huace-aigc-auth-client 1.1.29__tar.gz → 1.1.30__tar.gz

{huace_aigc_auth_client-1.1.29/huace_aigc_auth_client.egg-info → huace_aigc_auth_client-1.1.30}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: huace-aigc-auth-client
-Version: 1.1.29
+Version: 1.1.30
 Summary: 华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能
 Author-email: Huace <support@huace.com>
 License: MIT

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/huace_aigc_auth_client/__init__.py

@@ -178,4 +178,4 @@ __all__ = [
     # 用户上下文
     "get_current_user",
 ]
-__version__ = "1.1.29"
+__version__ = "1.1.30"

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/huace_aigc_auth_client/api_stats_collector.py

@@ -92,6 +92,7 @@ class ApiStatsCollector:
         
         # 过滤重定向请求（3xx 状态码），这些通常是框架自动处理的，不应统计
         if 300 <= status_code < 400:
+            logger.debug(f"跳过重定向请求统计: {api_method} {api_path} 状态码: {status_code}")
             return
         
         try:
@@ -105,9 +106,11 @@ class ApiStatsCollector:
                 'request_params': request_params
             }
             self.queue.put_nowait(stat_data)
-        except queue.Full:
+        except queue.Full as e:
+            logger.debug(f"统计数据队列已满，丢弃当前数据: {e}")
             pass  # 队列满了，丢弃数据
-        except Exception:
+        except Exception as e:
+            logger.debug(f"收集接口统计数据失败: {e}")
             pass  # 静默失败，不影响主流程
     
     def _worker(self):
@@ -135,7 +138,8 @@ class ApiStatsCollector:
                     buffer = []
                     last_flush_time = current_time
                     
-            except Exception:
+            except Exception as e:
+                logger.debug(f"统计数据提交失败: {e}")
                 pass  # 静默失败
         
         # 停止前刷新剩余数据
@@ -168,7 +172,8 @@ class ApiStatsCollector:
             for token, stats in token_groups.items():
                 self._submit_stats(token, stats)
                 
-        except Exception:
+        except Exception as e:
+            logger.debug(f"统计数据提交失败: {e}")
             pass  # 静默失败，不影响主流程
     
     def _submit_stats(self, token: str, stats: List[Dict[str, Any]]):
@@ -200,7 +205,8 @@ class ApiStatsCollector:
             if response.status_code != 200:
                 pass
                 
-        except Exception:
+        except Exception as e:
+            logger.debug(f"统计数据提交失败: {e}")
             pass  # 静默失败，不影响主流程
 
 

