(김준회) SAML 2.0 relay-state 처리 및 redirect 상태코드 문제 디버깅

1 files changed, 12 insertions, 7 deletions

diff --git a/app/api/auth/[...nextauth]/saml/utils.ts b/app/api/auth/[...nextauth]/saml/utils.ts
index 73c00bf6..a5bcfe7a 100644
--- a/app/api/auth/[...nextauth]/saml/utils.ts
+++ b/app/api/auth/[...nextauth]/saml/utils.ts
@@ -97,15 +97,15 @@ export function createSAMLConfig() {
 }
 
 // SAML AuthnRequest 생성 (서버 액션)
-export async function createAuthnRequest(): Promise<string> {
+export async function createAuthnRequest(relayState?: string): Promise<string> {
   "use server";
 
-  console.log("SSO STEP 2: Create AuthnRequest");
+  console.log("SSO STEP 2: Create AuthnRequest", { relayState });
   
   // Mock IdP 모드 체크
   if (process.env.SAML_MOCKING_IDP === 'true') {
     debugMock("Mock IdP mode enabled - simulating SAML response");
-    return createMockSAMLFlow();
+    return createMockSAMLFlow(relayState);
   }
 
   try {
@@ -117,7 +117,7 @@ export async function createAuthnRequest(): Promise<string> {
 
     const startTime = Date.now();
     const authorizeUrl = await saml.getAuthorizeUrlAsync(
-      "", // RelayState
+      relayState || "", // RelayState - 원래 가려던 페이지
       undefined, // host
       {
         additionalParams: {},
@@ -406,12 +406,17 @@ export function mapSAMLProfileToUser(profile: SAMLProfile): SAMLUser {
 }
 
 // Mock SAML 플로우 생성 (테스트용)
-function createMockSAMLFlow(): string {
-  debugMock("Creating mock SAML flow...");
+function createMockSAMLFlow(relayState?: string): string {
+  debugMock("Creating mock SAML flow...", { relayState });
   
   // Mock 모드에서는 Mock IdP 엔드포인트로 리다이렉션
   const baseUrl = process.env.NEXTAUTH_URL || 'http://localhost:3000';
-  const mockIdpUrl = `${baseUrl}/api/auth/saml/mock-idp`;
+  let mockIdpUrl = `${baseUrl}/api/auth/saml/mock-idp`;
+  
+  // RelayState가 있으면 URL 파라미터로 전달
+  if (relayState) {
+    mockIdpUrl += `?RelayState=${encodeURIComponent(relayState)}`;
+  }
   
   debugMock("Mock SAML Flow - redirecting to Mock IdP:", mockIdpUrl);