Skip to content

Add OAuth(Inherit From Login) Handling To GraphQL API Datasource #612

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 3, 2024
Merged

Add OAuth(Inherit From Login) Handling To GraphQL API Datasource #612

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
129 changes: 85 additions & 44 deletions ...oder-plugins/graphqlPlugin/src/main/java/org/lowcoder/plugin/graphql/GraphQLExecutor.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package org.lowcoder.plugin.graphql;

import static com.google.common.base.MoreObjects.firstNonNull;
import static org.apache.commons.collections4.MapUtils.emptyIfNull;
import static org.apache.commons.lang3.StringUtils.firstNonBlank;
import static org.apache.commons.lang3.StringUtils.trimToEmpty;
import static org.lowcoder.plugin.graphql.GraphQLError.GRAPHQL_EXECUTION_ERROR;
Expand All @@ -10,6 +11,8 @@
import static org.lowcoder.sdk.exception.PluginCommonError.QUERY_EXECUTION_ERROR;
import static org.lowcoder.sdk.exception.PluginCommonError.QUERY_EXECUTION_TIMEOUT;
import static org.lowcoder.sdk.plugin.restapi.auth.RestApiAuthType.DIGEST_AUTH;
import static org.lowcoder.sdk.plugin.restapi.auth.RestApiAuthType.OAUTH2_INHERIT_FROM_LOGIN;
import static org.lowcoder.sdk.util.ExceptionUtils.propagateError;
import static org.lowcoder.sdk.util.JsonUtils.readTree;
import static org.lowcoder.sdk.util.JsonUtils.toJsonThrows;
import static org.lowcoder.sdk.util.MustacheHelper.renderMustacheString;
Expand All @@ -30,6 +33,8 @@

import javax.annotation.Nullable;

import com.google.common.collect.ImmutableMap;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.lowcoder.plugin.graphql.constants.ResponseDataType;
Expand Down Expand Up @@ -83,6 +88,8 @@
public class GraphQLExecutor implements QueryExecutor<GraphQLDatasourceConfig, Object, GraphQLQueryExecutionContext> {
private static final String RESPONSE_DATA_TYPE = "X-LOWCODER-RESPONSE-DATA-TYPE";
private static final String GRAPHQL_TYPE = "application/graphql";

private static final String DEFAULT_GRAPHQL_ERROR_CODE = "GRAPHQL_EXECUTION_ERROR";
private static final int MAX_REDIRECTS = 5;
private static final Set<String> BINARY_DATA_TYPES = Set.of("application/zip",
"application/octet-stream",
Expand Down Expand Up @@ -245,53 +252,54 @@ private List<Property> buildBodyParams(List<Property> datasourceBodyFormData, Li

@Override
public Mono<QueryExecutionResult> executeQuery(Object o, GraphQLQueryExecutionContext context) {
return Mono.defer(() -> {
URI uri = RestApiUriBuilder.buildUri(context.getUrl(), new HashMap<>(), context.getUrlParams());
WebClient.Builder webClientBuilder = WebClientBuildHelper.builder()
.disallowedHosts(commonConfig.getDisallowedHosts())
.toWebClientBuilder();

Map<String, String> allHeaders = context.getHeaders();
String contentType = context.getContentType();
allHeaders.forEach(webClientBuilder::defaultHeader);

//basic auth
AuthConfig authConfig = context.getAuthConfig();
if (authConfig != null && authConfig.getType() == RestApiAuthType.BASIC_AUTH) {
webClientBuilder.defaultHeaders(AuthHelper.basicAuth((BasicAuthConfig) authConfig));
}
return Mono.defer(() -> authByOauth2InheritFromLogin(context))
.then(Mono.defer(() -> {
URI uri = RestApiUriBuilder.buildUri(context.getUrl(), new HashMap<>(), context.getUrlParams());
WebClient.Builder webClientBuilder = WebClientBuildHelper.builder()
.disallowedHosts(commonConfig.getDisallowedHosts())
.toWebClientBuilder();

Map<String, String> allHeaders = context.getHeaders();
String contentType = context.getContentType();
allHeaders.forEach(webClientBuilder::defaultHeader);

//basic auth
AuthConfig authConfig = context.getAuthConfig();
if (authConfig != null && authConfig.getType() == RestApiAuthType.BASIC_AUTH) {
webClientBuilder.defaultHeaders(AuthHelper.basicAuth((BasicAuthConfig) authConfig));
}

if (MediaType.MULTIPART_FORM_DATA_VALUE.equals(contentType)) {
webClientBuilder.filter(new BufferingFilter());
}
if (MediaType.MULTIPART_FORM_DATA_VALUE.equals(contentType)) {
webClientBuilder.filter(new BufferingFilter());
}

webClientBuilder.defaultCookies(injectCookies(context));
webClientBuilder.defaultCookies(injectCookies(context));

