feature(增加应用权限变更通知):

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IStaffAssignAuthInfoFacade.java

@@ -209,4 +209,15 @@ public interface IStaffAssignAuthInfoFacade {
      */
     @GetMapping("getAppLitByUserId")
     List<AppDataSensitiveLevelDTO> getAppLitByUserId(@RequestParam("userId") String userId);
+
+    /**
+     * 缓存用户令牌
+     *
+     * @param idcard    身份证号
+     * @param userToken 用户令牌
+     * @param expAt     失效时间（秒）
+     */
+    @PostMapping("cacheUserToken")
+    void cacheUserToken(@RequestParam("idcard") String idcard, @RequestParam("userToken") String userToken, @RequestParam("expAt") Integer expAt);
+
 }

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/HwAppPermissionUpdateNotificationReqVO.java

@@ -0,0 +1,40 @@
+package com.dragoninfo.dcuc.auth.auth.vo;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 应用权限变更通知请求
+ *
+ * @author huangzqa
+ * @date 2021/4/6
+ **/
+@Data
+public class HwAppPermissionUpdateNotificationReqVO {
+
+    /**
+     * 消息ID
+     */
+    private String messageId;
+
+    /**
+     * 操作类型
+     */
+    private String operateType;
+
+    /**
+     * 变更的用户令牌
+     */
+    private List<String> tokens;
+
+    /**
+     * 原因
+     */
+    private String reason;
+
+    /**
+     * 是否通知两个网关
+     */
+    private Boolean notify;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/vo/HwAppPermissionUpdateNotificationRespVO.java

@@ -0,0 +1,38 @@
+package com.dragoninfo.dcuc.auth.auth.vo;
+
+import lombok.Data;
+
+/**
+ * 应用权限变更通知请求
+ *
+ * @author huangzqa
+ * @date 2021/4/6
+ **/
+@Data
+public class HwAppPermissionUpdateNotificationRespVO {
+
+    public static final String SUCCESS_STATUS = "success";
+
+    public static final String SUCCESS_CODE = "1000";
+
+    /**
+     * 消息ID
+     */
+    private String messageId;
+
+    /**
+     * 状态
+     */
+    private String status;
+
+    /**
+     * 状态码
+     */
+    private String code;
+
+    /**
+     * 消息
+     */
+    private String message;
+
+}

dcuc-auth-service/pom.xml

@@ -140,6 +140,12 @@
             <version>1.0-SNAPSHOT</version>
         </dependency>
 
+        <!--重试-->
+        <dependency>
+            <groupId>org.springframework.retry</groupId>
+            <artifactId>spring-retry</artifactId>
+        </dependency>
+
         <!--配置第三方组件结束-->
     </dependencies>
     <packaging>${project.packaging}</packaging>

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/AuthRedisConstant.java

@@ -0,0 +1,21 @@
+package com.dragoninfo.dcuc.auth;
+
+/**
+ * @author huangzqa
+ * @date 2021/4/6
+ **/
+public class AuthRedisConstant {
+
+    private AuthRedisConstant() {
+
+    }
+
+    /**
+     * 令牌命名空间
+     */
+    public static final String REDIS_TOKEN_NAMESPACE = "DCUC-USER:";
+    /**
+     * 用户令牌命名空间
+     */
+    public static final String REDIS_USER_TOKEN_NAMESPACE = REDIS_TOKEN_NAMESPACE + "USER:";
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/async/subscribe/PermissionServiceUpdateMessage.java

@@ -4,7 +4,6 @@ import cn.hutool.json.JSONUtil;
 import com.dragoninfo.dcuc.auth.auth.dto.AppServiceCodeDto;
 import com.dragoninfo.dcuc.auth.auth.dto.ServiceChangeNoticeDto;
 import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthResult;
-import com.dragoninfo.dcuc.auth.auth.service.IPermissionUpdateService;
 import com.dragoninfo.dcuc.auth.auth.service.IServiceAuthResultService;
 import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
 import com.dragoninfo.dcuc.auth.config.DcucAuthConfig;
@@ -43,9 +42,6 @@ public class PermissionServiceUpdateMessage {
     @Autowired
     private IServiceAuthResultService serviceAuthResultService;
 
-    @Autowired
-    private IPermissionUpdateService permissionUpdateService;
-
     /**
      * 服务变更通知
      *
@@ -72,7 +68,7 @@ public class PermissionServiceUpdateMessage {
                     vo.setServiceCode(item.getServiceCode());
                     serviceAuthenticationResVOS.add(vo);
                 });
-                permissionUpdateService.setAuthtionResultToRedis(appServiceCodeDto.getAppCode(), serviceAuthenticationResVOS);
+                serviceAuthResultService.setAuthtionResultToRedis(appServiceCodeDto.getAppCode(), serviceAuthenticationResVOS);
             }
         }
     }
@@ -99,7 +95,7 @@ public class PermissionServiceUpdateMessage {
 
         logger.info("Service permission update request body : {}", JSONUtil.toJsonStr(httpEntity));
         try {
-            ResponseMessage result = restTemplate.postForObject(dcucAuthConfig.getPermissionUrl() + DcucConstantsUtil.PERMISSION_URL,
+            ResponseMessage result = restTemplate.postForObject(dcucAuthConfig.getServicePermissionUrl(),
                     httpEntity, ResponseMessage.class);
             //todo 是否要处理返回结果,增加重试次数
             logger.info("Service permission update response: {} ", JsonUtils.toJSONString(result));

