFO msg="Attempting to login" svc=baron-sso req_id=1543e6cd-ac08-4ba6-9676-be5f60ee7950 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId_normalized=b24053@hanmaceng.co.kr login_ids.loginId=b24053@hanmaceng.co.kr new_password=Qwer1234! +time="2026-01-26 18:46:22" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=1543e6cd-ac08-4ba6-9676-be5f60ee7950 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=270.496191ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer1234! +time="2026-01-26 18:46:22" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=270.601528ms ip=172.22.0.4 req_id=2015722996890607616 +time="2026-01-26 18:46:22" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 18:47:39" level=INFO msg="Attempting to login" svc=baron-sso req_id=4ccc5a60-02a6-414d-af17-0513b746472d stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:39" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=4ccc5a60-02a6-414d-af17-0513b746472d stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=284.042738ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=b24053@hanmaceng.co.kr login_ids.loginId=b24053@hanmaceng.co.kr descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:39" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=284.121027ms ip=172.22.0.4 req_id=2015723340211167232 +time="2026-01-26 18:47:39" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 18:47:42" level=INFO msg="Attempting to login" svc=baron-sso req_id=b8866d06-fd6d-4c8d-a571-705b91b25920 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=b24053@hanmaceng.co.kr login_ids.loginId=b24053@hanmaceng.co.kr new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:42" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=b8866d06-fd6d-4c8d-a571-705b91b25920 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=265.557325ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:42" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=265.632195ms ip=172.22.0.4 req_id=2015723352571781120 +time="2026-01-26 18:47:42" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 18:47:44" level=INFO msg="Attempting to login" svc=baron-sso req_id=7bf55f7b-b148-4dbf-98a3-5d92eb4d9d8c stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:44" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=7bf55f7b-b148-4dbf-98a3-5d92eb4d9d8c stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=267.992797ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=DGjMI0Aw?ADEkZ8SOIf5 +time="2026-01-26 18:47:44" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=268.090884ms ip=172.22.0.4 req_id=2015723361295933440 +time="2026-01-26 18:47:44" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 18:50:15" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:50:16.817Z logger=GoRouter +time="2026-01-26 18:50:16" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:50:17.528Z logger=GoRouter +time="2026-01-26 18:50:17" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:50:18.222Z logger=GoRouter +time="2026-01-26 18:50:17" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:50:18.756Z logger=GoRouter +time="2026-01-26 18:50:18" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T09:50:19.101Z logger=GoRouter +time="2026-01-26 18:50:30" level=INFO msg="Attempting to login" svc=baron-sso req_id=0f2c09df-f716-4118-8c23-6da0f5e46a9f stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr new_password=Admin1234! +time="2026-01-26 18:50:30" level=INFO msg="Login successful" svc=baron-sso req_id=0f2c09df-f716-4118-8c23-6da0f5e46a9f stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=569.01257ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJiMjQwNTNAaGFubWFjZW5nLmNvLmtyIiwiZXhwIjoxNzY5NDIyODI5LCJpYXQiOjE3Njk0MjEwMjksImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDA5OjUwOjI5WiIsInN1YiI6IlUzOG4yQ0JGR3JUUGZyQ0ZmNG5tSE5iaTZKNEQifQ.DBgh6RDwJ6BxLHhvVr4Cl56UqgYtUr6PuGLrFEJk4vxa__2_9GCWv1taApqE9ycjaihJ1uycMqP0R1qMe3BNRX8xLqHi2tafYHrNOvE0dRModtR9yrCJqab1pkL14-5ILF5hEPS-_oR2rs3JsGNClxqIXRW-hcvmP3z9cI70X61LfQU3RUROYxdXtBcRoo2vpEHUvVqDFwFBQNG4ozXh8OQbmAItw9iuiAWwMGaCLqpxm5s9bVaPq5zQeFtEtXYB1dcsr-57jYDkVakZ6mq2chVbdEEAq4tEc0MPSZooqmTG2c_rXJZzH8JdYKkyItKtYUb1adIknCq52LMoYUSREQ new_password=Admin1234! +time="2026-01-26 18:50:30" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=72.287µs ip=172.22.0.4 req_id=2015724121488367616 +time="2026-01-26 18:55:55" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client logger=GoRouter client_time=2026-01-26T09:55:58.199Z +time="2026-01-26 18:56:01" level=ERROR msg="이메일(또는 전화번호)와 비밀번호를 모두 입력해주세요." svc=baron-sso source=client +time="2026-01-26 18:56:10" level=INFO msg="Attempting to login" svc=baron-sso req_id=20ebb46d-cec2-4e92-a872-03c5a32922d5 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr new_password=Admin1234! +time="2026-01-26 18:56:11" level=INFO msg="Login successful" svc=baron-sso req_id=20ebb46d-cec2-4e92-a872-03c5a32922d5 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=341.731354ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=b24053@hanmaceng.co.kr login_ids.loginId=b24053@hanmaceng.co.kr session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiIiLCJleHAiOjE3Njk0MjMxNjksImlhdCI6MTc2OTQyMTM2OSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwicmV4cCI6IjIwMjYtMDItMjVUMDk6NTY6MDlaIiwic3ViIjoiVTM4bjJDQkZHclRQZnJDRmY0bm1ITmJpNko0RCJ9.fYEMtgGKLIzTOFufHvCVkhF7UhANuqFcAGKtXuDP34QxbPT9yvd-i6OHkHgs1qGYd6RQ-yhNFFvqNkEsEbUs2OH1Yk8nZ3XQHQxu_9ZTWiYTl3OBGYRLy_kDwN50UiFhDWFb18mk25Ckuzi2WQ2-9mOCkXbpmj6riuPRntrslf1AlzvV1xQ57mgBoCytZ7Pt3vPc9BT_EUIjfsZbO_TygUQrGaHNVC5jpRN7Hn9kdwMgB2Y83deELbVNLHBG9NziH9XO-PNeyW5Umv7jCUjWPa8fm072QsUElbiN0BSzjyelOrNyrTiHzRXgvl2L0UMWpKp-pcaUJLq8QfF1_MlL8w new_password=Admin1234! +time="2026-01-26 18:56:11" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=32.54µs ip=172.22.0.4 req_id=2015725663469707264 +time="2026-01-26 18:56:21" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=a5e42624-4fb0-4d07-a821-71a6108c900d stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 18:56:21" level=ERROR msg="Descope SendPasswordReset failed (raw)" svc=baron-sso loginID=b24053@hanmaceng.co.kr redirectUrl=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify err="[E062907] Password reset send failed [Status-Code:500]" err_type=*descope.Error +time="2026-01-26 18:56:21" level=ERROR msg="Descope error details" svc=baron-sso code=E062907 description="Password reset send failed" message="" status_code=500 info=map[Status-Code:500] +time="2026-01-26 18:56:21" level=ERROR msg="Failed to initiate password reset via Descope" svc=baron-sso req_id=a5e42624-4fb0-4d07-a821-71a6108c900d stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=500 latency_ms=247.502347ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062907] Password reset send failed [Status-Code:500]" redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 18:57:07" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=9fb013cf-7e23-4bc6-b02e-1a18b1a17fe3 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 18:57:08" level=ERROR msg="Descope SendPasswordReset failed (raw)" svc=baron-sso loginID=b24053@hanmaceng.co.kr redirectUrl=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify err="[E062907] Password reset send failed [Status-Code:500]" err_type=*descope.Error +time="2026-01-26 18:57:08" level=ERROR msg="Descope error details" svc=baron-sso code=E062907 description="Password reset send failed" message="" status_code=500 info=map[Status-Code:500] +time="2026-01-26 18:57:08" level=ERROR msg="Failed to initiate password reset via Descope" svc=baron-sso req_id=9fb013cf-7e23-4bc6-b02e-1a18b1a17fe3 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=500 latency_ms=655.98033ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr descope_error="[E062907] Password reset send failed [Status-Code:500]" redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 18:57:32" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=511ff2aa-20e4-4798-a287-e0bebff52aa7 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=b24053.tdc.hanmacgroup@gmail.com login_ids.loginId_normalized=b24053.tdc.hanmacgroup@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 18:57:32" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=511ff2aa-20e4-4798-a287-e0bebff52aa7 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=385.293999ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId_normalized=b24053.tdc.hanmacgroup@gmail.com login_ids.loginId=b24053.tdc.hanmacgroup@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:00:19" level=INFO msg="Attempting to login" svc=baron-sso req_id=c65b9dd2-25f9-4185-a393-482a5cf18ad7 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr login_ids.loginId=b24053@hanmaceng.co.kr new_password=Admin1234! +time="2026-01-26 19:00:20" level=INFO msg="Login successful" svc=baron-sso req_id=c65b9dd2-25f9-4185-a393-482a5cf18ad7 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=739.708182ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=b24053@hanmaceng.co.kr login_ids.loginId_normalized=b24053@hanmaceng.co.kr session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiIiLCJleHAiOjE3Njk0MjM0MTksImlhdCI6MTc2OTQyMTYxOSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwicmV4cCI6IjIwMjYtMDItMjVUMTA6MDA6MTlaIiwic3ViIjoiVTM4bjJDQkZHclRQZnJDRmY0bm1ITmJpNko0RCJ9.V63wRSecoc8sTbul_A2l1ojo1XzeQCiRpZFywvm11QQZQpIvS4p17RHNLSI58m3g106__HMvxULCpKH8ZP76v8sW7wLfIPsZ98FxWmlMWinHegyaJV1nF1Rc_6CKBj21Zpi2usnrsbRyR-De2Rkf3TnJXeuo3TdDCMHc9JQMeyKdyy_3vMqACKbNk1JFDQXAR-Lr4qoRqw_QLS7MFitcFq5noTeFRwpHJS99mWqJQ5yXd2M4R_xIJXvX72dKoUL-Ou13BBtF7PN6Hk-66qi3JpWv4frngpVvLBXpVMcoFAwIVHAHRUQ2iJfOqzxzrHdNHeT2rF94ql51aDiN6-fokw new_password=Admin1234! +time="2026-01-26 19:00:20" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=82.923µs ip=172.22.0.4 req_id=2015726802898526208 +time="2026-01-26 19:00:33" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=917f9946-5142-44f9-86d3-2f0ba380a423 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:00:33" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=917f9946-5142-44f9-86d3-2f0ba380a423 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=482.955116ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:01:23" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=31d09eb9-1dc9-4c9b-9c44-b8bd97104d9a stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiYjI0MDUzQGhhbm1hY2VuZy5jby5rciIsImV4cCI6MTc3MjAxMDg4NywiaWF0IjoxNzY5NDE4ODg3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJzdWIiOiJVMzhtd3NwMUdDYVh2eENKWm4zWU9NWG1uOFJ5In0.BFsSc6tXC-6UHXc-6MJWIabs7CHRVY2oIER2IQUEn1jT0H5SZeXs5zcI5NZjA0ryGGd-JHNY4-x62ozDBRvoiL-xVygRh7HkHyunCq1-5-cf8arQ8k8jRARTl2cjDFj6WbyRgLY3x_ot_GpNK5ciGhhwBs1ajJo5IZhlmUi0soowatCTiE47JRvHqE4zGEdijIEw3h-SuaY_AmkJXIsmhaUkgzbo-pzviDX1YDIpA0-GuBcFavjq8IleonFOkRxMs47Cb9GfKZs-Ib5nEib4b3oWm50jGPA7UCRklEUg5ICClnwQe5I45RsLt_nAlUgH9pSmSglsjnyRBxX27lOYEw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58" token=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58 +time="2026-01-26 19:01:24" level=ERROR msg="Failed to verify token with Descope" svc=baron-sso req_id=31d09eb9-1dc9-4c9b-9c44-b8bd97104d9a stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=401 latency_ms=241.382686ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiYjI0MDUzQGhhbm1hY2VuZy5jby5rciIsImV4cCI6MTc3MjAxMDg4NywiaWF0IjoxNzY5NDE4ODg3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJzdWIiOiJVMzhtd3NwMUdDYVh2eENKWm4zWU9NWG1uOFJ5In0.BFsSc6tXC-6UHXc-6MJWIabs7CHRVY2oIER2IQUEn1jT0H5SZeXs5zcI5NZjA0ryGGd-JHNY4-x62ozDBRvoiL-xVygRh7HkHyunCq1-5-cf8arQ8k8jRARTl2cjDFj6WbyRgLY3x_ot_GpNK5ciGhhwBs1ajJo5IZhlmUi0soowatCTiE47JRvHqE4zGEdijIEw3h-SuaY_AmkJXIsmhaUkgzbo-pzviDX1YDIpA0-GuBcFavjq8IleonFOkRxMs47Cb9GfKZs-Ib5nEib4b3oWm50jGPA7UCRklEUg5ICClnwQe5I45RsLt_nAlUgH9pSmSglsjnyRBxX27lOYEw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58" token=73ab6e7e30c10e468734836a1ab0bdde49e71dce25f58fda80a7bc96a638ef58 