角色授权申请开发

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/api/IZeroTrustAuthApplyFacade.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.auth.api;
+
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.ApiRoleAuthReqVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.AuthApplyRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiAppRoleRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiRolesReqVo;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/23
+ */
+@FeignClient(name = "dcuc-auth", path = "/dcuc/auth/zeroTrustAuthApplyFacade")
+public interface IZeroTrustAuthApplyFacade {
+
+    /**
+     * 角色列表查询
+     * @param reqVo
+     * @return
+     */
+    @PostMapping(value = "appRoleInfos")
+    ZeroTrustDataRespVO<List<ApiAppRoleRespVo>> appRoleInfos(@RequestBody ApiRolesReqVo reqVo);
+
+    /**
+     * 角色授权申请
+     *
+     * @param reqVo
+     * @return
+     */
+    @PostMapping(value = "roleAuthApply")
+    ZeroTrustDataRespVO<AuthApplyRespVo> roleAuthApply(@RequestBody ApiRoleAuthReqVo reqVo);
+
+    /**
+     * 授权申请审批结果回调
+     * @param callBackReqVO
+     * @return
+     */
+    @PostMapping("callBack")
+    ZeroTrustMessageRespVO callBack(@RequestBody ApprovalCallBackReqVO callBackReqVO);
+}

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/api/IZeroTrustAuthFacade.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.api;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.*;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IApprovalFacade.java

@@ -1,9 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.facade;
 
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
 import com.dragoninfo.dcuc.auth.auth.dto.ApprovalDto;
 import com.dragoninfo.dcuc.auth.auth.entity.FuncApproval;
-import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -50,13 +48,4 @@ public interface IApprovalFacade {
 
     @PostMapping(value = "applyResult")
     ResponseDTO applyResult(@RequestBody ApprovalDto approvalDto);
-
-    /**
-     * 审批回调
-     *
-     * @param approvalCallBackReqVO 审批回调请求
-     * @return 状态
-     */
-    @PostMapping("callBack")
-    ZeroTrustMessageRespVO callBack(@RequestBody ApprovalCallBackReqVO approvalCallBackReqVO);
 }

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/IRoleInfoFacade.java

@@ -136,15 +136,6 @@ public interface IRoleInfoFacade {
     ResponseDTO roleQuotaUpdate(@RequestParam("roleId") String roleId,
                                 @RequestParam("initNum") Long initNum);
 
-    /**
-     * 根据appIds获取角色列表
-     *
-     * @param appIds
-     * @return
-     */
-    @RequestMapping(value = "getRolesByAppIds")
-    List<RoleInfo> getRolesByAppIds(@RequestParam("appIds") String appIds);
-
     /**
      * 分页查询机构拥有的应用角色配额情况
      *
@@ -182,15 +173,6 @@ public interface IRoleInfoFacade {
     @PostMapping(value = "staffRoleList")
     List<RoleInfoVO> staffRoleList(@RequestBody SearchDTO searchDTO);
 
-    /**
-     * 根据角色代码获取角色信息
-     *
-     * @param roleCode 角色代码
-     * @return 角色信息
-     */
-    @GetMapping("getRoleInfoByCode")
-    RoleInfo getRoleInfoByCode(@RequestParam("roleCode") String roleCode);
-
     /**
      * 角色授权模块
      * 角色视图 角色列表

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/enums/zerotrust/AuthApplyRespEnum.java

@@ -0,0 +1,44 @@
+package com.dragoninfo.dcuc.auth.api.enums.zerotrust;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author mazq
+ * @date 2023/11/23
+ */
+public enum AuthApplyRespEnum implements ICodeEnum {
+
+    SUCCESS("0", "操作成功"),
+    USER_NOT_EXIST("1", "人员不存在"),
+    APP_NOT_EXIST("2", "应用资源不存在"),
+    ROLE_NOT_EXIST("3", "应用角色不存在"),
+    SERVICE_NOT_EXIST("4", "服务资源不存在"),
+
+    OTHER("99", "其他类型错误");
+
+    private String value;
+    private String label;
+
+    AuthApplyRespEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+    @Override
+    public String getValue() {
+        return value;
+    }
+
+    public void setValue(String value) {
+        this.value = value;
+    }
+
+    @Override
+    public String getLabel() {
+        return label;
+    }
+
+    public void setLabel(String label) {
+        this.label = label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authapply/ApiRoleAuthContentVo.java

