npm - @lobehub/chat - Versions diffs - 1.79.7 → 1.79.9 - Mend

@lobehub/chat 1.79.7 → 1.79.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (121) hide show

package/.eslintrc.js +1 -0
package/CHANGELOG.md +58 -0
package/changelog/v1.json +18 -0
package/docs/development/database-schema.dbml +119 -0
package/locales/ar/models.json +12 -0
package/locales/ar/oauth.json +40 -0
package/locales/bg-BG/models.json +12 -0
package/locales/bg-BG/oauth.json +40 -0
package/locales/de-DE/models.json +12 -0
package/locales/de-DE/oauth.json +40 -0
package/locales/en-US/models.json +12 -0
package/locales/en-US/oauth.json +40 -0
package/locales/es-ES/models.json +12 -0
package/locales/es-ES/oauth.json +40 -0
package/locales/fa-IR/models.json +12 -0
package/locales/fa-IR/oauth.json +40 -0
package/locales/fr-FR/models.json +12 -0
package/locales/fr-FR/oauth.json +40 -0
package/locales/it-IT/models.json +12 -0
package/locales/it-IT/oauth.json +40 -0
package/locales/ja-JP/models.json +12 -0
package/locales/ja-JP/oauth.json +40 -0
package/locales/ko-KR/models.json +12 -0
package/locales/ko-KR/oauth.json +40 -0
package/locales/nl-NL/models.json +12 -0
package/locales/nl-NL/oauth.json +40 -0
package/locales/pl-PL/models.json +12 -0
package/locales/pl-PL/oauth.json +40 -0
package/locales/pt-BR/models.json +12 -0
package/locales/pt-BR/oauth.json +40 -0
package/locales/ru-RU/models.json +12 -0
package/locales/ru-RU/oauth.json +40 -0
package/locales/tr-TR/models.json +12 -0
package/locales/tr-TR/oauth.json +40 -0
package/locales/vi-VN/models.json +12 -0
package/locales/vi-VN/oauth.json +40 -0
package/locales/zh-CN/models.json +12 -0
package/locales/zh-CN/oauth.json +40 -0
package/locales/zh-TW/models.json +12 -0
package/locales/zh-TW/oauth.json +40 -0
package/package.json +4 -1
package/scripts/generate-oidc-jwk.mjs +59 -0
package/scripts/migrateServerDB/index.ts +3 -1
package/src/app/(backend)/oidc/[...oidc]/route.ts +96 -0
package/src/app/(backend)/oidc/consent/route.ts +131 -0
package/src/app/(backend)/trpc/async/[trpc]/route.ts +1 -1
package/src/app/(backend)/trpc/edge/[trpc]/route.ts +2 -2
package/src/app/(backend)/trpc/lambda/[trpc]/route.ts +2 -2
package/src/app/(backend)/trpc/tools/[trpc]/route.ts +2 -2
package/src/app/[variants]/(main)/files/[id]/page.tsx +1 -1
package/src/app/[variants]/oauth/consent/[uid]/Client.tsx +224 -0
package/src/app/[variants]/oauth/consent/[uid]/ClientError.tsx +46 -0
package/src/app/[variants]/oauth/consent/[uid]/failed/page.tsx +36 -0
package/src/app/[variants]/oauth/consent/[uid]/page.tsx +69 -0
package/src/app/[variants]/oauth/consent/[uid]/success/page.tsx +30 -0
package/src/components/Branding/ProductLogo/index.tsx +6 -1
package/src/config/aiModels/openai.ts +63 -41
package/src/database/client/migrations.json +27 -8
package/src/database/migrations/0020_add_oidc.sql +124 -0
package/src/database/migrations/meta/0020_snapshot.json +4975 -0
package/src/database/migrations/meta/_journal.json +7 -0
package/src/database/repositories/tableViewer/index.test.ts +1 -1
package/src/database/schemas/index.ts +1 -0
