From 7cfece301931a045d3a539f1cdb1904dc632e02b Mon Sep 17 00:00:00 2001
From: Yang Luo <hsluoyz@qq.com>
Date: Mon, 20 Dec 2021 23:46:38 +0800
Subject: [PATCH] Add GetMaskedProvider() and GetMaskedProviders().

---
 controllers/auth.go      | 10 +++++++++-
 controllers/provider.go  |  6 +++---
 object/application.go    |  2 +-
 object/provider.go       | 30 +++++++++++++++++++-----------
 web/src/auth/Provider.js |  2 +-
 5 files changed, 33 insertions(+), 17 deletions(-)

diff --git a/controllers/auth.go b/controllers/auth.go
index 442c5c59..bec38437 100644
--- a/controllers/auth.go
+++ b/controllers/auth.go
@@ -206,7 +206,15 @@ func (c *ApiController) Login() {
 			}
 		} else if provider.Category == "OAuth" {
 			// OAuth
-			idProvider := idp.GetIdProvider(provider.Type, provider.ClientId, provider.ClientSecret, form.RedirectUri)
+
+			clientId := provider.ClientId
+			clientSecret := provider.ClientSecret
+			if provider.Type == "WeChat" && strings.Contains(c.Ctx.Request.UserAgent(), "MicroMessenger") {
+				clientId = provider.ClientId2
+				clientSecret = provider.ClientSecret2
+			}
+
+			idProvider := idp.GetIdProvider(provider.Type, clientId, clientSecret, form.RedirectUri)
 			if idProvider == nil {
 				c.ResponseError(fmt.Sprintf("The provider type: %s is not supported", provider.Type))
 				return
diff --git a/controllers/provider.go b/controllers/provider.go
index a2a213f3..c10c6f8e 100644
--- a/controllers/provider.go
+++ b/controllers/provider.go
@@ -34,12 +34,12 @@ func (c *ApiController) GetProviders() {
 	limit := c.Input().Get("pageSize")
 	page := c.Input().Get("p")
 	if limit == "" || page == "" {
-		c.Data["json"] = object.GetProviders(owner)
+		c.Data["json"] = object.GetMaskedProviders(object.GetProviders(owner))
 		c.ServeJSON()
 	} else {
 		limit := util.ParseInt(limit)
 		paginator := pagination.SetPaginator(c.Ctx, limit, int64(object.GetProviderCount(owner)))
-		providers := object.GetPaginationProviders(owner, paginator.Offset(), limit)
+		providers := object.GetMaskedProviders(object.GetPaginationProviders(owner, paginator.Offset(), limit))
 		c.ResponseOk(providers, paginator.Nums())
 	}
 }
@@ -53,7 +53,7 @@ func (c *ApiController) GetProviders() {
 func (c *ApiController) GetProvider() {
 	id := c.Input().Get("id")
 
-	c.Data["json"] = object.GetProvider(id)
+	c.Data["json"] = object.GetMaskedProvider(object.GetProvider(id))
 	c.ServeJSON()
 }
 
diff --git a/object/application.go b/object/application.go
index 1da0a261..f8a03f32 100644
--- a/object/application.go
+++ b/object/application.go
@@ -88,7 +88,7 @@ func getProviderMap(owner string) map[string]*Provider {
 		//	continue
 		//}
 
-		m[provider.Name] = getMaskedProvider(provider)
+		m[provider.Name] = GetMaskedProvider(provider)
 	}
 	return m
 }
diff --git a/object/provider.go b/object/provider.go
index fcb19ca0..849185ed 100644
--- a/object/provider.go
+++ b/object/provider.go
@@ -58,18 +58,26 @@ type Provider struct {
 	ProviderUrl string `xorm:"varchar(200)" json:"providerUrl"`
 }
 
-func getMaskedProvider(provider *Provider) *Provider {
-	p := &Provider{
-		Owner:       provider.Owner,
-		Name:        provider.Name,
-		CreatedTime: provider.CreatedTime,
-		DisplayName: provider.DisplayName,
-		Category:    provider.Category,
-		Type:        provider.Type,
-		Method:      provider.Method,
-		ClientId:    provider.ClientId,
+func GetMaskedProvider(provider *Provider) *Provider {
+	if provider == nil {
+		return nil
 	}
-	return p
+
+	if provider.ClientSecret != "" {
+		provider.ClientSecret = "***"
+	}
+	if provider.ClientSecret2 != "" {
+		provider.ClientSecret2 = "***"
+	}
+
+	return provider
+}
+
+func GetMaskedProviders(providers []*Provider) []*Provider {
+	for _, provider := range providers {
+		provider = GetMaskedProvider(provider)
+	}
+	return providers
 }
 
 func GetProviderCount(owner string) int {
diff --git a/web/src/auth/Provider.js b/web/src/auth/Provider.js
index 5d4b7f49..d300b77f 100644
--- a/web/src/auth/Provider.js
+++ b/web/src/auth/Provider.js
@@ -201,7 +201,7 @@ export function getAuthUrl(application, provider, method) {
     return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
   } else if (provider.type === "WeChat") {
     if (navigator.userAgent.includes("MicroMessenger")) {
-      return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
+      return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId2}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
     } else {
       return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
     }