From 007a712500b30d819ab6201eff4cd7ad1be5898a Mon Sep 17 00:00:00 2001 From: Hu Gang <18768366022@163.com> Date: Tue, 19 Nov 2024 10:17:52 +0800 Subject: [PATCH] add form validation --- 0005-change-login-authorization-url.patch | 53 ++++++ ...-validation-when-submitting-the-form.patch | 157 ++++++++++++++++++ 0007-update-authhub-yml.patch | 32 ++++ authHub.spec | 10 +- 4 files changed, 251 insertions(+), 1 deletion(-) create mode 100644 0005-change-login-authorization-url.patch create mode 100644 0006-add-field-validation-when-submitting-the-form.patch create mode 100644 0007-update-authhub-yml.patch diff --git a/0005-change-login-authorization-url.patch b/0005-change-login-authorization-url.patch new file mode 100644 index 0000000..e2ec394 --- /dev/null +++ b/0005-change-login-authorization-url.patch @@ -0,0 +1,53 @@ +From 0db4bdfcc43a32948f53c4599e0f7dc74f1d7fee Mon Sep 17 00:00:00 2001 +From: hugang <18768366022@163.com> +Date: Sat, 26 Oct 2024 14:59:28 +0800 +Subject: [PATCH] change login authorization url + +--- + oauth2_provider/app/views/oauth2.py | 2 +- + oauth2_web/.gitignore | 4 +++- + oauth2_web/src/views/Login.vue | 4 +++- + 3 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/oauth2_provider/app/views/oauth2.py b/oauth2_provider/app/views/oauth2.py +index 8e7bb98..ec44a13 100644 +--- a/oauth2_provider/app/views/oauth2.py ++++ b/oauth2_provider/app/views/oauth2.py +@@ -129,7 +129,7 @@ class OauthorizeView(BaseResponse, OAuth2): + redirect_url = ( + (request.args.get('redirect_to_url') or self.login_uri) + + "?authorization_uri=" +- + quote(auth_request.uri) ++ + quote(request.full_path) + ) + if not self._validate_token(request.cookies.get('Authorization')): + raise InvalidTokenError("Invalid token") +diff --git a/oauth2_web/.gitignore b/oauth2_web/.gitignore +index e83bf3e..5493dd1 100644 +--- a/oauth2_web/.gitignore ++++ b/oauth2_web/.gitignore +@@ -1,2 +1,4 @@ + pnpm-lock.yaml +-node_modules +\ No newline at end of file ++node_modules ++ ++dist +diff --git a/oauth2_web/src/views/Login.vue b/oauth2_web/src/views/Login.vue +index 7e88371..42e7a51 100644 +--- a/oauth2_web/src/views/Login.vue ++++ b/oauth2_web/src/views/Login.vue +@@ -80,7 +80,9 @@ async function login() { + } else { + const [_, res] = await api.login(form) + if (res) { +- window.location.href = authorizationUri as any ++ const url = new URL(window.location.href) ++ const authUrl = `${url.origin}${authorizationUri}` ++ window.location.href = authUrl + } + } + isSubmiting.value = false +-- +2.33.0 + diff --git a/0006-add-field-validation-when-submitting-the-form.patch b/0006-add-field-validation-when-submitting-the-form.patch new file mode 100644 index 0000000..bc9636d --- /dev/null +++ b/0006-add-field-validation-when-submitting-the-form.patch @@ -0,0 +1,157 @@ +From a3871e75d3d098c7204cd29f35d21845c206465c Mon Sep 17 00:00:00 2001 +From: Hu Gang <18768366022@163.com> +Date: Thu, 14 Nov 2024 19:46:11 +0800 +Subject: [PATCH] Add field validation when submitting the form + +--- + oauth2_web/src/views/ApplicationConf.vue | 51 ++++++++++++++++++++++-- + oauth2_web/src/views/NewApplication.vue | 39 ++++++++++++------ + 2 files changed, 75 insertions(+), 15 deletions(-) + +diff --git a/oauth2_web/src/views/ApplicationConf.vue b/oauth2_web/src/views/ApplicationConf.vue +index cf87919..c7377f2 100644 +--- a/oauth2_web/src/views/ApplicationConf.vue ++++ b/oauth2_web/src/views/ApplicationConf.vue +@@ -41,11 +41,55 @@ const originForm = reactive
