(김준회) Knox SSO 스테이지에서 운영으로 변경

3 files changed, 7 insertions, 29 deletions

diff --git a/.env.development b/.env.development
index f8167f05..23a9cf1f 100644
--- a/.env.development
+++ b/.env.development
@@ -71,11 +71,8 @@ OCR_SECRET_KEY=QVZzbkFtVFV1UWl2THNCY01lYVVGUUxpWmdyUkxHYVA=
 
 # === [시작] SSO 설정 ===
 
-# ! IdP와 통신 불가능한 상황에서 테스트를 위한 모킹 처리 지원하기
-SAML_MOCKING_IDP=true
-
 # ! SSO Redirect 주소로 활용되며, 상단에서 적절한 URL을 쓴다면 이 변수는 주석처리할 것
-NEXTAUTH_URL="http://localhost:3000"
+# NEXTAUTH_URL="http://60.101.108.100"
 
 # SAML 2.0 SP로서 신청할 때 기입하는 사항
 # 메타데이터 XML에서 추출 가능하나, 개발 편의성을 위해 추출로직 제거하고 환경변수에 하드코딩함
@@ -91,9 +88,9 @@ SAML_SP_AUTHN_REQUESTS_SIGNED=false
 SAML_SP_WANT_ASSERTIONS_SIGNED=false
 
 ### idp_metadata.xml ###
-SAML_IDP_ENTITY_ID="www.stage1.samsung.net"
-SAML_IDP_SSO_URL="https://epsso.stage.samsung.net/sso/saml/SingleSignOnService"
-SAML_IDP_CERT="MIID2zCCAsOgAwIBAgIJAKUgkCmmclHOMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQxNDAzWhcNMjcwOTA0MDQxNDAzWjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nT5VRgS/PGj7iL8l4kpyEqs04BocOrIPf9mn+Ky/pA3BkgfxItkAfxqKjrzZ2J/0yB1jkjpHYxQQSpah5f/FrxK/G3lCMlpQzFgT9qfX/VJqhJLU3JF4hhxTVp77rF5Sqz2CWdTzrKgEhVhQupfANL67uw1GrR2AoPWsmGqr/ybdEcjr0w3lYrnCb9LYvvT+KOmZg1nVEbMAJ66xFuiuc4IGAot+IIHY86ZjSXRfMBkJaisEpStXXja0PD8SHDu31DdLomaRYrv9eyoh3q/LONejfgd8IrAJO3Om8zNmfF2Q665Ab4oPFoRznjvR74/pszIxqQTYoVgKkDKRmTOjQIDAQABo1AwTjAdBgNVHQ4EFgQUiolG//FttT/5g3IBaoRvjNWNCt0wHwYDVR0jBBgwFoAUiolG//FttT/5g3IBaoRvjNWNCt0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAQVBxmGnZHo3dMLKFgAf8oLevA1TuA03p6jj2MVLwFMjw0S74bFpgS4ZXEzsliGAQprVwTzo06XtTxQENxddbFMRfKroKvpyM20uBt2JI5nBmE/kzrb4AOguRRTNKfb9o4zk2yO7Ra31dWHrvZ3usV8A0KLIHef6iUPv4mBMXY5e7gEUjoZxbZQucyHOrYvuj/TISd7n6r37cotf5ldUD5B+ADP05AgTTP1vKzyfOsb+zRqTTi8WFOc2SlbTktXPvfiQmHs6OoCbNNYXfQT+YO0x3y8M4TevvoeKvTjQp1E+Q+J8hAh7xTIemb6wP460ObUD9w+wyqUk44XJGdibtgQ=="
+SAML_IDP_ENTITY_ID="www.samsung.net"
+SAML_IDP_SSO_URL="https://epsso.samsung.net/sso/saml/SingleSignOnService"
+SAML_IDP_CERT="MIID2zCCAsOgAwIBAgIJAIt4QxV2bA3qMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQ0OTI1WhcNMjcwOTA0MDQ0OTI1WjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA403a0G0WexaxyscAVFtThKL9X9d6XM5fq6ELIcD+cNQigQK4lqo1oRX+u1NEia+YqJHpCMdSzjmU76+xSytvTI0aNTAbm6wfiXNfkjFwD8H0TT0P4TgeqtIjmH80YLjEPIPGiMMVcbvRgJxGCKDM4XOoM5YOtzRPQaSrQ+6Vy9J5poduafMRamf1uljUfo++P8fPbqwPjamFYxG3HTX02ac11aiuY4xlUFOkvXc6UtEQ79tKmf0SKnkEyWpxyDmQYy5pW36Lkh2FzKo6itYlKaMwJRP1b9IN4g1e/Eexr+6Qb4p8qoKeWq7hTFgtiW321e8+cdeL28m1WkVDPEB5TwIDAQABo1AwTjAdBgNVHQ4EFgQUTSA00p+swYrMz1nGBs6uJ83D7DswHwYDVR0jBBgwFoAUTSA00p+swYrMz1nGBs6uJ83D7DswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAmyBNNwzkq/+9r7gwVEe51T0s/e21b5NjQZ1t7Zrg0v43rg1baxZINpc5imGFOGpzyBFhoGCrmnpMk70m0uS284DeLJTB2Z+zsjE8NPlS5fU7lLDqaSJduOwdxmdo3PufgwL3vYXK0KTrsptdNLmP+9mYUdEAUTTyd6rwMyxXv1sgHUBNHHUY4Nlq78Q6vzjMTZ+j2yjRv4kCAueQOyuP1hqXjbfhoEluAM3gXlu7nASNFHR5CkaRyBYeORSJm/jLehGb66aRl6XfI+tNuGmpnMEnXhCq/om8KArBI/hOHgeI/YUoYkfgWjK+cteZ6RMiwlYQALwHd3J2RBMPz3NnIw=="
 