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/ServiceAuthFacade.java

@@ -7,7 +7,6 @@ import com.dragoninfo.dcuc.auth.auth.dto.ServiceAuthFlowDTO;
 import com.dragoninfo.dcuc.auth.auth.dto.WorkFlowResutlAcceptDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthResult;
 import com.dragoninfo.dcuc.auth.auth.service.IAuthFlowService;
-import com.dragoninfo.dcuc.auth.auth.service.IPermissionUpdateService;
 import com.dragoninfo.dcuc.auth.auth.service.IServiceAuthResultService;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/StaffAssignAuthInfoFacade.java

@@ -27,11 +27,6 @@ public class StaffAssignAuthInfoFacade implements IStaffAssignAuthInfoFacade {
     @Autowired
     private IStaffAssignAuthInfoService staffAssignAuthInfoService;
 
-//    @Override
-//    public ResponseStatus saveStaffRoleAuth(String staffJson, String appId, String roleId, String orgId, String appOrgId, SecurityUser user) {
-//        return staffAssignAuthInfoService.saveStaffRoleAuth(staffJson, appId, roleId, orgId, appOrgId, user);
-//    }
-
     @Override
     public ResponseStatus saveStaffRoleAuth(RoleAuthDto dto) {
         return staffAssignAuthInfoService.saveStaffRoleAuth(dto.getStaffJson(), dto.getDelStaffJson(), dto.getAppId(),
@@ -116,7 +111,13 @@ public class StaffAssignAuthInfoFacade implements IStaffAssignAuthInfoFacade {
 
     @Override
     public List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId) {
+
         return staffAssignAuthInfoService.getAppLitByUserId(userId);
     }
 
+    @Override
+    public void cacheUserToken(String idcard, String userToken, Integer expAt) {
+        staffAssignAuthInfoService.cacheUserToken(idcard, userToken, expAt);
+    }
+
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/IPermissionUpdateService.java

@@ -1,24 +0,0 @@
-package com.dragoninfo.dcuc.auth.auth.service;
-
-import com.dragoninfo.dcuc.auth.auth.dto.AppServiceCodeDto;
-import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
-
-import java.util.List;
-
-/**
- * @Author yica
- * @Date 2021/2/24 9:58
- **/
-public interface IPermissionUpdateService {
-
-
-
-    /**
-     * 服务变更通知
-     * @param dtoList
-     */
-    void serviceChangeNotice(List<AppServiceCodeDto> dtoList);
-
-
-     void setAuthtionResultToRedis(String appCode,List<ServiceAuthenticationResVO>  serviceCodes);
-}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/IServiceAuthResultService.java

@@ -4,6 +4,7 @@ package com.dragoninfo.dcuc.auth.auth.service;
 import com.dragoninfo.dcuc.auth.auth.dto.ServiceAuthResultDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthFlow;
 import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthResult;
+import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.core.search.Searchable;
 import org.springframework.data.domain.Page;
@@ -12,6 +13,7 @@ import java.util.List;
 
 /**
  * 服务授权结果service
+ *
  * @author mazq
  * @date 2020/11/26
  */
@@ -19,6 +21,7 @@ public interface IServiceAuthResultService {
 
     /**
      * 保存授权结果
+     *
      * @param serviceAuthResult
      * @return
      */
@@ -26,6 +29,7 @@ public interface IServiceAuthResultService {
 
     /**
      * 查询全部
+     *
      * @return List<ServiceAuthResult>
      */
     List<ServiceAuthResult> findAuthResultAll();
@@ -39,7 +43,8 @@ public interface IServiceAuthResultService {
 
     /**
      * 根据appCode和serviceCode查询授权结果
-     * @param appCode 应用编码
+     *
+     * @param appCode     应用编码
      * @param serviceCode 服务编码
      * @return
      */
@@ -47,6 +52,7 @@ public interface IServiceAuthResultService {
 
     /**
      * 根据appCode查询授权结果
+     *
      * @param appCode
      * @return
      */
@@ -54,6 +60,7 @@ public interface IServiceAuthResultService {
 
     /**
      * 服务授权工作单审批结果处理
+     *
      * @param
      * @param
      */
@@ -61,24 +68,30 @@ public interface IServiceAuthResultService {
 
     /**
      * 服务鉴权
+     *
      * @param appCode
      */
-     Object serviceAuthentication(String appCode);
+    Object serviceAuthentication(String appCode);
 
     /**
      * 保存
+     *
      * @param dto
      * @return
      */
     ResponseDTO saveServiceAuthResult(ServiceAuthResultDTO dto);
+
     /**
      * 删除
+     *
      * @param id
      * @return ResponseDTO
      */
     ResponseDTO delServiceAuthResult(String id);
+
     /**
      * 修改
+     *
      * @param dto
      * @return
      */
@@ -90,6 +103,7 @@ public interface IServiceAuthResultService {
 
     /**
      * 根据appCode查询 服务结果和服务表关联表
+     *
      * @param appCode
      * @return
      */
@@ -97,7 +111,10 @@ public interface IServiceAuthResultService {
 
     /**
      * 发送服务的消息
+     *
      * @param serviceCode
      */
-     void sendPermssionServiceUpdate(String serviceCode,String type);
+    void sendPermssionServiceUpdate(String serviceCode, String type);
+
+    void setAuthtionResultToRedis(String appCode, List<ServiceAuthenticationResVO> serviceCodes);
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/IStaffAssignAuthInfoService.java

@@ -11,7 +11,6 @@ import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
 import com.dragonsoft.duceap.base.entity.security.SecurityUser;
 import org.springframework.data.domain.Page;
-import org.springframework.web.bind.annotation.RequestParam;
 
 import java.util.List;
 import java.util.Map;
@@ -109,7 +108,7 @@ public interface IStaffAssignAuthInfoService extends IOldBaseService<StaffAssign
      * @param staffId 人员ID
      * @return 授权信息
      */
-    List<StaffAssignAuthInfo> getByStaffId(@RequestParam("staffId") String staffId);
+    List<StaffAssignAuthInfo> getByStaffId(String staffId);
 
