• Home
• com.tencent.bk.repo
• common-security
• 1.1.0-RELEASE
• source code
• AuthenticationManager.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.tencent.bkrepo.common.security.manager.AuthenticationManager.kt Maven / Gradle / Ivy

/*
 * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
 *
 * Copyright (C) 2021 THL A29 Limited, a Tencent company.  All rights reserved.
 *
 * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
 *
 * A copy of the MIT License is included in this file.
 *
 *
 * Terms of the MIT License:
 * ---------------------------------------------------
 * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
 * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all copies or substantial portions of
 * the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
 * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
 * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */

package com.tencent.bkrepo.common.security.manager

import com.tencent.bkrepo.auth.api.ServiceAccountClient
import com.tencent.bkrepo.auth.api.ServiceOauthAuthorizationClient
import com.tencent.bkrepo.auth.api.ServiceTemporaryTokenClient
import com.tencent.bkrepo.auth.api.ServiceUserClient
import com.tencent.bkrepo.auth.pojo.oauth.AuthorizationGrantType
import com.tencent.bkrepo.auth.pojo.oauth.OauthToken
import com.tencent.bkrepo.auth.pojo.token.TemporaryTokenInfo
import com.tencent.bkrepo.auth.pojo.user.CreateUserRequest
import com.tencent.bkrepo.auth.pojo.user.UserInfo
import com.tencent.bkrepo.common.security.exception.AuthenticationException
import org.springframework.beans.factory.annotation.Autowired

@Suppress("SpringJavaInjectionPointsAutowiringInspection")
open class AuthenticationManager {
    @Autowired
    private lateinit var serviceUserClient: ServiceUserClient

    @Autowired
    private lateinit var serviceAccountClient: ServiceAccountClient

    @Autowired
    private lateinit var serviceOauthAuthorizationClient: ServiceOauthAuthorizationClient

    @Autowired
    private lateinit var serviceTemporaryTokenClient: ServiceTemporaryTokenClient

    /**
     * 校验普通用户类型账户
     * @throws AuthenticationException 校验失败
     */
    open fun checkUserAccount(uid: String, token: String): String {
        val response = serviceUserClient.checkToken(uid, token)
        return if (response.data == true) uid else throw AuthenticationException("Authorization value check failed")
    }

    /**
     * 校验平台账户
     * @throws AuthenticationException 校验失败
     */
    open fun checkPlatformAccount(accessKey: String, secretKey: String): String {
        val response = serviceAccountClient.checkAccountCredential(
            accesskey = accessKey,
            secretkey = secretKey,
            authorizationGrantType = AuthorizationGrantType.PLATFORM
        )
        return response.data ?: throw AuthenticationException("AccessKey/SecretKey check failed.")
    }

    /**
     * 校验Oauth Token
     */
    open fun checkOauthToken(accessToken: String): String {
        val response = serviceOauthAuthorizationClient.validateToken(accessToken)
        return response.data ?: throw AuthenticationException("Access token check failed.")
    }

    /**
     * 普通用户类型账户
     */
    open fun createUserAccount(userId: String) {
        val request = CreateUserRequest(userId = userId, name = userId)
        serviceUserClient.createUser(request)
    }

    /**
     * 根据用户id[userId]查询用户信息
     * 当用户不存在时返回`null`
     */
    open fun findUserAccount(userId: String): UserInfo? {
        return serviceUserClient.userInfoById(userId).data
    }
    /**
     * 根据用户id[userId]查询用户密码
     * 当用户不存在时返回`null`
     */
    fun findUserPwd(userId: String): String? {
        return serviceUserClient.userPwdById(userId).data
    }

    /**
     * 根据用户id[userId]查询用户token
     */
    fun findUserToken(userId: String): List? {
        return serviceUserClient.userTokenById(userId).data
    }

    open fun findOauthToken(accessToken: String): OauthToken? {
        return serviceOauthAuthorizationClient.getToken(accessToken).data
    }

    /**
     * 根据appId和ak查找sk
     * */
    open fun findSecretKey(appId: String, accessKey: String): String? {
        return serviceAccountClient.findSecretKey(appId, accessKey).data
    }

    open fun getTokenInfo(token: String): TemporaryTokenInfo? {
        return serviceTemporaryTokenClient.getTokenInfo(token).data
    }
}