v1.37.15

build: prepare to build
chore: 升级fs
2026-04-28 07:57:25 +08:00 · 2025-12-07 00:58:12 +08:00 · 2025-12-07 00:56:13 +08:00 · 2025-12-07 00:56:06 +08:00 · 2025-12-07 00:55:38 +08:00 · 2025-12-07 00:47:24 +08:00
84 changed files with 1808 additions and 341 deletions
@@ -44,7 +44,8 @@ jobs:
      - name: deploy-certd-demo
        uses: tyrrrz/action-http-request@master
        with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/lzCzlGrLCOHQaTMMt0mG
+          # 通过webhook 触发 certd-demo来部署
          url: ${{ secrets.WEBHOOK_CERTD_DEMO }}
          method: POST
          headers: |
            Content-Type: application/json
@@ -121,10 +121,12 @@ jobs:
      - name: deploy-certd-doc
        uses: tyrrrz/action-http-request@master
        with:
-          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
+          url: ${{ secrets.WEBHOOK_CERTD_DOC }}
          method: POST
          body: |
-            {}
+            {
              "CERTD_VERSION": "1.0.0"
            }
          headers: |
            Content-Type: application/json
          retry-count: 3
@@ -3,6 +3,37 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 ### Bug Fixes
 * oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
 ### Performance Improvements
 * 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
 * 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
 * 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
 * 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 ### Bug Fixes
 * 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 ### Bug Fixes
 * 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
 * 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
 ### Performance Improvements
 * 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
 * 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Bug Fixes
@@ -121,6 +121,7 @@ export default defineConfig({
                        {text: "ESXi", link: "/guide/use/ESXi/index.md"},
                        {text: "宝塔动态IP白名单", link: "/guide/use/baota/white_list.md"},
                        {text: "子域名托管", link: "/guide/use/cert/subdomain.md"},
                        {text: "流水线有效期", link: "/guide/use/pipeline/valid.md"},
                    ]
                },
                {
@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 ### Bug Fixes
 * 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 ### Bug Fixes
 * 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
 * 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
 ### Performance Improvements
 * 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
 * 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Bug Fixes
@@ -5,8 +5,10 @@
 配置环境变量
 ```shell
-ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
+# docker-compose.yaml
-ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
+environment:
  - ALIYUN_CLIENT_CONNECT_TIMEOUT=16000 # 连接超时，单位毫秒
  - ALIYUN_CLIENT_READ_TIMEOUT=16000 #读取数据超时，单位毫秒
 ```
@@ -0,0 +1,17 @@
 # 流水线有效期功能
 可以为流水线设置有效期，超过有效期后，流水线将停止运行
 ## 1. 打开有效期开关
 ![setting.png](images/setting.png)
 ## 2. 设置有效期
 ![valid.png](images/edit.png)
 ![valid.png](images/edit2.png)
 ## 3. 设置完成
 该流水线将在有效期结束后停止运行
 ![valid.png](images/show.png)
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.37.12"
+  "version": "1.37.15"
 }
@@ -17,8 +17,8 @@
    "start:server": "cd ./packages/ui/certd-server && npm start",
    "devb": "lerna run dev-build",
    "i-all": "lerna link && lerna exec npm install  ",
-    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
+    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly ",
-    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run plugin-doc-gen && npm run copylogs && time /t >trigger/build.trigger && git add ./trigger/build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && npm run commitAll",
    "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
    "plugin-doc-gen": "cd ./packages/ui/certd-server/ && npm run export-md",
    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/publishlab/node-acme-client/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.37.14](https://github.com/publishlab/node-acme-client/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.37.13](https://github.com/publishlab/node-acme-client/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/acme-client
 ## [1.37.12](https://github.com/publishlab/node-acme-client/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Performance Improvements
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.37.12",
+    "version": "1.37.15",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.37.12",
+        "@certd/basic": "^1.37.15",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+    "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/basic
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/basic
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/basic
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-02:28
+00:56
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -47,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/pipeline
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/pipeline
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,8 +18,8 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
-    "@certd/plus-core": "^1.37.12",
+    "@certd/plus-core": "^1.37.15",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/jdcloud
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.37.12",
+  "version": "1.37.15",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,21 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 ### Performance Improvements
 * 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
 * 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -1,4 +1,4 @@
-import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
+import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret, KubernetesObjectApi, loadYaml, KubernetesObject } from "@kubernetes/client-node";
 import dns from "dns";
 import { ILogger } from "@certd/basic";
 import { merge } from "lodash-es";
@@ -27,6 +27,11 @@ export class K8sClient {
  }
  init() {
    const kubeconfig = this.getKubeConfig();
    this.client = kubeconfig.makeApiClient(CoreV1Api);
  }
  getKubeConfig() {
    const kubeconfig = new KubeConfig();
    kubeconfig.loadFromString(this.kubeConfigStr);
    this.kubeconfig = kubeconfig;
@@ -41,16 +46,35 @@ export class K8sClient {
    } catch (e) {
      this.logger.warn("skipTLSVerify error", e);
    }
    return kubeconfig;
  }
-    this.client = kubeconfig.makeApiClient(CoreV1Api);
+  getKubeClient() {
    const kc = this.getKubeConfig();
    const client = KubernetesObjectApi.makeApiClient(kc);
    return client;
  }
-    // const reqOpts = { kubeconfig, request: {} } as any;
+  async apply(manifest: string) {
-    // if (this.lookup) {
+    const yml = loadYaml<KubernetesObject>(manifest);
-    //   reqOpts.request.lookup = this.lookup;
+    const client = this.getKubeClient();
-    // }
+    try {
-    //
+      await client.create(yml);
-    // const backend = new Request(reqOpts);
+    } catch (e) {
-    // this.client = new Client({ backend, version: '1.13' });
+      this.logger.error("apply error", e.response?.body);
      if (e.response?.body?.reason === "AlreadyExists") {
        //patch
        this.logger.info("patch existing resource: ", yml.metadata?.name);
        const existing = await client.read(yml as any);
        if (!yml.metadata) {
          yml.metadata = {};
        }
        yml.metadata.resourceVersion = existing.body.metadata.resourceVersion;
        await client.patch(yml);
        return;
      }
      throw e;
    }
  }
  /**
@@ -168,6 +192,7 @@ export class K8sClient {
    const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
    const newIngress = merge(oldIngress.body, opts.body);
    const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
    this.logger.info("ingress patched", opts.body);
    return res;
  }
@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/lib-server
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 ### Performance Improvements
 * 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/lib-server
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.37.12",
+  "version": "1.37.15",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -28,11 +28,11 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.37.12",
+    "@certd/acme-client": "^1.37.15",
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
-    "@certd/pipeline": "^1.37.12",
+    "@certd/pipeline": "^1.37.15",
-    "@certd/plugin-lib": "^1.37.12",
+    "@certd/plugin-lib": "^1.37.15",
-    "@certd/plus-core": "^1.37.12",
+    "@certd/plus-core": "^1.37.15",
    "@midwayjs/cache": "3.14.0",
    "@midwayjs/core": "3.20.11",
    "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -65,6 +65,7 @@ export abstract class BaseAddon implements IAddon {
  http!: HttpClient;
  logger!: ILogger;
  title!: string;
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.37.12",
+  "version": "1.37.15",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Performance Improvements
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.37.12",
+    "@certd/acme-client": "^1.37.15",
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
-    "@certd/pipeline": "^1.37.12",
+    "@certd/pipeline": "^1.37.15",
-    "@certd/plugin-lib": "^1.37.12",
+    "@certd/plugin-lib": "^1.37.15",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 **Note:** Version bump only for package @certd/plugin-lib
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.37.12",
+  "version": "1.37.15",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -22,8 +22,8 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
-    "@certd/pipeline": "^1.37.12",
+    "@certd/pipeline": "^1.37.15",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -53,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "7a1c6d291877b44c4b8add9f55549aa9be3f94a5"
+  "gitHead": "ddb18e6c219d0f7a7acb4a3355be5db3fd9e096e"
 }
@@ -3,6 +3,25 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 ### Performance Improvements
 * 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 ### Bug Fixes
 * 修复注销登录时，第三方登录注销请求失败的报错 ([677e110](https://github.com/certd/certd/commit/677e1101e6cf4451abd8a876cc1d0ddd26a10b88))
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 ### Performance Improvements
 * 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
 * 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Performance Improvements
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.37.12",
+  "version": "1.37.15",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -33,11 +33,11 @@
    "@aws-sdk/s3-request-presigner": "^3.535.0",
    "@certd/vue-js-cron-light": "^4.0.14",
    "@ctrl/tinycolor": "^4.1.0",
-    "@fast-crud/editor-code": "^1.27.4",
+    "@fast-crud/editor-code": "^1.27.7",
-    "@fast-crud/fast-crud": "^1.27.4",
+    "@fast-crud/fast-crud": "^1.27.7",
-    "@fast-crud/fast-extends": "^1.27.4",
+    "@fast-crud/fast-extends": "^1.27.7",
-    "@fast-crud/ui-antdv4": "^1.27.4",
+    "@fast-crud/ui-antdv4": "^1.27.7",
-    "@fast-crud/ui-interface": "^1.27.4",
+    "@fast-crud/ui-interface": "^1.27.7",
    "@iconify/tailwind": "^1.2.0",
    "@iconify/vue": "^4.1.1",
    "@manypkg/get-packages": "^2.2.2",
@@ -106,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.37.12",
+    "@certd/lib-iframe": "^1.37.15",
-    "@certd/pipeline": "^1.37.12",
+    "@certd/pipeline": "^1.37.15",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -47,11 +47,12 @@ function createService() {
