#IAO7WZ maxkey社区版4.1.1试用报错 oauth2跳转

2025-12-06 17:08:29 +08:00 · 2024-09-02 17:25:14 +08:00 · 2024-09-02 17:25:14 +08:00 · 69dec0e3ae
commit 69dec0e3ae
parent f172d46c3e
5 changed files with 37 additions and 54 deletions
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/endpoint/AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/endpoint/AuthorizeEndpoint.java
@ -91,7 +91,9 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 	public ModelAndView refused(){
 		ModelAndView modelAndView = new ModelAndView("authorize/authorize_refused");
 		Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
+		if(app != null) {
 			app.transIconBase64();
+		}
 		modelAndView.addObject("model", app);
 		return modelAndView;
 	}
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
@ -50,12 +50,10 @@ import org.dromara.maxkey.entity.Message;
 import org.dromara.maxkey.entity.apps.Apps;
 import org.dromara.maxkey.entity.apps.oauth2.provider.ClientDetails;
 import org.dromara.maxkey.entity.idm.UserInfo;
-import org.dromara.maxkey.util.HttpEncoder;
 import org.dromara.maxkey.web.WebConstants;
 import org.dromara.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@ -64,9 +62,8 @@ import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.support.SessionStatus;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.util.UriComponents;
@ -239,16 +236,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 	}

 	//approval must post
-	@PostMapping(value  = {OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE+"/approval"}, 
-					params = OAuth2Constants.PARAMETER.USER_OAUTH_APPROVAL)
-	public Message< Object> authorizeApproveOrDeny(
-	                @RequestParam Map<String, String> approvalParameters,
-	                @CurrentUser UserInfo currentUser,
-	                SessionStatus sessionStatus) {
-	    
+	@PostMapping(value  = {OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE+"/approval"}, params = OAuth2Constants.PARAMETER.USER_OAUTH_APPROVAL)
+	@ResponseBody
+	public Message< String> authorizeApproveOrDeny(@RequestParam Map<String, String> approvalParameters,@CurrentUser UserInfo currentUser) {
 		Principal principal = (Principal)AuthorizationUtils.getAuthentication();
 		if (!(principal instanceof Authentication)) {
-			sessionStatus.setComplete();
 			throw new InsufficientAuthenticationException(
 					"User must be authenticated with Spring Security before authorizing an access token.");
 		}
@ -256,26 +248,22 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 		AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");

 		if (authorizationRequest == null) {
-			sessionStatus.setComplete();
 			throw new InvalidRequestException("Cannot approve uninitialized authorization request.");
 		}

-		try {
 		Set<String> responseTypes = authorizationRequest.getResponseTypes();

 		authorizationRequest.setApprovalParameters(approvalParameters);
-			authorizationRequest = userApprovalHandler.updateAfterApproval(authorizationRequest,
-					(Authentication) principal);
+		authorizationRequest = userApprovalHandler.updateAfterApproval(authorizationRequest,(Authentication) principal);
 		boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
 		authorizationRequest.setApproved(approved);

 		if (authorizationRequest.getRedirectUri() == null) {
-				sessionStatus.setComplete();
 			throw new InvalidRequestException("Cannot approve request when no redirect URI is provided.");
 		}

 		if (!authorizationRequest.isApproved()) {
-				return new Message< Object>(Message.FAIL,(Object)
+			return new Message<>(Message.FAIL,
 					getUnsuccessfulRedirect(
 				            authorizationRequest,
 				            new UserDeniedAuthorizationException("User denied access"), 
@ -285,17 +273,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 		}

 		if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) {
-				return new Message< Object>((Object)
-						getImplicitGrantResponse(authorizationRequest));
-			}
-
-			return new Message< Object>((Object)
-					getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
-		}
-		finally {
-			sessionStatus.setComplete();
+			return new Message<>(getImplicitGrantResponse(authorizationRequest));
 		}

+		return new Message<>(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
 	}

 	// We need explicit approval from the user.
--- a/maxkey-web-frontend/maxkey-web-app/src/app/routes/dashboard/home/home.component.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/app/routes/dashboard/home/home.component.ts
@ -89,7 +89,7 @@ export class HomeComponent implements OnInit {
        return;
      }
    }
-    window.open(`${this.baseUrl}/authz/${appId}`);
+    window.open(`${this.baseUrl}authz/${appId}`);
  }
  setAccount(appId: string): void {
    const modal = this.modal.create({
@ -105,11 +105,11 @@ export class HomeComponent implements OnInit {

  ngOnInit(): void {
    this.appCategoryList = this.appCategoryService.list();
-    if (environment.api.baseUrl.endsWith('/')) {
-      this.baseUrl = environment.api.baseUrl.substring(0, environment.api.baseUrl.length - 1);
-    } else {
    this.baseUrl = environment.api.baseUrl;
+    if (!this.baseUrl.endsWith('/')) {
+      this.baseUrl = `${this.baseUrl}/`;
    }
+    console.log(`baseUrl : ${this.baseUrl}`);
    this.appListService.appList().subscribe(res => {
      //console.log(res.data);
      this.appList = res.data;
--- a/maxkey-web-frontend/maxkey-web-app/src/environments/environment.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/environments/environment.ts
@ -27,7 +27,7 @@ export const environment = {
  production: false,
  useHash: true,
  api: {
-    baseUrl: 'http://localhost:9527/sign/',
+    baseUrl: '/sign/',
    refreshTokenEnabled: true,
    refreshTokenType: 're-request'
  },
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl
@ -14,10 +14,10 @@
 				<td colspan='2'><@locale code="login.authz.refuse" /></td>
 			</tr>
 			<tr>
-				<td><img src="${model.iconBase64}"/></td><td>${model.appName}</td>
+				<td><img src="${model.iconBase64!}"/></td><td>${model.appName!}</td>
 			</tr>
 			<tr style="display:none">
-				<td>${model.id}</td>
+				<td>${model.id!}</td>
 			</tr>
 		</table>
 	</form>