package/src/database/schemas/oidc.ts +158 -0
package/src/database/server/models/__tests__/adapter.test.ts +499 -0
package/src/envs/oidc.ts +18 -0
package/src/libs/agent-runtime/azureOpenai/index.ts +4 -1
package/src/libs/agent-runtime/utils/streams/protocol.ts +2 -4
package/src/libs/oidc-provider/adapter.ts +541 -0
package/src/libs/oidc-provider/config.ts +52 -0
package/src/libs/oidc-provider/http-adapter.ts +311 -0
package/src/libs/oidc-provider/interaction-policy.ts +37 -0
package/src/libs/oidc-provider/provider.ts +288 -0
package/src/libs/trpc/async/init.ts +1 -1
package/src/{server → libs/trpc/edge}/context.ts +2 -2
package/src/libs/trpc/{index.ts → edge/index.ts} +8 -8
package/src/libs/trpc/{init.ts → edge/init.ts} +2 -2
package/src/libs/trpc/{middleware → edge/middleware}/jwtPayload.test.ts +3 -3
package/src/libs/trpc/{middleware → edge/middleware}/jwtPayload.ts +3 -2
package/src/libs/trpc/lambda/context.ts +70 -0
package/src/libs/trpc/lambda/index.ts +39 -1
package/src/libs/trpc/lambda/init.ts +26 -0
package/src/libs/trpc/lambda/middleware/index.ts +2 -0
package/src/libs/trpc/{middleware → lambda/middleware}/keyVaults.ts +2 -1
package/src/libs/trpc/lambda/{serverDatabase.ts → middleware/serverDatabase.ts} +2 -1
package/src/libs/trpc/middleware/userAuth.test.ts +3 -3
package/src/libs/trpc/middleware/userAuth.ts +1 -1
package/src/libs/trpc/mock.ts +7 -0
package/src/locales/default/index.ts +2 -0
package/src/locales/default/oauth.ts +43 -0
package/src/middleware.ts +94 -6
package/src/server/routers/edge/appStatus.ts +1 -1
package/src/server/routers/edge/config/index.test.ts +2 -3
package/src/server/routers/edge/config/index.ts +1 -1
package/src/server/routers/edge/index.ts +1 -1
package/src/server/routers/edge/upload.ts +1 -1
package/src/server/routers/lambda/_template.ts +2 -2
package/src/server/routers/lambda/agent.ts +2 -2
package/src/server/routers/lambda/aiModel.ts +2 -2
package/src/server/routers/lambda/aiProvider.ts +2 -2
package/src/server/routers/lambda/chunk.ts +2 -3
package/src/server/routers/lambda/exporter.ts +2 -2
package/src/server/routers/lambda/file.ts +2 -2
package/src/server/routers/lambda/importer.ts +2 -2
package/src/server/routers/lambda/index.ts +1 -1
package/src/server/routers/lambda/knowledgeBase.ts +2 -2
package/src/server/routers/lambda/message.ts +2 -2
package/src/server/routers/lambda/plugin.ts +2 -2
package/src/server/routers/lambda/ragEval.ts +2 -3
package/src/server/routers/lambda/session.ts +2 -2
package/src/server/routers/lambda/sessionGroup.ts +2 -2
package/src/server/routers/lambda/thread.ts +2 -2
package/src/server/routers/lambda/topic.ts +2 -2
package/src/server/routers/lambda/user.ts +2 -2
package/src/server/routers/tools/__tests__/search.test.ts +2 -2
package/src/server/routers/tools/index.ts +1 -1
package/src/server/routers/tools/search.ts +2 -1
package/src/server/services/oidc/index.ts +64 -0
package/src/server/services/oidc/oidcProvider.ts +25 -0
package/src/server/mock.ts +0 -8
/package/src/{server/asyncContext.ts → libs/trpc/async/context.ts} +0 -0