huace_aigc_auth_client-1.1.30/huace_aigc_auth_client/auth_request.py

@@ -0,0 +1,316 @@
+"""
+认证请求封装模块
+提供对 requests.request 的封装，自动添加认证信息和统计上报
+"""
+import time
+import logging
+from typing import Optional, Dict, Any, Union
+import requests
+from requests import Response
+
+from .user_context import get_request_context
+from .api_stats_collector import get_api_stats_collector
+
+logger = logging.getLogger(__name__)
+
+
+def auth_request(
+    method: str,
+    url: str,
+    params: Optional[Dict[str, Any]] = None,
+    data: Optional[Union[Dict[str, Any], str, bytes]] = None,
+    json: Optional[Dict[str, Any]] = None,
+    headers: Optional[Dict[str, str]] = None,
+    cookies: Optional[Dict[str, str]] = None,
+    files: Optional[Dict[str, Any]] = None,
+    auth: Optional[tuple] = None,
+    timeout: Optional[Union[float, tuple]] = None,
+    allow_redirects: bool = True,
+    proxies: Optional[Dict[str, str]] = None,
+    verify: Optional[Union[bool, str]] = None,
+    stream: bool = False,
+    cert: Optional[Union[str, tuple]] = None,
+    **kwargs
+) -> Response:
+    """
+    认证请求封装函数
+    
+    基本参数与 requests.request 一致，会自动从 request_context 中获取认证信息并添加到请求头
+    
+    Args:
+        method: HTTP 方法 (GET, POST, PUT, DELETE 等)
+        url: 请求 URL
+        params: URL 查询参数
+        data: 请求体数据 (form-data 或 raw)
+        json: JSON 请求体数据
+        headers: 请求头（会自动添加认证相关的头）
+        cookies: Cookies
+        files: 文件上传
+        auth: HTTP 认证元组
+        timeout: 超时时间（秒）
+        allow_redirects: 是否允许重定向
+        proxies: 代理配置
+        verify: SSL 证书验证
+        stream: 是否流式响应
+        cert: 客户端证书
+        **kwargs: 其他 requests.request 支持的参数
+    
+    Returns:
+        Response: 响应对象
+    
+    自动添加的请求头（如果在 request_context 中存在）：
+        - X-App-ID: 应用ID
+        - X-App-Secret: 应用密钥
+        - Authorization: Bearer token
+        - x-real-ip: 客户端真实IP
+        - user-agent: User Agent
+        - X-Trace-ID: 追踪ID
+    """
+    # 初始化 headers
+    if headers is None:
+        headers = {}
+    else:
+        headers = headers.copy()  # 避免修改原始 headers
+    
+    # 从 request_context 获取认证信息
+    request_context = get_request_context()
+    
+    if request_context:
+        # 添加应用ID
+        app_id = request_context.get('app_id')
+        if app_id is not None:
+            headers['X-App-ID'] = str(app_id)
+        
+        # 添加应用密钥
+        app_secret = request_context.get('app_secret')
+        if app_secret:
+            headers['X-App-Secret'] = app_secret
+        
+        # 添加认证令牌
+        token = request_context.get('token')
+        if token:
+            headers['Authorization'] = f'Bearer {token}'
+        
+        # 添加客户端IP
+        ip_address = request_context.get('ip_address')
+        if ip_address:
+            headers['x-real-ip'] = ip_address
+        
+        # 添加 User Agent
+        user_agent = request_context.get('user_agent')
+        if user_agent:
+            headers['user-agent'] = user_agent
+        
+        # 添加追踪ID
+        trace_id = request_context.get('trace_id')
+        if trace_id:
+            headers['X-Trace-ID'] = trace_id
+    
+    # 记录开始时间
+    start_time = time.time()
+    response = None
+    error_message = None
+    
+    try:
+        # 执行请求
+        logger.info(f"发起认证请求: {method} {url} with headers={headers} params={params} json={json} data={data}")
+        response = requests.request(
+            method=method,
+            url=url,
+            params=params,
+            data=data,
+            json=json,
+            headers=headers,
+            cookies=cookies,
+            files=files,
+            auth=auth,
+            timeout=timeout,
+            allow_redirects=allow_redirects,
+            proxies=proxies,
+            verify=verify,
+            stream=stream,
+            cert=cert,
+            **kwargs
+        )
+        logger.info(f"认证请求响应: {method} {url} 状态码: {response.status_code}")
+        return response
+        
+    except Exception as e:
+        error_message = str(e)
+        logger.error(f"认证请求失败: {method} {url} 错误: {error_message}")
+        raise
+        
+    finally:
+        # 计算响应时间
+        response_time = time.time() - start_time
+        
+        # 上报统计信息
+        _report_stats(
+            url=url,
+            method=method,
+            response=response,
+            response_time=response_time,
+            error_message=error_message,
+            request_context=request_context,
+            headers=headers,
+            params=params,
+            json_data=json,
+            form_data=data
+        )
+
+
+def _report_stats(
+    url: str,
+    method: str,
+    response: Optional[Response],
+    response_time: float,
+    error_message: Optional[str],
+    request_context: Optional[Dict[str, Any]],
+    headers: Optional[Dict[str, str]],
+    params: Optional[Dict[str, Any]],
+    json_data: Optional[Dict[str, Any]],
+    form_data: Optional[Union[Dict[str, Any], str, bytes]]
+):
+    """
+    上报统计信息到远程服务
+    
+    Args:
+        url: 请求 URL
+        method: HTTP 方法
+        response: 响应对象
+        response_time: 响应时间
+        error_message: 错误信息
+        request_context: 请求上下文
+        params: 查询参数
+        json_data: JSON 数据
+        form_data: 表单数据
+    """
+    try:
+        # 获取统计收集器
+        collector = get_api_stats_collector()
+        if not collector:
+            return
+        
+        # 获取 token
+        token = request_context.get('token') if request_context else None
+        if not token:
+            return
+        
+        # 解析 URL 获取路径
+        from urllib.parse import urlparse
+        parsed_url = urlparse(url)
+        api_path = parsed_url.path or '/'
+        
+        # 获取状态码
+        status_code = response.status_code if response else 500
+        
+        # 构建请求参数（与 api_stats_collector 格式一致）
+        request_params = {
+            'query_params': params or {},
+            'headers': headers
+        }
+        
+        # 添加请求体数据
+        if json_data:
+            request_params['request_body'] = json_data
+        elif isinstance(form_data, dict):
+            request_params['form_params'] = form_data
+        
+        # 收集统计
+        collector.collect(
+            api_path=api_path,
+            api_method=method.upper(),
+            status_code=status_code,
+            response_time=response_time,
+            token=token,
+            error_message=error_message,
+            request_params=request_params
+        )
+        
+    except Exception as e:
+        # 静默失败，不影响主流程
+        logger.debug(f"统计上报失败: {e}")
+
+
+# ============ 使用示例 ============
+"""
+使用示例：
+
+1. 基本使用（自动从 request_context 获取认证信息）：
+    
+    from huace_aigc_auth_client.auth_request import auth_request
+    from huace_aigc_auth_client.user_context import set_request_context
+    
+    # 设置请求上下文
+    set_request_context(
+        app_id='your-app-id',
+        app_secret='your-app-secret',
+        token='user-access-token',
+        ip_address='192.168.1.1',
+        user_agent='Mozilla/5.0...',
+        trace_id='trace-123'
+    )
+    
+    # 发起请求（会自动添加认证信息）
+    response = auth_request('GET', 'https://api.example.com/data')
+    print(response.json())
+
+
+2. 带参数的请求：
+    
+    # GET 请求带查询参数
+    response = auth_request(
+        'GET',
+        'https://api.example.com/users',
+        params={'page': 1, 'size': 10}
+    )
+    
+    # POST 请求带 JSON 数据
+    response = auth_request(
+        'POST',
+        'https://api.example.com/users',
+        json={'name': 'John', 'email': 'john@example.com'}
+    )
+    
+    # POST 请求带表单数据
+    response = auth_request(
+        'POST',
+        'https://api.example.com/upload',
+        data={'field1': 'value1', 'field2': 'value2'}
+    )
+
+
+3. 覆盖默认 headers：
+    
+    # 可以手动指定 headers，会与自动添加的 headers 合并
+    response = auth_request(
+        'GET',
+        'https://api.example.com/data',
+        headers={'Custom-Header': 'custom-value'}
+    )
+
+
+4. 与 API 统计收集器配合使用：
+    
+    from huace_aigc_auth_client.api_stats_collector import init_api_stats_collector
+    from huace_aigc_auth_client.auth_request import auth_request
+    from huace_aigc_auth_client.user_context import set_request_context
+    
+    # 初始化统计收集器
+    init_api_stats_collector(
+        api_url='http://auth.example.com/api/sdk',
+        app_id='your-app-id',
+        app_secret='your-app-secret',
+        enabled=True
+    )
+    
+    # 设置请求上下文
+    set_request_context(
+        app_id='your-app-id',
+        app_secret='your-app-secret',
+        token='user-access-token'
+    )
+    
+    # 发起请求（会自动上报统计）
+    response = auth_request('GET', 'https://api.example.com/data')
+"""

