callback 검증 보강. seed-tenant 추가보강

orgfront/src/lib/authConfig.test.ts

@@ -0,0 +1,29 @@
+import { describe, expect, it } from "vitest";
+import {
+  ORGFRONT_AUTH_CALLBACK_PATH,
+  buildOrgFrontAuthRedirectUris,
+  resolveOrgFrontPublicOrigin,
+} from "./authConfig";
+
+describe("orgfront auth config", () => {
+  it("builds callback URLs from the public origin", () => {
+    expect(buildOrgFrontAuthRedirectUris("https://sorg.hmac.kr")).toEqual({
+      redirectUri: "https://sorg.hmac.kr/auth/callback",
+      postLogoutRedirectUri: "https://sorg.hmac.kr",
+      popupRedirectUri: "https://sorg.hmac.kr/auth/callback",
+    });
+  });
+
+  it("uses the browser origin when the configured origin is empty or invalid", () => {
+    expect(resolveOrgFrontPublicOrigin("", "http://localhost:5174")).toBe(
+      "http://localhost:5174",
+    );
+    expect(
+      resolveOrgFrontPublicOrigin("not a url", "http://localhost:5174"),
+    ).toBe("http://localhost:5174");
+  });
+
+  it("keeps the callback path aligned with the registered redirect path", () => {
+    expect(ORGFRONT_AUTH_CALLBACK_PATH).toBe("/auth/callback");
+  });
+});