优化OAuth客户端的日志输出，增强调试信息；修复获取访问令牌时的端口配置，确保回调地址正确；更新API配置中的服务器地址和端口。

2025-08-06 16:53:46 +08:00
parent 1b5f7ac50a
commit 21c01d51d5
4 changed files with 77 additions and 29 deletions
@@ -62,7 +62,7 @@ export class OAuthClient {
      redirect_uri: this.config.redirectUri,
      state: state
    });
-
+    
    return `${this.config.serverUrl}/oauth/authorize?${params.toString()}`;
  }

@@ -72,7 +72,12 @@ export class OAuthClient {
   * @returns 访问令牌响应
   */
  async getAccessToken(code: string): Promise<TokenResponse | null> {
-    console.log('this.config.serverUrl', this.config.serverUrl);
+    console.log('🔧 OAuth配置信息:', {
+      serverUrl: this.config.serverUrl,
+      clientId: this.config.clientId,
+      redirectUri: this.config.redirectUri
+    });
+    
    const url = `${this.config.serverUrl}/oauth/token`;
    const data = new URLSearchParams({
      grant_type: 'authorization_code',
@@ -82,6 +87,14 @@ export class OAuthClient {
      redirect_uri: this.config.redirectUri
    });

+    console.log('🔧 请求Token URL:', url);
+    console.log('🔧 请求参数:', {
+      grant_type: 'authorization_code',
+      code: code,
+      client_id: this.config.clientId,
+      redirect_uri: this.config.redirectUri
+    });
+
    try {
      const response = await fetch(url, {
        method: 'POST',
@@ -91,15 +104,28 @@ export class OAuthClient {
        body: data
      });

+      console.log('🔧 Token响应状态:', response.status, response.statusText);
+
      if (!response.ok) {
        const errorData = await response.json();
-        console.error('获取访问令牌失败:', errorData);
+        console.error('❌ 获取访问令牌失败:', {
+          status: response.status,
+          statusText: response.statusText,
+          errorData: errorData
+        });
        return null;
      }

-      return await response.json() as TokenResponse;
+      const tokenResponse = await response.json() as TokenResponse;
+      console.log('✅ 获取访问令牌成功:', {
+        token_type: tokenResponse.token_type,
+        expires_in: tokenResponse.expires_in,
+        scope: tokenResponse.scope
+      });
+      
+      return tokenResponse;
    } catch (error) {
-      console.error('获取访问令牌网络错误:', error);
+      console.error('❌ 获取访问令牌网络错误:', error);
      return null;
    }
  }
@@ -202,7 +228,17 @@ export class OAuthClient {
   */
  generateState(): string {
    // 获取当前端口号，优先级：API_PORT_CONFIG > PORT > 默认值
-    const currentPort = process.env.API_PORT_CONFIG || process.env.PORT;
+    let currentPort = process.env.API_PORT_CONFIG || process.env.PORT;
+    
+    // 如果环境变量中没有端口号，尝试从浏览器location获取
+    if (!currentPort && typeof window !== 'undefined') {
+      currentPort = window.location.port;
+    }
+    
+    // 如果仍然没有端口号，使用默认端口
+    if (!currentPort) {
+      currentPort = '51703'; // 默认端口
+    }
    
    const randomStr = Math.random().toString(36).substring(2, 15) + 
                     Math.random().toString(36).substring(2, 15);
@@ -33,9 +33,9 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {

  // 测试主要服务实例
  '5173': {
-    baseUrl: 'http://172.16.0.55:8008',
-    documentUrl: 'http://172.16.0.55:8008/docauditai/',
-    uploadUrl: 'http://172.16.0.55:8008/admin/documents'
+    baseUrl: 'http://172.16.0.55:8000',
+    documentUrl: 'http://172.16.0.55:8000/docauditai/',
+    uploadUrl: 'http://172.16.0.55:8000/admin/documents'
  },
  // 测试客户端实例
  '5174': {
@@ -120,12 +120,12 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
 const configs: Record<string, ApiConfig> = {
  // 开发环境
  development: {
-    baseUrl: 'http://172.16.0.55:8008',
+    baseUrl: 'http://172.16.0.55:8000',
    // baseUrl: 'http://172.16.0.81:3000',
    // baseUrl: 'http://nas.7bm.co:3000',
    // documentUrl: 'http://172.16.0.81:9000/docauditai/',
-    documentUrl: 'http://172.16.0.55:8008/docauditai/',
-    uploadUrl: 'http://172.16.0.55:8008/admin/documents',
+    documentUrl: 'http://172.16.0.55:8000/docauditai/',
+    uploadUrl: 'http://172.16.0.55:8000/admin/documents',
    // uploadUrl: 'http://172.16.0.58:8008/admin/documents',
    // uploadUrl: 'http://172.16.0.58:8008/admin/documents',
    oauth: {
@@ -139,12 +139,12 @@ const configs: Record<string, ApiConfig> = {
  
