From 472e580a2525c96205502d48c6df01e0fb773bf9 Mon Sep 17 00:00:00 2001
From: bwcx_jzy <bwcx_jzy@163.com>
Date: Mon, 27 Mar 2023 20:29:03 +0800
Subject: [PATCH] =?UTF-8?q?fix=20=E5=85=BC=E5=AE=B9=20oauth2=20=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E6=B2=A1=E6=9C=89=20state=20=E5=9C=BA=E6=99=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CHANGELOG.md                                         |  1 +
 PLANS.md                                             |  2 +-
 .../main/java/io/jpom/controller/LoginControl.java   | 12 ++++++++++--
 web-vue/src/pages/ssh/ssh-file.vue                   |  2 +-
 4 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index cb6f9cd71..39db6e09f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 
 1. 【server】优化 删除管理脚本中的 `-XX:+AggressiveOpts` 参数
    （感谢 [@牛孝祖](https://gitee.com/niuxiaozu) [Gitee issues I6PUNM](https://gitee.com/dromara/Jpom/issues/I6PUNM) ）
+2. 【server】修复 兼容 oauth2 登录没有 state 场景（感谢@酱总）
 
 ------
 
diff --git a/PLANS.md b/PLANS.md
index fa17fe3bf..9e4a4bdac 100644
--- a/PLANS.md
+++ b/PLANS.md
@@ -30,7 +30,7 @@
 19. 前端表格用户自定义列显示
 20. 导入云效仓库
 21. 清理触发器表
-22. 稳定版/体验版
+22. ~~稳定版/体验版~~
 23. 插件端自定义发布文件
 24. 节点取消，白名单配置和下载白名单（统一到服务端工作空间配置）
 25. 仓库、构建、分发、项目导入导出
diff --git a/modules/server/src/main/java/io/jpom/controller/LoginControl.java b/modules/server/src/main/java/io/jpom/controller/LoginControl.java
index 09bad3f6f..5a50a566e 100644
--- a/modules/server/src/main/java/io/jpom/controller/LoginControl.java
+++ b/modules/server/src/main/java/io/jpom/controller/LoginControl.java
@@ -247,7 +247,7 @@ public class LoginControl extends BaseServerController {
      */
     @GetMapping(value = "oauth2-url")
     @NotLogin
-    public JsonMessage<JSONObject> oauth2Login(HttpServletRequest request) {
+    public JsonMessage<JSONObject> oauth2LoginUrl(HttpServletRequest request) {
         String authorize = oauth2CustomAuthSource.getAuthOauth2Request().authorize(null);
         JSONObject jsonObject = new JSONObject();
         jsonObject.put("toUrl", authorize);
@@ -269,7 +269,15 @@ public class LoginControl extends BaseServerController {
                                               HttpServletRequest request) {
         AuthCallback authCallback = new AuthCallback();
         authCallback.setCode(code);
-        authCallback.setState(state);
+        if (StrUtil.isEmpty(state)) {
+            // 临时兼容没有 state 的情况
+            String uuid = IdUtil.fastSimpleUUID();
+            oauth2CustomAuthSource.getAuthOauth2Request().authorize(uuid);
+            authCallback.setState(uuid);
+        } else {
+            authCallback.setState(state);
+        }
+
         AuthResponse<?> authResponse = oauth2CustomAuthSource.getAuthOauth2Request().login(authCallback);
         if (authResponse.ok()) {
             AuthUser authUser = (AuthUser) authResponse.getData();
diff --git a/web-vue/src/pages/ssh/ssh-file.vue b/web-vue/src/pages/ssh/ssh-file.vue
index 028e42cc4..dbdec78be 100644
--- a/web-vue/src/pages/ssh/ssh-file.vue
+++ b/web-vue/src/pages/ssh/ssh-file.vue
@@ -16,7 +16,7 @@
         <template slot="title">
           <a-space>
             <a-dropdown :disabled="!this.tempNode.nextPath">
-              <a-button size="small" type="primary" @click="(e) => e.preventDefault()">上传</a-button>
+              <a-button size="small" type="primary" @click="(e) => e.preventDefault()">上传小文件</a-button>
               <a-menu slot="overlay">
                 <a-menu-item @click="handleUpload">
                   <a-space><a-icon type="file-add" />上传文件</a-space>