feature: 对接审计修改

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v1/controller/AuthServiceController.java

@@ -1,5 +1,6 @@
 package com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.controller;
 
+import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.StrUtil;
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.interfaces.DecodedJWT;
@@ -12,12 +13,15 @@ import com.dragoninfo.dcuc.auth.auth.facade.IBimBusinessFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IServiceAuthFlowFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IServiceAuthResultFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IStaffAssignAuthInfoFacade;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.power.facade.IAppFunInfoFacade;
 import com.dragoninfo.dcuc.auth.sub.dto.AuthUserDTO;
 import com.dragoninfo.dcuc.auth.sub.facade.IAuthUserInfoFacade;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.AppAuthRespVO;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v1.vo.ServiceAuthResultVo;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.controller.vo.AppFunApiVo;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.authweb.util.VersionUtils;
 import com.dragoninfo.dcuc.common.Constants;
 import com.dragoninfo.dcuc.common.entity.ApiResult;
@@ -26,6 +30,7 @@ import com.dragoninfo.dcuc.common.utils.SearchableUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.enums.BooleanEnum;
+import com.dragonsoft.duceap.commons.util.ip.IpUtils;
 import com.dragonsoft.duceap.core.search.Searchable;
 import com.dragonsoft.duceap.core.search.enums.SearchOperator;
 import io.swagger.annotations.Api;
@@ -80,7 +85,10 @@ public class AuthServiceController {
     @GetMapping(value = "apps/authentication")
     @ApiOperation(value = "应用级鉴权")
     @ApiImplicitParams({@ApiImplicitParam(name = "appsAuthenticationReq", value = "应用级鉴权VO")})
-    public ApiResult appsAuthentication(@RequestHeader(Constants.DCUC_USER_TOKEN) String userToken) {
+    public ApiResult appsAuthentication(HttpServletRequest request) {
+
+        String userToken = request.getHeader(Constants.DCUC_USER_TOKEN);
+        String appToken = request.getHeader(Constants.DCUC_APP_TOKEN);
 
         if (StrUtil.isBlank(userToken)) {
             return ApiResult.setFailMessage("请传入用户令牌");
@@ -112,8 +120,16 @@ public class AuthServiceController {
 
         bimBusinessFacade.cacheUserToken(idcard, userToken, expAt);
 
-        String userId = userInfo.getId();
-        List<AppDataSensitiveLevelDTO> appList = staffAssignAuthInfoFacade.getAppLitByUserId(userId);
+        AuthUserVo userVo = new AuthUserVo();
+        BeanUtil.copyProperties(userInfo, userVo);
+        ApiAppAuthVo authVo = ApiAppAuthVo.builder()
+                .requestAppCode(HeadTokenUtils.getAppCode(request))
+                .userInfo(userVo)
+                .appToken(appToken)
+                .userToken(userToken)
+                .terminalIp(IpUtils.getIp())
+                .build();
+        List<AppDataSensitiveLevelDTO> appList = staffAssignAuthInfoFacade.apiAppAuth(authVo);
 
         List<AppAuthRespVO> respVOList = appList.stream().map(AppAuthRespVO::parseDto)
                 .collect(Collectors.toList());

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v2/controller/DataAuthApiV2Controller.java

@@ -10,6 +10,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.data.DataAuthV2RespDTO;
 import com.dragoninfo.dcuc.auth.auth.vo.DataAuthV2RespVO;
 import com.dragoninfo.dcuc.auth.api.vo.BusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.ResultRespVO;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.authweb.util.VersionUtils;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
@@ -25,6 +26,7 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import javax.servlet.http.HttpServletRequest;
 import java.util.Collections;
 import java.util.Optional;
 import java.util.Set;
@@ -48,7 +50,7 @@ public class DataAuthApiV2Controller {
     @ApiOperation(value = "数据鉴权")
     @ApiImplicitParams({@ApiImplicitParam(name = "dataAuthV2ReqVO", value = "数据资源对象")})
     @PostMapping(value = "data-auth/data-items/check")
-    public ResultRespVO<DataAuthV2RespVO> checkDataItems(@RequestBody DataAuthV2ReqVO dataAuthV2ReqVO) {
+    public ResultRespVO<DataAuthV2RespVO> checkDataItems(HttpServletRequest request, @RequestBody DataAuthV2ReqVO dataAuthV2ReqVO) {
         String appTokenId = dataAuthV2ReqVO.getAppTokenId();
 
