1

ruoyi-admin/src/main/java/com/ruoyi/web/controller/jarvis/TencentDocController.java

@@ -2,6 +2,7 @@ package com.ruoyi.web.controller.jarvis;
 
 import com.alibaba.fastjson2.JSONArray;
 import com.alibaba.fastjson2.JSONObject;
+import com.ruoyi.common.annotation.Anonymous;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.redis.RedisCache;
@@ -112,6 +113,7 @@ public class TencentDocController extends BaseController {
      * 根据腾讯文档官方文档：https://docs.qq.com/open/document/app/oauth2/authorize.html
      * 用户授权成功后，腾讯文档会重定向到此回调地址，并携带code和state参数
      */
+    @Anonymous
     @GetMapping("/oauth/callback")
     public AjaxResult oauthCallback(@RequestParam("code") String code, 
                                     @RequestParam(value = "state", required = false) String state,

ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

@@ -114,6 +114,8 @@ public class SecurityConfig
                 requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
                     // 公开接口，允许匿名访问
                     .antMatchers("/public/**").permitAll()
+                    // 腾讯文档OAuth回调接口，允许匿名访问
+                    .antMatchers("/jarvis/tendoc/oauth/callback").permitAll()
                     // 静态资源，可匿名访问
                     .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                     .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()