Merge origin/main and remove Descope deps

2026-02-03 18:10:31 +09:00
parent b908d71666
commit bf469b1eb4
10 changed files with 172 additions and 658 deletions
--- a/userfront/lib/core/services/auth_proxy_service.dart
+++ b/userfront/lib/core/services/auth_proxy_service.dart
@@ -1,6 +1,7 @@
 import 'dart:convert';
 import 'package:http/http.dart' as http;
 import 'package:flutter_dotenv/flutter_dotenv.dart';
+import 'auth_token_store.dart';
 import 'http_client.dart';
 import 'web_window.dart';

@@ -265,12 +266,17 @@ class AuthProxyService {
    if (token != null && token.isNotEmpty) {
      headers['Authorization'] = 'Bearer $token';
    }
+    final sessionId = _extractSessionIdFromJwt(token ?? AuthTokenStore.getToken() ?? '');
    final client = createHttpClient(withCredentials: true);
    try {
      final response = await client.post(
        url,
        headers: headers,
-        body: jsonEncode({'login_challenge': loginChallenge}),
+        body: jsonEncode({
+          'login_challenge': loginChallenge,
+          if (sessionId != null && sessionId.isNotEmpty)
+            'approved_session_id': sessionId,
+        }),
      );

      if (response.statusCode == 200) {
@@ -284,6 +290,36 @@ class AuthProxyService {
    }
  }

+  static String? _extractSessionIdFromJwt(String token) {
+    if (token.isEmpty) {
+      return null;
+    }
+    try {
+      final parts = token.split('.');
+      if (parts.length != 3) {
+        return null;
+      }
+      final payload = utf8.decode(base64Url.decode(base64Url.normalize(parts[1])));
+      final data = json.decode(payload) as Map<String, dynamic>;
+      for (final key in ['sid', 'session_id', 'sessionId', 'jti']) {
+        final value = data[key];
+        if (value == null) {
+          continue;
+        }
+        if (value is String && value.isNotEmpty) {
+          return value;
+        }
+        final converted = value.toString();
+        if (converted.isNotEmpty) {
+          return converted;
+        }
+      }
+    } catch (_) {
+      return null;
+    }
+    return null;
+  }
+
  static Future<Map<String, dynamic>> initiatePasswordReset(String loginId, {bool? drySend}) async {
    final url = Uri.parse('$_baseUrl/api/v1/auth/password/reset/initiate');
    final response = await http.post(
--- a/userfront/lib/features/dashboard/presentation/dashboard_screen.dart
+++ b/userfront/lib/features/dashboard/presentation/dashboard_screen.dart
@@ -571,14 +571,10 @@ class _DashboardScreenState extends ConsumerState<DashboardScreen> {

  Widget _buildAppCell(AuditLogEntry log, {TextStyle? style}) {
    final label = _appLabelForLog(log);
-    if (label == 'Baron 통합로그인') {
-      return _selectableText(label, style: style);
-    }
-    final tooltip = log.parentSessionId.isEmpty
-        ? '부모 세션 ID 없음'
-        : '부모 세션 ID: ${log.parentSessionId}';
+    final clientId = log.clientId;
+    final tooltip = clientId.isEmpty ? 'Client ID 없음' : 'Client ID: $clientId';
    final baseStyle = style ?? const TextStyle();
-    final emphasisStyle = log.parentSessionId.isEmpty
+    final emphasisStyle = clientId.isEmpty
        ? baseStyle
        : baseStyle.copyWith(
            color: Colors.blueAccent,