        //如果不需要解包
        return dataAxios;
      }
-
+      //@ts-ignore
      const showErrorNotify = response?.config?.showErrorNotify;
      // 这个状态码是和后端约定的
      if (dataAxios?.code === undefined) {
        // 如果没有 code 代表这不是项目后端开发的接口
-        errorCreate(`非标准返回：${dataAxios}， ${response.config.url}`);
+        errorCreate(`非标准返回：${dataAxios}， ${response.config.url}`, showErrorNotify);
        return dataAxios;
      }
      const { code } = dataAxios;
@@ -70,8 +71,6 @@ function createService() {
            // @ts-ignore
            response.config.onError(err);
          }
          //@ts-ignore
          const showErrorNotify = response?.config?.showErrorNotify;
          errorCreate(`${errorMessage}: ${response.config.url}`, showErrorNotify, dataAxios);
      }
    },
@@ -69,7 +69,7 @@ export function errorLog(error: any, notify = true) {
 * @description 创建一个错误
 */
 export function errorCreate(msg: string, notify = true, data?: any) {
-  const err = new CodeError(msg, data.code, data.data);
+  const err = new CodeError(msg, data?.code || 1, data?.data);
  console.error("errorCreate", err);
  if (notify) {
    uiContext.get().notification.error({ message: err.message });
@@ -164,7 +164,7 @@ const steps = ref<Step[]>([
      {
        image: "/static/doc/images/15-1-email.png",
        title: t("guide.scheduleAndEmailTask.setEmailNotification"),
-        descriptions: [t("guide.scheduleAndEmailTask.suggestErrorAndRecoveryEmails"), t("guide.scheduleAndEmailTask.basicVersionNeedsMailServer")],
+        descriptions: [t("guide.scheduleAndEmailTask.suggestErrorAndRecoveryEmails")],
      },
      {
        title: t("guide.scheduleAndEmailTask.tutorialEndTitle"),
@@ -82,7 +82,7 @@ provide("fn:ai.open", openChat);
      <LockScreen :avatar @to-login="handleLogout" />
    </template>
    <template #header-right-0>
-      <div v-if="!settingStore.isComm" class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full hidden md:block">
+      <div class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full hidden md:block">
        <tutorial-button class="flex-center header-btn" />
      </div>
      <div class="hover:bg-accent ml-1 mr-2 cursor-pointer rounded-full">
@@ -75,7 +75,7 @@
        <div>
          <span v-if="!settingStore.isComm">
            <span>Powered by</span>
-            <a> handsfree.work </a>
+            <a> handfree.work </a>
          </span>
          <template v-if="siteInfo.licenseTo">
@@ -74,6 +74,7 @@ const sysPublic: Ref<SysPublicSetting> = computed(() => {
  .login-container {
    width: 100%;
    height: 100%;
    overflow: auto;
    background: #f0f2f5 url(/static/background.svg) no-repeat 50%;
    background-size: 100%;
    //padding: 50px 0 84px;
@@ -84,4 +84,6 @@ export default {
  phoneNumber: "Phone Number",
  changePassword: "Change Password",
  updateProfile: "Update Profile",
  oauthLoginTitle: "Other ways of login",
  oauthOnlyLoginTitle: "Login",
 };
@@ -743,6 +743,8 @@ export default {
      paymentSetting: "Payment Settings",
      captchaSetting: "Captcha Setting",
      pipelineSetting: "Pipeline Settings",
      oauthSetting: "OAuth2 Settings",
      showRunStrategy: "Show RunStrategy",
      showRunStrategyHelper: "Allow modify the run strategy of the task",
@@ -770,6 +772,14 @@ export default {
      oauthCallback: "Callback URL",
      oauthCallbackHelper: "Copy this URL to the callback address of the OAuth2 login provider",
      oauthCallbackCopy: "Copy Callback URL",
      oauthAutoRegister: "Auto Register User",
      oauthAutoRegisterCheckedText: "Auto Register",
      oauthAutoRegisterUnCheckedText: "User Select",
      oauthAutoRegisterHelper: "Whether to auto register user when login",
      oauthAutoRedirect: "Auto Redirect to OAuth2 Login",
      oauthAutoRedirectHelper: "Whether to auto redirect to OAuth2 login when login (using the first enabled OAuth2 login type)",
      oauthOnly: "OAuth2 Login Only",
      oauthOnlyHelper: "Whether to only allow OAuth2 login, disable password login",
    },
  },
  modal: {
@@ -64,7 +64,6 @@ export default {
    recommendDailyRun: "Recommend configuring to run once daily; new certs requested 35 days before expiry and auto-skipped otherwise",
    setEmailNotification: "Set Email Notifications",
    suggestErrorAndRecoveryEmails: "Suggest listening for 'On Error' and 'Error to Success' to quickly troubleshoot failures (basic version requires mail server setup)",
    basicVersionNeedsMailServer: "(basic version requires configuring mail server)",
    tutorialEndTitle: "Tutorial End",
    thanksForWatching: "Thank you for watching, hope it helps you",
  },
@@ -85,4 +85,7 @@ export default {
  phoneNumber: "手机号",
  changePassword: "修改密码",
  updateProfile: "修改个人信息",
  oauthLoginTitle: "其他登录方式",
  oauthOnlyLoginTitle: "登录",
 };
@@ -743,6 +743,7 @@ export default {
      paymentSetting: "支付设置",
      captchaSetting: "验证码设置",
      pipelineSetting: "流水线设置",
      oauthSetting: "第三方登录",
      showRunStrategy: "显示运行策略选择",
      showRunStrategyHelper: "任务设置中是否允许选择运行策略",
@@ -771,6 +772,14 @@ export default {
      oauthCallback: "回调地址",
      oauthCallbackHelper: "复制回调地址，配置到对应提供商的回调地址中",
      oauthCallbackCopy: "复制回调地址",
      oauthAutoRegister: "自动注册用户",
      oauthAutoRegisterHelper: "当第三方账户未绑定本站账号时，是否自动注册用户，默认由用户选择",
      oauthAutoRegisterCheckedText: "自动注册",
      oauthAutoRegisterUnCheckedText: "用户选择",
      oauthAutoRedirect: "自动跳转第三方登录",
      oauthAutoRedirectHelper: "是否自动跳转第三方登录（使用第一个已启用的第三方登录类型）",
      oauthOnly: "仅使用第三方登录",
      oauthOnlyHelper: "是否仅使用第三方登录，关闭密码登录（注意：请务必在测试第三方登录功能正常后再开启）",
    },
  },
  modal: {
@@ -61,10 +61,9 @@ export default {
    description: "自动运行",
    setSchedule: "设置定时执行",
    pipelineSuccessThenSchedule: "流水线测试成功，接下来配置定时触发，以后每天定时执行就不用管了",
-    recommendDailyRun: "推荐配置每天运行一次，在到期前35天才会重新申请新证书并部署，没到期前会自动跳过，不会重复申请。",
+    recommendDailyRun: "推荐配置每天运行一次，默认到期前35天会重新申请新证书并部署，没到期前会自动跳过，不会重复申请。",
    setEmailNotification: "设置邮件通知",
-    suggestErrorAndRecoveryEmails: "建议选择监听'错误时'和'错误转成功'两种即可，在意外失败时可以尽快去排查问题，（基础版需要配置邮件服务器）",
+    suggestErrorAndRecoveryEmails: "建议选择监听'错误时'和'错误转成功'两种即可，在意外失败时可以尽快去排查问题",
    basicVersionNeedsMailServer: "（基础版需要配置邮件服务器）",
    tutorialEndTitle: "教程结束",
    thanksForWatching: "感谢观看，希望对你有所帮助",
  },
@@ -62,6 +62,13 @@ export type SysPublicSetting = {
  // 第三方OAuth配置
  oauthEnabled?: boolean;
  // 是否自动注册用户
  oauthAutoRegister?: boolean;
  // 是否自动跳转第三方登录
  oauthAutoRedirect?: boolean;
  // 是否仅允许使用第三方登录
  oauthOnly?: boolean;
  // 第三方OAuth登录提供者配置
  oauthProviders?: Record<
    string,
    {
@@ -100,3 +100,10 @@ export async function loginByTwoFactor(data: any) {
    data,
  });
 }
 export async function OauthProviders() {
  return await request({
    url: "/oauth/providers",
    method: "post",
  });
 }
@@ -14,6 +14,7 @@ import { mitter } from "/src/utils/util.mitt";
 import { resetAllStores, useAccessStore } from "/@/vben/stores";
 import { useUserStore as vbenUserStore } from "/@/vben/stores/modules/user";
 import { request } from "/@/api/service";
 interface UserState {
  userInfo: Nullable<UserInfoRes>;
@@ -116,15 +117,39 @@ export const useUserStore = defineStore({
     * @description: logout
     */
    async logout(goLogin = true, from401 = false) {
      if (!from401 && this.getToken) {
        try {
          await UserApi.logout(); //主要是清空cookie
        } catch (e) {
          console.error("注销登录请求失败：", e);
        }
      }
      this.resetState();
      resetAllStores();
-      if (!from401) {
+      // 第三方登录注销
-        await UserApi.logout(); //主要是清空cookie
+      await this.oauthLogout();
      }
      goLogin && router.push("/login");
      mitter.emit("app.logout");
    },
    async oauthLogout() {
      const providers = await UserApi.OauthProviders();
      for (const provider of providers) {
        if (provider.logoutUrl) {
          try {
            await request({
              url: provider.logoutUrl,
              method: "get",
              withCredentials: true,
              showErrorNotify: false,
            });
          } catch (e) {
            console.error("注销第三方登录失败：", e);
          }
        }
      }
    },
    /**
     * @description: Confirm before logging out
     */
@@ -16,12 +16,14 @@
        <a-descriptions-item :label="t('authentication.email')">{{ userInfo.email }}</a-descriptions-item>
        <a-descriptions-item :label="t('authentication.phoneNumber')">{{ userInfo.phoneCode }}{{ userInfo.mobile }}</a-descriptions-item>
        <a-descriptions-item v-if="settingStore.sysPublic.oauthEnabled && settingStore.isPlus" label="第三方账号绑定">
-          <div v-for="item in computedOauthBounds" :key="item.name" class="flex items-center gap-2">
+          <template v-for="item in computedOauthBounds" :key="item.name">
-            <fs-icon :icon="item.icon" class="mr-2 text-blue-500" />
+            <div v-if="item.addonId" class="flex items-center gap-2 mb-2">
-            <span class="mr-2 w-36">{{ item.title }}</span>
+              <fs-icon :icon="item.icon" class="mr-2 text-blue-500 w-5 flex justify-center items-center" />
-            <a-button v-if="item.bound" type="link" danger @click="unbind(item.name)">解绑</a-button>
+              <span class="mr-2 w-36">{{ item.title }}</span>
-            <a-button v-else type="primary" @click="bind(item.name)">绑定</a-button>
+              <a-button v-if="item.bound" type="primary" danger @click="unbind(item.name)">解绑</a-button>
-          </div>
+              <a-button v-else type="primary" @click="bind(item.name)">绑定</a-button>
            </div>
          </template>
        </a-descriptions-item>
        <a-descriptions-item :label="t('common.handle')">
          <a-button type="primary" @click="doUpdate">{{ t("authentication.updateProfile") }}</a-button>
@@ -40,6 +42,7 @@ import { useI18n } from "/src/locales";
 import { useUserProfile } from "./use";
 import { Modal } from "ant-design-vue";
 import { useSettingStore } from "/@/store/settings";
 import { isEmpty } from "lodash-es";
 const { t } = useI18n();
@@ -2,71 +2,74 @@
  <div class="main login-page">
    <a-form v-if="!twoFactor.loginId" ref="formRef" class="user-layout-login" name="custom-validation" :model="formState" v-bind="layout" @finish="handleFinish" @finish-failed="handleFinishFailed">
      <!--      <div class="login-title">登录</div>-->
-      <a-tabs v-model:active-key="formState.loginType" :tab-bar-style="{ textAlign: 'center', borderBottom: 'unset' }">
+      <template v-if="!isOauthOnly">
-        <a-tab-pane key="password" :tab="t('authentication.passwordTab')" :disabled="sysPublicSettings.passwordLoginEnabled !== true">
+        <a-tabs v-model:active-key="formState.loginType" :tab-bar-style="{ textAlign: 'center', borderBottom: 'unset' }">
-          <template v-if="formState.loginType === 'password'">
+          <a-tab-pane key="password" :tab="t('authentication.passwordTab')" :disabled="sysPublicSettings.passwordLoginEnabled !== true">
-            <!--      <div class="login-title">登录</div>-->
+            <template v-if="formState.loginType === 'password'">
-            <a-form-item required has-feedback name="username" :rules="rules.username">
+              <!--      <div class="login-title">登录</div>-->
-              <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off" @keydown.enter="handleFinish">
+              <a-form-item required has-feedback name="username" :rules="rules.username">
-                <template #prefix>
+                <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off" @keydown.enter="handleFinish">
