ECNU · freedomkk-qfeng · Dec 8, 2023 · Dec 8, 2023 · Dec 8, 2023
diff --git a/controller/oauth2_authorization_code.go b/controller/oauth2_authorization_code.go
@@ -3,6 +3,7 @@ package controller
 import (
 	"fmt"
 	"net/http"
+	"net/url"
 	"strconv"
 
 	"github.com/ECNU/Open-OAuth2Playground/g"
@@ -20,7 +21,7 @@ type ExchangeTokenByCodeRequest struct {
 
 type RefreshTokenRequest struct {
 	ClientID     string `json:"client_id"`
-	ClientSecret string `json:"client_secret"`
+	ClientSecret string `json:"client_secret,omitempty"` // client_secret is optional for refresh_token
 	RefreshToken string `json:"refresh_token"`
 }
 
@@ -58,7 +59,11 @@ func refreshToken(c *gin.Context) {
 	method := "POST"
 	apiAddr := g.Config().Endpoints.Token
 	grant_type := "refresh_token"
-	body := fmt.Sprintf("grant_type=%s&client_id=%s&client_secret=%s&refresh_token=%s", grant_type, request.ClientID, request.ClientSecret, request.RefreshToken)
+	body := fmt.Sprintf("grant_type=%s&client_id=%s&refresh_token=%s", grant_type, request.ClientID, request.RefreshToken)
+
+	if request.ClientSecret != "" {
+		body += fmt.Sprintf("&client_secret=%s", url.QueryEscape(request.ClientSecret))
+	}
 
 	header := make(map[string]string)
 	header["Content-Type"] = "application/x-www-form-urlencoded"

diff --git a/controller/oauth2_pkce.go b/controller/oauth2_pkce.go
@@ -0,0 +1,44 @@
+package controller
+
+import (
+	"fmt"
+	"net/http"
+	"strconv"
+
+	"github.com/ECNU/Open-OAuth2Playground/g"
+	"github.com/ECNU/Open-OAuth2Playground/models"
+	"github.com/gin-gonic/gin"
+)
+
+type ReqPkceData struct {
+	Code         string `json:"code"`
+	ClientID     string `json:"client_id"`
+	CodeVerifier string `json:"code_verifier"`
+	Scope        string `json:"scope"`
+	RedirectURI  string `json:"redirect_uri"`
+}
+
+func pkce(c *gin.Context) {
+	request := ReqPkceData{}
+	if err := c.Bind(&request); err != nil {
+		c.JSON(http.StatusOK, handleError(err.Error()))
+		return
+	}
+
+	method := "POST"
+	apiAddr := g.Config().Endpoints.Token
+	grant_type := "authorization_code"
+	body := fmt.Sprintf("code=%s&redirect_uri=%s&client_id=%s&scope=%s&grant_type=%s&code_verifier=%s",
+		request.Code, request.RedirectURI, request.ClientID, request.Scope, grant_type, request.CodeVerifier)
+
+	header := make(map[string]string)
+	header["Content-Type"] = "application/x-www-form-urlencoded"
+	header["Content-Length"] = strconv.Itoa(len(body))
+
+	res, err := models.HandleRequest(method, apiAddr, g.UserAgent, body, g.Config().Timeout, header)
+	if err != nil {
+		c.JSON(http.StatusOK, handleError(err.Error()))
+		return
+	}
+	c.JSON(http.StatusOK, handleSuccess(res))
+}
diff --git a/controller/route.go b/controller/route.go
@@ -19,6 +19,7 @@ func Routes(r *gin.Engine) {
 	playground := r.Group(g.Config().Http.RouteBase + "v1")
 	playground.Use(IPLimitCheck)
 	playground.Use(NoCache())
+	playground.POST("/oauth2/pkce", pkce)
 	playground.POST("/oauth2/device_flow", deviceFlow)
 	playground.POST("/oauth2/client_credentials", clientCredentials)
 	playground.POST("/oauth2/password", passwordMode)

diff --git a/front-standalone/src/api/playground.ts b/front-standalone/src/api/playground.ts
@@ -46,3 +46,10 @@ export const fetchACTokenByPassword = (data) => {
 export const fetchACTokenByDevice = (data) => {
     return http.post<Result>("/oauth2/device_flow", data);
 };
+
+/** PKCE */
+/** Step 2 */
+/** Get access_token with PKCE */
+export const fetchACTokenByPkce = (data) => {
+    return http.post<Result>("/oauth2/pkce", data);
+};
diff --git a/front-standalone/src/views/playground/components/Authorization.vue b/front-standalone/src/views/playground/components/Authorization.vue
@@ -538,8 +538,7 @@ const handleDrag = (floatButton, container) => {
         <div class="http-content" style="text-align: start; padding: 0em; position: relative; overflow: auto; max-height: 350px; width: 100%">
           <el-scrollbar class="http-render">
             <highlightjs autodetect :code="requestInfo.code"/>
-            <highlightjs v-if="isJsonResponse(responseInfo.header)" autodetect :code="formatJson(responseInfo.body)"/>
-            <highlightjs v-else autodetect :code="responseInfo.body"></highlightjs>
+            <highlightjs :class="{ 'bodyWrap': isWrapRes }" autodetect :code="requestInfo.body"/>
           </el-scrollbar>
           <el-checkbox v-model="isWrapRes" label="Wrap Lines"
                        size="large"/>