apolloconfig · nobodyiam · Jun 26, 2021 · Apr 24, 2021 · Apr 24, 2021 · May 15, 2021
diff --git a/...-openapi/src/main/java/com/ctrip/framework/apollo/openapi/client/ApolloOpenApiClient.java b/...-openapi/src/main/java/com/ctrip/framework/apollo/openapi/client/ApolloOpenApiClient.java
@@ -71,6 +71,15 @@ public List<OpenAppDTO> getAllApps() {
     return appService.getAppsInfo(null);
   }
 
+  /**
+   * Get applications which can be operated by current open api client.
+   *
+   * @return app's information
+   */
+  public List<OpenAppDTO> getAuthorizedApps() {
+    return this.appService.getAuthorizedApps();
+  }
+
   /**
    * Get App information by app ids
    */

diff --git a/...pi/src/main/java/com/ctrip/framework/apollo/openapi/client/service/AppOpenApiService.java b/...pi/src/main/java/com/ctrip/framework/apollo/openapi/client/service/AppOpenApiService.java
@@ -47,4 +47,13 @@ public List<OpenAppDTO> getAppsInfo(List<String> appIds) {
       throw new RuntimeException(String.format("Load app information for appIds: %s failed", appIds), ex);
     }
   }
+
+  public List<OpenAppDTO> getAuthorizedApps() {
+    String path = "authorized/apps";
+    try(CloseableHttpResponse response = this.get(path)) {
+      return gson.fromJson(EntityUtils.toString(response.getEntity()), OPEN_APP_DTO_LIST_TYPE);
+    } catch (Throwable ex) {
+      throw new RuntimeException("Load authorized apps failed", ex);
+    }
+  }
 }
diff --git a/...portal/src/main/java/com/ctrip/framework/apollo/openapi/service/AuthorizationService.java b/...portal/src/main/java/com/ctrip/framework/apollo/openapi/service/AuthorizationService.java
@@ -0,0 +1,70 @@
+package com.ctrip.framework.apollo.openapi.service;
+
+import com.ctrip.framework.apollo.common.entity.App;
+import com.ctrip.framework.apollo.openapi.dto.OpenAppDTO;
+import com.ctrip.framework.apollo.openapi.entity.ConsumerRole;
+import com.ctrip.framework.apollo.openapi.repository.ConsumerRoleRepository;
+import com.ctrip.framework.apollo.openapi.util.OpenApiBeanUtils;
+import com.ctrip.framework.apollo.portal.entity.po.Role;
+import com.ctrip.framework.apollo.portal.repository.RoleRepository;
+import com.ctrip.framework.apollo.portal.service.AppService;
+import com.ctrip.framework.apollo.portal.util.RoleUtils;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author wxq
+ */
+@Service
+public class AuthorizationService {
+
+  private final ConsumerService consumerService;
+
+  private final AppService appService;
+
+  @Autowired
+  private ConsumerRoleRepository consumerRoleRepository;
+
+  @Autowired
+  private RoleRepository roleRepository;
+
+  public AuthorizationService(
+      ConsumerService consumerService,
+      AppService appService) {
+    this.consumerService = consumerService;
+    this.appService = appService;
+  }
+
+  private Set<String> getAppIdsByRoleIds(List<Long> roleIds) {
+    Iterable<Role> roleIterable = this.roleRepository.findAllById(roleIds);
+
+    List<String> roleNames = new ArrayList<>();
+    for (Role role : roleIterable) {
+      if (!role.isDeleted()) {
+        roleNames.add(role.getRoleName());
+      }
+    }
+
+    Set<String> appIds = roleNames.stream().map(RoleUtils::extractAppIdFromRoleName)
+        .collect(Collectors.toSet());
+
+    return appIds;
+  }
+
+  public List<OpenAppDTO> getAuthorizedApps(String token) {
+    long consumerId = this.consumerService.getConsumerIdByToken(token);
+    List<ConsumerRole> consumerRoles = this.consumerRoleRepository.findByConsumerId(consumerId);
+    List<Long> roleIds = consumerRoles.stream().map(ConsumerRole::getRoleId)
+        .collect(Collectors.toList());
+
+    Set<String> appIds = this.getAppIdsByRoleIds(roleIds);
+
+    List<App> apps = this.appService.findByAppIds(appIds);
+    List<OpenAppDTO> openAppDTOS = OpenApiBeanUtils.transformFromApps(apps);
+    return openAppDTOS;
+  }
+}
diff --git a/...c/main/java/com/ctrip/framework/apollo/openapi/v1/controller/AuthorizationController.java b/...c/main/java/com/ctrip/framework/apollo/openapi/v1/controller/AuthorizationController.java
@@ -0,0 +1,34 @@
+package com.ctrip.framework.apollo.openapi.v1.controller;
+
+import com.ctrip.framework.apollo.openapi.dto.OpenAppDTO;
+import com.ctrip.framework.apollo.openapi.service.AuthorizationService;
+import java.util.List;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpHeaders;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * Let open api know self's permission.
+ *
+ * @author wxq
+ * @since 1.9.0
+ */
+@RestController("openapiAuthorizationController")
+@RequestMapping("/openapi/v1")
+public class AuthorizationController {
+
+  @Autowired
+  private AuthorizationService authorizationService;
+
+  /**
+   * @return which apps can be operated by open api
+   */
+  @GetMapping("/authorized/apps")
+  public List<OpenAppDTO> getAuthorizedApps(
+      @RequestHeader(HttpHeaders.AUTHORIZATION) String token) {
+    return this.authorizationService.getAuthorizedApps(token);
+  }
+}