-                  <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
+                  <template #prefix>
-                </template>
+                    <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
-              </a-input>
+                  </template>
-            </a-form-item>
+                </a-input>
-            <a-form-item has-feedback name="password" :rules="rules.password">
+              </a-form-item>
-              <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off" @keyup.enter="handleFinish">
+              <a-form-item has-feedback name="password" :rules="rules.password">
-                <template #prefix>
+                <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off" @keyup.enter="handleFinish">
-                  <fs-icon icon="ion:lock-closed-outline"></fs-icon>
+                  <template #prefix>
-                </template>
+                    <fs-icon icon="ion:lock-closed-outline"></fs-icon>
-              </a-input-password>
+                  </template>
-            </a-form-item>
+                </a-input-password>
              </a-form-item>
-            <a-form-item v-if="settingStore.sysPublic.captchaEnabled" has-feedback required name="captcha" :rules="rules.captcha">
+              <a-form-item v-if="settingStore.sysPublic.captchaEnabled" has-feedback required name="captcha" :rules="rules.captcha">
-              <CaptchaInput v-model:model-value="formState.captcha" @keydown.enter="handleFinish"></CaptchaInput>
+                <CaptchaInput v-model:model-value="formState.captcha" @keydown.enter="handleFinish"></CaptchaInput>
-            </a-form-item>
+              </a-form-item>
-          </template>
+            </template>
-        </a-tab-pane>
+          </a-tab-pane>
-        <a-tab-pane v-if="sysPublicSettings.smsLoginEnabled === true" key="sms" :tab="t('authentication.smsTab')">
+          <a-tab-pane v-if="sysPublicSettings.smsLoginEnabled === true" key="sms" :tab="t('authentication.smsTab')">
-          <template v-if="formState.loginType === 'sms'">
+            <template v-if="formState.loginType === 'sms'">
-            <a-form-item has-feedback name="mobile" :rules="rules.mobile">
+              <a-form-item has-feedback name="mobile" :rules="rules.mobile">
-              <a-input v-model:value="formState.mobile" :placeholder="t('authentication.mobilePlaceholder')" autocomplete="off">
+                <a-input v-model:value="formState.mobile" :placeholder="t('authentication.mobilePlaceholder')" autocomplete="off">
-                <template #prefix>
+                  <template #prefix>
-                  <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
+                    <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
-                </template>
+                  </template>
-              </a-input>
+                </a-input>
-            </a-form-item>
+              </a-form-item>
-            <a-form-item has-feedback name="smsCaptcha">
+              <a-form-item has-feedback name="smsCaptcha">
-              <CaptchaInput v-model:model-value="formState.smsCaptcha" @keydown.enter="handleFinish"></CaptchaInput>
+                <CaptchaInput v-model:model-value="formState.smsCaptcha" @keydown.enter="handleFinish"></CaptchaInput>
-            </a-form-item>
+              </a-form-item>
-            <a-form-item name="smsCode" :rules="rules.smsCode">
+              <a-form-item name="smsCode" :rules="rules.smsCode">
-              <sms-code v-model:value="formState.smsCode" :captcha="formState.smsCaptcha" :mobile="formState.mobile" :phone-code="formState.phoneCode" @error="formState.smsCaptcha = null" />
+                <sms-code v-model:value="formState.smsCode" :captcha="formState.smsCaptcha" :mobile="formState.mobile" :phone-code="formState.phoneCode" @error="formState.smsCaptcha = null" />
-            </a-form-item>
+              </a-form-item>
-          </template>
+            </template>
-        </a-tab-pane>
+          </a-tab-pane>
-      </a-tabs>
+        </a-tabs>
-      <a-form-item>
+        <a-form-item>
-        <a-button type="primary" size="large" html-type="button" :loading="loading" class="login-button" @click="handleFinish">
+          <a-button type="primary" size="large" html-type="button" :loading="loading" class="login-button" @click="handleFinish">
-          {{ queryBindCode ? t("authentication.bindButton") : t("authentication.loginButton") }}
+            {{ queryBindCode ? t("authentication.bindButton") : t("authentication.loginButton") }}
-        </a-button>
+          </a-button>
        </a-form-item>
        <a-form-item>
          <div class="mt-2 flex justify-between items-center">
            <div class="flex items-center gap-2">
              <language-toggle class="text-blue-500"></language-toggle>
              <router-link v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled && !queryBindCode" :to="{ name: 'forgotPassword' }">
                {{ t("authentication.forgotPassword") }}
              </router-link>
            </div>
-        <div class="mt-2 flex justify-between items-center">
+            <router-link v-if="hasRegisterTypeEnabled() && !queryBindCode" class="register" :to="{ name: 'register' }">
-          <div class="flex items-center gap-2">
+              {{ t("authentication.registerLink") }}
            <language-toggle class="text-blue-500"></language-toggle>
            <router-link v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled && !queryBindCode" :to="{ name: 'forgotPassword' }">
              {{ t("authentication.forgotPassword") }}
            </router-link>
          </div>
-
+        </a-form-item>
-          <router-link v-if="hasRegisterTypeEnabled() && !queryBindCode" class="register" :to="{ name: 'register' }">
+      </template>
            {{ t("authentication.registerLink") }}
          </router-link>
        </div>
      </a-form-item>
      <div v-if="!queryBindCode && settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="w-full">
-        <oauth-footer></oauth-footer>
+        <oauth-footer :oauth-only="isOauthOnly"></oauth-footer>
      </div>
    </a-form>
    <a-form v-else ref="twoFactorFormRef" class="user-layout-login" :model="twoFactor" v-bind="layout">
@@ -89,7 +92,7 @@
  </div>
 </template>
 <script lang="ts">
-import { defineComponent, nextTick, reactive, ref, toRaw } from "vue";
+import { computed, defineComponent, nextTick, reactive, ref, toRaw } from "vue";
 import { useUserStore } from "/src/store/user";
 import { useSettingStore } from "/@/store/settings";
 import { utils } from "@fast-crud/fast-crud";
@@ -110,6 +113,7 @@ export default defineComponent({
    const queryBindCode = ref(route.query.bindCode as string | undefined);
    const queryOauthOnly = route.query.oauthOnly as string;
    const urlLoginType = route.query.loginType as string | undefined;
    const verifyCodeInputRef = ref();
    const loading = ref(false);
@@ -231,6 +235,12 @@ export default defineComponent({
    const captchaInputRef = ref();
    const captchaInputForSmsCode = ref();
    const isOauthOnly = computed(() => {
      if (queryOauthOnly === "false" || queryOauthOnly === "0") {
        return false;
      }
      return sysPublicSettings.oauthOnly && settingStore.isPlus && sysPublicSettings.oauthEnabled;
    });
    return {
      t,
      loading,
@@ -238,6 +248,7 @@ export default defineComponent({
      formRef,
      rules,
      layout,
      isOauthOnly,
      handleFinishFailed,
      handleFinish,
      resetForm,
@@ -266,6 +277,11 @@ export default defineComponent({
    //  font-size: 14px;
    //}
    .fs-icon {
      // color: rgba(0, 0, 0, 0.45);
      margin-right: 4px;
    }
    .login-title {
      font-size: 18px;
      text-align: center;
@@ -319,11 +335,6 @@ export default defineComponent({
      }
    }
    .fs-icon {
      color: rgba(0, 0, 0, 0.45);
      margin-right: 4px;
    }
    .ant-input-affix-wrapper {
      line-height: 1.8 !important;
      font-size: 14px !important;
@@ -53,8 +53,13 @@ async function handleOauthToken() {
  }
  if (res.bindRequired) {
    //需要绑定
    bindRequired.value = true;
    bindCode.value = res.validationCode;
    //如果开启了自动注册，默认自动注册账号
    if (settingStore.sysPublic.registerEnabled) {
      autoRegister();
    } else {
      bindRequired.value = true;
    }
  }
 }
@@ -64,7 +69,7 @@ onMounted(async () => {
  }
  if (forType === "bind") {
-    //绑定第三方账号
+    //从用户中心页面，进行第三方账号的绑定
    await api.BindUser(validationCode);
    notification.success({
      message: "绑定成功",
@@ -1,26 +1,48 @@
 <template>
  <div class="oauth-footer relative">
    <div class="oauth-title">
-      <div class="oauth-title-text">其他方式登录</div>
+      <div class="oauth-title-text">{{ computedTitle }}</div>
    </div>
    <div class="flex justify-center items-center gap-4">
      <template v-for="item in oauthProviderList" :key="item.type">
        <div v-if="item.addonId" class="oauth-icon-button pointer" @click="goOauthLogin(item.name)">
          <div><fs-icon :icon="item.icon" class="text-blue-600 text-40" /></div>
-          <div>{{ item.addonTitle || item.title }}</div>
+          <div class="ellipsis title" :title="item.addonTitle || item.title">{{ item.addonTitle || item.title }}</div>
        </div>
      </template>
    </div>
  </div>
 </template>
 <script setup lang="ts">
-import { onMounted, ref } from "vue";
+import { computed, onMounted, ref } from "vue";
 import * as api from "./api";
 import { useI18n } from "vue-i18n";
 import { useSettingStore } from "/@/store/settings";
 import { useRoute } from "vue-router";
 const oauthProviderList = ref([]);
 const props = defineProps<{
  oauthOnly?: boolean;
 }>();
 const { t } = useI18n();
 const computedTitle = computed(() => {
  return props.oauthOnly ? t("authentication.oauthOnlyLoginTitle") : t("authentication.oauthLoginTitle");
 });
 const settingStore = useSettingStore();
 const route = useRoute();
 const queryOauthOnly = route.query.oauthOnly as string;
 onMounted(async () => {
  oauthProviderList.value = await api.GetOauthProviders();
  //如果开启了自动跳转登录
  if (settingStore.sysPublic.oauthAutoRedirect && queryOauthOnly !== "false") {
    const firstOauth = oauthProviderList.value.find(item => item.addonId > 0);
    if (firstOauth) {
      goOauthLogin(firstOauth.name);
    }
  }
 });
 async function goOauthLogin(type: string) {
@@ -79,9 +101,16 @@ async function goOauthLogin(type: string) {
    gap: 8px;
    padding: 8px 8px;
    border-radius: 100px;
    width: 100px;
    .title {
      width: 100%;
      text-align: center;
    }
    .fs-icon {
      font-size: 36px;
-      color: #006be6 !important;
+      color: #006be6;
      margin: 0px !important;
    }
  }
 }
@@ -11,6 +11,9 @@
        <a-tab-pane key="register" :tab="t('certd.sys.setting.registerSetting')">
          <SettingRegister v-if="activeKey === 'register'" />
        </a-tab-pane>
        <a-tab-pane key="oauth" :tab="t('certd.sys.setting.oauthSetting')">
          <SettingOauth v-if="activeKey === 'oauth'" />
        </a-tab-pane>
        <a-tab-pane v-if="settingsStore.isComm" key="payment" :tab="t('certd.sys.setting.paymentSetting')">
          <SettingPayment v-if="activeKey === 'payment'" />
        </a-tab-pane>
@@ -35,6 +38,7 @@ import SettingPayment from "/@/views/sys/settings/tabs/payment.vue";
 import SettingSafe from "/@/views/sys/settings/tabs/safe.vue";
 import SettingCaptcha from "/@/views/sys/settings/tabs/captcha.vue";
 import SettingPipeline from "/@/views/sys/settings/tabs/pipeline.vue";