WebClient client = webClientBuilder
.exchangeStrategies(EXCHANGE_STRATEGIES)
.build();
if (!GRAPHQL_TYPE.equalsIgnoreCase(contentType)) {
context.setQueryBody(convertToGraphQLBody(context));
}
BodyInserter<?, ? super ClientHttpRequest> bodyInserter = buildBodyInserter(
context.isEncodeParams(),
contentType,
context.getQueryBody(),
context.getBodyParams());
return httpCall(client, context.getHttpMethod(), uri, bodyInserter, 0, authConfig, DEFAULT_HEADERS_CONSUMER)
.flatMap(clientResponse -> clientResponse.toEntity(byte[].class))
.map(this::convertToQueryExecutionResult)
.onErrorResume(error -> {
if (error instanceof TimeoutException) {
return Mono.just(QueryExecutionResult.error(QUERY_EXECUTION_TIMEOUT, "QUERY_TIMEOUT_ERROR", error));
}
if (error instanceof PluginException pluginException) {
throw pluginException;
}
return Mono.just(
QueryExecutionResult.error(GRAPHQL_EXECUTION_ERROR, "GRAPHQL_EXECUTION_ERROR", error));
});
});
WebClient client = webClientBuilder
.exchangeStrategies(EXCHANGE_STRATEGIES)
.build();
if (!GRAPHQL_TYPE.equalsIgnoreCase(contentType)) {
context.setQueryBody(convertToGraphQLBody(context));
}
BodyInserter<?, ? super ClientHttpRequest> bodyInserter = buildBodyInserter(
context.isEncodeParams(),
contentType,
context.getQueryBody(),
context.getBodyParams());
return httpCall(client, context.getHttpMethod(), uri, bodyInserter, 0, authConfig, DEFAULT_HEADERS_CONSUMER)
.flatMap(clientResponse -> clientResponse.toEntity(byte[].class))
.map(this::convertToQueryExecutionResult)
.onErrorResume(error -> {
if (error instanceof TimeoutException) {
return Mono.just(QueryExecutionResult.error(QUERY_EXECUTION_TIMEOUT, "QUERY_TIMEOUT_ERROR", error));
}
if (error instanceof PluginException pluginException) {
throw pluginException;
}
return Mono.just(
QueryExecutionResult.error(GRAPHQL_EXECUTION_ERROR, "GRAPHQL_EXECUTION_ERROR", error));
});
}));
}

private Consumer<MultiValueMap<String, String>> injectCookies(GraphQLQueryExecutionContext request) {
Expand Down Expand Up @@ -458,6 +466,39 @@ private ResponseBodyData parseResponseDataInfo(byte[] body, MediaType contentTyp
}
}

private Mono<Void> authByOauth2InheritFromLogin(GraphQLQueryExecutionContext context) {
if (context.getAuthConfig() == null || context.getAuthConfig().getType() != OAUTH2_INHERIT_FROM_LOGIN) {
return Mono.empty();
}
return context.getAuthTokenMono()
.doOnNext(properties -> {
Map<String, List<Property>> propertyMap = properties.stream()
.collect(Collectors.groupingBy(Property::getType));

List<Property> params = propertyMap.get("param");
if (CollectionUtils.isNotEmpty(params)) {
Map<String, String> paramMap = new HashMap<>(emptyIfNull(context.getUrlParams()));
for (Property param : params) {
paramMap.put(param.getKey(), param.getValue());
}
context.setUrlParams(ImmutableMap.copyOf(paramMap));
}

List<Property> headers = propertyMap.get("header");
if (CollectionUtils.isNotEmpty(headers)) {
Map<String, String> headerMap = new HashMap<>(emptyIfNull(context.getHeaders()));
for (Property header : headers) {
headerMap.put(header.getKey(), header.getValue());
}
context.setHeaders(ImmutableMap.copyOf(headerMap));
}
})
.switchIfEmpty(Mono.error(new PluginException(GRAPHQL_EXECUTION_ERROR, DEFAULT_GRAPHQL_ERROR_CODE,
"$ACCESS_TOKEN parameter missing.")))
.onErrorResume(throwable -> propagateError(GRAPHQL_EXECUTION_ERROR, DEFAULT_GRAPHQL_ERROR_CODE, throwable))
.then();
}

