npm - @lobehub/lobehub - Versions diffs - 2.0.0-next.47 → 2.0.0-next.48 - Mend

@lobehub/lobehub 2.0.0-next.47 → 2.0.0-next.48

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (228) hide show

package/src/layout/AuthProvider/MarketAuth/oidc.ts ADDED Viewed

@@ -0,0 +1,382 @@
+import { MARKET_OIDC_ENDPOINTS } from '@/services/_url';
+import { MarketAuthError } from './errors';
+import { OIDCConfig, PKCEParams, TokenResponse } from './types';
+/**
+ * Market OIDC 授权工具类
+ */
+export class MarketOIDC {
+  private config: OIDCConfig;
+  private static readonly DESKTOP_HANDOFF_CLIENT = 'desktop';
+  private static readonly DESKTOP_HANDOFF_POLL_INTERVAL = 1500;
+  private static readonly DESKTOP_HANDOFF_TIMEOUT = 5 * 60 * 1000; // 5 minutes
+  constructor(config: OIDCConfig) {
+    this.config = config;
+  }
+  /**
+   * 生成 PKCE code verifier
+   */
+  private generateCodeVerifier(): string {
+    console.log('[MarketOIDC] Generating PKCE code verifier');
+    const array = new Uint8Array(32);
+    crypto.getRandomValues(array);
+    return btoa(String.fromCharCode.apply(null, Array.from(array)))
+      .replaceAll('+', '-')
+      .replaceAll('/', '_')
+      .replaceAll('=', '');
+  }
+  /**
+   * 生成 PKCE code challenge
+   */
+  private async generateCodeChallenge(codeVerifier: string): Promise<string> {
+    console.log('[MarketOIDC] Generating PKCE code challenge');
+    const encoder = new TextEncoder();
+    const data = encoder.encode(codeVerifier);
+    const digest = await crypto.subtle.digest('SHA-256', data);
+    return btoa(String.fromCharCode.apply(null, Array.from(new Uint8Array(digest))))
+      .replaceAll('+', '-')
+      .replaceAll('/', '_')
+      .replaceAll('=', '');
+  }
+  /**
+   * 生成随机 state
+   */
+  private generateState(): string {
+    console.log('[MarketOIDC] Generating random state');
+    const array = new Uint8Array(16);
+    crypto.getRandomValues(array);
+    return btoa(String.fromCharCode.apply(null, Array.from(array)))
+      .replaceAll('+', '-')
+      .replaceAll('/', '_')
+      .replaceAll('=', '');
+  }
+  /**
+   * 生成 PKCE 参数
+   */
+  async generatePKCEParams(): Promise<PKCEParams> {
+    console.log('[MarketOIDC] Generating PKCE parameters');
+    const codeVerifier = this.generateCodeVerifier();
+    const codeChallenge = await this.generateCodeChallenge(codeVerifier);
+    const state = this.generateState();
+    // 将参数存储到 sessionStorage 用于后续验证
+    sessionStorage.setItem('market_code_verifier', codeVerifier);
+    sessionStorage.setItem('market_state', state);
+    console.log('[MarketOIDC] PKCE parameters generated and stored');
+    return {
+      codeChallenge,
+      codeVerifier,
+      state,
+    };
+  }
+  /**
+   * 构建授权 URL
+   */
+  async buildAuthUrl(): Promise<string> {
+    console.log('[MarketOIDC] Building authorization URL');
+    const pkceParams = await this.generatePKCEParams();
+    console.log('[MarketOIDC] this.config:', this.config);
+    const authUrl = new URL(
+      `${this.config.baseUrl.replace(/\/$/, '')}${MARKET_OIDC_ENDPOINTS.auth}`,
+    );
+    authUrl.searchParams.set('client_id', this.config.clientId);
+    authUrl.searchParams.set('redirect_uri', this.config.redirectUri);
+    authUrl.searchParams.set('response_type', 'code');
+    authUrl.searchParams.set('scope', this.config.scope);
+    authUrl.searchParams.set('state', pkceParams.state);
+    authUrl.searchParams.set('code_challenge', pkceParams.codeChallenge);
+    authUrl.searchParams.set('code_challenge_method', 'S256');
+    console.log('[MarketOIDC] Authorization URL built:', authUrl.toString());
+    return authUrl.toString();
+  }
+  /**
+   * 用授权码换取访问令牌
+   */
+  async exchangeCodeForToken(code: string, state: string): Promise<TokenResponse> {
+    console.log('[MarketOIDC] Exchanging authorization code for token');
+    // 验证 state 参数
+    const storedState = sessionStorage.getItem('market_state');
+    if (state !== storedState) {
+      console.error('[MarketOIDC] State parameter mismatch');
+      throw new MarketAuthError('stateMismatch', { message: 'Invalid state parameter' });
+    }
+    // 获取存储的 code verifier
+    const codeVerifier = sessionStorage.getItem('market_code_verifier');
+    if (!codeVerifier) {
+      console.error('[MarketOIDC] Code verifier not found');
