Codehub authorization (#2885)

saveourtool · Dec 20, 2023 · 7db51e3 · 7db51e3
1 parent caf2f1b
commit 7db51e3
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 0 deletions.
diff --git a/.run/Gateway-LocalRunOnWindows.run.xml b/.run/Gateway-LocalRunOnWindows.run.xml
@@ -0,0 +1,15 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="Gateway-LocalRunOnWindows" type="JetRunConfigurationType">
+    <option name="ALTERNATIVE_JRE_PATH" value="$USER_HOME$/.jdks/temurin-17.0.9" />
+    <option name="ALTERNATIVE_JRE_PATH_ENABLED" value="true" />
+    <envs>
+      <env name="SPRING_PROFILES_ACTIVE" value="dev,secure,win" />
+    </envs>
+    <option name="MAIN_CLASS_NAME" value="com.saveourtool.save.gateway.SaveGatewayKt" />
+    <module name="save-cloud.api-gateway.main" />
+    <shortenClasspath name="ARGS_FILE" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>
diff --git a/api-gateway/src/main/resources/application-dev.yml b/api-gateway/src/main/resources/application-dev.yml
@@ -15,6 +15,12 @@ spring:
     oauth2:
       client:
         provider:
+          codehub:
+            authorization-uri: https://codehub-g.huawei.com/oauth/authorize
+            token-uri: https://codehub-g.huawei.com/oauth/token
+            user-info-uri: https://codehub-g.huawei.com/api/v4/user
+            user-name-attribute: username
+            user-info-authentication-method: post
           huawei:
             authorization-uri: https://oauth-login.cloud.huawei.com/oauth2/v3/authorize
             token-uri: https://oauth-login.cloud.huawei.com/oauth2/v3/token
@@ -58,6 +64,18 @@ spring:
             #  - email (works but user allowed to not select to share an email)
             #  - profile
             scope: profile
+          codehub:
+            provider: codehub
+            client-id: qp_f_Xrr5TFpliCyskVbG8mMN-nmAFNc2fo6bPhp1VnU3A0cZD_vNiKIfN61bKox
+            client-secret: r6h2Qoiks2MvgxKcYe3hAEAr242qgTGqZ5t2iK6QFCwxh6rGTsM4_vt_RSXijvTm
+            redirect-uri: '${gateway.frontend.url}/{action}/oauth2/code/{registrationId}'
+            authorization-grant-type: authorization_code
+            client-authentication-method: client_secret_post
+            # can be
+            #  - openid (doesn't work due to invalid_nonce)
+            #  - email (works but user allowed to not select to share an email)
+            #  - profile
+            scope: profile
           gitee:
             client-id: 6b7fc07ecdf7a12d9aa8e2aaf034743baa6f77e036dc22fe6455e02fcf51a851
             client-secret: 8908a8a4239c688af45a4db89ec27d4a7e7f5076dc3125b07b506de6414926a3