client_create.py 4.6 KB

原文件审查历史永久链接

# coding=utf-8
#author:        qianyingz
#createtime:    2021/8/13
#email:         qianyingz@chinadci.com

from re import split
from .models import *
from app.util.component.ApiTemplate import ApiTemplate
from werkzeug.security import gen_salt
import time
import string


class Api(ApiTemplate):
    api_name = "注册客户端"

    def para_check(self):
        if not self.para.get("name"):
            raise Exception("name is null")
        if not self.para.get("uri"):
            raise Exception("uri is null")
        if not self.para.get("redirect_uris"):
            raise Exception("redirect_uris is null")
        # if not self.para.get('username'):
        #     raise Exception("username is null")
         # if not self.para.get("scope"):
        #     raise Exception("scope is null")
        # if not self.para.get("grant_type"):
        #     raise Exception("grant_type is null")
        # if not self.para.get("response_type"):
        #     raise Exception("response_type is null")

    def process(self):

        # 返回结果
        res = {}
        res["result"] = False
        try:
            # 默认值
            scope = "openid profile"
            grant_type = ["authorization_code"]
            response_type = ["code"]
            auth_method = "client_secret_basic"
            # 业务逻辑
            username = self.para.get("username")
            client_id = gen_salt(24)
            name = self.para.get("name")
            uri = self.para.get("uri")
            redirect_uris = self.para.get("redirect_uris").split(",")

            if not username:
                username = 'admin'
            user = User.query.filter_by(username=username).first()
            if not User:
                res["msg"] = "username 指定用户不存在"
                res["data"] = {}
                res["result"] = False
            else:
                client = OAuth2Client(client_id=client_id, user_id=user.id)
                # Mixin doesn"t set the issue_at date
                client.client_id_issued_at = int(time.time())
                if client.token_endpoint_auth_method == "none":
                    client.client_secret = ""
                else:
                    client.client_secret = gen_salt(48)
                    client_metadata = {
                        "client_name": name,
                        "client_uri": uri,
                        "grant_types": grant_type,
                        "redirect_uris": redirect_uris,
                        "response_types": response_type,
                        "scope": scope,
                        "token_endpoint_auth_method": auth_method
                    }
                    client.set_client_metadata(client_metadata)
                    db.session.add(client)
                    db.session.commit()
                    res["msg"] = "创建client成功"
                    res["data"] = {"client_secret": client.client_secret,
                                   "client_id": client.client_id}
                    res["result"] = True
        except Exception as e:
            db.session.rollback()
            raise e
        return res

    api_doc = {

        "tags": ["认证接口"],
        "parameters": [
            {"name": "name",
             "in": "formData",
             "type": "string",
             "description": "客户端名称",
             "required": "true"},
            {"name": "uri",
             "in": "formData",
             "type": "string",
             "description": "客户端地址，多个地址用,连接",
             "required": "true"},
            {"name": "redirect_uris",
             "in": "formData",
             "type": "string",
             "description": "重定向地址",
             "required": "true"},
            {"name": "username",
             "in": "formData",
             "type": "string",
             "description": "注册client账号，默认使用admin"
             },
            # {"name": "scope",
            #  "in": "formData",
            #  "type": "string",
            #  "description": "范围"},
            # {"name": "grant_type",
            #  "in": "formData",
            #  "type": "string",
            #  "description": "授权类型: authorization_code"},
            #  {"name": "response_type",
            #  "in": "formData",
            #  "type": "string",
            #  "description": "授权类型: code"}
        ],
        "responses": {
            200: {
                "schema": {
                    "properties": {
                    }
                }
            }
        }
    }