优化OAuth客户端的日志输出,增强调试信息;修复获取访问令牌时的端口配置,确保回调地址正确;更新API配置中的服务器地址和端口。
This commit is contained in:
@@ -62,7 +62,7 @@ export class OAuthClient {
|
|||||||
redirect_uri: this.config.redirectUri,
|
redirect_uri: this.config.redirectUri,
|
||||||
state: state
|
state: state
|
||||||
});
|
});
|
||||||
|
|
||||||
return `${this.config.serverUrl}/oauth/authorize?${params.toString()}`;
|
return `${this.config.serverUrl}/oauth/authorize?${params.toString()}`;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -72,7 +72,12 @@ export class OAuthClient {
|
|||||||
* @returns 访问令牌响应
|
* @returns 访问令牌响应
|
||||||
*/
|
*/
|
||||||
async getAccessToken(code: string): Promise<TokenResponse | null> {
|
async getAccessToken(code: string): Promise<TokenResponse | null> {
|
||||||
console.log('this.config.serverUrl', this.config.serverUrl);
|
console.log('🔧 OAuth配置信息:', {
|
||||||
|
serverUrl: this.config.serverUrl,
|
||||||
|
clientId: this.config.clientId,
|
||||||
|
redirectUri: this.config.redirectUri
|
||||||
|
});
|
||||||
|
|
||||||
const url = `${this.config.serverUrl}/oauth/token`;
|
const url = `${this.config.serverUrl}/oauth/token`;
|
||||||
const data = new URLSearchParams({
|
const data = new URLSearchParams({
|
||||||
grant_type: 'authorization_code',
|
grant_type: 'authorization_code',
|
||||||
@@ -82,6 +87,14 @@ export class OAuthClient {
|
|||||||
redirect_uri: this.config.redirectUri
|
redirect_uri: this.config.redirectUri
|
||||||
});
|
});
|
||||||
|
|
||||||
|
console.log('🔧 请求Token URL:', url);
|
||||||
|
console.log('🔧 请求参数:', {
|
||||||
|
grant_type: 'authorization_code',
|
||||||
|
code: code,
|
||||||
|
client_id: this.config.clientId,
|
||||||
|
redirect_uri: this.config.redirectUri
|
||||||
|
});
|
||||||
|
|
||||||
try {
|
try {
|
||||||
const response = await fetch(url, {
|
const response = await fetch(url, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
@@ -91,15 +104,28 @@ export class OAuthClient {
|
|||||||
body: data
|
body: data
|
||||||
});
|
});
|
||||||
|
|
||||||
|
console.log('🔧 Token响应状态:', response.status, response.statusText);
|
||||||
|
|
||||||
if (!response.ok) {
|
if (!response.ok) {
|
||||||
const errorData = await response.json();
|
const errorData = await response.json();
|
||||||
console.error('获取访问令牌失败:', errorData);
|
console.error('❌ 获取访问令牌失败:', {
|
||||||
|
status: response.status,
|
||||||
|
statusText: response.statusText,
|
||||||
|
errorData: errorData
|
||||||
|
});
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
return await response.json() as TokenResponse;
|
const tokenResponse = await response.json() as TokenResponse;
|
||||||
|
console.log('✅ 获取访问令牌成功:', {
|
||||||
|
token_type: tokenResponse.token_type,
|
||||||
|
expires_in: tokenResponse.expires_in,
|
||||||
|
scope: tokenResponse.scope
|
||||||
|
});
|
||||||
|
|
||||||
|
return tokenResponse;
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
console.error('获取访问令牌网络错误:', error);
|
console.error('❌ 获取访问令牌网络错误:', error);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -202,7 +228,17 @@ export class OAuthClient {
|
|||||||
*/
|
*/
|
||||||
generateState(): string {
|
generateState(): string {
|
||||||
// 获取当前端口号,优先级:API_PORT_CONFIG > PORT > 默认值
|
// 获取当前端口号,优先级:API_PORT_CONFIG > PORT > 默认值
|
||||||
const currentPort = process.env.API_PORT_CONFIG || process.env.PORT;
|
let currentPort = process.env.API_PORT_CONFIG || process.env.PORT;
|
||||||
|
|
||||||
|
// 如果环境变量中没有端口号,尝试从浏览器location获取
|
||||||
|
if (!currentPort && typeof window !== 'undefined') {
|
||||||
|
currentPort = window.location.port;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 如果仍然没有端口号,使用默认端口
|
||||||
|
if (!currentPort) {
|
||||||
|
currentPort = '51703'; // 默认端口
|
||||||
|
}
|
||||||
|
|
||||||
const randomStr = Math.random().toString(36).substring(2, 15) +
|