({ + }) + + const rules = reactive>({ +- clientName: [{ required: true, message: '请输入应用名称', trigger: 'blur' }], +- clientUri: [{ required: true, message: '请输入应用地址', trigger: 'blur' }], +- redirectUris: [{ required: true, message: '请输入应用回调地址', trigger: 'blur' }], ++ clientName: [{ validator: validateClientName, trigger: 'blur' }], ++ clientUri: [{ validator: validateClientUri, trigger: 'blur' }], ++ redirectUris: [{ validator: validateRedirectUris, trigger: 'blur' }], ++ registerCallbackUris: [{ validator: validateCallbackUris, trigger: 'blur' }], ++ logoutCallbackUris: [{ required: false }, { validator: validateCallbackUris, trigger: 'blur' }], + }) + ++const URL_REGEX = ++ /^(((ht|f)tps?):\/\/)([^!@#$%^&*?.\s-]([^!@#$%^&*?.\s]{0,63}[^!@#$%^&*?.\s])?\.)+([a-z]{2,6})?\/?/ ++ ++function validateClientName(_rule: any, value: any, callback: any): void { ++ const regex = /^.{5,20}$/i ++ if (!regex.test(value)) { ++ callback(new Error('应用名称长度必须在5-20之间!')) ++ } ++ callback() ++} ++ ++function validateClientUri(_rule: any, value: any, callback: any): void { ++ if (!URL_REGEX.test(value)) { ++ callback(new Error('请输入正确的url!')) ++ } ++ callback() ++} ++ ++function validateCallbackUris(_rule: any, value: any, callback: any): void { ++ if (value === '') { ++ callback() ++ return ++ } ++ const urlList = value.split(',') ++ const isRegex = urlList.some((url) => !URL_REGEX.test(url)) ++ if (isRegex) { ++ callback(new Error('请输入正确的url!')) ++ return ++ } ++ callback() ++} ++ ++function validateRedirectUris(_rule: any, value: any, callback: any): void { ++ const urlList = value.split(',') ++ const isRegex = urlList.some((url) => !URL_REGEX.test(url)) ++ if (isRegex) { ++ callback(new Error('请输入正确的url!')) ++ return ++ } ++ callback() ++} ++ + const clientSecret = computed(() => { + if (!props.application) return '' + return isHideClientSecret.value +@@ -258,3 +302,4 @@ watch( + } + } + ++ +diff --git a/oauth2_web/src/views/NewApplication.vue b/oauth2_web/src/views/NewApplication.vue +index 9d40464..a89a6db 100644 +--- a/oauth2_web/src/views/NewApplication.vue ++++ b/oauth2_web/src/views/NewApplication.vue +@@ -49,14 +49,32 @@ const form = reactive({ + }) + + const rules = reactive>({ +- clientName: [{ required: true, message: '请输入应用名称', trigger: 'blur' }], +- clientUri: [{ required: true, message: '请输入应用地址', trigger: 'blur' }], +- redirectUris: [{ required: true, message: '请输入应用回调地址', trigger: 'blur' }], ++ clientName: [{ validator: validateClientName, trigger: 'blur' }], ++ clientUri: [{ validator: validateRedirectUris, trigger: 'blur' }], ++ redirectUris: [{ validator: validateRedirectUris, trigger: 'blur' }], + }) + +-const isSubmiting = ref(false) ++function validateClientName(_rule: any, value: any, callback: any): void { ++ const regex = /^.