revert: OAuth 回调回退为 secscore:// URI 方案

SECTL token 接口对 loopback/private IP 的 redirect_uri 返回 403
("Local or private network IP addresses are not allowed"),
HTTP/localhost/HTTPS loopback 均不可行,回退到 URI 方案。

- callbackUrl 改为 secscore://oauth/callback
- OAuthLogin 改回 deep link (ss:oauth-deep-link) 流程,移除
  本地 HTTP 回调服务器的启动/停止逻辑
- oauth_server.rs 保留(未被登录流程调用)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
JSR
2026-07-05 21:16:18 +08:00
parent c0898b5f6f
commit 795bae1f03
3 changed files with 19 additions and 91 deletions
+2 -2
View File
@@ -55,7 +55,7 @@ pub async fn oauth_start_callback_server(
if let Some(h) = handle_guard.as_ref() {
if !h.is_finished() {
let port = OAUTH_CALLBACK_PORT;
let url = format!("http://127.0.0.1:{}/oauth/callback", port);
let url = format!("http://localhost:{}/oauth/callback", port);
log("server already running, return early");
return Ok(IpcResponse::success(OAuthServerStartResult { url, port }));
}
@@ -63,7 +63,7 @@ pub async fn oauth_start_callback_server(
let port = OAUTH_CALLBACK_PORT;
let addr: SocketAddr = ([127, 0, 0, 1], port).into();
let url = format!("http://127.0.0.1:{}/oauth/callback", port);
let url = format!("http://localhost:{}/oauth/callback", port);
let url_for_spawn = url.clone();
// 尝试绑定;若端口被占用,强杀占用进程后重试一次