首页 发现 帮助
登录
Server
/
new-api
40
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: 17be836aa4
分支列表 标签列表
new-api
/
web
/
src
/
components
/
settings
/
CustomOAuthSetting.jsx

CustomOAuthSetting.jsx 20 KB
文件历史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631 
  1. /*
    2. 

  2. Copyright (C) 2025 QuantumNous
    3. 

  3. 

  4. This program is free software: you can redistribute it and/or modify
    5. 

  5. it under the terms of the GNU Affero General Public License as
    6. 

  6. published by the Free Software Foundation, either version 3 of the
    7. 

  7. License, or (at your option) any later version.
    8. 

  8. 

  9. This program is distributed in the hope that it will be useful,
    10. 

  10. but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12. 

  12. GNU Affero General Public License for more details.
    13. 

  13. 

  14. You should have received a copy of the GNU Affero General Public License
    15. 

  15. along with this program. If not, see <https://www.gnu.org/licenses/>.
    16. 

  16. 

  17. For commercial licensing, please contact support@quantumnous.com
    18. 

  18. */
    19. 

  19. 

  20. import React, { useEffect, useState } from 'react';
    21. 

  21. import {
    22. 

  22.   Button,
    23. 

  23.   Form,
    24. 

  24.   Row,
    25. 

  25.   Col,
    26. 

  26.   Typography,
    27. 

  27.   Modal,
    28. 

  28.   Banner,
    29. 

  29.   Card,
    30. 

  30.   Table,
    31. 

  31.   Tag,
    32. 

  32.   Popconfirm,
    33. 

  33.   Space,
    34. 

  34.   Select,
    35. 

  35. } from '@douyinfe/semi-ui';
    36. 

  36. import { IconPlus, IconEdit, IconDelete } from '@douyinfe/semi-icons';
    37. 

  37. import { API, showError, showSuccess } from '../../helpers';
    38. 

  38. import { useTranslation } from 'react-i18next';
    39. 

  39. 

  40. const { Text } = Typography;
    41. 

  41. 

  42. // Preset templates for common OAuth providers
    43. 

  43. const OAUTH_PRESETS = {
    44. 

  44.   'github-enterprise': {
    45. 

  45.     name: 'GitHub Enterprise',
    46. 

  46.     authorization_endpoint: '/login/oauth/authorize',
    47. 

  47.     token_endpoint: '/login/oauth/access_token',
    48. 

  48.     user_info_endpoint: '/api/v3/user',
    49. 

  49.     scopes: 'user:email',
    50. 

  50.     user_id_field: 'id',
    51. 

  51.     username_field: 'login',
    52. 

  52.     display_name_field: 'name',
    53. 

  53.     email_field: 'email',
    54. 

  54.   },
    55. 

  55.   gitlab: {
    56. 

  56.     name: 'GitLab',
    57. 

  57.     authorization_endpoint: '/oauth/authorize',
    58. 

  58.     token_endpoint: '/oauth/token',
    59. 

  59.     user_info_endpoint: '/api/v4/user',
    60. 

  60.     scopes: 'openid profile email',
    61. 

  61.     user_id_field: 'id',
    62. 

  62.     username_field: 'username',
    63. 

  63.     display_name_field: 'name',
    64. 

  64.     email_field: 'email',
    65. 

  65.   },
    66. 

  66.   gitea: {
    67. 

  67.     name: 'Gitea',
    68. 

  68.     authorization_endpoint: '/login/oauth/authorize',
    69. 

  69.     token_endpoint: '/login/oauth/access_token',
    70. 

  70.     user_info_endpoint: '/api/v1/user',
    71. 

  71.     scopes: 'openid profile email',
    72. 

  72.     user_id_field: 'id',
    73. 

  73.     username_field: 'login',
    74. 

  74.     display_name_field: 'full_name',
    75. 

  75.     email_field: 'email',
    76. 

  76.   },
    77. 

  77.   nextcloud: {
    78. 

