-
Notifications
You must be signed in to change notification settings - Fork 506
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #9354 from fcfang123/issue-9353
feat:蓝盾APP Oauth2授权登录实现 #9353
- Loading branch information
Showing
66 changed files
with
2,652 additions
and
191 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
55 changes: 55 additions & 0 deletions
55
...-auth/src/main/kotlin/com/tencent/devops/auth/api/oauth2/Oauth2DesktopEndpointResource.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| package com.tencent.devops.auth.api.oauth2 | ||
|
|
||
| import com.tencent.devops.auth.pojo.dto.Oauth2AuthorizationCodeDTO | ||
| import com.tencent.devops.auth.pojo.vo.Oauth2AuthorizationInfoVo | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_USER_ID | ||
| import com.tencent.devops.common.api.pojo.Result | ||
| import io.swagger.annotations.Api | ||
| import io.swagger.annotations.ApiOperation | ||
| import io.swagger.annotations.ApiParam | ||
| import javax.ws.rs.Consumes | ||
| import javax.ws.rs.GET | ||
| import javax.ws.rs.HeaderParam | ||
| import javax.ws.rs.POST | ||
| import javax.ws.rs.Path | ||
| import javax.ws.rs.Produces | ||
| import javax.ws.rs.QueryParam | ||
| import javax.ws.rs.core.MediaType | ||
|
|
||
| @Api(tags = ["OAUTH2_ENDPOINT"], description = "oauth2相关") | ||
| @Path("/desktop/oauth2/endpoint") | ||
| @Produces(MediaType.APPLICATION_JSON) | ||
| @Consumes(MediaType.APPLICATION_JSON) | ||
| interface Oauth2DesktopEndpointResource { | ||
| @GET | ||
| @Path("/getAuthorizationInformation") | ||
| @ApiOperation("获取授权信息") | ||
| fun getAuthorizationInformation( | ||
| @HeaderParam(AUTH_HEADER_DEVOPS_USER_ID) | ||
| @ApiParam("待校验用户ID", required = true) | ||
| userId: String, | ||
| @QueryParam("clientId") | ||
| @ApiParam("客户端ID", required = true) | ||
| clientId: String, | ||
| @QueryParam("redirectUri") | ||
| @ApiParam("跳转链接", required = true) | ||
| redirectUri: String | ||
| ): Result<Oauth2AuthorizationInfoVo> | ||
|
|
||
| @POST | ||
| @Path("/getAuthorizationCode") | ||
| @ApiOperation("获取授权码") | ||
| fun getAuthorizationCode( | ||
| @HeaderParam(AUTH_HEADER_DEVOPS_USER_ID) | ||
| @ApiParam("待校验用户ID", required = true) | ||
| userId: String, | ||
| @QueryParam("clientId") | ||
| @ApiParam("客户端ID", required = true) | ||
| clientId: String, | ||
| @QueryParam("redirectUri") | ||
| @ApiParam("跳转链接", required = true) | ||
| redirectUri: String, | ||
| @ApiParam("oauth2获取授权码请求报文体", required = true) | ||
| authorizationCodeDTO: Oauth2AuthorizationCodeDTO | ||
| ): Result<String> | ||
| } |
89 changes: 89 additions & 0 deletions
89
...-auth/src/main/kotlin/com/tencent/devops/auth/api/oauth2/Oauth2ServiceEndpointResource.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,89 @@ | ||
| package com.tencent.devops.auth.api.oauth2 | ||
|
|
||
| import com.tencent.devops.auth.pojo.Oauth2AccessTokenRequest | ||
| import com.tencent.devops.auth.pojo.dto.Oauth2AuthorizationCodeDTO | ||
| import com.tencent.devops.auth.pojo.vo.Oauth2AccessTokenVo | ||
| import com.tencent.devops.auth.pojo.vo.Oauth2AuthorizationInfoVo | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_USER_ID | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_OAUTH2_AUTHORIZATION | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_OAUTH2_CLIENT_ID | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_OAUTH2_CLIENT_SECRET | ||
| import com.tencent.devops.common.api.pojo.Result | ||
| import io.swagger.annotations.Api | ||
| import io.swagger.annotations.ApiOperation | ||
