feat(trigger): implement complete OAuth authorization flow for trigger providers

- Add OAuth authorization URL generation API endpoint - Implement OAuth callback handler for credential storage - Support both system-level and tenant-level OAuth clients - Add trigger provider credential encryption utilities - Refactor trigger entities into separate modules - Update trigger provider service with OAuth client management - Add credential cache for trigger providers 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-04-26 05:35:58 +08:00 · 2025-08-28 15:20:15 +08:00
parent 87120ad4ac
commit a46c9238fa
13 changed files with 420 additions and 456 deletions
--- a/api/core/trigger/utils/encryption.py
+++ b/api/core/trigger/utils/encryption.py
@ -0,0 +1,49 @@
+from core.helper.provider_cache import TriggerProviderCredentialCache, TriggerProviderOAuthClientCache
+from core.plugin.entities.plugin_daemon import CredentialType
+from core.tools.utils.encryption import ProviderConfigCache, ProviderConfigEncrypter, create_provider_encrypter
+from core.trigger.entities.api_entities import TriggerProviderCredentialApiEntity
+from core.trigger.provider import PluginTriggerProviderController
+from models.trigger import TriggerProvider
+
+
+def create_trigger_provider_encrypter_for_credential(
+    tenant_id: str,
+    controller: PluginTriggerProviderController,
+    credential: TriggerProvider | TriggerProviderCredentialApiEntity,
+) -> tuple[ProviderConfigEncrypter, ProviderConfigCache]:
+    return create_provider_encrypter(
+        tenant_id=tenant_id,
+        config=controller.get_credential_schema_config(credential.credential_type),
+        cache=TriggerProviderCredentialCache(
+            tenant_id=tenant_id,
+            provider_id=str(controller.get_provider_id()),
+            credential_id=credential.id,
+        ),
+    )
+
+
+def create_trigger_provider_encrypter(
+    tenant_id: str, controller: PluginTriggerProviderController, credential_id: str, credential_type: CredentialType
+) -> tuple[ProviderConfigEncrypter, ProviderConfigCache]:
+    return create_provider_encrypter(
+        tenant_id=tenant_id,
+        config=controller.get_credential_schema_config(credential_type),
+        cache=TriggerProviderCredentialCache(
+            tenant_id=tenant_id,
+            provider_id=str(controller.get_provider_id()),
+            credential_id=credential_id,
+        ),
+    )
+
+
+def create_trigger_provider_oauth_encrypter(
+    tenant_id: str, controller: PluginTriggerProviderController
+) -> tuple[ProviderConfigEncrypter, ProviderConfigCache]:
+    return create_provider_encrypter(
+        tenant_id=tenant_id,
+        config=[x.to_basic_provider_config() for x in controller.get_oauth_client_schema()],
+        cache=TriggerProviderOAuthClientCache(
+            tenant_id=tenant_id,
+            provider_id=str(controller.get_provider_id()),
+        ),
+    )