  78.     name: 'Nextcloud',
    79. 

  79.     authorization_endpoint: '/apps/oauth2/authorize',
    80. 

  80.     token_endpoint: '/apps/oauth2/api/v1/token',
    81. 

  81.     user_info_endpoint: '/ocs/v2.php/cloud/user?format=json',
    82. 

  82.     scopes: 'openid profile email',
    83. 

  83.     user_id_field: 'ocs.data.id',
    84. 

  84.     username_field: 'ocs.data.id',
    85. 

  85.     display_name_field: 'ocs.data.displayname',
    86. 

  86.     email_field: 'ocs.data.email',
    87. 

  87.   },
    88. 

  88.   keycloak: {
    89. 

  89.     name: 'Keycloak',
    90. 

  90.     authorization_endpoint: '/realms/{realm}/protocol/openid-connect/auth',
    91. 

  91.     token_endpoint: '/realms/{realm}/protocol/openid-connect/token',
    92. 

  92.     user_info_endpoint: '/realms/{realm}/protocol/openid-connect/userinfo',
    93. 

  93.     scopes: 'openid profile email',
    94. 

  94.     user_id_field: 'sub',
    95. 

  95.     username_field: 'preferred_username',
    96. 

  96.     display_name_field: 'name',
    97. 

  97.     email_field: 'email',
    98. 

  98.   },
    99. 

  99.   authentik: {
    100. 

  100.     name: 'Authentik',
    101. 

  101.     authorization_endpoint: '/application/o/authorize/',
    102. 

  102.     token_endpoint: '/application/o/token/',
    103. 

  103.     user_info_endpoint: '/application/o/userinfo/',
    104. 

  104.     scopes: 'openid profile email',
    105. 

  105.     user_id_field: 'sub',
    106. 

  106.     username_field: 'preferred_username',
    107. 

  107.     display_name_field: 'name',
    108. 

  108.     email_field: 'email',
    109. 

  109.   },
    110. 

  110.   ory: {
    111. 

  111.     name: 'ORY Hydra',
    112. 

  112.     authorization_endpoint: '/oauth2/auth',
    113. 

  113.     token_endpoint: '/oauth2/token',
    114. 

  114.     user_info_endpoint: '/userinfo',
    115. 

  115.     scopes: 'openid profile email',
    116. 

  116.     user_id_field: 'sub',
    117. 

  117.     username_field: 'preferred_username',
    118. 

  118.     display_name_field: 'name',
    119. 

  119.     email_field: 'email',
    120. 

  120.   },
    121. 

  121. };
    122. 

  122. 

  123. const CustomOAuthSetting = ({ serverAddress }) => {
    124. 

  124.   const { t } = useTranslation();
    125. 

  125.   const [providers, setProviders] = useState([]);
    126. 

  126.   const [loading, setLoading] = useState(false);
    127. 

  127.   const [modalVisible, setModalVisible] = useState(false);
    128. 

  128.   const [editingProvider, setEditingProvider] = useState(null);
    129. 

  129.   const [formValues, setFormValues] = useState({});
    130. 

  130.   const [selectedPreset, setSelectedPreset] = useState('');
    131. 

  131.   const [baseUrl, setBaseUrl] = useState('');
    132. 

  132.   const formApiRef = React.useRef(null);
    133. 

  133. 

  134.   const fetchProviders = async () => {
    135. 

  135.     setLoading(true);
    136. 

  136.     try {
    137. 

  137.       const res = await API.get('/api/custom-oauth-provider/');
    138. 

  138.       if (res.data.success) {
    139. 

  139.         setProviders(res.data.data || []);
    140. 

  140.       } else {
    141. 

  141.         showError(res.data.message);
    142. 

  142.       }
    143. 

  143.     } catch (error) {
    144. 

  144.       showError(t('获取自定义 OAuth 提供商列表失败'));
    145. 

  145.     }
    146. 

  146.     setLoading(false);
    147. 

  147.   };
    148. 