package/locales/zh-TW/oauth.json ADDED Viewed

@@ -0,0 +1,40 @@
+{
+  "consent": {
+    "buttons": {
+      "accept": "授權",
+      "deny": "拒絕"
+    },
+    "description": "應用 {{clientName}} 申請您的帳戶授權",
+    "error": {
+      "sessionInvalid": {
+        "message": "授權會話已過期或無效，請重新發起授權流程。",
+        "title": "授權會話無效"
+      },
+      "title": "發生錯誤",
+      "unsupportedInteraction": {
+        "message": "不支援的互動類型: {promptName}",
+        "title": "不支援的互動類型"
+      }
+    },
+    "permissionsTitle": "請求以下權限：",
+    "redirectUri": "授權成功後將重定向到",
+    "scope": {
+      "email": "訪問您的電子郵件地址",
+      "offline_access": "允許客戶端訪問您的資料",
+      "openid": "使用您的 LobeChat 帳戶進行身份驗證",
+      "profile": "訪問您的基本資料信息（名稱、頭像等）",
+      "sync-read": "讀取您的同步資料",
+      "sync-write": "寫入並更新您的同步資料"
+    },
+    "title": "授權 {{clientName}}"
+  },
+  "failed": {
+    "backToHome": "返回首頁",
+    "subTitle": "您已拒絕授權應用訪問您的 LobeChat 帳戶",
+    "title": "授權被拒絕"
+  },
+  "success": {
+    "subTitle": "您已成功授權應用訪問您的 LobeChat 帳戶，可以關閉該頁面了",
+    "title": "授權成功"
+  }
+}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lobehub/chat",
-  "version": "1.79.7",
+  "version": "1.79.9",
   "description": "Lobe Chat - an open-source, high-performance chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Supports one-click free deployment of your private ChatGPT/LLM web application.",
   "keywords": [
     "framework",
@@ -188,6 +188,7 @@
     "jose": "^5.10.0",
     "js-sha256": "^0.11.0",
     "jsonl-parse-stringify": "^1.0.3",
+    "keyv": "^4.5.4",
     "langchain": "^0.3.19",
     "langfuse": "^3.37.1",
     "langfuse-core": "^3.37.1",
@@ -204,6 +205,7 @@
     "numeral": "^2.0.6",
     "nuqs": "^2.4.1",
     "officeparser": "^5.1.1",
+    "oidc-provider": "^8.4.0",
     "ollama": "^0.5.14",
     "openai": "^4.91.1",
     "openapi-fetch": "^0.9.8",
@@ -286,6 +288,7 @@
     "@types/lodash-es": "^4.17.12",
     "@types/node": "^22.13.17",
     "@types/numeral": "^2.0.5",
+    "@types/oidc-provider": "^8.8.1",
     "@types/pg": "^8.11.11",
     "@types/react": "^19.1.0",
     "@types/react-dom": "^19.1.1",

package/scripts/generate-oidc-jwk.mjs ADDED Viewed

@@ -0,0 +1,59 @@
+#!/usr/bin/env node
+/**
+ * OIDC JWKS 密钥生成脚本
+ * 用于生成 OIDC Provider 使用的 RSA 密钥对并转换为 JWKS 格式
+ *
+ * 使用方法:
+ * node scripts/generate-oidc-jwk.mjs
+ *
+ * 将输出的单行 JSON 字符串设置为环境变量 OIDC_JWKS_KEY
+ */
+import crypto from 'node:crypto';
+import { exportJWK, generateKeyPair } from 'jose';
+// 生成密钥 ID
+function generateKeyId() {
+  return crypto.randomBytes(8).toString('hex');
+}
+async function generateJwks() {
+  try {
+    console.error('正在生成 RSA 密钥对...');
+    // 生成 RS256 密钥对
+    const { privateKey } = await generateKeyPair('RS256');
+    // 导出为 JWK 格式
+    const jwk = await exportJWK(privateKey);
+    // 添加必要的字段
+    jwk.use = 'sig'; // 用途: 签名
+    jwk.kid = generateKeyId(); // 密钥 ID
+    jwk.alg = 'RS256'; // 算法
+    // 创建 JWKS (JSON Web Key Set)
+    const jwks = { keys: [jwk] };
+    // 转换为JSON字符串
+    const jwksString = JSON.stringify(jwks);
+    // 输出 JWKS JSON 单行字符串
+    console.log(jwksString);
+    // 控制台提示
+    console.error('\n✅ JWKS 已生成');
+    console.error('请将上面输出的 JSON 字符串直接设置为环境变量 OIDC_JWKS_KEY');
+    console.error('例如在 .env 文件中添加:');
+    console.error('\n> 环境变量配置行 (可直接复制):');
+    console.error(`OIDC_JWKS_KEY='${jwksString}'`);
+    console.error('\n⚠️ 重要: 请妥善保管此密钥，它用于签署所有 OIDC 令牌');
+    return jwks;
+  } catch (error) {
+    console.error('❌ 生成 JWKS 时出错:', error);
+    process.exit(1);
+  }
+}
+// 执行主函数
+generateJwks();

