From 505c35758c95d9541d6325cb904384ce25f46eb2 Mon Sep 17 00:00:00 2001
From: owenlxu <owenlxu@tencent.com>
Date: Wed, 11 Oct 2023 10:45:00 +0800
Subject: [PATCH] =?UTF-8?q?bug:=20=E5=A4=84=E7=90=86=E8=B0=83=E7=94=A8?=
 =?UTF-8?q?=E9=89=B4=E6=9D=83=E6=9C=8D=E5=8A=A1=E5=BC=82=E5=B8=B8=E8=BF=94?=
 =?UTF-8?q?=E5=9B=9E=E7=8A=B6=E6=80=81=20#1244?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../bkrepo/auth/service/bkauth/CIAuthService.kt    | 14 ++++++++------
 .../com/tencent/bkrepo/auth/util/HttpUtils.kt      |  3 +--
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkauth/CIAuthService.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkauth/CIAuthService.kt
index 91329f5a47..b93fd0c9ae 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkauth/CIAuthService.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/service/bkauth/CIAuthService.kt
@@ -73,7 +73,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
         return try {
             val request = Request.Builder().url(url).header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken())
                 .header(DEVOPS_PROJECT_ID, projectCode).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, setOf(HttpStatus.FORBIDDEN.value))
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             logger.debug("validateProjectUsers url[$url],result[${apiResponse.code},${apiResponse.content}]")
             if (apiResponse.code == HttpStatus.OK.value) {
                 val responseObject = objectMapper.readValue<BkciAuthCheckResponse>(apiResponse.content)
@@ -102,7 +102,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
         return try {
             val request = Request.Builder().url(url).header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken())
                 .header(DEVOPS_PROJECT_ID, projectCode).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2)
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             val responseObject = objectMapper.readValue<BkciAuthCheckResponse>(apiResponse.content)
             logger.debug("validateProjectManager url[$url], result[${apiResponse.content}]")
             resourcePermissionCache.put(cacheKey, responseObject.data)
@@ -138,7 +138,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
         return try {
             val request = Request.Builder().url(url).header(DEVOPS_UID, user).header(DEVOPS_PROJECT_ID, projectCode)
                 .header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken()).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, setOf(HttpStatus.FORBIDDEN.value))
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             logger.debug(
                 "validateProjectSuperAdmin , requestUrl: [$url]," + " result : [${
                     apiResponse.content.replace("\n", "")
@@ -182,7 +182,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
         return try {
             val request = Request.Builder().url(url).header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken())
                 .header(DEVOPS_UID, user).header(DEVOPS_PROJECT_ID, projectCode).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, setOf(HttpStatus.FORBIDDEN.value))
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             val responseObject = objectMapper.readValue<BkciAuthCheckResponse>(apiResponse.content)
             logger.debug("validateUserResourcePermission,requestUrl: [$url], result : [${apiResponse.content}]")
             resourcePermissionCache.put(cacheKey, responseObject.data)
@@ -202,7 +202,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
                     "action=${action.value}&resourceType=${resourceType.value}"
             val request = Request.Builder().url(url).header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken())
                 .header(DEVOPS_UID, user).header(DEVOPS_PROJECT_ID, projectCode).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, setOf(HttpStatus.FORBIDDEN.value))
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             val responseObject = objectMapper.readValue<BkciAuthListResponse>(apiResponse.content)
             logger.debug("getUserResourceByPermission, requestUrl: [$url], result : [${apiResponse.content}]")
             return responseObject.data
@@ -217,7 +217,7 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
             val url = "${devopsAuthConfig.getBkciAuthServer()}/auth/api/open/service/auth/projects/users/$user"
             val request = Request.Builder().url(url).header(DEVOPS_BK_TOKEN, devopsAuthConfig.getBkciAuthToken())
                 .header(DEVOPS_GATEWAY_TAG, DEVOPS_PROD_V3).header(DEVOPS_UID, user).get().build()
-            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, setOf(HttpStatus.FORBIDDEN.value))
+            val apiResponse = HttpUtils.doRequest(okHttpClient, request, 2, allowHttpStatusSet)
             val responseObject = objectMapper.readValue<BkciAuthListResponse>(apiResponse.content)
             logger.debug("getProjectListByUser, requestUrl: [$url], result : [${apiResponse.content}]")
             return responseObject.data
@@ -229,6 +229,8 @@ class CIAuthService @Autowired constructor(private val devopsAuthConfig: DevopsA
 
     companion object {
         private val logger = LoggerFactory.getLogger(CIAuthService::class.java)
+        private val allowHttpStatusSet =
+            setOf(HttpStatus.FORBIDDEN.value, HttpStatus.BAD_REQUEST.value, HttpStatus.NOT_FOUND.value)
         const val DEVOPS_BK_TOKEN = "X-DEVOPS-BK-TOKEN"
         const val DEVOPS_UID = "X-DEVOPS-UID"
         const val DEVOPS_PROJECT_ID = "X-DEVOPS-PROJECT-ID"
diff --git a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/HttpUtils.kt b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/HttpUtils.kt
index b545f41cef..52774e63f0 100644
--- a/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/HttpUtils.kt
+++ b/src/backend/auth/biz-auth/src/main/kotlin/com/tencent/bkrepo/auth/util/HttpUtils.kt
@@ -52,8 +52,7 @@ object HttpUtils {
                 return ApiResponse(responseCode, responseContent)
             }
             throw RuntimeException(
-                "http request url ${request.url} failed, " +
-                    "code: $responseCode, responseContent: $responseContent"
+                "http request url ${request.url} failed, code: $responseCode, responseContent: $responseContent"
             )
         } catch (e: Exception) {
             if (retry > 0) {