feat: 添加令牌刷新接口 (#741)

* build: v0.20.6

* feat: 优化SecurityProperties结构, token申请同时返回refreshToken

* optimize: accessTokenDay默认调整为3

* optimize: token的secretKey应用启动后随机生成

* build: gen new api-client v20.6.0

* fix: Console的登录页申请令牌接口适配

* feat: 添加token刷新接口

* docs: update CHANGELOG.MD

Author: chivehao

CHANGELOG.MD

@@ -2,6 +2,18 @@
 
 更新日志文档，版本顺序从新到旧，最新版本在最前(上)面。
 
+# 0.20.6
+
+## 新特性
+
+- 优化SecurityProperties结构
+- token申请同时返回refreshToken
+- 添加token刷新接口
+
+## 问题修复
+
+- Console的登录页申请令牌接口适配
+
 # 0.20.5
 
 # 新特性

api/src/main/java/run/ikaros/api/infra/exception/security/InvalidTokenException.java

@@ -0,0 +1,13 @@
+package run.ikaros.api.infra.exception.security;
+
+import org.springframework.security.core.AuthenticationException;
+
+public class InvalidTokenException extends AuthenticationException {
+    public InvalidTokenException(String msg) {
+        super(msg);
+    }
+
+    public InvalidTokenException(String msg, Throwable cause) {
+        super(msg, cause);
+    }
+}

api/src/main/java/run/ikaros/api/infra/utils/StringUtils.java

@@ -1,6 +1,11 @@
 package run.ikaros.api.infra.utils;
 
+import java.security.SecureRandom;
+
 public class StringUtils {
+    private static final String CHARACTERS
+        = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_-+=<>?";
+    private static final SecureRandom RANDOM = new SecureRandom();
 
     /**
      * upper str first char.
@@ -45,4 +50,23 @@ public static String addLikeChar(String str) {
         return "%" + str + "%";
     }
 
+
+    /**
+     * 生成指定长度的字符串.
+     *
+     * @param length 字符串长度
+     * @return 随机生成的字符串
+     */
+    public static String generateRandomStr(int length) {
+        if (length <= 0) {
+            throw new IllegalArgumentException("字符串长度必须大于 0");
+        }
+
+        StringBuilder sb = new StringBuilder(length);
+        for (int i = 0; i < length; i++) {
+            sb.append(CHARACTERS.charAt(RANDOM.nextInt(CHARACTERS.length())));
+        }
+        return sb.toString();
+    }
+
 }

console/packages/api-client/README.md

@@ -58,7 +58,7 @@ npm publish
 选择当前目录下的更改进行`git add .`
 
 ```bash
-git commit -am "build: gen new api-client v20.1.0"
+git commit -am "build: gen new api-client v20.6.0"
 ```
 
 合成版(powershell)，升级 package.json 版本，并启动服务端后，在 api-client 路径下：

console/packages/api-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@runikaros/api-client",
-  "version": "20.1.0",
+  "version": "20.6.0",
   "description": "Project ikaros console api-client package",
   "type": "module",
   "scripts": {

console/packages/api-client/src/.openapi-generator/FILES

@@ -48,6 +48,7 @@ models/episode-resource.ts
 models/episode.ts
 models/index.ts
 models/jwt-apply-param.ts
+models/jwt-apply-response.ts
 models/link.ts
 models/paging-wrap.ts
 models/plugin-load-location-file-system.ts

console/packages/api-client/src/api/v1alpha1-indices-api.ts

@@ -97,16 +97,16 @@ export const V1alpha1IndicesApiAxiosParamCreator = function (
      * Search subjects with fuzzy query
      * @param {string} keyword
      * @param {number} [limit]
-     * @param {string} [highlightPostTag]
      * @param {string} [highlightPreTag]
+     * @param {string} [highlightPostTag]
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
     searchSubject: async (
       keyword: string,
       limit?: number,
-      highlightPostTag?: string,
       highlightPreTag?: string,
+      highlightPostTag?: string,
       options: AxiosRequestConfig = {}
     ): Promise<RequestArgs> => {
       // verify required parameter 'keyword' is not null or undefined
@@ -139,10 +139,6 @@ export const V1alpha1IndicesApiAxiosParamCreator = function (
         localVarQueryParameter["limit"] = limit;
       }
 
-      if (highlightPostTag !== undefined) {
-        localVarQueryParameter["highlightPostTag"] = highlightPostTag;
-      }
-
       if (keyword !== undefined) {
         localVarQueryParameter["keyword"] = keyword;
       }
@@ -151,6 +147,10 @@ export const V1alpha1IndicesApiAxiosParamCreator = function (
         localVarQueryParameter["highlightPreTag"] = highlightPreTag;
       }
 
