PyPI - huace-aigc-auth-client - Versions diffs - 1.1.7__tar.gz → 1.1.9__tar.gz - Mend

huace-aigc-auth-client 1.1.7tar.gz → 1.1.9tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

{huace_aigc_auth_client-1.1.7/huace_aigc_auth_client.egg-info → huace_aigc_auth_client-1.1.9}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: huace-aigc-auth-client
-Version: 1.1.7
+Version: 1.1.9
 Summary: 华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能
 Author-email: Huace <support@huace.com>
 License: MIT
@@ -44,8 +44,7 @@ pip install huace-aigc-auth-client
 # 必填：应用 ID 和密钥（在鉴权中心创建应用后获取）
 AIGC_AUTH_APP_ID=your_app_id
 AIGC_AUTH_APP_SECRET=your_app_secret
-# 可选：鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：https://auth-test.aigc.huacemedia.com/aigc-auth/api/v1
+# 鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：http://auth.aigc-test.huacemedia.com/aigc-auth/api/v1
 AIGC_AUTH_BASE_URL=https://aigc-auth.huacemedia.com/aigc-auth/api/v1
 ```
@@ -420,8 +419,8 @@ from huace_aigc_auth_client import LegacySystemAdapter, LegacyUserData
 class MyLegacyAdapter(LegacySystemAdapter):
     """实现与旧系统用户表的交互"""
-    def __init__(self, db, sync_config):
-        super().__init__(sync_config)
+    def __init__(self, db, sync_config, auth_client=None):
+        super().__init__(sync_config, auth_client)
         self.db = db
     def get_user_by_unique_field(self, username: str):
@@ -435,8 +434,23 @@ class MyLegacyAdapter(LegacySystemAdapter):
             "email": user.email,
             # ... 其他字段
         })
+    async def get_user_by_username_async(self, username: str) -> Optional[LegacyUserData]:
+        """异步通过用户名获取旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if not user:
+            return None
+        return LegacyUserData({
+            "id": user.id,
+            "username": user.username,
+            "email": user.email,
+            # ... 其他字段
+        })
-    def create_user(self, user_data: dict):
+    async def _create_user_async(self, user_data: Dict[str, Any]) -> Optional[Any]:
         """在旧系统创建用户"""
         user = User(
             username=user_data["username"],
@@ -445,20 +459,39 @@ class MyLegacyAdapter(LegacySystemAdapter):
             # ... 其他字段
         )
         self.db.add(user)
-        self.db.commit()
+        await self.db.commit()
         return user.id
-    def update_user(self, username: str, user_data: dict):
-        """更新旧系统用户"""
-        user = self.db.query(User).filter(User.username == username).first()
+    async def _update_user_async(self, username: str, user_data: Dict[str, Any]) -> bool:
+        """异步更新旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
         if user:
             for key, value in user_data.items():
                 setattr(user, key, value)
-            self.db.commit()
+            await self.db.commit()
+            return True
+        return False
+    async def _delete_user_async(self, username: str) -> bool:
+        """异步删除旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if user:
+            await self.db.delete(user)
+            # 或者软删除：user.is_active = False
+            await self.db.commit()
+            return True
+        return False
-    def get_all_users(self):
-        """获取所有用户（用于初始化同步）"""
-        users = self.db.query(User).all()
+    async def get_all_users_async(self) -> List[LegacyUserData]:
+        """异步获取所有用户（用于初始化同步）"""
+        result = await self.db.execute(select(User))
+        users = result.scalars().all()
         return [LegacyUserData({"username": u.username, ...}) for u in users]
 ```
@@ -468,7 +501,7 @@ class MyLegacyAdapter(LegacySystemAdapter):
 from huace_aigc_auth_client import AigcAuthClient, UserSyncService
 client = AigcAuthClient()
-adapter = MyLegacyAdapter(db, sync_config)
+adapter = MyLegacyAdapter(db, sync_config, client)
 sync_service = UserSyncService(client, adapter)
 # 在获取用户信息后调用同步
@@ -479,7 +512,7 @@ async def auth_middleware(request, call_next):
     # 登录成功后，同步用户到旧系统
     if hasattr(request.state, "user_info"):
         user_info = request.state.user_info
-        sync_service.sync_on_login(user_info)
+        await sync_service.sync_on_login_async(user_info)
     return response
 ```
@@ -493,47 +526,35 @@ from fastapi import APIRouter
 from huace_aigc_auth_client import register_webhook_router
 api_router = APIRouter()
+client = AigcAuthClient()
+adapter = MyLegacyAdapter(db, sync_config, client)
 # 定义 webhook 处理函数
-async def handle_webhook(data: dict) -> dict:
+async def handle_auth_webhook(request_data: Dict[str, Any]) -> Dict[str, Any]:
     """
-    处理来自 aigc-auth 的 webhook 通知
+    独立的 webhook 处理函数（用于 SDK 集成）
-    Args:
-        data: webhook 数据，包含 event 和 data 字段
-    Returns:
-        dict: 处理结果
+    这个函数不需要 db 参数，会在内部创建数据库会话。
+    适用于通过 SDK 的 register_webhook_router 注册。
     """
-    from your_app.db import get_db_session
+    from app.db.session import get_db
-    event = data.get("event")
-    user_data = data.get("data", {})
-    # 创建数据库会话
-    async with get_db_session() as db:
-        adapter = MyLegacyAdapter(db, sync_config)
-        if event == "user.created":
-            # 处理用户创建事件
-            if not adapter.get_user_by_unique_field(user_data["username"]):
-                legacy_data = adapter.transform_auth_to_legacy(user_data)
