From 34a6d101d345c4bdb0dd55abd22b3ee7aa66a2f5 Mon Sep 17 00:00:00 2001 From: colin Date: Sat, 7 Jun 2025 18:15:30 +0800 Subject: [PATCH] feat(vben5): disabling PKCE is allowed - add `VITE_GLOB_DISABLE_PKCE` env key - set the `disablePKCE` value in `UserManager` - disable hash mode routing --- apps/vben5/apps/app-antd/.env.production | 15 ++++++++++++++- apps/vben5/apps/app-antd/src/auth/authService.ts | 7 +++---- .../packages/effects/hooks/src/use-app-config.ts | 2 ++ apps/vben5/packages/types/global.d.ts | 2 ++ 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/apps/vben5/apps/app-antd/.env.production b/apps/vben5/apps/app-antd/.env.production index 5375847a6..40c957808 100644 --- a/apps/vben5/apps/app-antd/.env.production +++ b/apps/vben5/apps/app-antd/.env.production @@ -10,10 +10,23 @@ VITE_COMPRESS=none VITE_PWA=false # vue-router 的模式 -VITE_ROUTER_HISTORY=hash +# oauth2.0协议要求回调必须是完整的url +# VITE_ROUTER_HISTORY=hash # 是否注入全局loading VITE_INJECT_APP_LOADING=true # 打包后是否生成dist.zip VITE_ARCHIVER=true + +# 是否仅允许OIDC登录 +VITE_GLOB_ONLY_OIDC=false + +# 认证服务器 +VITE_GLOB_AUTHORITY="http://127.0.0.1:30001" + +# 授权范围 +VITE_GLOB_AUDIENCE="openid email address phone profile offline_access lingyun-abp-application" + +# 客户端Id +VITE_GLOB_CLIENT_ID=vue-oauth-client diff --git a/apps/vben5/apps/app-antd/src/auth/authService.ts b/apps/vben5/apps/app-antd/src/auth/authService.ts index 110620bcd..aaeaa626b 100644 --- a/apps/vben5/apps/app-antd/src/auth/authService.ts +++ b/apps/vben5/apps/app-antd/src/auth/authService.ts @@ -2,10 +2,8 @@ import { useAppConfig } from '@vben/hooks'; import { UserManager, WebStorageStateStore } from 'oidc-client-ts'; -const { authority, audience, clientId, clientSecret } = useAppConfig( - import.meta.env, - import.meta.env.PROD, -); +const { authority, audience, clientId, clientSecret, disablePKCE } = + useAppConfig(import.meta.env, import.meta.env.PROD); const userManager = new UserManager({ authority, @@ -19,6 +17,7 @@ const userManager = new UserManager({ automaticSilentRenew: true, loadUserInfo: true, userStore: new WebStorageStateStore({ store: window.localStorage }), + disablePKCE, }); export default { diff --git a/apps/vben5/packages/effects/hooks/src/use-app-config.ts b/apps/vben5/packages/effects/hooks/src/use-app-config.ts index 5dd2ccba2..5d2a1ae5d 100644 --- a/apps/vben5/packages/effects/hooks/src/use-app-config.ts +++ b/apps/vben5/packages/effects/hooks/src/use-app-config.ts @@ -22,6 +22,7 @@ export function useAppConfig( VITE_GLOB_CLIENT_ID, VITE_GLOB_CLIENT_SECRET, VITE_GLOB_ONLY_OIDC, + VITE_GLOB_DISABLE_PKCE, VITE_GLOB_UI_FRAMEWORK, } = config; @@ -32,6 +33,7 @@ export function useAppConfig( clientId: VITE_GLOB_CLIENT_ID, clientSecret: VITE_GLOB_CLIENT_SECRET, onlyOidc: VITE_GLOB_ONLY_OIDC === 'true', + disablePKCE: VITE_GLOB_DISABLE_PKCE === 'true', uiFramework: VITE_GLOB_UI_FRAMEWORK, }; } diff --git a/apps/vben5/packages/types/global.d.ts b/apps/vben5/packages/types/global.d.ts index 7390a53fa..1effbc506 100644 --- a/apps/vben5/packages/types/global.d.ts +++ b/apps/vben5/packages/types/global.d.ts @@ -14,6 +14,7 @@ export interface VbenAdminProAppConfigRaw { VITE_GLOB_AUTHORITY: string; VITE_GLOB_AUDIENCE?: string; VITE_GLOB_ONLY_OIDC?: string; + VITE_GLOB_DISABLE_PKCE?: string; VITE_GLOB_UI_FRAMEWORK: string; } @@ -24,6 +25,7 @@ export interface ApplicationConfig { clientId: string; clientSecret: string; onlyOidc?: boolean; + disablePKCE?: boolean; uiFramework: string; }