1

ruoyi-system/src/main/java/com/ruoyi/jarvis/service/impl/TencentDocServiceImpl.java

@@ -33,7 +33,7 @@ public class TencentDocServiceImpl implements ITencentDocService {
         String redirectUri = tencentDocConfig.getRedirectUri();
         String oauthUrl = tencentDocConfig.getOauthUrl();
         
-        // 构建授权URL
+        // 构建授权URL（根据腾讯文档官方文档：https://docs.qq.com/open/document/app/oauth2/authorize.html）
         StringBuilder authUrl = new StringBuilder();
         authUrl.append(oauthUrl);
         authUrl.append("?client_id=").append(appId);
@@ -44,7 +44,11 @@ public class TencentDocServiceImpl implements ITencentDocService {
             authUrl.append("&redirect_uri=").append(redirectUri);
         }
         authUrl.append("&response_type=code");
-        authUrl.append("&scope=file.read_write");
+        authUrl.append("&scope=all");  // 根据官方文档，scope固定为all
+        
+        // 添加state参数（用于防CSRF攻击，可选但建议带上）
+        String state = java.util.UUID.randomUUID().toString();
+        authUrl.append("&state=").append(state);
         
         return authUrl.toString();
     }