+      throw new MarketAuthError('codeVerifierMissing', { message: 'Code verifier not found' });
+    }
+    const tokenUrl = MARKET_OIDC_ENDPOINTS.token;
+    const body = new URLSearchParams({
+      client_id: this.config.clientId,
+      code,
+      code_verifier: codeVerifier,
+      grant_type: 'authorization_code',
+      redirect_uri: this.config.redirectUri,
+    });
+    console.log('[MarketOIDC] Sending token exchange request', {
+      client_id: this.config.clientId,
+      code,
+      code_verifier: codeVerifier,
+      grant_type: 'authorization_code',
+      redirect_uri: this.config.redirectUri,
+    });
+    const response = await fetch(tokenUrl, {
+      body: body.toString(),
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+      },
+      method: 'POST',
+    });
+    console.log('[MarketOIDC] Token exchange response:', response);
+    if (!response.ok) {
+      const errorData = await response.json().catch(() => undefined);
+      console.log('[MarketOIDC] Token exchange error data:', errorData);
+      const errorMessage =
+        `Token exchange failed: ${response.status} ${response.statusText} ${errorData?.error_description || errorData?.error || ''}`.trim();
+      console.error('[MarketOIDC]', errorMessage);
+      throw new MarketAuthError('authorizationFailed', {
+        message: errorMessage,
+        meta: {
+          error: errorData,
+          status: response.status,
+          statusText: response.statusText,
+        },
+      });
+    }
+    const tokenData = (await response.json()) as TokenResponse;
+    console.log('[MarketOIDC] Token exchange successful');
+    // 清理 sessionStorage 中的临时数据
+    sessionStorage.removeItem('market_code_verifier');
+    sessionStorage.removeItem('market_state');
+    return tokenData;
+  }
+  /**
+   * 启动授权流程并返回授权结果
+   */
+  async startAuthorization(): Promise<{ code: string; state: string }> {
+    console.log('[MarketOIDC] Starting authorization flow');
+    const authUrl = await this.buildAuthUrl();
+    if (typeof window === 'undefined') {
+      throw new MarketAuthError('browserOnly', {
+        message: 'Authorization can only be initiated in a browser environment.',
+      });
+    }
+    const state = sessionStorage.getItem('market_state');
+    if (!state) {
+      console.error('[MarketOIDC] Missing state parameter in session storage');
+      throw new MarketAuthError('stateMissing', {
+        message: 'Authorization state not found. Please try again.',
+      });
+    }
+    const isDesktopApp = process.env.NEXT_PUBLIC_IS_DESKTOP_APP === '1';
+    // 在新窗口中打开授权页面
+    let popup: Window | null = null;
+    if (isDesktopApp) {
+      // Electron 桌面端：使用 IPC 调用主进程打开系统浏览器
+      console.log('[MarketOIDC] Desktop app detected, opening system browser via IPC');
+      const { remoteServerService } = await import('@/services/electron/remoteServer');
+      try {
+        const result = await remoteServerService.requestMarketAuthorization({ authUrl });
+        if (!result.success) {
+          console.error('[MarketOIDC] Failed to open system browser:', result.error);
+          throw new MarketAuthError('openBrowserFailed', {
+            message: result.error || 'Failed to open system browser',
+            meta: { error: result.error },
+          });
+        }
+        console.log('[MarketOIDC] System browser opened successfully');
+      } catch (error) {
+        console.error('[MarketOIDC] Exception opening system browser:', error);
+        throw new MarketAuthError('openBrowserFailed', {
+          cause: error,
+          message: 'Failed to open system browser. Please try again.',
+        });
+      }
+      return this.pollDesktopHandoff(state);
+    } else {
+      // 浏览器环境：使用 window.open 打开弹窗
+      popup = window.open(
+        authUrl,
+        'market_auth',
+        'width=580,height=720,scrollbars=yes,resizable=yes',
+      );
+      if (!popup) {
+        console.error('[MarketOIDC] Failed to open authorization popup');
+        throw new MarketAuthError('openPopupFailed', {
+          message: 'Failed to open authorization popup. Please check popup blocker settings.',
+        });
+      }
+    }
+    return new Promise((resolve, reject) => {
+      let checkClosed: number | undefined;
+      // 先声明，后定义，避免相互“定义前使用”
+      let messageHandler: (event: MessageEvent) => void;