package/scripts/migrateServerDB/index.ts CHANGED Viewed

@@ -3,7 +3,6 @@ import { migrate as neonMigrate } from 'drizzle-orm/neon-serverless/migrator';
 import { migrate as nodeMigrate } from 'drizzle-orm/node-postgres/migrator';
 import { join } from 'node:path';
-import { serverDB } from '../../src/database/server';
 import { DB_FAIL_INIT_HINT, PGVECTOR_HINT } from './errorHint';
 // Read the `.env` file if it exists, or a file specified by the
@@ -13,7 +12,10 @@ dotenv.config();
 const migrationsFolder = join(__dirname, '../../src/database/migrations');
 const isDesktop = process.env.NEXT_PUBLIC_IS_DESKTOP_APP === '1';
 const runMigrations = async () => {
+  const { serverDB } = await import('../../src/database/server');
   if (process.env.DATABASE_DRIVER === 'node') {
     await nodeMigrate(serverDB, { migrationsFolder });
   } else {

package/src/app/(backend)/oidc/[...oidc]/route.ts ADDED Viewed

@@ -0,0 +1,96 @@
+import debug from 'debug';
+import { NextRequest, NextResponse } from 'next/server';
+import { URL } from 'node:url';
+import { oidcEnv } from '@/envs/oidc';
+import { createNodeRequest, createNodeResponse } from '@/libs/oidc-provider/http-adapter';
+import { getOIDCProvider } from '@/server/services/oidc/oidcProvider';
+const log = debug('lobe-oidc:route'); // Create a debug instance with a namespace
+const handler = async (req: NextRequest) => {
+  const requestUrl = new URL(req.url);
+  log(`Received ${req.method.toUpperCase()} request: %s %s`, req.method, req.url);
+  log('Path: %s, Pathname: %s', requestUrl.pathname, requestUrl.pathname);
+  // 声明响应收集器
+  let responseCollector;
+  try {
+    if (!oidcEnv.ENABLE_OIDC) {
+      log('OIDC is not enabled');
+      return new NextResponse('OIDC is not enabled', { status: 404 });
+    }
+    // 获取 OIDC Provider 实例
+    const provider = await getOIDCProvider();
+    log(`Calling provider.callback() for ${req.method}`); // Log the method
+    await new Promise<void>((resolve, reject) => {
+      // <-- Make promise callback async
+      let middleware: any;
+      try {
+        log('Attempting to get middleware from provider.callback()');
+        middleware = provider.callback();
+        log('Successfully obtained middleware function.');
+      } catch (syncError) {
+        log('SYNC ERROR during provider.callback() call itself: %O', syncError);
+        reject(syncError);
+        return;
+      }
+      // 使用辅助方法创建响应收集器
+      responseCollector = createNodeResponse(resolve);
+      const nodeResponse = responseCollector.nodeResponse;
+      // 使用辅助方法创建 Node.js 请求对象，现在需要 await
+      createNodeRequest(req).then((nodeRequest) => {
+        log('Calling the obtained middleware...');
+        middleware(nodeRequest, nodeResponse, (error?: Error) => {
+          log('Middleware callback function HAS BEEN EXECUTED.');
+          if (error) {
+            log('Middleware error reported via callback: %O', error);
+            reject(error);
+          } else {
+            log(
+              'Middleware completed successfully via callback (may be redundant if .end() was called).',
+            );
+            resolve();
+          }
+        });
+        log('Middleware call initiated, waiting for its callback OR nodeResponse.end()...');
+      });
+    });
+    log('Promise surrounding middleware call resolved.');
+    // 访问最终的响应状态
+    if (!responseCollector) {
+      throw new Error('ResponseCollector was not initialized.');
+    }
+    const {
+      responseStatus: finalStatus,
+      responseBody: finalBody,
+      responseHeaders: finalHeaders,
+    } = responseCollector;
+    log('Final Response Status: %d', finalStatus);
+    log('Final Response Headers: %O', finalHeaders);
+    return new NextResponse(finalBody, {
+      // eslint-disable-next-line no-undef
+      headers: finalHeaders as HeadersInit,
+      status: finalStatus,
+    });
+  } catch (error) {
+    log(`Error handling OIDC ${req.method} request: %O`, error); // Log method in error
+    return new NextResponse(`Internal Server Error: ${(error as Error).message}`, { status: 500 });
+  }
+};
+export const GET = handler;
+export const POST = handler;
+export const PUT = handler;
+export const DELETE = handler;
+export const PATCH = handler;