| import io.swagger.annotations.ApiParam | ||
| import javax.ws.rs.Consumes | ||
| import javax.ws.rs.GET | ||
| import javax.ws.rs.HeaderParam | ||
| import javax.ws.rs.POST | ||
| import javax.ws.rs.Path | ||
| import javax.ws.rs.Produces | ||
| import javax.ws.rs.QueryParam | ||
| import javax.ws.rs.core.MediaType | ||
|
|
||
| @Api(tags = ["OAUTH2_ENDPOINT"], description = "oauth2相关") | ||
| @Path("/service/oauth2/endpoint") | ||
| @Produces(MediaType.APPLICATION_JSON) | ||
| @Consumes(MediaType.APPLICATION_JSON) | ||
| interface Oauth2ServiceEndpointResource { | ||
| @GET | ||
| @Path("/getAuthorizationInformation") | ||
| @ApiOperation("获取授权信息") | ||
| fun getAuthorizationInformation( | ||
| @HeaderParam(AUTH_HEADER_DEVOPS_USER_ID) | ||
| @ApiParam("待校验用户ID", required = true) | ||
| userId: String, | ||
| @QueryParam("clientId") | ||
| @ApiParam("客户端ID", required = true) | ||
| clientId: String, | ||
| @QueryParam("redirectUri") | ||
| @ApiParam("跳转链接", required = true) | ||
| redirectUri: String | ||
| ): Result<Oauth2AuthorizationInfoVo> | ||
|
|
||
| @POST | ||
| @Path("/getAuthorizationCode") | ||
| @ApiOperation("获取授权码") | ||
| fun getAuthorizationCode( | ||
| @HeaderParam(AUTH_HEADER_DEVOPS_USER_ID) | ||
| @ApiParam("待校验用户ID", required = true) | ||
| userId: String, | ||
| @QueryParam("clientId") | ||
| @ApiParam("客户端ID", required = true) | ||
| clientId: String, | ||
| @QueryParam("redirectUri") | ||
| @ApiParam("跳转链接", required = true) | ||
| redirectUri: String, | ||
| @ApiParam("oauth2获取授权码请求报文体", required = true) | ||
| authorizationCodeDTO: Oauth2AuthorizationCodeDTO | ||
| ): Result<String> | ||
|
|
||
| @POST | ||
| @Path("/getAccessToken") | ||
| @ApiOperation("获取accessToken") | ||
| fun getAccessToken( | ||
| @HeaderParam(AUTH_HEADER_OAUTH2_CLIENT_ID) | ||
| @ApiParam("客户端id", required = true) | ||
| clientId: String, | ||
| @HeaderParam(AUTH_HEADER_OAUTH2_CLIENT_SECRET) | ||
| @ApiParam("客户端秘钥", required = true) | ||
| clientSecret: String, | ||
| @ApiParam("oauth2获取token请求报文体", required = true) | ||
| accessTokenRequest: Oauth2AccessTokenRequest | ||
| ): Result<Oauth2AccessTokenVo?> | ||
|
|
||
| @POST | ||
| @Path("/verifyAccessToken") | ||
| @ApiOperation("校验accessToken") | ||
| fun verifyAccessToken( | ||
| @HeaderParam(AUTH_HEADER_OAUTH2_CLIENT_ID) | ||
| @ApiParam("客户端id", required = true) | ||
| clientId: String, | ||
| @HeaderParam(AUTH_HEADER_OAUTH2_CLIENT_SECRET) | ||
| @ApiParam("客户端秘钥", required = true) | ||
| clientSecret: String, | ||
| @HeaderParam(AUTH_HEADER_OAUTH2_AUTHORIZATION) | ||
| @ApiParam("access token", required = true) | ||
| accessToken: String | ||
| ): Result<String> | ||
| } |
55 changes: 55 additions & 0 deletions
55
...core/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/api/oauth2/OpOauth2Resource.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| package com.tencent.devops.auth.api.oauth2 | ||
|
|
||
| import com.tencent.devops.auth.pojo.dto.ClientDetailsDTO | ||
| import com.tencent.devops.auth.pojo.dto.ScopeOperationDTO | ||
| import io.swagger.annotations.Api | ||
| import io.swagger.annotations.ApiOperation | ||
| import io.swagger.annotations.ApiParam | ||
| import javax.ws.rs.Consumes | ||
| import javax.ws.rs.DELETE | ||
| import javax.ws.rs.POST | ||
| import javax.ws.rs.Path | ||
| import javax.ws.rs.Produces | ||
| import javax.ws.rs.QueryParam | ||
| import javax.ws.rs.core.MediaType | ||
| import com.tencent.devops.common.api.pojo.Result | ||
|
|
||
| @Api(tags = ["OP_OAUTH2"], description = "oauth2相关-op接口") | ||