  148. 

  149.   useEffect(() => {
    150. 

  150.     fetchProviders();
    151. 

  151.   }, []);
    152. 

  152. 

  153.   const handleAdd = () => {
    154. 

  154.     setEditingProvider(null);
    155. 

  155.     setFormValues({
    156. 

  156.       enabled: false,
    157. 

  157.       scopes: 'openid profile email',
    158. 

  158.       user_id_field: 'sub',
    159. 

  159.       username_field: 'preferred_username',
    160. 

  160.       display_name_field: 'name',
    161. 

  161.       email_field: 'email',
    162. 

  162.       auth_style: 0,
    163. 

  163.     });
    164. 

  164.     setSelectedPreset('');
    165. 

  165.     setBaseUrl('');
    166. 

  166.     setModalVisible(true);
    167. 

  167.   };
    168. 

  168. 

  169.   const handleEdit = (provider) => {
    170. 

  170.     setEditingProvider(provider);
    171. 

  171.     setFormValues({ ...provider });
    172. 

  172.     setSelectedPreset('');
    173. 

  173.     setBaseUrl('');
    174. 

  174.     setModalVisible(true);
    175. 

  175.   };
    176. 

  176. 

  177.   const handleDelete = async (id) => {
    178. 

  178.     try {
    179. 

  179.       const res = await API.delete(`/api/custom-oauth-provider/${id}`);
    180. 

  180.       if (res.data.success) {
    181. 

  181.         showSuccess(t('删除成功'));
    182. 

  182.         fetchProviders();
    183. 

  183.       } else {
    184. 

  184.         showError(res.data.message);
    185. 

  185.       }
    186. 

  186.     } catch (error) {
    187. 

  187.       showError(t('删除失败'));
    188. 

  188.     }
    189. 

  189.   };
    190. 

  190. 

  191.   const handleSubmit = async () => {
    192. 

  192.     // Validate required fields
    193. 

  193.     const requiredFields = [
    194. 

  194.       'name',
    195. 

  195.       'slug',
    196. 

  196.       'client_id',
    197. 

  197.       'authorization_endpoint',
    198. 

  198.       'token_endpoint',
    199. 

  199.       'user_info_endpoint',
    200. 

  200.     ];
    201. 

  201.     
    202. 

  202.     if (!editingProvider) {
    203. 

  203.       requiredFields.push('client_secret');
    204. 

  204.     }
    205. 

  205. 

  206.     for (const field of requiredFields) {
    207. 

  207.       if (!formValues[field]) {
    208. 

  208.         showError(t(`请填写 ${field}`));
    209. 

  209.         return;
    210. 

  210.       }
    211. 

  211.     }
    212. 

  212. 

  213.     // Validate endpoint URLs must be full URLs
    214. 

  214.     const endpointFields = ['authorization_endpoint', 'token_endpoint', 'user_info_endpoint'];
    215. 

  215.     for (const field of endpointFields) {
    216. 

  216.       const value = formValues[field];
    217. 

  217.       if (value && !value.startsWith('http://') && !value.startsWith('https://')) {
    218. 

  218.         // Check if user selected a preset but forgot to fill server address
    219. 

  219.         if (selectedPreset && !baseUrl) {
    220. 

  220.           showError(t('请先填写服务器地址,以自动生成完整的端点 URL'));
    221. 

  221.         } else {
    222. 

  222.           showError(t('端点 URL 必须是完整地址(以 http:// 或 https:// 开头)'));
    223. 

  223.         }
    224. 

  224.         return;
    225. 

  225.       }
    226. 

  226.     }
    227. 

  227. 

  228.     try {
    229. 

  229.       let res;
    230. 

  230.       if (editingProvider) {
    231. 

  231.         res = await API.put(
    232. 

  232.           `/api/custom-oauth-provider/${editingProvider.id}`,
    233. 

  233.           formValues
    234. 

  234.         );
    235. 

  235.       } else {
    236. 

  236.         res = await API.post('/api/custom-oauth-provider/', formValues);
    237. 

  237.       }
    238. 

  238. 

  239.       if (res.data.success) {
    240. 

  240.         showSuccess(editingProvider ? t('更新成功') : t('创建成功'));
    241. 

  241.         setModalVisible(false);
    242. 

  242.         fetchProviders();
    243. 

  243.       } else {
    244. 

  244.         showError(res.data.message);
    245. 

  245.       }
    246. 

  246.     } catch (error) {
    247. 

  247.       showError(editingProvider ? t('更新失败') : t('创建失败'));
    248. 

  248.     }
    249. 

  249.   };
    250. 

  250. 

  251.   const handlePresetChange = (preset) => {
    252. 

  252.     setSelectedPreset(preset);
    253. 

  253.     if (preset && OAUTH_PRESETS[preset]) {
    254. 

  254.       const presetConfig = OAUTH_PRESETS[preset];
    255. 

  255.       const cleanUrl = baseUrl ? baseUrl.replace(/\/+$/, '') : '';
    256. 

  256.       const newValues = {
    257. 

  257.         name: presetConfig.name,
    258. 

  258.         slug: preset,
    259. 

  259.         scopes: presetConfig.scopes,
    260. 

  260.         user_id_field: presetConfig.user_id_field,
    261. 

  261.         username_field: presetConfig.username_field,
    262. 

  262.         display_name_field: presetConfig.display_name_field,
    263. 

  263.         email_field: presetConfig.email_field,
    264. 

  264.         auth_style: presetConfig.auth_style ?? 0,
    265. 

  265.       };
    266. 

  266.       // Only fill endpoints if server address is provided
    267. 

  267.       if (cleanUrl) {
    268. 

  268.         newValues.authorization_endpoint = cleanUrl + presetConfig.authorization_endpoint;
    269. 

  269.         newValues.token_endpoint = cleanUrl + presetConfig.token_endpoint;
    270. 

  270.         newValues.user_info_endpoint = cleanUrl + presetConfig.user_info_endpoint;
    271. 

  271.       }
    272. 

  272.       setFormValues((prev) => ({ ...prev, ...newValues }));
    273. 

  273.       // Update form fields directly via formApi
    274. 

  274.       if (formApiRef.current) {
    275. 

  275.         Object.entries(newValues).forEach(([key, value]) => {
    276. 

  276.           formApiRef.current.setValue(key, value);
    277. 

  277.         });
    278. 

  278.       }
    279. 

  279.     }
    280. 

  280.   };
    281. 

  281. 

  282.   const handleBaseUrlChange = (url) => {
    283. 

  283.     setBaseUrl(url);
    284. 

  284.     if (url && selectedPreset && OAUTH_PRESETS[selectedPreset]) {
    285. 

  285.       const presetConfig = OAUTH_PRESETS[selectedPreset];
    286. 

  286.       const cleanUrl = url.replace(/\/+$/, ''); // Remove trailing slashes
    287. 

  287.       const newValues = {
    288. 

  288.         authorization_endpoint: cleanUrl + presetConfig.authorization_endpoint,
    289. 

  289.         token_endpoint: cleanUrl + presetConfig.token_endpoint,
    290. 

  290.         user_info_endpoint: cleanUrl + presetConfig.user_info_endpoint,
    291. 

  291.       };
    292. 

  292.       setFormValues((prev) => ({ ...prev, ...newValues }));
    293. 

  293.       // Update form fields directly via formApi (use merge mode to preserve other fields)
    294. 

  294.       if (formApiRef.current) {
    295. 

  295.         Object.entries(newValues).forEach(([key, value]) => {
    296. 

  296.           formApiRef.current.setValue(key, value);
    297. 

  297.         });
    298. 

  298.       }
    299. 

  299.     }
    300. 

  300.   };
    301. 

  301. 

  302.   const columns = [
    303. 

  303.     {
    304. 

  304.       title: t('名称'),
    305. 

