Merge branch 'mazq-jiekouyouhua-230523' into 'develop'

Mazq jiekouyouhua 230523

See merge request dcuc-tjdsj/auth-back!147

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/controller/StaffRoleAuthController.java

@@ -132,12 +132,7 @@ public class StaffRoleAuthController {
     @PutMapping("role/users")
     public ApiResult userRoleSave(HttpServletRequest request, @Valid @RequestBody UserRoleAuthReqVO userRoleAuthReqVO) {
         String operateIdcard = HeadTokenUtils.getIdcard(request);
-        String userToken = HeadTokenUtils.getUserToken(request);
 
-        if (StringUtils.isBlank(operateIdcard)) {
-            DecodedJWT decode = JWT.decode(userToken);
-            operateIdcard = decode.getClaim("idCard").asString();
-        }
         if (StringUtils.isBlank(operateIdcard)) {
             return ApiResult.setFailMessage("操作人身份证号为空");
         }

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/controller/WorkFlowApiController.java

@@ -32,6 +32,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 
 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
+import java.util.Optional;
 
 /**
  * @author mazq
@@ -54,17 +55,14 @@ public class WorkFlowApiController {
     @ResponseBody
     public ApiResult serviceAuthFlowSave(@RequestBody @Validated ServiceAuthFlowAcceptVo serviceAuthFlowVo, HttpServletRequest request) {
         String idcard = HeadTokenUtils.getIdcard(request);
-        String userToken = HeadTokenUtils.getUserToken(request);
         String applyAppCode = HeadTokenUtils.getAppCode(request);
-        String user = idcard;
-        if (StringUtils.isBlank(user)) {
-            DecodedJWT decode = JWT.decode(userToken);
-            user = decode.getClaim("idCard").asString();
+        if (StringUtils.isBlank(idcard)) {
+            return ApiResult.setFailMessage("用户凭据为空");
         }
         ServiceAuthFlowDTO dto = new ServiceAuthFlowDTO();
         setAppServiceInfo(dto, serviceAuthFlowVo);
         BeanUtils.copyProperties(serviceAuthFlowVo, dto, "serviceCodes", "serviceNames");
-        dto.setUser(user);
+        dto.setUser(idcard);
         dto.setApplyAppCode(applyAppCode);
         ResponseDTO responseDTO = serviceAuthFlowFacade.serviceAuthFlowSave(dto);
         String statusCode = responseDTO.getStatusCode();

src/main/java/com/dragoninfo/dcuc/authweb/util/HeadTokenUtils.java

@@ -1,7 +1,10 @@
 package com.dragoninfo.dcuc.authweb.util;
 
 import cn.hutool.core.util.StrUtil;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.dragoninfo.dcuc.common.Constants;
+import com.dragonsoft.duceap.commons.util.string.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -12,11 +15,20 @@ import javax.servlet.http.HttpServletRequest;
 public class HeadTokenUtils {
 
     public static String getIdcard(HttpServletRequest request) {
+        // 获取基础凭据
         String idcard = request.getHeader(Constants.IDCARD);
+        // 获取总线的IDCARD
         if (StrUtil.isBlank(idcard)) {
-            // 获取总线的IDCARD
             idcard = request.getHeader(Constants.BUS_SRE_IDCARD);
         }
+        // 获取令牌中的身份证号
+        if (StringUtils.isBlank(idcard)) {
+            String userToken = getUserToken(request);
+            if (StringUtils.isNotBlank(userToken)) {
+                DecodedJWT decode = JWT.decode(userToken);
+                idcard = decode.getClaim("idCard").asString();
+            }
+        }
         return idcard;
     }
 
@@ -26,6 +38,11 @@ public class HeadTokenUtils {
             // 获取总线的应用代码
             appCode = request.getHeader(Constants.BUS_SRA_ID);
         }
+        if (StringUtils.isBlank(appCode)) {
+            String appToken = getAppToken(request);
+            DecodedJWT decode = JWT.decode(appToken);
+            appCode = decode.getClaim("appCode").asString();
+        }
         return appCode;
     }