refactor: rename idp fields to provider naming

2026-04-03 01:05:01 +08:00
parent 467f2b4867
commit ef27162903
35 changed files with 239 additions and 235 deletions
--- a/backend/app/services/idp_admin_service.py
+++ b/backend/app/services/idp_admin_service.py
@@ -11,31 +11,31 @@ from app.core.config import Settings


@dataclass
-class KeycloakSyncResult:
+class ProviderSyncResult:
    user_id: str
    action: str
    user_sub: str | None = None


@dataclass
-class KeycloakPasswordResetResult:
+class ProviderPasswordResetResult:
    user_id: str
    temporary_password: str


@dataclass
-class KeycloakDeleteResult:
+class ProviderDeleteResult:
    action: str
    user_id: str | None = None


@dataclass
-class KeycloakGroupSyncResult:
+class ProviderGroupSyncResult:
    group_id: str
    action: str


-class KeycloakAdminService:
+class ProviderAdminService:
    def __init__(self, settings: Settings) -> None:
        self.base_url = settings.keycloak_base_url.rstrip("/")
        self.realm = settings.keycloak_realm
@@ -188,8 +188,8 @@ class KeycloakAdminService:
        username: str | None,
        display_name: str | None,
        is_active: bool = True,
-        idp_user_id: str | None = None,
-    ) -> KeycloakSyncResult:
+        provider_user_id: str | None = None,
+    ) -> ProviderSyncResult:
        resolved_username = username or self._safe_username(sub=sub, email=email)
        first_name = display_name or resolved_username
        payload = {
@@ -202,7 +202,7 @@ class KeycloakAdminService:
        }

        with self._client() as client:
-            existing = self._lookup_user_by_id(client, idp_user_id) if idp_user_id else None
+            existing = self._lookup_user_by_id(client, provider_user_id) if provider_user_id else None
            if existing is None:
                existing = self._lookup_user_by_email_or_username(client, email=email, username=resolved_username)

@@ -211,7 +211,7 @@ class KeycloakAdminService:
                put_resp = client.put(f"/admin/realms/{self.realm}/users/{user_id}", json=payload)
                if put_resp.status_code >= 400:
                    raise HTTPException(status_code=502, detail="idp_update_failed")
-                return KeycloakSyncResult(user_id=user_id, action="updated", user_sub=user_id)
+                return ProviderSyncResult(user_id=user_id, action="updated", user_sub=user_id)

            create_resp = client.post(f"/admin/realms/{self.realm}/users", json=payload)
            if create_resp.status_code >= 400:
@@ -224,7 +224,7 @@ class KeycloakAdminService:
                user_id = str(found["id"]) if found and found.get("id") else ""
            if not user_id:
                raise HTTPException(status_code=502, detail="idp_create_failed")
-            return KeycloakSyncResult(user_id=user_id, action="created", user_sub=user_id)
+            return ProviderSyncResult(user_id=user_id, action="created", user_sub=user_id)

    def ensure_group(
        self,
@@ -233,7 +233,7 @@ class KeycloakAdminService:
        group_id: str | None = None,
        parent_group_id: str | None = None,
        attributes: dict[str, str | list[str]] | None = None,
-    ) -> KeycloakGroupSyncResult:
+    ) -> ProviderGroupSyncResult:
        if not name:
            raise HTTPException(status_code=400, detail="idp_group_name_required")
        normalized_attrs = self._normalize_group_attributes(attributes)
@@ -249,7 +249,7 @@ class KeycloakAdminService:
                put_resp = client.put(f"/admin/realms/{self.realm}/groups/{resolved_id}", json=payload)
                if put_resp.status_code >= 400:
                    raise HTTPException(status_code=502, detail="idp_group_update_failed")
-                return KeycloakGroupSyncResult(group_id=resolved_id, action="updated")
+                return ProviderGroupSyncResult(group_id=resolved_id, action="updated")

            payload = {"name": name, "attributes": normalized_attrs}
            if parent_group_id:
@@ -266,28 +266,28 @@ class KeycloakAdminService:
                resolved_id = str(found.get("id")) if found and found.get("id") else ""
            if not resolved_id:
                raise HTTPException(status_code=502, detail="idp_group_create_failed")
-            return KeycloakGroupSyncResult(group_id=resolved_id, action="created")
+            return ProviderGroupSyncResult(group_id=resolved_id, action="created")

-    def delete_group(self, *, group_id: str | None) -> KeycloakDeleteResult:
+    def delete_group(self, *, group_id: str | None) -> ProviderDeleteResult:
        if not group_id:
-            return KeycloakDeleteResult(action="not_found")
+            return ProviderDeleteResult(action="not_found")
        with self._client() as client:
            resp = client.delete(f"/admin/realms/{self.realm}/groups/{group_id}")
            if resp.status_code in {204, 404}:
-                return KeycloakDeleteResult(action="deleted" if resp.status_code == 204 else "not_found")
+                return ProviderDeleteResult(action="deleted" if resp.status_code == 204 else "not_found")
            if resp.status_code >= 400:
                raise HTTPException(status_code=502, detail="idp_group_delete_failed")
-            return KeycloakDeleteResult(action="deleted")
+            return ProviderDeleteResult(action="deleted")

    def reset_password(
        self,
        *,
-        idp_user_id: str | None,
+        provider_user_id: str | None,
        email: str | None,
        username: str | None,
-    ) -> KeycloakPasswordResetResult:
+    ) -> ProviderPasswordResetResult:
        with self._client() as client:
-            existing = self._lookup_user_by_id(client, idp_user_id) if idp_user_id else None
+            existing = self._lookup_user_by_id(client, provider_user_id) if provider_user_id else None
            if existing is None:
                existing = self._lookup_user_by_email_or_username(client, email=email, username=username)
            if not existing or not existing.get("id"):
@@ -301,29 +301,29 @@ class KeycloakAdminService:
            )
            if resp.status_code >= 400:
                raise HTTPException(status_code=502, detail="idp_set_password_failed")
-            return KeycloakPasswordResetResult(user_id=user_id, temporary_password=temp_password)
+            return ProviderPasswordResetResult(user_id=user_id, temporary_password=temp_password)

    def delete_user(
        self,
        *,
-        idp_user_id: str | None,
+        provider_user_id: str | None,
        email: str | None,
        username: str | None,
-    ) -> KeycloakDeleteResult:
+    ) -> ProviderDeleteResult:
        with self._client() as client:
-            existing = self._lookup_user_by_id(client, idp_user_id) if idp_user_id else None
+            existing = self._lookup_user_by_id(client, provider_user_id) if provider_user_id else None
            if existing is None:
                existing = self._lookup_user_by_email_or_username(client, email=email, username=username)
            if not existing or not existing.get("id"):
-                return KeycloakDeleteResult(action="not_found")
+                return ProviderDeleteResult(action="not_found")

            user_id = str(existing["id"])
            resp = client.delete(f"/admin/realms/{self.realm}/users/{user_id}")
            if resp.status_code in {204, 404}:
-                return KeycloakDeleteResult(action="deleted" if resp.status_code == 204 else "not_found", user_id=user_id)
+                return ProviderDeleteResult(action="deleted" if resp.status_code == 204 else "not_found", user_id=user_id)
            if resp.status_code >= 400:
                raise HTTPException(status_code=502, detail="idp_delete_failed")
-            return KeycloakDeleteResult(action="deleted", user_id=user_id)
+            return ProviderDeleteResult(action="deleted", user_id=user_id)

    def list_groups_tree(self) -> list[dict]:
        with self._client() as client: