1. 添加新的正式环境的secret配置信息。
2. 动态回调地址,如果是钉钉应用则用对应的回调地址。 3. 高频错误评查点改成显示出错次数。 4. 添加开关的通用组件,评查点列表方便修改状态。
This commit is contained in:
+18
-10
@@ -23,8 +23,10 @@ interface ApiConfig {
|
||||
clientId?: string;
|
||||
// OAuth2应用Client Secret
|
||||
clientSecret?: string;
|
||||
// 回调地址
|
||||
// 回调地址(内网Web)
|
||||
redirectUri?: string;
|
||||
// 钉钉Web回调地址(互联网地址)
|
||||
dingtalkRedirectUri?: string;
|
||||
// 应用ID(用于登出)
|
||||
appId?: string;
|
||||
};
|
||||
@@ -39,7 +41,7 @@ interface ApiConfig {
|
||||
|
||||
// 端口特定配置映射
|
||||
// 根据不同端口提供不同的API配置
|
||||
const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
export const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
|
||||
// 主要
|
||||
// 梅州
|
||||
@@ -65,7 +67,9 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
appUrl: 'http://10.79.97.17:51703',
|
||||
|
||||
oauth: {
|
||||
redirectUri: 'http://10.79.97.17:51703/callback'
|
||||
redirectUri: 'http://10.79.97.17:51703/callback',
|
||||
// 钉钉Web回调地址(互联网地址)- 需要根据实际部署修改
|
||||
dingtalkRedirectUri: process.env.DINGTALK_REDIRECT_URI_51703 || 'https://10-79-97-1751703-b2oaixksdrrisox0t3.ztna-dingtalk.com/callback'
|
||||
}
|
||||
},
|
||||
|
||||
@@ -84,7 +88,8 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
collaboraUrl: 'http://10.79.97.17:9980',
|
||||
appUrl: 'http://10.79.97.17:51704',
|
||||
oauth: {
|
||||
redirectUri: 'http://10.79.97.17:51704/callback'
|
||||
redirectUri: 'http://10.79.97.17:51704/callback',
|
||||
dingtalkRedirectUri: process.env.DINGTALK_REDIRECT_URI_51704 || 'https://10-79-97-1751704-xxxxxxxxx.ztna-dingtalk.com/callback'
|
||||
}
|
||||
},
|
||||
|
||||
@@ -96,7 +101,8 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
collaboraUrl: 'http://10.79.97.17:9980',
|
||||
appUrl: 'http://10.79.97.17:51705',
|
||||
oauth: {
|
||||
redirectUri: 'http://10.79.97.17:51705/callback'
|
||||
redirectUri: 'http://10.79.97.17:51705/callback',
|
||||
dingtalkRedirectUri: process.env.DINGTALK_REDIRECT_URI_51705 || 'https://10-79-97-1751705-xxxxxxxxx.ztna-dingtalk.com/callback'
|
||||
}
|
||||
},
|
||||
|
||||
@@ -108,7 +114,8 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
collaboraUrl: 'http://10.79.97.17:9980',
|
||||
appUrl: 'http://10.79.97.17:51706',
|
||||
oauth: {
|
||||
redirectUri: 'http://10.79.97.17:51706/callback'
|
||||
redirectUri: 'http://10.79.97.17:51706/callback',
|
||||
dingtalkRedirectUri: process.env.DINGTALK_REDIRECT_URI_51706 || 'https://10-79-97-1751706-xxxxxxxxx.ztna-dingtalk.com/callback'
|
||||
}
|
||||
},
|
||||
|
||||
@@ -129,7 +136,8 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
||||
appUrl: 'http://10.79.97.17:51707',
|
||||
|
||||
oauth: {
|
||||
redirectUri: 'http://10.79.97.17:51707/callback'
|
||||
redirectUri: 'http://10.79.97.17:51707/callback',
|
||||
dingtalkRedirectUri: process.env.DINGTALK_REDIRECT_URI_51707 || 'https://10-79-97-1751707-xxxxxxxxx.ztna-dingtalk.com/callback'
|
||||
}
|
||||
},
|
||||
|
||||
@@ -202,9 +210,9 @@ const configs: Record<string, ApiConfig> = {
|
||||
collaboraUrl: 'http://10.79.97.17:9980',
|
||||
appUrl: 'http://10.79.97.17:51703',
|
||||
oauth: {
|
||||
clientId: '54d2a619fe5c81ae1250434c441fccccqMtKwh7H4fO',
|
||||
serverUrl: 'http://10.79.112.85', // IDaaS服务器地址(测试)
|
||||
// serverUrl: 'http://10.79.97.252', // IDaaS服务器地址(生产)
|
||||
clientId: '224266374b56ee6254ed3d339014b033kaZy92exUmy',
|
||||
// serverUrl: 'http://10.79.112.85', // IDaaS服务器地址(测试)
|
||||
serverUrl: 'http://10.79.97.252', // IDaaS服务器地址(生产)
|
||||
// ⚠️ 安全警告:clientSecret 不应该硬编码在代码中
|
||||
// 请在生产环境使用环境变量 OAUTH_CLIENT_SECRET
|
||||
clientSecret: 'placeholder', // 占位符,实际值从环境变量获取
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
* Remix 会自动排除 .server.ts 文件不打包到客户端
|
||||
*/
|
||||
|
||||
import { OAUTH_CONFIG } from './api-config';
|
||||
import { OAUTH_CONFIG, portConfigs } from './api-config';
|
||||
|
||||
// 用于控制日志输出(避免重复日志)
|
||||
let hasLoggedSecret = false;
|
||||
@@ -67,3 +67,34 @@ export function getServerOAuthConfigRuntime() {
|
||||
};
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取端口特定的OAuth配置(包含钉钉回调地址)
|
||||
* @param port 端口号
|
||||
* @returns OAuth配置(包含内网和钉钉回调地址)
|
||||
*/
|
||||
export function getPortOAuthConfig(port: string) {
|
||||
const secret = getOAuthClientSecret();
|
||||
const portConfig = portConfigs[port];
|
||||
|
||||
if (!portConfig?.oauth) {
|
||||
console.warn(`⚠️ [oauth-secret.server] 端口 ${port} 没有特定OAuth配置,使用默认配置`);
|
||||
return {
|
||||
serverUrl: OAUTH_CONFIG.serverUrl!,
|
||||
clientId: OAUTH_CONFIG.clientId!,
|
||||
redirectUri: OAUTH_CONFIG.redirectUri!,
|
||||
appId: OAUTH_CONFIG.appId!,
|
||||
clientSecret: secret,
|
||||
dingtalkRedirectUri: undefined
|
||||
};
|
||||
}
|
||||
|
||||
return {
|
||||
serverUrl: OAUTH_CONFIG.serverUrl!,
|
||||
clientId: OAUTH_CONFIG.clientId!,
|
||||
redirectUri: portConfig.oauth.redirectUri || OAUTH_CONFIG.redirectUri!,
|
||||
appId: OAUTH_CONFIG.appId!,
|
||||
clientSecret: secret,
|
||||
dingtalkRedirectUri: portConfig.oauth.dingtalkRedirectUri
|
||||
};
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user