 import SettingOauth from "/@/views/sys/settings/tabs/oauth.vue";
 import { useRoute, useRouter } from "vue-router";
 import { ref } from "vue";
 import { useSettingStore } from "/@/store/settings";
@@ -47,9 +51,7 @@ const settingsStore = useSettingStore();
 const activeKey = ref("base");
 const route = useRoute();
 const router = useRouter();
-if (route.query.tab) {
+activeKey.value = (route.query.tab as string) || "base";
  activeKey.value = (route.query.tab as string) || "base";
 }
 function onChange(value: string) {
  // activeKey.value = value;
@@ -0,0 +1,151 @@
 <template>
  <div class="sys-settings-form sys-settings-oauth">
    <a-form :model="formState" name="register" :label-col="{ span: 8 }" :wrapper-col="{ span: 16 }" autocomplete="off" @finish="onFinish">
      <a-form-item :label="t('certd.sys.setting.enableOauth')" :name="['public', 'oauthEnabled']">
        <div class="flex-o">
          <a-switch v-model:checked="formState.public.oauthEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
          <vip-button class="ml-5" mode="button"></vip-button>
        </div>
      </a-form-item>
      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthProviders')" :name="['public', 'oauthProviders']">
        <div class="flex flex-wrap">
          <table class="w-full table-auto border-collapse border border-gray-400">
            <thead>
              <tr>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthType") }}</th>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthCallback") }}</th>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthConfig") }}</th>
              </tr>
            </thead>
            <tbody>
              <tr v-for="(item, key) of oauthProviders" :key="key">
                <td class="border border-gray-300 px-4 py-2">
                  <div class="flex items-center" :title="item.desc">
                    <fs-icon :icon="item.icon" class="mr-2 text-blue-600" />
                    {{ item.title }}
                  </div>
                </td>
                <td class="border border-gray-300 px-4 py-2 overflow-ellipsis" :title="t('certd.sys.setting.oauthCallbackHelper')">
                  <fs-copyable :model-value="buildCallbackUrl(item.name)">
                    {{ t("certd.sys.setting.oauthCallbackCopy") }}
                  </fs-copyable>
                </td>
                <td class="border border-gray-300 px-4 py-2">
                  <AddonSelector v-model:model-value="item.addonId" addon-type="oauth" from="sys" :type="item.name" :placeholder="t('certd.sys.setting.oauthProviderSelectorPlaceholder')" />
                </td>
              </tr>
            </tbody>
          </table>
        </div>
      </a-form-item>
      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthOnly')" :name="['public', 'oauthOnly']">
        <div class="flex-o">
          <a-switch v-model:checked="formState.public.oauthOnly" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
        </div>
        <div class="helper">{{ t("certd.sys.setting.oauthOnlyHelper") }}</div>
      </a-form-item>
      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthAutoRedirect')" :name="['public', 'oauthAutoRedirect']">
        <div class="flex-o">
          <a-switch v-model:checked="formState.public.oauthAutoRedirect" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
        </div>
        <div class="helper">{{ t("certd.sys.setting.oauthAutoRedirectHelper") }}</div>
      </a-form-item>
      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthAutoRegister')" :name="['public', 'oauthAutoRegister']">
        <div class="flex-o">
          <a-switch
            v-model:checked="formState.public.oauthAutoRegister"
            :checked-children="t('certd.sys.setting.oauthAutoRegisterCheckedText')"
            :un-checked-children="t('certd.sys.setting.oauthAutoRegisterUnCheckedText')"
            :disabled="!settingsStore.isPlus"
            :title="t('certd.plusFeature')"
          />
        </div>
        <div class="helper">{{ t("certd.sys.setting.oauthAutoRegisterHelper") }}</div>
      </a-form-item>
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
        <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
      </a-form-item>
    </a-form>
  </div>
 </template>
 <script setup lang="tsx">
 import { notification } from "ant-design-vue";
 import { merge } from "lodash-es";
 import { reactive, ref, Ref } from "vue";
 import AddonSelector from "../../../certd/addon/addon-selector/index.vue";
 import { useSettingStore } from "/@/store/settings";
 import * as api from "/@/views/sys/settings/api";
 import { SysSettings } from "/@/views/sys/settings/api";
 import { useI18n } from "/src/locales";
 const { t } = useI18n();
 defineOptions({
  name: "SettingOauth",
 });
 const formState = reactive<Partial<SysSettings>>({
  public: {},
  private: {},
 });
 const oauthProviders = ref([]);
 async function loadOauthProviders() {
  oauthProviders.value = await api.GetOauthProviders();
 }
 function fillOauthProviders(form: any) {
  const providers: any = {};
  for (const item of oauthProviders.value) {
    const type = item.name;
    providers[type] = {
      type: type,
      title: item.title,
      icon: item.icon,
      addonId: item.addonId || null,
    };
  }
  form.public.oauthProviders = providers;
  return providers;
 }
 async function loadSysSettings() {
  const data: any = await api.SysSettingsGet();
  merge(formState, data);
  await loadOauthProviders();
 }
 const saveLoading = ref(false);
 loadSysSettings();
 const settingsStore = useSettingStore();
 const onFinish = async (form: any) => {
  try {
    saveLoading.value = true;
    fillOauthProviders(form);
    await api.SysSettingsSave(form);
    await settingsStore.loadSysSettings();
    notification.success({
      message: t("certd.saveSuccess"),
    });
    await loadOauthProviders();
  } finally {
    saveLoading.value = false;
  }
 };
 function buildCallbackUrl(type: string) {
  return `${window.location.origin}/api/oauth/callback/${type}`;
 }
 </script>
 <style lang="less">
 .sys-settings-oauth {
  width: 1000px !important;
  .addon-selector {
    .inner {
      justify-content: space-between;
    }
  }
 }
 </style>
@@ -55,45 +55,6 @@
          </a-form-item>
        </template>
      </template>
      <a-form-item :label="t('certd.sys.setting.enableOauth')" :name="['public', 'oauthEnabled']">
        <div class="flex-o">
          <a-switch v-model:checked="formState.public.oauthEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
          <vip-button class="ml-5" mode="button"></vip-button>
        </div>
      </a-form-item>
      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthProviders')" :name="['public', 'oauthProviders']">
        <div class="flex flex-wrap">
          <table class="w-full table-auto border-collapse border border-gray-400">
            <thead>
              <tr>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthType") }}</th>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthCallback") }}</th>
                <th class="border border-gray-300 px-4 py-2 w-1/3">{{ t("certd.sys.setting.oauthConfig") }}</th>
              </tr>
            </thead>
            <tbody>
              <tr v-for="(item, key) of oauthProviders" :key="key">
                <td class="border border-gray-300 px-4 py-2">
                  <div class="flex items-center" :title="item.desc">
                    <fs-icon :icon="item.icon" class="mr-2 text-blue-600" />
                    {{ item.title }}
                  </div>
                </td>
                <td class="border border-gray-300 px-4 py-2 overflow-ellipsis" :title="t('certd.sys.setting.oauthCallbackHelper')">
                  <fs-copyable :model-value="buildCallbackUrl(item.name)">
                    {{ t("certd.sys.setting.oauthCallbackCopy") }}
                  </fs-copyable>
                </td>
                <td class="border border-gray-300 px-4 py-2">
                  <AddonSelector v-model:model-value="item.addonId" addon-type="oauth" from="sys" :type="item.name" :placeholder="t('certd.sys.setting.oauthProviderSelectorPlaceholder')" />
                </td>
              </tr>
            </tbody>
          </table>
        </div>
      </a-form-item>
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
        <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
      </a-form-item>
@@ -105,7 +66,6 @@
 import { notification } from "ant-design-vue";
 import { merge } from "lodash-es";
 import { reactive, ref, Ref } from "vue";
 import AddonSelector from "../../../certd/addon/addon-selector/index.vue";
 import { useSettingStore } from "/@/store/settings";
 import * as api from "/@/views/sys/settings/api";
 import { SysSettings } from "/@/views/sys/settings/api";
@@ -196,26 +156,6 @@ async function loadTypeDefine(type: string) {
  smsTypeDefineInputs.value = inputs;
 }
 const oauthProviders = ref([]);
 async function loadOauthProviders() {
  oauthProviders.value = await api.GetOauthProviders();
 }
 function fillOauthProviders(form: any) {
  const providers: any = {};
  for (const item of oauthProviders.value) {
    const type = item.name;
    providers[type] = {
      type: type,
      title: item.title,
      icon: item.icon,
      addonId: item.addonId || null,
    };
  }
  form.public.oauthProviders = providers;
  return providers;
 }
 async function loadSysSettings() {
  const data: any = await api.SysSettingsGet();
  merge(formState, data);
@@ -230,7 +170,6 @@ async function loadSysSettings() {
  if (!settingsStore.isComm) {
    formState.public.smsLoginEnabled = false;
  }
  await loadOauthProviders();
 }
 const saveLoading = ref(false);
@@ -239,7 +178,6 @@ const settingsStore = useSettingStore();
 const onFinish = async (form: any) => {
  try {
    saveLoading.value = true;
    fillOauthProviders(form);
    await api.SysSettingsSave(form);
    await settingsStore.loadSysSettings();
    notification.success({
@@ -249,10 +187,6 @@ const onFinish = async (form: any) => {
    saveLoading.value = false;
  }
 };
 function buildCallbackUrl(type: string) {
  return `${window.location.origin}/api/oauth/callback/${type}`;
 }
 </script>
 <style lang="less">
 .sys-settings-register {
@@ -3,6 +3,35 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.37.15](https://github.com/certd/certd/compare/v1.37.14...v1.37.15) (2025-12-06)
 ### Bug Fixes
 * oidc 支持nonce ([a5ca411](https://github.com/certd/certd/commit/a5ca41131b308b36b17ca359d9709ea8e9b7cee1))
 ### Performance Improvements
 * 第三方登录支持gitee ([5cee7d4](https://github.com/certd/certd/commit/5cee7d44f17bd36972f477bc1f270999da558d05))
 * 邮件模版安全优化 ([adca151](https://github.com/certd/certd/commit/adca151e4f07a4c6a2a753bfa48ee0d4d6469fd2))
 * 支持部署到中国移动CDN ([4351304](https://github.com/certd/certd/commit/43513049beff407558d2a234415521464165cebc))
 * 支持k8s apply ([d55954a](https://github.com/certd/certd/commit/d55954a36391ebe6a9397ff7dcfb710193ac5e34))
 ## [1.37.14](https://github.com/certd/certd/compare/v1.37.13...v1.37.14) (2025-12-02)
 **Note:** Version bump only for package @certd/ui-server
 ## [1.37.13](https://github.com/certd/certd/compare/v1.37.12...v1.37.13) (2025-12-02)
 ### Bug Fixes
 * 修复西部数据返回信息乱码问题 ([78b1650](https://github.com/certd/certd/commit/78b1650bdb071c858b3f90d53a700d11ee6de328))
 * 修复西部数码使用域名级别的key申请证书失败的问题 ([5edc72d](https://github.com/certd/certd/commit/5edc72d47550b8e3364dabda70a41cce75d87956))
 ### Performance Improvements
 * 第三方登录允许选择logo ([bb3085e](https://github.com/certd/certd/commit/bb3085ef84201ccd2dc632ba8c5097cb00258be4))
