npm - @lobehub/chat - Versions diffs - 1.106.1 → 1.106.2 - Mend

@lobehub/chat 1.106.1 → 1.106.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/CHANGELOG.md +25 -0
package/changelog/v1.json +9 -0
package/package.json +2 -2
package/src/app/(backend)/oidc/callback/desktop/route.ts +59 -8
package/src/app/(backend)/oidc/consent/route.ts +10 -13
package/src/utils/server/correctOIDCUrl.ts +61 -0

package/CHANGELOG.md CHANGED Viewed

@@ -2,6 +2,31 @@
 # Changelog
+### [Version 1.106.2](https://github.com/lobehub/lobe-chat/compare/v1.106.1...v1.106.2)
+<sup>Released on **2025-07-29**</sup>
+#### 🐛 Bug Fixes
+- **misc**: Fix desktop auth redirect url error.
+<br/>
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+#### What's fixed
+- **misc**: Fix desktop auth redirect url error, closes [#8597](https://github.com/lobehub/lobe-chat/issues/8597) ([0ed7368](https://github.com/lobehub/lobe-chat/commit/0ed7368))
+</details>
+<div align="right">
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+</div>
 ### [Version 1.106.1](https://github.com/lobehub/lobe-chat/compare/v1.106.0...v1.106.1)
 <sup>Released on **2025-07-29**</sup>

package/changelog/v1.json CHANGED Viewed

@@ -1,4 +1,13 @@
 [
+  {
+    "children": {
+      "fixes": [
+        "Fix desktop auth redirect url error."
+      ]
+    },
+    "date": "2025-07-29",
+    "version": "1.106.2"
+  },
   {
     "children": {
       "improvements": [

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.106.1",
+  "version": "1.106.2",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",
@@ -257,7 +257,7 @@
     "semver": "^7.7.2",
     "sharp": "^0.34.3",
     "shiki": "^3.8.1",
-    "stripe": "^16.12.0",
+    "stripe": "^17.7.0",
     "superjson": "^2.2.2",
     "svix": "^1.69.0",
     "swr": "^2.3.4",

package/src/app/(backend)/oidc/callback/desktop/route.ts CHANGED Viewed

@@ -3,9 +3,50 @@ import { NextRequest, NextResponse, after } from 'next/server';
 import { OAuthHandoffModel } from '@/database/models/oauthHandoff';
 import { serverDB } from '@/database/server';
+import { correctOIDCUrl } from '@/utils/server/correctOIDCUrl';
 const log = debug('lobe-oidc:callback:desktop');
+const errorPathname = '/oauth/callback/error';
+/**
+ * 安全地构建重定向URL
+ */
+const buildRedirectUrl = (req: NextRequest, pathname: string): URL => {
+  const forwardedHost = req.headers.get('x-forwarded-host');
+  const requestHost = req.headers.get('host');
+  const forwardedProto =
+    req.headers.get('x-forwarded-proto') || req.headers.get('x-forwarded-protocol');
+  // 确定实际的主机名，提供后备值
+  const actualHost = forwardedHost || requestHost;
+  const actualProto = forwardedProto || 'https';
+  log(
+    'Building redirect URL - host: %s, proto: %s, pathname: %s',
+    actualHost,
+    actualProto,
+    pathname,
+  );
+  // 如果主机名仍然无效，使用req.nextUrl作为后备
+  if (!actualHost) {
+    log('Warning: Invalid host detected, using req.nextUrl as fallback');
+    const fallbackUrl = req.nextUrl.clone();
+    fallbackUrl.pathname = pathname;
+    return fallbackUrl;
+  }
+  try {
+    return new URL(`${actualProto}://${actualHost}${pathname}`);
+  } catch (error) {
+    log('Error constructing URL, using req.nextUrl as fallback: %O', error);
+    const fallbackUrl = req.nextUrl.clone();
+    fallbackUrl.pathname = pathname;
+    return fallbackUrl;
+  }
+};
 export const GET = async (req: NextRequest) => {
   try {
     const searchParams = req.nextUrl.searchParams;
@@ -14,9 +55,11 @@ export const GET = async (req: NextRequest) => {
     if (!code || !state || typeof code !== 'string' || typeof state !== 'string') {
       log('Missing code or state in form data');
-      const errorUrl = req.nextUrl.clone();
-      errorUrl.pathname = '/oauth/callback/error';
+      const errorUrl = buildRedirectUrl(req, errorPathname);
       errorUrl.searchParams.set('reason', 'invalid_request');
+      log('Redirecting to error URL: %s', errorUrl.toString());
       return NextResponse.redirect(errorUrl);
     }
@@ -31,9 +74,16 @@ export const GET = async (req: NextRequest) => {
     await authHandoffModel.create({ client, id, payload });
     log('Handoff record created successfully for id: %s', id);
-    // Redirect to a generic success page. The desktop app will poll for the result.
-    const successUrl = req.nextUrl.clone();
-    successUrl.pathname = '/oauth/callback/success';
+    const successUrl = buildRedirectUrl(req, '/oauth/callback/success');
+    // 添加调试日志
+    log('Request host header: %s', req.headers.get('host'));
+    log('Request x-forwarded-host: %s', req.headers.get('x-forwarded-host'));
+    log('Request x-forwarded-proto: %s', req.headers.get('x-forwarded-proto'));
+    log('Constructed success URL: %s', successUrl.toString());
+    const correctedUrl = correctOIDCUrl(req, successUrl);
+    log('Final redirect URL: %s', correctedUrl.toString());
     // cleanup expired
     after(async () => {
@@ -42,17 +92,18 @@ export const GET = async (req: NextRequest) => {
       log('Cleaned up %d expired handoff records', cleanedCount);
     });
-    return NextResponse.redirect(successUrl);
+    return NextResponse.redirect(correctedUrl);
   } catch (error) {
     log('Error in OIDC callback: %O', error);
-    const errorUrl = req.nextUrl.clone();
-    errorUrl.pathname = '/oauth/callback/error';
+    const errorUrl = buildRedirectUrl(req, errorPathname);
     errorUrl.searchParams.set('reason', 'internal_error');
     if (error instanceof Error) {
       errorUrl.searchParams.set('errorMessage', error.message);
     }
+    log('Redirecting to error URL: %s', errorUrl.toString());
     return NextResponse.redirect(errorUrl);
   }
 };

