chore: format

This commit is contained in:
xiaojunnuo
2026-05-31 01:41:33 +08:00
parent acd440106b
commit 4b57a0d729
557 changed files with 12530 additions and 14039 deletions
@@ -4,19 +4,18 @@ import { IconSets } from "../iconsets.js";
@IsAddon({
addonType: "oauth",
name: 'oidc',
title: 'OIDC认证',
desc: 'OpenID Connect 认证,统一认证服务',
icon:"simple-icons:fusionauth:#006be6",
name: "oidc",
title: "OIDC认证",
desc: "OpenID Connect 认证,统一认证服务",
icon: "simple-icons:fusionauth:#006be6",
showTest: false,
})
export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
@AddonInput({
title: "自定义图标",
component: {
name:"fs-icon-selector",
vModel:"modelValue",
name: "fs-icon-selector",
vModel: "modelValue",
iconSets: IconSets,
},
required: false,
@@ -49,53 +48,48 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
})
issuerUrl = "";
async getClient() {
const client = await import('openid-client')
let server = new URL(this.issuerUrl)// Authorization Server's Issuer Identifier
const client = await import("openid-client");
const server = new URL(this.issuerUrl); // Authorization Server's Issuer Identifier
let config = await client.discovery(
server,
this.clientId,
this.clientSecretKey,
)
const config = await client.discovery(server, this.clientId, this.clientSecretKey);
// console.log(config.serverMetadata())
return {
config,
client
}
client,
};
}
async buildLoginUrl(params: BuildLoginUrlReq) {
const { config, client } = await this.getClient()
let redirect_uri = new URL(params.redirectUri)
let scope = 'openid profile' // Scope of the access request
async buildLoginUrl(params: BuildLoginUrlReq) {
const { config, client } = await this.getClient();
const redirect_uri = new URL(params.redirectUri);
const scope = "openid profile"; // Scope of the access request
/**
* PKCE: The following MUST be generated for every redirect to the
* authorization_endpoint. You must store the code_verifier and state in the
* end-user session such that it can be recovered as the user gets redirected
* from the authorization server back to your application.
*/
let code_verifier = client.randomPKCECodeVerifier()
let code_challenge = await client.calculatePKCECodeChallenge(code_verifier)
let state:any = {
forType: params.forType || 'login',
}
state = this.ctx.utils.hash.base64(JSON.stringify(state))
const code_verifier = client.randomPKCECodeVerifier();
const code_challenge = await client.calculatePKCECodeChallenge(code_verifier);
let state: any = {
forType: params.forType || "login",
};
state = this.ctx.utils.hash.base64(JSON.stringify(state));
let parameters: any = {
const parameters: any = {
redirect_uri,
scope,
code_challenge,
code_challenge_method: 'S256',
code_challenge_method: "S256",
state,
nonce: client.randomNonce(),
}
};
let redirectTo = client.buildAuthorizationUrl(config, parameters)
const redirectTo = client.buildAuthorizationUrl(config, parameters);
return {
loginUrl: redirectTo.href,
ticketValue: {
@@ -107,22 +101,17 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
}
async onCallback(req: OnCallbackReq) {
const { config, client } = await this.getClient()
const { config, client } = await this.getClient();
let tokens: any = await client.authorizationCodeGrant(
config,
req.currentURL,
{
expectedState: req.ticketValue.state,
pkceCodeVerifier: req.ticketValue.codeVerifier,
expectedNonce: req.ticketValue.nonce,
}
)
const tokens: any = await client.authorizationCodeGrant(config, req.currentURL, {
expectedState: req.ticketValue.state,
pkceCodeVerifier: req.ticketValue.codeVerifier,
expectedNonce: req.ticketValue.nonce,
});
const claims = tokens.claims()
const claims = tokens.claims();
return {
token:{
token: {
accessToken: tokens.access_token,
refreshToken: tokens.refresh_token,
expiresIn: tokens.expires_in,
@@ -133,18 +122,18 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
avatar: claims.picture,
email: claims.email || "",
},
}
};
};
}
async buildLogoutUrl(params: BuildLogoutUrlReq) {
try{
const { config } = await this.getClient()
let logoutUrl = config.serverMetadata().end_session_endpoint
try {
const { config } = await this.getClient();
const logoutUrl = config.serverMetadata().end_session_endpoint;
return {
logoutUrl: logoutUrl,
};
}catch(err){
this.logger.error(`获取注销地址失败: ${err}`)
} catch (err) {
this.logger.error(`获取注销地址失败: ${err}`);
return {
logoutUrl: "",
};