// ===== Doc 07: External APIs ===== // OAuth Flow Simulator const OAUTH_PROVIDERS = { google: { name: "Google", color: "#ea4335", tokenUrl: "https://oauth2.googleapis.com/token (→ /google/token)", userInfoUrl: "https://openidconnect.googleapis.com/v1/userinfo (→ /google/userinfo)", scope: "openid email profile", sampleToken: "google_mock_access_token_001", userInfo: { sub: "google_user_001", email: "user1@gmail.com", email_verified: true, name: "홍길동", picture: "https://lh3.googleusercontent.com/a/default", locale: "ko" } }, github: { name: "GitHub", color: "#181717", tokenUrl: "https://github.com/login/oauth/access_token (→ /github/token)", userInfoUrl: "https://api.github.com/user (→ /github/userinfo)", scope: "read:user user:email", sampleToken: "github_mock_access_token_001", userInfo: { id: 12345678, login: "honggildong", name: "홍길동", email: "user1@github.com", avatar_url: "https://avatars.githubusercontent.com/u/12345678", bio: "학습 열정가" } }, apple: { name: "Apple", color: "#000", tokenUrl: "https://appleid.apple.com/auth/token (→ /apple/token)", userInfoUrl: "(id_token에서 추출 — userinfo 엔드포인트 없음)", scope: "name email", sampleToken: "apple_mock_access_token_001", userInfo: { sub: "apple_user_001", email: "user1@icloud.com", email_verified: "true" } }, microsoft: { name: "Microsoft", color: "#0078d4", tokenUrl: "https://login.microsoftonline.com/common/oauth2/v2.0/token (→ /microsoft/token)", userInfoUrl: "https://graph.microsoft.com/v1.0/me (→ /microsoft/userinfo)", scope: "openid email profile User.Read", sampleToken: "microsoft_mock_access_token_001", userInfo: { id: "ms_user_001", mail: "user1@outlook.com", displayName: "홍길동", userPrincipalName: "user1@outlook.com" } } }; function OAuthFlowSimulator() { const [provider, setProvider] = useState("google"); const [step, setStep] = useState(0); const [error, setError] = useState(null); const [errorScenario, setErrorScenario] = useState("none"); const p = OAUTH_PROVIDERS[provider]; const steps = [ { name: "1. 인가 코드 요청", actor: "Frontend", op: "Redirect to provider authorize URL" }, { name: "2. 사용자 동의", actor: "Provider", op: "User clicks Allow" }, { name: "3. 콜백 + code", actor: "Frontend → Backend", op: "GET /auth/oauth/google/callback?code=mock_code" }, { name: "4. Token Exchange", actor: "Backend → WireMock", op: "POST /google/token (mock)" }, { name: "5. Userinfo 조회", actor: "Backend → WireMock", op: "GET /google/userinfo (Authorization: Bearer …)" }, { name: "6. Upsert User", actor: "Backend → PostgreSQL", op: "INSERT/UPDATE users, oauth_accounts" }, { name: "7. Publish Kafka", actor: "Backend → Kafka", op: "user.registered (if new)" }, { name: "8. JWT 발급", actor: "Backend → Frontend", op: "Set-Cookie refresh_token + access_token" } ]; const next = () => { const nextStep = step + 1; // Trigger error at step 4 if scenario set if (errorScenario === "invalid_grant" && nextStep === 4) { setError({ status: 401, body: { error: "invalid_grant", error_description: "Bad Request" } }); setStep(4); return; } if (errorScenario === "rate_limit" && nextStep === 5) { setError({ status: 403, body: { message: "API rate limit exceeded" } }); setStep(5); return; } if (nextStep < steps.length) setStep(nextStep); }; const back = () => { if (error) { setError(null); return; } if (step > 0) setStep(step - 1); }; const reset = () => { setStep(0); setError(null); }; return (
{Object.entries(OAUTH_PROVIDERS).map(([id, prov]) => ( ))}
OAuth 2.0 흐름
{steps.map((s, i) => { const isDone = i < step; const isCurrent = i === step; const hasError = error && i === step; return (
{s.actor}
{s.name}
{isDone ? : isCurrent ? (hasError ? : ) : null}
{s.op}
); })}
{error && }
WireMock 매핑 / 응답 ({p.name})
{error ? (
{error.status} Error {p.name} OAuth 에러 응답
backOff(exponential) 재시도 후 사용자에게 에러 화면 표시. UI: OAUTH_FAILED toast.