  305.       dataIndex: 'name',
    306. 

  306.       key: 'name',
    307. 

  307.     },
    308. 

  308.     {
    309. 

  309.       title: 'Slug',
    310. 

  310.       dataIndex: 'slug',
    311. 

  311.       key: 'slug',
    312. 

  312.       render: (slug) => <Tag>{slug}</Tag>,
    313. 

  313.     },
    314. 

  314.     {
    315. 

  315.       title: t('状态'),
    316. 

  316.       dataIndex: 'enabled',
    317. 

  317.       key: 'enabled',
    318. 

  318.       render: (enabled) => (
    319. 

  319.         <Tag color={enabled ? 'green' : 'grey'}>
    320. 

  320.           {enabled ? t('已启用') : t('已禁用')}
    321. 

  321.         </Tag>
    322. 

  322.       ),
    323. 

  323.     },
    324. 

  324.     {
    325. 

  325.       title: t('Client ID'),
    326. 

  326.       dataIndex: 'client_id',
    327. 

  327.       key: 'client_id',
    328. 

  328.       render: (id) => (id ? id.substring(0, 20) + '...' : '-'),
    329. 

  329.     },
    330. 

  330.     {
    331. 

  331.       title: t('操作'),
    332. 

  332.       key: 'actions',
    333. 

  333.       render: (_, record) => (
    334. 

  334.         <Space>
    335. 

  335.           <Button
    336. 

  336.             icon={<IconEdit />}
    337. 

  337.             size="small"
    338. 

  338.             onClick={() => handleEdit(record)}
    339. 

  339.           >
    340. 

  340.             {t('编辑')}
    341. 

  341.           </Button>
    342. 

  342.           <Popconfirm
    343. 

  343.             title={t('确定要删除此 OAuth 提供商吗?')}
    344. 

  344.             onConfirm={() => handleDelete(record.id)}
    345. 

  345.           >
    346. 

  346.             <Button icon={<IconDelete />} size="small" type="danger">
    347. 

  347.               {t('删除')}
    348. 

  348.             </Button>
    349. 

  349.           </Popconfirm>
    350. 

  350.         </Space>
    351. 

  351.       ),
    352. 

  352.     },
    353. 

  353.   ];
    354. 

  354. 

  355.   return (
    356. 

  356.     <Card>
    357. 

  357.       <Form.Section text={t('自定义 OAuth 提供商')}>
    358. 

  358.         <Banner
    359. 

  359.           type="info"
    360. 

  360.           description={
    361. 

  361.             <>
    362. 

  362.               {t(
    363. 

  363.                 '配置自定义 OAuth 提供商,支持 GitHub Enterprise、GitLab、Gitea、Nextcloud、Keycloak、ORY 等兼容 OAuth 2.0 协议的身份提供商'
    364. 

  364.               )}
    365. 

  365.               <br />
    366. 

  366.               {t('回调 URL 格式')}: {serverAddress || t('网站地址')}/oauth/
    367. 

  367.               {'{slug}'}
    368. 

  368.             </>
    369. 

  369.           }
    370. 

  370.           style={{ marginBottom: 20 }}
    371. 

  371.         />
    372. 

  372. 

  373.         <Button
    374. 

  374.           icon={<IconPlus />}
    375. 

  375.           theme="solid"
    376. 

  376.           onClick={handleAdd}
    377. 

  377.           style={{ marginBottom: 16 }}
    378. 

  378.         >
    379. 

  379.           {t('添加 OAuth 提供商')}
    380. 

  380.         </Button>
    381. 

  381. 

  382.         <Table
    383. 

  383.           columns={columns}
    384. 

  384.           dataSource={providers}
    385. 

  385.           loading={loading}
    386. 

  386.           rowKey="id"
    387. 

  387.           pagination={false}
    388. 

  388.           empty={t('暂无自定义 OAuth 提供商')}
    389. 

  389.         />
    390. 

  390. 

  391.         <Modal
    392. 

