7.25 渗透测试 前端secret修复，修改刷新token接口和code换token接口

src/pages/LoadingPage/index.tsx

@@ -22,15 +22,15 @@ const Loading: React.FC<{}> = () => {
       clientId: REACT_APP_CLIENT_KEY,
       scope: getUserScope()
     }
-    const params = {
-      grant_type: "refresh_token",
-      refresh_token: getUserRefreshToken(),
-      client_id: REACT_APP_CLIENT_KEY,
-      client_secret: REACT_APP_CLIENT_SECRET,
-    }
-    const header = {
-      clientId: REACT_APP_CLIENT_KEY,
-    }
+    // const params = {
+    //   grant_type: "refresh_token",
+    //   refresh_token: getUserRefreshToken(),
+    //   client_id: REACT_APP_CLIENT_KEY,
+    //   client_secret: REACT_APP_CLIENT_SECRET,
+    // }
+    // const header = {
+    //   clientId: REACT_APP_CLIENT_KEY,
+    // }
     if (userType == '0') {//联通用户
       await cloudReloadToken('', headers)
       await getUserData(token, url, extra, 1)
@@ -138,11 +138,9 @@ const Loading: React.FC<{}> = () => {
     //获取协议部分 http: https:
     const protocol = window.location.protocol
     const grant_type = 'authorization_code';
-    const client_id = REACT_APP_CLIENT_KEY;
-    const client_secret = REACT_APP_CLIENT_SECRET;
     const redirect_uri = `${protocol}//${host}/redirect${e}`;
     let token = '';
-    await getTokenByCode({ grant_type, client_id, client_secret, redirect_uri, code }).then(res => {
+    await getTokenByCode({ grant_type, redirect_uri, code }).then(res => {
       if (res?.success == true) {
         sessionStorage.setItem('Authorization', res?.data?.value)
         token = 'Bearer ' + res?.data?.value;

src/pages/LoadingPage/service.ts

@@ -18,7 +18,7 @@ export async function fgetUserMsg(params: any) {
  * @returns 
  */
 export async function getTokenByCode(params: any) {
-  return request('/api/auth/oauth/token', {
+  return request('/api/core-service-ebtp-userinfo/v1/auth/oauth/token', {
     method: 'POST',
     params: params,
   });