From 7c22e73f6695f95ffe75a675d13f706bc484c543 Mon Sep 17 00:00:00 2001
From: wanglei <34475144@qq.com>
Date: Fri, 21 Nov 2025 11:30:30 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9oauth2.0=E4=B8=ADauthorize?=
 =?UTF-8?q?=E8=AE=A4=E8=AF=81=E6=8E=A5=E5=8F=A3=E9=94=99=E8=AF=AF=E9=97=AE?=
 =?UTF-8?q?=E9=A2=98=EF=BC=8C=E5=A2=9E=E5=8A=A0=E7=94=9F=E6=88=90=E9=AA=8C?=
 =?UTF-8?q?=E8=AF=81=E7=A0=81=E5=9B=BE=E6=A0=87=E6=B5=8B=E8=AF=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/api/oauth/oauth.lua        |  6 ------
 src/dao/system/application.lua |  5 ++++-
 src/service/oauth/oauth.lua    |  8 ++++----
 src/test/test.lua              | 29 +++++++++++++++--------------
 src/util/generatechaptcha.lua  |  3 +--
 5 files changed, 24 insertions(+), 27 deletions(-)

diff --git a/src/api/oauth/oauth.lua b/src/api/oauth/oauth.lua
index 49effb4..d89d8b3 100644
--- a/src/api/oauth/oauth.lua
+++ b/src/api/oauth/oauth.lua
@@ -13,12 +13,6 @@ local routes = {
     --------------------------------------------
     ------------ OIDC OAuth2.0认证相关路由配置 ---
     --------------------------------------------
-    --OP端点配置
-    {
-        paths = { "/yum/v1/.well-known/openid-configuration" },
-        methods = { "GET", "POST" },
-        handler = oauthService.openidConfig,
-    },
     --获取授权码
     {
         paths = { "/yum/v1/oauth/v2/authorize" },
diff --git a/src/dao/system/application.lua b/src/dao/system/application.lua
index e52ab36..a11c850 100644
--- a/src/dao/system/application.lua
+++ b/src/dao/system/application.lua
@@ -100,7 +100,10 @@ end
 --根据客户端id和重定向地址获取应用程序
 function _M.getApplicationByClientId(client_id, redirect_uri)
     --print("getApplicationByClientId client_id:", client_id, " redirect_uri:", redirect_uri)
-    return applicationModel:where('app_id', '=', client_id):where('redirect_uris', '=', redirect_uri):get()
+    if redirect_uri == nil then
+        return applicationModel:where('client_id', '=', client_id):get()
+    end
+    return applicationModel:where('client_id', '=', client_id):where('redirect_uri', '=', redirect_uri):get()
 end
 
 function _M.getApplicationByUserid(user_id, client_id, client_secret)
diff --git a/src/service/oauth/oauth.lua b/src/service/oauth/oauth.lua
index fd9b84b..bb6b19b 100644
--- a/src/service/oauth/oauth.lua
+++ b/src/service/oauth/oauth.lua
@@ -45,18 +45,18 @@ function _M:authorize()
     local ok = validator.validateAuthorize(args)
     --验证失败则返回
     if not ok then
-        return ngx.exit(ngx.HTTP_BAD_REQUEST)
+        ngx.exit(ngx.HTTP_BAD_REQUEST)
     end
     -- 校验 response_type 必须为 "code"（授权码模式）
     if args.response_type ~= "code" then
-        return ngx.exit(ngx.HTTP_BAD_REQUEST)
+        ngx.exit(ngx.HTTP_BAD_REQUEST)
     end
     -- 1、校验客户端id和redirect_uri是否存在数据库
     local client_id = args.client_id
     local redirect_uri = args.redirect_uri
     local code, res = oauthDao.getApplicationBy(client_id)
     if code ~= 0 or not res then
-        return ngx.exit(ngx.HTTP_UNAUTHORIZED)
+        ngx.exit(ngx.HTTP_UNAUTHORIZED)
     end
     --判断redirect_uri是否在重定向组里面
     local redirect_uris = res[1].redirect_uri
@@ -75,7 +75,7 @@ function _M:authorize()
         --local login_url = "/login?redirect=" .. ngx.escape_uri(ngx.var.request_uri)
         --print("authorize login_url:", login_url)
         --ngx.redirect(login_url)
-        resp:response(ngx.HTTP_MOVED_TEMPORARILY, login_url)
+        resp:response(status.USER_NOT_LOGIN)
         return
     end
     -- 4. 生成授权码（随机字符串，确保唯一性）（用户ID、客户端ID、scope、生成时间）
diff --git a/src/test/test.lua b/src/test/test.lua
index 34126de..14eac2c 100644
--- a/src/test/test.lua
+++ b/src/test/test.lua
@@ -38,20 +38,19 @@ if not ok then
 end
 
 function enabled(res, desc)
-  local str = "    " .. desc .. " "
-  str = str .. string.rep(".", 37 - string.len(str))
-  if res then
-    print(str .. " Enabled")
-  else
-    print(str .. " Disabled")
-  end
+    local str = "    " .. desc .. " "
+    str = str .. string.rep(".", 37 - string.len(str))
+    if res then
+        ngx.say(str .. " Enabled")
+    else
+        ngx.say(str .. " Disabled")
+    end
 end
 
-print("Lua-GD version: " .. gd.VERSION)
-print("Lua-GD features:")
+ngx.say("Lua-GD version: " .. gd.VERSION)
+ngx.say("Lua-GD features:")
 
 --[[
-local gd = require("gd")
 local iSeed = os.time() + os.clock() * 10000
 math.randomseed(iSeed)
 
@@ -83,7 +82,10 @@ print("")
 io.write(im:pngStr())
 --]]
 
---[[
+local uuid = require("util.uuid")
+local uid = uuid.generateUuid()
+ngx.say("uuid:"..uid)
+
 local genpic = require("util.generatechaptcha")
 local filename, fp = genpic.getChaptcha()
 --redis中添加picgid为key,string为value的记录
@@ -95,9 +97,8 @@ ngx.header.picgid = filename
 --页面返回pic
 ngx.say(fp)
 --nginx退出
-ngx.exit(200)
---]]
-do return end
+--ngx.exit(200)
+--do return end
 
 --local openssl = require("openssl")
 --
diff --git a/src/util/generatechaptcha.lua b/src/util/generatechaptcha.lua
index f3891a2..4819734 100644
--- a/src/util/generatechaptcha.lua
+++ b/src/util/generatechaptcha.lua
@@ -19,10 +19,9 @@ function _M.getChaptcha()
     end
 
     --图片基本info
-
     local uid = uuid.generateUuid()
     --picgid
-    local filename = "1"..uuid..".png"
+    local filename = "1"..uid..".png"
     --图片78x26
     local xsize = 78
     local ysize = 26