+      if (highlightPostTag !== undefined) {
+        localVarQueryParameter["highlightPostTag"] = highlightPostTag;
+      }
+
       setSearchParams(localVarUrlObj, localVarQueryParameter);
       let headersFromBaseOptions =
         baseOptions && baseOptions.headers ? baseOptions.headers : {};
@@ -199,25 +199,25 @@ export const V1alpha1IndicesApiFp = function (configuration?: Configuration) {
      * Search subjects with fuzzy query
      * @param {string} keyword
      * @param {number} [limit]
-     * @param {string} [highlightPostTag]
      * @param {string} [highlightPreTag]
+     * @param {string} [highlightPostTag]
      * @param {*} [options] Override http request option.
      * @throws {RequiredError}
      */
     async searchSubject(
       keyword: string,
       limit?: number,
-      highlightPostTag?: string,
       highlightPreTag?: string,
+      highlightPostTag?: string,
       options?: AxiosRequestConfig
     ): Promise<
       (axios?: AxiosInstance, basePath?: string) => AxiosPromise<SubjectHints>
     > {
       const localVarAxiosArgs = await localVarAxiosParamCreator.searchSubject(
         keyword,
         limit,
-        highlightPostTag,
         highlightPreTag,
+        highlightPostTag,
         options
       );
       return createRequestFunction(
@@ -265,8 +265,8 @@ export const V1alpha1IndicesApiFactory = function (
         .searchSubject(
           requestParameters.keyword,
           requestParameters.limit,
-          requestParameters.highlightPostTag,
           requestParameters.highlightPreTag,
+          requestParameters.highlightPostTag,
           options
         )
         .then((request) => request(axios, basePath));
@@ -299,14 +299,14 @@ export interface V1alpha1IndicesApiSearchSubjectRequest {
    * @type {string}
    * @memberof V1alpha1IndicesApiSearchSubject
    */
-  readonly highlightPostTag?: string;
+  readonly highlightPreTag?: string;
 
   /**
    *
    * @type {string}
    * @memberof V1alpha1IndicesApiSearchSubject
    */
-  readonly highlightPreTag?: string;
+  readonly highlightPostTag?: string;
 }
 
 /**
@@ -343,8 +343,8 @@ export class V1alpha1IndicesApi extends BaseAPI {
       .searchSubject(
         requestParameters.keyword,
         requestParameters.limit,
-        requestParameters.highlightPostTag,
         requestParameters.highlightPreTag,
+        requestParameters.highlightPostTag,
         options
       )
       .then((request) => request(this.axios, this.basePath));

console/packages/api-client/src/api/v1alpha1-security-api.ts

@@ -39,6 +39,8 @@ import {
 } from "../base";
 // @ts-ignore
 import { JwtApplyParam } from "../models";
+// @ts-ignore
+import { JwtApplyResponse } from "../models";
 /**
  * V1alpha1SecurityApi - axios parameter creator
  * @export
@@ -97,6 +99,61 @@ export const V1alpha1SecurityApiAxiosParamCreator = function (
         configuration
       );
 