 * 支持OIDC单点登录 ([fbf12f1](https://github.com/certd/certd/commit/fbf12f16b5eaa7676fd41923587bf6bd2595adba))
 ## [1.37.12](https://github.com/certd/certd/compare/v1.37.11...v1.37.12) (2025-11-29)
 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.37.12",
+  "version": "1.37.15",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -45,20 +45,20 @@
    "@aws-sdk/client-cloudfront": "^3.699.0",
    "@aws-sdk/client-iam": "^3.699.0",
    "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.37.12",
+    "@certd/acme-client": "^1.37.15",
-    "@certd/basic": "^1.37.12",
+    "@certd/basic": "^1.37.15",
-    "@certd/commercial-core": "^1.37.12",
+    "@certd/commercial-core": "^1.37.15",
    "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.37.12",
+    "@certd/jdcloud": "^1.37.15",
-    "@certd/lib-huawei": "^1.37.12",
+    "@certd/lib-huawei": "^1.37.15",
-    "@certd/lib-k8s": "^1.37.12",
+    "@certd/lib-k8s": "^1.37.15",
-    "@certd/lib-server": "^1.37.12",
+    "@certd/lib-server": "^1.37.15",
-    "@certd/midway-flyway-js": "^1.37.12",
+    "@certd/midway-flyway-js": "^1.37.15",
-    "@certd/pipeline": "^1.37.12",
+    "@certd/pipeline": "^1.37.15",
-    "@certd/plugin-cert": "^1.37.12",
+    "@certd/plugin-cert": "^1.37.15",
-    "@certd/plugin-lib": "^1.37.12",
+    "@certd/plugin-lib": "^1.37.15",
-    "@certd/plugin-plus": "^1.37.12",
+    "@certd/plugin-plus": "^1.37.15",
-    "@certd/plus-core": "^1.37.12",
+    "@certd/plus-core": "^1.37.15",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
    "@koa/cors": "^5.0.0",
@@ -1,15 +1,15 @@
 import { addonRegistry, AddonService, BaseController, Constants, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
 import { ALL, Body, Controller, Get, Inject, Param, Post, Provide, Query } from "@midwayjs/core";
 import { AddonGetterService } from "../../../modules/pipeline/service/addon-getter-service.js";
 import { IOauthProvider } from "../../../plugins/plugin-oauth/api.js";
 import { LoginService } from "../../../modules/login/service/login-service.js";
 import { CodeService } from "../../../modules/basic/service/code-service.js";
 import { UserService } from "../../../modules/sys/authority/service/user-service.js";
 import { UserEntity } from "../../../modules/sys/authority/entity/user.js";
 import { logger, simpleNanoId, utils } from "@certd/basic";
-import { OauthBoundService } from "../../../modules/login/service/oauth-bound-service.js";
+import { addonRegistry, AddonService, BaseController, Constants, SysInstallInfo, SysSettingsService } from "@certd/lib-server";
 import { OauthBoundEntity } from "../../../modules/login/entity/oauth-bound.js";
 import { checkPlus } from "@certd/plus-core";
 import { ALL, Body, Controller, Get, Inject, Param, Post, Provide, Query } from "@midwayjs/core";
 import { CodeService } from "../../../modules/basic/service/code-service.js";
 import { OauthBoundEntity } from "../../../modules/login/entity/oauth-bound.js";
 import { LoginService } from "../../../modules/login/service/login-service.js";
 import { OauthBoundService } from "../../../modules/login/service/oauth-bound-service.js";
 import { AddonGetterService } from "../../../modules/pipeline/service/addon-getter-service.js";
 import { UserEntity } from "../../../modules/sys/authority/entity/user.js";
 import { UserService } from "../../../modules/sys/authority/service/user-service.js";
 import { IOauthProvider } from "../../../plugins/plugin-oauth/api.js";
 /**
 */
@@ -121,6 +121,14 @@ export class ConnectController extends BaseController {
  }
  @Post('/getLogoutUrl', { summary: Constants.per.guest })
  public async logout(@Body(ALL) body: any) {
    checkPlus()
    const addon = await this.getOauthProvider(body.type);
    const { logoutUrl } = await addon.buildLogoutUrl(body);
    return this.ok({ logoutUrl });
  }
  @Post('/token', { summary: Constants.per.guest })
  public async token(@Body(ALL) body: { validationCode: string, type: string }) {
@@ -241,6 +249,15 @@ export class ConnectController extends BaseController {
        if (addonEntity) {
          provider.addonId = conf.addonId;
          provider.addonTitle = addonEntity.name;
          const addon = await this.addonGetterService.getAddonById(conf.addonId,true,0);
          const {logoutUrl} = await addon.buildLogoutUrl();
          if (logoutUrl){
            provider.logoutUrl = logoutUrl;
          }
          if(addon.icon){
            provider.icon = addon.icon;
          }
        }
      }
      list.push(provider);
@@ -39,3 +39,4 @@ export * from './plugin-captcha/index.js'
 export * from './plugin-xinnet/index.js'
 export * from './plugin-xinnetconnet/index.js'
 export * from './plugin-oauth/index.js'
 export * from './plugin-cmcc/index.js'
@@ -0,0 +1,66 @@
 import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
 import { CmccClient } from "./cmcc-client.js";
 /**
 * 
 *  tenantId: string;
  tenantKey: string;
  endpoint?: string;
 */
@IsAccess({
  name: "cmcc",
  title: "中国移动CND授权",
  desc: "",
  icon: "clarity:plugin-line"
 })
 export class CmccAccess extends BaseAccess {
  @AccessInput({
    title: 'TenantID',
    component: {
      placeholder: 'TenantID',
    },
    required: true,
  })
  tenantId = '';
  @AccessInput({
    title: 'TenantKey',
    component: {
      placeholder: 'TenantKey',
    },
    required: true,
    encrypt: true,
  })
  tenantKey = '';
  @AccessInput({
    title: "测试",
    component: {
      name: "api-test",
      action: "TestRequest"
    },
    helper: "点击测试接口是否正常"
  })
  testRequest = true;
  async onTestRequest() {
    const client = await this.getCmccClient()
    await client.getDomainList({})
    return "ok"
  }
  async getCmccClient() {
    return new CmccClient({
      tenantId: this.tenantId,
      tenantKey: this.tenantKey,
      http: this.ctx.http,
      logger: this.ctx.logger,
    })
  }
 }
 new CmccAccess();
@@ -0,0 +1,405 @@
 import { HttpClient, ILogger } from '@certd/basic';
 import { CertInfo, CertReader } from '@certd/plugin-cert';
 import * as crypto from 'crypto';
 export interface CmcdnConfig {
  tenantId: string;
  tenantKey: string;
  endpoint?: string;
  http: HttpClient;
  logger: ILogger;
 }
 /**
 * 移动CDN平台SDK
 */
 export class CmccClient {
  private config: Required<CmcdnConfig>;
  private token: string | null = null;
  private tokenExpiresAt: number | null = null;
  private http: HttpClient;
  private logger: ILogger;
  /**
   * 构造函数
   * @param config 配置信息
   */
  constructor(config: CmcdnConfig) {
    this.config = {
      endpoint: 'https://p.cdn.10086.cn/',
      ...config,
    };
    this.http = config.http
    this.logger = config.logger;
    if (!this.config.tenantId) {
      throw new Error('tenantId is required');
    }
    if (!this.config.tenantKey) {
      throw new Error('tenantKey is required');
    }
  }
  /**
   * 生成SHA256哈希
   * @param data 输入数据
   * @returns SHA256哈希值
   */
  private sha256Hex(data: string): string {
    return crypto.createHash('sha256').update(data).digest('hex');
  }
  /**
   * 获取当前ISO8601格式时间
   * @returns ISO8601时间字符串
   */
  private getCurrentIsoTime(): string {
    return new Date().toISOString();
  }
  /**
   * 生成认证请求签名
   * @param datetime 请求时间
   * @returns 签名
   */
  private generateAuthSign(datetime: string): string {
    const signData = `${this.config.tenantId}${datetime}${this.config.tenantKey}`;
    return this.sha256Hex(signData);
  }
  /**
   * 生成API请求签名
   * @param body 请求体
   * @param token 认证token
   * @returns 签名
   */
  private generateApiSign(body: any, token: string): string {
    const bodyStr = body ? JSON.stringify(body) : '';
    return this.sha256Hex(bodyStr + token);
  }
  /**
   * 检查token是否有效
   * @returns token是否有效
   */
  private isTokenValid(): boolean {
    if (!this.token || !this.tokenExpiresAt) {
      return false;
    }
    return Date.now() < this.tokenExpiresAt;
  }
  /**
   * 获取认证token
   * @returns 认证token
   */
  async getToken(): Promise<string> {
    // 检查是否有有效的token
    if (this.isTokenValid()) {
      return this.token!;
    }
    const datetime = this.getCurrentIsoTime();
    const sign = this.generateAuthSign(datetime);
    const authRequest = {
      datetime,
      authorization: {
        tenant_id: this.config.tenantId,
        sign,
      },
    };
    const response = await this.http.request({
      baseURL: this.config.endpoint,
      url: '/api/authentication',
      method: 'POST',
      headers: {
        'Content-Type': 'application/json',
        'Accept': 'application/json',
      },
      data: authRequest,
      skipSslVerify: true,
      logParams: false,
      logRes: false,
      logData: false
    });
    this.token = response.token;
    // Token有效期为12小时
    this.tokenExpiresAt = Date.now() + 12 * 60 * 60 * 1000;
    return this.token;
  }
  /**
   * 调用API
   * @param req 请求选项
   * @returns API响应
   */
  async doRequest(req: any): Promise<any> {
    // 获取有效的token
    const token = await this.getToken();
    // 设置默认headers
    const defaultHeaders: Record<string, string> = {
      'Content-Type': 'application/json',
      'Accept': 'application/vnd.cmcdn+json',
      'CMCDN-Auth-Token': token,
    };
    // 生成签名
    if (req.method === 'POST' || req.method === 'PUT') {
      const signature = this.generateApiSign(req.data, token);
      defaultHeaders['HTTP-X-CMCDN-Signature'] = signature;
    } else {
      const signature = this.sha256Hex(token);
      defaultHeaders['HTTP-X-CMCDN-Signature'] = signature;
    }
    // 合并自定义headers
    const headers = { ...defaultHeaders, ...req.headers };
    // 发送请求
    try {
      const response = await this.http.request({
        baseURL: this.config.endpoint,
        url: req.url,
        method: req.method,
        headers: headers,
        data: req.data,
        skipSslVerify: true,
        logParams: false,
        logRes: false,
        logData: false
      });
      if (response.error_code != 0) {
        this.logger.error(`接口请求失败,${JSON.stringify(response)}`);
        throw new Error(response.error_msg || "接口请求失败");
      }
      return response.data;
    } catch (error) {
      this.logger.error(`接口请求失败,${error.response?.data?.error_msg || error.message}`);
      throw new Error(error.response?.data?.error_msg || error.message);
    }
  }
  /**
   * 清除token
   */
  clearToken(): void {
    this.token = null;
    this.tokenExpiresAt = null;
  }
  /**
   * 获取当前token
   * @returns 当前token
   */
  getCurrentToken(): string | null {
    return this.token;
  }
  /**
   * 
  域名列表查询
  本接口由 CDN 运营平台提供 ，所有外部 EC 客户使用。该接口为客户提供该客户各状态域名列表查询。本接口仅支持 JSON 结构。
  7.1  目录信息
  /api/domain_list?domainName =${domainName}&domainStatus =${domainStatus}
  7.2  请求方法
  GET
  7.3  响应状态码
  请求接收成功 ：201 ， body 内容详见下一节；
  授权错误 ：403；
  请求错误 ：400；
  其他 ：见 1.2.5 状态码。
  7.4  JSON 结构规范
  7.4.1 请求 URI 参数
  序号	父元素	元素名称	约束	类型	长度	描述
  1		domainName	?	String		域名模糊匹配过滤
  2		domainStatus	?	String		域名状态过滤online：启用
  offline：停用
  configuring：配置中
  configure_failed ：配置失败
  7.4.2 请求 URI 示例
  GET： http://xxx.com/api/domain_list?domainName=www.test.com&domainStatus=online
  7.4.3  响应数据体
  序号	父元	元素名称	约束	类型	长度	描述
  1		data	1	array		查询结果
  2	data	domainName	1	String		加速域名名称
  3	data	createTime	1	datetime		加速域名创建时间(2017-07-25  17:45:52)
  4	data	cname	*	String		加速域名对应的 CNAME 域名
  5	data	type	*	String		域名产品类型：
  demand:点播产品(视音频/网页、下载);
  live:直播产品
  6	data	status	*	String		域名状态：启用
  停用
  配置中
  配置失败待分发
  已生效启用中
  删除中
  7.4.4  响应报文示例
  {
  "data": [{
  "createTime": "2017-07-25 17:45:52",
  "domainName": "www.ponshine.com",
