From 708cc1f77b2e10ca14d3c882dd284bc91d935d6c Mon Sep 17 00:00:00 2001
From: shiziyuan9527 <yuhao.li@fit2cloud.com>
Date: Tue, 6 Dec 2022 15:28:34 +0800
Subject: [PATCH] =?UTF-8?q?fix(=E7=B3=BB=E7=BB=9F=E8=AE=BE=E7=BD=AE):=20OA?=
 =?UTF-8?q?uth2=E7=99=BB=E5=BD=95=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Closes #20439
---
 .../metersphere/gateway/service/SSOService.java | 17 +++++++++++------
 .../frontend/src/business/login/index.vue       |  4 +++-
 .../src/business/system/setting/MxAuth.vue      |  2 +-
 3 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java b/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
index 317f9fb95f..2cbe010e9d 100644
--- a/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
+++ b/framework/gateway/src/main/java/io/metersphere/gateway/service/SSOService.java
@@ -43,7 +43,10 @@ import java.nio.charset.StandardCharsets;
 import java.security.KeyManagementException;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
-import java.util.*;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Optional;
 import java.util.concurrent.TimeUnit;
 
 
@@ -243,6 +246,8 @@ public class SSOService {
             RestTemplate restTemplate = getRestTemplateIgnoreSSL();
             HttpHeaders headers = new HttpHeaders();
             headers.add(HttpHeaders.ACCEPT, MediaType.APPLICATION_JSON_VALUE);
+            String credentials = EncryptUtils.base64Encoding(config.get("clientId") + ":" + config.get("secret"));
+            headers.add(HttpHeaders.AUTHORIZATION, "Basic " + credentials);
             HttpEntity<String> param = new HttpEntity<>(headers);
             ResponseEntity<String> response = restTemplate.postForEntity(url, param, String.class);
             String content = response.getBody();
@@ -263,7 +268,7 @@ public class SSOService {
 
     private Optional<SessionUser> doOauth2Login(AuthSource authSource, String accessToken, WebSession session, Locale locale) throws Exception {
         Map<String, String> oauth2Config = null;
-        Map<String, String> resultObj = null;
+        Map<String, Object> resultObj = null;
         try {
             oauth2Config = JSON.parseObject(authSource.getConfiguration(), new TypeReference<HashMap<String, String>>() {});
             String userInfoUrl = oauth2Config.get("userInfoUrl");
@@ -272,7 +277,7 @@ public class SSOService {
             RestTemplate restTemplate = getRestTemplateIgnoreSSL();
             HttpEntity<MultiValueMap<String, String>> httpEntity = new HttpEntity<>(headers);
             ResponseEntity<String> response = restTemplate.exchange(userInfoUrl, HttpMethod.GET, httpEntity, String.class);
-            resultObj = JSON.parseObject(response.getBody(), new TypeReference<HashMap<String, String>>() {});
+            resultObj = JSON.parseObject(response.getBody(), new TypeReference<HashMap<String, Object>>() {});
         } catch (Exception e) {
             LogUtil.error("fail to get user info", e);
             MSException.throwException("fail to get user info!");
@@ -281,9 +286,9 @@ public class SSOService {
         String attrMapping = oauth2Config.get("mapping");
         Map<String, String> mapping = this.getOauth2AttrMapping(attrMapping);
 
-        String userid = resultObj.get(mapping.get("userid"));
-        String username = resultObj.get(mapping.get("username"));
-        String email = resultObj.get(mapping.get("email"));
+        String userid = (String) resultObj.get(mapping.get("userid"));
+        String username = (String) resultObj.get(mapping.get("username"));
+        String email = (String) resultObj.get(mapping.get("email"));
 
         if (StringUtils.isBlank(userid)) {
             MSException.throwException("userid is empty!");
diff --git a/framework/sdk-parent/frontend/src/business/login/index.vue b/framework/sdk-parent/frontend/src/business/login/index.vue
index 725a8d172a..9d83ab480b 100644
--- a/framework/sdk-parent/frontend/src/business/login/index.vue
+++ b/framework/sdk-parent/frontend/src/business/login/index.vue
@@ -329,10 +329,12 @@ export default {
           if (source.type === 'OAuth2') {
             url = config.authUrl
               + "?client_id=" + config.clientId
-              + "&scope=" + config.scope
               + "&response_type=code"
               + "&redirect_uri=" + redirectUrl
               + "&state=" + authId;
+            if (config.scope) {
+              url += "&scope=" + config.scope;
+            }
           }
           if (url) {
             window.location.href = url;
diff --git a/system-setting/frontend/src/business/system/setting/MxAuth.vue b/system-setting/frontend/src/business/system/setting/MxAuth.vue
index fee5a0adaa..3bd960d9e8 100644
--- a/system-setting/frontend/src/business/system/setting/MxAuth.vue
+++ b/system-setting/frontend/src/business/system/setting/MxAuth.vue
@@ -233,7 +233,7 @@
           </el-row>
           <el-row>
             <el-col>
-              <el-form-item label="Scope" :rules="requiredRules" prop="configuration.scope">
+              <el-form-item label="Scope" prop="configuration.scope">
                 <el-input v-model="form.configuration.scope"/>
               </el-form-item>
             </el-col>