diff --git a/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/controller/admin/file/FileController.java b/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/controller/admin/file/FileController.java index f33232bc..17ec1e54 100644 --- a/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/controller/admin/file/FileController.java +++ b/zt-module-infra/zt-module-infra-server/src/main/java/com/zt/plat/module/infra/controller/admin/file/FileController.java @@ -270,18 +270,32 @@ public class FileController { } private String buildPublicBaseUrl(HttpServletRequest request) { - if (previewBaseUrl != null && !previewBaseUrl.isBlank()) { - return previewBaseUrl.endsWith("/") - ? previewBaseUrl.substring(0, previewBaseUrl.length() - 1) - : previewBaseUrl; + // 1. 优先使用配置(必须是合法 http(s)) + if (previewBaseUrl != null) { + String v = previewBaseUrl.trim(); + if (!v.isEmpty() && (v.startsWith("http://") || v.startsWith("https://"))) { + return v.endsWith("/") ? v.substring(0, v.length() - 1) : v; + } } - // 兜底:从请求推断 - String scheme = request.getHeader("X-Forwarded-Proto"); - if (scheme == null) scheme = request.getScheme(); + // 2. 从请求头推断 scheme(注意:多级代理会是 "http,http") + String scheme = request.getHeader("X-Forwarded-Proto"); + if (scheme == null || scheme.isBlank()) { + scheme = request.getScheme(); + } else { + scheme = scheme.split(",")[0].trim(); + } + + // 3. 从请求头推断 host(同样可能是多值) String host = request.getHeader("X-Forwarded-Host"); - if (host == null) host = request.getHeader("Host"); - if (host == null) host = request.getServerName() + ":" + request.getServerPort(); + if (host == null || host.isBlank()) { + host = request.getHeader("Host"); + } + if (host == null || host.isBlank()) { + host = request.getServerName() + ":" + request.getServerPort(); + } else { + host = host.split(",")[0].trim(); + } return scheme + "://" + host; } diff --git a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/integration/iwork/impl/IWorkIntegrationServiceImpl.java b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/integration/iwork/impl/IWorkIntegrationServiceImpl.java index fcf0bd56..d184dd7e 100644 --- a/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/integration/iwork/impl/IWorkIntegrationServiceImpl.java +++ b/zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/integration/iwork/impl/IWorkIntegrationServiceImpl.java @@ -140,6 +140,11 @@ public class IWorkIntegrationServiceImpl implements IWorkIntegrationService { @Override public IWorkOperationRespVO createWorkflow(IWorkWorkflowCreateReqVO reqVO) { + // 检查是否传输了operatorId + String reqVOOperatorUserId = reqVO.getOperatorUserId(); + if (!StringUtils.hasText(reqVOOperatorUserId)) { + throw ServiceExceptionUtil.exception(IWORK_SEAL_REQUIRED_FIELD_MISSING, "operatorUserId"); + } assertConfigured(); String appId = resolveAppId(); ClientKeyPair clientKeyPair = resolveClientKeyPair(appId, Boolean.TRUE.equals(reqVO.getForceRefreshToken())); @@ -163,10 +168,16 @@ public class IWorkIntegrationServiceImpl implements IWorkIntegrationService { @Override public IWorkOperationRespVO createGenericWorkflow(IWorkGenericWorkflowCreateReqVO reqVO) { + // 检查是否传输了operatorId + String reqVOOperatorUserId = reqVO.getOperatorUserId(); + if (!StringUtils.hasText(reqVOOperatorUserId)) { + throw ServiceExceptionUtil.exception(IWORK_SEAL_REQUIRED_FIELD_MISSING, "operatorUserId"); + } + assertConfigured(); String appId = resolveAppId(); ClientKeyPair clientKeyPair = resolveClientKeyPair(appId, Boolean.TRUE.equals(reqVO.getForceRefreshToken())); - String operatorUserId = resolveOperatorUserId(reqVO.getOperatorUserId()); + String operatorUserId = resolveOperatorUserId(reqVOOperatorUserId); IWorkSession session = createSession(appId, clientKeyPair, operatorUserId, Boolean.TRUE.equals(reqVO.getForceRefreshToken())); // 构建透传参数,将 workflowId 加入 payload