const randomStr = Math.random().toString(36).substring(2, 15) +
|
||||||
Math.random().toString(36).substring(2, 15);
|
Math.random().toString(36).substring(2, 15);
|
||||||
|
|||||||
+10
-10
@@ -33,9 +33,9 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
|||||||
|
|
||||||
// 测试主要服务实例
|
// 测试主要服务实例
|
||||||
'5173': {
|
'5173': {
|
||||||
baseUrl: 'http://172.16.0.55:8008',
|
baseUrl: 'http://172.16.0.55:8000',
|
||||||
documentUrl: 'http://172.16.0.55:8008/docauditai/',
|
documentUrl: 'http://172.16.0.55:8000/docauditai/',
|
||||||
uploadUrl: 'http://172.16.0.55:8008/admin/documents'
|
uploadUrl: 'http://172.16.0.55:8000/admin/documents'
|
||||||
},
|
},
|
||||||
// 测试客户端实例
|
// 测试客户端实例
|
||||||
'5174': {
|
'5174': {
|
||||||
@@ -120,12 +120,12 @@ const portConfigs: Record<string, Partial<ApiConfig>> = {
|
|||||||
const configs: Record<string, ApiConfig> = {
|
const configs: Record<string, ApiConfig> = {
|
||||||
// 开发环境
|
// 开发环境
|
||||||
development: {
|
development: {
|
||||||
baseUrl: 'http://172.16.0.55:8008',
|
baseUrl: 'http://172.16.0.55:8000',
|
||||||
// baseUrl: 'http://172.16.0.81:3000',
|
// baseUrl: 'http://172.16.0.81:3000',
|
||||||
// baseUrl: 'http://nas.7bm.co:3000',
|
// baseUrl: 'http://nas.7bm.co:3000',
|
||||||
// documentUrl: 'http://172.16.0.81:9000/docauditai/',
|
// documentUrl: 'http://172.16.0.81:9000/docauditai/',
|
||||||
documentUrl: 'http://172.16.0.55:8008/docauditai/',
|
documentUrl: 'http://172.16.0.55:8000/docauditai/',
|
||||||
uploadUrl: 'http://172.16.0.55:8008/admin/documents',
|
uploadUrl: 'http://172.16.0.55:8000/admin/documents',
|
||||||
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
||||||
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
||||||
oauth: {
|
oauth: {
|
||||||
@@ -139,12 +139,12 @@ const configs: Record<string, ApiConfig> = {
|
|||||||
|
|
||||||
// 测试环境
|
// 测试环境
|
||||||
testing: {
|
testing: {
|
||||||
baseUrl: 'http://172.16.0.55:8008',
|
baseUrl: 'http://172.16.0.55:8000',
|
||||||
// baseUrl: 'http://172.16.0.81:3000',
|
// baseUrl: 'http://172.16.0.81:3000',
|
||||||
// baseUrl: 'http://nas.7bm.co:3000',
|
// baseUrl: 'http://nas.7bm.co:3000',
|
||||||
// documentUrl: 'http://172.16.0.81:9000/docauditai/',
|
// documentUrl: 'http://172.16.0.81:9000/docauditai/',
|
||||||
documentUrl: 'http://172.16.0.55:8008/docauditai/',
|
documentUrl: 'http://172.16.0.55:8000/docauditai/',
|
||||||
uploadUrl: 'http://172.16.0.55:8008/admin/documents',
|
uploadUrl: 'http://172.16.0.55:8000/admin/documents',
|
||||||
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
||||||
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
// uploadUrl: 'http://172.16.0.58:8008/admin/documents',
|
||||||
oauth: {
|
oauth: {
|
||||||
@@ -169,7 +169,7 @@ const configs: Record<string, ApiConfig> = {
|
|||||||
serverUrl: 'http://10.79.112.85', // IDaaS服务器地址
|
serverUrl: 'http://10.79.112.85', // IDaaS服务器地址
|
||||||
clientId: '54d2a619fe5c81ae1250434c441fccccqMtKwh7H4fO',
|
clientId: '54d2a619fe5c81ae1250434c441fccccqMtKwh7H4fO',
|
||||||
clientSecret: 'VYk1AC5XIJEfnEXwyq0u9JEY3fi3byCfSD58zANGeb', // 需要替换为实际的Client Secret
|
clientSecret: 'VYk1AC5XIJEfnEXwyq0u9JEY3fi3byCfSD58zANGeb', // 需要替换为实际的Client Secret
|
||||||
redirectUri: 'http://10.79.97.17/', // 回调地址
|
redirectUri: 'http://10.79.97.17:51703/callback', // 回调地址
|
||||||
appId: 'idaasoauth2' // 应用ID,用于登出
|
appId: 'idaasoauth2' // 应用ID,用于登出
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|||||||
+24
-12
@@ -3,45 +3,57 @@ import { OAuthClient } from "~/api/login/oauth-client";
|
|||||||
import { OAUTH_CONFIG } from "~/config/api-config";
|
import { OAUTH_CONFIG } from "~/config/api-config";
|
||||||
import { createUserSession, saveUserInfo } from "~/api/login/auth.server";
|
import { createUserSession, saveUserInfo } from "~/api/login/auth.server";
|
||||||