) : step < 4 ? (
GET authorize URL
{`https://accounts.${provider}.com/o/oauth2/v2/auth? client_id=${provider}_test_client_id &redirect_uri=http://localhost:8080/auth/oauth/${provider}/callback &response_type=code &scope=${p.scope} &state=mock_state_xyz`}
다음 호출 (step 4)
POST {p.tokenUrl.split("(")[1]?.replace(/[→)\s]/g, "") || p.tokenUrl}
) : step === 4 ? (
POST {p.tokenUrl}
) : step === 5 ? (
GET {p.userInfoUrl}
) : step === 6 ? (
SQL (Testcontainers)
{`INSERT INTO users (id, tenant_id, email, display_name, created_at) VALUES ('user-...002', 'tenant-...001', '${p.userInfo.email || "user@example.com"}', '${p.userInfo.name || p.userInfo.displayName || "사용자"}', NOW()) ON CONFLICT (email) DO NOTHING; INSERT INTO oauth_accounts (user_id, provider, provider_user_id, email) VALUES ('user-...002', '${provider}', '${p.userInfo.sub || p.userInfo.id || "mock"}', '${p.userInfo.email || "user@example.com"}');`}
) : step === 7 ? (
EmbeddedKafka 검증
) : (
✓ 200 OK 로그인 완료
Set-Cookie: refresh_token=...; HttpOnly; Secure; SameSite=Lax
)}
); } // External APIs Matrix function ExternalApiMatrix() { const apis = [ { name: "Google OAuth", group: "OAuth", endpoints: 2, scenarios: ["success", "invalid_grant 401", "PERMISSION_DENIED 403"], tool: "WireMock" }, { name: "GitHub OAuth", group: "OAuth", endpoints: 2, scenarios: ["success", "Bad credentials 401", "Rate limit 403"], tool: "WireMock" }, { name: "Apple OAuth", group: "OAuth", endpoints: 1, scenarios: ["success (id_token)", "invalid_client 400"], tool: "WireMock" }, { name: "Microsoft OAuth", group: "OAuth", endpoints: 2, scenarios: ["success", "AADSTS50058"], tool: "WireMock" }, { name: "Stripe Checkout", group: "Payment", endpoints: 4, scenarios: ["session.created", "session.completed", "payment_failed", "subscription.deleted"], tool: "WireMock" }, { name: "Stripe Webhooks", group: "Payment", endpoints: 1, scenarios: ["checkout.completed", "invoice.payment_succeeded", "invoice.payment_failed", "subscription.deleted"], tool: "WireMock + 수동 호출" }, { name: "FCM Push", group: "Notification", endpoints: 1, scenarios: ["success", "INVALID_REGISTRATION 404", "QUOTA_EXCEEDED 429"], tool: "WireMock" }, { name: "AWS SES", group: "Notification", endpoints: 1, scenarios: ["success", "MessageRejected", "SendingPausedException"], tool: "WireMock" }, { name: "OpenAI Embeddings", group: "AI", endpoints: 1, scenarios: ["success (1536d)", "rate_limit_exceeded 429"], tool: "respx (Python)" }, { name: "Anthropic Claude", group: "AI", endpoints: 1, scenarios: ["card generation success", "overloaded_error 529"], tool: "respx (Python)" } ]; const groups = [...new Set(apis.map(a => a.group))]; return (
{groups.map(g => {g})} {apis.length}개 외부 API · 30+ 시나리오
{apis.map((api, i) => (
{api.name}
{api.group} {api.endpoints} endpoint
{api.scenarios.map((s, j) => ( {s} ))}
{api.tool}
))}
); } Object.assign(window, { OAuthFlowSimulator, ExternalApiMatrix });