  // 测试环境
  testing: {
-    baseUrl: 'http://172.16.0.55:8008',
+    baseUrl: 'http://172.16.0.55:8000',
    // baseUrl: 'http://172.16.0.81:3000',
    // baseUrl: 'http://nas.7bm.co:3000',
    // documentUrl: 'http://172.16.0.81:9000/docauditai/',
-    documentUrl: 'http://172.16.0.55:8008/docauditai/',
-    uploadUrl: 'http://172.16.0.55:8008/admin/documents',
+    documentUrl: 'http://172.16.0.55:8000/docauditai/',
+    uploadUrl: 'http://172.16.0.55:8000/admin/documents',
    // uploadUrl: 'http://172.16.0.58:8008/admin/documents',
    // uploadUrl: 'http://172.16.0.58:8008/admin/documents',
    oauth: {
@@ -169,7 +169,7 @@ const configs: Record<string, ApiConfig> = {
      serverUrl: 'http://10.79.112.85', // IDaaS服务器地址
      clientId: '54d2a619fe5c81ae1250434c441fccccqMtKwh7H4fO',
      clientSecret: 'VYk1AC5XIJEfnEXwyq0u9JEY3fi3byCfSD58zANGeb', // 需要替换为实际的Client Secret
-      redirectUri: 'http://10.79.97.17/', // 回调地址
+      redirectUri: 'http://10.79.97.17:51703/callback', // 回调地址
      appId: 'idaasoauth2' // 应用ID，用于登出
    }
  },
@@ -3,45 +3,57 @@ import { OAuthClient } from "~/api/login/oauth-client";
 import { OAUTH_CONFIG } from "~/config/api-config";
 import { createUserSession, saveUserInfo } from "~/api/login/auth.server";
 import { JWTUtils, type UserInfoForJWT } from "~/utils/jwt";
-import { toastService } from "~/components/ui";

 export async function loader({ request }: LoaderFunctionArgs) {
  const url = new URL(request.url);
  const code = url.searchParams.get("code");
-  // const state = url.searchParams.get("state");
+  const state = url.searchParams.get("state");
  const error = url.searchParams.get("error");
  const error_description = url.searchParams.get("error_description");

+  console.log("🔧 OAuth2.0回调参数:", {
+    code: code ? `${code.substring(0, 10)}...` : null,
+    state: state,
+    error: error,
+    error_description: error_description,
+    fullUrl: request.url
+  });
+
  // 检查是否有错误
  if (error) {
-    console.error("OAuth2.0授权失败:", error, error_description);
+    console.error("❌ OAuth2.0授权失败:", error, error_description);
    return redirect(`/login?error=${encodeURIComponent(error_description || error)}`);
  }

  // 检查是否有授权码
  if (!code) {
-    toastService.error("通过OAuth2.0登录回调缺少授权码");
-    console.error("OAuth2.0回调缺少授权码");
+    console.error("❌ OAuth2.0回调缺少授权码");
    return redirect("/login?error=missing_code");
  }

-  // 验证状态值（可选，但建议实现）
-  // 这里简单验证state是否以_idp结尾
-  // if (!state || !state.endsWith("_idp")) {
-  //   console.error("OAuth2.0状态值验证失败");
-  //   return redirect("/login?error=invalid_state");
-  // }
+  // 验证状态值
+  if (!state || !state.endsWith("_idp")) {
+    console.error("❌ OAuth2.0状态值验证失败:", { state, expectedSuffix: "_idp" });
+    return redirect("/login?error=invalid_state");
+  }
+
+  console.log("✅ OAuth2.0回调参数验证通过");

  try {
+    console.log("🔧 开始处理OAuth2.0回调");
+    
    // 创建OAuth客户端
    const oauthClient = new OAuthClient(OAUTH_CONFIG);
+    console.log("✅ OAuth客户端创建成功");

    // 获取访问令牌
+    console.log("🔧 开始获取访问令牌...");
    const tokenResponse = await oauthClient.getAccessToken(code);
    if (!tokenResponse) {
-      console.error("获取访问令牌失败");
+      console.error("❌ 获取访问令牌失败");
      return redirect("/login?error=token_error");
    }
+    console.log("✅ 访问令牌获取成功");

    // 获取用户信息
    const userInfo = await oauthClient.getUserInfo(tokenResponse.access_token);
@@ -120,7 +120,7 @@ export default function Login() {
      
      // 获取授权URL
      const authorizeUrl = oauthClient.getAuthorizeUrl(state);
-      
+      console.log("授权URL:", authorizeUrl);
      // 重定向到IDaaS登录页面
      window.location.href = authorizeUrl;
    } catch (error) {