  "cname": "www.ponshine.com.cmcdn.cdn.10086.cn", "type ": "demand"
  },
  {
  "createTime": "2018-11-07 22:09:41",
  "domainName": "www.testcustom.com",
  "cname": "www.testcustom.com.cmcdn.cdn.10086.cn", "type ": "live"
  }
  ]
  }
   */
  async getDomainList(req: { domainName?: string, domainStatus?: string }) {
    const res = await this.doRequest({
      url: "/api/domain_list",
      method: "GET",
      params: {
        domainName: req.domainName,
        domainStatus: req.domainStatus,
      }
    })
    this.logger.info("getDomainList", res);
    return res.data;
  }
  /**
   * /api/config/action?commandType =saveCrt&version =1
  12.1.2 请求方法
  新增 POST
  修改 PUT
  12.1.3 响应状态码
  请求接收成功： 200/201 ， body内容详见下一节；
  授权错误 ：403；
  请求错误 ：400；
  其他 ：见1.2.5状态码。
  12.1.4 JSON 结构规范
  12.1.4.1请求数据体
  参数	说明	类型	约束
  certificate	证书 ，仅支持 PEM 格式，
  证书内的换行符使用字符串“\n”代替
  内容如需加密传输可使用
  PBEWith MD5And DES 加密 ，秘钥将私下
  提供	
  string	
  必选
  private_key	私钥 ，仅支持 PEM 格式，
  私钥内的换行符使用字符串“\n”代替
  内容如需加密传输可使用
  PBEWith MD5And DES 加密 ，秘钥将私下
  提供	
  string	
  必选
  crt_name	证书名称 ，不支持修改 ，有传 unique_id
  时不需要
  (仅支持英文字母、数字、下划线 ，最大长	
  string	
  必选
    度为 32 个字符)		
  unique_id	证书唯一 id ，修改证书时该项必选；
  修改证书时 ，如历史证书已绑定域名，
  修改后证书也需支持对应域名	
  string	
  修改必选
  contact_name	证书联系人	string	可选
  contact_mobile	证书联系人手机号	string	可选
  contact_email	证书联系人邮箱	string	可选
  12.1.4.2请求报文示例
   */
  async uploadCert(req: { cert: CertInfo }) {
    const certReader = new CertReader(req.cert);
    const res = await this.doRequest({
      url: "/api/config/action?commandType=saveCrt&version=1",
      method: "POST",
      data: {
        certificate: req.cert.crt,
        private_key: req.cert.key,
        crt_name: certReader.buildCertName(),
      }
    })
    this.logger.info("uploadCert", res);
    return res;
  }
  /**
   * 
   * @param req 
   */
  async deployCertToCdn(req: { domainNames: string[], certId: string }) {
    // /api/config/action?commandType = manageDomainBaseConfig&version = 1
    const res = await this.doRequest({
      url: "/api/config/action?commandType=manageDomainBaseConfig&version=1",
      method: "PUT",
      data: {
        modify_type: 0,
        domains: req.domainNames,
        https_enable: true,
        unique_id: req.certId,
      }
    })
    this.logger.info("deployCertToCdn", res);
    return res.data;
  }
 }
@@ -0,0 +1,2 @@
 export * from './access.js'
 export * from './plugin-deploy-to-cdn.js'
@@ -0,0 +1,126 @@
 import {
  IsTaskPlugin,
  PageSearch,
  pluginGroups,
  RunStrategy,
  TaskInput
 } from "@certd/pipeline";
 import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
 import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
 import { AbstractPlusTaskPlugin } from "@certd/plugin-plus";
 import { CmccAccess } from "./access.js";
@IsTaskPlugin({
  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
  name: "CmccDeployCertToCdn",
  title: "中国移动-部署证书到CDN",
  desc: "中国移动自动部署证书到CDN",
  icon: "svg:icon-lucky",
  //插件分组
  group: pluginGroups.cdn.key,
  needPlus: true,
  default: {
    //默认值配置照抄即可
    strategy: {
      runStrategy: RunStrategy.SkipWhenSucceed
    }
  }
 })
 //类名规范，跟上面插件名称（name）一致
 export class CmccDeployCertToCdn extends AbstractPlusTaskPlugin {
  //证书选择，此项必须要有
  @TaskInput({
    title: "域名证书",
    helper: "请选择前置任务输出的域名证书",
    component: {
      name: "output-selector",
      from: [...CertApplyPluginNames]
    }
    // required: true, // 必填
  })
  cert!: CertInfo;
  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
  certDomains!: string[];
  //授权选择框
  @TaskInput({
    title: "中国移动-授权",
    component: {
      name: "access-selector",
      type: "cmcc" //固定授权类型
    },
    required: true //必填
  })
  accessId!: string;
  //
  @TaskInput(
    createRemoteSelectInputDefine({
      title: "加速域名",
      helper: "要更新的中国移动CDN域名",
      action: CmccDeployCertToCdn.prototype.onGetDomainList.name,
      pager: false,
      search: false
    })
  )
  domainList!: string[];
  //插件实例化时执行的方法
  async onInstance() {
  }
  //插件执行方法
  async execute(): Promise<void> {
    const access = await this.getAccess<CmccAccess>(this.accessId);
    const client = await access.getCmccClient();
    this.logger.info(`----------- 开始更新证书：${this.domainList}`);
    const newCert = await client.uploadCert({
      cert: this.cert
    })
    const certId = newCert.unique_id
    this.logger.info(`----------- 上传证书成功,证书ID:${certId}`);
    await client.deployCertToCdn({
      certId: certId,
      domainNames: this.domainList
    });
    this.logger.info(`----------- 更新证书${this.domainList}成功,等待10s`);
    await this.ctx.utils.sleep(10000);
    this.logger.info("部署完成");
  }
  async onGetDomainList(data: PageSearch = {}) {
    const access = await this.getAccess<CmccAccess>(this.accessId);
    const client= await access.getCmccClient();
    const res = await client.getDomainList({})
    const list = res || []
    if (!list || list.length === 0) {
      throw new Error("没有找到加速域名");
    }
    /**
     * certificate-id
     * name
     * dns-names
     */
    const options = list.map((item: any) => {
      return {
        label: `${item.domainName}`,
        value: item.domainName,
        domain: item.domainName
      };
    });
    return {
      list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
    };
  }
 }
 //实例化一下，注册插件
 new CmccDeployCertToCdn();
@@ -43,7 +43,15 @@ export type BuildLoginUrlReq = {
    from?:string;
 }
 export type BuildLogoutUrlReq = {
 }
 export type LogoutUrlReply = {
    logoutUrl?: string;
 }
 export interface IOauthProvider {
    buildLoginUrl: (params: BuildLoginUrlReq) => Promise<LoginUrlReply>;
    onCallback: (params: OnCallbackReq) => Promise<OauthToken>;
    buildLogoutUrl: (params: BuildLogoutUrlReq) => Promise<LogoutUrlReply>;
 }
@@ -1,3 +1,4 @@
 export * from './api.js'
 export * from './oidc/plugin-oidc.js'
 export * from './wx/plugin-wx.js'
 export * from './oauth2/plugin-gitee.js'
@@ -0,0 +1,155 @@
 import { AddonInput, BaseAddon, IsAddon } from "@certd/lib-server";
 import { BuildLoginUrlReq, BuildLogoutUrlReq, IOauthProvider, OnCallbackReq } from "../api.js";
@IsAddon({
  addonType: "oauth",
  name: 'gitee',
  title: 'Gitee认证',
  desc: 'Gitee OAuth2登录',
  icon:"simple-icons:gitee:red",
  showTest: false,
 })
 export class GiteeOauthProvider extends BaseAddon implements IOauthProvider {
  @AddonInput({
    title: "ClientId",
    helper: "[gitee 第三方应用管理](https://gitee.com/oauth/applications)创建应用后获取",
    required: true,
  })
  clientId = "";
  @AddonInput({
    title: "ClientSecretKey",
    component: {
      placeholder: "ClientSecretKey / appSecretKey",
    },
    required: true,
  })
  clientSecretKey = "";
  // @AddonInput({
  //   title: "授权地址",
  //   helper: "授权请求url",
  //   component: {
  //     placeholder: "https://xxxxx.com/oauth/authorize",
  //   },
  //   required: true,
  // })
  // authorizeEndpoint = "";
  /**
   * gitee.authorizeURL = https://gitee.com/oauth/authorize
 gitee.accessToken = https://gitee.com/oauth/token
 gitee.userInfo = https://gitee.com/api/v5/user
   */
  // @AddonInput({
  //   title: "Token获取地址",
  //   helper: "Token获取url",
  //   component: {
  //     placeholder: "https://xxxxx.com/oauth/token",
  //   },
  //   required: true,
  // })
  // tokenEndpoint = "";
  //  @AddonInput({
  //   title: "用户信息获取地址",
  //   helper: "用户信息url",
  //   component: {
  //     placeholder: "https://xxxxx.com/api/user_info",
  //   },
  //   required: true,
  // })
  // userInfoEndpoint = "";
  // @AddonInput({
  //   title: "Scope",
  //   helper: "授权Scope",
  //   value:"user_info",
  //   component: {
  //     placeholder: "profile",
  //   },
  //   required: true,
  // })
  // scope: string;
  async buildLoginUrl(params: BuildLoginUrlReq) {
    let scope = "user_info" // Scope of the access request
    let state:any = {
      forType: params.forType || 'login',
    }
    state = this.ctx.utils.hash.base64(JSON.stringify(state))
    const authorizeEndpoint = "https://gitee.com/oauth/authorize"
    const redirectUrl = encodeURIComponent(params.redirectUri)
    // https://gitee.com/oauth/authorize?client_id=5bb5f4158af41c50c7a17b5d9068244e97d3ee572def6a57ed32fd8c9d760ad1&redirect_uri=http%3A%2F%2Fcasdoor.docmirror.cn%3A8000%2Fcallback&response_type=code
    const loginUrl = `${authorizeEndpoint}?client_id=${this.clientId}&redirect_uri=${redirectUrl}&response_type=code&scope=${scope}&state=${state}`
    return {
      loginUrl,
      ticketValue: {
        state,
      },
    };
  }
  async onCallback(req: OnCallbackReq) {
    //校验state
    const code = req.code || ""
    const tokenEndpoint = "https://gitee.com/oauth/token"
    const uri = new URL(req.currentURL)
    const redirectUri = `${uri.origin}${uri.pathname}`
    const res = await this.ctx.utils.http.request( {
        url: tokenEndpoint,
        method: "post",
        data:{
        // https://gitee.com/oauth/token?
        // grant_type=authorization_code&code={code}&client_id={client_id}&redirect_uri={redirect_uri}&client_secret={client_secret}
          grant_type: "authorization_code",
          code,
          client_id: this.clientId,
          redirect_uri: redirectUri,
          client_secret: this.clientSecretKey,
        }
    })
    const tokens = res
    const userInfoEndpoint = "https://gitee.com/api/v5/user"
    // 获取用户信息
     const userInfoRes = await this.ctx.utils.http.request( {
        url: userInfoEndpoint,
        method: "get",
        params:{
          access_token: tokens.access_token,
        }
    })
    const userInfo = userInfoRes
    return {
      token:{
        accessToken: tokens.access_token,
        refreshToken: tokens.refresh_token,
        expiresIn: tokens.expires_in,
      },
      userInfo: {
        openId: userInfo.id,
        nickName: userInfo.name || userInfo.nick_name || "",
        avatar: userInfo.avatar_url,
      },
    }
  };
  async buildLogoutUrl(params: BuildLogoutUrlReq) {
    return {};
  }
 }
@@ -1,16 +1,26 @@
 import { AddonInput, BaseAddon, IsAddon } from "@certd/lib-server";
-import { BuildLoginUrlReq, IOauthProvider, OnCallbackReq } from "../api.js";
+import { BuildLoginUrlReq, BuildLogoutUrlReq, IOauthProvider, OnCallbackReq } from "../api.js";
@IsAddon({
  addonType: "oauth",
  name: 'oidc',
  title: 'OIDC认证',
  desc: 'OpenID Connect 认证，统一认证服务',
-  icon:"simple-icons:fusionauth",
+  icon:"simple-icons:fusionauth:#006be6",
  showTest: false,
 })
 export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
  @AddonInput({
    title: "自定义图标",
    component: {
      name:"fs-icon-selector",
      vModel:"modelValue"
    },
    required: false,
  })
  icon = "";
  @AddonInput({
    title: "ClientId",
    helper: "ClientId / appId",
@@ -29,7 +39,7 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
  @AddonInput({
    title: "服务地址",
-    helper: "Issuer地址，去掉/.well-known/openid-configuration的服务发现地址",
+    helper: "Issuer地址，服务发现地址去掉/.well-known/openid-configuration",
    component: {
      placeholder: "https://oidc.example.com/oidc",
    },
@@ -80,24 +90,16 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
      code_challenge,
      code_challenge_method: 'S256',
      state,
      nonce: client.randomNonce(),
    }
    // if (!config.serverMetadata().supportsPKCE()) {
    //     /**
    //      * We cannot be sure the server supports PKCE so we're going to use state too.
    //      * Use of PKCE is backwards compatible even if the AS doesn't support it which
    //      * is why we're using it regardless. Like PKCE, random state must be generated
    //      * for every redirect to the authorization_endpoint.
