v.0.2.0-beta

目前oauth已经可以正常使用
2025-07-29 17:20:26 -07:00
parent 0c481c7a0e
commit 66a901c676
7 changed files with 943 additions and 43 deletions
--- a/test-oauth-flow.js
+++ b/test-oauth-flow.js
@ -0,0 +1,177 @@
+const axios = require('axios');
+
+// 配置
+const BASE_URL = 'http://localhost:3000/api';
+const FRONTEND_URL = 'http://localhost:3001';
+
+// 测试用户信息
+const testUser = {
+  username: `testuser_${Date.now()}`,
+  email: `testuser_${Date.now()}@example.com`,
+  password: 'TestPassword123'
+};
+
+// 测试客户端信息
+const testClient = {
+  client_name: '测试应用',
+  description: '这是一个测试OAuth流程的应用',
+  redirect_uris: ['http://localhost:3001/callback']
+};
+
+let userToken = '';
+let clientId = '';
+let clientSecret = '';
+
+async function testOAuthFlow() {
+  console.log('🚀 开始测试OAuth授权流程...\n');
+
+  try {
+    // 1. 注册用户
+    console.log('1. 注册测试用户...');
+    const registerResponse = await axios.post(`${BASE_URL}/auth/register`, testUser);
+    if (registerResponse.data.success) {
+      console.log('✅ 用户注册成功');
+    } else {
+      console.log('❌ 用户注册失败:', registerResponse.data.message);
+      return;
+    }
+
+    // 2. 用户登录
+    console.log('\n2. 用户登录...');
+    const loginResponse = await axios.post(`${BASE_URL}/auth/login`, {
+      username: testUser.username,
+      password: testUser.password
+    });
+    
+    if (loginResponse.data.success) {
+      userToken = loginResponse.data.data.token;
+      console.log('✅ 用户登录成功');
+    } else {
+      console.log('❌ 用户登录失败:', loginResponse.data.message);
+      return;
+    }
+
+    // 3. 创建OAuth客户端
+    console.log('\n3. 创建OAuth客户端...');
+    const clientResponse = await axios.post(`${BASE_URL}/oauth/clients`, testClient, {
+      headers: {
+        'Authorization': `Bearer ${userToken}`
+      }
+    });
+
+    if (clientResponse.data.success) {
+      clientId = clientResponse.data.data.client_id;
+      clientSecret = clientResponse.data.data.client_secret;
+      console.log('✅ OAuth客户端创建成功');
+      console.log(`   客户端ID: ${clientId}`);
+      console.log(`   客户端密钥: ${clientSecret}`);
+    } else {
+      console.log('❌ OAuth客户端创建失败:', clientResponse.data.message);
+      return;
+    }
+
+    // 4. 获取授权信息
+    console.log('\n4. 获取授权信息...');
+    const authParams = new URLSearchParams({
+      response_type: 'code',
+      client_id: clientId,
+      redirect_uri: 'http://localhost:3001/callback',
+      scope: 'read write',
+      state: 'test123'
+    });
+
+    const authResponse = await axios.get(`${BASE_URL}/oauth/authorize?${authParams}`, {
+      headers: {
+        'Authorization': `Bearer ${userToken}`
+      }
+    });
+
+    if (authResponse.data.success) {
+      console.log('✅ 授权信息获取成功');
+      console.log(`   应用名称: ${authResponse.data.data.client.name}`);
+      console.log(`   应用描述: ${authResponse.data.data.client.description}`);
+      console.log(`   请求权限: ${authResponse.data.data.scopes.join(', ')}`);
+    } else {
+      console.log('❌ 授权信息获取失败:', authResponse.data.message);
+      return;
+    }
+
+    // 5. 用户同意授权
+    console.log('\n5. 用户同意授权...');
+    const consentResponse = await axios.post(`${BASE_URL}/oauth/authorize/consent`, {
+      client_id: clientId,
+      redirect_uri: 'http://localhost:3001/callback',
+      scope: 'read write',
+      state: 'test123',
+      approved: true
+    }, {
+      headers: {
+        'Authorization': `Bearer ${userToken}`
+      }
+    });
+
+    if (consentResponse.data.success) {
+      console.log('✅ 用户同意授权成功');
+      console.log(`   重定向URL: ${consentResponse.data.data.redirect_url}`);
+      console.log(`   授权码: ${consentResponse.data.data.code}`);
+    } else {
+      console.log('❌ 用户同意授权失败:', consentResponse.data.message);
+      return;
+    }
+
+    // 6. 使用授权码交换访问令牌
+    console.log('\n6. 使用授权码交换访问令牌...');
+    const tokenResponse = await axios.post(`${BASE_URL}/oauth/token`, {
+      grant_type: 'authorization_code',
+      client_id: clientId,
+      client_secret: clientSecret,
+      code: consentResponse.data.data.code,
+      redirect_uri: 'http://localhost:3001/callback'
+    });
+
+    if (tokenResponse.data.success) {
+      console.log('✅ 访问令牌获取成功');
+      console.log(`   访问令牌: ${tokenResponse.data.data.access_token.substring(0, 20)}...`);
+      console.log(`   刷新令牌: ${tokenResponse.data.data.refresh_token.substring(0, 20)}...`);
+      console.log(`   过期时间: ${tokenResponse.data.data.expires_in}秒`);
+    } else {
+      console.log('❌ 访问令牌获取失败:', tokenResponse.data.message);
+      return;
+    }
+
+    // 7. 使用访问令牌获取用户信息
+    console.log('\n7. 使用访问令牌获取用户信息...');
+    const userInfoResponse = await axios.get(`${BASE_URL}/oauth/userinfo`, {
+      headers: {
+        'Authorization': `Bearer ${tokenResponse.data.data.access_token}`
+      }
+    });
+
+    if (userInfoResponse.data.success) {
+      console.log('✅ 用户信息获取成功');
+      console.log(`   用户名: ${userInfoResponse.data.data.username}`);
+      console.log(`   邮箱: ${userInfoResponse.data.data.email}`);
+    } else {
+      console.log('❌ 用户信息获取失败:', userInfoResponse.data.message);
+      return;
+    }
+
+    console.log('\n🎉 OAuth授权流程测试完成！');
+    console.log('\n📋 测试总结:');
+    console.log('✅ 用户注册和登录');
+    console.log('✅ OAuth客户端创建');
+    console.log('✅ 授权信息获取');
+    console.log('✅ 用户同意授权');
+    console.log('✅ 授权码交换访问令牌');
+    console.log('✅ 使用访问令牌获取用户信息');
+
+    console.log('\n🔗 前端测试链接:');
+    console.log(`${FRONTEND_URL}/oauth/authorize?client_id=${clientId}&redirect_uri=http://localhost:3001/callback&scope=read%20write&state=test123`);
+
+  } catch (error) {
+    console.error('❌ 测试过程中发生错误:', error.response?.data || error.message);
+  }
+}
+
+// 运行测试
+testOAuthFlow();