refect: OAuth 프롬프트 및 모델 구조 개선

2026-06-14 01:06:43 +09:00 · 2025-07-02 19:02:43 +09:00 · 2025-07-02 19:02:43 +09:00 · 146c187b05
commit 146c187b05
parent 65c865b620
9 changed files with 18 additions and 6 deletions
--- a/src/lib/llm/prompt/_get_oauth/init.py
+++ b/src/lib/llm/prompt/_get_oauth/init.py
@ -0,0 +1,2 @@
+from lib.llm.prompt._get_oauth.prompt import prompt
+from lib.llm.prompt._get_oauth.model import model
--- a/src/lib/llm/prompt/_get_oauth/model.py
+++ b/src/lib/llm/prompt/_get_oauth/model.py
@ -0,0 +1,6 @@
+from pydantic import BaseModel
+
+class model(BaseModel):
+    msg: str | None = None
+    url: str | None = None
+    sso_list: list[str] = []  # List of SSO providers found on the login page
--- a/src/lib/llm/prompt/_get_oauth/prompt.py
+++ b/src/lib/llm/prompt/_get_oauth/prompt.py
@ -0,0 +1,61 @@
+prompt = """
+You are an expert in finding login pages.
+
+Your task is to navigate to the login page of the given URL. Follow the steps below strictly and return results only in the specified format.
+
+※ You are NOT allowed to navigate to URLs that are not directly discoverable within the initial domain. Do NOT use search engines or guess external login URLs.
+
+0. INITIAL BLOCK CHECK
+- If the browser is blocked when trying to access the page — due to firewall, CAPTCHA, regional restrictions, or other access denials — immediately terminate the process and return the following JSON:
+    ```json
+    {
+        "msg": "Blocked",
+        "url": "",
+        "sso_list": []
+    }
+    ```
+- Do NOT proceed to further steps in this case.
+
+1. LOGIN PAGE NAVIGATION
+- Navigate only to a **client-side (non-enterprise)** login page within the provided domain.
+- Do NOT rely on external tools, search engines, or links not directly found on the site.
+- If a consent popup (e.g. for privacy/cookies) appears, you MUST dismiss or close it before proceeding.
+- Since step 0 confirmed access, assume the page now loads properly.
+
+2. SSO BUTTON IDENTIFICATION
+- On the login page, look for the following social login (SSO) buttons:
+  - Google, GitHub, Facebook, LinkedIn, Microsoft, Naver, Slack, Etc.
+- ✅ Proceed only if it is clearly an **actual SSO button**.
+- ❌ Exclude the following:
+  - Passkey-related buttons
+  - Username/password fields
+  - Email-based login
+  - Non-OAuth methods such as certificate or phone verification
+
+3. RETURN FORMAT
+- If the login page is successfully found, return:
+    ```json
+    {
+        "msg": "Login page found",
+        "url": "https://example.com/login",
+        "sso_list": ["Google", "GitHub"]
+    }
+    ```
+- If the login page cannot be found, return:
+    ```json
+    {
+        "msg": "Login page not found",
+        "url": "",
+        "sso_list": []
+    }
+    ```
+- If blocked (as in step 0), return:
+    ```json
+    {
+        "msg": "Blocked",
+        "url": "",
+        "sso_list": []
+    }
+    ```
+- Return ONLY the JSON object. Do NOT include any explanation, logging, or extra output.
+"""