Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for personal access token mechanism #4598

Merged
merged 2 commits into from Sep 25, 2023
Merged

Support for personal access token mechanism #4598

merged 2 commits into from Sep 25, 2023

Conversation

JohnNiang
Copy link
Member

What type of PR is this?

/kind feature
/kind api-change
/area core

What this PR does / why we need it:

Support for personal access token mechanism.

Which issue(s) this PR fixes:

Fixes #1309

Special notes for your reviewer:

Does this PR introduce a user-facing change?

提供个人访问令牌机制

@f2c-ci-robot f2c-ci-robot bot added release-note Denotes a PR that will be considered when it comes time to generate release notes. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/feature Categorizes issue or PR as related to a new feature. labels Sep 13, 2023
@f2c-ci-robot f2c-ci-robot bot added kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API area/core Issues or PRs related to the Halo Core labels Sep 13, 2023
@codecov
Copy link

codecov bot commented Sep 13, 2023
edited

Codecov Report

Merging #4598 (1e1285e) into main (7de97e4) will decrease coverage by 0.11%.
The diff coverage is 57.46%.

@@             Coverage Diff              @@
##               main    #4598      +/-   ##
============================================
- Coverage     61.11%   61.01%   -0.11%     
- Complexity     2570     2611      +41     
============================================
  Files           374      378       +4     
  Lines         13171    13550     +379     
  Branches        938      958      +20     
============================================
+ Hits           8049     8267     +218     
- Misses         4669     4817     +148     
- Partials        453      466      +13
Files Changed Coverage Δ
...e/extension/service/DefaultRoleBindingService.java 91.66% <ø> (ø)
...alo/app/security/DefaultSuperAdminInitializer.java 5.00% <ø> (ø)
...a/run/halo/app/security/SuperAdminInitializer.java 0.00% <ø> (ø)
...uthentication/pat/PatServerWebExchangeMatcher.java 20.00% <20.00%> (ø)
.../JwtScopesAndRolesGrantedAuthoritiesConverter.java 21.42% <21.42%> (ø)
...y/authentication/pat/PatAuthenticationManager.java 27.27% <27.27%> (+27.27%) ⬆️
...app/core/extension/service/DefaultRoleService.java 51.16% <43.39%> (-20.58%) ⬇️
...hentication/pat/impl/UserScopedPatHandlerImpl.java 49.33% <49.33%> (ø)
...halo/app/core/extension/endpoint/UserEndpoint.java 83.12% <52.63%> (-5.22%) ⬇️
...rity/authentication/pat/DefaultPatJwkSupplier.java 89.74% <89.74%> (ø)
... and 4 more

@ruibaby
Copy link
Member

ruibaby commented Sep 20, 2023

/milestone 2.10.x

@f2c-ci-robot f2c-ci-robot bot added this to the 2.10.x milestone Sep 20, 2023
@JohnNiang JohnNiang changed the title WIP: Support for personal access token mechanism Support for personal access token mechanism Sep 20, 2023
@f2c-ci-robot f2c-ci-robot bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Sep 20, 2023
@ruibaby
Copy link
Member

ruibaby commented Sep 20, 2023

/hold

TODO:

  • 优化 UI
  • 完善 i18n

@f2c-ci-robot f2c-ci-robot bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 20, 2023
@JohnNiang JohnNiang added the tide/merge-method-merge Denotes a PR that should use a standard merge by tide when it merges. label Sep 22, 2023
@ruibaby
Copy link
Member

ruibaby commented Sep 22, 2023

/unhold

@f2c-ci-robot f2c-ci-robot bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 22, 2023
ruibaby
ruibaby reviewed Sep 22, 2023
View reviewed changes
Copy link
Member

@ruibaby ruibaby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@f2c-ci-robot f2c-ci-robot bot added the lgtm Indicates that a PR is ready to be merged. label Sep 22, 2023
guqing
guqing approved these changes Sep 25, 2023
View reviewed changes
Copy link
Member

@guqing guqing left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@f2c-ci-robot
Copy link

f2c-ci-robot bot commented Sep 25, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: guqing

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@f2c-ci-robot f2c-ci-robot bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 25, 2023
@f2c-ci-robot f2c-ci-robot bot merged commit a29c608 into halo-dev:main Sep 25, 2023
4 checks passed
@JohnNiang JohnNiang deleted the feat/personal-access-token branch September 25, 2023 03:48
@ruibaby ruibaby removed this from the 2.10.x milestone Sep 25, 2023
@ruibaby ruibaby added this to the 2.10.0 milestone Sep 25, 2023
@JohnNiang JohnNiang mentioned this pull request Sep 26, 2023
Merged
f2c-ci-robot bot pushed a commit that referenced this pull request Sep 26, 2023
@JohnNiang
Remove redundant users path for PAT endpoint (#4662)
a5a6978 
#### What type of PR is this?

/kind improvement
/kind api-change
/area core

#### What this PR does / why we need it:

This PR refines route paths created from <#4598>. Because the user scope is not necessary here.

#### Special notes for your reviewer:

Try to manage your PATs.

#### Does this PR introduce a user-facing change?

```release-note
None
```
@JohnNiang JohnNiang mentioned this pull request Sep 28, 2023
Merged
f2c-ci-robot bot pushed a commit that referenced this pull request Sep 28, 2023
@JohnNiang
Update the lastUsed timestamp of PAT at least one minute apart (#4671)
37ddccc 
#### What type of PR is this?

/kind bug
/area core

#### What this PR does / why we need it:

After PAT mechanism implemented by <#4598>, if we use the same PAT to request endpoints concurrently, we may encounter an error like the screenshot below:

<img width="1920" alt="image" src="https://github.com/halo-dev/halo/assets/16865714/30899a0c-ad98-44a1-ae7d-0eda603945f0">

This PR fixes the problem introduced by <#4598>.

We update the lastUsed timestamp of PAT at least one minute apart and with retry.

#### Does this PR introduce a user-facing change?

```release-note
None
```
@longjuan longjuan mentioned this pull request Oct 7, 2023
Closed
@JohnNiang JohnNiang mentioned this pull request Feb 18, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ruibaby ruibaby ruibaby left review comments

@guqing guqing guqing approved these changes

@LIlGG LIlGG Awaiting requested review from LIlGG

@minliacom minliacom Awaiting requested review from minliacom

Assignees

@ruibaby ruibaby

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/core Issues or PRs related to the Halo Core kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. tide/merge-method-merge Denotes a PR that should use a standard merge by tide when it merges.
Projects
None yet
Milestone
2.10.0
Development

Successfully merging this pull request may close these issues.

feat: 重构 API 授权服务并新增 scope 选项
3 participants
@JohnNiang @ruibaby @guqing