perf: add manage.py command: init_oauth2_provider, resolve init jumpserver client failed issue

2026-01-29 21:51:31 +00:00 · 2025-12-03 14:34:03 +08:00
parent 95331a0c4b
commit 3c96480b0c
7 changed files with 86 additions and 6 deletions
--- a/apps/authentication/backends/oauth2_provider/utils.py
+++ b/apps/authentication/backends/oauth2_provider/utils.py
@@ -6,7 +6,7 @@ def get_or_create_jumpserver_client_application():
    Application = get_application_model()
    
    application, created = Application.objects.get_or_create(
-        name='JumpServer Client',
+        name=settings.OAUTH2_PROVIDER_JUMPSERVER_CLIENT_NAME,
        defaults={
            'client_type': Application.CLIENT_PUBLIC,
            'authorization_grant_type': Application.GRANT_AUTHORIZATION_CODE,
--- a/apps/authentication/management/init.py
+++ b/apps/authentication/management/init.py
--- a/apps/authentication/management/commands/init.py
+++ b/apps/authentication/management/commands/init.py
--- a/apps/authentication/management/commands/init_oauth2_provider.py
+++ b/apps/authentication/management/commands/init_oauth2_provider.py
@@ -0,0 +1,75 @@
+# -*- coding: utf-8 -*-
+#
+from django.core.management.base import BaseCommand
+from django.db.utils import OperationalError, ProgrammingError
+from django.conf import settings
+
+
+class Command(BaseCommand):
+    help = 'Initialize OAuth2 Provider - Create default JumpServer Client application'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--force',
+            action='store_true',
+            help='Force recreate the application even if it exists',
+        )
+
+    def handle(self, *args, **options):
+        force = options.get('force', False)
+        
+        try:
+            from authentication.backends.oauth2_provider.utils import (
+                get_or_create_jumpserver_client_application
+            )
+            from oauth2_provider.models import get_application_model
+            
+            Application = get_application_model()
+            
+            # 检查表是否存在
+            try:
+                Application.objects.exists()
+            except (OperationalError, ProgrammingError) as e:
+                self.stdout.write(
+                    self.style.ERROR(
+                        f'OAuth2 Provider tables not found. Please run migrations first:\n'
+                        f'  python manage.py migrate oauth2_provider\n'
+                        f'Error: {e}'
+                    )
+                )
+                return
+            
+            # 如果强制重建，先删除已存在的应用
+            if force:
+                deleted_count, _ = Application.objects.filter(
+                    name=settings.OAUTH2_PROVIDER_JUMPSERVER_CLIENT_NAME
+                ).delete()
+                if deleted_count > 0:
+                    self.stdout.write(
+                        self.style.WARNING(f'Deleted {deleted_count} existing application(s)')
+                    )
+            
+            # 创建或获取应用
+            application = get_or_create_jumpserver_client_application()
+            
+            if application:
+                self.stdout.write(
+                    self.style.SUCCESS(
+                        f'✓ OAuth2 JumpServer Client application initialized successfully\n'
+                        f'  - Client ID: {application.client_id}\n'
+                        f'  - Client Type: {application.get_client_type_display()}\n'
+                        f'  - Grant Type: {application.get_authorization_grant_type_display()}\n'
+                        f'  - Redirect URIs: {application.redirect_uris}\n'
+                        f'  - Skip Authorization: {application.skip_authorization}'
+                    )
+                )
+            else:
+                self.stdout.write(
+                    self.style.ERROR('Failed to create OAuth2 application')
+                )
+                
+        except Exception as e:
+            self.stdout.write(
+                self.style.ERROR(f'Error initializing OAuth2 Provider: {e}')
+            )
+            raise
--- a/apps/common/apps.py
+++ b/apps/common/apps.py
@@ -5,7 +5,6 @@ import sys

 from django.apps import AppConfig
 from django.db import close_old_connections
-from django.conf import settings


 class CommonConfig(AppConfig):
@@ -24,6 +23,3 @@ class CommonConfig(AppConfig):
        if not os.environ.get('DJANGO_DEBUG_SHELL'):
            django_ready.send(CommonConfig)
            close_old_connections()
-        
-        from authentication.backends.oauth2_provider import utils
-        utils.get_or_create_jumpserver_client_application()
--- a/apps/jumpserver/settings/libs.py
+++ b/apps/jumpserver/settings/libs.py
@@ -231,4 +231,5 @@ OAUTH2_PROVIDER = {
    'ACCESS_TOKEN_EXPIRE_SECONDS': CONFIG.OAUTH2_PROVIDER_ACCESS_TOKEN_EXPIRE_SECONDS,
    'REFRESH_TOKEN_EXPIRE_SECONDS': CONFIG.OAUTH2_PROVIDER_REFRESH_TOKEN_EXPIRE_SECONDS,
 }
-OAUTH2_PROVIDER_CLIENT_REDIRECT_URI = 'jms://auth/callback'
+OAUTH2_PROVIDER_CLIENT_REDIRECT_URI = 'jms://auth/callback'
+OAUTH2_PROVIDER_JUMPSERVER_CLIENT_NAME = 'JumpServer Client'