From 55554adc185cf3ddd796f513bcd1a7fd3a7e50a8 Mon Sep 17 00:00:00 2001 From: ye4241 Date: Thu, 21 May 2026 11:55:22 +0800 Subject: [PATCH] =?UTF-8?q?chore(oidc):=20=E5=9B=9E=E5=BA=94=20Copilot=20r?= =?UTF-8?q?eview?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - ProviderType 从 identity.ProviderType 取(不再硬编码) - fast-path 日志改用 infraerrors.Reason(err) 避免泄露 PII / 降噪 --- backend/internal/handler/auth_oidc_oauth.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/internal/handler/auth_oidc_oauth.go b/backend/internal/handler/auth_oidc_oauth.go index 1cc95009..c82f7e2a 100644 --- a/backend/internal/handler/auth_oidc_oauth.go +++ b/backend/internal/handler/auth_oidc_oauth.go @@ -1246,7 +1246,7 @@ func (h *AuthHandler) tryOIDCVerifiedEmailFastPath( upstreamMetadata[k] = v } input := service.EmailOAuthIdentityInput{ - ProviderType: "oidc", + ProviderType: strings.TrimSpace(identity.ProviderType), ProviderKey: strings.TrimSpace(identity.ProviderKey), ProviderSubject: strings.TrimSpace(identity.ProviderSubject), Email: strings.TrimSpace(strings.ToLower(compatEmail)), @@ -1258,11 +1258,11 @@ func (h *AuthHandler) tryOIDCVerifiedEmailFastPath( } tokenPair, user, err := h.authService.LoginOrRegisterVerifiedEmailOAuthWithInvitation(ctx, input, "", "") if err != nil { - log.Printf("[OIDC OAuth] verified-email fast path skipped: %v", err) + log.Printf("[OIDC OAuth] verified-email fast path skipped: reason=%s", infraerrors.Reason(err)) return false } if err := h.ensureBackendModeAllowsUser(ctx, user); err != nil { - log.Printf("[OIDC OAuth] verified-email fast path blocked by backend mode: %v", err) + log.Printf("[OIDC OAuth] verified-email fast path blocked by backend mode: reason=%s", infraerrors.Reason(err)) return false }