-                legacy_data["password"] = sync_config.unified_password
-                adapter.create_user(legacy_data)
-                await db.commit()
-        elif event == "user.updated":
-            # 处理用户更新事件
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            adapter.update_user(user_data["username"], legacy_data)
-            await db.commit()
-    return {"status": "ok", "event": event}
+    async for db in get_db():
+        try:
+            event = request_data.get("event")
+            data = request_data.get("data", {})
+            logger.info(f"Received webhook event: {event} with data: {data}")
+            # 调用适配器的 handle_webhook 方法
+            return await adapter.handle_webhook(event, data)
+        except Exception as e:
+            logger.exception(f"Failed to handle webhook: {e}")
+            raise
 # 注册 webhook 路由（自动处理签名验证）
 register_webhook_router(
     api_router,
-    handler=handle_webhook,
+    handler=handle_auth_webhook,
     prefix="/webhook",  # 可选，默认 "/webhook"
     secret_env_key="aigc-auth-webhook-secret",  # 可选，在 auth 后台配置
     tags=["Webhook"]  # 可选，默认 ["Webhook"]
@@ -542,55 +563,6 @@ register_webhook_router(
 # webhook 端点将自动创建在: /webhook/auth
 ```
-**传统方式：手动实现 Webhook 端点**
-```python
-import hmac
-import hashlib
-import os
-@app.post("/api/v1/webhook/auth")
-async def receive_auth_webhook(request: Request, db: Session = Depends(get_db)):
-    """接收 aigc-auth 的用户变更通知"""
-    # 获取原始请求体
-    body = await request.body()
-    # 验证签名
-    signature = request.headers.get("X-Webhook-Signature", "")
-    secret = os.getenv("AIGC_AUTH_WEBHOOK_SECRET", "")
-    if secret:
-        expected = hmac.new(
-            secret.encode('utf-8'),
-            body,
-            hashlib.sha256
-        ).hexdigest()
-        if not hmac.compare_digest(expected, signature):
-            raise HTTPException(status_code=401, detail="Invalid signature")
-    # 解析数据
-    data = await request.json()
-    event = data.get("event")
-    user_data = data.get("data", {})
-    if event == "user.created":
-        adapter = MyLegacyAdapter(db, sync_config)
-        if not adapter.get_user_by_unique_field(user_data["username"]):
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            legacy_data["password"] = sync_config.unified_password
-            adapter.create_user(legacy_data)
-            db.commit()
-    elif event == "user.updated":
-        adapter = MyLegacyAdapter(db, sync_config)
-        legacy_data = adapter.transform_auth_to_legacy(user_data)
-        adapter.update_user(user_data["username"], legacy_data)
-        db.commit()
-    return {"success": True}
-```
 **Webhook 签名验证说明**
 SDK 的 `register_webhook_router` 会自动处理签名验证：
@@ -604,7 +576,7 @@ SDK 的 `register_webhook_router` 会自动处理签名验证：
 ```python
 # 一次性脚本：将旧系统用户同步到 aigc-auth
 async def init_sync():
-    adapter = MyLegacyAdapter(db, sync_config)
+    adapter = MyLegacyAdapter(db, sync_config, client)
     users = adapter.get_all_users()
     for user in users:

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9}/README.md RENAMED Viewed

@@ -19,8 +19,7 @@ pip install huace-aigc-auth-client
 # 必填：应用 ID 和密钥（在鉴权中心创建应用后获取）
 AIGC_AUTH_APP_ID=your_app_id
 AIGC_AUTH_APP_SECRET=your_app_secret
-# 可选：鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：https://auth-test.aigc.huacemedia.com/aigc-auth/api/v1
+# 鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：http://auth.aigc-test.huacemedia.com/aigc-auth/api/v1
 AIGC_AUTH_BASE_URL=https://aigc-auth.huacemedia.com/aigc-auth/api/v1
 ```
@@ -395,8 +394,8 @@ from huace_aigc_auth_client import LegacySystemAdapter, LegacyUserData
 class MyLegacyAdapter(LegacySystemAdapter):
     """实现与旧系统用户表的交互"""
-    def __init__(self, db, sync_config):
-        super().__init__(sync_config)
+    def __init__(self, db, sync_config, auth_client=None):
+        super().__init__(sync_config, auth_client)
         self.db = db
     def get_user_by_unique_field(self, username: str):
@@ -410,8 +409,23 @@ class MyLegacyAdapter(LegacySystemAdapter):
             "email": user.email,
             # ... 其他字段
         })
+    async def get_user_by_username_async(self, username: str) -> Optional[LegacyUserData]:
+        """异步通过用户名获取旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if not user:
+            return None
+        return LegacyUserData({
+            "id": user.id,
+            "username": user.username,
+            "email": user.email,
+            # ... 其他字段
+        })
-    def create_user(self, user_data: dict):
+    async def _create_user_async(self, user_data: Dict[str, Any]) -> Optional[Any]:
         """在旧系统创建用户"""
         user = User(
             username=user_data["username"],
@@ -420,20 +434,39 @@ class MyLegacyAdapter(LegacySystemAdapter):
             # ... 其他字段
         )
         self.db.add(user)
-        self.db.commit()
+        await self.db.commit()
         return user.id
-    def update_user(self, username: str, user_data: dict):
-        """更新旧系统用户"""
-        user = self.db.query(User).filter(User.username == username).first()
+    async def _update_user_async(self, username: str, user_data: Dict[str, Any]) -> bool:
+        """异步更新旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