  392.           title={editingProvider ? t('编辑 OAuth 提供商') : t('添加 OAuth 提供商')}
    393. 

  393.           visible={modalVisible}
    394. 

  394.           onOk={handleSubmit}
    395. 

  395.           onCancel={() => setModalVisible(false)}
    396. 

  396.           okText={t('保存')}
    397. 

  397.           cancelText={t('取消')}
    398. 

  398.           width={800}
    399. 

  399.         >
    400. 

  400.           <Form
    401. 

  401.             initValues={formValues}
    402. 

  402.             onValueChange={(values) => setFormValues(values)}
    403. 

  403.             getFormApi={(api) => (formApiRef.current = api)}
    404. 

  404.           >
    405. 

  405.             {!editingProvider && (
    406. 

  406.               <Row gutter={16} style={{ marginBottom: 16 }}>
    407. 

  407.                 <Col span={12}>
    408. 

  408.                   <Form.Select
    409. 

  409.                     field="preset"
    410. 

  410.                     label={t('预设模板')}
    411. 

  411.                     placeholder={t('选择预设模板(可选)')}
    412. 

  412.                     value={selectedPreset}
    413. 

  413.                     onChange={handlePresetChange}
    414. 

  414.                     optionList={[
    415. 

  415.                       { value: '', label: t('自定义') },
    416. 

  416.                       ...Object.entries(OAUTH_PRESETS).map(([key, config]) => ({
    417. 

  417.                         value: key,
    418. 

  418.                         label: config.name,
    419. 

  419.                       })),
    420. 

  420.                     ]}
    421. 

  421.                   />
    422. 

  422.                 </Col>
    423. 

  423.                 <Col span={12}>
    424. 

  424.                   <Form.Input
    425. 

  425.                     field="base_url"
    426. 

  426.                     label={
    427. 

  427.                       selectedPreset
    428. 

  428.                         ? t('服务器地址') + ' *'
    429. 

  429.                         : t('服务器地址')
    430. 

  430.                     }
    431. 

  431.                     placeholder={t('例如:https://gitea.example.com')}
    432. 

  432.                     value={baseUrl}
    433. 

  433.                     onChange={handleBaseUrlChange}
    434. 

  434.                     extraText={
    435. 

  435.                       selectedPreset
    436. 

  436.                         ? t('必填:请输入服务器地址以自动生成完整端点 URL')
    437. 

  437.                         : t('选择预设模板后填写服务器地址可自动填充端点')
    438. 

  438.                     }
    439. 

  439.                   />
    440. 

  440.                 </Col>
    441. 

  441.               </Row>
    442. 

  442.             )}
    443. 

  443. 

  444.             <Row gutter={16}>
    445. 

  445.               <Col span={12}>
    446. 

  446.                 <Form.Input
    447. 

  447.                   field="name"
    448. 

  448.                   label={t('显示名称')}
    449. 

  449.                   placeholder={t('例如:GitHub Enterprise')}
    450. 

  450.                   rules={[{ required: true, message: t('请输入显示名称') }]}
    451. 

  451.                 />
    452. 

  452.               </Col>
    453. 

  453.               <Col span={12}>
    454. 

  454.                 <Form.Input
    455. 

  455.                   field="slug"
    456. 

  456.                   label="Slug"
    457. 

  457.                   placeholder={t('例如:github-enterprise')}
    458. 

  458.                   extraText={t('URL 标识,只能包含小写字母、数字和连字符')}
    459. 

  459.                   rules={[{ required: true, message: t('请输入 Slug') }]}
    460. 

  460.                 />
    461. 

  461.               </Col>
    462. 

  462.             </Row>
    463. 

  463. 

  464.             <Row gutter={16}>
    465. 

  465.               <Col span={12}>
    466. 

  466.                 <Form.Input
    467. 

  467.                   field="client_id"
    468. 

  468.                   label="Client ID"
    469. 

  469.                   placeholder={t('OAuth Client ID')}
    470. 

