kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

callback 검증 보강. seed-tenant 추가보강

Browse Source
This commit is contained in:
admin-bot
2026-05-11 11:03:11 +09:00
parent f46a7cc088
commit 9a64a16cb9
28 changed files with 2832 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
test/adminfront_public_url_env_policy_test.sh Normal file
View File

@@ -0,0 +1,41 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
RUNTIME_SCRIPT="$ROOT_DIR/adminfront/scripts/runtime-mode.sh"
from_admin_url="$(
APP_ENV=stage \
ADMINFRONT_URL=https://sadmin.hmac.kr \
sh "$RUNTIME_SCRIPT" --print-admin-public-url
)"
if [[ "$from_admin_url" != "https://sadmin.hmac.kr" ]]; then
echo "ERROR: ADMINFRONT_URL was not exported as VITE_ADMIN_PUBLIC_URL" >&2
exit 1
fi
from_callback="$(
APP_ENV=stage \
ADMINFRONT_CALLBACK_URLS=https://sadmin.hmac.kr/auth/callback \
sh "$RUNTIME_SCRIPT" --print-admin-public-url
)"
if [[ "$from_callback" != "https://sadmin.hmac.kr" ]]; then
echo "ERROR: ADMINFRONT_CALLBACK_URLS did not derive VITE_ADMIN_PUBLIC_URL" >&2
exit 1
fi
explicit_value="$(
APP_ENV=stage \
ADMINFRONT_URL=https://wrong.example.test \
VITE_ADMIN_PUBLIC_URL=https://sadmin.hmac.kr \
sh "$RUNTIME_SCRIPT" --print-admin-public-url
)"
if [[ "$explicit_value" != "https://sadmin.hmac.kr" ]]; then
echo "ERROR: explicit VITE_ADMIN_PUBLIC_URL should take precedence" >&2
exit 1
fi
echo "OK: AdminFront public URL env policy is stable"

80
test/dev_org_front_callback_public_url_policy_test.sh Normal file
View File

@@ -0,0 +1,80 @@
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
assert_contains() {
local file="$1"
local pattern="$2"
if ! grep -Fq -- "$pattern" "$file"; then
echo "ERROR: missing pattern in $file: $pattern" >&2
exit 1
fi
}
assert_public_url() {
local app_dir="$1"
local app_url_env="$2"
local callback_env="$3"
local vite_public_env="$4"
local expected_url="$5"
local runtime_script="$ROOT_DIR/$app_dir/scripts/runtime-mode.sh"
assert_contains "$runtime_script" "--print-public-url"
local from_app_url
from_app_url="$(
env APP_ENV=stage \
"$app_url_env=$expected_url" \
sh "$runtime_script" --print-public-url
)"
if [[ "$from_app_url" != "$expected_url" ]]; then
echo "ERROR: $app_url_env was not exported as $vite_public_env for $app_dir" >&2
exit 1
fi
local from_callback
from_callback="$(
env APP_ENV=stage \
"$callback_env=$expected_url/auth/callback" \
sh "$runtime_script" --print-public-url
)"
if [[ "$from_callback" != "$expected_url" ]]; then
echo "ERROR: $callback_env did not derive $vite_public_env for $app_dir" >&2
exit 1
fi
local explicit_value
explicit_value="$(
env APP_ENV=stage \
"$app_url_env=https://wrong.example.test" \
"$vite_public_env=$expected_url" \
sh "$runtime_script" --print-public-url
)"
if [[ "$explicit_value" != "$expected_url" ]]; then
echo "ERROR: explicit $vite_public_env should take precedence for $app_dir" >&2
exit 1
fi
}
assert_contains "$ROOT_DIR/devfront/src/lib/authConfig.ts" "DEVFRONT_AUTH_CALLBACK_PATH"
assert_contains "$ROOT_DIR/devfront/src/app/routes.tsx" "DEVFRONT_AUTH_CALLBACK_PATH"
assert_contains "$ROOT_DIR/devfront/src/lib/auth.ts" "VITE_DEVFRONT_PUBLIC_URL"
assert_public_url \
"devfront" \
"DEVFRONT_URL" \
"DEVFRONT_CALLBACK_URLS" \
"VITE_DEVFRONT_PUBLIC_URL" \
"https://sdev.hmac.kr"
assert_contains "$ROOT_DIR/orgfront/src/lib/authConfig.ts" "ORGFRONT_AUTH_CALLBACK_PATH"
assert_contains "$ROOT_DIR/orgfront/src/app/routes.tsx" "ORGFRONT_AUTH_CALLBACK_PATH"
assert_contains "$ROOT_DIR/orgfront/src/lib/auth.ts" "VITE_ORGFRONT_PUBLIC_URL"
assert_public_url \
"orgfront" \
"ORGFRONT_URL" \
"ORGFRONT_CALLBACK_URLS" \
"VITE_ORGFRONT_PUBLIC_URL" \
"https://sorg.hmac.kr"
echo "OK: DevFront/OrgFront callback public URL policy is stable"