back_url base64

app/controllers/oauth_controller.rb

@@ -4,7 +4,7 @@ class OauthController < ApplicationController
   include ApplicationHelper
 
   before_filter :user_setup
-  before_filter :require_login, only: [:authorize,:token]
+  before_filter :require_login, only: [:authorize, :token]
 
 
   skip_before_filter :verify_authenticity_token, only: [:token]
@@ -31,34 +31,37 @@ class OauthController < ApplicationController
   # code：表示授权码，必选项。该码的有效期应该很短，通常设为10分钟，客户端只能使用该码一次， 否则会被授权服务器拒绝。该码与客户端ID和重定向URI，是一一对应关系。
   # state：如果客户端的请求中包含这个参数，认证服务器的回应也必须一模一样包含这个参数。
   def authorize
+    begin
 
-    #参数检查
-    raise "response_type只能为code" unless params["response_type"] != "code"
-    raise "client_id为必传项" unless params["client_id"].present?
-    raise "redirect_uri为必传项" unless params["redirect_uri"].present?
+      #参数检查
+      raise "response_type只能为code" unless params["response_type"] == "code"
+      raise "client_id为必传项" unless params["client_id"].present?
+      raise "redirect_uri为必传项" unless params["redirect_uri"].present?
 
 
-    config = OauthConfig.where(client_id: params["client_id"], redirect_uri: params["redirect_uri"]).first
-    raise "client_id或redirect_uri不正确" unless config
+      config = OauthConfig.where(client_id: params["client_id"], redirect_uri: params["redirect_uri"]).first
+      raise "client_id或redirect_uri不正确" unless config
 
 
-    @data = params
+      @data = params
 
-    if params[:gen_code]
-      ## 检查通过，生成code
-      oauth = Oauth.create!(client_id: config.client_id,
-                            client_secret: config.client_secret,
-                            redirect_uri: config.redirect_uri
-      )
-      code = oauth.gen_code
+      if params[:gen_code]
+        ## 检查通过，生成code
+        oauth = Oauth.create!(client_id: config.client_id,
+                              client_secret: config.client_secret,
+                              redirect_uri: config.redirect_uri
+        )
+        code = oauth.gen_code
 
-      redirect_to params["redirect_uri"] + "?code=#{code}&state=#{params[:state]}"
-    end
-    respond_to do |format|
-      format.html {
-        render :layout => 'base_authorize_oschina'
-      }
+        redirect_to params["redirect_uri"] + "?code=#{code}&state=#{params[:state]}"
+      end
+
+      render 'oauth/authorize', :layout => 'base_authorize_oschina'
+    rescue => e
+      logger.error e
+      render :text => e.message
     end
+
   end
 
   def test_callback
@@ -92,35 +95,40 @@ class OauthController < ApplicationController
   # refresh_token：表示更新令牌，用来获取下一次的访问令牌，可选项。
   # scope：表示权限范围，如果与客户端申请的范围一致，此项可省略。
   def token
+    begin
+      res = {}
+      if params[:grant_type] == 'authorization_code'
 
-    res = {}
-    if params[:grant_type] == 'authorization_code'
+        raise "code必传" unless params["code"]
+        raise "client_id必传" unless params["client_id"]
+        raise "client_secret必传" unless params["client_secret"]
 
-      raise "code必传" unless params["code"]
-      raise "client_id必传" unless params["client_id"]
-      raise "client_secret必传" unless params["client_secret"]
+        raise "code错误或已超时" unless Oauth.code_valid?(params["code"])
 
-      raise "code错误或已超时" unless Oauth.code_valid?(params["code"])
+        oauth = Oauth.auth_code(params["code"], params["client_id"], params["client_secret"])
+        raise "认证不通过" unless oauth
 
-      oauth = Oauth.auth_code(params["code"], params["client_id"], params["client_secret"])
-      raise "认证不通过" unless oauth
+        ## 生成 token
+        #
+        oauth.gen_token(User.current.id)
 
-      ## 生成 token
-      #
-      oauth.gen_token(User.current.id)
+        oauth.reload
 
-      oauth.reload
+        res = {
+            access_token: oauth.access_token,
+            token_type: 'bearer',
+            expires_in: oauth.token_expires_in,
+            refresh_token: oauth.refresh_token
+        }
 
-      res = {
-          access_token: oauth.access_token,
-          token_type: 'bearer',
-          expires_in: oauth.token_expires_in,
-          refresh_token: oauth.refresh_token
-      }
+      end
 
+      render json: res.to_json
+
+    rescue => e
+      logger.error e
+      render text: e.message
     end
-
-    render json: res.to_json
   end
 
 
@@ -132,7 +140,7 @@ class OauthController < ApplicationController
       user_info = {
           token: user.id,
           login: user.login,
-          avatar_url: "/images/"+url_to_avatar(user),
+          avatar_url: "/images/" + url_to_avatar(user),
           name: user.show_name,
           email: user.mail
       }
@@ -143,10 +151,11 @@ class OauthController < ApplicationController
 
 
   private
+
   def require_login
     require "base64"
     if !User.current.logged?
-      redirect_to '/login?back_url64='+Base64.urlsafe_encode64(request.original_url)
+      redirect_to '/login?back_url64=' + Base64.urlsafe_encode64(request.original_url)
     end
   end
 

app/helpers/application_helper.rb

@@ -2171,6 +2171,12 @@ module ApplicationHelper
     hidden_field_tag('back_url', url, :id => nil) unless url.blank?
   end
 
+
+  def back_url64_hidden_field_tag
+    url = params[:back_url64]
+    hidden_field_tag('back_url64', url, :id => nil) unless url.blank?
+  end
+
   def check_all_links(form_name)
     link_to_function_none(l(:button_check_all), "checkAll('#{form_name}', true)") + " ".html_safe + " | "+ " ".html_safe +
     link_to_function_none(l(:button_uncheck_all), "checkAll('#{form_name}', false)")

app/views/account/login.html.erb

@@ -145,6 +145,7 @@
       <div class="new_login_form">
         <%= form_tag(signin_path,:id=>'main_login_form',:method=>'post') do %>
             <%= back_url_hidden_field_tag %>
+            <%= back_url64_hidden_field_tag %>
             <ul>
               <li class="new_loggin_users">
                 <%= text_field_tag 'username', params[:username], :tabindex => '1', :class=>'new_loggin_input',:placeholder=>'请输入邮箱地址或登录名', :onkeypress => "user_name_keypress(event);"%>