  470.                   rules={[{ required: true, message: t('请输入 Client ID') }]}
    471. 

  471.                 />
    472. 

  472.               </Col>
    473. 

  473.               <Col span={12}>
    474. 

  474.                 <Form.Input
    475. 

  475.                   field="client_secret"
    476. 

  476.                   label="Client Secret"
    477. 

  477.                   type="password"
    478. 

  478.                   placeholder={
    479. 

  479.                     editingProvider
    480. 

  480.                       ? t('留空则保持原有密钥')
    481. 

  481.                       : t('OAuth Client Secret')
    482. 

  482.                   }
    483. 

  483.                   rules={
    484. 

  484.                     editingProvider
    485. 

  485.                       ? []
    486. 

  486.                       : [{ required: true, message: t('请输入 Client Secret') }]
    487. 

  487.                   }
    488. 

  488.                 />
    489. 

  489.               </Col>
    490. 

  490.             </Row>
    491. 

  491. 

  492.             <Text strong style={{ display: 'block', margin: '16px 0 8px' }}>
    493. 

  493.               {t('OAuth 端点')}
    494. 

  494.             </Text>
    495. 

  495. 

  496.             <Row gutter={16}>
    497. 

  497.               <Col span={24}>
    498. 

  498.                 <Form.Input
    499. 

  499.                   field="authorization_endpoint"
    500. 

  500.                   label={t('Authorization Endpoint')}
    501. 

  501.                   placeholder={
    502. 

  502.                     selectedPreset && OAUTH_PRESETS[selectedPreset]
    503. 

  503.                       ? t('填写服务器地址后自动生成:') +
    504. 

  504.                         OAUTH_PRESETS[selectedPreset].authorization_endpoint
    505. 

  505.                       : 'https://example.com/oauth/authorize'
    506. 

  506.                   }
    507. 

  507.                   rules={[
    508. 

  508.                     { required: true, message: t('请输入 Authorization Endpoint') },
    509. 

  509.                   ]}
    510. 

  510.                 />
    511. 

  511.               </Col>
    512. 

  512.             </Row>
    513. 

  513. 

  514.             <Row gutter={16}>
    515. 

  515.               <Col span={12}>
    516. 

  516.                 <Form.Input
    517. 

  517.                   field="token_endpoint"
    518. 

  518.                   label={t('Token Endpoint')}
    519. 

  519.                   placeholder={
    520. 

  520.                     selectedPreset && OAUTH_PRESETS[selectedPreset]
    521. 

  521.                       ? t('自动生成:') + OAUTH_PRESETS[selectedPreset].token_endpoint
    522. 

  522.                       : 'https://example.com/oauth/token'
    523. 

  523.                   }
    524. 

  524.                   rules={[{ required: true, message: t('请输入 Token Endpoint') }]}
    525. 

  525.                 />
    526. 

  526.               </Col>
    527. 

  527.               <Col span={12}>
    528. 

  528.                 <Form.Input
    529. 

  529.                   field="user_info_endpoint"
    530. 

  530.                   label={t('User Info Endpoint')}
    531. 

  531.                   placeholder={
    532. 

  532.                     selectedPreset && OAUTH_PRESETS[selectedPreset]
    533. 

  533.                       ? t('自动生成:') + OAUTH_PRESETS[selectedPreset].user_info_endpoint
    534. 

  534.                       : 'https://example.com/api/user'
    535. 

  535.                   }
    536. 

  536.                   rules={[
    537. 

  537.                     { required: true, message: t('请输入 User Info Endpoint') },
    538. 

  538.                   ]}
    539. 

  539.                 />
    540. 

  540.               </Col>
    541. 

  541.             </Row>
    542. 

  542. 

  543.             <Row gutter={16}>
    544. 

  544.               <Col span={12}>
    545. 

  545.                 <Form.Input
    546. 

  546.                   field="scopes"
    547. 

  547.                   label={t('Scopes')}
    548. 