         if user:
             for key, value in user_data.items():
                 setattr(user, key, value)
-            self.db.commit()
+            await self.db.commit()
+            return True
+        return False
+    async def _delete_user_async(self, username: str) -> bool:
+        """异步删除旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if user:
+            await self.db.delete(user)
+            # 或者软删除：user.is_active = False
+            await self.db.commit()
+            return True
+        return False
-    def get_all_users(self):
-        """获取所有用户（用于初始化同步）"""
-        users = self.db.query(User).all()
+    async def get_all_users_async(self) -> List[LegacyUserData]:
+        """异步获取所有用户（用于初始化同步）"""
+        result = await self.db.execute(select(User))
+        users = result.scalars().all()
         return [LegacyUserData({"username": u.username, ...}) for u in users]
 ```
@@ -443,7 +476,7 @@ class MyLegacyAdapter(LegacySystemAdapter):
 from huace_aigc_auth_client import AigcAuthClient, UserSyncService
 client = AigcAuthClient()
-adapter = MyLegacyAdapter(db, sync_config)
+adapter = MyLegacyAdapter(db, sync_config, client)
 sync_service = UserSyncService(client, adapter)
 # 在获取用户信息后调用同步
@@ -454,7 +487,7 @@ async def auth_middleware(request, call_next):
     # 登录成功后，同步用户到旧系统
     if hasattr(request.state, "user_info"):
         user_info = request.state.user_info
-        sync_service.sync_on_login(user_info)
+        await sync_service.sync_on_login_async(user_info)
     return response
 ```
@@ -468,47 +501,35 @@ from fastapi import APIRouter
 from huace_aigc_auth_client import register_webhook_router
 api_router = APIRouter()
+client = AigcAuthClient()
+adapter = MyLegacyAdapter(db, sync_config, client)
 # 定义 webhook 处理函数
-async def handle_webhook(data: dict) -> dict:
+async def handle_auth_webhook(request_data: Dict[str, Any]) -> Dict[str, Any]:
     """
-    处理来自 aigc-auth 的 webhook 通知
+    独立的 webhook 处理函数（用于 SDK 集成）
-    Args:
-        data: webhook 数据，包含 event 和 data 字段
-    Returns:
-        dict: 处理结果
+    这个函数不需要 db 参数，会在内部创建数据库会话。
+    适用于通过 SDK 的 register_webhook_router 注册。
     """
-    from your_app.db import get_db_session
+    from app.db.session import get_db
-    event = data.get("event")
-    user_data = data.get("data", {})
-    # 创建数据库会话
-    async with get_db_session() as db:
-        adapter = MyLegacyAdapter(db, sync_config)
-        if event == "user.created":
-            # 处理用户创建事件
-            if not adapter.get_user_by_unique_field(user_data["username"]):
-                legacy_data = adapter.transform_auth_to_legacy(user_data)
-                legacy_data["password"] = sync_config.unified_password
-                adapter.create_user(legacy_data)
-                await db.commit()
-        elif event == "user.updated":
-            # 处理用户更新事件
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            adapter.update_user(user_data["username"], legacy_data)
-            await db.commit()
-    return {"status": "ok", "event": event}
+    async for db in get_db():
+        try:
+            event = request_data.get("event")
+            data = request_data.get("data", {})
+            logger.info(f"Received webhook event: {event} with data: {data}")
+            # 调用适配器的 handle_webhook 方法
+            return await adapter.handle_webhook(event, data)
+        except Exception as e:
+            logger.exception(f"Failed to handle webhook: {e}")
+            raise
 # 注册 webhook 路由（自动处理签名验证）
 register_webhook_router(
     api_router,
-    handler=handle_webhook,
+    handler=handle_auth_webhook,
     prefix="/webhook",  # 可选，默认 "/webhook"
     secret_env_key="aigc-auth-webhook-secret",  # 可选，在 auth 后台配置
     tags=["Webhook"]  # 可选，默认 ["Webhook"]
@@ -517,55 +538,6 @@ register_webhook_router(
 # webhook 端点将自动创建在: /webhook/auth
 ```
-**传统方式：手动实现 Webhook 端点**
-```python
-import hmac
-import hashlib
-import os
-@app.post("/api/v1/webhook/auth")
-async def receive_auth_webhook(request: Request, db: Session = Depends(get_db)):
-    """接收 aigc-auth 的用户变更通知"""
-    # 获取原始请求体
-    body = await request.body()
-    # 验证签名
-    signature = request.headers.get("X-Webhook-Signature", "")
-    secret = os.getenv("AIGC_AUTH_WEBHOOK_SECRET", "")
-    if secret:
-        expected = hmac.new(
-            secret.encode('utf-8'),
-            body,
-            hashlib.sha256
-        ).hexdigest()
-        if not hmac.compare_digest(expected, signature):
-            raise HTTPException(status_code=401, detail="Invalid signature")
-    # 解析数据
-    data = await request.json()
-    event = data.get("event")
-    user_data = data.get("data", {})
-    if event == "user.created":
-        adapter = MyLegacyAdapter(db, sync_config)
-        if not adapter.get_user_by_unique_field(user_data["username"]):
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            legacy_data["password"] = sync_config.unified_password
-            adapter.create_user(legacy_data)
-            db.commit()
-    elif event == "user.updated":
-        adapter = MyLegacyAdapter(db, sync_config)
-        legacy_data = adapter.transform_auth_to_legacy(user_data)
-        adapter.update_user(user_data["username"], legacy_data)