package/src/app/(backend)/oidc/consent/route.ts ADDED Viewed

@@ -0,0 +1,131 @@
+import debug from 'debug';
+import { NextRequest, NextResponse } from 'next/server';
+import { OIDCService } from '@/server/services/oidc';
+import { getUserAuth } from '@/utils/server/auth';
+const log = debug('lobe-oidc:consent');
+export async function POST(request: NextRequest) {
+  log('Received POST request for /oidc/consent, URL: %s', request.url);
+  try {
+    const formData = await request.formData();
+    const consent = formData.get('consent') as string;
+    const uid = formData.get('uid') as string;
+    log('POST /oauth/consent - uid=%s, choice=%s', uid, consent);
+    const oidcService = await OIDCService.initialize();
+    let details;
+    try {
+      details = await oidcService.getInteractionDetails(uid);
+      log(
+        'Interaction details found - prompt=%s, client=%s',
+        details.prompt.name,
+        details.params.client_id,
+      );
+    } catch (error) {
+      log(
+        'Error: Interaction details not found - %s',
+        error instanceof Error ? error.message : 'unknown error',
+      );
+      if (error instanceof Error && error.message.includes('interaction session not found')) {
+        return NextResponse.json(
+          {
+            error: 'invalid_request',
+            error_description:
+              'Authorization session expired or invalid, please restart the authorization flow',
+          },
+          { status: 400 },
+        );
+      }
+      throw error;
+    }
+    const { prompt } = details;
+    let result;
+    if (consent === 'accept') {
+      log(`User accepted the request, Handling 'login' prompt`);
+      const { userId } = await getUserAuth();
+      log('Obtained userId: %s', userId);
+      if (details.prompt.name === 'login') {
+        result = {
+          login: { accountId: userId, remember: true },
+        };
+      } else {
+        log(`Handling 'consent' prompt`);
+        // 1. 获取必要的 ID
+        const clientId = details.params.client_id as string;
+        // 2. 查找或创建 Grant 对象
+        const grant = await oidcService.findOrCreateGrants(userId!, clientId, details.grantId);
+        // 3. 将用户同意的 scopes 和 claims 添加到 Grant 对象
+        //    这些信息通常在 details.prompt.details 中
+        const missingOIDCScope = (prompt.details.missingOIDCScope as string[]) || [];
+        if (missingOIDCScope) {
+          grant.addOIDCScope(missingOIDCScope.join(' '));
+          log('Added OIDC scopes to grant: %s', missingOIDCScope.join(' '));
+        }
+        const missingOIDCClaims = (prompt.details.missingOIDCClaims as string[]) || [];
+        if (missingOIDCClaims) {
+          grant.addOIDCClaims(missingOIDCClaims);
+          log('Added OIDC claims to grant: %s', missingOIDCClaims.join(' '));
+        }
+        const missingResourceScopes =
+          (prompt.details.missingResourceScopes as Record<string, string[]>) || {};
+        if (missingResourceScopes) {
+          for (const [indicator, scopes] of Object.entries(missingResourceScopes)) {
+            grant.addResourceScope(indicator, scopes.join(' '));
+            log('Added resource scopes for %s to grant: %s', indicator, scopes.join(' '));
+          }
+        }
+        // 如果使用了 RAR (Rich Authorization Requests)，也需要添加到 grant
+        // if (prompt.details.rar) {
+        //   prompt.details.rar.forEach(detail => grant.addRar(detail));
+        // }
+        // 4. 保存 Grant 对象以获取其 jti (grantId)
+        const newGrantId = await grant.save();
+        log('Saved grant with ID: %s', newGrantId);
+        // 5. 准备包含 grantId 的 result
+        result = { consent: { grantId: newGrantId } };
+        log('Consent result prepared with grantId');
+      }
+      log('User %s the authorization', consent);
+    } else {
+      log('User rejected the request');
+      result = {
+        error: 'access_denied',
+        error_description: 'User denied the authorization request',
+      };
+      log('User %s the authorization', consent);
+    }
+    log('Interaction Result: %O', result);
+    const internalRedirectUrlString = await oidcService.getInteractionResult(uid, result);
+    log('OIDC Provider internal redirect URL string: %s', internalRedirectUrlString);
+    return NextResponse.redirect(internalRedirectUrlString, {
+      headers: request.headers,
+      status: 303,
+    });
+  } catch (error) {
+    log('Error processing consent: %s', error instanceof Error ? error.message : 'unknown error');
+    console.error('Error processing consent:', error);
+    return NextResponse.json(
+      {
+        error: 'server_error',
+        error_description: 'Error processing consent',
+      },
+      { status: 500 },
+    );
+  }
+}

