1

ruoyi-admin/src/main/java/com/ruoyi/web/controller/jarvis/WPS365CallbackController.java

@@ -12,8 +12,10 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
 /**
@@ -32,18 +34,52 @@ public class WPS365CallbackController extends BaseController {
     private IWPS365OAuthService wps365OAuthService;
     
     /**
-     * OAuth回调 - 通过授权码获取访问令牌
+     * OAuth回调 - 通过授权码获取访问令牌（GET请求）
      * 路径：/wps365-callback
      * 注意：在WPS365开放平台只需配置域名：jarvis.van333.cn（不能包含路径）
      * 授权URL中的redirect_uri参数会自动使用配置中的完整URL：https://jarvis.van333.cn/wps365-callback
      */
     @Anonymous
     @GetMapping
-    public ResponseEntity<?> oauthCallback(@RequestParam(value = "code", required = false) String code, 
+    public ResponseEntity<?> oauthCallbackGet(@RequestParam(value = "code", required = false) String code, 
                                 @RequestParam(value = "state", required = false) String state,
                                 @RequestParam(value = "error", required = false) String error,
                                 @RequestParam(value = "error_description", required = false) String errorDescription,
                                 @RequestParam(value = "challenge", required = false) String challenge) {
+        return handleOAuthCallback(code, state, error, errorDescription, challenge, null);
+    }
+    
+    /**
+     * OAuth回调 - 通过授权码获取访问令牌（POST请求）
+     * WPS365在验证回调URL时会发送POST请求进行challenge验证
+     */
+    @Anonymous
+    @PostMapping
+    public ResponseEntity<?> oauthCallbackPost(@RequestParam(value = "code", required = false) String code,
+                                @RequestParam(value = "state", required = false) String state,
+                                @RequestParam(value = "error", required = false) String error,
+                                @RequestParam(value = "error_description", required = false) String errorDescription,
+                                @RequestParam(value = "challenge", required = false) String challenge,
+                                @RequestBody(required = false) String requestBody) {
+        // 如果requestBody是JSON格式，尝试解析challenge
+        if (challenge == null && requestBody != null && requestBody.trim().startsWith("{")) {
+            try {
+                com.alibaba.fastjson2.JSONObject json = com.alibaba.fastjson2.JSON.parseObject(requestBody);
+                if (json.containsKey("challenge")) {
+                    challenge = json.getString("challenge");
+                }
+            } catch (Exception e) {
+                log.debug("解析POST请求体失败，使用URL参数", e);
+            }
+        }
+        return handleOAuthCallback(code, state, error, errorDescription, challenge, requestBody);
+    }
+    
+    /**
+     * 处理OAuth回调的核心逻辑
+     */
+    private ResponseEntity<?> handleOAuthCallback(String code, String state, String error, 
+                                String errorDescription, String challenge, String requestBody) {
         try {
             // 处理challenge验证（WPS365后台配置时用于验证回调URL）
             if (challenge != null && !challenge.trim().isEmpty()) {