     /**
      * 根据应用代码获取授权数量
@@ -170,4 +169,13 @@ public interface IStaffAssignAuthInfoService extends IOldBaseService<StaffAssign
      */
     List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId);
 
+    /**
+     * 缓存用户令牌
+     *
+     * @param idcard    身份证号
+     * @param userToken 用户令牌
+     * @param expAt     失效时间（秒）
+     */
+    void cacheUserToken(String idcard, String userToken, Integer expAt);
+
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/PermissionUpdateService.java

@@ -1,121 +0,0 @@
-package com.dragoninfo.dcuc.auth.auth.service.impl;
-
-import com.dragoninfo.dcuc.auth.auth.dto.AppServiceCodeDto;
-import com.dragoninfo.dcuc.auth.auth.dto.ServiceChangeNoticeDto;
-import com.dragoninfo.dcuc.auth.auth.entity.ServiceAuthResult;
-import com.dragoninfo.dcuc.auth.auth.service.IPermissionUpdateService;
-import com.dragoninfo.dcuc.auth.auth.service.IServiceAuthResultService;
-import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
-import com.dragoninfo.dcuc.auth.config.DcucAuthConfig;
-import com.dragoninfo.dcuc.auth.util.DcucConstantsUtil;
-import com.dragonsoft.duceap.commons.util.UUIDUtils;
-import com.dragonsoft.duceap.commons.util.collections.CollectionUtils;
-import com.dragonsoft.duceap.commons.util.string.StringUtils;
-import com.dragonsoft.duceap.core.entity.response.ResponseMessage;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.data.redis.core.RedisTemplate;
-import org.springframework.http.CacheControl;
-import org.springframework.http.HttpEntity;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.MediaType;
-import org.springframework.http.client.SimpleClientHttpRequestFactory;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-import org.springframework.web.client.RestTemplate;
-
-import javax.annotation.Resource;
-import java.util.*;
-import java.util.concurrent.TimeUnit;
-
-/**
- * 服务变更
- *
- * @Author yica
- * @Date 2021/2/24 9:59
- **/
-@Transactional(rollbackFor = Exception.class)
-@Service
-public class PermissionUpdateService implements IPermissionUpdateService {
-    private static Logger logger = LoggerFactory.getLogger(PermissionUpdateService.class);
-
-
-    @Autowired
-    private DcucAuthConfig dcucAuthConfig;
-    @Autowired
-    private IServiceAuthResultService serviceAuthResultService;
-
-    @Resource(name = "redisTemplate")
-    private RedisTemplate<String, Object> redisTemplate;
-
-
-    /**
-     * 服务变更通知
-     * @param dtoList
-     */
-    @Override
-    public void serviceChangeNotice(List<AppServiceCodeDto> dtoList){
-        ServiceChangeNoticeDto serviceChangeNoticeDto=new ServiceChangeNoticeDto();
-        serviceChangeNoticeDto.setMessageId(UUIDUtils.getUUID());
-        serviceChangeNoticeDto.setContents(dtoList);
-        //服务变更通知
-        sendMessage(serviceChangeNoticeDto);
-        for (AppServiceCodeDto appServiceCodeDto : dtoList) {
-            List<ServiceAuthResult> results = serviceAuthResultService.getByAppCode(appServiceCodeDto.getAppCode());
-            List<String> list = new ArrayList<>();
-            list.add(appServiceCodeDto.getAppCode());
-            if(StringUtils.isNotEmpty(appServiceCodeDto.getAppCode())){
-                /*修改此处对应修改 服务鉴权 AuthServiceController authentication方法*/
-                List<ServiceAuthenticationResVO>  serviceAuthenticationResVOS= new ArrayList<>();
-                results.forEach(item->{
-                    ServiceAuthenticationResVO vo=new ServiceAuthenticationResVO();
-                    vo.setServiceCode(item.getServiceCode());
-                    serviceAuthenticationResVOS.add(vo);
-                });
-                this.setAuthtionResultToRedis(appServiceCodeDto.getAppCode(),serviceAuthenticationResVOS);
-            }
-        }
-
-    }
-
-    /**
-     * 设置鉴权结果到redis
-     * @param appCode
-     * @param list
-     */
-    @Override
-    public void setAuthtionResultToRedis(String appCode,List<ServiceAuthenticationResVO> list) {
-        if (CollectionUtils.isNotEmpty(list)){
-            redisTemplate.opsForValue().set(DcucConstantsUtil.AUTHENTICATION_SPACE + appCode, list,1, TimeUnit.HOURS);
-        }
-    }
-
-    /**
-     * 发送请求
-     *
-     * @param dto 参数
-     */
-    public void sendMessage( ServiceChangeNoticeDto dto) {
-        RestTemplate restTemplate = new RestTemplate();
-        //设置超时时间
-        SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
-        requestFactory.setReadTimeout(5000);
-        requestFactory.setConnectTimeout(5000);
-        restTemplate.setRequestFactory(requestFactory);
-        HttpHeaders headers = new HttpHeaders();
-        //设置请求头
-        headers.setContentType(MediaType.APPLICATION_JSON);
-        headers.setCacheControl(CacheControl.noCache());
-        //参数
-        HttpEntity<ServiceChangeNoticeDto> httpEntity = new HttpEntity<>(dto, headers);
-        try {
-            ResponseMessage result = restTemplate.postForObject(dcucAuthConfig.getPermissionUrl() + DcucConstantsUtil.PERMISSION_URL, httpEntity, ResponseMessage.class);
-            //todo 是否要处理返回结果
-            logger.info("返回成功");
-        }catch (Exception e){
-            logger.error("PermissionUpdateService.sendMessage()请求失败:",e);
-        }
-    }
-
-}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/ServiceAuthResultServiceImpl.java