package/src/app/(backend)/trpc/async/[trpc]/route.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
 import type { NextRequest } from 'next/server';
 import { pino } from '@/libs/logger';
-import { createAsyncRouteContext } from '@/server/asyncContext';
+import { createAsyncRouteContext } from '@/libs/trpc/async/context';
 import { asyncRouter } from '@/server/routers/async';
 export const maxDuration = 60;

package/src/app/(backend)/trpc/edge/[trpc]/route.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
 import type { NextRequest } from 'next/server';
 import { pino } from '@/libs/logger';
-import { createContext } from '@/server/context';
+import { createEdgeContext } from '@/libs/trpc/edge/context';
 import { edgeRouter } from '@/server/routers/edge';
 export const runtime = 'edge';
@@ -12,7 +12,7 @@ const handler = (req: NextRequest) =>
     /**
      * @link https://trpc.io/docs/v11/context
      */
-    createContext: () => createContext(req),
+    createContext: () => createEdgeContext(req),
     endpoint: '/trpc/edge',

package/src/app/(backend)/trpc/lambda/[trpc]/route.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
 import type { NextRequest } from 'next/server';
 import { pino } from '@/libs/logger';
-import { createContext } from '@/server/context';
+import { createLambdaContext } from '@/libs/trpc/lambda/context';
 import { lambdaRouter } from '@/server/routers/lambda';
 const handler = (req: NextRequest) =>
@@ -10,7 +10,7 @@ const handler = (req: NextRequest) =>
     /**
      * @link https://trpc.io/docs/v11/context
      */
-    createContext: () => createContext(req),
+    createContext: () => createLambdaContext(req),
     endpoint: '/trpc/lambda',

