feat(openapi): Add OpenAPI code generation and enhance user context support

- Add Maven OpenAPI code generation plugin with swagger dependencies now that we can use automatically generated schemas which predefined in apollo-openapi.yaml
- Enhance SpringSecurityUserInfoHolder to support OpenAPI consumer context
- Update AuthConfiguration to inject ConsumerService with lazy loading
- Add Maven local repository to .gitignore

This change enables automatic OpenAPI client/server code generation from
external spec and provides dual user context support for both regular
web users and OpenAPI consumers."

Author: tacklequestions

.gitignore

@@ -27,3 +27,6 @@ target
 *.orig
 .flattened-pom.xml
 
+# Maven local repository
+.m2/
+

apollo-portal/pom.xml

@@ -27,6 +27,7 @@
 	<artifactId>apollo-portal</artifactId>
 	<name>Apollo Portal</name>
 	<properties>
+		<apollo.openapi.spec.url>https://raw.githubusercontent.com/tacklequestions/apollo-openapi/main/apollo-openapi.yaml</apollo.openapi.spec.url>
 		<github.path>${project.artifactId}</github.path>
 		<maven.build.timestamp.format>yyyyMMddHHmmss</maven.build.timestamp.format>
 	</properties>
@@ -44,6 +45,21 @@
 			<groupId>com.ctrip.framework.apollo</groupId>
 			<artifactId>apollo-openapi</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.openapitools</groupId>
+			<artifactId>jackson-databind-nullable</artifactId>
+			<version>0.2.6</version>
+		</dependency>
+		<dependency>
+			<groupId>io.swagger.core.v3</groupId>
+			<artifactId>swagger-annotations-jakarta</artifactId>
+			<version>2.2.22</version>
+		</dependency>
+		<dependency>
+			<groupId>io.swagger.core.v3</groupId>
+			<artifactId>swagger-models-jakarta</artifactId>
+			<version>2.2.22</version>
+		</dependency>
 		<dependency>
 			<groupId>com.ctrip.framework.apollo</groupId>
 			<artifactId>apollo-audit-spring-boot-starter</artifactId>
@@ -198,6 +214,68 @@
 					</replacements>
 				</configuration>
 			</plugin>
+			<!-- 1) OpenAPI 代码生成：绑定 generate-sources 阶段 -->
+			<plugin>
+				<groupId>org.openapitools</groupId>
+				<artifactId>openapi-generator-maven-plugin</artifactId>
+				<version>7.15.0</version>
+				<executions>
+					<execution>
+						<id>generate-openapi-sources</id>
+						<phase>generate-sources</phase>
+						<goals>
+							<goal>generate</goal>
+						</goals>
+						<configuration>
+							<!-- 你的 OpenAPI 契约文件 -->
+							<inputSpec>${apollo.openapi.spec.url}</inputSpec>
+
+							<!-- 生成 Spring 接口/模型 -->
+							<generatorName>spring</generatorName>
+
+							<!-- 输出目录（注意 openapi 会在下面再加一层 src/main/java） -->
+							<output>${project.build.directory}/generated-sources/openapi</output>
+
+							<!-- 包名 -->
+							<apiPackage>com.ctrip.framework.apollo.openapi.api</apiPackage>
+							<modelPackage>com.ctrip.framework.apollo.openapi.model</modelPackage>
+							<invokerPackage>com.ctrip.framework.apollo.openapi.invoker</invokerPackage>
+
+							<!-- 常用开关：只出接口 & 按 tag 分组，使用 java8 时间类型 -->
+							<configOptions>
+							<interfaceOnly>true</interfaceOnly>
+							<useTags>true</useTags>
+							<dateLibrary>java8</dateLibrary>
+						</configOptions>
+
+						<!-- 可选：跳过严格校验（契约不完全时更宽容） -->
+						<skipValidateSpec>true</skipValidateSpec>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
+
+			<!-- 2) 把生成目录标记为源码目录，让 IDE 直接参与编译 -->
+			<plugin>
+				<groupId>org.codehaus.mojo</groupId>
+				<artifactId>build-helper-maven-plugin</artifactId>
+				<version>3.5.0</version>
+				<executions>
+					<execution>
+						<id>add-openapi-sources</id>
+						<phase>generate-sources</phase>
+						<goals>
+							<goal>add-source</goal>
+						</goals>
+						<configuration>
+							<sources>
+								<!-- 注意这层 src/main/java -->
+								<source>${project.build.directory}/generated-sources/openapi/src/main/java</source>
+							</sources>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
 		</plugins>
 	</build>
 </project>

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/spi/configuration/AuthConfiguration.java

@@ -17,33 +17,9 @@
 
 package com.ctrip.framework.apollo.portal.spi.configuration;
 