-        db.commit()
-    return {"success": True}
-```
 **Webhook 签名验证说明**
 SDK 的 `register_webhook_router` 会自动处理签名验证：
@@ -579,7 +551,7 @@ SDK 的 `register_webhook_router` 会自动处理签名验证：
 ```python
 # 一次性脚本：将旧系统用户同步到 aigc-auth
 async def init_sync():
-    adapter = MyLegacyAdapter(db, sync_config)
+    adapter = MyLegacyAdapter(db, sync_config, client)
     users = adapter.get_all_users()
     for user in users:

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9}/huace_aigc_auth_client/__init__.py RENAMED Viewed

@@ -73,6 +73,11 @@ from .webhook import (
     verify_webhook_signature,
 )
+from .webhook_flask import (
+    create_flask_webhook_blueprint,
+    register_flask_webhook_routes,
+)
 __all__ = [
     # 核心类
     "AigcAuthClient",
@@ -94,8 +99,11 @@ __all__ = [
     "SyncResult",
     "create_sync_config",
     "create_default_field_mappings",
-    # Webhook 接收
+    # Webhook 接收 (FastAPI)
     "register_webhook_router",
     "verify_webhook_signature",
+    # Webhook 接收 (Flask)
+    "create_flask_webhook_blueprint",
+    "register_flask_webhook_routes",
 ]
-__version__ = "1.1.7"
+__version__ = "1.1.9"

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9}/huace_aigc_auth_client/legacy_adapter.py RENAMED Viewed

@@ -101,11 +101,11 @@ class LegacySystemAdapter(ABC):
     旧系统适配器抽象基类
     接入系统需要继承此类并实现以下方法：
-    - get_user_by_unique_field: 通过唯一字段获取用户
-    - create_user: 创建用户
-    - update_user: 更新用户（可选）
-    - get_all_users: 获取所有用户（用于初始化同步）
-    - handle_webhook: 处理 webhook 通知（可选，异步方法）
+    - get_user_by_username_async
+    - _create_user_async
+    - _update_user_async
+    - _delete_user_async
+    - get_all_users_async
     """
     def __init__(self, sync_config: SyncConfig, auth_client=None):
@@ -119,24 +119,6 @@ class LegacySystemAdapter(ABC):
         self.config = sync_config
         self.auth_client = auth_client
-    @abstractmethod
-    def get_user_by_unique_field(self, value: Any) -> Optional[LegacyUserData]:
-        """通过唯一字段获取旧系统用户"""
-        pass
-    @abstractmethod
-    def create_user(self, user_data: Dict[str, Any]) -> Optional[Any]:
-        """在旧系统创建用户，返回用户ID"""
-        pass
-    def update_user(self, unique_value: Any, user_data: Dict[str, Any]) -> bool:
-        """更新旧系统用户（可选实现）"""
-        return False
-    def get_all_users(self) -> List[LegacyUserData]:
-        """获取所有旧系统用户（用于初始化同步）"""
-        return []
     @abstractmethod
     async def get_user_by_username_async(self, username: str) -> Optional[LegacyUserData]:
         """异步获取用户（子类必须实现）
@@ -147,6 +129,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             Optional[LegacyUserData]: 用户数据，不存在返回 None
         """
+        logger.info(f"Fetching user by username asynchronously: {username}")
         raise NotImplementedError("Subclass must implement get_user_by_username_async method")
     @abstractmethod
@@ -159,6 +142,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             Optional[Any]: 创建的用户 ID 或其他标识
         """
+        logger.info(f"Creating user with data: {user_data}")
         raise NotImplementedError("Subclass must implement _create_user_async method")
     @abstractmethod
@@ -172,6 +156,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             bool: 更新成功返回 True
         """
+        logger.info(f"Updating user: {username} with data: {user_data}")
         raise NotImplementedError("Subclass must implement _update_user_async method")
     @abstractmethod
@@ -184,6 +169,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             bool: 删除成功返回 True
         """
+        logger.info(f"Deleting user: {username}")
         raise NotImplementedError("Subclass must implement _delete_user_async method")
     @abstractmethod
@@ -193,6 +179,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             List[LegacyUserData]: 所有用户数据列表
         """
+        logger.info("Fetching all users from legacy system asynchronously")
         raise NotImplementedError("Subclass must implement get_all_users_async method")
     async def upsert_user_async(self, user_data: Dict[str, Any], auth_data: Dict[str, Any] = None) -> Dict[str, Any]:
@@ -208,6 +195,7 @@ class LegacySystemAdapter(ABC):
         """
         username = user_data.get("username")
         if not username:
+            logger.error("username is required for upsert operation")
             raise ValueError("username is required for upsert operation")
         # 检查用户是否存在
@@ -216,6 +204,7 @@ class LegacySystemAdapter(ABC):
         if existing:
             # 用户存在，执行更新
             if not auth_data or auth_data.get("updatedFields") is None or len(auth_data.get("updatedFields")) == 0:
+                logger.info(f"No updatedFields provided for user: {username}, skipping update")
                 # 如果没有提供 auth_data 或 updatedFields，则不更新
                 return {"created": False, "user_id": existing.get("id")}
             await self._update_user_async(username, user_data)
@@ -234,8 +223,10 @@ class LegacySystemAdapter(ABC):
             Dict: 同步结果统计
         """
         if not self.auth_client:
+            logger.error("auth_client is required for batch_sync_to_auth")
             raise ValueError("auth_client is required for batch_sync_to_auth. Please provide it in constructor.")
