5a84e9f6cc
Merge branch 'dev' into fix/rebac-env-sync-issue
2026-04-10 13:52:07 +09:00
5211842d47
조직도 기능 추가
2026-04-10 11:38:47 +09:00
2ef851086d
headless URL 호스트 해석 보정
2026-04-10 10:57:38 +09:00
06a6875cdb
App 카드 로고 이미지 표시
2026-04-09 14:37:49 +09:00
f5c4ffa92f
linked RP 응답에 1st-party 앱 자동 로그인 init_url 추가
2026-04-09 14:37:49 +09:00
9e473ae8a8
userfront 접속이력 타임라인 oathkeeper 세션 ID 보강
2026-04-07 16:07:40 +09:00
763c04398e
접속이력 OIDC 접속 로그 누락 수정
2026-04-07 16:07:40 +09:00
b3a7f47cf7
feat(auth): lock affiliation type on frontend based on verified email domain ( #500 )
2026-04-07 14:03:02 +09:00
4e7f3e7235
feat(auth): enforce explicit tenant selection and dynamic filtering ( #500 )
...
- Refactor `GetActiveTenants` to filter dynamically based on the email domain, removing hardcoded affiliate slugs.
- Update `Signup` to require an explicit `CompanyCode` choice for internal domains, removing automatic provisioning and implicit tenant assignment.
- Add markdown diagram detailing the revised, secure B2B2B dynamic provisioning and inheritance flow.
2026-04-07 11:58:50 +09:00
332ac9c0d8
feat: dynamic frontend tenant dropdown
2026-04-06 16:56:33 +09:00
c78604df06
feat: implement dynamic tenant provisioning and remove hardcoded company mappings
2026-04-06 16:13:03 +09:00
1b8dc2c4ab
dev 브런치 병합 후 code check
2026-04-06 16:03:49 +09:00
890ddd9b3c
세션 종료 시 모든 세션 종료 에러 수정
2026-04-06 15:02:42 +09:00
2ca26cafb2
세션 IP 표시와 로그아웃 처리 보강
2026-04-06 15:02:42 +09:00
8942c78fb4
활서 세션 카드 audit 메타데이터 기록 보강
2026-04-06 15:02:42 +09:00
fe70fd216b
세션 카드 디버그용 시나리오 및 테스트 추가
2026-04-06 15:02:42 +09:00
1524da2d6a
세션 종료 시 Hydra 토큰 세션도 함께 무효화
2026-04-06 15:02:42 +09:00
a2f2b2dd71
사용자 활성 세션 조회·종료 API 추가
2026-04-06 15:02:41 +09:00
583755c189
fix: improve keto sync reliability and initial rebac permissions for super admin
2026-04-06 10:10:27 +09:00
95aba376b1
chore: fix workspace formatting (devfront, backend, adminfront)
2026-04-03 15:12:27 +09:00
b582c82c6f
feat: implement multi-identifier architecture (Issue #496 )
...
- Database: Add user_login_ids table for 1:N identifier mapping and remove legacy login_id column
- Kratos: Update identity schema to use custom_login_ids array instead of a single id trait
- Backend: Implement syncCustomLoginIDs to collect isLoginId fields across tenant schemas
- Backend: Add backtracking logic to auto-assign session tenant based on used login identifier
- Backend: Add 409 Conflict exception handling for Create/Update operations
- AdminFront: Refactor UserDetailPage to a tabbed grid layout (Info, Tenants, Security)
- AdminFront: Show '로그인 ID' badge on tenant schema fields used for authentication
- UserFront: Remove legacy optional 'Login ID' input from signup flow
- Tests: Add multi-identifier repository tests and update handler tests
2026-04-02 16:07:33 +09:00
Lectom C Han
71a006cd7b
fix(headless-login): honor public base url for audience checks
...