@@ -16,7 +16,6 @@ import com.dragoninfo.dcuc.auth.auth.enumresources.WokrFlowPermissionTypeEnum;
 import com.dragoninfo.dcuc.auth.auth.enumresources.WorkFlowStatusEnum;
 import com.dragoninfo.dcuc.auth.auth.enumresources.WorkFlowTypeEnum;
 import com.dragoninfo.dcuc.auth.auth.po.ServiceAuthResultPO;
-import com.dragoninfo.dcuc.auth.auth.service.IPermissionUpdateService;
 import com.dragoninfo.dcuc.auth.auth.service.IServiceAuthResultService;
 import com.dragoninfo.dcuc.auth.auth.vo.ServiceAuthenticationResVO;
 import com.dragoninfo.dcuc.auth.util.DcucConstantsUtil;
@@ -39,6 +38,7 @@ import org.springframework.transaction.annotation.Transactional;
 
 import javax.annotation.Resource;
 import java.util.*;
+import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
 /**
@@ -51,7 +51,7 @@ import java.util.stream.Collectors;
 public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
 
     @Resource(name = "redisTemplate")
-    private RedisTemplate<String, String> redisTemplate;
+    private RedisTemplate<String, Object> redisTemplate;
 
     @Autowired
     private IApplyInfoFacade applyInfoFacade;
@@ -61,8 +61,6 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
 
     @Autowired
     IServiceResourceFacade iServiceResourceFacade;
-    @Autowired
-    private IPermissionUpdateService permissionUpdateService;
 
     @Autowired
     private PermssionServiceUpdateEventBus permssionServiceUpdateEventBus;
@@ -134,7 +132,7 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
         List<ServiceResource> resources = iServiceResourceFacade.getServiceByServiceCodes(list);
         Map<String, ServiceResource> map = resources
                 .stream()
-                .collect(Collectors.toMap(ServiceResource::getServiceCode, item -> item,(old,last)->last));
+                .collect(Collectors.toMap(ServiceResource::getServiceCode, item -> item, (old, last) -> last));
 
         String appCode = serviceAuthFlow.getAppCode();
         String appId = applyInfoFacade.codeConvertToId(appCode);
@@ -151,7 +149,7 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
         List<ServiceAuthResult> allAuthResults = getByAppCode(appCode);
         Map<String, ServiceAuthResult> allAuthResultMap = allAuthResults
                 .stream()
-                .collect(Collectors.toMap(ServiceAuthResult::getServiceCode, item -> item,(old,last)->last));
+                .collect(Collectors.toMap(ServiceAuthResult::getServiceCode, item -> item, (old, last) -> last));
         Date date = new Date();
         if (WorkFlowTypeEnum.SERVICE_AUTH.getValue().equals(serviceAuthFlow.getFlowType())) {
             //判断工作单是长期还是自定义
@@ -170,8 +168,8 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
             //授权工作单
             //新增授权
             for (String serviceCode : map.keySet()) {
-                    //已经存在的更新
-                if(allAuthResultMap.keySet().contains(serviceCode)){
+                //已经存在的更新
+                if (allAuthResultMap.keySet().contains(serviceCode)) {
                     ServiceAuthResult serviceAuthResult = allAuthResultMap.get(serviceCode);
                     serviceAuthResult.setStartTime(startTime);
                     serviceAuthResult.setEndTime(endTime);
@@ -179,7 +177,7 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
                     serviceAuthResult.setUpdateTime(date);
                     serviceAuthResult.setFlowId(serviceAuthFlow.getFlowId());
                     serviceAuthResultBPO.update(serviceAuthResult);
-                }else {
+                } else {
                     //不存在的新增
                     ServiceAuthResult serviceAuthResult = new ServiceAuthResult();
                     serviceAuthResult.setAppCode(appCode);
@@ -218,6 +216,7 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
 
     /**
      * 使用异步事件发送消息
+     *
      * @param appCode
      * @param addServiceCodes
      * @param delServiceCodes
@@ -225,8 +224,8 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
     private void sendPermssionService(String appCode, List<String> addServiceCodes, List<String> delServiceCodes) {
         //使用异步事件发送消息
         //服务变更消息通知
-        AppServiceCodeDto appServiceCodeDto=new AppServiceCodeDto(appCode,addServiceCodes,delServiceCodes);
-        List<AppServiceCodeDto> appServiceCodeDtoList=new ArrayList<>();
+        AppServiceCodeDto appServiceCodeDto = new AppServiceCodeDto(appCode, addServiceCodes, delServiceCodes);
+        List<AppServiceCodeDto> appServiceCodeDtoList = new ArrayList<>();
         appServiceCodeDtoList.add(appServiceCodeDto);
         permssionServiceUpdateEventBus.post(appServiceCodeDtoList);
     }
@@ -259,7 +258,7 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
                 list.add(serviceAuthenticationResVO);
             }
             //鉴权结果存到缓存
-            permissionUpdateService.setAuthtionResultToRedis(appCode, list);
+            setAuthtionResultToRedis(appCode, list);
             return list;
         } else {
             return redisValue;
@@ -268,65 +267,68 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
 