+      return {
+        url: toPathString(localVarUrlObj),
+        options: localVarRequestOptions,
+      };
+    },
+    /**
+     * Refresh access token with refresh token.
+     * @param {string} [body] Refresh token.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    refreshToken: async (
+      body?: string,
+      options: AxiosRequestConfig = {}
+    ): Promise<RequestArgs> => {
+      const localVarPath = `/api/v1alpha1/security/auth/token/jwt/refresh`;
+      // use dummy base URL string because the URL constructor only accepts absolute URLs.
+      const localVarUrlObj = new URL(localVarPath, DUMMY_BASE_URL);
+      let baseOptions;
+      if (configuration) {
+        baseOptions = configuration.baseOptions;
+      }
+
+      const localVarRequestOptions = {
+        method: "PUT",
+        ...baseOptions,
+        ...options,
+      };
+      const localVarHeaderParameter = {} as any;
+      const localVarQueryParameter = {} as any;
+
+      // authentication BasicAuth required
+      // http basic authentication required
+      setBasicAuthToObject(localVarRequestOptions, configuration);
+
+      // authentication BearerAuth required
+      // http bearer authentication required
+      await setBearerAuthToObject(localVarHeaderParameter, configuration);
+
+      localVarHeaderParameter["Content-Type"] = "application/json";
+
+      setSearchParams(localVarUrlObj, localVarQueryParameter);
+      let headersFromBaseOptions =
+        baseOptions && baseOptions.headers ? baseOptions.headers : {};
+      localVarRequestOptions.headers = {
+        ...localVarHeaderParameter,
+        ...headersFromBaseOptions,
+        ...options.headers,
+      };
+      localVarRequestOptions.data = serializeDataIfNeeded(
+        body,
+        localVarRequestOptions,
+        configuration
+      );
+
       return {
         url: toPathString(localVarUrlObj),
         options: localVarRequestOptions,
@@ -123,7 +180,10 @@ export const V1alpha1SecurityApiFp = function (configuration?: Configuration) {
       jwtApplyParam?: JwtApplyParam,
       options?: AxiosRequestConfig
     ): Promise<
-      (axios?: AxiosInstance, basePath?: string) => AxiosPromise<string>
+      (
+        axios?: AxiosInstance,
+        basePath?: string
+      ) => AxiosPromise<JwtApplyResponse>
     > {
       const localVarAxiosArgs = await localVarAxiosParamCreator.applyJwtToken(
         jwtApplyParam,
@@ -136,6 +196,29 @@ export const V1alpha1SecurityApiFp = function (configuration?: Configuration) {
         configuration
       );
     },
+    /**
+     * Refresh access token with refresh token.
+     * @param {string} [body] Refresh token.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    async refreshToken(
+      body?: string,
+      options?: AxiosRequestConfig
+    ): Promise<
+      (axios?: AxiosInstance, basePath?: string) => AxiosPromise<string>
+    > {
+      const localVarAxiosArgs = await localVarAxiosParamCreator.refreshToken(
+        body,
+        options
+      );
+      return createRequestFunction(
+        localVarAxiosArgs,
+        globalAxios,
+        BASE_PATH,
+        configuration
+      );
+    },
   };
 };
 
@@ -159,11 +242,25 @@ export const V1alpha1SecurityApiFactory = function (
     applyJwtToken(
       requestParameters: V1alpha1SecurityApiApplyJwtTokenRequest = {},
       options?: AxiosRequestConfig
-    ): AxiosPromise<string> {
+    ): AxiosPromise<JwtApplyResponse> {
       return localVarFp
         .applyJwtToken(requestParameters.jwtApplyParam, options)
         .then((request) => request(axios, basePath));
     },
+    /**
+     * Refresh access token with refresh token.
+     * @param {V1alpha1SecurityApiRefreshTokenRequest} requestParameters Request parameters.
+     * @param {*} [options] Override http request option.
+     * @throws {RequiredError}
+     */
+    refreshToken(
+      requestParameters: V1alpha1SecurityApiRefreshTokenRequest = {},
+      options?: AxiosRequestConfig
+    ): AxiosPromise<string> {
+      return localVarFp
+        .refreshToken(requestParameters.body, options)
+        .then((request) => request(axios, basePath));
+    },
   };
 };
 
@@ -181,6 +278,20 @@ export interface V1alpha1SecurityApiApplyJwtTokenRequest {
   readonly jwtApplyParam?: JwtApplyParam;
 }
 
+/**
+ * Request parameters for refreshToken operation in V1alpha1SecurityApi.
+ * @export
+ * @interface V1alpha1SecurityApiRefreshTokenRequest
+ */
+export interface V1alpha1SecurityApiRefreshTokenRequest {
+  /**
+   * Refresh token.
+   * @type {string}
+   * @memberof V1alpha1SecurityApiRefreshToken
+   */
+  readonly body?: string;
+}
+
 /**
  * V1alpha1SecurityApi - object-oriented interface
  * @export
@@ -203,4 +314,20 @@ export class V1alpha1SecurityApi extends BaseAPI {
       .applyJwtToken(requestParameters.jwtApplyParam, options)
       .then((request) => request(this.axios, this.basePath));
   }
+
+  /**
+   * Refresh access token with refresh token.
+   * @param {V1alpha1SecurityApiRefreshTokenRequest} requestParameters Request parameters.
+   * @param {*} [options] Override http request option.
+   * @throws {RequiredError}
+   * @memberof V1alpha1SecurityApi
+   */
+  public refreshToken(
+    requestParameters: V1alpha1SecurityApiRefreshTokenRequest = {},
+    options?: AxiosRequestConfig
+  ) {
+    return V1alpha1SecurityApiFp(this.configuration)
+      .refreshToken(requestParameters.body, options)
+      .then((request) => request(this.axios, this.basePath));
+  }
 }