@Getter
@Builder
private static class ResponseBodyData {
Expand Down
7 changes: 7 additions & 0 deletions ...e/lowcoder-sdk/src/main/java/org/lowcoder/sdk/plugin/graphql/GraphQLDatasourceConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,13 @@ public boolean isForwardAllCookies() {
return forwardAllCookies;
}

public boolean isOauth2InheritFromLogin() {
if (this.authConfig != null) {
return this.authConfig.getType().name().equals(RestApiAuthType.OAUTH2_INHERIT_FROM_LOGIN.name());
}
return false;
}

@Override
public DatasourceConnectionConfig mergeWithUpdatedConfig(DatasourceConnectionConfig updatedConfig) {
if (!(updatedConfig instanceof GraphQLDatasourceConfig updatedApiConfig)) {
Expand Down
5 changes: 5 additions & 0 deletions ...vice/lowcoder-server/src/main/java/org/lowcoder/api/query/ApplicationQueryApiService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import org.lowcoder.sdk.exception.BizError;
import org.lowcoder.sdk.models.Property;
import org.lowcoder.sdk.models.QueryExecutionResult;
import org.lowcoder.sdk.plugin.graphql.GraphQLDatasourceConfig;
import org.lowcoder.sdk.plugin.restapi.RestApiDatasourceConfig;
import org.lowcoder.sdk.plugin.restapi.auth.OAuthInheritAuthConfig;
import org.lowcoder.sdk.query.QueryVisitorContext;
Expand Down Expand Up @@ -122,7 +123,11 @@ public Mono<QueryExecutionResult> executeApplicationQuery(ServerWebExchange exch
if(datasource.getDetailConfig() instanceof RestApiDatasourceConfig restApiDatasourceConfig
&& restApiDatasourceConfig.isOauth2InheritFromLogin()) {
paramsAndHeadersInheritFromLogin = getAuthParamsAndHeadersInheritFromLogin(tuple.getT1(), ((OAuthInheritAuthConfig)restApiDatasourceConfig.getAuthConfig()).getAuthId());
}

if(datasource.getDetailConfig() instanceof GraphQLDatasourceConfig graphQLDatasourceConfig
&& graphQLDatasourceConfig.isOauth2InheritFromLogin()) {
paramsAndHeadersInheritFromLogin = getAuthParamsAndHeadersInheritFromLogin(tuple.getT1(), ((OAuthInheritAuthConfig)graphQLDatasourceConfig.getAuthConfig()).getAuthId());
}

QueryVisitorContext queryVisitorContext = new QueryVisitorContext(userId, app.getOrganizationId(), port, cookies, paramsAndHeadersInheritFromLogin, commonConfig.getDisallowedHosts());
Expand Down
9 changes: 7 additions & 2 deletions ...-service/lowcoder-server/src/main/java/org/lowcoder/api/query/LibraryQueryApiService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
import org.lowcoder.sdk.exception.PluginCommonError;
import org.lowcoder.sdk.models.Property;
import org.lowcoder.sdk.models.QueryExecutionResult;
import org.lowcoder.sdk.plugin.graphql.GraphQLDatasourceConfig;
import org.lowcoder.sdk.plugin.restapi.RestApiDatasourceConfig;
import org.lowcoder.sdk.plugin.restapi.auth.OAuthInheritAuthConfig;
import org.lowcoder.sdk.query.QueryVisitorContext;
Expand Down Expand Up @@ -310,12 +311,16 @@ public Mono<QueryExecutionResult> executeLibraryQuery(ServerWebExchange exchange


// check if oauth inherited from login and save token
if(datasource.getDetailConfig() instanceof RestApiDatasourceConfig restApiDatasourceConfig
&& restApiDatasourceConfig.isOauth2InheritFromLogin()) {
if(datasource.getDetailConfig() instanceof RestApiDatasourceConfig restApiDatasourceConfig && restApiDatasourceConfig.isOauth2InheritFromLogin()) {
paramsAndHeadersInheritFromLogin = getParamsAndHeadersInheritFromLogin
(user, ((OAuthInheritAuthConfig)restApiDatasourceConfig.getAuthConfig()).getAuthId());
}

if(datasource.getDetailConfig() instanceof GraphQLDatasourceConfig graphQLDatasourceConfig && graphQLDatasourceConfig.isOauth2InheritFromLogin()) {
paramsAndHeadersInheritFromLogin = getParamsAndHeadersInheritFromLogin
(user, ((OAuthInheritAuthConfig)graphQLDatasourceConfig.getAuthConfig()).getAuthId());
}

QueryVisitorContext queryVisitorContext = new QueryVisitorContext(userId, orgId, port, cookies, paramsAndHeadersInheritFromLogin,
commonConfig.getDisallowedHosts());
Map<String, Object> queryConfig = baseQuery.getQueryConfig();
Expand Down