    //      */
    //     parameters.state = client.randomState()
    // }
    let redirectTo = client.buildAuthorizationUrl(config, parameters)
    return {
      loginUrl: redirectTo.href,
      ticketValue: {
        codeVerifier: code_verifier,
        state,
        nonce: parameters.nonce,
      },
    };
  }
@@ -110,8 +112,9 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
      config,
      req.currentURL,
      {
-        expectedState: client.skipStateCheck ,
+        expectedState: req.ticketValue.state,
        pkceCodeVerifier: req.ticketValue.codeVerifier,
        expectedNonce: req.ticketValue.nonce,
      }
    )
@@ -129,4 +132,12 @@ export class OidcOauthProvider extends BaseAddon implements IOauthProvider {
      },
    }
  };
  async buildLogoutUrl(params: BuildLogoutUrlReq) {
    const { config } = await this.getClient()
    let logoutUrl =  config.serverMetadata().end_session_endpoint
    return {
      logoutUrl: logoutUrl,
    };
  }
 }
@@ -1,12 +1,12 @@
 import { AddonInput, BaseAddon, IsAddon } from "@certd/lib-server";
-import { BuildLoginUrlReq, IOauthProvider, OnCallbackReq } from "../api.js";
+import { BuildLoginUrlReq, BuildLogoutUrlReq, IOauthProvider, OnCallbackReq } from "../api.js";
@IsAddon({
  addonType: "oauth",
  name: 'wx',
  title: '微信登录',
  desc: '微信网站应用登录',
-  icon: "mdi:wechat",
+  icon: "ion:logo-wechat:green",
  showTest: false,
 })
 export class WxOauthProvider extends BaseAddon implements IOauthProvider {
@@ -125,4 +125,9 @@ export class WxOauthProvider extends BaseAddon implements IOauthProvider {
      },
    }
  };
  async buildLogoutUrl(params: BuildLogoutUrlReq) {
    return {};
  }
 }
@@ -1,6 +1,7 @@
 import {AbstractTaskPlugin, FileItem, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput} from '@certd/pipeline';
 import {CertInfo, CertReader} from "@certd/plugin-cert";
 import dayjs from "dayjs";
 import { get } from 'lodash-es';
@IsTaskPlugin({
  name: 'DeployCertToMailPlugin',
@@ -176,11 +177,13 @@ export class DeployCertToMailPlugin extends AbstractTaskPlugin {
    })
  }
-  compile(templateString:string) {
+  compile(templateString: string) {
-    return new Function('data', `    with(data || {}) {
+    return function(data) {
-        return \`${templateString}\`;
+      return templateString.replace(/\${(.*?)}/g, (match, key) => {
-      }
+        const value = get(data, key, '');
-    `);
+        return String(value);
      });
    };
  }
 }
 new DeployCertToMailPlugin();
@@ -1,6 +1,7 @@
 import { HttpRequestConfig } from '@certd/basic';
 import { IsAccess, AccessInput, BaseAccess } from '@certd/pipeline';
 import qs from 'qs';
 import iconv from 'iconv-lite';
 /**
 * 这个注解将注册一个授权配置
 * 在certd的后台管理系统中，用户可以选择添加此类型的授权
@@ -91,6 +92,27 @@ export class WestAccess extends BaseAccess {
  apidomainkey = '';
   /**
   * 授权属性配置
   */
  @AccessInput({
    title: '域名',
    component: {
      placeholder: '域名级别的key对应的域名',
    },
    encrypt: false,
    required: false,
    mergeScript: `
    return {
      show:ctx.compute(({form})=>{
        return form.access.scope === 'domain'
      })
    }
    `,
  })
  domain = '';
  @AccessInput({
    title: "测试",
    component: {
@@ -102,10 +124,44 @@ export class WestAccess extends BaseAccess {
  testRequest = true;
  async onTestRequest() {
    if(this.scope === 'domain'){
      if(!this.domain){
        throw new Error('domain 必填');
      }
      await this.getDomainRecordList({limit:1});
      return "ok";
    }
    await this.getDomainList();
    return "ok";
  }
  async getDomainRecordList(req:{limit:number}){
     // 获取域名解析记录列表
    return await this.doDoimainApiRequest('https://api.west.cn/API/v2/domain/dns/',{
      act:'dnsrec.list',
      domain:this.domain,
      limit: req.limit || 10,
     })
  }
  async doDoimainApiRequest(url: string, data: any = null, method = 'post') {
    data.apidomainkey = this.apidomainkey;
    const res = await this.ctx.http.request<any, any>({
      url,
      method,
      data,
      headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
      },
    });
    if (res.msg !== 'success') {
      throw new Error(`${JSON.stringify(res.msg)}`);
    }
    return res;
  }
  async getDomainList() {
    const res = await this.doRequest({
@@ -158,7 +214,7 @@ token=md5(zhangsan + 5dh232kfg!* + 1554691950854)=cfcd208495d565ef66e7dff9f98764
    const headers = {}
    const body: any = {}
    if (method.toUpperCase() === 'POST') {
-      headers['Content-Type'] = 'application/x-www-form-urlencoded';
+      headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=UTF-8';
      body.data = data
    } else if (method.toUpperCase() === 'GET') {
      let queryString = '';
@@ -175,6 +231,25 @@ token=md5(zhangsan + 5dh232kfg!* + 1554691950854)=cfcd208495d565ef66e7dff9f98764
      method,
      ...body,
      headers,
      responseType: 'arraybuffer', // 关键：获取原始二进制数据
      transformResponse: [
        function(data, headers) { // headers 参数包含响应头
          try {
            const contentType = headers['content-type'] || '';
            // 判断是否是 GB2312/GBK 编码
            if (contentType.includes('gb2312') || contentType.includes('gbk')) {
              // 使用 iconv-lite 解码
              data = iconv.decode(data, 'gb2312');
            }else{
              // 默认按 UTF-8 处理
              data = data.toString('utf-8');
            }
          } catch (error) {
            console.error('解码失败:', error);
          }
          return JSON.parse(data);
        }
      ]
    });
    this.ctx.logger.info(`request ${url} ${method} res:${JSON.stringify(res)}`);
    if (res.msg !== 'success' && res.result!= 200) {
@@ -0,0 +1,91 @@
 import { AbstractDnsProvider, CreateRecordOptions, RemoveRecordOptions } from '@certd/plugin-cert';
 import { WestAccess } from './access.js';
 type westRecord = {
  // 这里定义Record记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到id就行，用于删除txt解析记录，清理申请痕迹
  code: number;
  msg: string;
  body: {
    record_id: number;
  };
 };
 export class WestDnsProviderDomain extends AbstractDnsProvider<westRecord> {
  access!: WestAccess;
  async onInstance() {
    this.access = this.ctx.access as WestAccess
    // 也可以通过ctx成员变量传递context
    this.logger.debug('access:', this.access);
    //初始化的操作
    //...
  }
  /**
   * 创建dns解析记录，用于验证域名所有权
   */
  async createRecord(options: CreateRecordOptions): Promise<any> {
    /**
     * options 参数说明
     * fullRecord: '_acme-challenge.example.com',
     * value: 一串uuid
     * type: 'TXT',
     * domain: 'example.com'
     */
    const { fullRecord, value, type, domain } = options;
    this.logger.info('添加域名解析：', fullRecord, value, type, domain);
    // 准备要发送到API的请求体
    const requestBody = {
      act: 'dnsrec.add', // API动作类型
      domain: domain, // 域名
      record_type: 'TXT', // DNS记录类型
      hostname: fullRecord, // 完整的记录名
      record_value: value, // 记录的值
      record_line: '', // 记录线路
      record_ttl: 60, // TTL (生存时间)，设置为60秒
    };
    const url = 'https://api.west.cn/API/v2/domain/dns/';
    const res = await this.access.doDoimainApiRequest(url, requestBody);
    const record = res as westRecord;
    this.logger.info(`添加域名解析成功:fullRecord=${fullRecord},value=${value}`);
    this.logger.info(`dns解析记录:${JSON.stringify(record)}`);
    // 西部数码生效较慢 增加90秒等待 提高成功率
    this.logger.info('等待解析生效:wait 90s');
    await new Promise(resolve => setTimeout(resolve, 90000));
    return record;
  }
  /**
   *  删除dns解析记录,清理申请痕迹
   * @param options
   */
  async removeRecord(options: RemoveRecordOptions<westRecord>): Promise<void> {
    const { fullRecord, value, domain } = options.recordReq;
    const record = options.recordRes;
    this.logger.info('删除域名解析：', fullRecord, value, record);
    if (!record) {
      this.logger.info('record不存在');
      return;
    }
    //这里调用删除txt dns解析记录接口
    // 准备要发送到API的请求体
    const requestBody = {
      act: 'dnsrec.remove', // API动作类型
      domain: domain, // 域名
      record_id: record.body.record_id,
      hostname: fullRecord, // 完整的记录名
      record_type: 'TXT', // DNS记录类型
      record_line: '', // 记录线路
    };
    const url = 'https://api.west.cn/API/v2/domain/dns/';
    const res = await this.access.doDoimainApiRequest(url, requestBody);
    const result = res.result;
    this.logger.info('删除域名解析成功:', fullRecord, value, JSON.stringify(result));
  }
 }
@@ -1,5 +1,5 @@
 import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
-
+import { WestDnsProviderDomain } from './dns-provider-domain.js';
 import { WestAccess } from './access.js';
 type westRecord = {
@@ -31,10 +31,26 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {
    //...
