fix(bkpaas-auth): 修复通过 APIGatewayAuthBackend 认证无法获取 tenant_id 问题 (TencentBlueKing#230)

Author: jiayuan929

sdks/bkpaas-auth/CHANGES.md

@@ -1,5 +1,8 @@
 # 版本历史
 
+## 3.1.2
+- fix: 修复通过 APIGatewayAuthBackend 认证无法获取 tenant_id 的问题
+
 ## 3.1.1
 - fix: 修复 apigw-manager 4.0.1 版本 JWT 中间件新增 tenant_id 参数导致的 JWT 认证失效问题
 

sdks/bkpaas-auth/bkpaas_auth/__init__.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-__version__ = "3.1.1"
+__version__ = "3.1.2"
 
 
 def get_user_by_user_id(user_id: str, username_only: bool = True):

sdks/bkpaas-auth/bkpaas_auth/backends.py

@@ -208,26 +208,39 @@ class APIGatewayAuthBackend:
 
     _TOKEN_EXPIRE_TIME = 86400  # 24 hours in seconds
 
-    def _create_authenticated_user(self, username: str, provider_type: ProviderType) -> User:
+    def _create_authenticated_user(
+        self, username: str, provider_type: ProviderType, tenant_id: str | None = None
+    ) -> User:
         """Create a user object for authenticated requests."""
         return User(
             token=LoginToken("any_token", expires_in=self._TOKEN_EXPIRE_TIME),
             provider_type=provider_type,
             username=username,
+            tenant_id=tenant_id,
         )
 
-    def _authenticate_common(self, verified: bool, username: Optional[str]) -> Union[User, AnonymousUser]:
+    def _authenticate_common(
+        self, verified: bool, username: str | None = None, tenant_id: str | None = None
+    ) -> Union[User, AnonymousUser]:
         """Common authentication logic for all versions."""
         if not verified or not username:
             return self.make_anonymous_user(username)
 
-        return self._create_authenticated_user(username=username, provider_type=self.get_provider_type())
+        return self._create_authenticated_user(
+            username=username, provider_type=self.get_provider_type(), tenant_id=tenant_id
+        )
 
     def authenticate_with_signature_v3(
-        self, request: HttpRequest, gateway_name: str, bk_username: str, verified: bool, **credentials: Dict
+        self,
+        request: HttpRequest,
+        gateway_name: str,
+        bk_username: str,
+        tenant_id: str,
+        verified: bool,
+        **credentials: Dict,
     ) -> Union[User, AnonymousUser]:
         """authenticate function with signature required by ApiGatewayJWTUserMiddleware in apigw_manager == '^3.0.0'"""
-        return self._authenticate_common(verified, bk_username)
+        return self._authenticate_common(verified, bk_username, tenant_id)
 
     def authenticate_with_signature_v1(
         self, request: HttpRequest, api_name: str, bk_username: str, verified: bool, **credentials: Dict

sdks/bkpaas-auth/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "bkpaas-auth"
-version = "3.1.1"
+version = "3.1.2"
 description = "User authentication django app for blueking internal projects"
 readme = "README.md"
 authors = ["blueking <blueking@tencent.com>"]

sdks/bkpaas-auth/setup.py

@@ -23,7 +23,7 @@
 setup(
     long_description=readme,
     name="bkpaas-auth",
-    version="3.1.1",
+    version="3.1.2",
     description="User authentication django app for blueking internal projects",
     python_requires="<4.0,>=3.8",
     author="blueking",