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/huace_aigc_auth_client/sdk.py

@@ -18,7 +18,7 @@ import dataclasses
 from functools import wraps
 from typing import Optional, List, Dict, Any, Callable, Tuple
 from dataclasses import dataclass
-from .user_context import set_current_user, clear_current_user
+from .user_context import set_current_user, clear_current_user, add_to_request_context
 
 logger = logging.getLogger(__name__)
 def setLogger(log):
@@ -697,6 +697,21 @@ class AuthMiddleware:
                 params["form_params"] = {"skipped_multipart": True}
             # 其他类型（如 application/octet-stream 等二进制流）直接跳过，不读取
             
+            # 添加 ip_address、user_agent 等常用字段到 request_context
+            # 提取 IP 地址（优先使用 x-real-ip）
+            headers = params['headers']
+            ip_address = headers.get('x-real-ip') or headers.get('X-Real-IP') or headers.get('x-forwarded-for') or headers.get('X-Forwarded-For', '')
+            if ip_address:
+                # x-forwarded-for 可能包含多个 IP，取第一个
+                ip_address = ip_address.split(',')[0].strip()
+            # 提取 User-Agent
+            user_agent = headers.get('user-agent') or headers.get('User-Agent')
+            
+            add_to_request_context(
+                ip_address=ip_address,
+                user_agent=user_agent
+            )
+            
             return params
         except Exception as e:
             logger.warning(f"收集FastAPI请求参数失败: {e}")
@@ -743,11 +758,16 @@ class AuthMiddleware:
 
     def _extract_token(self, authorization: str) -> Optional[str]:
         """从 Authorization header 提取 token"""
+        token = None
         if not authorization:
-            return None
-        if not authorization.startswith("Bearer "):
-            return None
-        return authorization[7:]
+            token = None
+        elif not authorization.startswith("Bearer "):
+            token = None
+        else:
+            token = authorization[7:]
+        # 添加鉴权应用相关的信息
+        add_to_request_context(token=token, app_id=self.client.app_id, app_secret=self.client.app_secret)
+        return token
 
     def get_fastapi_middleware_class(self, user_info_callback: Callable = None):
         """
@@ -841,15 +861,15 @@ class AuthMiddleware:
 
         path = request.url.path
         start_time = time.time()
+        
+        # 获取 Authorization header
+        authorization = request.headers.get("Authorization")
+        token = self._extract_token(authorization)
 
