refactor: Update OAuth authorization page to support standard OAuth parameters

- Modify AuthorizeParams interface to align with OAuth 2.0 specification - Add validation for required OAuth parameters - Implement parameter transformation and encoding - Improve error handling for missing or invalid parameters - Ensure compatibility with standard OAuth authorization flow
2025-07-18 14:01:55 +08:00 · 2025-02-20 03:21:17 +08:00 · 2025-02-20 03:21:17 +08:00 · 5a31f79f75
commit 5a31f79f75
parent f276f28118
1 changed files with 46 additions and 10 deletions
--- a/src/app/(oauth)/oauth/authorize/page.tsx
+++ b/src/app/(oauth)/oauth/authorize/page.tsx
@ -6,10 +6,11 @@ import { Authorizing } from "@/components/auth/authorizing";
 import { ErrorCard } from "@/components/auth/error-card";
 export interface AuthorizeParams {
-  oauth: string;
+  response_type: string;
-  clientId: string;
+  client_id: string;
-  scope: string;
+  redirect_uri: string;
-  redirectUri: string;
+  scope?: string;
  state?: string;
 }
 export default async function AuthorizePage({
@ -22,14 +23,33 @@ export default async function AuthorizePage({
    redirect("/login");
  }
-  const client = await getClientByClientId(searchParams.clientId);
+  // 验证必要的参数
  if (
    !searchParams.response_type ||
    !searchParams.client_id ||
    !searchParams.redirect_uri
  ) {
    return (
      <div className="flex min-h-screen items-center justify-center p-4">
        <ErrorCard
          title="参数错误"
          description="缺少必要的参数"
          redirectUri={searchParams.redirect_uri}
          error="invalid_request"
          errorDescription="缺少必要的参数"
        />
      </div>
    );
  }
  const client = await getClientByClientId(searchParams.client_id);
  if (!client) {
    return (
      <div className="flex min-h-screen items-center justify-center p-4">
        <ErrorCard
          title="应用不存在"
          description="您尝试访问的应用不存在或已被删除"
-          redirectUri={searchParams.redirectUri}
+          redirectUri={searchParams.redirect_uri}
          error="invalid_client"
          errorDescription="应用不存在"
        />
@ -44,7 +64,7 @@ export default async function AuthorizePage({
        <ErrorCard
          title="应用已禁用"
          description="此应用已被管理员禁用，暂时无法使用"
-          redirectUri={searchParams.redirectUri}
+          redirectUri={searchParams.redirect_uri}
          error="access_denied"
          errorDescription="此应用已被禁用"
        />
@ -53,13 +73,13 @@ export default async function AuthorizePage({
  }
  // 检查回调地址是否匹配
-  if (client.redirectUri !== searchParams.redirectUri) {
+  if (client.redirectUri !== searchParams.redirect_uri) {
    return (
      <div className="flex min-h-screen items-center justify-center p-4">
        <ErrorCard
          title="回调地址不匹配"
          description="应用提供的回调地址与注册时不符"
-          redirectUri={searchParams.redirectUri}
+          redirectUri={searchParams.redirect_uri}
          error="invalid_request"
          errorDescription="回调地址不匹配"
        />
@ -67,9 +87,25 @@ export default async function AuthorizePage({
    );
  }
  // 构建 OAuth 参数
  const oauthParams = new URLSearchParams();
  oauthParams.set("response_type", searchParams.response_type);
  oauthParams.set("client_id", searchParams.client_id);
  oauthParams.set("redirect_uri", searchParams.redirect_uri);
  if (searchParams.scope) oauthParams.set("scope", searchParams.scope);
  if (searchParams.state) oauthParams.set("state", searchParams.state);
  // 转换参数格式
  const authorizeParams = {
    oauth: btoa(oauthParams.toString()),
    clientId: client.id,
    scope: searchParams.scope || "read_profile",
    redirectUri: searchParams.redirect_uri,
  };
  return (
    <div className="flex min-h-screen items-center justify-center p-4">
-      <Authorizing {...searchParams} />
+      <Authorizing {...authorizeParams} />
    </div>
  );
 }