#IAO7WZ maxkey社区版4.1.1试用报错 oauth2跳转

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/endpoint/AuthorizeEndpoint.java

@@ -91,7 +91,9 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 	public ModelAndView refused(){
 		ModelAndView modelAndView = new ModelAndView("authorize/authorize_refused");
 		Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
-		app.transIconBase64();
+		if(app != null) {
+			app.transIconBase64();
+		}
 		modelAndView.addObject("model", app);
 		return modelAndView;
 	}

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java

@@ -50,12 +50,10 @@ import org.dromara.maxkey.entity.Message;
 import org.dromara.maxkey.entity.apps.Apps;
 import org.dromara.maxkey.entity.apps.oauth2.provider.ClientDetails;
 import org.dromara.maxkey.entity.idm.UserInfo;
-import org.dromara.maxkey.util.HttpEncoder;
 import org.dromara.maxkey.web.WebConstants;
 import org.dromara.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -64,9 +62,8 @@ import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.support.SessionStatus;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.util.UriComponents;
@@ -239,16 +236,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 	}
 
 	//approval must post
-	@PostMapping(value  = {OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE+"/approval"}, 
-					params = OAuth2Constants.PARAMETER.USER_OAUTH_APPROVAL)
-	public Message< Object> authorizeApproveOrDeny(
-	                @RequestParam Map<String, String> approvalParameters,
-	                @CurrentUser UserInfo currentUser,
-	                SessionStatus sessionStatus) {
-	    
+	@PostMapping(value  = {OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE+"/approval"}, params = OAuth2Constants.PARAMETER.USER_OAUTH_APPROVAL)
+	@ResponseBody
+	public Message< String> authorizeApproveOrDeny(@RequestParam Map<String, String> approvalParameters,@CurrentUser UserInfo currentUser) {
 		Principal principal = (Principal)AuthorizationUtils.getAuthentication();
 		if (!(principal instanceof Authentication)) {
-			sessionStatus.setComplete();
 			throw new InsufficientAuthenticationException(
 					"User must be authenticated with Spring Security before authorizing an access token.");
 		}
@@ -256,46 +248,35 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 		AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
 
 		if (authorizationRequest == null) {
-			sessionStatus.setComplete();
 			throw new InvalidRequestException("Cannot approve uninitialized authorization request.");
 		}
 
-		try {
-			Set<String> responseTypes = authorizationRequest.getResponseTypes();
-
-			authorizationRequest.setApprovalParameters(approvalParameters);
-			authorizationRequest = userApprovalHandler.updateAfterApproval(authorizationRequest,
-					(Authentication) principal);
-			boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
-			authorizationRequest.setApproved(approved);
-
-			if (authorizationRequest.getRedirectUri() == null) {
-				sessionStatus.setComplete();
-				throw new InvalidRequestException("Cannot approve request when no redirect URI is provided.");
-			}
+		Set<String> responseTypes = authorizationRequest.getResponseTypes();
 
-			if (!authorizationRequest.isApproved()) {
-				return new Message< Object>(Message.FAIL,(Object)
-						getUnsuccessfulRedirect(
-					            authorizationRequest,
-					            new UserDeniedAuthorizationException("User denied access"), 
-					            responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)
-					        )
-						);
-			}
+		authorizationRequest.setApprovalParameters(approvalParameters);
+		authorizationRequest = userApprovalHandler.updateAfterApproval(authorizationRequest,(Authentication) principal);
+		boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
+		authorizationRequest.setApproved(approved);
 
-			if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) {
-				return new Message< Object>((Object)
-						getImplicitGrantResponse(authorizationRequest));
-			}
+		if (authorizationRequest.getRedirectUri() == null) {
+			throw new InvalidRequestException("Cannot approve request when no redirect URI is provided.");
+		}
 
-			return new Message< Object>((Object)
-					getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
+		if (!authorizationRequest.isApproved()) {
+			return new Message<>(Message.FAIL,
+					getUnsuccessfulRedirect(
+				            authorizationRequest,
+				            new UserDeniedAuthorizationException("User denied access"), 
+				            responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)
+				        )
+					);
 		}
-		finally {
-			sessionStatus.setComplete();
+
+		if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) {
+			return new Message<>(getImplicitGrantResponse(authorizationRequest));
 		}
 
+		return new Message<>(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
 	}
 
 	// We need explicit approval from the user.

maxkey-web-frontend/maxkey-web-app/src/app/routes/dashboard/home/home.component.ts

@@ -89,7 +89,7 @@ export class HomeComponent implements OnInit {
         return;
       }
     }
-    window.open(`${this.baseUrl}/authz/${appId}`);
+    window.open(`${this.baseUrl}authz/${appId}`);
   }
   setAccount(appId: string): void {
     const modal = this.modal.create({
@@ -105,11 +105,11 @@ export class HomeComponent implements OnInit {
 
   ngOnInit(): void {
     this.appCategoryList = this.appCategoryService.list();
-    if (environment.api.baseUrl.endsWith('/')) {
-      this.baseUrl = environment.api.baseUrl.substring(0, environment.api.baseUrl.length - 1);
-    } else {
-      this.baseUrl = environment.api.baseUrl;
+    this.baseUrl = environment.api.baseUrl;
+    if (!this.baseUrl.endsWith('/')) {
+      this.baseUrl = `${this.baseUrl}/`;
     }
+    console.log(`baseUrl : ${this.baseUrl}`);
     this.appListService.appList().subscribe(res => {
       //console.log(res.data);
       this.appList = res.data;

maxkey-web-frontend/maxkey-web-app/src/environments/environment.ts

@@ -27,7 +27,7 @@ export const environment = {
   production: false,
   useHash: true,
   api: {
-    baseUrl: 'http://localhost:9527/sign/',
+    baseUrl: '/sign/',
     refreshTokenEnabled: true,
     refreshTokenType: 're-request'
   },

maxkey-webs/maxkey-web-maxkey/src/main/resources/templates/views/authorize/authorize_refused.ftl

@@ -14,10 +14,10 @@
 				<td colspan='2'><@locale code="login.authz.refuse" /></td>
 			</tr>
 			<tr>
-				<td><img src="${model.iconBase64}"/></td><td>${model.appName}</td>
+				<td><img src="${model.iconBase64!}"/></td><td>${model.appName!}</td>
 			</tr>
 			<tr style="display:none">
-				<td>${model.id}</td>
+				<td>${model.id!}</td>
 			</tr>
 		</table>
 	</form>