v.0.2.0-beta

目前oauth已经可以正常使用

src/pages/OAuthAuthorize.jsx

@@ -45,37 +45,64 @@ const OAuthAuthorize = () => {
   const responseType = searchParams.get('response_type')
 
   useEffect(() => {
-    if (!user) {
-      navigate('/login')
-      return
-    }
-
+    // 验证OAuth参数
     if (!clientId || !redirectUri || responseType !== 'code') {
       setError('无效的授权请求')
+      
       return
     }
 
-    // 这里可以添加客户端信息获取逻辑
-    // 为了演示，我们使用默认信息
-    setClientInfo({
-      name: '第三方应用',
-      description: '请求访问您的账户信息',
-      scopes: scope ? scope.split(' ') : ['read', 'write']
-    })
-  }, [user, clientId, redirectUri, scope, responseType, navigate])
+    // 获取授权信息
+    const fetchAuthInfo = async () => {
+      try {
+        setLoading(true)
+        const params = new URLSearchParams({
+          response_type: 'code',
+          client_id: clientId,
+          redirect_uri: redirectUri,
+          scope: scope || 'read write',
+          state: state || ''
+        })
+
+        const response = await axios.get(`/api/oauth/authorize?${params}`, {
+          headers: {
+            Authorization: `Bearer ${localStorage.getItem('token')}`
+          }
+        })
+
+        if (response.data.success) {
+          console.log(response.data.data.redirect_uri)
+          setClientInfo({
+            name: response.data.data.client.name,
+            description: response.data.data.client.description,
+            scopes: response.data.data.scopes,
+            clientId: response.data.data.client.id,
+            redirectUri: response.data.data.redirect_uri,
+            state: response.data.data.state
+          })
+        } else {
+          setError(response.data.message || '获取授权信息失败')
+        }
+      } catch (error) {
+        setError(error.response?.data?.message || '获取授权信息失败')
+      } finally {
+        setLoading(false)
+      }
+    }
+
+    fetchAuthInfo()
+  }, [clientId, redirectUri, scope, responseType, state])
 
   const handleAuthorize = async () => {
     setLoading(true)
     try {
-      const params = new URLSearchParams({
-        response_type: 'code',
-        client_id: clientId,
-        redirect_uri: redirectUri,
-        scope: scope || 'read write',
-        state: state || ''
-      })
-
-      const response = await axios.get(`/api/oauth/authorize?${params}`, {
+      const response = await axios.post('/api/oauth/authorize/consent', {
+        client_id: clientInfo.clientId,
+        redirect_uri: clientInfo.redirectUri,
+        scope: clientInfo.scopes.join(' '),
+        state: clientInfo.state,
+        approved: true    
+      }, {
         headers: {
           Authorization: `Bearer ${localStorage.getItem('token')}`
         }
@@ -87,21 +114,37 @@ const OAuthAuthorize = () => {
       }
     } catch (error) {
       setError(error.response?.data?.message || '授权失败')
+      setLoading(false)
     }
-    setLoading(false)
   }
 
-  const handleDeny = () => {
-    // 拒绝授权，重定向回应用
-    const denyUrl = new URL(redirectUri)
-    denyUrl.searchParams.set('error', 'access_denied')
-    if (state) {
-      denyUrl.searchParams.set('state', state)
+  const handleDeny = async () => {
+    setLoading(true)
+    try {
+      const response = await axios.post('/api/oauth/authorize/consent', {
+        client_id: clientInfo.clientId,
+        redirect_uri: clientInfo.redirectUri,
+        scope: clientInfo.scopes.join(' '),
+        state: clientInfo.state,
+        approved: false
+      }, {
+        headers: {
+          Authorization: `Bearer ${localStorage.getItem('token')}`
+        }
+      })
+
+      if (response.data.success) {
+        const { redirect_url } = response.data.data
+        window.location.href = redirect_url
+      }
+    } catch (error) {
+      setError(error.response?.data?.message || '拒绝授权失败')
+      setLoading(false)
     }
-    window.location.href = denyUrl.toString()
   }
 
-  if (!user) {
+  // 显示加载状态
+  if (loading) {
     return (
       <Container maxWidth="sm">
         <Box