|
|
@@ -718,12 +718,17 @@ def sso_login(
|
|
|
return {"redirect_url": full_redirect_url}
|
|
|
|
|
|
if app.protocol_type == "OIDC":
|
|
|
- # 5.2 OIDC: 直接跳转到回调地址
|
|
|
+ # 5.2 OIDC: 直接跳转到回调地址(只保留到端口为止,去掉路径部分)
|
|
|
+ # 例如:https://api.hnyunzhu.com:9003/oauth_callback -> https://api.hnyunzhu.com:9003
|
|
|
+ parsed_uri = urlparse(redirect_base)
|
|
|
+ # 只保留 scheme 和 netloc(包含端口),去掉 path、params、query、fragment
|
|
|
+ redirect_url = f"{parsed_uri.scheme}://{parsed_uri.netloc}"
|
|
|
+
|
|
|
LoginLogService.create_log(db, log_create)
|
|
|
logger.info(
|
|
|
- f"OIDC SSO 登录成功: 用户 {user.mobile} 将跳转到回调地址 (App: {req.app_id})"
|
|
|
+ f"OIDC SSO 登录成功: 用户 {user.mobile} 将跳转到回调地址 (App: {req.app_id}, URL: {redirect_url})"
|
|
|
)
|
|
|
- return {"redirect_url": redirect_base}
|
|
|
+ return {"redirect_url": redirect_url}
|
|
|
|
|
|
# 理论上不会走到这里,防御性返回
|
|
|
logger.error(
|
liuq