From c1314488043a3fd083385d0a0be117ea226a12e4 Mon Sep 17 00:00:00 2001
From: jamesge <gejun.coolfriend@gmail.com>
Date: Mon, 25 Dec 2023 06:44:59 +0800
Subject: [PATCH] refactor: move authentication data to header
 X-Bkapi-Authorization (#141)

---
 sdks/bkpaas-auth/CHANGES.md                   |  3 +++
 sdks/bkpaas-auth/bkpaas_auth/core/services.py | 12 +++++++++---
 sdks/bkpaas-auth/bkpaas_auth/core/token.py    |  7 +++++--
 3 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/sdks/bkpaas-auth/CHANGES.md b/sdks/bkpaas-auth/CHANGES.md
index b0317838..44374b2f 100644
--- a/sdks/bkpaas-auth/CHANGES.md
+++ b/sdks/bkpaas-auth/CHANGES.md
@@ -1,5 +1,8 @@
 # 版本历史
 
+## 2.0.7
+- 将认证信息标准化到请求头 X-Bkapi-Authorization 中
+
 ## 2.0.6
 - TokenRequestBackend.request_username 支持国际化
 
diff --git a/sdks/bkpaas-auth/bkpaas_auth/core/services.py b/sdks/bkpaas-auth/bkpaas_auth/core/services.py
index 95e0f8c3..530a2e33 100644
--- a/sdks/bkpaas-auth/bkpaas_auth/core/services.py
+++ b/sdks/bkpaas-auth/bkpaas_auth/core/services.py
@@ -1,4 +1,5 @@
 # -*- coding: utf-8 -*-
+import json
 import logging
 from typing import Dict
 
@@ -11,6 +12,7 @@
 from bkpaas_auth.core.user_info import BkUserInfo, RtxUserInfo
 from bkpaas_auth.utils import scrub_data
 
+
 logger = logging.getLogger(__name__)
 
 
@@ -38,14 +40,18 @@ def _get_and_cache_user_info(cache_key, user_params, response_ok_checker):
     if cached_result:
         return cached_result
 
-    params = dict(user_params, **get_app_credentials())
-    is_success, result = http_get(conf.TOKEN_USER_INFO_ENDPOINT, params=params)
+    is_success, result = http_get(
+        conf.TOKEN_USER_INFO_ENDPOINT,
+        headers={
+            "X-Bkapi-Authorization": json.dumps(dict(user_params, **get_app_credentials())),
+        },
+    )
     if not is_success:
         raise ServiceError('Unable to get user info')
 
     if not response_ok_checker(result):
         logger.error(
-            f'Get user info fail, url: {conf.TOKEN_USER_INFO_ENDPOINT}, params: {scrub_data(params)}'
+            f'Get user info fail, url: {conf.TOKEN_USER_INFO_ENDPOINT}, params: {scrub_data(user_params)}'
             f', response: {result}',
         )
         return
diff --git a/sdks/bkpaas-auth/bkpaas_auth/core/token.py b/sdks/bkpaas-auth/bkpaas_auth/core/token.py
index d732cb4d..3761419a 100644
--- a/sdks/bkpaas-auth/bkpaas_auth/core/token.py
+++ b/sdks/bkpaas-auth/bkpaas_auth/core/token.py
@@ -2,6 +2,7 @@
 """Access token for blueking
 """
 import datetime
+import json
 import logging
 
 from django.utils.timezone import now
@@ -32,9 +33,11 @@ def request_username(self, **credentials):
         """Get username through credentials"""
         is_success, resp = http_get(
             bkauth_settings.USER_COOKIE_VERIFY_URL,
-            params=dict(credentials, **get_app_credentials()),
             timeout=10,
-            headers={'blueking-language': get_language()},
+            headers={
+                'blueking-language': get_language(),
+                "X-Bkapi-Authorization": json.dumps(dict(credentials, **get_app_credentials())),
+            },
         )
         if not is_success:
             raise ServiceError('unable to fetch token services')