+        logger.info("Starting batch sync from legacy system to aigc-auth")
         users = await self.get_all_users_async()
         results = {
@@ -264,6 +255,7 @@ class LegacySystemAdapter(ABC):
                     auth_data["password"] = password
                 result = self.auth_client.sync_user_to_auth(auth_data)
+                logger.info(f"Sync result for user {user.get('username')}: {result}")
                 if result.get("success"):
                     if result.get("created"):
@@ -277,6 +269,7 @@ class LegacySystemAdapter(ABC):
                         "error": result.get("message")
                     })
             except Exception as e:
+                logger.error(f"Error syncing user {user.get('username')}: {e}")
                 results["failed"] += 1
                 results["errors"].append({
                     "user": user.get("username"),
@@ -298,6 +291,7 @@ class LegacySystemAdapter(ABC):
         Returns:
             Dict: 处理结果
         """
+        logger.info(f"Handling webhook event: {event} with data: {data}")
         if event == "user.created" or event == "user.updated" or event == "user.login":
             # 转换数据格式
             legacy_data = self.transform_auth_to_legacy(data)
@@ -311,6 +305,7 @@ class LegacySystemAdapter(ABC):
             legacy_data["password"] = password
             # 创建或更新用户
+            logger.info(f"Handling {event} event for user: {legacy_data}")
             result = await self.upsert_user_async(legacy_data)
             return {
@@ -321,18 +316,23 @@ class LegacySystemAdapter(ABC):
             }
         elif event == "user.deleted":
+            logger.info("Handling user.deleted event")
             # 禁用用户而不是删除
             username = data.get("username")
             if not username:
+                logger.error("username is required for user.deleted event")
                 logger.error("username is required for user.deleted event")
                 return {"success": False, "message": "username is required for user.deleted event"}
+            logger.info(f"Disabling user: {username}")
             await self._delete_user_async(username)
             return {"success": True, "message": "User disabled"}
         elif event == "user.init_sync_auth":
+            logger.info("Handling user.init_sync_auth event")
             # 初始化同步：批量同步旧系统用户到 aigc-auth
             if not self.auth_client:
+                logger.error("auth_client is required for init_sync_auth event")
                 return {"success": False, "message": "auth_client is required for init_sync_auth event. Please provide it in constructor."}
             results = await self.batch_sync_to_auth()
@@ -362,7 +362,7 @@ class LegacySystemAdapter(ABC):
             if auth_value is not None:
                 result[mapping.legacy_field] = auth_value
+        logger.info(f"Transformed auth user({auth_user}) to legacy format: {result}")
         return result
     def transform_legacy_to_auth(self, legacy_user: LegacyUserData) -> Dict[str, Any]:
@@ -382,7 +382,7 @@ class LegacySystemAdapter(ABC):
             if legacy_value is not None:
                 result[mapping.auth_field] = legacy_value
+        logger.info(f"Transformed legacy user({legacy_user}) to auth format: {result}")
         return result
     def get_password_for_sync(self, legacy_user: Optional[LegacyUserData] = None) -> tuple:

huace_aigc_auth_client-1.1.9/huace_aigc_auth_client/webhook_flask.py ADDED Viewed

@@ -0,0 +1,218 @@
+# -*- coding: utf-8 -*-
+"""
+Flask Webhook 接口
+提供 Flask 版本的 webhook 接收功能，用于接收 aigc-auth 的用户变更通知。
+适用于使用 Flask 框架的项目。
+"""
+import os
+import hmac
+import hashlib
+import logging
+from typing import Callable, Dict, Any, Optional
+from flask import Blueprint, request, jsonify
+logger = logging.getLogger(__name__)
+def verify_webhook_signature(payload: bytes, signature: str, secret: str) -> bool:
+    """
+    验证 webhook 签名
+    Args:
+        payload: 请求体（bytes）
+        signature: 签名字符串
+        secret: 密钥
+    Returns:
+        bool: 签名是否有效
+    """
+    if not secret:
+        # 如果未配置密钥，跳过验证（开发环境）
+        logger.warning("Webhook secret not configured, skipping signature verification")
+        return True
+    if not signature:
+        return False
+    expected = hmac.new(
+        secret.encode('utf-8'),
+        payload,
+        hashlib.sha256
+    ).hexdigest()
+    return hmac.compare_digest(expected, signature)
+def create_flask_webhook_blueprint(
+    handler: Callable[[Dict[str, Any]], Dict[str, Any]],
+    secret_env_key: str = "AIGC_AUTH_WEBHOOK_SECRET",
+    url_prefix: str = "/api/webhook",
+    blueprint_name: str = "aigc_auth_webhook"
+) -> Blueprint:
+    """
+    创建 Flask Webhook Blueprint
+    Args:
+        handler: 处理函数，接收 webhook 数据并返回结果
+                 函数签名: def handler(data: Dict[str, Any]) -> Dict[str, Any]
+                 - 如果是同步函数，直接调用
+                 - 如果是异步函数，会使用 asyncio.run 包装
+        secret_env_key: webhook 密钥的环境变量名
+        url_prefix: URL 前缀，默认为 "/api/webhook"
+        blueprint_name: Blueprint 名称，默认为 "aigc_auth_webhook"
+    Returns:
+        Blueprint: Flask Blueprint 实例
+    使用示例:
+        from huace_aigc_auth_client.webhook_flask import create_flask_webhook_blueprint
+        # 方式1：使用适配器的 handle_webhook 方法
+        from your_app.adapters import YourAdapter
+        sync_config = create_sync_config(...)