     /**
      * 保存
+     *
      * @param dto
      * @return
      */
     @Override
-    public ResponseDTO saveServiceAuthResult(ServiceAuthResultDTO dto){
-       try{
-
-           ServiceAuthResult result=new ServiceAuthResult();
-           BeanUtils.copyProperties(dto,result);
-           ApplyInfo app = applyInfoFacade.applyDetail(dto.getAppId());
-           Boolean aBoolean = serviceAuthResultBPO.serviceCodeCheck(app.getApplyCode(), dto.getServiceCode(),null);
-           if (aBoolean){
-               return ResponseDTO.fail("保存失败,重复的服务授权",new ServiceAuthResult());
-           }
-           result.setAppId(app.getId());
-           result.setAppCode(app.getApplyCode());
-           result.setDeleted(BooleanEnum.FALSE.value);
-           ServiceResource serviceResource = serviceResourceFacade.detailByCode(dto.getServiceCode());
-           result.setServiceId(serviceResource.getId());
-           this.saveAuthResult(result);
-           List<String> addServiceCodes=new ArrayList<>();
-           addServiceCodes.add(result.getServiceCode());
-           this.sendPermssionService(result.getAppCode(),addServiceCodes,new ArrayList<>());
-       }catch (Exception e){
-            log.error("save ServiceAuthResult error :",e);
-           return ResponseDTO.fail("保存失败",new ServiceAuthResult());
-       }
-       return ResponseDTO.success("保存成功",null);
+    public ResponseDTO saveServiceAuthResult(ServiceAuthResultDTO dto) {
+        try {
+
+            ServiceAuthResult result = new ServiceAuthResult();
+            BeanUtils.copyProperties(dto, result);
+            ApplyInfo app = applyInfoFacade.applyDetail(dto.getAppId());
+            Boolean aBoolean = serviceAuthResultBPO.serviceCodeCheck(app.getApplyCode(), dto.getServiceCode(), null);
+            if (aBoolean) {
+                return ResponseDTO.fail("保存失败,重复的服务授权", new ServiceAuthResult());
+            }
+            result.setAppId(app.getId());
+            result.setAppCode(app.getApplyCode());
+            result.setDeleted(BooleanEnum.FALSE.value);
+            ServiceResource serviceResource = serviceResourceFacade.detailByCode(dto.getServiceCode());
+            result.setServiceId(serviceResource.getId());
+            this.saveAuthResult(result);
+            List<String> addServiceCodes = new ArrayList<>();
+            addServiceCodes.add(result.getServiceCode());
+            this.sendPermssionService(result.getAppCode(), addServiceCodes, new ArrayList<>());
+        } catch (Exception e) {
+            log.error("save ServiceAuthResult error :", e);
+            return ResponseDTO.fail("保存失败", new ServiceAuthResult());
+        }
+        return ResponseDTO.success("保存成功", null);
     }
 
     /**
      * 删除
+     *
      * @param id
      * @return ResponseDTO
      */
     @Override
-    public ResponseDTO delServiceAuthResult(String id){
+    public ResponseDTO delServiceAuthResult(String id) {
         ServiceAuthResult result = serviceAuthResultBPO.get(id);
         result.setDeleted(BooleanEnum.TRUE.value);
         serviceAuthResultBPO.update(result);
         //发送消息
-        List<String> delServiceCodes=new ArrayList<>();
+        List<String> delServiceCodes = new ArrayList<>();
         delServiceCodes.add(result.getServiceCode());
-        this.sendPermssionService(result.getAppCode(),new ArrayList<>(),delServiceCodes);
-        return ResponseDTO.success("删除成功",null);
+        this.sendPermssionService(result.getAppCode(), new ArrayList<>(), delServiceCodes);
+        return ResponseDTO.success("删除成功", null);
     }
 
     /**
      * 修改
+     *
      * @param dto
      * @return
      */
     @Override
-    public ResponseDTO updateServiceAuthResult(ServiceAuthResultDTO dto){
-        Boolean aBoolean = serviceAuthResultBPO.serviceCodeCheck(dto.getAppCode(), dto.getServiceCode(),dto.getId());
-        if (aBoolean){
-            return ResponseDTO.fail("保存失败,重复的服务授权",new ServiceAuthResult());
+    public ResponseDTO updateServiceAuthResult(ServiceAuthResultDTO dto) {
+        Boolean aBoolean = serviceAuthResultBPO.serviceCodeCheck(dto.getAppCode(), dto.getServiceCode(), dto.getId());
+        if (aBoolean) {
+            return ResponseDTO.fail("保存失败,重复的服务授权", new ServiceAuthResult());
         }
-        ServiceAuthResult result=serviceAuthResultBPO.get(dto.getId());
+        ServiceAuthResult result = serviceAuthResultBPO.get(dto.getId());
         //BeanUtils.copyProperties(result,dto);
         ApplyInfo app = applyInfoFacade.applyDetail(dto.getAppId());
         result.setAppId(app.getId());
@@ -339,25 +341,24 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
         result.setUpdateTime(new Date());
         serviceAuthResultBPO.update(result);
         //发送消息 todo 算新增还是修改？
-        List<String> addServiceCodes=new ArrayList<>();
+        List<String> addServiceCodes = new ArrayList<>();
         addServiceCodes.add(result.getServiceCode());
-        this.sendPermssionService(result.getAppCode(),addServiceCodes,new ArrayList<>());
-        return ResponseDTO.success("修改成功",null);
+        this.sendPermssionService(result.getAppCode(), addServiceCodes, new ArrayList<>());
+        return ResponseDTO.success("修改成功", null);
     }
 