         # 检查是否跳过
         if self._should_skip(path):
             return await call_next(request)
 
-        # 获取 Authorization header
-        authorization = request.headers.get("Authorization")
-        token = self._extract_token(authorization)
-
         if not token:
             logger.warning("AuthMiddleware未提供认证信息")
             response_time = time.time() - start_time
@@ -915,15 +935,15 @@ class AuthMiddleware:
         
         # 收集请求参数
         g.request_params = self._collect_flask_request_params(request) if self.enable_stats else None
+        
+        # 获取 Authorization header
+        authorization = request.headers.get("Authorization")
+        token = self._extract_token(authorization)
 
         # 检查是否跳过
         if self._should_skip(path):
             return None
 
-        # 获取 Authorization header
-        authorization = request.headers.get("Authorization")
-        token = self._extract_token(authorization)
-
         if not token:
             logger.warning("AuthMiddleware未提供认证信息")
             response_time = time.time() - g.start_time

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/huace_aigc_auth_client/user_context.py

@@ -102,11 +102,20 @@ def set_request_context(**kwargs):
         - user_agent: User Agent
         - request_id: 请求ID
         - trace_id: 追踪ID
+        - token: 访问令牌
+        - app_id: 应用ID
+        - app_secret: 应用密钥
+        - 其他自定义字段
     """
     # 同时设置两个上下文
     _local.request_context = kwargs
     _async_request_context.set(kwargs)
-
+    
+def add_to_request_context(**kwargs):
+    """向请求上下文添加信息"""
+    ctx = get_request_context() or {}
+    ctx.update(kwargs)
+    set_request_context(**ctx)
 
 def get_request_context() -> Optional[Dict[str, Any]]:
     """获取请求上下文信息"""
@@ -117,19 +126,46 @@ def get_request_context() -> Optional[Dict[str, Any]]:
     
     return getattr(_local, 'request_context', None)
 
-
 def get_client_ip() -> Optional[str]:
     """获取客户端IP"""
     ctx = get_request_context()
     return ctx.get('ip_address') if ctx else None
 
+def get_user_agent() -> Optional[str]:
+    """获取 User Agent"""
+    ctx = get_request_context()
+    return ctx.get('user_agent') if ctx else None
+
+def get_request_id() -> Optional[str]:
+    """获取请求ID"""
+    ctx = get_request_context()
+    return ctx.get('request_id') if ctx else None
+
+def get_trace_id() -> Optional[str]:
+    """获取追踪ID"""
+    ctx = get_request_context()
+    return ctx.get('trace_id') if ctx else None
+
+def get_request_token() -> Optional[str]:
+    """获取请求令牌"""
+    ctx = get_request_context()
+    return ctx.get('token') if ctx else None
+
+def get_request_app_id() -> Optional[int]:
+    """获取请求应用ID"""
+    ctx = get_request_context()
+    return ctx.get('app_id') if ctx else None
+
+def get_request_app_secret() -> Optional[str]:
+    """获取请求应用密钥"""
+    ctx = get_request_context()
+    return ctx.get('app_secret') if ctx else None
 
 def clear_request_context():
     """清理请求上下文"""
     if hasattr(_local, 'request_context'):
         delattr(_local, 'request_context')
 
-
 # ============ 使用示例 ============
 """
 使用示例：

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30/huace_aigc_auth_client.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: huace-aigc-auth-client
-Version: 1.1.29
+Version: 1.1.30
 Summary: 华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能
 Author-email: Huace <support@huace.com>
 License: MIT

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/huace_aigc_auth_client.egg-info/SOURCES.txt

@@ -5,6 +5,7 @@ README.md
 pyproject.toml
 huace_aigc_auth_client/__init__.py
 huace_aigc_auth_client/api_stats_collector.py
+huace_aigc_auth_client/auth_request.py
 huace_aigc_auth_client/legacy_adapter.py
 huace_aigc_auth_client/sdk.py
 huace_aigc_auth_client/user_context.py

{huace_aigc_auth_client-1.1.29 → huace_aigc_auth_client-1.1.30}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "huace-aigc-auth-client"
-version = "1.1.29"
+version = "1.1.30"
 description = "华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能"
 readme = "README.md"
 requires-python = ">=3.7"