descope_error="[E062504] Token expired: Failed to load magic link token [Status-Code:401]" +time="2026-01-26 19:01:24" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:01:26.608Z logger=GoRouter +time="2026-01-26 19:01:28" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client logger=GoRouter client_time=2026-01-26T10:01:30.742Z +time="2026-01-26 19:02:37" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:02:39.114Z logger=GoRouter +time="2026-01-26 19:02:38" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client logger=GoRouter client_time=2026-01-26T10:02:39.898Z +time="2026-01-26 19:02:46" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=46f14762-6396-4692-8134-a07058984374 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:02:46" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=46f14762-6396-4692-8134-a07058984374 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=345.191228ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:02:58" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=3effbc7c-200c-47b4-a267-ea6bc09584db stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1" token=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1 +time="2026-01-26 19:02:58" level=INFO msg="Token verified, redirecting to frontend" svc=baron-sso req_id=3effbc7c-200c-47b4-a267-ea6bc09584db stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=302 latency_ms=257.849898ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1" token=acdbf73e14f4b76df3fcb7d62354e73ff2d01f180dddaa7dc1ff99d47331fad1 refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM3NzcsImlhdCI6MTc2OTQyMTc3NywiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.BQHp1FcQ1JAQI1gO3VYJdTjVcbwUxXep0khn2IdD6mHM_KpUSLREFVEOCUsNFX74hMIKCPueBGILUBwP89j4tyFMoVMa7nk_STSnd1_IsOkVhijFyjzGO6w1KfiuUjWMkELjN5qPhJJpK0xFBKnTbCo_n7iqTs-zYcyHJ8McZJ-g1cEv2-jI2M7Pr7rFZBiT6RJbDupJYY1tg06c2XSt-D66lrrf8_bygkxXX2rAcq6NGNDuaQ1-MpCa6D0EI5BgpbPod3hY1dDhlqDm9syIonKuYa1-CkiCRty6tWI1h8HQZ0_1KYvhK89z6uQ-y5YZGkh7XCVT0fWgIV2b2FzBKg session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFMiLCJlbWFpbCI6ImR5ZGR1czEyMTBAZ21haWwuY29tIiwiZXhwIjoxNzY5NDIzNTc3LCJpYXQiOjE3Njk0MjE3NzcsImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDEwOjAyOjU3WiIsInN1YiI6IlUzOG4zZDBxbnJCMGdLUU0xOGxWMFZqaVVzcXcifQ.49GpQ_sJ1Ck-YiSs6GqtfGEgxYCNtPNMGavTcYzWNwgAT1nDOVvNl0ZBSgcK_e3KM08IWEZA_41Srj7O-rZfjLAurjOJx9ATDLV5PbDzy9uz76ZW23nQBlEZUWcHELKHwBh8znyVUZbDx8ym8Y4mFDy8RmqnNWi0hpZ6nqwQe8sKUtrKtBZIW7FYEwYOP3igvAovTv-FqBU-qOQn8Ew3prrJVKl2IGZ2zxdVMhg9h99DO3026MEpEbr4wKMRRhViXSN-yp0AxE9TH_nDmaylIEGiKlqaaSxNzxhivYCbaRTwA6e3Nnr4_Z2EKQhsh2kOaW6pb7KL76RgPSAf6lTodA redirect_to="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" +time="2026-01-26 19:03:00" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:03:02.669Z logger=GoRouter +time="2026-01-26 19:03:24" level=INFO msg="Attempting to login" svc=baron-sso req_id=5317e548-7589-4baf-9dd1-dbf9c3916dd7 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:03:25" level=INFO msg="Login successful" svc=baron-sso req_id=5317e548-7589-4baf-9dd1-dbf9c3916dd7 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=336.600997ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJkeWRkdXMxMjEwQGdtYWlsLmNvbSIsImV4cCI6MTc2OTQyMzYwNCwiaWF0IjoxNzY5NDIxODA0LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJyZXhwIjoiMjAyNi0wMi0yNVQxMDowMzoyNFoiLCJzdWIiOiJVMzhuM2QwcW5yQjBnS1FNMThsVjBWamlVc3F3In0.aoLD1yHCGCoe2mHTaV9Lga82VAQG0NY1XL429MIiXiFaQF9f-_hV9OsZ94jecJg_d3zlvg4zyQpryk6Ogoy5brSdCjZKXcJ5mODZFR90yyZCzr9UH6WwyxMkpZ5AnyTRqDmG-CkZnl8bQOdUK3JQH7BgadI6v3i3RVkn6oz0DZtb5L3u1UbnQQYpZctMrnPBHlkBI22xJEnJUK4lIAllic1IBm7j6XaWiSlzQ1gFnnma6PZDdxG7JYutzS64I1f5mAlUC7fckOV6MH564VnKVhQR15Ku1KQtgFxPV_xQdSo8xISqhJPEl911274CAsi0AJ_9bb09mrbjRT4R1_PRlg new_password=Admin1234! +time="2026-01-26 19:03:25" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=33.941µs ip=172.22.0.4 req_id=2015727640425537536 +time="2026-01-26 19:04:15" level=INFO msg="Attempting to login" svc=baron-sso req_id=df38d1a1-8e0b-4ec7-ad90-83ed36369000 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:04:15" level=INFO msg="Login successful" svc=baron-sso req_id=df38d1a1-8e0b-4ec7-ad90-83ed36369000 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=269.701684ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJkeWRkdXMxMjEwQGdtYWlsLmNvbSIsImV4cCI6MTc2OTQyMzY1NSwiaWF0IjoxNzY5NDIxODU1LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJyZXhwIjoiMjAyNi0wMi0yNVQxMDowNDoxNVoiLCJzdWIiOiJVMzhuM2QwcW5yQjBnS1FNMThsVjBWamlVc3F3In0.4-tOHe3pZTvhLyXoviYR7w94yU5Mr_5gYV3Hu0rmAHelPvfsqwd0LzTdDZon2Qo3_ekPSuFRzdhkCK44CG0G2lAjlg7HLcepaJ4-LMmpu_5rRPxOU7iQlnkkP5Tv5818u8gUrga0Cc6J9OyiuQmROYjdxPrWJa_INEGHGl1PXRuGYW0lxWgUUJAeGgaGIEpmJeCmrxzveZmCCIA7yhOf2LgWjIjX0K_xCPRqghE7J1BrlwlvZa4qRXLpGQFfjm3awPulNzHBZXJJFChDmpqfdir3-B53fY4u4hrjdx3qmol5WKdAVRS5tVHhOfJE00FVm9O8YrS1MPGHIo4YtwziEg new_password=Admin1234! +time="2026-01-26 19:04:15" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=32.345µs ip=172.22.0.4 req_id=2015727872181805056 +time="2026-01-26 19:04:24" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:04:26.319Z logger=GoRouter +time="2026-01-26 19:04:33" level=INFO msg="Attempting to login" svc=baron-sso req_id=9ac53545-1a8a-4862-a2d6-27ea970f0dcb stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:04:33" level=INFO msg="Login successful" svc=baron-sso req_id=9ac53545-1a8a-4862-a2d6-27ea970f0dcb stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=279.588886ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJkeWRkdXMxMjEwQGdtYWlsLmNvbSIsImV4cCI6MTc2OTQyMzY3MiwiaWF0IjoxNzY5NDIxODcyLCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJyZXhwIjoiMjAyNi0wMi0yNVQxMDowNDozMloiLCJzdWIiOiJVMzhuM2QwcW5yQjBnS1FNMThsVjBWamlVc3F3In0.J32-ZSlIk5-Qv6I3Y-EhazKfIRbReKRYo3DoW7TqLyOUwysPzYk-XhbcgtCa2f6It05TGghfQRHoEgBUPRKZs5k_l-5Y_cQZ86i6_eEUCUmsdSAyDl61bqRY1cgOmxGNSssfFIYmH4J1j-qRRRPwMXptQMDOaDF_m7glENNFinfmQJRS1K5iHvLF7KLiYPXw_rJX0NuAylIXD__uBYFPrzGaRXV1zH8S6IoTxqU18fgt5je4bukjKexfevNSPiZyGdWrGGP1oLpMLyAhfrNM3h750PUExOM8aIf75LQgWuaAIerYCLPY4kw20sAhTSwrRRkH7etjLpWjsPByUSalUw new_password=Admin1234! +time="2026-01-26 19:04:33" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=32.92µs ip=172.22.0.4 req_id=2015727948824322048 +time="2026-01-26 19:04:58" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=c5b59c3d-a06a-48cc-b145-4726583b1147 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:04:59" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=c5b59c3d-a06a-48cc-b145-4726583b1147 stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=384.713726ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:05:06" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=4d6d50b2-e9a9-4e9d-8453-8297b0702d2c stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM3NzcsImlhdCI6MTc2OTQyMTc3NywiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.BQHp1FcQ1JAQI1gO3VYJdTjVcbwUxXep0khn2IdD6mHM_KpUSLREFVEOCUsNFX74hMIKCPueBGILUBwP89j4tyFMoVMa7nk_STSnd1_IsOkVhijFyjzGO6w1KfiuUjWMkELjN5qPhJJpK0xFBKnTbCo_n7iqTs-zYcyHJ8McZJ-g1cEv2-jI2M7Pr7rFZBiT6RJbDupJYY1tg06c2XSt-D66lrrf8_bygkxXX2rAcq6NGNDuaQ1-MpCa6D0EI5BgpbPod3hY1dDhlqDm9syIonKuYa1-CkiCRty6tWI1h8HQZ0_1KYvhK89z6uQ-y5YZGkh7XCVT0fWgIV2b2FzBKg" token=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d +time="2026-01-26 19:05:06" level=INFO msg="Token verified, redirecting to frontend" svc=baron-sso req_id=4d6d50b2-e9a9-4e9d-8453-8297b0702d2c stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=302 latency_ms=230.12571ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM3NzcsImlhdCI6MTc2OTQyMTc3NywiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.BQHp1FcQ1JAQI1gO3VYJdTjVcbwUxXep0khn2IdD6mHM_KpUSLREFVEOCUsNFX74hMIKCPueBGILUBwP89j4tyFMoVMa7nk_STSnd1_IsOkVhijFyjzGO6w1KfiuUjWMkELjN5qPhJJpK0xFBKnTbCo_n7iqTs-zYcyHJ8McZJ-g1cEv2-jI2M7Pr7rFZBiT6RJbDupJYY1tg06c2XSt-D66lrrf8_bygkxXX2rAcq6NGNDuaQ1-MpCa6D0EI5BgpbPod3hY1dDhlqDm9syIonKuYa1-CkiCRty6tWI1h8HQZ0_1KYvhK89z6uQ-y5YZGkh7XCVT0fWgIV2b2FzBKg" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d" token=dbb6110809ffd34dcaa58935d1742a7e71f28fbd15ef06d5eda3d6a808f24e8d refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFMiLCJlbWFpbCI6ImR5ZGR1czEyMTBAZ21haWwuY29tIiwiZXhwIjoxNzY5NDIzNzA0LCJpYXQiOjE3Njk0MjE5MDQsImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDEwOjA1OjA0WiIsInN1YiI6IlUzOG4zZDBxbnJCMGdLUU0xOGxWMFZqaVVzcXcifQ.rBC_ZN0ykCP47cewnaaKukXPVv3Ah73oHE--7TP2GjLpGx386gJPB_AQQF2w_sBGMdwz3iK1NGNvozHD889U6C0Xbe_a4Gmj0SP0bbhKcUBlIXwW5OetfAqWiZXdDo8XziSBnQnC-V-J0TUDxlGov3Qeo3SRfsQB4-99qXR18a9zmHbXYY1NV12Rgz6Hqbx8A3JFNEoKtAVKLdHIf7HgxVBMMnyQ4ZgzJTTEZUAslSRdg8ez_PhRp-VBoMInwUCNrVFHj87Su-Sm9A-HAVUCP-n3LU6a041L8ffOmKNbc3yxu8VFHob-dpWDLWRnU19_RRTJ4vgPGfrujev-T-OjyQ redirect_to="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" +time="2026-01-26 19:05:06" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:05:07.733Z logger=GoRouter +time="2026-01-26 19:05:51" level=INFO msg="Received new password for reset" svc=baron-sso req_id=ab6d0c8d-288d-4e70-9514-f5ede9e35f8f stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g request_body="{\"newPassword\": \"Wjddus9988!\"}" new_password=Wjddus9988! +time="2026-01-26 19:05:51" level=INFO msg="Attempting to update password via Descope Auth API" svc=baron-sso req_id=ab6d0c8d-288d-4e70-9514-f5ede9e35f8f stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g request_body="{\"newPassword\": \"Wjddus9988!\"}" new_password=Wjddus9988! +time="2026-01-26 19:05:51" level=INFO msg="Password updated successfully" svc=baron-sso req_id=ab6d0c8d-288d-4e70-9514-f5ede9e35f8f stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete status=200 latency_ms=302.485815ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g request_body="{\"newPassword\": \"Wjddus9988!\"}" new_password=Wjddus9988! +time="2026-01-26 19:06:03" level=INFO msg="Attempting to login" svc=baron-sso req_id=804ca0c4-d353-4c93-92dd-8bca85f5db25 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988!\ +time="2026-01-26 19:06:03" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=804ca0c4-d353-4c93-92dd-8bca85f5db25 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=336.180198ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988!\ +time="2026-01-26 19:06:03" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=336.29691ms ip=172.22.0.4 req_id=2015728357076901888 +time="2026-01-26 19:06:04" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:06:10" level=INFO msg="Attempting to login" svc=baron-sso req_id=2a8b0400-8dcb-4e11-a355-c761138f74b9 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988! +time="2026-01-26 19:06:11" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=2a8b0400-8dcb-4e11-a355-c761138f74b9 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=277.14737ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988! +time="2026-01-26 19:06:11" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=277.244631ms ip=172.22.0.4 req_id=2015728387280084992 +time="2026-01-26 19:06:11" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:06:15" level=INFO msg="Attempting to login" svc=baron-sso req_id=2eea8567-70f3-412b-8cc1-ce60c5f1ebf4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:06:16" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=2eea8567-70f3-412b-8cc1-ce60c5f1ebf4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=303.162238ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Admin1234! +time="2026-01-26 