     /**
-     *
      * @param searchable
      * @return
      */
     @Override
-    public Page<ServiceAuthResultDTO> serviceAuthResultPage(Searchable searchable){
+    public Page<ServiceAuthResultDTO> serviceAuthResultPage(Searchable searchable) {
         searchable.addSearchFilter("deleted", SearchOperator.eq, BooleanEnum.FALSE.getValue());
         Page<ServiceAuthResultPO> paging = serviceAuthResultBPO.serviceAuthResultPage(searchable);
-        List<ServiceAuthResultDTO> dtos=new ArrayList<>();
-        paging.forEach(item->{
-            ServiceAuthResultDTO dto=new ServiceAuthResultDTO();
-            BeanUtils.copyProperties(item,dto);
+        List<ServiceAuthResultDTO> dtos = new ArrayList<>();
+        paging.forEach(item -> {
+            ServiceAuthResultDTO dto = new ServiceAuthResultDTO();
+            BeanUtils.copyProperties(item, dto);
             dto.setAuthStatus(item.getServiceStatus());
             dtos.add(dto);
         });
@@ -368,49 +369,51 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
 
     @Override
     public ServiceAuthResultDTO getDetail(String id) {
-        ServiceAuthResult result=serviceAuthResultBPO.get(id);
-        ServiceAuthResultDTO dto=new ServiceAuthResultDTO();
-        BeanUtils.copyProperties(result,dto);
+        ServiceAuthResult result = serviceAuthResultBPO.get(id);
+        ServiceAuthResultDTO dto = new ServiceAuthResultDTO();
+        BeanUtils.copyProperties(result, dto);
         return dto;
 
     }
 
     /**
      * 查询结果
+     *
      * @param appCode
      * @return
      */
     @Override
-    public List<ServiceAuthResult> serviceAuthResultList(String appCode){
+    public List<ServiceAuthResult> serviceAuthResultList(String appCode) {
         return this.serviceAuthResultBPO.serviceAuthResultList(appCode);
     }
 
     /**
      * 发送删除服务的消息
+     *
      * @param serviceCode
      */
     @Override
-    public void sendPermssionServiceUpdate(String serviceCode,String type){
-        Map map=new HashMap();
-        map.put("serviceCode",serviceCode);
-        map.put("deleted",BooleanEnum.FALSE.value);
+    public void sendPermssionServiceUpdate(String serviceCode, String type) {
+        Map map = new HashMap();
+        map.put("serviceCode", serviceCode);
+        map.put("deleted", BooleanEnum.FALSE.value);
 
         List<ServiceAuthResult> serviceAuthResultList = this.serviceAuthResultBPO.andsearch(ServiceAuthResult.class, map);
-        Set<String> appCodes=new HashSet<>();
+        Set<String> appCodes = new HashSet<>();
         //挑出要变更服务涉及到的app并去重
-        serviceAuthResultList.forEach(item->{
+        serviceAuthResultList.forEach(item -> {
             appCodes.add(item.getAppCode());
         });
         //拼接数据
-        List<AppServiceCodeDto> dtos=new ArrayList<>();
-        appCodes.forEach(appCode->{
-            AppServiceCodeDto dto=new AppServiceCodeDto();
-            List<String> addServiceCodes=new ArrayList<>();
-            List<String> delServiceCodes=new ArrayList<>();
-            serviceAuthResultList.forEach(result->{
-                if ("DELETED".equals(type)&&appCode.equals(result.getAppCode())){
+        List<AppServiceCodeDto> dtos = new ArrayList<>();
+        appCodes.forEach(appCode -> {
+            AppServiceCodeDto dto = new AppServiceCodeDto();
+            List<String> addServiceCodes = new ArrayList<>();
+            List<String> delServiceCodes = new ArrayList<>();
+            serviceAuthResultList.forEach(result -> {
+                if ("DELETED".equals(type) && appCode.equals(result.getAppCode())) {
                     delServiceCodes.add(result.getServiceCode());
-                }else {
+                } else {
                     addServiceCodes.add(result.getServiceCode());
                 }
             });
@@ -419,9 +422,23 @@ public class ServiceAuthResultServiceImpl implements IServiceAuthResultService {
             dto.setDelServiceCodes(delServiceCodes);
             dtos.add(dto);
         });
-        if (CollectionUtils.isNotEmpty(dtos)){
+        if (CollectionUtils.isNotEmpty(dtos)) {
             permssionServiceUpdateEventBus.post(dtos);
         }
     }
 
+    /**
+     * 设置鉴权结果到redis
+     *
+     * @param appCode
+     * @param list
+     */
+    @Override
+    public void setAuthtionResultToRedis(String appCode, List<ServiceAuthenticationResVO> list) {
+        if (CollectionUtils.isNotEmpty(list)) {
+            redisTemplate.opsForValue().set(DcucConstantsUtil.AUTHENTICATION_SPACE + appCode, list, 1, TimeUnit.HOURS);
+        }
+    }
+
+
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/StaffAssignAuthInfoService.java

@@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import com.dragoninfo.dcuc.app.entity.ApplyInfo;
 import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
+import com.dragoninfo.dcuc.auth.AuthRedisConstant;
 import com.dragoninfo.dcuc.auth.auth.async.StaffAssignAuthEventCenterBus;
 import com.dragoninfo.dcuc.auth.auth.bpo.RoleAuthInfoBPO;
 import com.dragoninfo.dcuc.auth.auth.bpo.StaffAssignAuthInfoBPO;
@@ -48,13 +49,16 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Sort;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 
+import javax.annotation.Resource;
 import java.text.SimpleDateFormat;
 import java.util.*;
+import java.util.concurrent.TimeUnit;
 
 @Service
 @Transactional
@@ -86,6 +90,8 @@ public class StaffAssignAuthInfoService extends BaseService<StaffAssignAuthInfo,
     @Autowired
     private IOrgInfoFacade orgInfoFacade;
 
+    @Resource(name = "redisTemplate")
+    private RedisTemplate<String, Object> redisTemplate;
 