 # === [끝] SSO 설정 ===
 
diff --git a/.env.production b/.env.production
index 9ea7c1b6..ff4b58a2 100644
--- a/.env.production
+++ b/.env.production
@@ -93,9 +93,9 @@ SAML_SP_AUTHN_REQUESTS_SIGNED=false
 SAML_SP_WANT_ASSERTIONS_SIGNED=false
 
 ### idp_metadata.xml ###
-SAML_IDP_ENTITY_ID="www.stage1.samsung.net"
-SAML_IDP_SSO_URL="https://epsso.stage.samsung.net/sso/saml/SingleSignOnService"
-SAML_IDP_CERT="MIID2zCCAsOgAwIBAgIJAKUgkCmmclHOMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQxNDAzWhcNMjcwOTA0MDQxNDAzWjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nT5VRgS/PGj7iL8l4kpyEqs04BocOrIPf9mn+Ky/pA3BkgfxItkAfxqKjrzZ2J/0yB1jkjpHYxQQSpah5f/FrxK/G3lCMlpQzFgT9qfX/VJqhJLU3JF4hhxTVp77rF5Sqz2CWdTzrKgEhVhQupfANL67uw1GrR2AoPWsmGqr/ybdEcjr0w3lYrnCb9LYvvT+KOmZg1nVEbMAJ66xFuiuc4IGAot+IIHY86ZjSXRfMBkJaisEpStXXja0PD8SHDu31DdLomaRYrv9eyoh3q/LONejfgd8IrAJO3Om8zNmfF2Q665Ab4oPFoRznjvR74/pszIxqQTYoVgKkDKRmTOjQIDAQABo1AwTjAdBgNVHQ4EFgQUiolG//FttT/5g3IBaoRvjNWNCt0wHwYDVR0jBBgwFoAUiolG//FttT/5g3IBaoRvjNWNCt0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAQVBxmGnZHo3dMLKFgAf8oLevA1TuA03p6jj2MVLwFMjw0S74bFpgS4ZXEzsliGAQprVwTzo06XtTxQENxddbFMRfKroKvpyM20uBt2JI5nBmE/kzrb4AOguRRTNKfb9o4zk2yO7Ra31dWHrvZ3usV8A0KLIHef6iUPv4mBMXY5e7gEUjoZxbZQucyHOrYvuj/TISd7n6r37cotf5ldUD5B+ADP05AgTTP1vKzyfOsb+zRqTTi8WFOc2SlbTktXPvfiQmHs6OoCbNNYXfQT+YO0x3y8M4TevvoeKvTjQp1E+Q+J8hAh7xTIemb6wP460ObUD9w+wyqUk44XJGdibtgQ=="
+SAML_IDP_ENTITY_ID="www.samsung.net"
+SAML_IDP_SSO_URL="https://epsso.samsung.net/sso/saml/SingleSignOnService"
+SAML_IDP_CERT="MIID2zCCAsOgAwIBAgIJAIt4QxV2bA3qMA0GCSqGSIb3DQEBCwUAMIGDMQswCQYDVQQGEwJLUjEPMA0GA1UECAwGSmFtc2lsMQ4wDAYDVQQHDAVTZW91bDETMBEGA1UECgwKU2Ftc3VuZ1NEUzEdMBsGA1UECwwUSW50cmFuZXRCdXNpbmVzc1RlYW0xHzAdBgNVBAMMFm5ldC5zYW1zdW5nLmtub3hwb3J0YWwwHhcNMTcwOTA2MDQ0OTI1WhcNMjcwOTA0MDQ0OTI1WjCBgzELMAkGA1UEBhMCS1IxDzANBgNVBAgMBkphbXNpbDEOMAwGA1UEBwwFU2VvdWwxEzARBgNVBAoMClNhbXN1bmdTRFMxHTAbBgNVBAsMFEludHJhbmV0QnVzaW5lc3NUZWFtMR8wHQYDVQQDDBZuZXQuc2Ftc3VuZy5rbm94cG9ydGFsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA403a0G0WexaxyscAVFtThKL9X9d6XM5fq6ELIcD+cNQigQK4lqo1oRX+u1NEia+YqJHpCMdSzjmU76+xSytvTI0aNTAbm6wfiXNfkjFwD8H0TT0P4TgeqtIjmH80YLjEPIPGiMMVcbvRgJxGCKDM4XOoM5YOtzRPQaSrQ+6Vy9J5poduafMRamf1uljUfo++P8fPbqwPjamFYxG3HTX02ac11aiuY4xlUFOkvXc6UtEQ79tKmf0SKnkEyWpxyDmQYy5pW36Lkh2FzKo6itYlKaMwJRP1b9IN4g1e/Eexr+6Qb4p8qoKeWq7hTFgtiW321e8+cdeL28m1WkVDPEB5TwIDAQABo1AwTjAdBgNVHQ4EFgQUTSA00p+swYrMz1nGBs6uJ83D7DswHwYDVR0jBBgwFoAUTSA00p+swYrMz1nGBs6uJ83D7DswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAmyBNNwzkq/+9r7gwVEe51T0s/e21b5NjQZ1t7Zrg0v43rg1baxZINpc5imGFOGpzyBFhoGCrmnpMk70m0uS284DeLJTB2Z+zsjE8NPlS5fU7lLDqaSJduOwdxmdo3PufgwL3vYXK0KTrsptdNLmP+9mYUdEAUTTyd6rwMyxXv1sgHUBNHHUY4Nlq78Q6vzjMTZ+j2yjRv4kCAueQOyuP1hqXjbfhoEluAM3gXlu7nASNFHR5CkaRyBYeORSJm/jLehGb66aRl6XfI+tNuGmpnMEnXhCq/om8KArBI/hOHgeI/YUoYkfgWjK+cteZ6RMiwlYQALwHd3J2RBMPz3NnIw=="
 
 # === [끝] SSO 설정 ===
 
diff --git a/lib/saml/idp-metadata.ts b/lib/saml/idp-metadata.ts
index a33ecad6..30fa1454 100644
--- a/lib/saml/idp-metadata.ts
+++ b/lib/saml/idp-metadata.ts
@@ -57,25 +57,6 @@ export function normalizeCertificate(cert: string): string {
   return `-----BEGIN CERTIFICATE-----\n${formattedCert}\n-----END CERTIFICATE-----`
 }
 
-// 특정 용도의 인증서 가져오기
-export function getCertificateByUse(metadata: IDPMetadata, use: 'signing' | 'encryption'): string {
-  const cert = metadata.certificates.find(c => c.use === use)
-  return cert ? normalizeCertificate(cert.certificate) : ''
-}
-
-// 모든 인증서를 PEM 형식으로 변환
-export function getAllCertificatesAsPEM(metadata: IDPMetadata): { use: string; pem: string }[] {
-  return metadata.certificates.map(cert => ({
-    use: cert.use,
-    pem: normalizeCertificate(cert.certificate)
-  }))
-}
-
-// 레거시 호환성을 위한 함수 - 첫 번째 인증서를 문자열로 반환
-export function getFirstCertificateAsString(metadata: IDPMetadata): string {
-  return metadata.certificates[0]?.certificate || ''
-}
-
 // SP 메타데이터 생성을 위한 헬퍼
 export function getSPEntityId(): string {
   return process.env.SAML_SP_ENTITY_ID || `${process.env.NEXTAUTH_URL}/saml/metadata`