[codex] Add Korean policy pages

ontime-back/src/main/java/devkor/ontime_back/config/SecurityConfig.java

@@ -72,7 +72,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .headers(headers -> headers
                         .frameOptions(frameOptions -> frameOptions.disable()))
                 .authorizeHttpRequests(auth -> auth
-                        .requestMatchers("/", "/account-deletion", "/privacy-policy", "/css/**", "/images/**", "/js/**", "/favicon.ico", "/h2-console/**").permitAll()
+                        .requestMatchers("/", "/account-deletion", "/account-deletion/**", "/privacy-policy", "/privacy-policy/**", "/css/**", "/images/**", "/js/**", "/favicon.ico", "/h2-console/**").permitAll()
                         .requestMatchers("/health", "/actuator/health/**", "/oauth2/sign-up", "oauth2/success", "login/success", "/oauth2/google/login", "/oauth2/kakao/login", "/oauth2/apple/login", "/sign-up", "/*/additional-info").permitAll()
                         .requestMatchers("/v3/api-docs/**", "/swagger-ui/**", "/swagger-resources/**", "/webjars/**", "/swagger-ui.html").permitAll()
                         .requestMatchers("/error").permitAll()

ontime-back/src/main/java/devkor/ontime_back/global/oauth/google/GoogleLoginService.java

@@ -192,7 +192,7 @@ private void logGoogleIdentityTokenClaims(String identityToken) {
             Long expirationTimeSeconds = payload.getExpirationTimeSeconds();
             long nowSeconds = System.currentTimeMillis() / 1000;
             log.info(
-                    "Google identity token claims aud={}, azp={}, iss={}, exp={}, now={}, secondsUntilExp={}, audienceAllowed={}",
+                    "Google identity credential claims aud={}, azp={}, iss={}, exp={}, now={}, secondsUntilExp={}, audienceAllowed={}",
                     maskClientId(audience),
                     payload.get("azp"),
                     payload.getIssuer(),
@@ -202,7 +202,7 @@ private void logGoogleIdentityTokenClaims(String identityToken) {
                     validClientIds.contains(audience)
             );
         } catch (Exception e) {
-            log.info("Google identity token claim parsing failed: {}", e.getClass().getSimpleName());
+            log.info("Google identity credential claim parsing failed: {}", e.getClass().getSimpleName());
         }
     }
 

ontime-back/src/test/java/devkor/ontime_back/controller/AccountDeletionPageControllerTest.java

@@ -22,6 +22,27 @@ void getAccountDeletionPage() throws Exception {
                 .andExpect(status().isOk())
                 .andExpect(header().string("Cache-Control", containsString("max-age=3600")))
                 .andExpect(content().contentTypeCompatibleWith("text/html"))
+                .andExpect(content().string(containsString("<html lang=\"ko\">")))
+                .andExpect(content().string(containsString("OnTime 계정 삭제 요청")))
+                .andExpect(content().string(containsString("앱 이름: OnTime")))
+                .andExpect(content().string(containsString("개발자: ejun")))
+                .andExpect(content().string(containsString("문의 이메일")))
+                .andExpect(content().string(containsString("앱을 설치하거나 열지 않아도")))
+                .andExpect(content().string(containsString("일정, 준비 데이터, 알림 일정")))
+                .andExpect(content().string(containsString("최대 1년 동안 보관")))
+                .andExpect(content().string(containsString("최대 90일 동안 보관")))
+                .andExpect(content().string(containsString("30일을 초과하여 보관되지 않습니다")))
+                .andExpect(content().string(containsString("https://ontime-back.duckdns.org/privacy-policy")));
+    }
+
+    @DisplayName("영문 계정 삭제 요청 페이지를 로그인 없이 HTML로 조회한다.")
+    @Test
+    void getEnglishAccountDeletionPage() throws Exception {
+        mockMvc.perform(get("/account-deletion/en"))
+                .andExpect(status().isOk())
+                .andExpect(header().string("Cache-Control", containsString("max-age=3600")))
+                .andExpect(content().contentTypeCompatibleWith("text/html"))
+                .andExpect(content().string(containsString("<html lang=\"en\">")))
                 .andExpect(content().string(containsString("OnTime Account Deletion Request")))
                 .andExpect(content().string(containsString("App name: OnTime")))
                 .andExpect(content().string(containsString("Developer: ejun")))

ontime-back/src/test/java/devkor/ontime_back/controller/PrivacyPolicyControllerTest.java

@@ -22,6 +22,33 @@ void getPrivacyPolicy() throws Exception {
                 .andExpect(status().isOk())
                 .andExpect(header().string("Cache-Control", containsString("max-age=3600")))
                 .andExpect(content().contentTypeCompatibleWith("text/html"))
+                .andExpect(content().string(containsString("<html lang=\"ko\">")))
+                .andExpect(content().string(containsString("OnTime 개인정보 처리방침")))
+                .andExpect(content().string(containsString("앱 이름: OnTime")))
+                .andExpect(content().string(containsString("개발자/운영 주체: ejun")))
+                .andExpect(content().string(containsString("문의 이메일")))
+                .andExpect(content().string(containsString("시행일: 2026년 5월 10일")))
+                .andExpect(content().string(containsString("https://ontime-back.duckdns.org/account-deletion")))
+                .andExpect(content().string(containsString("계정 데이터")))
+                .andExpect(content().string(containsString("일정/준비 데이터")))
+                .andExpect(content().string(containsString("알람/알림 데이터")))
+                .andExpect(content().string(containsString("피드백")))
+                .andExpect(content().string(containsString("로컬 앱 데이터")))
+                .andExpect(content().string(containsString("기술/진단 데이터")))
+                .andExpect(content().string(containsString("계정 데이터와 사용자 소유 앱 데이터가 삭제됩니다")))
+                .andExpect(content().string(containsString("최대 1년")))
+                .andExpect(content().string(containsString("최대 90일")))
+                .andExpect(content().string(containsString("30일을 초과하여")));
+    }
+
+    @DisplayName("영문 개인정보 처리방침 페이지를 로그인 없이 HTML로 조회한다.")
+    @Test
+    void getEnglishPrivacyPolicy() throws Exception {
+        mockMvc.perform(get("/privacy-policy/en"))
+                .andExpect(status().isOk())
+                .andExpect(header().string("Cache-Control", containsString("max-age=3600")))
+                .andExpect(content().contentTypeCompatibleWith("text/html"))
+                .andExpect(content().string(containsString("<html lang=\"en\">")))
                 .andExpect(content().string(containsString("OnTime Privacy Policy")))
                 .andExpect(content().string(containsString("App name: OnTime")))
                 .andExpect(content().string(containsString("Developer/entity: ejun")))

ontime-back/src/test/java/devkor/ontime_back/global/jwt/JwtAuthenticationFilterTest.java

@@ -16,7 +16,7 @@ class JwtAuthenticationFilterTest {
 
     @DisplayName("공개 HTML 페이지는 액세스 토큰 없이 JWT 필터를 통과한다.")
     @ParameterizedTest
-    @ValueSource(strings = {"/account-deletion", "/privacy-policy"})
+    @ValueSource(strings = {"/account-deletion", "/account-deletion/en", "/privacy-policy", "/privacy-policy/en"})
     void skipsPublicHtmlPages(String path) throws Exception {
         JwtTokenProvider jwtTokenProvider = mock(JwtTokenProvider.class);
         UserRepository userRepository = mock(UserRepository.class);