- resolve headless audience against BACKEND_PUBLIC_URL first
- keep forwarded header support for https absolute audiences
- add regression tests for https success and http mismatch rejection
- write BACKEND_PUBLIC_URL into staging workflow env generation
2026-04-01 21:05:41 +09:00
Lectom C Han
4b0fbdde98
레포 업데이트
2026-04-01 20:32:09 +09:00
Lectom C Han
8bab8d44cc
chore(headless-login): add request correlation logs
2026-04-01 19:42:09 +09:00
Lectom C Han
c3ae316570
fix(headless-login): simplify jwks policy checks
2026-04-01 19:24:26 +09:00
Lectom C Han
51f09bf53c
fix(headless-login): show full parsed jwks key values
...
- return the full RSA n value in parsedKeys responses
- render parsed key fields with labels and multiline key material in DevFront
- lock the behavior with backend and Playwright regression tests
2026-04-01 18:51:39 +09:00
Lectom C Han
9facd24a00
feat(headless-login): add jwks cache visibility and refresh flow
...
- replace inline headless jwks support with jwksUri-only validation
- add cached jwks refresh worker, manual refresh/revoke endpoints, and parsed key summaries
- expose allowed algorithms and key previews in DevFront with regression coverage
2026-04-01 18:33:22 +09:00
d9e8fee64b
dev 브런치 병합 code-check 오류 수정
2026-04-01 15:06:46 +09:00
8d505cec0e
Headless Login 앱 타입 오표기 수정
2026-04-01 14:47:35 +09:00
ded1e1f5c4
fix(backend): fix merge conflict artifact and undefined explicitLoginID in UserHandler
2026-04-01 13:45:56 +09:00
634f869a84
Merge branch 'dev' into feat/id_login
2026-04-01 13:40:45 +09:00
fdffeacf50
fix(backend): fix loginIdField not being synced when companyCode is empty
2026-04-01 13:13:26 +09:00
54a853a5c6
fix(backend): fix syncLoginID to allow fields named 'id' to be synced from custom schema
2026-04-01 13:03:39 +09:00
27a7d226eb
fix(backend): map Kratos traits id to loginId in UserSummary API response
2026-04-01 11:29:13 +09:00
Lectom C Han
94362bf8eb
headless login으로 리펙토링
2026-04-01 10:50:31 +09:00
6b30580f36
fix(backend): force keto outbox sync on explicit tenant assignment to self-heal missing relations
2026-03-31 17:51:53 +09:00
bc73b85909
feat(backend): auto-sync user group keto relation based on department in user update
2026-03-31 13:50:23 +09:00
5029b8049b
fix(backend): prevent duplicate key constraint on empty login id when syncing users
2026-03-31 13:11:32 +09:00
e927fa8ea0
dev 반영 code-check 오류 수정
2026-03-31 13:03:16 +09:00
68114eea66
비밀번호 재설정 중복 완료 요청 문제 수정
2026-03-31 11:51:21 +09:00
2364ff59d2
관리자 비밀번호 변경을 Kratos 해시 업데이트 방식으로 수정
2026-03-31 11:49:47 +09:00
Lectom C Han
33afe1eddf
fix(auth): separate pkce and headless trusted rp config
2026-03-31 10:44:04 +09:00
Lectom C Han
b4342b355f
feat(auth): add trusted rp headless login flows
2026-03-30 21:46:15 +09:00
Lectom C Han
45dfaf5905
fix(dev): persist trusted rp secret after update
...
- store client_secret after trusted RP update responses
- add regression test for secret recovery on later detail fetch
2026-03-30 21:13:22 +09:00
c96a5350a7
code-check 오류 수정
2026-03-30 13:29:36 +09:00
cfe97ecb1e
Trusted RP 생성 흐름 테스트 추가
2026-03-30 13:08:10 +09:00
3ffc345c2c
RP 공개키 등록 및 Trusted RP 판정 로직 구현
2026-03-30 09:20:48 +09:00
2e14c9d6fe
test(backend): update expected error message for invalid company code to match korean translation
2026-03-27 21:18:51 +09:00
13469b14fb
fix: refine error messages for signup failure and company code
2026-03-27 20:39:49 +09:00
603b9e0032
fix(backend): resolve signup issues by fixing tenant slug case-sensitivity and exposing Kratos errors
2026-03-27 20:03:50 +09:00