| @Path("/op/oauth2/") | ||
| @Produces(MediaType.APPLICATION_JSON) | ||
| @Consumes(MediaType.APPLICATION_JSON) | ||
| interface OpOauth2Resource { | ||
| @POST | ||
| @Path("/createClientDetails") | ||
| @ApiOperation("新增Oauth2客户端信息") | ||
| fun createClientDetails( | ||
| @ApiParam("Oauth2客户端请求实体", required = true) | ||
| clientDetailsDTO: ClientDetailsDTO | ||
| ): Result<Boolean> | ||
|
|
||
| @DELETE | ||
| @Path("/deleteClientDetails") | ||
| @ApiOperation("删除Oauth2客户端信息") | ||
| fun deleteClientDetails( | ||
| @ApiParam("客户端ID", required = true) | ||
| @QueryParam("clientId") | ||
| clientId: String | ||
| ): Result<Boolean> | ||
|
|
||
| @POST | ||
| @Path("/createScopeOperation") | ||
| @ApiOperation("新增Oauth2授权操作信息") | ||
| fun createScopeOperation( | ||
| @ApiParam("Oauth2授权操作信息请求实体", required = true) | ||
| scopeOperationDTO: ScopeOperationDTO | ||
| ): Result<Boolean> | ||
|
|
||
| @DELETE | ||
| @Path("/deleteScopeOperation") | ||
| @ApiOperation("删除Oauth2授权操作信息") | ||
| fun deleteScopeOperation( | ||
| @ApiParam("授权操作ID", required = true) | ||
| @QueryParam("operationId") | ||
| operationId: String | ||
| ): Result<Boolean> | ||
| } |
33 changes: 33 additions & 0 deletions
33
...h/api-auth/src/main/kotlin/com/tencent/devops/auth/api/service/ServiceSecurityResource.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| package com.tencent.devops.auth.api.service | ||
|
|
||
| import com.tencent.devops.auth.pojo.vo.UserAndDeptInfoVo | ||
| import com.tencent.devops.common.api.auth.AUTH_HEADER_DEVOPS_USER_ID | ||
| import com.tencent.devops.common.api.pojo.Result | ||
| import io.swagger.annotations.Api | ||
| import io.swagger.annotations.ApiOperation | ||
| import io.swagger.annotations.ApiParam | ||
| import javax.ws.rs.Consumes | ||
| import javax.ws.rs.GET | ||
| import javax.ws.rs.HeaderParam | ||
| import javax.ws.rs.Path | ||
| import javax.ws.rs.Produces | ||
| import javax.ws.rs.QueryParam | ||
| import javax.ws.rs.core.MediaType | ||
|
|
||
| @Api(tags = ["SERVICE_SECURITY"], description = "安全相关") | ||
| @Path("/service/security") | ||
| @Produces(MediaType.APPLICATION_JSON) | ||
| @Consumes(MediaType.APPLICATION_JSON) | ||
| interface ServiceSecurityResource { | ||
| @GET | ||
| @Path("/getUserSecurityInfo") | ||
| @ApiOperation("获取安全相关信息") | ||
| fun getUserSecurityInfo( | ||
| @HeaderParam(AUTH_HEADER_DEVOPS_USER_ID) | ||
| @ApiParam("用户ID", required = true) | ||
| userId: String, | ||
| @ApiParam("项目ID", required = true) | ||
| @QueryParam("projectCode") | ||
| projectCode: String | ||
| ): Result<UserAndDeptInfoVo> | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
16 changes: 16 additions & 0 deletions
16
...kend/ci/core/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/pojo/BkUserDeptInfo.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| package com.tencent.devops.auth.pojo | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonProperty | ||
| import io.swagger.annotations.ApiModel | ||
| import io.swagger.annotations.ApiModelProperty | ||
|
|
||
| @ApiModel("用户部门详细信息") | ||
| data class BkUserDeptInfo( | ||
| @ApiModelProperty("id") | ||
| val id: String?, | ||
| @ApiModelProperty("部门名称") | ||
| val name: String?, | ||
| @ApiModelProperty("部门详细名称") | ||
| @JsonProperty("full_name") | ||
| val fullName: String? | ||
| ) |
14 changes: 14 additions & 0 deletions
14
...ackend/ci/core/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/pojo/BkUserExtras.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| package com.tencent.devops.auth.pojo | ||
|
|
