fix(health): OAuth JWT 配置缺失返回错误而非 panic

2026-05-06 10:21:25 +08:00
parent a1cbb9fb1d
commit c452ae81d1
1 changed files with 10 additions and 2 deletions
--- a/crates/erp-health/src/oauth/handler.rs
+++ b/crates/erp-health/src/oauth/handler.rs
@@ -18,8 +18,16 @@ pub async fn token(
    State(state): State<HealthState>,
    Json(req): Json<TokenRequest>,
 ) -> Result<(StatusCode, Json<TokenResponse>), (StatusCode, Json<TokenErrorResponse>)> {
-    let jwt_secret = std::env::var("ERP__AUTH__JWT_SECRET")
-        .expect("ERP__AUTH__JWT_SECRET 环境变量未设置 — 无法签发 OAuth token");
+    let jwt_secret = match std::env::var("ERP__AUTH__JWT_SECRET") {
+        Ok(s) => s,
+        Err(_) => {
+            tracing::error!("ERP__AUTH__JWT_SECRET 环境变量未设置 — 无法签发 OAuth token");
+            return Err((
+                StatusCode::INTERNAL_SERVER_ERROR,
+                Json(TokenErrorResponse::invalid_client("服务配置错误")),
+            ));
+        }
+    };

    match OAuthService::token(&state.db, &req, &jwt_secret).await {
        Ok(resp) => Ok((StatusCode::OK, Json(resp))),