diff --git a/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/constant/RepositoryMessageCode.kt b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/constant/RepositoryMessageCode.kt index a0f561300a1..db1e4de5273 100644 --- a/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/constant/RepositoryMessageCode.kt +++ b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/constant/RepositoryMessageCode.kt @@ -96,6 +96,7 @@ object RepositoryMessageCode { const val REPOSITORY_NO_SUPPORT_OAUTH = "2115045" // ({0})类型代码库暂不支持OAUTH授权 const val USER_NOT_PERMISSIONS_OPERATE_REPOSITORY = "2115046" // 用户({0})无权限在工程({1})下{2}流水线{3} + const val FAIL_TO_GET_OPEN_COPILOT_TOKEN = "2115048" // 获取open copilot token 失败, 失败详情: {0} const val BK_REQUEST_FILE_SIZE_LIMIT = "bkRequestFileSizeLimit" // 请求文件不能超过1M const val OPERATION_ADD_CHECK_RUNS = "OperationAddCheckRuns" // 添加检测任务 diff --git a/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/enums/TokenAppTypeEnum.kt b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/enums/TokenAppTypeEnum.kt new file mode 100644 index 00000000000..28e31c9fd03 --- /dev/null +++ b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/enums/TokenAppTypeEnum.kt @@ -0,0 +1,36 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.devops.repository.pojo.enums + +/** + * token 应用类型 + */ +enum class TokenAppTypeEnum { + OAUTH2, // oauth2认证 + COPILOT_OPEN_TOKEN; // copilot open token +} diff --git a/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/oauth/RepositoryScmToken.kt b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/oauth/RepositoryScmToken.kt new file mode 100644 index 00000000000..b0984dfcc41 --- /dev/null +++ b/src/backend/ci/core/repository/api-repository/src/main/kotlin/com/tencent/devops/repository/pojo/oauth/RepositoryScmToken.kt @@ -0,0 +1,50 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.devops.repository.pojo.oauth + +import com.fasterxml.jackson.annotation.JsonProperty +import io.swagger.v3.oas.annotations.media.Schema + +@Schema(title = "Token模型") +data class RepositoryScmToken( + @get:Schema(title = "鉴权token") + @JsonProperty("access_token") + var userId: String = "", + @get:Schema(title = "代码库类型") + var scmCode: String = "", + @get:Schema(title = "应用类型") + var appType: String = "", + @get:Schema(title = "鉴权token") + var accessToken: String = "", + @get:Schema(title = "刷新token") + var refreshToken: String = "", + @get:Schema(title = "过期时间") + val expiresIn: Long = 0L, + @get:Schema(title = "创建时间") + val createTime: Long? = 0L +) diff --git a/src/backend/ci/core/repository/biz-repository/src/main/kotlin/com/tencent/devops/repository/dao/RepositoryScmTokenDao.kt b/src/backend/ci/core/repository/biz-repository/src/main/kotlin/com/tencent/devops/repository/dao/RepositoryScmTokenDao.kt new file mode 100644 index 00000000000..e17e9b2df05 --- /dev/null +++ b/src/backend/ci/core/repository/biz-repository/src/main/kotlin/com/tencent/devops/repository/dao/RepositoryScmTokenDao.kt @@ -0,0 +1,88 @@ +/* + * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available. + * + * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. + * + * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license. + * + * A copy of the MIT License is included in this file. + * + * + * Terms of the MIT License: + * --------------------------------------------------- + * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated + * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all copies or substantial portions of + * the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT + * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN + * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ + +package com.tencent.devops.repository.dao + +import com.tencent.devops.model.repository.tables.TRepositoryScmToken +import com.tencent.devops.model.repository.tables.records.TRepositoryScmTokenRecord +import