package/src/app/(backend)/oidc/consent/route.ts CHANGED Viewed

@@ -3,6 +3,7 @@ import { NextRequest, NextResponse } from 'next/server';
 import { OIDCService } from '@/server/services/oidc';
 import { getUserAuth } from '@/utils/server/auth';
+import { correctOIDCUrl } from '@/utils/server/correctOIDCUrl';
 const log = debug('lobe-oidc:consent');
@@ -113,19 +114,15 @@ export async function POST(request: NextRequest) {
     const internalRedirectUrlString = await oidcService.getInteractionResult(uid, result);
     log('OIDC Provider internal redirect URL string: %s', internalRedirectUrlString);
-    // // Construct the handoff URL
-    // const handoffUrl = new URL('/oauth/handoff', request.nextUrl.origin);
-    // // Set the original redirect URL as the 'target' query parameter (URL encoded)
-    // handoffUrl.searchParams.set('target', internalRedirectUrlString);
-    //
-    // log('Redirecting to handoff page: %s', handoffUrl.toString());
-    // // Redirect to the handoff page
-    // return NextResponse.redirect(handoffUrl.toString(), {
-    //   headers: request.headers, // Keep original headers if necessary
-    //   status: 303,
-    // });
-    return NextResponse.redirect(internalRedirectUrlString, {
+    let finalRedirectUrl;
+    try {
+      finalRedirectUrl = correctOIDCUrl(request, new URL(internalRedirectUrlString));
+    } catch {
+      finalRedirectUrl = new URL(internalRedirectUrlString);
+      log('Warning: Could not parse redirect URL, using as-is: %s', internalRedirectUrlString);
+    }
+    return NextResponse.redirect(finalRedirectUrl, {
       headers: request.headers,
       status: 303,
     });

package/src/utils/server/correctOIDCUrl.ts ADDED Viewed

@@ -0,0 +1,61 @@
+import debug from 'debug';
+import { NextRequest } from 'next/server';
+const log = debug('lobe-oidc:correctOIDCUrl');
+/**
+ * 修复 OIDC 重定向 URL 在代理环境下的问题
+ * @param req - Next.js 请求对象
+ * @param url - 要修复的 URL 对象
+ * @returns 修复后的 URL 对象
+ */
+export const correctOIDCUrl = (req: NextRequest, url: URL): URL => {
+  const requestHost = req.headers.get('host');
+  const forwardedHost = req.headers.get('x-forwarded-host');
+  const forwardedProto =
+    req.headers.get('x-forwarded-proto') || req.headers.get('x-forwarded-protocol');
+  log('Input URL: %s', url.toString());
+  log(
+    'Request headers - host: %s, x-forwarded-host: %s, x-forwarded-proto: %s',
+    requestHost,
+    forwardedHost,
+    forwardedProto,
+  );
+  // 确定实际的主机名和协议，提供后备值
+  const actualHost = forwardedHost || requestHost;
+  const actualProto = forwardedProto || (url.protocol === 'https:' ? 'https' : 'http');
+  // 如果无法确定有效的主机名，直接返回原URL
+  if (!actualHost || actualHost === 'null') {
+    log('Warning: Cannot determine valid host, returning original URL');
+    return url;
+  }
+  // 如果 URL 指向本地地址，或者主机名与实际请求主机不匹配，则修正 URL
+  const needsCorrection =
+    url.hostname === 'localhost' ||
+    url.hostname === '127.0.0.1' ||
+    url.hostname === '0.0.0.0' ||
+    url.hostname !== actualHost;
+  if (needsCorrection) {
+    log('URL needs correction. Original hostname: %s, correcting to: %s', url.hostname, actualHost);
+    try {
+      const correctedUrl = new URL(url.toString());
+      correctedUrl.protocol = actualProto + ':';
+      correctedUrl.host = actualHost;
+      log('Corrected URL: %s', correctedUrl.toString());
+      return correctedUrl;
+    } catch (error) {
+      log('Error creating corrected URL, returning original: %O', error);
+      return url;
+    }
+  }
+  log('URL does not need correction, returning original: %s', url.toString());
+  return url;
+};