작업계획서대로 진행

.env

@@ -22,3 +22,8 @@ SMTP_PORT=587
 SMTP_USER=turbosoft11@gmail.com
 SMTP_PASS="kojl sxbx pdfi yhxz"
 SMTP_FROM=업무관리프로그램 <turbosoft11@gmail.com>
+
+SYNOLOGY_SERVER_URL=https://sso.osolit.net
+SYNOLOGY_CLIENT_ID=afa90b7b4a9773af41f2c7b110f92d6e
+SYNOLOGY_CLIENT_SECRET=
+SYNOLOGY_REDIRECT_URI=https://weeklyreport.turbosoft.kr/api/auth/synology/callback

.env.prod

@@ -17,3 +17,9 @@ SMTP_PORT=587
 SMTP_USER=turbosoft11@gmail.com
 SMTP_PASS="kojl sxbx pdfi yhxz"
 SMTP_FROM=업무관리프로그램 <turbosoft11@gmail.com>
+
+
+SYNOLOGY_SERVER_URL=https://sso.osolit.net
+SYNOLOGY_CLIENT_ID=afa90b7b4a9773af41f2c7b110f92d6e
+SYNOLOGY_CLIENT_SECRET=
+SYNOLOGY_REDIRECT_URI=https://weeklyreport.turbosoft.kr/api/auth/synology/callback

server/api/auth/synology/callback.get.ts

@@ -26,16 +26,20 @@ export default defineEventHandler(async (event) => {
   
   try {
     // 1. 코드로 액세스 토큰 교환
-    const tokenResponse = await $fetch<any>(`${config.synologyServerUrl}/webman/sso/SSOAccessToken.cgi`, {
-      method: 'POST',
-      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
-      body: new URLSearchParams({
+    const tokenParams = new URLSearchParams({
       grant_type: 'authorization_code',
       code: code,
       client_id: config.synologyClientId,
-        client_secret: config.synologyClientSecret,
       redirect_uri: config.synologyRedirectUri
-      }).toString()
+    })
+    if (config.synologyClientSecret) {
+      tokenParams.set('client_secret', config.synologyClientSecret)
+    }
+    
+    const tokenResponse = await $fetch<any>(`${config.synologyServerUrl}/webman/sso/SSOAccessToken.cgi`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+      body: tokenParams.toString()
     })
     
     if (!tokenResponse.access_token) {