oathkeeper 동작 확인

backend/cmd/server/main.go

@@ -158,6 +158,28 @@ func main() {
 		slog.Warn("Failed to connect to Redis. Auth features may fail.", "error", err)
 	}
 
+	// Oathkeeper 상태를 주기적으로 확인해 다운을 감지합니다.
+	var oathkeeperProbe *HTTPProbe
+	if strings.ToLower(getEnv("OATHKEEPER_HEALTH_ENABLED", "true")) != "false" {
+		intervalSec, err := strconv.Atoi(getEnv("OATHKEEPER_HEALTH_INTERVAL_SECONDS", "10"))
+		if err != nil || intervalSec <= 0 {
+			intervalSec = 10
+		}
+		timeoutSec, err := strconv.Atoi(getEnv("OATHKEEPER_HEALTH_TIMEOUT_SECONDS", "2"))
+		if err != nil || timeoutSec <= 0 {
+			timeoutSec = 2
+		}
+		oathkeeperProbe = NewHTTPProbe(
+			"oathkeeper",
+			getEnv("OATHKEEPER_HEALTH_URL", "http://oathkeeper:4456/health/ready"),
+			time.Duration(intervalSec)*time.Second,
+			time.Duration(timeoutSec)*time.Second,
+		)
+		oathkeeperProbe.Start()
+	} else {
+		slog.Info("Oathkeeper probe disabled")
+	}
+
 	// 2. Initialize Handlers
 	auditHandler := handler.NewAuditHandler(auditRepo)
 	authHandler := handler.NewAuthHandler(redisService, idpProvider)
@@ -321,6 +343,32 @@ func main() {
 			status = "degraded"
 		}
 
+		// Check Oathkeeper
+		if oathkeeperProbe != nil {
+			snapshot := oathkeeperProbe.Snapshot()
+			switch snapshot.Status {
+			case "ok":
+				checks["oathkeeper"] = "ok"
+			case "":
+				checks["oathkeeper"] = "unknown"
+				if status != "error" {
+					status = "degraded"
+				}
+			default:
+				if snapshot.Error == "" {
+					checks["oathkeeper"] = "error"
+				} else {
+					checks["oathkeeper"] = "error: " + snapshot.Error
+				}
+				status = "error"
+			}
+		} else {
+			checks["oathkeeper"] = "disabled"
+			if status != "error" {
+				status = "degraded"
+			}
+		}
+
 		if status == "error" {
 			return c.Status(fiber.StatusServiceUnavailable).JSON(fiber.Map{
 				"status": status,