From 04e385a0a211c44f201ab7e07801b65aba4eb059 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E7=BF=94?= Date: Sun, 5 Apr 2026 07:47:28 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E7=BB=9F=E4=B8=80=E7=AD=BE=E5=90=8D?= =?UTF-8?q?=E7=AD=96=E7=95=A5=EF=BC=8C=E7=AD=BE=E5=90=8D=E4=B8=8D=E5=8C=85?= =?UTF-8?q?=E5=90=ABbody?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 根本原因: - 前端签名生成时包含body - 后端WebFlux验证时body为空 - 导致签名不匹配,认证失败 修复方案: - 修改前端signature.ts,签名时不包含body - 修改测试role-auth-manager.ts,与前端保持一致 - 与后端WebFlux实现保持一致 影响范围: - 所有需要签名验证的API请求 - Token注入登录测试 - 用户管理相关测试 --- .../e2e/role-based-tests/shared/role-auth-manager.ts | 2 +- novalon-manage-web/src/utils/signature.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/novalon-manage-web/e2e/role-based-tests/shared/role-auth-manager.ts b/novalon-manage-web/e2e/role-based-tests/shared/role-auth-manager.ts index 34647aa..bd789c4 100644 --- a/novalon-manage-web/e2e/role-based-tests/shared/role-auth-manager.ts +++ b/novalon-manage-web/e2e/role-based-tests/shared/role-auth-manager.ts @@ -39,7 +39,7 @@ export class RoleAuthManager { method.toUpperCase(), path, '', - body || '', + '', timestamp.toString(), nonce ].join('\n'); diff --git a/novalon-manage-web/src/utils/signature.ts b/novalon-manage-web/src/utils/signature.ts index 599c6dc..e98d2eb 100644 --- a/novalon-manage-web/src/utils/signature.ts +++ b/novalon-manage-web/src/utils/signature.ts @@ -16,7 +16,7 @@ export function generateSignature( timestamp: number, nonce: string ): string { - const stringToSign = buildStringToSign(method, path, query, body, timestamp, nonce) + const stringToSign = buildStringToSign(method, path, query, '', timestamp, nonce) const signature = CryptoJS.HmacSHA256(stringToSign, SIGNATURE_SECRET) const signatureBase64 = CryptoJS.enc.Base64.stringify(signature)