+        auth_client = AigcAuthClient(...)
+        adapter = YourAdapter(sync_config, auth_client)
+        async def webhook_handler(data: dict) -> dict:
+            event = data.get("event")
+            event_data = data.get("data", {})
+            return await adapter.handle_webhook(event, event_data)
+        webhook_bp = create_flask_webhook_blueprint(
+            handler=webhook_handler,
+            url_prefix="/api/webhook"
+        )
+        # 方式2：自定义处理逻辑
+        def custom_handler(data: dict) -> dict:
+            event = data.get("event")
+            if event == "user.created":
+                # 自定义处理逻辑
+                user_data = data.get("data", {})
+                # ... 处理用户创建事件
+                return {"status": "success", "created": True}
+            return {"status": "ok"}
+        webhook_bp = create_flask_webhook_blueprint(handler=custom_handler)
+        # 注册到 Flask app
+        app.register_blueprint(webhook_bp)
+        # Webhook 端点: POST /api/webhook/auth
+    """
+    webhook_bp = Blueprint(blueprint_name, __name__, url_prefix=url_prefix)
+    @webhook_bp.route('/auth', methods=['POST'])
+    def receive_auth_webhook():
+        """
+        接收 aigc-auth 用户变更通知
+        当 aigc-auth 中创建或更新用户时，会发送 webhook 通知到此端点。
+        支持的事件:
+        - user.created: 用户创建
+        - user.updated: 用户更新
+        - user.deleted: 用户删除
+        - user.login: 用户登录
+        - user.init_sync_auth: 初始化同步请求
+        """
+        # 获取请求体
+        body = request.get_data()
+        # 验证签名
+        signature = request.headers.get("X-Webhook-Signature", "")
+        secret = os.getenv(secret_env_key, "")
+        if not verify_webhook_signature(body, signature, secret):
+            logger.warning("Webhook 签名验证失败")
+            return jsonify({"code": 401, "message": "Invalid signature"}), 401
+        # 解析请求数据
+        try:
+            data = request.get_json()
+        except Exception as e:
+            logger.error(f"解析 webhook 数据失败: {e}")
+            return jsonify({"code": 400, "message": "Invalid JSON payload"}), 400
+        # 记录日志
+        event = data.get("event", "unknown")
+        logger.info(f"收到 webhook 事件: {event}")
+        # 调用用户提供的处理函数
+        try:
+            import asyncio
+            import inspect
+            # 检查 handler 是否为协程函数
+            if inspect.iscoroutinefunction(handler):
+                result = asyncio.run(handler(data))
+            else:
+                result = handler(data)
+            return jsonify({"code": 0, "message": "success", "data": result})
+        except Exception as e:
+            logger.exception(f"处理 webhook 失败: {e}")
+            return jsonify({"code": 500, "message": str(e)}), 500
+    return webhook_bp
+def register_flask_webhook_routes(
+    app,
+    handler: Callable[[Dict[str, Any]], Dict[str, Any]],
+    secret_env_key: str = "AIGC_AUTH_WEBHOOK_SECRET",
+    url_prefix: str = "/api/webhook",
+    blueprint_name: str = "aigc_auth_webhook"
+):
+    """
+    注册 webhook 路由到 Flask 应用
+    这是一个便捷函数，封装了创建 blueprint 和注册的过程。
+    Args:
+        app: Flask 应用实例
+        handler: 处理函数，接收 webhook 数据并返回结果
+        secret_env_key: webhook 密钥的环境变量名
+        url_prefix: URL 前缀，默认为 "/api/webhook"
+        blueprint_name: Blueprint 名称
+    使用示例:
+        from huace_aigc_auth_client.webhook_flask import register_flask_webhook_routes
+        app = Flask(__name__)
+        # 创建适配器
+        adapter = YourAdapter(sync_config, auth_client)
+        # 定义处理函数
+        async def webhook_handler(data: dict) -> dict:
+            event = data.get("event")
+            event_data = data.get("data", {})
+            return await adapter.handle_webhook(event, event_data)
+        # 注册 webhook 路由
+        register_flask_webhook_routes(
+            app,
+            handler=webhook_handler,
+            url_prefix="/custom/webhook"  # 自定义前缀
+        )
+        # Webhook 端点: POST /custom/webhook/auth
+    """
+    webhook_bp = create_flask_webhook_blueprint(
+        handler=handler,
+        secret_env_key=secret_env_key,
+        url_prefix=url_prefix,
+        blueprint_name=blueprint_name
+    )
+    app.register_blueprint(webhook_bp)
+    logger.info(f"Webhook 路由已注册: {url_prefix}/auth")
+# 向后兼容的别名
+create_webhook_blueprint = create_flask_webhook_blueprint
+register_webhook_routes = register_flask_webhook_routes

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9/huace_aigc_auth_client.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: huace-aigc-auth-client
