Add handling for oauth(inherit from login) for rest api datasource

Author: aq-ikhwa-tech

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/query/ApplicationQueryApiService.java

@@ -16,11 +16,15 @@
 import org.lowcoder.domain.query.service.LibraryQueryRecordService;
 import org.lowcoder.domain.query.service.LibraryQueryService;
 import org.lowcoder.domain.query.service.QueryExecutionService;
+import org.lowcoder.domain.user.model.Connection;
+import org.lowcoder.domain.user.model.User;
 import org.lowcoder.infra.util.TupleUtils;
 import org.lowcoder.sdk.config.CommonConfig;
 import org.lowcoder.sdk.exception.BizError;
 import org.lowcoder.sdk.models.Property;
 import org.lowcoder.sdk.models.QueryExecutionResult;
+import org.lowcoder.sdk.plugin.restapi.RestApiDatasourceConfig;
+import org.lowcoder.sdk.plugin.restapi.auth.OAuthInheritAuthConfig;
 import org.lowcoder.sdk.query.QueryVisitorContext;
 import org.lowcoder.sdk.util.ExceptionUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -33,7 +37,9 @@
 import reactor.core.publisher.Timed;
 
 import javax.annotation.Nullable;
+import java.util.Collections;
 import java.util.List;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 import static org.lowcoder.domain.permission.model.ResourceAction.READ_APPLICATIONS;
@@ -91,12 +97,13 @@ public Mono<QueryExecutionResult> executeApplicationQuery(ServerWebExchange exch
         Mono<Datasource> datasourceMono = baseQueryMono.flatMap(query -> datasourceService.getById(query.getDatasourceId())
                         .switchIfEmpty(deferredError(BizError.DATASOURCE_NOT_FOUND, "DATASOURCE_NOT_FOUND", query.getDatasourceId())))
                 .cache();
-        return sessionUserService.getVisitorId()
-                .delayUntil(userId -> checkExecutePermission(userId, queryExecutionRequest.getPath(), appId,
+
+        return sessionUserService.getVisitor()
+                .delayUntil(user -> checkExecutePermission(user.getId(), queryExecutionRequest.getPath(), appId,
                         queryExecutionRequest.isViewMode()))
                 .zipWhen(visitorId -> Mono.zip(appMono, appQueryMono, baseQueryMono, datasourceMono), TupleUtils::merge)
                 .flatMap(tuple -> {
-                    String userId = tuple.getT1();
+                    String userId = tuple.getT1().getId();
                     Application app = tuple.getT2();
                     ApplicationQuery appQuery = tuple.getT3();
                     BaseQuery baseQuery = tuple.getT4();
@@ -107,8 +114,19 @@ public Mono<QueryExecutionResult> executeApplicationQuery(ServerWebExchange exch
                     }
 
                     MultiValueMap<String, HttpCookie> cookies = exchange.getRequest().getCookies();
-                    QueryVisitorContext queryVisitorContext = new QueryVisitorContext(userId, app.getOrganizationId(), port, cookies,
-                            getAuthParamsAndHeadersInheritFromLogin(userId, app.getOrganizationId()), commonConfig.getDisallowedHosts());
+
+                    Mono<List<Property>> paramsAndHeadersInheritFromLogin = Mono.empty();
+
+                    if (datasource.isRestApi()) {
+                        // then check if oauth inherited from login and save token
+                        if(datasource.getDetailConfig() instanceof RestApiDatasourceConfig restApiDatasourceConfig
+                                && restApiDatasourceConfig.isOauth2InheritFromLogin()) {
+                            paramsAndHeadersInheritFromLogin = getAuthParamsAndHeadersInheritFromLogin(tuple.getT1(), ((OAuthInheritAuthConfig)restApiDatasourceConfig.getAuthConfig()).getAuthId());
+
+                        }
+                    }
+
+                    QueryVisitorContext queryVisitorContext = new QueryVisitorContext(userId, app.getOrganizationId(), port, cookies, paramsAndHeadersInheritFromLogin, commonConfig.getDisallowedHosts());
                     return queryExecutionService.executeQuery(datasource, baseQuery.getQueryConfig(), queryExecutionRequest.paramMap(),
                                     appQuery.getTimeoutStr(), queryVisitorContext
                             )
@@ -174,8 +192,18 @@ private Mono<BaseQuery> getBaseQueryFromLibraryQuery(ApplicationQuery query) {
                 .map(LibraryQueryRecord::getQuery);
     }
 
-    protected Mono<List<Property>> getAuthParamsAndHeadersInheritFromLogin(String userId, String orgId) {
-        return Mono.empty();
+    protected Mono<List<Property>> getAuthParamsAndHeadersInheritFromLogin(User user, String authId) {
+        if(authId == null) {
+            return Mono.empty();
+        }
+        Optional<Connection> activeConnectionOptional = user.getConnections()
+                .stream()
+                .filter(connection -> connection.getAuthId().equals(authId))
+                .findFirst();
+        if(!activeConnectionOptional.isPresent() || activeConnectionOptional.get().getAuthConnectionAuthToken() == null) {
+            return Mono.empty();
+        }
+        return Mono.just(Collections.singletonList(new Property("Authorization","Bearer " + activeConnectionOptional.get().getAuthConnectionAuthToken().getAccessToken(),"header")));
     }
 
     protected void onNextOrError(QueryExecutionRequest queryExecutionRequest, QueryVisitorContext queryVisitorContext,

server/api-service/lowcoder-server/src/main/java/org/lowcoder/api/query/LibraryQueryApiService.java

@@ -346,6 +346,9 @@ private Mono<BaseQuery> getBaseQuery(LibraryQueryCombineId libraryQueryCombineId
     }
 
     protected Mono<List<Property>> getParamsAndHeadersInheritFromLogin(User user, String authId) {
+        if(authId == null) {
+            return Mono.empty();
+        }
         Optional<Connection> activeConnectionOptional = user.getConnections()
                 .stream()
                 .filter(connection -> connection.getAuthId().equals(authId))