APIParkLab · Dot-Liu · Jul 17, 2025 · Jul 17, 2025 · Jul 17, 2025 · Jul 17, 2025
diff --git a/go.mod b/go.mod
@@ -5,7 +5,7 @@ go 1.23.4
 toolchain go1.23.6
 
 require (
-	github.com/eolinker/ap-account v1.0.16
+	github.com/eolinker/ap-account v1.0.17
 	github.com/eolinker/eosc v0.18.3
 	github.com/eolinker/go-common v1.1.7
 	github.com/gabriel-vasile/mimetype v1.4.4

diff --git a/go.sum b/go.sum
@@ -28,8 +28,8 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/r
 github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
 github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
 github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
-github.com/eolinker/ap-account v1.0.16 h1:v1VvSeQ2AvxAvkYT4n4APqZdWS8d1CbA/1O0LYEyNM4=
-github.com/eolinker/ap-account v1.0.16/go.mod h1:zm/Ivs6waJ/M/nEszhpPmM6g50y/MKO+5eABFAdeD0g=
+github.com/eolinker/ap-account v1.0.17 h1:tziqAv6cB+oH1dpXDXg6Sp8lZko5r4Q2rbkbZ2wkPFU=
+github.com/eolinker/ap-account v1.0.17/go.mod h1:zm/Ivs6waJ/M/nEszhpPmM6g50y/MKO+5eABFAdeD0g=
 github.com/eolinker/eosc v0.18.3 h1:3IK5HkAPnJRfLbQ0FR7kWsZr6Y/OiqqGazvN1q2BL5A=
 github.com/eolinker/eosc v0.18.3/go.mod h1:O9PQQXFCpB6fjHf+oFt/LN6EOAv779ItbMixMKCfTfk=
 github.com/eolinker/go-common v1.1.7 h1:bi7wDmlCYQGjS3k8Bz/o+Mo9aMJAzmPsBLXWurxPfwk=

diff --git a/login_driver/feishu/feishu.go b/login_driver/feishu/feishu.go
@@ -2,13 +2,15 @@ package feishu
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"net/http"
 	"net/url"
 
-	"github.com/eolinker/eosc/common/bean"
+	"github.com/eolinker/go-common/autowire"
 
+	"github.com/eolinker/ap-account/service/role"
 	"github.com/eolinker/ap-account/service/user"
 
 	"github.com/eolinker/go-common/utils"
@@ -33,14 +35,27 @@ var _ auth_driver.IDriver = (*Driver)(nil)
 
 func init() {
 	d := &Driver{}
-	bean.Autowired(&d.accountService)
-	bean.Autowired(&d.userService)
+
 	auth_driver.Register(name, d)
 }
 
 type Driver struct {
-	accountService account.IAccountService `autowired:""`
-	userService    user.IUserService       `autowired:""`
+	isInit            bool
+	accountService    account.IAccountService `autowired:""`
+	userService       user.IUserService       `autowired:""`
+	roleService       role.IRoleService       `autowired:""`
+	roleMemberService role.IRoleMemberService `autowired:""`
+}
+
+func (d *Driver) Init() {
+	if d.isInit {
+		return
+	}
+	autowire.Autowired(&d.accountService)
+	autowire.Autowired(&d.userService)
+	autowire.Autowired(&d.roleService)
+	autowire.Autowired(&d.roleMemberService)
+	d.isInit = true
 }
 
 func (d *Driver) FilterConfig(config map[string]string) {
@@ -68,7 +83,21 @@ func (d *Driver) ThirdLogin(ctx context.Context, args map[string]string) (string
 	if !ok {
 		return "", fmt.Errorf("missing client_secret parameter")
 	}
-	tokenResp, err := getUserToken(code, clientId, clientSecret)
+	redirectUri, ok := args["redirect_uri"]
+	if !ok {
+		return "", fmt.Errorf("missing redirect_uri parameter")
+	}
+	u, err := url.Parse(redirectUri)
+	if err != nil {
+		return "", fmt.Errorf("invalid redirect_uri parameter")
+	}
+	query := u.Query()
+	query.Del("code")
+	redirectUri = fmt.Sprintf("%s://%s%s", u.Scheme, u.Host, u.Path)
+	if len(query) > 0 {
+		redirectUri = fmt.Sprintf("%s?%s", redirectUri, query.Encode())
+	}
+	tokenResp, err := getUserToken(code, redirectUri, clientId, clientSecret)
 	if err != nil {
 		return "", err
 	}
@@ -86,33 +115,55 @@ func (d *Driver) ThirdLogin(ctx context.Context, args map[string]string) (string
 			return "", err
 		}
 		uId := uuid.NewString()
+
 		err = d.accountService.Save(ctx, name, uId, userId, utils.Md5(fmt.Sprintf("%s%s", uId, userId)))
 		if err != nil {
 			return "", err
 		}
-		_, err = d.userService.Create(ctx, uId, username, email, mobile, "")
+		_, err = d.userService.Create(ctx, uId, username, email, mobile, name)
+		if err != nil {
+			return "", err
+		}
+		r, err := d.roleService.GetDefaultRole(ctx, role.SystemTarget())
 		if err != nil {
 			return "", err
 		}
-		return userId, nil
+		err = d.roleMemberService.Add(ctx, &role.AddMember{
+			Role:   r.Id,
+			User:   uId,
+			Target: role.SystemTarget(),
+		})
+		if err != nil {
+			return "", err
+		}
+		return uId, nil
 	}
 	_, err = d.userService.Update(ctx, info.Uid, &username, &email, &mobile)
 	if err != nil {
 		return "", err
 	}
 
-	return userId, nil
+	return info.Uid, nil
 }
 
-func getUserToken(code string, clientId string, clientSecret string) (*UserTokenResponse, error) {
+func getUserToken(code string, redirectUri, clientId string, clientSecret string) (*UserTokenResponse, error) {
 	headers := http.Header{}
 	headers.Set("Content-Type", "application/json")
-	body := url.Values{}
-	body.Set("grant_type", "authorization_code")
-	body.Set("code", code)
-	body.Set("client_id", clientId)
-	body.Set("client_secret", clientSecret)
-	resp, err := SendRequest[UserTokenResponse](getTokenUri, http.MethodPost, headers, nil, []byte(body.Encode()))
+	//body := url.Values{}
+	//body.Set("grant_type", "authorization_code")
+	//body.Set("code", code)
+	//body.Set("client_id", clientId)
+	//body.Set("client_secret", clientSecret)
+	//body.Set("redirect_uri", redirectUri)
+	body := map[string]string{
+		"grant_type":    "authorization_code",
+		"code":          code,
+		"client_id":     clientId,
+		"client_secret": clientSecret,
+		"redirect_uri":  redirectUri,
+	}
+	bodyByte, _ := json.Marshal(body)
+	resp, err := SendRequest[UserTokenResponse](getTokenUri, http.MethodPost, headers, nil, bodyByte)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get user token: %w", err)
 	}