kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

consent 자동 승인 경로 tenantID 전달 누락 수정

Browse Source
This commit is contained in:
김용연
2026-04-24 14:51:13 +09:00
parent 26180ae5d1
commit 7fd750b587
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/internal/handler/auth_handler.go
View File

@@ -5152,8 +5152,14 @@ func (h *AuthHandler) GetConsentRequest(c *fiber.Ctx) error {
identity, err := h.KratosAdmin.GetIdentity(c.Context(), consentRequest.Subject) identity, err := h.KratosAdmin.GetIdentity(c.Context(), consentRequest.Subject)
if err == nil && identity != nil { if err == nil && identity != nil {
currentSessionID := h.resolveCurrentSessionID(c) currentSessionID := h.resolveCurrentSessionID(c)
var tenantID string
if consentRequest.Client.Metadata != nil {
if tid, ok := consentRequest.Client.Metadata["tenant_id"].(string); ok {
tenantID = tid
}
}
sessionClaims := withOidcSessionMetadata( sessionClaims := withOidcSessionMetadata(
buildOidcClaimsFromTraits(identity.Traits, consentRequest.RequestedScope), buildOidcClaimsFromTraits(identity.Traits, consentRequest.RequestedScope, tenantID),
currentSessionID, currentSessionID,
) )
acceptResp, err := h.Hydra.AcceptConsentRequest(c.Context(), challenge, consentRequest, sessionClaims) acceptResp, err := h.Hydra.AcceptConsentRequest(c.Context(), challenge, consentRequest, sessionClaims)

2
docker/ory/oathkeeper/rules.active.json
View File

@@ -156,4 +156,4 @@
"authorizer": { "handler": "allow" }, "authorizer": { "handler": "allow" },
"mutators": [{ "handler": "noop" }] "mutators": [{ "handler": "noop" }]
} }
] ]