package/src/app/(backend)/trpc/tools/[trpc]/route.ts CHANGED Viewed

@@ -2,7 +2,7 @@ import { fetchRequestHandler } from '@trpc/server/adapters/fetch';
 import type { NextRequest } from 'next/server';
 import { pino } from '@/libs/logger';
-import { createContext } from '@/server/context';
+import { createLambdaContext } from '@/libs/trpc/lambda/context';
 import { toolsRouter } from '@/server/routers/tools';
 const handler = (req: NextRequest) =>
@@ -10,7 +10,7 @@ const handler = (req: NextRequest) =>
     /**
      * @link https://trpc.io/docs/v11/context
      */
-    createContext: () => createContext(req),
+    createContext: () => createLambdaContext(req),
     endpoint: '/trpc/tools',

package/src/app/[variants]/(main)/files/[id]/page.tsx CHANGED Viewed

@@ -2,7 +2,7 @@ import { notFound } from 'next/navigation';
 import { Flexbox } from 'react-layout-kit';
 import FileViewer from '@/features/FileViewer';
-import { createCallerFactory } from '@/libs/trpc';
+import { createCallerFactory } from '@/libs/trpc/lambda';
 import { lambdaRouter } from '@/server/routers/lambda';
 import { PagePropsWithId } from '@/types/next';
 import { getUserAuth } from '@/utils/server/auth';