import { JWTUtils, type UserInfoForJWT } from "~/utils/jwt";
|
import { JWTUtils, type UserInfoForJWT } from "~/utils/jwt";
|
||||||
import { toastService } from "~/components/ui";
|
|
||||||
|
|
||||||
export async function loader({ request }: LoaderFunctionArgs) {
|
export async function loader({ request }: LoaderFunctionArgs) {
|
||||||
const url = new URL(request.url);
|
const url = new URL(request.url);
|
||||||
const code = url.searchParams.get("code");
|
const code = url.searchParams.get("code");
|
||||||
// const state = url.searchParams.get("state");
|
const state = url.searchParams.get("state");
|
||||||
const error = url.searchParams.get("error");
|
const error = url.searchParams.get("error");
|
||||||
const error_description = url.searchParams.get("error_description");
|
const error_description = url.searchParams.get("error_description");
|
||||||
|
|
||||||
|
console.log("🔧 OAuth2.0回调参数:", {
|
||||||
|
code: code ? `${code.substring(0, 10)}...` : null,
|
||||||
|
state: state,
|
||||||
|
error: error,
|
||||||
|
error_description: error_description,
|
||||||
|
fullUrl: request.url
|
||||||
|
});
|
||||||
|
|
||||||
// 检查是否有错误
|
// 检查是否有错误
|
||||||
if (error) {
|
if (error) {
|
||||||
console.error("OAuth2.0授权失败:", error, error_description);
|
console.error("❌ OAuth2.0授权失败:", error, error_description);
|
||||||
return redirect(`/login?error=${encodeURIComponent(error_description || error)}`);
|
return redirect(`/login?error=${encodeURIComponent(error_description || error)}`);
|
||||||
}
|
}
|
||||||
|
|
||||||
// 检查是否有授权码
|
// 检查是否有授权码
|
||||||
if (!code) {
|
if (!code) {
|
||||||
toastService.error("通过OAuth2.0登录回调缺少授权码");
|
console.error("❌ OAuth2.0回调缺少授权码");
|
||||||
console.error("OAuth2.0回调缺少授权码");
|
|
||||||
return redirect("/login?error=missing_code");
|
return redirect("/login?error=missing_code");
|
||||||
}
|
}
|
||||||
|
|
||||||
// 验证状态值(可选,但建议实现)
|
// 验证状态值
|
||||||
// 这里简单验证state是否以_idp结尾
|
if (!state || !state.endsWith("_idp")) {
|
||||||
// if (!state || !state.endsWith("_idp")) {
|
console.error("❌ OAuth2.0状态值验证失败:", { state, expectedSuffix: "_idp" });
|
||||||
// console.error("OAuth2.0状态值验证失败");
|
return redirect("/login?error=invalid_state");
|
||||||
// return redirect("/login?error=invalid_state");
|
}
|
||||||
// }
|
|
||||||
|
console.log("✅ OAuth2.0回调参数验证通过");
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
console.log("🔧 开始处理OAuth2.0回调");
|
||||||
|
|
||||||
// 创建OAuth客户端
|
// 创建OAuth客户端
|
||||||
const oauthClient = new OAuthClient(OAUTH_CONFIG);
|
const oauthClient = new OAuthClient(OAUTH_CONFIG);
|
||||||
|
console.log("✅ OAuth客户端创建成功");
|
||||||
|
|
||||||
// 获取访问令牌
|
// 获取访问令牌
|
||||||
|
console.log("🔧 开始获取访问令牌...");
|
||||||
const tokenResponse = await oauthClient.getAccessToken(code);
|
const tokenResponse = await oauthClient.getAccessToken(code);
|
||||||
if (!tokenResponse) {
|
if (!tokenResponse) {
|
||||||
console.error("获取访问令牌失败");
|
console.error("❌ 获取访问令牌失败");
|
||||||
return redirect("/login?error=token_error");
|
return redirect("/login?error=token_error");
|
||||||
}
|
}
|
||||||
|
console.log("✅ 访问令牌获取成功");
|
||||||
|
|
||||||
// 获取用户信息
|
// 获取用户信息
|
||||||
const userInfo = await oauthClient.getUserInfo(tokenResponse.access_token);
|
const userInfo = await oauthClient.getUserInfo(tokenResponse.access_token);
|
||||||
|
|||||||
@@ -120,7 +120,7 @@ export default function Login() {
|
|||||||
|
|
||||||
// 获取授权URL
|
// 获取授权URL
|
||||||
const authorizeUrl = oauthClient.getAuthorizeUrl(state);
|
const authorizeUrl = oauthClient.getAuthorizeUrl(state);
|
||||||
|
console.log("授权URL:", authorizeUrl);
|
||||||
// 重定向到IDaaS登录页面
|
// 重定向到IDaaS登录页面
|
||||||
window.location.href = authorizeUrl;
|
window.location.href = authorizeUrl;
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
|
|||||||
Reference in New Issue
Block a user