19:06:16" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=303.25276ms ip=172.22.0.4 req_id=2015728418053693440 +time="2026-01-26 19:06:16" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:08:46" level=INFO msg="Attempting to login" svc=baron-sso req_id=f8f8fc81-a25d-4e15-b896-8a7ccd5b296f stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988! +time="2026-01-26 19:08:46" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=f8f8fc81-a25d-4e15-b896-8a7ccd5b296f stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=323.220163ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988! +time="2026-01-26 19:08:46" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=323.330156ms ip=172.22.0.4 req_id=2015729100970270720 +time="2026-01-26 19:08:46" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:08:52" level=INFO msg="Attempting to login" svc=baron-sso req_id=c75297dc-f550-478a-8dd3-dcdfff75b9a4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988! +time="2026-01-26 19:08:53" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=c75297dc-f550-478a-8dd3-dcdfff75b9a4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=279.672564ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988! +time="2026-01-26 19:08:53" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=279.776175ms ip=172.22.0.4 req_id=2015729129437011968 +time="2026-01-26 19:08:53" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:17:07" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:17:07.848Z logger=GoRouter +time="2026-01-26 19:17:18" level=INFO msg="Attempting to login" svc=baron-sso req_id=c6447143-ff93-4f69-9cfc-2f17f3fb0baa stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:17:18" level=INFO msg="Login successful" svc=baron-sso req_id=c6447143-ff93-4f69-9cfc-2f17f3fb0baa stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=329.014739ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJkeWRkdXMxMjEwQGdtYWlsLmNvbSIsImV4cCI6MTc2OTQyNDQzNywiaWF0IjoxNzY5NDIyNjM3LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJyZXhwIjoiMjAyNi0wMi0yNVQxMDoxNzoxN1oiLCJzdWIiOiJVMzhuNU9qbWhNcmdqZ2VUZG1JQ2NvM2JmamRwIn0.K6rfLq4t9K7on3ok4G-tm-XrTONqNaukmUO9eih1KxQiiGKIIehIhk43CMbMHvOVvvPKSiy7gQAREUUhiKCyp8SNIOm4r2L2R9o-YvkRADlf837XmEYJLL3us0-R1wWgbNj_D0ZBV4s1dykWi1kbYprfNDsTEe1fv1rpOd_w5IsKUcV9T_6o2u32KXqgVw3GhLlFHeojh4Kb5gIyVMHVPkG5vjDnIkHmMXScRRJk5G-cQGhMJ7ZT8oIUqDG6_2OPlB020wh74zkOgE8OmNU6bhtmzhM3Ab3sJryJlVcf7b3bMs0W9ruDNCOHwB1R11NJpxjpjJh6Iy4Hm0MCqvKg0Q new_password=Admin1234! +time="2026-01-26 19:17:18" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=32.062µs ip=172.22.0.4 req_id=2015731426791530496 +time="2026-01-26 19:17:34" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=62e6fb77-e7a6-4385-a15e-b0014b7af44b stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:17:34" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=62e6fb77-e7a6-4385-a15e-b0014b7af44b stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=429.099297ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:17:46" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=2c58ac99-a1a6-4081-8f99-59977191d1ee stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf" token=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf +time="2026-01-26 19:17:46" level=INFO msg="Token verified, redirecting to frontend" svc=baron-sso req_id=2c58ac99-a1a6-4081-8f99-59977191d1ee stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=302 latency_ms=229.831021ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTM5MDQsImlhdCI6MTc2OTQyMTkwNCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjNkMHFuckIwZ0tRTTE4bFYwVmppVXNxdyJ9.5VSlb9dafUR1S3l8UgZz5xAMwxd2bGPCvZXn3dxhRxSM_YonyWlfjrBRlKRKIe4So3xElyGmRdIPHIIm0IsnQ5v_tsjTzoZJYQiUynnr8E-xPBklI4GqmlEiztiMKnDq7tIMIV3N78LvFaO8EOVzWIQZWe2U01TPlCAGOQ8lDv8QcNe_kwCe9W5oZUcRYisl_l5DcXm-IOZEzk4lV1-KG8WmocPCQ6_g9hB8abeQSjgzs8dNoaTjkHVCnnWfcbHq37krUlZY3W-oDV-Gf2SGX2Re370mVoi1xIPkMbiHLrHkouW3twV73LVTNb3gEcHzfrzlGXnHPI1ryJEoG9MM8g" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf" token=c2607de5a936dff687105370cb4ac6d25d10acb4d213fabf05fffb10ef21bcbf refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFMiLCJlbWFpbCI6ImR5ZGR1czEyMTBAZ21haWwuY29tIiwiZXhwIjoxNzY5NDI0NDY1LCJpYXQiOjE3Njk0MjI2NjUsImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDEwOjE3OjQ1WiIsInN1YiI6IlUzOG41T2ptaE1yZ2pnZVRkbUlDY28zYmZqZHAifQ.rr14r_yO907dw64taOsuRnO0ujcV4L2eEAKFNHnQcP3hy0KJLJSH5bL21Eea7KsnS2oAYgjIIVu3tYUwva8JTo0utiFHPWxYITz5r__ocdhOHCFyYKHZUVOWBRSA7lji5Ho1KMI_Jtz2ebRI8FUOFcF1wN_WG6Rc1L6Izz08BQyDxjto7k12-tozbZUfZRya7HsoxCGi9Su-kYqkTy8zDD-rw24E5To5usxJIsBnJp9uv_5KiTuG8A7712VyZJiH6RpUD3uqwkqp8A0yjIxuutAWi3KhD0wlf4NhN9KbGK8a14qOxA27eyiK82C18xWHylgOVGBNLicAcCTEzweRLg redirect_to="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" +time="2026-01-26 19:17:46" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:17:48.967Z logger=GoRouter +time="2026-01-26 19:18:08" level=INFO msg="Received new password for reset" svc=baron-sso req_id=fd97c233-c29c-4aa9-bdd4-9935f11662f0 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:18:08" level=INFO msg="Attempting to update password via Descope Auth API" svc=baron-sso req_id=fd97c233-c29c-4aa9-bdd4-9935f11662f0 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:18:08" level=INFO msg="Password updated successfully" svc=baron-sso req_id=fd97c233-c29c-4aa9-bdd4-9935f11662f0 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete status=200 latency_ms=751.530683ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:18:37" level=INFO msg="Attempting to login" svc=baron-sso req_id=e5515e1f-5c32-4463-bdba-06977b0d00a4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988! +time="2026-01-26 19:18:38" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=e5515e1f-5c32-4463-bdba-06977b0d00a4 