  }
  getDomainProvider(){
    const provider = new WestDnsProviderDomain();
    provider.access = this.access;
    provider.logger = this.logger;
    provider.ctx = this.ctx;
    provider.http = this.http;
    return provider;
  }
  /**
   * 创建dns解析记录，用于验证域名所有权
   */
  async createRecord(options: CreateRecordOptions): Promise<any> {
    if(this.access.scope === 'domain'){
      //如果是域名级别的，走老接口
      const provider = this.getDomainProvider();
      return provider.createRecord(options);
    }
    /**
     * options 参数说明
     * fullRecord: '_acme-challenge.example.com',
@@ -77,6 +93,12 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {
   * @param options
   */
  async removeRecord(options: RemoveRecordOptions<westRecord>): Promise<void> {
    if(this.access.scope === 'domain'){
      //如果是域名级别的，走老接口
      const provider = this.getDomainProvider();
      return provider.removeRecord(options as any);
    }
    const { fullRecord, value, domain } = options.recordReq;
    const record = options.recordRes;
    this.logger.info('删除域名解析：', fullRecord, value, record);
@@ -46,7 +46,7 @@ importers:
  packages/core/acme-client:
    dependencies:
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../basic
      '@peculiar/x509':
        specifier: ^1.11.0
@@ -210,10 +210,10 @@ importers:
  packages/core/pipeline:
    dependencies:
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../basic
      '@certd/plus-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../pro/plus-core
      dayjs:
        specifier: ^1.11.7
@@ -409,7 +409,7 @@ importers:
  packages/libs/lib-k8s:
    dependencies:
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@kubernetes/client-node':
        specifier: 0.21.0
@@ -449,19 +449,19 @@ importers:
  packages/libs/lib-server:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../pro/plus-core
      '@midwayjs/cache':
        specifier: 3.14.0
@@ -607,16 +607,16 @@ importers:
  packages/plugins/plugin-cert:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../plugin-lib
      '@google-cloud/publicca':
        specifier: ^1.3.0
@@ -695,10 +695,10 @@ importers:
        specifier: ^3.787.0
        version: 3.810.0(aws-crt@1.26.2)
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@kubernetes/client-node':
        specifier: 0.21.0
@@ -783,19 +783,19 @@ importers:
  packages/pro/commercial-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/lib-server':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-server
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@certd/plugin-plus':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../plugin-plus
      '@certd/plus-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../plus-core
      '@midwayjs/core':
        specifier: 3.20.11
@@ -880,22 +880,22 @@ importers:
        specifier: ^1.0.2
        version: 1.0.3
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/lib-k8s':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-k8s
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@certd/plugin-cert':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../plugins/plugin-cert
      '@certd/plugin-lib':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../plus-core
      ali-oss:
        specifier: ^6.21.0
@@ -998,7 +998,7 @@ importers:
  packages/pro/plus-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      dayjs:
        specifier: ^1.11.7
@@ -1080,20 +1080,20 @@ importers:
        specifier: ^4.1.0
        version: 4.1.0
      '@fast-crud/editor-code':
-        specifier: ^1.27.4
+        specifier: ^1.27.7
-        version: 1.27.4
+        version: 1.27.7
      '@fast-crud/fast-crud':
-        specifier: ^1.27.4
+        specifier: ^1.27.7
-        version: 1.27.4(vue@3.5.14(typescript@5.8.3))
+        version: 1.27.7(vue@3.5.14(typescript@5.8.3))
      '@fast-crud/fast-extends':
-        specifier: ^1.27.4
+        specifier: ^1.27.7
-        version: 1.27.4(aws-crt@1.26.2)(vue@3.5.14(typescript@5.8.3))
+        version: 1.27.7(aws-crt@1.26.2)(vue@3.5.14(typescript@5.8.3))
      '@fast-crud/ui-antdv4':
-        specifier: ^1.27.4
+        specifier: ^1.27.7
-        version: 1.27.4
+        version: 1.27.7
      '@fast-crud/ui-interface':
-        specifier: ^1.27.4
+        specifier: ^1.27.7
-        version: 1.27.4
+        version: 1.27.7
      '@iconify/tailwind':
        specifier: ^1.2.0
        version: 1.2.0
@@ -1294,10 +1294,10 @@ importers:
        version: 0.1.3(zod@3.24.4)
    devDependencies:
      '@certd/lib-iframe':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-iframe
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@rollup/plugin-commonjs':
        specifier: ^25.0.7
@@ -1480,46 +1480,46 @@ importers:
        specifier: ^3.705.0
        version: 3.810.0(aws-crt@1.26.2)
      '@certd/acme-client':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/basic
      '@certd/commercial-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../pro/commercial-core
      '@certd/cv4pve-api-javascript':
        specifier: ^8.4.2
        version: 8.4.2
      '@certd/jdcloud':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-jdcloud
      '@certd/lib-huawei':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-huawei
      '@certd/lib-k8s':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-k8s
      '@certd/lib-server':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/lib-server
      '@certd/midway-flyway-js':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../libs/midway-flyway-js
      '@certd/pipeline':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../core/pipeline
      '@certd/plugin-cert':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../plugins/plugin-cert
      '@certd/plugin-lib':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../plugins/plugin-lib
      '@certd/plugin-plus':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../pro/plugin-plus
      '@certd/plus-core':
-        specifier: ^1.37.10
+        specifier: ^1.37.14
        version: link:../../pro/plus-core
      '@huaweicloud/huaweicloud-sdk-cdn':
        specifier: ^3.1.120
@@ -3411,20 +3411,20 @@ packages:
    resolution: {integrity: sha512-Ys+3g2TaW7gADOJzPt83SJtCDhMjndcDMFVQ/Tj9iA1BfJzFKD9mAUXT3OenpuPHbI6P/myECxRJrofUsDx/5g==}
    engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0}
-  '@fast-crud/editor-code@1.27.4':
+  '@fast-crud/editor-code@1.27.7':
-    resolution: {integrity: sha512-syuSxpNc/So5xoGGZkiC4Iqa8MdrQpeHJRqs6/A8pRUDh9UEN1iBFm8PPxmSluHc7sFXZdt0IIRfJE6sDBhRiA==}
+    resolution: {integrity: sha512-5gDHH7+lMEQae9h2+LHWPNyS4CCbjYzO1sSKNXew/20FAtxoIXHGHsXO6XnYXO/+yi76Z0wpgKR1zwUBjtC7kA==}
-  '@fast-crud/fast-crud@1.27.4':
+  '@fast-crud/fast-crud@1.27.7':
-    resolution: {integrity: sha512-wwTqwETgcgBa8v2P/C2MGFfAxZGvAPDFiyrg3b9k+6eMePR//RbY9+M1knsTVaHTTkabAmgwZ+OnnCJzpmnK/A==}
+    resolution: {integrity: sha512-0w2xSl/tuc1uQRBKWVzZMOZrWJ6CQB2V0/Z7sKwvSpmboTAy4vqv1Pu77wVLqVQRcvf2YN4eoP5kpANoYOu7ZA==}
-  '@fast-crud/fast-extends@1.27.4':
+  '@fast-crud/fast-extends@1.27.7':
-    resolution: {integrity: sha512-GVWmwondzouPsDD2mCLmxbR7RV5Cf1pJQS0nracQZfrwKsJdNcKlIZ3F3SULklAELMtW01hFbwt7VC+ZehjvAQ==}
+    resolution: {integrity: sha512-ktsy0bZEYHRqFBb2kBFwGIG0wwI+YHgL0t7ka0SsPcS5n284cidHKfFMuli/ZvArRil5DefTFtZEjI4VLgloWg==}
-  '@fast-crud/ui-antdv4@1.27.4':
+  '@fast-crud/ui-antdv4@1.27.7':
-    resolution: {integrity: sha512-WcDYmlc06/BIpOnpfN7cZuWqW2kxZC5EfazVw1IaY+kxx3eLRdWX1dShh23oZEsKdwKwGcgY7xeiptFgEpel+Q==}
+    resolution: {integrity: sha512-Hysw+rECmgnZZENym9l46BlsT/c1uGCCjebQYZFfCFL0pyI4gLv5cdDdcwL5nB5pZZPHlmzCtCUEXGxWc+JCwg==}
-  '@fast-crud/ui-interface@1.27.4':
+  '@fast-crud/ui-interface@1.27.7':
-    resolution: {integrity: sha512-hZJiABhXOZma6kaxes9waKMdVEjaEMUtEGZ7TIXXJuExynNOMK1AVtfgACSP5uwTj8mKxUEa7iBKx2vr9EcfFA==}
+    resolution: {integrity: sha512-tcxFrdxoRkgd0TROJJEOn9BNLrE4siLli1NB+2OOVpM00Z/+tS06eaMwBnGtRau4f1o/qg0XgHJwjCHTcTCD8Q==}
  '@fidm/asn1@1.0.4':
    resolution: {integrity: sha512-esd1jyNvRb2HVaQGq2Gg8Z0kbQPXzV9Tq5Z14KNIov6KfFD6PTaRIO8UpcsYiTNzOqJpmyzWgVTrUwFV3UF4TQ==}
@@ -15325,14 +15325,14 @@ snapshots:
  '@eslint/js@8.57.0': {}
-  '@fast-crud/editor-code@1.27.4':
+  '@fast-crud/editor-code@1.27.7':
    dependencies:
      js-yaml: 4.1.0
      lodash-es: 4.17.21
      monaco-editor: 0.52.2
      monaco-yaml: 5.4.0(monaco-editor@0.52.2)
-  '@fast-crud/fast-crud@1.27.4(vue@3.5.14(typescript@5.8.3))':
+  '@fast-crud/fast-crud@1.27.7(vue@3.5.14(typescript@5.8.3))':
    dependencies:
      '@iconify/types': 2.0.0
      file-saver: 2.0.5
@@ -15342,7 +15342,7 @@ snapshots:
    transitivePeerDependencies:
      - vue
-  '@fast-crud/fast-extends@1.27.4(aws-crt@1.26.2)(vue@3.5.14(typescript@5.8.3))':
+  '@fast-crud/fast-extends@1.27.7(aws-crt@1.26.2)(vue@3.5.14(typescript@5.8.3))':
    dependencies:
      '@aws-sdk/client-s3': 3.810.0(aws-crt@1.26.2)
      '@aws-sdk/s3-request-presigner': 3.810.0
@@ -15372,9 +15372,9 @@ snapshots:
      - utf-8-validate
      - vue
-  '@fast-crud/ui-antdv4@1.27.4': {}
+  '@fast-crud/ui-antdv4@1.27.7': {}
-  '@fast-crud/ui-interface@1.27.4':
+  '@fast-crud/ui-interface@1.27.7':
    dependencies:
      lodash-es: 4.17.21
@@ -20394,13 +20394,13 @@ snapshots:
      resolve: 1.22.10
      semver: 6.3.1
-  eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8):
+  eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8):
    dependencies:
      eslint: 7.32.0
      prettier: 2.8.8
      prettier-linter-helpers: 1.0.0
    optionalDependencies:
-      eslint-config-prettier: 8.10.0(eslint@7.32.0)
+      eslint-config-prettier: 8.10.0(eslint@8.57.0)
  eslint-plugin-prettier@4.2.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@8.57.0)(prettier@2.8.8):
    dependencies:
@@ -22810,7 +22810,7 @@ snapshots:
      eslint: 7.32.0
      eslint-config-prettier: 8.10.0(eslint@7.32.0)
      eslint-plugin-node: 11.1.0(eslint@7.32.0)
-      eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8)
+      eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8)
      execa: 5.1.1
      inquirer: 7.3.3
      json5: 2.2.3
@@ -1 +1 @@
-02:32
+01:01
@@ -1 +1 @@
-02:53
+10:09
Author	SHA1	Message	Date
xiaojunnuo	f2e4e59f8d	v1.37.15	2025-12-07 00:58:12 +08:00
xiaojunnuo	898205b5b1	build: prepare to build	2025-12-07 00:56:13 +08:00
xiaojunnuo	8ec6862861	chore: 升级fs	2025-12-07 00:56:06 +08:00
xiaojunnuo	c3ba6322d8	build: prepare to build	2025-12-07 00:55:38 +08:00
xiaojunnuo	e589828425	build: prepare to build	2025-12-07 00:47:24 +08:00
xiaojunnuo	c909aa161b	chore: webhook修改为隐藏变量，避免别人fork后触发我的流水线	2025-12-07 00:18:05 +08:00
xiaojunnuo	5cee7d44f1	perf: 第三方登录支持gitee	2025-12-06 17:25:02 +08:00
xiaojunnuo	973b323a99	docs: 优化教程	2025-12-06 16:24:19 +08:00
xiaojunnuo	d55954a363	perf: 支持k8s apply	2025-12-05 02:05:27 +08:00
xiaojunnuo	adca151e4f	perf: 邮件模版安全优化	2025-12-05 00:45:56 +08:00
xiaojunnuo	43513049be	perf: 支持部署到中国移动CDN	2025-12-04 00:46:25 +08:00
xiaojunnuo	a5ca41131b	fix: oidc 支持nonce	2025-12-03 22:00:35 +08:00
xiaojunnuo	2ea3810980	build: release	2025-12-03 10:09:24 +08:00
xiaojunnuo	c9cb54e8b2	build: release	2025-12-03 07:34:48 +08:00
xiaojunnuo	23dd3db50b	build: publish	2025-12-03 01:01:31 +08:00
xiaojunnuo	179c46914d	build: trigger build image	2025-12-03 01:01:20 +08:00
xiaojunnuo	ddb18e6c21	v1.37.14	2025-12-03 00:59:54 +08:00
xiaojunnuo	d2e147ba51	build: prepare to build	2025-12-03 00:57:50 +08:00
xiaojunnuo	b63033f846	build: release	2025-12-03 00:57:37 +08:00
xiaojunnuo	677e1101e6	fix: 修复注销登录时，第三方登录注销请求失败的报错	2025-12-03 00:57:17 +08:00
xiaojunnuo	3abc2ccfbb	build: 1	2025-12-03 00:48:21 +08:00
xiaojunnuo	827d28f1cd	build: publish	2025-12-03 00:41:16 +08:00
xiaojunnuo	59d12a1bbe	build: trigger build image	2025-12-03 00:40:59 +08:00
xiaojunnuo	8134172301	v1.37.13	2025-12-03 00:39:32 +08:00
xiaojunnuo	8d983aa561	build: prepare to build	2025-12-03 00:36:47 +08:00
xiaojunnuo	bb3085ef84	perf: 第三方登录允许选择logo	2025-12-03 00:35:17 +08:00
xiaojunnuo	78b1650bdb	fix: 修复西部数据返回信息乱码问题	2025-12-02 16:37:26 +08:00
xiaojunnuo	5edc72d475	fix: 修复西部数码使用域名级别的key申请证书失败的问题	2025-12-02 16:11:33 +08:00
xiaojunnuo	1df32c9dfa	docs: 阿里云超时配置	2025-12-01 19:10:47 +08:00
xiaojunnuo	bedb1ff7f9	docs: 流水线有效期	2025-12-01 11:48:57 +08:00
xiaojunnuo	fbf12f16b5	perf: 支持OIDC单点登录	2025-12-01 00:40:46 +08:00
		`@@ -0,0 +1,2 @@`
							`export * from './access.js'`
							`export * from './plugin-deploy-to-cdn.js'`