     @Override
     public List<StaffAllotVO> getStaffAuth(String orgId, String staffId, String roleId, String appId) {
@@ -1058,4 +1064,9 @@ public class StaffAssignAuthInfoService extends BaseService<StaffAssignAuthInfo,
     public List<AppDataSensitiveLevelDTO> getAppLitByUserId(String userId) {
         return staffAssignAuthInfoBPO.getAppLitByUserId(userId);
     }
+
+    @Override
+    public void cacheUserToken(String idcard, String userToken, Integer expAt) {
+        redisTemplate.opsForValue().set(AuthRedisConstant.REDIS_USER_TOKEN_NAMESPACE + idcard, userToken, expAt, TimeUnit.SECONDS);
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/INotifyBusiness.java

@@ -0,0 +1,19 @@
+package com.dragoninfo.dcuc.auth.business;
+
+import java.util.List;
+
+
+/**
+ * @author huangzqa
+ * @date 2021/3/17
+ **/
+public interface INotifyBusiness {
+
+    /**
+     * 发送应用变更通知
+     *
+     * @param userToken 用户令牌
+     */
+    void sendAppPermissionUpdateNotify(List<String> userToken);
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/NotifyBusinessImpl.java

@@ -0,0 +1,78 @@
+package com.dragoninfo.dcuc.auth.business.impl;
+
+import cn.hutool.http.HttpUtil;
+import cn.hutool.json.JSONUtil;
+import com.dragoninfo.dcuc.auth.auth.vo.HwAppPermissionUpdateNotificationReqVO;
+import com.dragoninfo.dcuc.auth.auth.vo.HwAppPermissionUpdateNotificationRespVO;
+import com.dragoninfo.dcuc.auth.business.INotifyBusiness;
+import com.dragoninfo.dcuc.auth.config.DcucAuthConfig;
+import com.dragoninfo.dcuc.common.utils.ResponseUtil;
+
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
+import com.dragonsoft.duceap.commons.util.UUIDUtils;
+import com.dragonsoft.duceap.commons.util.json.JsonUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.remoting.RemoteAccessException;
+import org.springframework.retry.annotation.Backoff;
+import org.springframework.retry.annotation.Recover;
+import org.springframework.retry.annotation.Retryable;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+/**
+ * @author huangzqa
+ * @date 2021/3/17
+ **/
+@Slf4j
+@Service
+public class NotifyBusinessImpl implements INotifyBusiness {
+
+    @Autowired
+    private DcucAuthConfig dcucAuthConfig;
+
+    @Retryable(value = RemoteAccessException.class,
+            maxAttempts = 5,
+            backoff = @Backoff(delay = 5000)
+    )
+    @Override
+    public void sendAppPermissionUpdateNotify(List<String> tokenList) {
+        String notifyUrl = dcucAuthConfig.getAppPermissionUrl();
+
+        HwAppPermissionUpdateNotificationReqVO reqVO = new HwAppPermissionUpdateNotificationReqVO();
+        String uuid = UUIDUtils.getUUID();
+        reqVO.setMessageId(uuid);
+        reqVO.setNotify(true);
+        reqVO.setOperateType("UPDATE");
+        reqVO.setReason("app permission update");
+        reqVO.setTokens(tokenList);
+
+        String postJson = JSONUtil.toJsonStr(reqVO);
+        log.info("App permission notify URL:{}", notifyUrl);
+        log.info("App permission notify post content:{}", postJson);
+        String postResp;
+        try {
+            postResp = HttpUtil.post(notifyUrl, postJson);
+        } catch (Exception e) {
+            log.error("Post error", e);
+            throw new RemoteAccessException(e.getMessage());
+        }
+
+        log.info("App permission notify post response:{}", postResp);
+        HwAppPermissionUpdateNotificationRespVO responseStatus = JsonUtils.parseObject(postResp, HwAppPermissionUpdateNotificationRespVO.class);
+        if (!responseStatus.getStatus().equals(HwAppPermissionUpdateNotificationRespVO.SUCCESS_CODE)) {
+            log.error("App permission error :{}", responseStatus.getMessage());
+            throw new RemoteAccessException(responseStatus.getMessage());
+        }
+
+        if (!uuid.equals(responseStatus.getMessageId())) {
+            throw new RemoteAccessException(responseStatus.getMessage());
+        }
+    }
+
+    @Recover
+    public void recover(RemoteAccessException e) {
+        log.error("Remote error", e);
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/config/DcucAuthConfig.java

@@ -24,7 +24,6 @@ public class DcucAuthConfig {
     private String menuNoclear;
 
 
-
     /**
      * 普通用户角色代码roleCode
      */
@@ -36,8 +35,13 @@ public class DcucAuthConfig {
     private String roleManagerCode;
 
     /*
-    * 服务变更通知地址
-    */
-    private String permissionUrl;
+     * 服务变更通知地址
+     */
+    private String servicePermissionUrl;
+
+    /**
+     * 应用权限变更通知
+     */
+    private String appPermissionUrl;
 
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/msg/PermissionUpdateProducer.java

@@ -1,7 +1,7 @@
 package com.dragoninfo.dcuc.auth.msg;
 
-import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
-import com.dragoninfo.dcuc.auth.config.DcucAuthConfig;
+import com.dragoninfo.dcuc.auth.AuthRedisConstant;
+import com.dragoninfo.dcuc.auth.business.INotifyBusiness;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -9,10 +9,10 @@ import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Component;
 
 import javax.annotation.Resource;
-import java.text.SimpleDateFormat;
 import java.util.ArrayList;
-import java.util.Date;
 import java.util.List;
+import java.util.Objects;
+import java.util.stream.Collectors;
 
