offline 스코프 제거, rp_claims 값 표준화

2026-06-11 14:50:26 +09:00
parent f60b15a17b
commit c495e9119b
26 changed files with 1034 additions and 300 deletions
--- a/userfront/lib/features/auth/presentation/consent_screen.dart
+++ b/userfront/lib/features/auth/presentation/consent_screen.dart
@@ -6,6 +6,7 @@ import 'package:userfront/core/services/auth_proxy_service.dart';
 import 'package:userfront/core/services/web_window.dart';
 import 'package:userfront/core/ui/toast_service.dart';
 import 'package:userfront/features/auth/domain/consent_error_routing.dart';
+import 'package:userfront/features/auth/domain/consent_scope_policy.dart';

 class ConsentScreen extends StatefulWidget {
  final String consentChallenge;
@@ -53,10 +54,6 @@ class _ConsentScreenState extends State<ConsentScreen> {
        'msg.userfront.consent.scope.email',
        fallback: 'Email address (account identification and notifications)',
      ),
-      'offline_access': tr(
-        'msg.userfront.consent.scope.offline_access',
-        fallback: 'Offline access (keep signed in)',
-      ),
      'phone': tr(
        'msg.userfront.consent.scope.phone',
        fallback: 'Phone number (identity verification and notifications)',
@@ -80,9 +77,6 @@ class _ConsentScreenState extends State<ConsentScreen> {
  }

  String _scopeDisplayLabel(String scope) {
-    if (scope == 'offline_access') {
-      return 'offline access';
-    }
    return scope.replaceAll('_', ' ');
  }

@@ -138,9 +132,11 @@ class _ConsentScreenState extends State<ConsentScreen> {
      }

      // 초기 선택 상태 설정: 모든 요청된 스코프를 기본 선택
-      final requestedScopes =
-          (info['requested_scope'] as List<dynamic>?)?.cast<String>() ?? [];
+      final requestedScopes = filterConsentScopes(
+        (info['requested_scope'] as List<dynamic>?)?.cast<String>() ?? [],
+      );
      _selectedScopes.addAll(requestedScopes);
+      info['requested_scope'] = requestedScopes;

      setState(() {
        _consentInfo = info;
@@ -299,9 +295,10 @@ class _ConsentScreenState extends State<ConsentScreen> {
              ? clientId
              : tr('msg.userfront.consent.client_unknown'));
    final clientLogo = _consentInfo?['client']?['logo_uri'];
-    final requestedScopes =
-        (_consentInfo?['requested_scope'] as List<dynamic>?)?.cast<String>() ??
-        [];
+    final requestedScopes = filterConsentScopes(
+      (_consentInfo?['requested_scope'] as List<dynamic>?)?.cast<String>() ??
+          [],
+    );

    return SingleChildScrollView(
      child: Container(