-Version: 1.1.7
+Version: 1.1.9
 Summary: 华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能
 Author-email: Huace <support@huace.com>
 License: MIT
@@ -44,8 +44,7 @@ pip install huace-aigc-auth-client
 # 必填：应用 ID 和密钥（在鉴权中心创建应用后获取）
 AIGC_AUTH_APP_ID=your_app_id
 AIGC_AUTH_APP_SECRET=your_app_secret
-# 可选：鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：https://auth-test.aigc.huacemedia.com/aigc-auth/api/v1
+# 鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：http://auth.aigc-test.huacemedia.com/aigc-auth/api/v1
 AIGC_AUTH_BASE_URL=https://aigc-auth.huacemedia.com/aigc-auth/api/v1
 ```
@@ -420,8 +419,8 @@ from huace_aigc_auth_client import LegacySystemAdapter, LegacyUserData
 class MyLegacyAdapter(LegacySystemAdapter):
     """实现与旧系统用户表的交互"""
-    def __init__(self, db, sync_config):
-        super().__init__(sync_config)
+    def __init__(self, db, sync_config, auth_client=None):
+        super().__init__(sync_config, auth_client)
         self.db = db
     def get_user_by_unique_field(self, username: str):
@@ -435,8 +434,23 @@ class MyLegacyAdapter(LegacySystemAdapter):
             "email": user.email,
             # ... 其他字段
         })
+    async def get_user_by_username_async(self, username: str) -> Optional[LegacyUserData]:
+        """异步通过用户名获取旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if not user:
+            return None
+        return LegacyUserData({
+            "id": user.id,
+            "username": user.username,
+            "email": user.email,
+            # ... 其他字段
+        })
-    def create_user(self, user_data: dict):
+    async def _create_user_async(self, user_data: Dict[str, Any]) -> Optional[Any]:
         """在旧系统创建用户"""
         user = User(
             username=user_data["username"],
@@ -445,20 +459,39 @@ class MyLegacyAdapter(LegacySystemAdapter):
             # ... 其他字段
         )
         self.db.add(user)
-        self.db.commit()
+        await self.db.commit()
         return user.id
-    def update_user(self, username: str, user_data: dict):
-        """更新旧系统用户"""
-        user = self.db.query(User).filter(User.username == username).first()
+    async def _update_user_async(self, username: str, user_data: Dict[str, Any]) -> bool:
+        """异步更新旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
         if user:
             for key, value in user_data.items():
                 setattr(user, key, value)
-            self.db.commit()
+            await self.db.commit()
+            return True
+        return False
+    async def _delete_user_async(self, username: str) -> bool:
+        """异步删除旧系统用户"""
+        user = await self.db.execute(
+            select(User).where(User.username == username)
+        )
+        user = user.scalars().first()
+        if user:
+            await self.db.delete(user)
+            # 或者软删除：user.is_active = False
+            await self.db.commit()
+            return True
+        return False
-    def get_all_users(self):
-        """获取所有用户（用于初始化同步）"""
-        users = self.db.query(User).all()
+    async def get_all_users_async(self) -> List[LegacyUserData]:
+        """异步获取所有用户（用于初始化同步）"""
+        result = await self.db.execute(select(User))
+        users = result.scalars().all()
         return [LegacyUserData({"username": u.username, ...}) for u in users]
 ```
@@ -468,7 +501,7 @@ class MyLegacyAdapter(LegacySystemAdapter):
 from huace_aigc_auth_client import AigcAuthClient, UserSyncService
 client = AigcAuthClient()
-adapter = MyLegacyAdapter(db, sync_config)
+adapter = MyLegacyAdapter(db, sync_config, client)
 sync_service = UserSyncService(client, adapter)
 # 在获取用户信息后调用同步
@@ -479,7 +512,7 @@ async def auth_middleware(request, call_next):
     # 登录成功后，同步用户到旧系统
     if hasattr(request.state, "user_info"):
         user_info = request.state.user_info
-        sync_service.sync_on_login(user_info)
+        await sync_service.sync_on_login_async(user_info)
     return response
 ```
@@ -493,47 +526,35 @@ from fastapi import APIRouter
 from huace_aigc_auth_client import register_webhook_router
 api_router = APIRouter()
+client = AigcAuthClient()
+adapter = MyLegacyAdapter(db, sync_config, client)
 # 定义 webhook 处理函数
-async def handle_webhook(data: dict) -> dict:
+async def handle_auth_webhook(request_data: Dict[str, Any]) -> Dict[str, Any]:
     """
-    处理来自 aigc-auth 的 webhook 通知
+    独立的 webhook 处理函数（用于 SDK 集成）