-import com.ctrip.framework.apollo.common.condition.ConditionalOnMissingProfile;
-import com.ctrip.framework.apollo.core.utils.StringUtils;
-import com.ctrip.framework.apollo.portal.repository.AuthorityRepository;
-import com.ctrip.framework.apollo.portal.repository.UserRepository;
-import com.ctrip.framework.apollo.portal.spi.LogoutHandler;
-import com.ctrip.framework.apollo.portal.spi.SsoHeartbeatHandler;
-import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
-import com.ctrip.framework.apollo.portal.spi.UserService;
-import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultLogoutHandler;
-import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultSsoHeartbeatHandler;
-import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultUserInfoHolder;
-import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultUserService;
-import com.ctrip.framework.apollo.portal.spi.ldap.ApolloLdapAuthenticationProvider;
-import com.ctrip.framework.apollo.portal.spi.ldap.FilterLdapByGroupUserSearch;
-import com.ctrip.framework.apollo.portal.spi.ldap.LdapUserService;
-import com.ctrip.framework.apollo.portal.spi.oidc.ExcludeClientCredentialsClientRegistrationRepository;
-import com.ctrip.framework.apollo.portal.spi.oidc.OidcAuthenticationSuccessEventListener;
-import com.ctrip.framework.apollo.portal.spi.oidc.OidcLocalUserService;
-import com.ctrip.framework.apollo.portal.spi.oidc.OidcLocalUserServiceImpl;
-import com.ctrip.framework.apollo.portal.spi.oidc.OidcLogoutHandler;
-import com.ctrip.framework.apollo.portal.spi.oidc.OidcUserInfoHolder;
-import com.ctrip.framework.apollo.portal.spi.springsecurity.ApolloPasswordEncoderFactory;
-import com.ctrip.framework.apollo.portal.spi.springsecurity.SpringSecurityUserInfoHolder;
-import com.ctrip.framework.apollo.portal.spi.springsecurity.SpringSecurityUserService;
-
 import java.text.MessageFormat;
 import java.util.Collections;
+
 import javax.persistence.EntityManagerFactory;
 import javax.sql.DataSource;
 
@@ -56,6 +32,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.context.annotation.Profile;
 import org.springframework.core.annotation.Order;
 import org.springframework.core.env.Environment;
@@ -78,6 +55,32 @@
 import org.springframework.security.provisioning.JdbcUserDetailsManager;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 
+import com.ctrip.framework.apollo.common.condition.ConditionalOnMissingProfile;
+import com.ctrip.framework.apollo.core.utils.StringUtils;
+import com.ctrip.framework.apollo.openapi.service.ConsumerService;
+import com.ctrip.framework.apollo.portal.repository.AuthorityRepository;
+import com.ctrip.framework.apollo.portal.repository.UserRepository;
+import com.ctrip.framework.apollo.portal.spi.LogoutHandler;
+import com.ctrip.framework.apollo.portal.spi.SsoHeartbeatHandler;
+import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
+import com.ctrip.framework.apollo.portal.spi.UserService;
+import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultLogoutHandler;
+import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultSsoHeartbeatHandler;
+import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultUserInfoHolder;
+import com.ctrip.framework.apollo.portal.spi.defaultimpl.DefaultUserService;
+import com.ctrip.framework.apollo.portal.spi.ldap.ApolloLdapAuthenticationProvider;
+import com.ctrip.framework.apollo.portal.spi.ldap.FilterLdapByGroupUserSearch;
+import com.ctrip.framework.apollo.portal.spi.ldap.LdapUserService;
+import com.ctrip.framework.apollo.portal.spi.oidc.ExcludeClientCredentialsClientRegistrationRepository;
+import com.ctrip.framework.apollo.portal.spi.oidc.OidcAuthenticationSuccessEventListener;
+import com.ctrip.framework.apollo.portal.spi.oidc.OidcLocalUserService;
+import com.ctrip.framework.apollo.portal.spi.oidc.OidcLocalUserServiceImpl;
+import com.ctrip.framework.apollo.portal.spi.oidc.OidcLogoutHandler;
+import com.ctrip.framework.apollo.portal.spi.oidc.OidcUserInfoHolder;
+import com.ctrip.framework.apollo.portal.spi.springsecurity.ApolloPasswordEncoderFactory;
+import com.ctrip.framework.apollo.portal.spi.springsecurity.SpringSecurityUserInfoHolder;
+import com.ctrip.framework.apollo.portal.spi.springsecurity.SpringSecurityUserService;
+
 @Configuration
 public class AuthConfiguration {
 