 /**
  * 权限变更生产者
@@ -26,20 +26,11 @@ public class PermissionUpdateProducer {
     public static final Logger logger = LoggerFactory.getLogger(PermissionUpdateProducer.class);
 
     @Autowired
-    private DcucAuthConfig dcucAuthConfig;
-
-
-
-    @Autowired
-    private IApplyInfoFacade applyInfoFacade;
+    private INotifyBusiness notifyBusiness;
 
     @Resource(name = "redisTemplate")
     private RedisTemplate<String, Object> redisTemplate;
 
-    /**
-     * 成功标识
-     */
-    private static final String SUCCESS_CODE = "200";
 
     /**
      * 发生应用消息
@@ -48,12 +39,7 @@ public class PermissionUpdateProducer {
      * @param appId      应用代码
      */
     public void sendAppMessage(List<String> idcardList, String appId) {
-//
-//        ApplyInfo applyInfo = applyInfoFacade.applyDetail(appId);
-//        String applyCode = applyInfo.getApplyCode();
-//        String appTopic = dcucAuthConfig.getMessagePermissionUpdateAppTopic();
-//
-//        sendMessageByPage(appTopic, "应用权限变更", idcardList, applyCode);
+        sendMessageByPage(idcardList);
     }
 
     /**
@@ -72,6 +58,7 @@ public class PermissionUpdateProducer {
      * @param userTokens 用户令牌
      */
     public void sendAppMessageByTokens(List<String> userTokens) {
+
 //        String appTopic = dcucAuthConfig.getMessagePermissionUpdateAppTopic();
 //
 //        sendMessageIsNotifyByUserTokens(appTopic, "应用权限变更", "", userTokens);
@@ -90,38 +77,41 @@ public class PermissionUpdateProducer {
     /**
      * 分页发生消息
      *
-     * @param topic      消息主题
      * @param idcardList 人员列表
      */
-    private void sendMessageByPage(String topic, String title, List<String> idcardList, String applyCode) {
-//        int size = dcucAuthConfig.getMessagePermissionUpdateSize();
-//        logger.info("Start send message, topic:{}, title:{},appCode:{} ", topic, title, applyCode);
-//
-//        List<int[]> pageList = getPageList(idcardList.size(), size);
-//        // 根据分页大小进行发送消息，防止过大
-//        pageList.forEach(page -> {
-//            // 进行分页
-//            List<String> tempList = idcardList.subList(page[0], page[1]).stream()
-//                    // 加上认证下发的用户令牌前缀
-//                    .map(item -> RedisConstant.AUTH_USER_TOKEN + item)
-//                    .collect(Collectors.toList());
-//
-//            logger.info("start send message , limit({},{})", page[0], page[1]);
-//
-//            List<Object> userTokenList = redisTemplate.opsForValue().multiGet(tempList);
-//            // 过滤出 null 的情况
-//            List<String> stringUserTokenList = userTokenList.stream()
-//                    .filter(Objects::nonNull)
-//                    .map(Object::toString)
-//                    .collect(Collectors.toList());
-//
-//            logger.info("start userTokenList size {}", userTokenList.size());
-//
-//            sendMessageIsNotifyByUserTokens(topic, title, applyCode, stringUserTokenList);
-//
-//            logger.info("Send message end , limit({},{})", page[0], page[1]);
-//
-//        });
+    private void sendMessageByPage(List<String> idcardList) {
+        int size = 100;
+
+        List<int[]> pageList = getPageList(idcardList.size(), size);
+        // 根据分页大小进行发送消息，防止过大
+        pageList.forEach(page -> {
+            // 进行分页
+            List<String> tempList = idcardList.subList(page[0], page[1]).stream()
+                    // 加上认证下发的用户令牌前缀
+                    .map(item -> AuthRedisConstant.REDIS_USER_TOKEN_NAMESPACE + item)
+                    .collect(Collectors.toList());
+
+            logger.info("start send message , limit({},{})", page[0], page[1]);
+
+            List<Object> userTokenList = redisTemplate.opsForValue().multiGet(tempList);
+
+            if (userTokenList == null) {
+                logger.info("UserToken is Empty.");
+                return;
+            }
+            // 过滤出 null 的情况
+            List<String> stringUserTokenList = userTokenList.stream()
+                    .filter(Objects::nonNull)
+                    .map(Object::toString)
+                    .collect(Collectors.toList());
+
+            logger.info("start userTokenList size {}", userTokenList.size());
+
+            notifyBusiness.sendAppPermissionUpdateNotify(stringUserTokenList);
+
+            logger.info("Send message end , limit({},{})", page[0], page[1]);
+
+        });
     }
 
     /**
@@ -215,10 +205,6 @@ public class PermissionUpdateProducer {
 
     }
 
-    private String createAndFormatDate() {
-        SimpleDateFormat sdf = new SimpleDateFormat("yyyyMMddHHmmss");
-        return sdf.format(new Date());
-    }
 
     /**
      * 获取分页列表

dcuc-auth-service/src/main/resources/application-auth.yml

@@ -5,8 +5,6 @@ dcuc:
     role-manager-code: DCUC_MANAGER
     role-normal-code: DCUC_COMMON_USER
     #服务变更通知
-    #todo后续配置
-    permission-url: http://127.0.0.1/
     kafka:
       app-key: dcuc69000787
       app-secret: dcuc01494668
@@ -24,6 +22,8 @@ dcuc:
       busServiceFunc: saveUsingPOST
       #审批中心kafka topic
       topic: 10000027
+    app-permission-url: http://127.0.0.1:8080/tacs/appPermissionUpdateNotification
+    service-permission-url: http://127.0.0.1/permission/service