+      // 清理函数
+      function cleanup() {
+        window.removeEventListener('message', messageHandler);
+        if (checkClosed) clearInterval(checkClosed);
+      }
+      // 监听消息事件，等待授权完成
+      messageHandler = (event: MessageEvent) => {
+        console.log('[MarketOIDC] Received message from popup:', event.data);
+        if (event.data.type === 'MARKET_AUTH_SUCCESS') {
+          cleanup();
+          // 不立即关闭弹窗，让用户看到成功状态
+          // 弹窗会在3秒后自动关闭
+          resolve({
+            code: event.data.code,
+            state: event.data.state,
+          });
+        } else if (event.data.type === 'MARKET_AUTH_ERROR') {
+          cleanup();
+          popup?.close();
+          reject(
+            new MarketAuthError('authorizationFailed', {
+              message: event.data.error || 'Authorization failed',
+              meta: { error: event.data.error },
+            }),
+          );
+        }
+      };
+      window.addEventListener('message', messageHandler);
+      // 检查弹窗是否被关闭
+      if (popup) {
+        checkClosed = setInterval(() => {
+          if (popup.closed) {
+            cleanup();
+            reject(
+              new MarketAuthError('popupClosed', { message: 'Authorization popup was closed' }),
+            );
+          }
+        }, 1000) as unknown as number;
+      }
+    });
+  }
+  /**
+   * 轮询 handoff 接口获取桌面端授权结果
+   */
+  private async pollDesktopHandoff(state: string): Promise<{ code: string; state: string }> {
+    console.log('[MarketOIDC] Starting desktop handoff polling with state:', state);
+    const startTime = Date.now();
+    const pollUrl = `${MARKET_OIDC_ENDPOINTS.handoff}?id=${encodeURIComponent(
+      state,
+    )}&client=${encodeURIComponent(MarketOIDC.DESKTOP_HANDOFF_CLIENT)}`;
+    console.log('[MarketOIDC] Poll URL:', pollUrl);
+    while (Date.now() - startTime < MarketOIDC.DESKTOP_HANDOFF_TIMEOUT) {
+      try {
+        const response = await fetch(pollUrl, {
+          cache: 'no-store',
+          credentials: 'include',
+        });
+        const data = await response.json().catch(() => undefined);
+        console.log('[MarketOIDC] Poll response:', response.status, data);
+        if (
+          response.status === 200 &&
+          data?.status === 'success' &&
+          typeof data?.code === 'string'
+        ) {
+          console.log('[MarketOIDC] Desktop handoff succeeded');
+          return {
+            code: data.code,
+            state,
+          };
+        }
+        if (response.status === 202 || data?.status === 'pending') {
+          await new Promise<void>((resolve) => {
+            setTimeout(resolve, MarketOIDC.DESKTOP_HANDOFF_POLL_INTERVAL);
+          });
+          continue;
+        }
+        if (response.status === 404 || data?.status === 'consumed') {
+          throw new MarketAuthError('codeConsumed', {
+            message: 'Authorization code already consumed. Please retry.',
+          });
+        }
+        if (response.status === 410 || data?.status === 'expired') {
+          throw new MarketAuthError('sessionExpired', {
+            message: 'Authorization session expired. Please restart the sign-in process.',
+          });
+        }
+        const errorMessage =
+          data?.error || data?.message || `Handoff request failed with status ${response.status}`;
+        console.error('[MarketOIDC] Handoff polling failed:', errorMessage);
+        throw new MarketAuthError('handoffFailed', {
+          message: errorMessage,
+          meta: { data, status: response.status },
+        });
+      } catch (error) {
+        console.error('[MarketOIDC] Error while polling handoff endpoint:', error);
+        if (error instanceof MarketAuthError) {
+          throw error;
+        }
+        const message =
+          error instanceof Error
+            ? error.message
+            : 'Failed to retrieve authorization result from handoff endpoint.';
+        throw new MarketAuthError('handoffFailed', {
+          cause: error,
+          message,
+        });
+      }
+    }
+    console.warn('[MarketOIDC] Desktop handoff polling timed out');
+    throw new MarketAuthError('handoffTimeout', {
+      message:
+        'Authorization timeout. Please complete the authorization in the browser and try again.',
+    });
+  }
+}