@@ -106,8 +109,8 @@ public static PasswordEncoder passwordEncoder() {
 
     @Bean
     @ConditionalOnMissingBean(UserInfoHolder.class)
-    public UserInfoHolder springSecurityUserInfoHolder(UserService userService) {
-      return new SpringSecurityUserInfoHolder(userService);
+    public UserInfoHolder springSecurityUserInfoHolder(UserService userService, @Lazy ConsumerService consumerService) {
+      return new SpringSecurityUserInfoHolder(userService, consumerService);
     }
 
     @Bean
@@ -210,8 +213,8 @@ public SsoHeartbeatHandler defaultSsoHeartbeatHandler() {
 
     @Bean
     @ConditionalOnMissingBean(UserInfoHolder.class)
-    public UserInfoHolder springSecurityUserInfoHolder(UserService userService) {
-      return new SpringSecurityUserInfoHolder(userService);
+    public UserInfoHolder springSecurityUserInfoHolder(UserService userService, @Lazy ConsumerService consumerService) {
+      return new SpringSecurityUserInfoHolder(userService, consumerService);
     }
 
     @Bean

apollo-portal/src/main/java/com/ctrip/framework/apollo/portal/spi/springsecurity/SpringSecurityUserInfoHolder.java

@@ -16,34 +16,100 @@
  */
 package com.ctrip.framework.apollo.portal.spi.springsecurity;
 
-import com.ctrip.framework.apollo.portal.entity.bo.UserInfo;
-import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
-import com.ctrip.framework.apollo.portal.spi.UserService;
+import java.security.Principal;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.context.annotation.Lazy;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
-import java.security.Principal;
+import com.ctrip.framework.apollo.openapi.entity.Consumer;
+import com.ctrip.framework.apollo.openapi.service.ConsumerService;
+import com.ctrip.framework.apollo.portal.entity.bo.UserInfo;
+import com.ctrip.framework.apollo.portal.spi.UserInfoHolder;
+import com.ctrip.framework.apollo.portal.spi.UserService;
 
 public class SpringSecurityUserInfoHolder implements UserInfoHolder {
 
+
   private final UserService userService;
+  private final ConsumerService consumerService;
 
-  public SpringSecurityUserInfoHolder(UserService userService) {
+  public SpringSecurityUserInfoHolder(UserService userService,
+                               @Lazy ConsumerService consumerService) {
     this.userService = userService;
+    this.consumerService = consumerService;
   }
 
   @Override
   public UserInfo getUser() {
-    String userId = this.getCurrentUsername();
-    UserInfo userInfoFound = this.userService.findByUserId(userId);
+    // 首先尝试从OpenAPI Consumer上下文获取用户信息
+    UserInfo consumerUserInfo = getConsumerUserInfo();
+    if (consumerUserInfo != null) {
+      return consumerUserInfo;
+    }
+
+    // 回退到Spring Security上下文
+    String userId = getCurrentUsername();
+    UserInfo userInfoFound = userService.findByUserId(userId);
     if (userInfoFound != null) {
       return userInfoFound;
     }
+
     UserInfo userInfo = new UserInfo();
     userInfo.setUserId(userId);
     return userInfo;
   }
 
+  /**
+   * 从OpenAPI Consumer上下文获取用户信息
+   */
+  private UserInfo getConsumerUserInfo() {
+    try {
+      ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+      if (attributes == null) {
+        return null;
+      }
+
+      HttpServletRequest request = attributes.getRequest();
+      String requestURI = request.getRequestURI();
+
+      // 只对OpenAPI请求处理Consumer用户信息
+      if (!requestURI.startsWith("/openapi/")) {
+        return null;
+      }
+
+      // 获取Consumer ID
+      Object consumerIdObj = request.getAttribute("ApolloConsumerId");
+      if (consumerIdObj == null) {
+        return null;
+      }
+
+      long consumerId = Long.parseLong(consumerIdObj.toString());
+      Consumer consumer = consumerService.getConsumerByConsumerId(consumerId);
+      if (consumer == null) {
+        return null;
+      }
+
+      // 构建基于Consumer的用户信息
+      UserInfo userInfo = new UserInfo();
+      userInfo.setUserId(consumer.getOwnerName());
+      userInfo.setName(consumer.getName());
+      userInfo.setEmail(consumer.getOwnerEmail());
+
+      return userInfo;
+    } catch (Exception e) {
+      // 如果获取Consumer信息失败，返回null，让系统回退到默认方式
+      return null;
+    }
+  }
+
+  /**
+   * 从Spring Security上下文获取用户名
+   */
   private String getCurrentUsername() {
     Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
     if (principal instanceof UserDetails) {
@@ -54,5 +120,4 @@ private String getCurrentUsername() {
     }
     return String.valueOf(principal);
   }
-
 }