1

ruoyi-admin/src/main/java/com/ruoyi/web/controller/jarvis/WPS365CallbackController.java

@@ -52,26 +52,59 @@ public class WPS365CallbackController extends BaseController {
     /**
      * OAuth回调 - 通过授权码获取访问令牌（POST请求）
      * WPS365在验证回调URL时会发送POST请求进行challenge验证
+     * 支持application/json和application/x-www-form-urlencoded两种格式
      */
     @Anonymous
-    @PostMapping
+    @PostMapping(consumes = {MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_FORM_URLENCODED_VALUE, MediaType.TEXT_PLAIN_VALUE})
     public ResponseEntity<?> oauthCallbackPost(@RequestParam(value = "code", required = false) String code,
                                 @RequestParam(value = "state", required = false) String state,
                                 @RequestParam(value = "error", required = false) String error,
                                 @RequestParam(value = "error_description", required = false) String errorDescription,
                                 @RequestParam(value = "challenge", required = false) String challenge,
                                 @RequestBody(required = false) String requestBody) {
-        // 如果requestBody是JSON格式，尝试解析challenge
-        if (challenge == null && requestBody != null && requestBody.trim().startsWith("{")) {
-            try {
-                com.alibaba.fastjson2.JSONObject json = com.alibaba.fastjson2.JSON.parseObject(requestBody);
-                if (json.containsKey("challenge")) {
-                    challenge = json.getString("challenge");
+        log.info("收到WPS365 POST回调请求 - code: {}, challenge: {}, requestBody: {}", 
+            code != null ? "有" : "无", 
+            challenge != null ? challenge : "无",
+            requestBody != null && requestBody.length() > 0 ? requestBody.substring(0, Math.min(100, requestBody.length())) : "无");
+        
+        // 如果challenge在URL参数中，直接使用
+        // 如果不在URL参数中，尝试从请求体中解析（可能是JSON或form-data）
+        if (challenge == null && requestBody != null && !requestBody.trim().isEmpty()) {
+            String bodyTrimmed = requestBody.trim();
+            // 尝试解析JSON格式
+            if (bodyTrimmed.startsWith("{")) {
+                try {
+                    com.alibaba.fastjson2.JSONObject json = com.alibaba.fastjson2.JSON.parseObject(requestBody);
+                    if (json.containsKey("challenge")) {
+                        challenge = json.getString("challenge");
+                        log.info("从JSON请求体中解析到challenge: {}", challenge);
+                    }
+                } catch (Exception e) {
+                    log.debug("解析JSON请求体失败", e);
                 }
-            } catch (Exception e) {
-                log.debug("解析POST请求体失败，使用URL参数", e);
+            }
+            // 尝试解析form-urlencoded格式 (challenge=xxx)
+            else if (bodyTrimmed.contains("challenge=")) {
+                try {
+                    String[] pairs = bodyTrimmed.split("&");
+                    for (String pair : pairs) {
+                        if (pair.startsWith("challenge=")) {
+                            challenge = java.net.URLDecoder.decode(pair.substring("challenge=".length()), "UTF-8");
+                            log.info("从form-urlencoded请求体中解析到challenge: {}", challenge);
+                            break;
+                        }
+                    }
+                } catch (Exception e) {
+                    log.debug("解析form-urlencoded请求体失败", e);
+                }
+            }
+            // 如果请求体就是challenge值本身（纯文本）
+            else if (bodyTrimmed.length() < 200) {
+                challenge = bodyTrimmed;
+                log.info("将请求体作为challenge值: {}", challenge);
             }
         }
+        
         return handleOAuthCallback(code, state, error, errorDescription, challenge, requestBody);
     }