From 0ea31d631a40bd24c8dea425260ae0c77e9e7f57 Mon Sep 17 00:00:00 2001
From: yukaidi <yukaidi@duck.com>
Date: Fri, 29 May 2026 06:57:44 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E7=A7=BB=E9=99=A4=20IzTool/IzToolWithAu?=
 =?UTF-8?q?th=20login()=20=E4=B8=AD=E6=9C=AA=E4=BD=BF=E7=94=A8=E7=9A=84=20?=
 =?UTF-8?q?h=20=E5=8F=98=E9=87=8F=EF=BC=88=E6=AD=BB=E4=BB=A3=E7=A0=81?=
 =?UTF-8?q?=EF=BC=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

并发安全修复引入的 h 变量创建后从未使用，后续请求仍通过
setTemplateParam("appToken", token) 传递 token。删除死代码并为
同一行的 token.substring 添加 null 保护。
---
 parser/src/main/java/cn/qaiu/parser/impl/IzTool.java         | 5 +----
 parser/src/main/java/cn/qaiu/parser/impl/IzToolWithAuth.java | 5 +----
 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/parser/src/main/java/cn/qaiu/parser/impl/IzTool.java b/parser/src/main/java/cn/qaiu/parser/impl/IzTool.java
index 11196d9..c135845 100644
--- a/parser/src/main/java/cn/qaiu/parser/impl/IzTool.java
+++ b/parser/src/main/java/cn/qaiu/parser/impl/IzTool.java
@@ -311,10 +311,7 @@ public class IzTool extends PanBase {
                     JsonObject json = asJson(res2);
                     if (json.getInteger("code") == 200) {
                         token = json.getJsonObject("data").getString("appToken");
-                        MultiMap h = MultiMap.caseInsensitiveMultiMap();
-                        h.addAll(header);
-                        h.set("appToken", token);
-                        log.info("登录成功 token: {}...", token.substring(0, Math.min(8, token.length())));
+                        log.info("登录成功 token: {}...", token != null ? token.substring(0, Math.min(8, token.length())) : "null");
                         promise1.complete();
                     } else {
                         // 检查是否为临时认证
diff --git a/parser/src/main/java/cn/qaiu/parser/impl/IzToolWithAuth.java b/parser/src/main/java/cn/qaiu/parser/impl/IzToolWithAuth.java
index ee1a095..bae5d20 100644
--- a/parser/src/main/java/cn/qaiu/parser/impl/IzToolWithAuth.java
+++ b/parser/src/main/java/cn/qaiu/parser/impl/IzToolWithAuth.java
@@ -280,10 +280,7 @@ public class IzToolWithAuth extends PanBase {
                     JsonObject json = asJson(res2);
                     if (json.getInteger("code") == 200) {
                         token = json.getJsonObject("data").getString("appToken");
-                        MultiMap h = MultiMap.caseInsensitiveMultiMap();
-                        h.addAll(header);
-                        h.set("appToken", token);
-                        log.info("登录成功 token: {}...", token.substring(0, Math.min(8, token.length())));
+                        log.info("登录成功 token: {}...", token != null ? token.substring(0, Math.min(8, token.length())) : "null");
                         promise1.complete();
                     } else {
                         // 检查是否为临时认证