  548.                   placeholder="openid profile email"
    549. 

  549.                 />
    550. 

  550.               </Col>
    551. 

  551.               <Col span={12}>
    552. 

  552.                 <Form.Input
    553. 

  553.                   field="well_known"
    554. 

  554.                   label={t('Well-Known URL')}
    555. 

  555.                   placeholder={t('OIDC Discovery 端点(可选)')}
    556. 

  556.                 />
    557. 

  557.               </Col>
    558. 

  558.             </Row>
    559. 

  559. 

  560.             <Text strong style={{ display: 'block', margin: '16px 0 8px' }}>
    561. 

  561.               {t('字段映射')}
    562. 

  562.             </Text>
    563. 

  563.             <Text type="secondary" style={{ display: 'block', marginBottom: 8 }}>
    564. 

  564.               {t('配置如何从用户信息 API 响应中提取用户数据,支持 JSONPath 语法')}
    565. 

  565.             </Text>
    566. 

  566. 

  567.             <Row gutter={16}>
    568. 

  568.               <Col span={12}>
    569. 

  569.                 <Form.Input
    570. 

  570.                   field="user_id_field"
    571. 

  571.                   label={t('用户 ID 字段')}
    572. 

  572.                   placeholder={t('例如:sub、id、data.user.id')}
    573. 

  573.                   extraText={t('用于唯一标识用户的字段路径')}
    574. 

  574.                 />
    575. 

  575.               </Col>
    576. 

  576.               <Col span={12}>
    577. 

  577.                 <Form.Input
    578. 

  578.                   field="username_field"
    579. 

  579.                   label={t('用户名字段')}
    580. 

  580.                   placeholder={t('例如:preferred_username、login')}
    581. 

  581.                 />
    582. 

  582.               </Col>
    583. 

  583.             </Row>
    584. 

  584. 

  585.             <Row gutter={16}>
    586. 

  586.               <Col span={12}>
    587. 

  587.                 <Form.Input
    588. 

  588.                   field="display_name_field"
    589. 

  589.                   label={t('显示名称字段')}
    590. 

  590.                   placeholder={t('例如:name、full_name')}
    591. 

  591.                 />
    592. 

  592.               </Col>
    593. 

  593.               <Col span={12}>
    594. 

  594.                 <Form.Input
    595. 

  595.                   field="email_field"
    596. 

  596.                   label={t('邮箱字段')}
    597. 

  597.                   placeholder={t('例如:email')}
    598. 

  598.                 />
    599. 

  599.               </Col>
    600. 

  600.             </Row>
    601. 

  601. 

  602.             <Text strong style={{ display: 'block', margin: '16px 0 8px' }}>
    603. 

  603.               {t('高级选项')}
    604. 

  604.             </Text>
    605. 

  605. 

  606.             <Row gutter={16}>
    607. 

  607.               <Col span={12}>
    608. 

  608.                 <Form.Select
    609. 

  609.                   field="auth_style"
    610. 

  610.                   label={t('认证方式')}
    611. 

  611.                   optionList={[
    612. 

  612.                     { value: 0, label: t('自动检测') },
    613. 

  613.                     { value: 1, label: t('POST 参数') },
    614. 

  614.                     { value: 2, label: t('Basic Auth 头') },
    615. 

  615.                   ]}
    616. 

  616.                 />
    617. 

  617.               </Col>
    618. 

  618.               <Col span={12}>
    619. 

  619.                 <Form.Checkbox field="enabled" noLabel>
    620. 

  620.                   {t('启用此 OAuth 提供商')}
    621. 

  621.                 </Form.Checkbox>
    622. 

  622.               </Col>
    623. 

  623.             </Row>
    624. 

  624.           </Form>
    625. 

  625.         </Modal>
    626. 

  626.       </Form.Section>
    627. 

  627.     </Card>
    628. 

  628.   );
    629. 

  629. };
    630. 

  630. 

  631. export default CustomOAuthSetting;
    632.