-    Args:
-        data: webhook 数据，包含 event 和 data 字段
-    Returns:
-        dict: 处理结果
+    这个函数不需要 db 参数，会在内部创建数据库会话。
+    适用于通过 SDK 的 register_webhook_router 注册。
     """
-    from your_app.db import get_db_session
+    from app.db.session import get_db
-    event = data.get("event")
-    user_data = data.get("data", {})
-    # 创建数据库会话
-    async with get_db_session() as db:
-        adapter = MyLegacyAdapter(db, sync_config)
-        if event == "user.created":
-            # 处理用户创建事件
-            if not adapter.get_user_by_unique_field(user_data["username"]):
-                legacy_data = adapter.transform_auth_to_legacy(user_data)
-                legacy_data["password"] = sync_config.unified_password
-                adapter.create_user(legacy_data)
-                await db.commit()
-        elif event == "user.updated":
-            # 处理用户更新事件
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            adapter.update_user(user_data["username"], legacy_data)
-            await db.commit()
-    return {"status": "ok", "event": event}
+    async for db in get_db():
+        try:
+            event = request_data.get("event")
+            data = request_data.get("data", {})
+            logger.info(f"Received webhook event: {event} with data: {data}")
+            # 调用适配器的 handle_webhook 方法
+            return await adapter.handle_webhook(event, data)
+        except Exception as e:
+            logger.exception(f"Failed to handle webhook: {e}")
+            raise
 # 注册 webhook 路由（自动处理签名验证）
 register_webhook_router(
     api_router,
-    handler=handle_webhook,
+    handler=handle_auth_webhook,
     prefix="/webhook",  # 可选，默认 "/webhook"
     secret_env_key="aigc-auth-webhook-secret",  # 可选，在 auth 后台配置
     tags=["Webhook"]  # 可选，默认 ["Webhook"]
@@ -542,55 +563,6 @@ register_webhook_router(
 # webhook 端点将自动创建在: /webhook/auth
 ```
-**传统方式：手动实现 Webhook 端点**
-```python
-import hmac
-import hashlib
-import os
-@app.post("/api/v1/webhook/auth")
-async def receive_auth_webhook(request: Request, db: Session = Depends(get_db)):
-    """接收 aigc-auth 的用户变更通知"""
-    # 获取原始请求体
-    body = await request.body()
-    # 验证签名
-    signature = request.headers.get("X-Webhook-Signature", "")
-    secret = os.getenv("AIGC_AUTH_WEBHOOK_SECRET", "")
-    if secret:
-        expected = hmac.new(
-            secret.encode('utf-8'),
-            body,
-            hashlib.sha256
-        ).hexdigest()
-        if not hmac.compare_digest(expected, signature):
-            raise HTTPException(status_code=401, detail="Invalid signature")
-    # 解析数据
-    data = await request.json()
-    event = data.get("event")
-    user_data = data.get("data", {})
-    if event == "user.created":
-        adapter = MyLegacyAdapter(db, sync_config)
-        if not adapter.get_user_by_unique_field(user_data["username"]):
-            legacy_data = adapter.transform_auth_to_legacy(user_data)
-            legacy_data["password"] = sync_config.unified_password
-            adapter.create_user(legacy_data)
-            db.commit()
-    elif event == "user.updated":
-        adapter = MyLegacyAdapter(db, sync_config)
-        legacy_data = adapter.transform_auth_to_legacy(user_data)
-        adapter.update_user(user_data["username"], legacy_data)
-        db.commit()
-    return {"success": True}
-```
 **Webhook 签名验证说明**
 SDK 的 `register_webhook_router` 会自动处理签名验证：
@@ -604,7 +576,7 @@ SDK 的 `register_webhook_router` 会自动处理签名验证：
 ```python
 # 一次性脚本：将旧系统用户同步到 aigc-auth
 async def init_sync():
-    adapter = MyLegacyAdapter(db, sync_config)
+    adapter = MyLegacyAdapter(db, sync_config, client)
     users = adapter.get_all_users()
     for user in users:

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9}/huace_aigc_auth_client.egg-info/SOURCES.txt RENAMED Viewed

@@ -7,6 +7,7 @@ huace_aigc_auth_client/__init__.py
 huace_aigc_auth_client/legacy_adapter.py
 huace_aigc_auth_client/sdk.py
 huace_aigc_auth_client/webhook.py
+huace_aigc_auth_client/webhook_flask.py
 huace_aigc_auth_client.egg-info/PKG-INFO
 huace_aigc_auth_client.egg-info/SOURCES.txt
 huace_aigc_auth_client.egg-info/dependency_links.txt

{huace_aigc_auth_client-1.1.7 → huace_aigc_auth_client-1.1.9}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "huace-aigc-auth-client"
-version = "1.1.7"
+version = "1.1.9"
 description = "华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能"
 readme = "README.md"
 requires-python = ">=3.7"