||
| import com.fasterxml.jackson.annotation.JsonProperty | ||
| import io.swagger.annotations.ApiModel | ||
| import io.swagger.annotations.ApiModelProperty | ||
|
|
||
| @ApiModel("用户额外信息") | ||
| data class BkUserExtras( | ||
| @ApiModelProperty("性别") | ||
| val gender: String?, | ||
| @ApiModelProperty("postName") | ||
| @JsonProperty("postname") | ||
| val postName: String? | ||
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
26 changes: 26 additions & 0 deletions
26
...d/ci/core/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/pojo/ClientDetailsInfo.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| package com.tencent.devops.auth.pojo | ||
|
|
||
| import io.swagger.annotations.ApiModel | ||
| import io.swagger.annotations.ApiModelProperty | ||
|
|
||
| @ApiModel("Oauth2客户端详情") | ||
| data class ClientDetailsInfo( | ||
| @ApiModelProperty("客户端id", required = true) | ||
| val clientId: String, | ||
| @ApiModelProperty("客户端密钥", required = true) | ||
| val clientSecret: String, | ||
| @ApiModelProperty("客户端名称", required = true) | ||
| val clientName: String, | ||
| @ApiModelProperty("授权类型", required = true) | ||
| val authorizedGrantTypes: String, | ||
| @ApiModelProperty("跳转链接", required = true) | ||
| val redirectUri: String, | ||
| @ApiModelProperty("授权范围", required = true) | ||
| val scope: String, | ||
| @ApiModelProperty("accessToken有效期", required = true) | ||
| val accessTokenValidity: Long, | ||
| @ApiModelProperty("refreshToken有效期", required = true) | ||
| val refreshTokenValidity: Long, | ||
| @ApiModelProperty("图标", required = true) | ||
| val icon: String | ||
| ) |
14 changes: 14 additions & 0 deletions
14
...re/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/pojo/Oauth2AccessTokenRequest.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| package com.tencent.devops.auth.pojo | ||
|
|
||
| import io.swagger.annotations.ApiModel | ||
| import io.swagger.annotations.ApiModelProperty | ||
|
|
||
| @ApiModel("oauth2获取token请求报文体") | ||
| data class Oauth2AccessTokenRequest( | ||
| @ApiModelProperty("授权类型", required = true) | ||
| val grantType: String, | ||
| @ApiModelProperty("授权码,用于授权码模式", required = false) | ||
| val code: String? = null, | ||
| @ApiModelProperty("refreshToken,用于刷新授权码模式", required = false) | ||
| val refreshToken: String? = null | ||
| ) |
30 changes: 30 additions & 0 deletions
30
...i/core/auth/api-auth/src/main/kotlin/com/tencent/devops/auth/pojo/dto/ClientDetailsDTO.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| package com.tencent.devops.auth.pojo.dto | ||
|
|
||
| import io.swagger.annotations.ApiModel | ||
| import io.swagger.annotations.ApiModelProperty | ||
|
|
||
| @ApiModel("Oauth2客户端请求实体") | ||
| data class ClientDetailsDTO( | ||
| @ApiModelProperty("客户端ID") | ||
| val clientId: String, | ||
| @ApiModelProperty("客户端秘钥") | ||
| val clientSecret: String, | ||
| @ApiModelProperty("客户端名称") | ||
| val clientName: String, | ||
| @ApiModelProperty("授权操作范围") | ||
| val scope: String, | ||
| @ApiModelProperty("图标") | ||
| val icon: String, | ||
| @ApiModelProperty("授权模式") | ||
| val authorizedGrantTypes: String, | ||
| @ApiModelProperty("跳转链接") | ||
| val webServerRedirectUri: String, | ||
| @ApiModelProperty("access_token有效时间") | ||
| val accessTokenValidity: Long, | ||
| @ApiModelProperty("refresh_token有效时间") | ||
| val refreshTokenValidity: Long, | ||
| @ApiModelProperty("创建人") | ||
| val createUser: String? = null, | ||
| @ApiModelProperty("更新人") | ||
| val updateUser: String? = null | ||
| ) |
Oops, something went wrong.