{5,20}$/i ++ if (!regex.test(value)) { ++ callback(new Error('应用名称长度必须在5-20之间!')) ++ } ++ callback() ++} ++ ++function validateRedirectUris(_rule: any, value: any, callback: any): void { ++ const regex = ++ /^(((ht|f)tps?):\/\/)([^!@#$%^&*?.\s-]([^!@#$%^&*?.\s]{0,63}[^!@#$%^&*?.\s])?\.)+([a-z]{2,6})?\/?/ ++ console.log(regex.test(value)) ++ if (!regex.test(value)) { ++ callback(new Error('请输入正确的url!')) ++ } ++ callback() ++} ++ ++const isSubmitting = ref(false) + async function generateApplication() { +- isSubmiting.value = true ++ isSubmitting.value = true + const { + clientName, + clientUri, +@@ -86,7 +104,7 @@ async function generateApplication() { + emits('success') + emits('update:visible', false) + } +- isSubmiting.value = false ++ isSubmitting.value = false + } + + async function handleSubmit() { +@@ -119,11 +137,7 @@ function handleClose() { + + + +- ++ + + + +@@ -132,9 +146,10 @@ function handleClose() { + + + + ++ +-- +2.33.0 + diff --git a/0007-update-authhub-yml.patch b/0007-update-authhub-yml.patch new file mode 100644 index 0000000..de19fbe --- /dev/null +++ b/0007-update-authhub-yml.patch @@ -0,0 +1,32 @@ +From 50bf219ee10cb5c9359db57b9788a3f35008363c Mon Sep 17 00:00:00 2001 +From: Hu Gang <18768366022@163.com> +Date: Tue, 19 Nov 2024 19:36:05 +0800 +Subject: [PATCH] update authhub.yml + +--- + authhub.yml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/authhub.yml b/authhub.yml +index 91d2bf7..9b70a0e 100644 +--- a/authhub.yml ++++ b/authhub.yml +@@ -2,11 +2,11 @@ uwsgi: + port: 11120 + daemonize: /var/log/oauth2/uwsgi/oauthhub.log + processes: 1 ++ buffer_size: 32768 + mysql: + host: 127.0.0.1 + port: 3306 + username: root + pool_size: 100 + pool_recycle: 7200 +- database: oauth2 +- username: root +\ No newline at end of file ++ database: oauth2 +\ No newline at end of file +-- +2.33.0 + diff --git a/authHub.spec b/authHub.spec index b8dab57..c593944 100644 --- a/authHub.spec +++ b/authHub.spec @@ -1,6 +1,6 @@ Name: authHub Version: v1.0.0 -Release: 5 +Release: 6 Summary: Authentication authority based on oauth2 License: MulanPSL2 URL: https://gitee.com/openeuler/%{name} @@ -10,6 +10,9 @@ Patch0001: 0001-change-authhub-web-service-file-directory.patch Patch0002: 0002-fix-the-router-redirect-error.patch Patch0003: 0003-fix-logout-register-error.patch Patch0004: 0004-supplementary-verify-token.patch +Patch0005: 0005-change-login-authorization-url.patch +Patch0006: 0006-add-field-validation-when-submitting-the-form.patch +Patch0007: 0007-update-authhub-yml.patch BuildRequires: python3-setuptools Requires: aops-vulcanus >= v2.1.0 python3-Authlib aops-zeus >= v2.1.0 python3-Flask-SQLAlchemy @@ -66,6 +69,11 @@ popd %attr(0755,root,root) %{_sysconfdir}/nginx/conf.d/* %changelog +* Tue Nov 19 2024 Hu gang<18768366022@163.com> - v1.0.0-6 +- Add field validation when submitting the form +- Solve the problem of not being able to obtain the accurate domain name after deploying the forwarding address +- Set uwsgi buffer-size to 32k to solve the problem of parameters being truncated due to large size + * Tue Sep 24 2024 luxuexian - v1.0.0-5 - Supplementary verify token