offline 스코프 제거, rp_claims 값 표준화

2026-06-11 14:50:26 +09:00
parent f60b15a17b
commit c495e9119b
26 changed files with 1034 additions and 300 deletions
--- a/backend/internal/handler/dev_handler_rp_metadata_test.go
+++ b/backend/internal/handler/dev_handler_rp_metadata_test.go
@@ -100,8 +100,8 @@ func TestDevHandler_RPUserMetadataRoundTrip(t *testing.T) {
 			row.Metadata["score"] == float64(42) &&
 			assert.ObjectsAreEqual([]any{"sso", "claims"}, row.Metadata["featureList"]) &&
 			assert.ObjectsAreEqual(map[string]any{"theme": "dark", "density": "compact"}, row.Metadata["preferences"]) &&
-			row.Metadata["contractDate"] == "2026-06-10" &&
-			row.Metadata["approvedAt"] == "2026-06-09T10:30" &&
+			rpMetadataNumberEquals(row.Metadata["contractDate"], 1781017200) &&
+			rpMetadataNumberEquals(row.Metadata["approvedAt"], 1780968600) &&
 			row.Metadata["approvalLevel_permissions"].(map[string]any)["readPermission"] == "admin_only" &&
 			row.Metadata["approvalLevel_permissions"].(map[string]any)["writePermission"] == "user_and_admin" &&
 			row.Metadata["featureList_permissions"].(map[string]any)["readPermission"] == "admin_only" &&
@@ -138,8 +138,8 @@ func TestDevHandler_RPUserMetadataRoundTrip(t *testing.T) {
 				"theme":   "dark",
 				"density": "compact",
 			},
-			"contractDate": "2026-06-10",
-			"approvedAt":   "2026-06-09T10:30",
+			"contractDate": float64(1781017200),
+			"approvedAt":   float64(1780968600),
 			"approvalLevel_permissions": map[string]any{
 				"writePermission": "user_and_admin",
 			},
@@ -332,6 +332,21 @@ func TestDevHandler_RPUserMetadataMirrorsToKratosTraits(t *testing.T) {
 	kratos.AssertExpectations(t)
 }

+func rpMetadataNumberEquals(value any, want int64) bool {
+	switch typed := value.(type) {
+	case int64:
+		return typed == want
+	case int:
+		return int64(typed) == want
+	case float64:
+		return typed == float64(want)
+	case float32:
+		return float64(typed) == float64(want)
+	default:
+		return false
+	}
+}
+
 func TestDevHandler_SelfUpdateRPUserMetadataHonorsWritePermission(t *testing.T) {
 	transport := roundTripFunc(func(r *http.Request) (*http.Response, error) {
 		if r.URL.Path == "/clients/client-1" {
@@ -549,3 +564,21 @@ func TestDevHandler_RPUserMetadataRejectsInvalidTypedClaimValue(t *testing.T) {
 	assert.Equal(t, http.StatusBadRequest, resp.StatusCode)
 	repo.AssertNotCalled(t, "Upsert", mock.Anything, mock.Anything)
 }
+
+func TestNormalizeIDTokenClaimsMetadataAcceptsUnixDateDefaults(t *testing.T) {
+	metadata, err := normalizeIDTokenClaimsMetadata(map[string]any{
+		"id_token_claims": []any{
+			map[string]any{
+				"namespace": "rp_claims",
+				"key":       "contract_date",
+				"valueType": "date",
+				"value":     float64(1781020800),
+			},
+		},
+	})
+
+	require.NoError(t, err)
+	claims := metadata["id_token_claims"].([]normalizedIDTokenClaim)
+	require.Len(t, claims, 1)
+	require.Equal(t, "1781020800", claims[0].Value)
+}