From f9c912e8c55b7e35a204de6ddd5254502ca762fe Mon Sep 17 00:00:00 2001
From: wood chen <wood@czl.net>
Date: Fri, 21 Feb 2025 17:28:14 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20=E9=87=8D=E6=9E=84=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E6=8E=88=E6=9D=83=E6=B5=81=E7=A8=8B=EF=BC=8C=E7=AE=80?=
 =?UTF-8?q?=E5=8C=96=20OAuth=20=E5=92=8C=20SSO=20=E9=87=8D=E5=AE=9A?=
 =?UTF-8?q?=E5=90=91=E9=80=BB=E8=BE=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/actions/user-authorize.ts          | 29 +++++++++++++-------------
 src/components/auth/user-authorize.tsx | 13 ++----------
 2 files changed, 16 insertions(+), 26 deletions(-)

diff --git a/src/actions/user-authorize.ts b/src/actions/user-authorize.ts
index 7133c47..c371f12 100644
--- a/src/actions/user-authorize.ts
+++ b/src/actions/user-authorize.ts
@@ -4,27 +4,26 @@ import { redirect } from "next/navigation";
 import { signIn as nextSignIn } from "@/auth";
 
 export async function signIn(data: Record<string, any>) {
-  const { sso, sig, oauth } = data;
+  const { sso, sig, returnTo } = data;
 
   // 先进行 SSO 登录
   await nextSignIn("credentials", { sso, sig });
 
-  // 如果有 OAuth 参数，重定向到 OAuth 授权页面
-  if (oauth) {
-    const oauthParams = new URLSearchParams(atob(oauth));
-    if (oauthParams.has("client_id")) {
-      const authUrl = `/oauth/authorize?${oauthParams.toString()}`;
-      redirect(authUrl);
-    }
-  }
-
-  // 如果没有 OAuth 参数，从 SSO 参数中获取 return_sso_url
+  // 从 sso 参数中获取 return_sso_url
   const params = new URLSearchParams(atob(sso));
-  const returnUrl = params.get("return_sso_url");
+  const returnSsoUrl = params.get("return_sso_url");
 
-  if (!returnUrl) {
+  if (!returnSsoUrl) {
+    // 如果没有 return_sso_url，检查是否有 OAuth 参数
+    const searchParams = new URLSearchParams(returnTo);
+    if (searchParams.has("client_id")) {
+      // 如果是 OAuth 流程，重定向到授权页面
+      redirect(`/oauth/authorize${returnTo}`);
+    }
+    // 如果都没有，重定向到仪表板
     redirect("/dashboard");
-  } else {
-    redirect(returnUrl);
   }
+
+  // 如果有 return_sso_url，重定向回 SSO 提供者
+  redirect(returnSsoUrl);
 }
diff --git a/src/components/auth/user-authorize.tsx b/src/components/auth/user-authorize.tsx
index 376489c..d6ec043 100644
--- a/src/components/auth/user-authorize.tsx
+++ b/src/components/auth/user-authorize.tsx
@@ -32,20 +32,11 @@ export function UserAuthorize({
         throw new Error("缺少必要的认证参数");
       }
 
-      // 获取原始的 OAuth 参数
-      const originalOAuthParams = new URLSearchParams(window.location.search);
-      const oauthData: Record<string, string> = {};
-      Array.from(originalOAuthParams.entries())
-        .filter(([key]) => key !== "sso" && key !== "sig")
-        .forEach(([key, value]) => {
-          oauthData[key] = value;
-        });
-
-      // 传递 SSO 参数和原始的 OAuth 参数
+      // 传递 SSO 参数和原始的 search 参数
       await signIn({
         sso,
         sig,
-        oauth: btoa(originalOAuthParams.toString()),
+        returnTo: url.search, // 保存完整的查询参数
       });
 
       setIsLoading(false);