def parse_jwt_info(jwt_info):
"""解析JWT获取应用/用户/项目等信息"""
client = JWTClient(jwt_info)
if not client.is_valid(PAAS_CD_APIGW_PUBLIC_KEY):
raise error_codes.CheckFailed.f("解析JWT异常,已通知管理员", replace=True)
app_code = client.app.app_code
username = client.user.username
return app_code, username
def authenticate(self, request):
client = JWTClient(request.META.get(APIGW_JWT_KEY_NAME, ""))
if not client.is_valid(BCS_APP_APIGW_PUBLIC_KEY):
return None
username = client.user.username
if not username and client.app.app_code in trusted_app_list:
username = request.META.get(USERNAME_KEY_NAME, "")
user = JWTUser(username=username)
return (user, None)
def authenticate_jwt(self, request) -> JWTUser:
client = JWTClient(request.META.get(constants.APIGW_JWT_KEY_NAME, ""))
if not client.is_valid(constants.BCS_APP_APIGW_PUBLIC_KEY):
raise exceptions.AuthenticationFailed(f"invalid {constants.APIGW_JWT_KEY_NAME}")
username = client.user.username
if not username and client.app.app_code in constants.trusted_app_list:
username = request.META.get(constants.USERNAME_KEY_NAME, "")
user = JWTUser(username=username)
user.client = client
return user