package/src/layout/AuthProvider/MarketAuth/types.ts ADDED Viewed

@@ -0,0 +1,64 @@
+export interface MarketUserInfo {
+  accountId: number;
+  clientId: string;
+  grantId: string;
+  scopes: string[];
+  sub: string;
+  tokenData: {
+    accountId: string;
+    clientId: string;
+    exp: number;
+    expiresWithSession: boolean;
+    grantId: string;
+    gty: string;
+    iat: number;
+    jti: string;
+    kind: string;
+    scope: string;
+    sessionUid: string;
+  };
+}
+export interface MarketAuthSession {
+  accessToken: string;
+  expiresAt: number;
+  expiresIn: number;
+  scope: string;
+  tokenType: 'Bearer';
+  userInfo?: MarketUserInfo;
+}
+export interface MarketAuthState {
+  isAuthenticated: boolean;
+  isLoading: boolean;
+  session: MarketAuthSession | null;
+  status: 'loading' | 'authenticated' | 'unauthenticated';
+}
+export interface MarketAuthContextType extends MarketAuthState {
+  getCurrentUserInfo: () => MarketUserInfo | null;
+  refreshToken: () => Promise<boolean>;
+  signIn: () => Promise<number | null>;
+  signOut: () => void;
+}
+export interface OIDCConfig {
+  baseUrl: string;
+  clientId: string;
+  redirectUri: string;
+  scope: string;
+}
+export interface PKCEParams {
+  codeChallenge: string;
+  codeVerifier: string;
+  state: string;
+}
+export interface TokenResponse {
+  accessToken: string;
+  expiresIn: number;
+  idToken?: string;
+  scope: string;
+  tokenType: string;
+}

package/src/layout/AuthProvider/index.tsx CHANGED Viewed

@@ -1,17 +1,30 @@
 import { PropsWithChildren } from 'react';
+import { isDesktop } from '@/const/version';
 import { authEnv } from '@/envs/auth';
 import Clerk from './Clerk';
+import { MarketAuthProvider } from './MarketAuth';
 import NextAuth from './NextAuth';
 import NoAuth from './NoAuth';
 const AuthProvider = ({ children }: PropsWithChildren) => {
-  if (authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH) return <Clerk>{children}</Clerk>;
+  // 获取内部 AuthProvider
+  let InnerAuthProvider;
+  if (authEnv.NEXT_PUBLIC_ENABLE_CLERK_AUTH) {
+    InnerAuthProvider = ({ children }: PropsWithChildren) => <Clerk>{children}</Clerk>;
+  } else if (authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH) {
+    InnerAuthProvider = ({ children }: PropsWithChildren) => <NextAuth>{children}</NextAuth>;
+  } else {
+    InnerAuthProvider = ({ children }: PropsWithChildren) => <NoAuth>{children}</NoAuth>;
+  }
-  if (authEnv.NEXT_PUBLIC_ENABLE_NEXT_AUTH) return <NextAuth>{children}</NextAuth>;
-  return <NoAuth>{children}</NoAuth>;
+  // 将 MarketAuthProvider 包装在内部 AuthProvider 之外
+  return (
+    <InnerAuthProvider>
+      <MarketAuthProvider isDesktop={isDesktop}>{children}</MarketAuthProvider>
+    </InnerAuthProvider>
+  );
 };
 export default AuthProvider;