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=264.397563ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988! +time="2026-01-26 19:18:38" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=264.495161ms ip=172.22.0.4 req_id=2015731780488798208 +time="2026-01-26 19:18:38" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:21:15" level=INFO msg="Attempting to login" svc=baron-sso req_id=bbb4e1c8-560f-4177-a601-249104a94fc2 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Wjddus9988! +time="2026-01-26 19:21:15" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=bbb4e1c8-560f-4177-a601-249104a94fc2 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=328.491352ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Wjddus9988! +time="2026-01-26 19:21:15" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=328.59199ms ip=172.22.0.4 req_id=2015732502353682432 +time="2026-01-26 19:21:15" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:21:25" level=INFO msg="Attempting to login" svc=baron-sso req_id=02eb900a-5fea-4c92-9ef8-0be1351b6c02 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer12345! +time="2026-01-26 19:21:25" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=02eb900a-5fea-4c92-9ef8-0be1351b6c02 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=372.835815ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345! +time="2026-01-26 19:21:25" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=372.95727ms ip=172.22.0.4 req_id=2015732546603589632 +time="2026-01-26 19:21:25" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:21:45" level=INFO msg="Attempting to login" svc=baron-sso req_id=dcd7d1ae-5b6e-4637-9e4f-9fba135259e5 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer12345!@ +time="2026-01-26 19:21:46" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=dcd7d1ae-5b6e-4637-9e4f-9fba135259e5 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=295.179845ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345!@ +time="2026-01-26 19:21:46" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=295.269736ms ip=172.22.0.4 req_id=2015732642183389184 +time="2026-01-26 19:21:46" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:22:45" level=INFO msg="Attempting to login" svc=baron-sso req_id=63a27a63-71ee-4d04-9d42-a8c70179ccab stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer1234! +time="2026-01-26 19:22:45" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=63a27a63-71ee-4d04-9d42-a8c70179ccab stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=290.68248ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer1234! +time="2026-01-26 19:22:45" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=290.801808ms ip=172.22.0.4 req_id=2015732911810027520 +time="2026-01-26 19:22:45" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:23:20" level=INFO msg="Attempting to login" svc=baron-sso req_id=2a527f95-4a24-4039-841c-e041e22eac23 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer12345! +time="2026-01-26 19:23:20" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=2a527f95-4a24-4039-841c-e041e22eac23 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=277.539285ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345! +time="2026-01-26 19:23:20" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=277.645827ms ip=172.22.0.4 req_id=2015733069159342080 +time="2026-01-26 19:23:20" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:23:26" level=INFO msg="Attempting to login" svc=baron-sso req_id=382f8a5b-a740-4d5e-a86a-b2b038081e06 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer12345! +time="2026-01-26 19:23:26" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=382f8a5b-a740-4d5e-a86a-b2b038081e06 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=283.115644ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345! +time="2026-01-26 19:23:26" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=283.231661ms ip=172.22.0.4 req_id=2015733094794928128 +time="2026-01-26 19:23:26" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:36:00" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:36:01.771Z logger=GoRouter +time="2026-01-26 19:36:17" level=INFO msg="Attempting to login" svc=baron-sso req_id=9e635e57-80d8-43e7-8d9e-a132fa6eef1c stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com new_password=Admin1234! +time="2026-01-26 19:36:17" level=INFO msg="Login successful" svc=baron-sso req_id=9e635e57-80d8-43e7-8d9e-a132fa6eef1c stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=200 latency_ms=312.552995ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsicHdkIl0sImF1ZCI6WyJQMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIl0sImRybiI6IkRTIiwiZW1haWwiOiJkeWRkdXMxMjEwQGdtYWlsLmNvbSIsImV4cCI6MTc2OTQyNTU3NiwiaWF0IjoxNzY5NDIzNzc2LCJpc3MiOiJodHRwczovL2FwaS5kZXNjb3BlLmNvbS92MS9hcHBzL1AzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiLCJyZXhwIjoiMjAyNi0wMi0yNVQxMDozNjoxNloiLCJzdWIiOiJVMzhuN3NDQXR2UjdYWGVVSThUeXp5TjVIZkIyIn0.Kq4nit-Og_hXZPxipLRP-RPJMYQZJgLpJx0TDPgOT8T00u7kwZvDzpDoq474uR7yvRYuVuDfP4CLPZDF35XrzkXWpFl_Is7hdkHhAx0D-Qd_Kbcu2IZsA69bMKhRpDgm44_xbpB4AvDo3ac17AyZ1uk7q1C4zQpXgeVJKzycWQxXuUXOQpyfUQbXm-jy-NY9wkZEyk8f5CCagNdM8qPh5yCk2Hc1ny4jwcD9lHpyEkbhT9TQbAjD0j0P-a-mgqajWaDahUKhC4CUA73YPOJ9iX1UMXOd9Ziwmr6EKwFQBCFRjYTK3-fLWR9Ud9nKnChMS30MxaxxCp-fo_qS_XobLg new_password=Admin1234! +time="2026-01-26 19:36:17" level=INFO msg=http_request svc=baron-sso status=400 method=POST path=/api/v1/audit latency=36.806µs ip=172.22.0.4 req_id=2015736604420743168 +time="2026-01-26 19:36:28" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=8885d75e-5f85-41d2-bb3e-03cc80dfd88c stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:36:29" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=8885d75e-5f85-41d2-bb3e-03cc80dfd88c stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=393.219592ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:36:48" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=3b930b19-3ffb-4fd0-8cb7-c004a01a347d stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" token=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450 +time="2026-01-26 19:36:48" level=INFO msg="Token verified, redirecting to frontend" svc=baron-sso req_id=3b930b19-3ffb-4fd0-8cb7-c004a01a347d stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=302 latency_ms=228.552799ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTQ2NjUsImlhdCI6MTc2OTQyMjY2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjVPam1oTXJnamdlVGRtSUNjbzNiZmpkcCJ9.nsUi6Mqh4N0g0fEvB2MXdw9ghxTCtMGM21wVJiADuwmbYkRUxCcUYjfHTlc9JjBbEUZnIWvAiA8KSTSfyfh9myuP3rhqAcQm9WfF7d3OhPpgmGuSA6FVYNhxAaARq4ZpV6tiTiZGbusaMrDBriL4HYSFv7DmOtNKRelmoHiKa5wBiv9P5LWf8y0Gzpf7ooIR99HAPORnNgJDtinIHj2P1z-du8FAQF1inhN63MA4YwQy0D00Wu2Q_aJd7hLI1uFzP7qc2Mn96ZOKTwH1TWT1y7vAcWzixXTCims_Z1hqm0GWDCfqO2hEr7d6WOk_iBuMSeISrEIGC_dWBQh8iLscOw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" token=d9e5f717b5c1d9b522cdc70d621fea1779f6f282f2d5ea464133753b80c39450 refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFMiLCJlbWFpbCI6ImR5ZGR1czEyMTBAZ21haWwuY29tIiwiZXhwIjoxNzY5NDI1NjA4LCJpYXQiOjE3Njk0MjM4MDgsImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDEwOjM2OjQ4WiIsInN1YiI6IlUzOG43c0NBdHZSN1hYZVVJOFR5enlONUhmQjIifQ.LYSiHRxBAxBZpxbDmQ0S3kA0ZG13RcMaveJU_FuP0Mvy5iB32O6sIVPb9foQBgjSz_T9ClXmyZPnIGLazIxk7RRlTC-1xmn32j9P6IgjJNmG-bBpHrOAAQTma8dukY8wwI7iLjcUX4wOtfX97JWzsM0wY2KT8XD-2Hq4DkPE__LdK5ncV1Q0G_hxzR8-MH5p5BtaKXYh1Yzv1asqGWY_JZiai_TZgLDpW5nUpMcwvXdMy9jXsQygjHkfsmCnoFDETE0SKBbKN7OxV19knpyoACq3opigYiKTU1E1nE8GKrQQQKQ346fl_4uzaQxKU28XyKIfQ5CwyV3EWyKxTW8Giw redirect_to="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" +time="2026-01-26 19:36:49" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:36:51.772Z logger=GoRouter +time="2026-01-26 19:37:13" level=INFO msg="Received new password for reset" svc=baron-sso req_id=1b162d25-941b-49e6-9f33-34aa73e18480 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:37:13" level=INFO msg="Attempting to update password via Descope Auth API" svc=baron-sso req_id=1b162d25-941b-49e6-9f33-34aa73e18480 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:37:13" level=INFO msg="Password updated successfully" svc=baron-sso req_id=1b162d25-941b-49e6-9f33-34aa73e18480 stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete status=200 latency_ms=305.577949ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw request_body="{\"newPassword\": \"Qwer12345!\"}" new_password=Qwer12345! +time="2026-01-26 19:37:25" level=INFO msg="Attempting to login" svc=baron-sso req_id=b79faaf6-fddf-46bc-8725-88d31db11a04 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com new_password=Qwer12345! +time="2026-01-26 19:37:25" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=b79faaf6-fddf-46bc-8725-88d31db11a04 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=268.122354ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345! +time="2026-01-26 19:37:25" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=268.250712ms ip=172.22.0.4 req_id=2015736911141806080 +time="2026-01-26 19:37:25" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:38:26" level=INFO msg="Attempting to login" svc=baron-sso req_id=823b4dc5-6af0-4490-ae33-54ff3457ad54 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=dyddus1210@gmail.com login_ids.loginId=dyddus1210@gmail.com new_password=Qwer12345! +time="2026-01-26 19:38:27" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=823b4dc5-6af0-4490-ae33-54ff3457ad54 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=285.110367ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwer12345! +time="2026-01-26 19:38:27" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=285.203677ms ip=172.22.0.4 req_id=2015737188838285312 +time="2026-01-26 19:38:27" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:57:27" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:57:28.609Z logger=GoRouter +time="2026-01-26 19:57:45" level=INFO msg="Initiating password reset via Descope" svc=baron-sso req_id=b542b0ae-5441-4506-8726-ed112557ed3a stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:57:45" level=INFO msg="Password reset link sent successfully" svc=baron-sso req_id=b542b0ae-5441-4506-8726-ed112557ed3a stage=initiate op=SendPasswordReset method=POST path=/api/v1/auth/password/reset/initiate status=200 latency_ms=445.591092ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gmail.com login_ids.loginId_normalized=dyddus1210@gmail.com redirect_to=https://sso-test.hmac.kr/api/v1/auth/password/reset/verify +time="2026-01-26 19:57:57" level=INFO msg="Attempting to verify token via POST" svc=baron-sso req_id=92e15586-f69b-41f6-9d71-8288a1d83e29 stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5" token=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5 +time="2026-01-26 19:57:57" level=INFO msg="Token verified, redirecting to frontend" svc=baron-sso req_id=92e15586-f69b-41f6-9d71-8288a1d83e29 stage=verify op=Verify method=POST path=/api/v1/auth/password/reset/verify status=302 latency_ms=238.666365ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTU4MDgsImlhdCI6MTc2OTQyMzgwOCwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bjdzQ0F0dlI3WFhlVUk4VHl6eU41SGZCMiJ9.BtHObf4SYzDYQiO9Ol89Sg0V0BdUJJ1xZZFzlQ1NqIfE2veagFR1hMad0wNfygNI05GSorcnI_i2d5RUsaDYkgyG_pX67c7wXmEJLWWylpb8Id3mCrFQe4qxVqsZA3ewUYgppcdnCDpr4KxEzGnpJj0473ODAo_akuiGozUhFCWp_eFjrOfH9oQEt7VDsB3AoANPbI9PEGInuAp-Bs9PUF4KfzvV7sWe2SeMIpMCDhSTYwj_eunKxo6VUkvXOZ0oLqN1vzTgMEmdb_zHNDdWnYTFV-qFyURxfQE0NgcXiW_70h42rxiPMkG4dxWjBnsLemCL4dzVVDnyS_Rylq0amw" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/api/v1/auth/password/reset/verify?t=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" token=030cf52c0462808f97ac462297178e1e97f18b3a79803e5c88173970842519e5 