ory용 MCP 제작, devfront/adminfront 백엔드 연결

2026-01-28 10:57:22 +09:00
parent 1aaa772907
commit 93cab064fc
75 changed files with 7327 additions and 454 deletions
--- a/backend/cmd/server/main.go
+++ b/backend/cmd/server/main.go
@@ -8,6 +8,7 @@ import (
 	"baron-sso-backend/internal/repository"
 	"baron-sso-backend/internal/service"
 	"baron-sso-backend/internal/validator"
+	"errors"
 	"fmt"
 	"log"
 	"log/slog"
@@ -160,11 +161,45 @@ func main() {
 	auditHandler := handler.NewAuditHandler(auditRepo)
 	authHandler := handler.NewAuthHandler(redisService, idpProvider)
 	adminHandler := handler.NewAdminHandler()
+	devHandler := handler.NewDevHandler()

 	// 3. Initialize Fiber
+	appEnv := getEnv("APP_ENV", "dev")
 	app := fiber.New(fiber.Config{
 		AppName:               "Baron SSO Backend",
 		DisableStartupMessage: true, // Clean logs
+		// Global Error Handler for Production Masking
+		ErrorHandler: func(c *fiber.Ctx, err error) error {
+			// Default status code
+			code := fiber.StatusInternalServerError
+
+			// Check if it's a known fiber.Error
+			var e *fiber.Error
+			if errors.As(err, &e) {
+				code = e.Code
+			}
+
+			// In production or stage, mask detailed 500+ errors
+			if appEnv == "production" || appEnv == "stage" {
+				if code >= 500 {
+					// Log the actual error for developers
+					slog.Error("Internal Server Error",
+						"error", err.Error(),
+						"path", c.Path(),
+						"method", c.Method(),
+					)
+					// Return masked message
+					return c.Status(code).JSON(fiber.Map{
+						"error": "Internal Server Error",
+					})
+				}
+			}
+
+			// For development or non-500 errors, return the actual error message
+			return c.Status(code).JSON(fiber.Map{
+				"error": err.Error(),
+			})
+		},
 	})

 	// Middleware
@@ -281,6 +316,7 @@ func main() {
 	// API Group
 	api := app.Group("/api/v1")
 	api.Post("/audit", auditHandler.CreateLog)
+	api.Get("/audit", auditHandler.ListLogs)

 	// Auth Proxy Routes
 	auth := api.Group("/auth")
@@ -320,6 +356,14 @@ func main() {
 	admin := api.Group("/admin")
 	admin.Get("/check", adminHandler.CheckAuth)

+	// 개발자 포털 라우트 (RP/Consent 관리)
+	dev := api.Group("/dev")
+	dev.Get("/clients", devHandler.ListClients)
+	dev.Get("/clients/:id", devHandler.GetClient)
+	dev.Patch("/clients/:id/status", devHandler.UpdateClientStatus)
+	dev.Get("/consents", devHandler.ListConsents)
+	dev.Delete("/consents", devHandler.RevokeConsents)
+
 	// Webhook for Descope Generic SMS Gateway
 	auth.Post("/webhooks/descope-sms", authHandler.HandleDescopeSmsRelay)