package/src/locales/default/discover.ts CHANGED Viewed

@@ -42,8 +42,28 @@ export default {
         openingQuestions: '开场问题',
         title: '助手设定',
       },
+      version: {
+        empty: '暂无历史版本',
+        status: {
+          archived: '已归档',
+          deprecated: '已拒绝',
+          unpublished: '审核中',
+        },
+        table: {
+          isLatest: '最新版本',
+          isValidated: '已验证',
+          publishAt: '发布日期',
+          version: '版本号',
+        },
+        title: '版本历史',
+      },
     },
     list: '助手列表',
+    marketSource: {
+      label: '切换市场源',
+      legacy: '旧市场',
+      new: '新市场',
+    },
     more: '更多',
     plugins: '集成插件',
     recentSubmits: '最近更新',
@@ -51,10 +71,36 @@ export default {
       createdAt: '最近发布',
       identifier: '助手 ID',
       knowledgeCount: '知识库数量',
+      myown: '查看我的',
       pluginCount: '插件数量',
       title: '助手名称',
       tokenUsage: 'Token 使用量',
     },
+    status: {
+      archived: {
+        reasons: {
+          official: '助手有安全/政治等问题，被官方下架',
+          owner: '开发助手的 owner 主动下架/归档该助手',
+        },
+        subtitle: '当前访问的助手已经因为以下可能的原因被归档了：',
+        title: '助手已被归档',
+      },
+      backToMarket: '返回助手市场',
+      deprecated: {
+        reasons: {
+          official: '助手有安全/政治等问题，被官方下架',
+          owner: '开发助手的 owner 主动下架/拒绝该助手',
+        },
+        subtitle: '当前访问的助手已经因为以下可能的原因被拒绝了：',
+        title: '助手已被拒绝',
+      },
+      support: '有各种问题请复制链接发送到 <1>support@lobehub.com</1> 进行咨询。',
+      unpublished: {
+        subtitle:
+          '当前访问的助手正在进行版本审核中，如果有疑问复制链接发送问题到 <1>support@lobehub.com</1> 进行咨询。',
+        title: '助手正在审核中',
+      },
+    },
     suggestions: '相关推荐',
     systemRole: '助手设定',
     tokenUsage: '助手提示词 Token 使用量',

package/src/locales/default/index.ts CHANGED Viewed

@@ -14,6 +14,7 @@ import hotkey from './hotkey';
 import image from './image';
 import knowledgeBase from './knowledgeBase';
 import labs from './labs';
+import marketAuth from './marketAuth';
 import metadata from './metadata';
 import migration from './migration';
 import modelProvider from './modelProvider';
@@ -47,6 +48,7 @@ const resources = {
   image,
   knowledgeBase,
   labs,
+  marketAuth,
   metadata,
   migration,
   modelProvider,

package/src/locales/default/marketAuth.ts ADDED Viewed

@@ -0,0 +1,42 @@
+export default {
+  callback: {
+    buttons: {
+      close: '关闭窗口',
+    },
+    messages: {
+      authFailed: '授权失败: {{error}}',
+      missingParams: '授权参数缺失',
+      processing: '正在处理授权...',
+      successWithCountdown: '{{message}} 窗口将在 {{countdown}} 秒后自动关闭',
+      successWithRedirect: '授权成功！正在跳转...',
+    },
+    titles: {
+      error: '授权失败',
+      loading: 'LobeHub Market 授权',
+      success: '授权成功',
+    },
+  },
+  errors: {
+    authorizationFailed: '授权失败，请重试。',
+    browserOnly: '授权流程只能在浏览器中发起。',
+    codeConsumed: '授权码已被使用，请重新尝试。',
+    codeVerifierMissing: '授权会话无效，请重新发起登录流程。',
+    general: '授权出现错误，请重试。',
+    handoffFailed: '无法获取授权结果，请重试。',
+    handoffTimeout: '授权超时，请在浏览器中完成操作后重试。',
+    oidcNotReady: '授权服务尚未就绪，请稍后再试。',
+    openBrowserFailed: '无法打开系统浏览器，请重试。',
+    openPopupFailed: '无法打开授权弹窗，请检查浏览器的弹窗拦截设置。',
+    popupClosed: '授权窗口未完成即被关闭。',
+    sessionExpired: '授权会话已过期，请重新登录。',
+    stateMismatch: '授权状态不匹配，请重试。',
+    stateMissing: '未找到授权状态，请重试。',
+  },
+  messages: {
+    loading: '正在启动授权流程...',
+    success: {
+      submit: '授权成功！现在可以发布助手了。',
+      upload: '授权成功！现在可以发布新版本了。',
+    },
+  },
+};