         if (StrUtil.isBlank(appTokenId)) {
@@ -63,7 +65,7 @@ public class DataAuthApiV2Controller {
         String idcard;
         try {
             DecodedJWT decode = JWT.decode(appTokenId);
-             idcard = decode.getClaim("idCard").asString();
+            idcard = decode.getClaim("idCard").asString();
         } catch (Exception e) {
             log.error("appTokenId parse error.", e);
             return ResultRespVO.resultEnumMessage(BusinessRespEnum.TOKEN_FAIL);
@@ -75,6 +77,9 @@ public class DataAuthApiV2Controller {
         DataAuthV2ReqDTO v2ReqDTO = new DataAuthV2ReqDTO();
         v2ReqDTO.setIdcard(idcard);
         v2ReqDTO.setResourceId(resourceId);
+        v2ReqDTO.setAppToken(appTokenId);
+        v2ReqDTO.setUserToken(HeadTokenUtils.getUserToken(request));
+        v2ReqDTO.setRequestAppCode(HeadTokenUtils.getAppCode(request));
 
         ResponseDTO<DataAuthV2RespDTO> dto = apiDataAuthFacade.dataItemsCheckV2(v2ReqDTO);
         if (!ResponseUtil.isSuccess(dto)) {

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/authservice/v4/controller/AuthV4Controller.java

@@ -14,15 +14,18 @@ import com.dragoninfo.dcuc.auth.auth.dto.data.DataAuthV2RespDTO;
 import com.dragoninfo.dcuc.auth.auth.facade.IRoleFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IServiceAuthFlowFacade;
 import com.dragoninfo.dcuc.auth.auth.facade.IStaffAssignAuthInfoFacade;
+import com.dragoninfo.dcuc.auth.auth.vo.ApiAppAuthVo;
 import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
 import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
 import com.dragoninfo.dcuc.auth.token.facade.IAuthTokenFacade;
 import com.dragoninfo.dcuc.auth.token.vo.TokenDetailRespVo;
 import com.dragoninfo.dcuc.auth.token.vo.UserTokenInfoRespVO;
 import com.dragoninfo.dcuc.authweb.restcontroller.api.authservice.v4.vo.*;
+import com.dragoninfo.dcuc.authweb.util.HeadTokenUtils;
 import com.dragoninfo.dcuc.common.utils.LangUtil;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
+import com.dragonsoft.duceap.commons.util.ip.IpUtils;
 import io.swagger.annotations.Api;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -91,8 +94,14 @@ public class AuthV4Controller {
 
         authTokenFacade.cacheStandardUserToken(userInfo.getIdcard(), userToken.getId(), expiredTime);
 
-        String userId = userInfo.getId();
-        List<AppDataSensitiveLevelDTO> appList = staffAssignAuthInfoFacade.getAppLitByUserId(userId);
+        ApiAppAuthVo authVo = ApiAppAuthVo.builder()
+                .requestAppCode(tokenInfo.getAppToken().getAppId())
+                .userInfo(userInfo)
+                .appToken(appTokenId)
+                .userToken(userToken.getId())
+                .terminalIp(IpUtils.getIp())
+                .build();
+        List<AppDataSensitiveLevelDTO> appList = staffAssignAuthInfoFacade.apiAppAuth(authVo);
 
         StringBuilder appAuthBuilder = new StringBuilder();
 
@@ -206,6 +215,9 @@ public class AuthV4Controller {
         DataAuthV2ReqDTO v2ReqDTO = new DataAuthV2ReqDTO();
         v2ReqDTO.setIdcard(userInfo.getIdcard());
         v2ReqDTO.setResourceId(resourceId);
+        v2ReqDTO.setAppToken(appTokenId);
+        v2ReqDTO.setUserToken(tokenInfo.getUserToken().getId());
+        v2ReqDTO.setRequestAppCode(tokenInfo.getAppToken().getAppId());
 
         ResponseDTO<DataAuthV2RespDTO> dto = apiDataAuthFacade.dataItemsCheckV2(v2ReqDTO);
         if (!ResponseUtil.isSuccess(dto)) {