Merge pull request #150 from eolinker/feature/pre_router

Feature/pre router
eolinker · Jan 22, 2024 · bfcb49b · bfcb49b
2 parents bbc0efe + aacd9c0
commit bfcb49b
Show file tree

Hide file tree

Showing 14 changed files with 435 additions and 393 deletions.
diff --git a/app/apinto/plugin.go b/app/apinto/plugin.go
@@ -9,6 +9,7 @@ import (
 	grpc_proxy_rewrite "github.com/eolinker/apinto/drivers/plugins/grpc-proxy-rewrite"
 	"github.com/eolinker/apinto/drivers/plugins/gzip"
 	js_inject "github.com/eolinker/apinto/drivers/plugins/js-inject"
+	"github.com/eolinker/apinto/drivers/plugins/oauth2"
 	params_check "github.com/eolinker/apinto/drivers/plugins/params-check"
 	"github.com/eolinker/apinto/drivers/plugins/prometheus"
 	request_file_parse "github.com/eolinker/apinto/drivers/plugins/request-file-parse"
@@ -101,4 +102,7 @@ func pluginRegister(extenderRegister eosc.IExtenderDriverRegister) {
 
 	// 计数插件
 	counter.Register(extenderRegister)
+
+	// 鉴权插件
+	oauth2.Register(extenderRegister)
 }
diff --git a/application/auth/oauth2/authorize.go b/application/auth/oauth2/authorize.go
diff --git a/application/auth/oauth2/config.go b/application/auth/oauth2/config.go
@@ -2,12 +2,6 @@ package oauth2
 
 import "github.com/eolinker/apinto/application"
 
-const (
-	GrantAuthorizationCode = "authorization_code"
-	GrantClientCredentials = "client_credentials"
-	GrantRefreshToken      = "refresh_token"
-)
-
 type Config struct {
 	application.Auth
 	Users []*User `json:"users" label:"用户列表"`
@@ -19,22 +13,11 @@ type User struct {
 }
 
 type Pattern struct {
-	ClientId                      string   `json:"client_id"`
-	ClientSecret                  string   `json:"client_secret"`
-	ClientType                    string   `json:"client_type"`
-	HashSecret                    bool     `json:"hash_secret"`
-	RedirectUrls                  []string `json:"redirect_urls" label:"重定向URL"`
-	Scopes                        []string `json:"scopes" label:"授权范围"`
-	MandatoryScope                bool     `json:"mandatory_scope" label:"强制授权"`
-	ProvisionKey                  string   `json:"provision_key" label:"Provision Key"`
-	TokenExpiration               int      `json:"token_expiration" label:"令牌过期时间"`
-	RefreshTokenTTL               int      `json:"refresh_token_ttl" label:"刷新令牌TTL"`
-	EnableAuthorizationCode       bool     `json:"enable_authorization_code"  label:"启用授权码模式"`
-	EnableImplicitGrant           bool     `json:"enable_implicit_grant" label:"启用隐式授权模式"`
-	EnableClientCredentials       bool     `json:"enable_client_credentials" label:"启用客户端凭证模式"`
-	AcceptHttpIfAlreadyTerminated bool     `json:"accept_http_if_already_terminated" label:"如果已终止，则接受HTTP"`
-	ReuseRefreshToken             bool     `json:"reuse_refresh_token" label:"重用刷新令牌"`
-	PersistentRefreshToken        bool     `json:"persistent_refresh_token" label:"持久刷新令牌"`
+	ClientId     string   `json:"client_id" label:"客户端ID"`
+	ClientSecret string   `json:"client_secret" label:"客户端密钥"`
+	ClientType   string   `json:"client_type" label:"客户端类型" enum:"public,confidential"`
+	HashSecret   bool     `json:"hash_secret" label:"是否Hash加密"`
+	RedirectUrls []string `json:"redirect_urls" label:"重定向URL列表"`
 }
 
 func (u *User) Username() string {

diff --git a/application/auth/oauth2/factory.go b/application/auth/oauth2/factory.go
@@ -2,7 +2,6 @@ package oauth2
 
 import (
 	"fmt"
-	"net/http"
 	"reflect"
 
 	"github.com/eolinker/eosc/utils/schema"
@@ -46,20 +45,7 @@ func (f *factory) Alias() []string {
 }
 
 func (f *factory) PreRouters() []*auth.PreRouter {
-	return []*auth.PreRouter{
-		{
-			ID:         "/oauth2/token",
-			PreHandler: NewHandler(NewTokenHandler()),
-			Path:       "/oauth2/token",
-			Method:     []string{http.MethodPost},
-		},
-		{
-			ID:         "/oauth2/authorize",
-			PreHandler: NewHandler(NewAuthorizeHandler()),
-			Path:       "/oauth2/authorize",
-			Method:     []string{http.MethodPost},
-		},
-	}
+	return []*auth.PreRouter{}
 }
 
 func (f *factory) Create(tokenName string, position string, rule interface{}) (application.IAuth, error) {

diff --git a/application/auth/oauth2/handler.go b/application/auth/oauth2/handler.go
diff --git a/application/auth/oauth2/hash.go b/application/auth/oauth2/hash.go
@@ -47,39 +47,3 @@ func extractHashRule(hash string) (*hashRule, error) {
 		value:      parts[4],
 	}, nil
 }
-
-//
-//func hashSecret(secret []byte, saltLen int, iterations int, keyLength int) (string, error) {
-//	if saltLen < 1 {
-//		saltLen = 16
-//	}
-//	salt, err := generateRandomSalt(saltLen)
-//	if err != nil {
-//		return "", err
-//	}
-//	// 迭代次数和密钥长度
-//	if iterations < 1 {
-//		iterations = 10000
-//	}
-//	if keyLength < 1 {
-//		keyLength = 32
-//	}
-//
-//	// 使用 PBKDF2 密钥派生函数
-//	key := pbkdf2.Key(secret, salt, iterations, keyLength, sha512.New)
-//	return fmt.Sprintf("$pbkdf2-sha512$i=%d,l=%d$%s$%s", iterations, keyLength, base64.RawStdEncoding.EncodeToString(salt), base64.RawStdEncoding.EncodeToString(key)), nil
-//}
-
-//func generateRandomSalt(length int) ([]byte, error) {
-//	// Create a byte slice with the specified length
-//	salt := make([]byte, length)
-//
-//	// Use crypto/rand to fill the slice with random bytes
-//	_, err := rand.Read(salt)
-//	if err != nil {
-//		return nil, err
-//	}
-//
-//	// Return the salt as a hexadecimal string
-//	return salt, nil
-//}