package/src/app/[variants]/oauth/consent/[uid]/Client.tsx ADDED Viewed

@@ -0,0 +1,224 @@
+'use client';
+import { Icon } from '@lobehub/ui';
+import { Button, Card, Divider, Typography } from 'antd';
+import { createStyles } from 'antd-style';
+import { Link2Icon, ServerIcon } from 'lucide-react';
+import Image from 'next/image';
+import React, { memo } from 'react';
+import { useTranslation } from 'react-i18next';
+import { Center, Flexbox } from 'react-layout-kit';
+import { ProductLogo } from '@/components/Branding';
+interface ClientProps {
+  clientId: string;
+  clientMetadata: {
+    clientName?: string;
+    logo?: string;
+  };
+  redirectUri?: string;
+  scopes: string[];
+  uid: string;
+}
+const { Title, Text, Paragraph } = Typography;
+const useStyles = createStyles(({ css, token }) => ({
+  authButton: css`
+    width: 100%;
+    height: 40px;
+    border-radius: ${token.borderRadius}px;
+    font-weight: 500;
+  `,
+  cancelButton: css`
+    width: 100%;
+    height: 40px;
+    border-color: ${token.colorBorderSecondary};
+    border-radius: ${token.borderRadius}px;
+    font-weight: 500;
+    color: ${token.colorTextBase};
+    background-color: transparent;
+  `,
+  card: css`
+    width: 100%;
+    max-width: 500px;
+    border-color: ${token.colorBorderSecondary};
+    border-radius: 12px;
+    background-color: ${token.colorBgContainer};
+  `,
+  connector: css`
+    width: 40px;
+    height: 40px;
+  `,
+  connectorLine: css`
+    width: 32px;
+    height: 1px;
+    background-color: ${token.colorBorderSecondary};
+  `,
+  container: css`
+    width: 100%;
+    min-height: 100vh;
+    color: ${token.colorTextBase};
+    background-color: ${token.colorBgLayout};
+  `,
+  icon: css`
+    overflow: hidden;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    width: 64px;
+    height: 64px;
+    border: 1px solid ${token.colorBorderSecondary};
+    border-radius: 16px;
+    background-color: ${token.colorBgElevated};
+  `,
+  iconContainer: css`
+    display: flex;
+    align-items: center;
+    justify-content: center;
+  `,
+  lobeIcon: css`
+    overflow: hidden;
+    display: flex;
+    align-items: center;
+    justify-content: center;
+    width: 64px;
+    height: 64px;
+    border-radius: 50%;
+    background-color: ${token.colorBgElevated};
+  `,
+  scope: css`
+    margin-block: 8px;
+    padding: 12px;
+    border-radius: 6px;
+    background: ${token.colorFillQuaternary};
+  `,
+  scopes: css`
+    width: 100%;
+  `,
+  title: css`
+    margin-block-end: ${token.marginLG}px;
+    color: ${token.colorTextBase};
+    text-align: center;
+  `,
+}));
+/**
+ * 获取 Scope 的描述
+ */
+function getScopeDescription(scope: string, t: any): string {
+  return t(`consent.scope.${scope.replace(':', '-')}`, scope);
+}
+const ConsentClient = memo<ClientProps>(
+  ({ uid, clientId, scopes, clientMetadata, redirectUri }) => {
+    const { styles, theme } = useStyles();
+    const { t } = useTranslation('oauth');
+    const clientDisplayName = clientMetadata?.clientName || clientId;
+    return (
+      <Center className={styles.container} gap={16}>
+        <Flexbox gap={40}>
+          <Flexbox align={'center'} gap={12} horizontal justify={'center'}>
+            <div className={styles.icon}>
+              {clientMetadata?.logo ? (
+                <Image
+                  alt={clientDisplayName}
+                  height={56}
+                  src={clientMetadata?.logo}
+                  unoptimized
+                  width={56}
+                />
+              ) : (
+                <Icon icon={ServerIcon} />
+              )}
+            </div>
+            <div className={styles.connectorLine} />
+            <Center className={styles.connector}>
+              <Icon icon={Link2Icon} style={{ color: theme.colorTextSecondary, fontSize: 20 }} />
+            </Center>
+            <div className={styles.connectorLine} />
+            <div className={styles.lobeIcon}>
+              <ProductLogo height={48} style={{ objectFit: 'cover' }} width={48} />
+            </div>
+          </Flexbox>
+          <Title className={styles.title} level={3}>
+            {t('consent.title', { clientName: clientDisplayName })}
+          </Title>
+        </Flexbox>
+        <Card className={styles.card}>
+          <Flexbox gap={8}>
+            <Flexbox gap={12}>
+              <Paragraph>{t('consent.description', { clientName: clientDisplayName })}</Paragraph>
+              <div className={styles.scopes}>
+                <Paragraph type={'secondary'}>{t('consent.permissionsTitle')}</Paragraph>
+                {scopes.map((scope) => (
+                  <div className={styles.scope} key={scope}>
+                    <Text>{getScopeDescription(scope, t)}</Text>
+                  </div>
+                ))}
+              </div>
+              <Divider dashed />
+              <Flexbox gap={16}>
+                <form action="/oidc/consent" method="post" style={{ width: '100%' }}>
+                  <input name="uid" type="hidden" value={uid} />
+                  <Flexbox gap={12} horizontal>
+                    <Button
+                      className={styles.cancelButton}
+                      htmlType="submit"
+                      name="consent"
+                      value="deny"
+                    >
+                      {t('consent.buttons.deny')}
+                    </Button>
+                    <Button
+                      className={styles.authButton}
+                      htmlType="submit"
+                      name="consent"
+                      type="primary"
+                      value="accept"
+                    >
+                      {t('consent.buttons.accept')}
+                    </Button>
+                  </Flexbox>
+                </form>
+                <Center>
+                  <div style={{ color: theme.colorTextTertiary, fontSize: 12, height: '18px' }}>
+                    {t('consent.redirectUri')}
+                  </div>
+                  <div>
+                    <div
+                      style={{
+                        color: theme.colorTextSecondary,
+                        fontSize: 12,
+                        height: '18px',
+                      }}
+                    >
+                      {redirectUri}
+                    </div>
+                  </div>
+                </Center>
+              </Flexbox>
+            </Flexbox>
+          </Flexbox>
+        </Card>
+      </Center>
+    );
+  },
+);
+ConsentClient.displayName = 'ConsentClient';
+export default ConsentClient;