refresh_token=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg session_jwt=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFMiLCJlbWFpbCI6ImR5ZGR1czEyMTBAZ21haWwuY29tIiwiZXhwIjoxNzY5NDI2ODc1LCJpYXQiOjE3Njk0MjUwNzUsImlzcyI6Imh0dHBzOi8vYXBpLmRlc2NvcGUuY29tL3YxL2FwcHMvUDM3RHNHZXBCVDZ1RFdiNVRZWXBiNVJ4VVB1cSIsInJleHAiOiIyMDI2LTAyLTI1VDEwOjU3OjU1WiIsInN1YiI6IlUzOG5BYVhxelRybEN1bDdJV3h3b2pmN2x3eXkifQ.kuPa8WWEWKROBfKj7-EQd5CgHR7ELYE9D71-YFBKeud9pDr1BJhz2_ecLwhFQyMcJEUpTuNFzhzvVfym9LOoF2zzDqeQANl-YZMMJrjv3MvPhRhQn-F-5vmnFE_tHEj4DqrGpH0tW_lqdIadJ3UyXjvZE8pS62NV5X8210uDufspbSNWOFg3RpvQaSKh_vsqejKNrBdJulqt_XK_oRSq5QcjsTCA1nSG-C53kds6f2jvbWifC04MBwU7n_xpJqCEMO-HXJ6zM2uw9Nrz0UvWiHbO3PGJHOqqi1uOZVt1tSqu_5m_B4vgoGtgdRBk6UNwTd-GYc5aQORKMbIG9doQ1g redirect_to="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" +time="2026-01-26 19:57:58" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client logger=GoRouter client_time=2026-01-26T10:57:59.323Z +time="2026-01-26 19:58:31" level=INFO msg="Received new password for reset" svc=baron-sso req_id=8072d44e-60c0-44a5-97a3-f47404a74dda stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" headers.Origin=https://sso-test.hmac.kr login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg request_body="{\"newPassword\": \"Qwerasdf123!\"}" new_password=Qwerasdf123! +time="2026-01-26 19:58:31" level=INFO msg="Attempting to update password via Descope Auth API" svc=baron-sso req_id=8072d44e-60c0-44a5-97a3-f47404a74dda stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg request_body="{\"newPassword\": \"Qwerasdf123!\"}" new_password=Qwerasdf123! +time="2026-01-26 19:58:32" level=INFO msg="Password updated successfully" svc=baron-sso req_id=8072d44e-60c0-44a5-97a3-f47404a74dda stage=complete op=UpdateUserPassword method=POST path=/api/v1/auth/password/reset/complete status=200 latency_ms=326.393237ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" query.loginId=dyddus1210@gmail.com headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" headers.Origin=https://sso-test.hmac.kr headers.Referer="https://sso-test.hmac.kr/reset-password?loginId=dyddus1210@gmail.com" headers.Request-Cookie-Header="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" login_ids.loginId=dyddus1210@gmail.com has_cookie_DSRF=true parsed_cookie_DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg request_body="{\"newPassword\": \"Qwerasdf123!\"}" new_password=Qwerasdf123! +time="2026-01-26 19:59:09" level=INFO msg="Attempting to login" svc=baron-sso req_id=efabeae3-cbcd-4c59-8cef-a5cccc5891be stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" login_ids.loginId=dyddus1210@gamil.com login_ids.loginId_normalized=dyddus1210@gamil.com new_password=Qwerasdf123! +time="2026-01-26 19:59:09" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=efabeae3-cbcd-4c59-8cef-a5cccc5891be stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=271.056246ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Cookie="DSRF=eyJhbGciOiJSUzI1NiIsImtpZCI6IlNLMzdEc0dtZXU2SWJUSHVuUXFJaUt6TmdSNEhEIiwidHlwIjoiSldUIn0.eyJhbXIiOlsiZW1haWwiXSwiYXVkIjpbIlAzN0RzR2VwQlQ2dURXYjVUWVlwYjVSeFVQdXEiXSwiZHJuIjoiRFNSIiwiZHYiOjEsImVtYWlsIjoiZHlkZHVzMTIxMEBnbWFpbC5jb20iLCJleHAiOjE3NzIwMTcwNzUsImlhdCI6MTc2OTQyNTA3NSwiaXNzIjoiaHR0cHM6Ly9hcGkuZGVzY29wZS5jb20vdjEvYXBwcy9QMzdEc0dlcEJUNnVEV2I1VFlZcGI1UnhVUHVxIiwic3ViIjoiVTM4bkFhWHF6VHJsQ3VsN0lXeHdvamY3bHd5eSJ9.hl0ZxPAfLLCG9TkVzUw_cyj6lNY-emuIrnYPLGNw0YAuD12NeGLE5bkmW2KEQXp74JsWuusVwKq1e2ktPgxTmYhcXt4h53sfLTbnEXTx-5kROL44cffRAdjrB5BdgNTr93C_xn092BfSNWJVzC4JxxDJgpQe7Qar2wM6_xMl_z3jD4cXqVgncwyxjv9hEuuCAP0tg0FixZUD9bgthoZEsy0HUVgau0d0eWbcASvXtH3bF_27lc8_nJPaDwfFNfYGeW1LAOb1uXrrKme9yrvKIrAhKdG8TWCCFD-75KpDL_JIkVlLB0B955NOpKWzl5lfkg0bR3RzbYE5sFNLtpIiWg" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr login_ids.loginId=dyddus1210@gamil.com login_ids.loginId_normalized=dyddus1210@gamil.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwerasdf123! +time="2026-01-26 19:59:09" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=271.212075ms ip=172.22.0.4 req_id=2015742836149854208 +time="2026-01-26 19:59:09" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client +time="2026-01-26 19:59:17" level=INFO msg="Using MaterialApp configuration" svc=baron-sso source=client client_time=2026-01-26T10:59:19.546Z logger=GoRouter +time="2026-01-26 19:59:26" level=INFO msg="Attempting to login" svc=baron-sso req_id=af734308-c5e0-4fb4-8b70-df3dc85e7fb1 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId=dyddus1210@gamil.com login_ids.loginId_normalized=dyddus1210@gamil.com new_password=Qwerasdf123! +time="2026-01-26 19:59:26" level=WARN msg="Descope sign-in failed" svc=baron-sso req_id=af734308-c5e0-4fb4-8b70-df3dc85e7fb1 stage=login op=Auth.Password().SignIn method=POST path=/api/v1/auth/password/login status=401 latency_ms=231.083786ms ip=172.22.0.4 user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" origin=https://sso-test.hmac.kr referer=https://sso-test.hmac.kr/login headers.Host=sso-test.hmac.kr headers.User-Agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" headers.Origin=https://sso-test.hmac.kr headers.Referer=https://sso-test.hmac.kr/login login_ids.loginId_normalized=dyddus1210@gamil.com login_ids.loginId=dyddus1210@gamil.com descope_error="[E062903] Password signin failed [Status-Code:500]" new_password=Qwerasdf123! +time="2026-01-26 19:59:26" level=INFO msg=http_request svc=baron-sso status=401 method=POST path=/api/v1/auth/password/login latency=231.161672ms ip=172.22.0.4 req_id=2015742909655031808 +time="2026-01-26 19:59:26" level=ERROR msg="로그인 실패: Invalid credentials" svc=baron-sso source=client \ No newline at end of file