com.tencent.devops.repository.pojo.oauth.RepositoryScmToken +import org.jooq.DSLContext +import org.springframework.stereotype.Repository +import java.time.LocalDateTime + +@Repository +class RepositoryScmTokenDao { + fun getToken( + dslContext: DSLContext, + userId: String, + scmCode: String, + appType: String + ): TRepositoryScmTokenRecord? { + with(TRepositoryScmToken.T_REPOSITORY_SCM_TOKEN) { + return dslContext.selectFrom(this) + .where( + USER_ID.eq(userId) + .and(SCM_CODE.eq(scmCode)) + .and(APP_TYPE.eq(appType)) + ) + .fetchOne() + } + } + + fun saveAccessToken(dslContext: DSLContext, scmToken: RepositoryScmToken): Int { + with(TRepositoryScmToken.T_REPOSITORY_SCM_TOKEN) { + val now = LocalDateTime.now() + return dslContext.insertInto( + this, + USER_ID, + SCM_CODE, + APP_TYPE, + ACCESS_TOKEN, + REFRESH_TOKEN, + EXPIRES_IN, + CREATE_TIME, + UPDATE_TIME + ) + .values( + scmToken.userId, + scmToken.scmCode, + scmToken.appType, + scmToken.accessToken, + scmToken.refreshToken, + scmToken.expiresIn, + now, + now + ) + .onDuplicateKeyUpdate() + .set(ACCESS_TOKEN, scmToken.accessToken) + .set(REFRESH_TOKEN, scmToken.refreshToken) + .set(EXPIRES_IN, scmToken.expiresIn) + .set(UPDATE_TIME, LocalDateTime.now()) + .execute() + } + } +} diff --git a/support-files/i18n/repository/message_en_US.properties b/support-files/i18n/repository/message_en_US.properties index a6ebabe38e3..76d84eaab51 100644 --- a/support-files/i18n/repository/message_en_US.properties +++ b/support-files/i18n/repository/message_en_US.properties @@ -47,6 +47,7 @@ 2115044=User [{0}] has not authorized Github Oauth yet. Please authorize first 2115045=({0}) type of code repository does not currently support OAUTH authorization 2100054=User ({0}) does not have permission to {2} repository {3} under project ({1}). +2115048=Failed to get open copilot token, failure details: {0} bkRequestFileSizeLimit=The request file cannot exceed 1m OperationAddCheckRuns=Add a detection task OperationUpdateCheckRuns=Update the detection task diff --git a/support-files/i18n/repository/message_zh_CN.properties b/support-files/i18n/repository/message_zh_CN.properties index 7b08079fde9..acfa170835c 100644 --- a/support-files/i18n/repository/message_zh_CN.properties +++ b/support-files/i18n/repository/message_zh_CN.properties @@ -46,6 +46,7 @@ 2115044=用户[{0}]尚未进行GITHUB OAUTH授权,请先授权 2115045=({0})类型代码库暂不支持OAUTH授权 2115046=用户({0})无权限在工程({1})下{2}代码库{3} +2115048=获取open copilot token 失败, 失败详情: {0} bkRequestFileSizeLimit=请求文件不能超过1M OperationAddCheckRuns=添加检测任务 OperationUpdateCheckRuns=更新检测任务 diff --git a/support-files/sql/1001_ci_repository_ddl_mysql.sql b/support-files/sql/1001_ci_repository_ddl_mysql.sql index d76cd4e5c15..3d994cb272a 100644 --- a/support-files/sql/1001_ci_repository_ddl_mysql.sql +++ b/support-files/sql/1001_ci_repository_ddl_mysql.sql @@ -244,4 +244,23 @@ CREATE TABLE IF NOT EXISTS `T_REPOSITORY_WEBHOOK_REQUEST` PRIMARY KEY (`REQUEST_ID`, `CREATE_TIME`) ) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COMMENT ='代码库WEBHOOK请求表'; + +-- ---------------------------- +-- Table structure for T_REPOSITORY_SCM_TOKEN +-- ---------------------------- + +CREATE TABLE IF NOT EXISTS `T_REPOSITORY_SCM_TOKEN` ( + `ID` bigint(20) NOT NULL AUTO_INCREMENT, + `USER_ID` varchar(64) NOT NULL DEFAULT '' COMMENT '用户名', + `SCM_CODE` varchar(64) NOT NULL DEFAULT '' COMMENT '代码库类型', + `APP_TYPE` varchar(64) NOT NULL DEFAULT '' COMMENT 'app类型', + `ACCESS_TOKEN` varchar(256) DEFAULT NULL COMMENT 'access token 密文', + `REFRESH_TOKEN` varchar(256) DEFAULT NULL COMMENT 'access refresh token', + `EXPIRES_IN` bigint(20) DEFAULT NULL COMMENT '过期时间', + `CREATE_TIME` datetime DEFAULT NULL COMMENT '创建时间', + `UPDATE_TIME` datetime DEFAULT NULL COMMENT '更新时间', + PRIMARY KEY (`ID`), + UNIQUE KEY `UNIQ_USER_SCM_CODE_APP_TYPE` (`USER_ID`,`SCM_CODE`,`APP_TYPE`) +) ENGINE=INNODB DEFAULT CHARSET=utf8mb4 COMMENT='代码仓库token表'; + SET FOREIGN_KEY_CHECKS = 1;