@@ -0,0 +1,29 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/22
+ */
+@Data
+@ApiModel(value = "角色授权申请内容Vo")
+public class ApiRoleAuthContentVo {
+
+    @ApiModelProperty(value = "被申请授权人员身份证号")
+    private String applyUserIdcard;
+
+    @ApiModelProperty(value = "需要申请授权的应用编码")
+    private String appCode;
+
+    @NotEmpty
+    @ApiModelProperty(value = "需要授权的角色编码集合")
+    private List<String> roleCodes;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authapply/ApiRoleAuthReqVo.java

@@ -0,0 +1,27 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotEmpty;
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/22
+ */
+@Data
+@ApiModel(value = "api-角色授权申请Vo")
+public class ApiRoleAuthReqVo {
+
+    @NotBlank
+    @ApiModelProperty(value = "申请方应用令牌")
+    private String appTokenId;
+
+    @NotEmpty
+    @ApiModelProperty(value = "角色授权申请内容")
+    private List<ApiRoleAuthContentVo> contents;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authapply/AuthApplyRespVo.java

@@ -0,0 +1,36 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply;
+
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.AuthApplyRespEnum;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/23
+ */
+@Data
+public class AuthApplyRespVo {
+
+    /**
+     * @see com.dragoninfo.dcuc.auth.api.enums.zerotrust.AuthApplyRespEnum
+     */
+    @ApiModelProperty(value = "业务状态码")
+    private String respCode;
+
+    @ApiModelProperty(value = "业务响应内容")
+    private List<String> respContent;
+
+    @ApiModelProperty(value = "业务消息提示")
+    private String respMsg;
+
+    public static AuthApplyRespVo success() {
+        AuthApplyRespVo vo = new AuthApplyRespVo();
+        vo.setRespMsg(AuthApplyRespEnum.SUCCESS.getLabel());
+        vo.setRespCode(AuthApplyRespEnum.SUCCESS.getValue());
+        return vo;
+    }
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/AppAuthReqVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/AppAuthReqVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/DataAuthReqVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/DataAuthReqVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/DataAuthRespVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/DataAuthRespVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import lombok.Data;
 

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/FunctionAuthReqVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/FunctionAuthReqVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ServiceAuthReqVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/ServiceAuthReqVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/UserOrgAuthReqVO.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/authticate/UserOrgAuthReqVO.java

@@ -1,5 +1,5 @@
 
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate;
 
 import lombok.Data;
 

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/role/ApiAppRoleRespVo.java

@@ -0,0 +1,26 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.role;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/22
+ */
+@Data
+@ApiModel(value = "应用角色信息Vo")
+public class ApiAppRoleRespVo {
+
+    @ApiModelProperty(value = "应用编码")
+    private String appCode;
+
+    @ApiModelProperty(value = "应用名称")
+    private String appName;
+
+    @ApiModelProperty(value = "应用下的角色信息")
+    private List<ApiRoleRespVo> roleInfos;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/role/ApiRoleRespVo.java

@@ -0,0 +1,23 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.role;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+/**
+ * @author mazq
+ * @date 2023/11/22
+ */
+@Data
+@ApiModel(value = "角色信息Vo")
+public class ApiRoleRespVo {
+
+    @ApiModelProperty(value = "角色名称")
+    private String roleName;
+
+
+    @ApiModelProperty(value = "角色编码")
+    private String roleCode;
+
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/role/ApiRolesReqVo.java

@@ -0,0 +1,25 @@
+package com.dragoninfo.dcuc.auth.api.vo.zerotrust.role;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/22
+ */
+@Data
+@ApiModel(value = "应用角色信息请求Vo")
+public class ApiRolesReqVo {
+
+    @NotBlank
+    @ApiModelProperty(value = "应用令牌")
+    private String appTokenId;
+
+    @ApiModelProperty(value = "需要查询的应用编码集合")
+    private List<String> appCodes;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/auth/dto/RoleAuthApplyDto.java

@@ -0,0 +1,27 @@
+package com.dragoninfo.dcuc.auth.auth.dto;
+
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.ApplyRoleInVo;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * 角色授权申请推送审批Dto
+ * @author mazq
+ * @date 2023/11/23
+ */
+@Data
+public class RoleAuthApplyDto {
+
+    /**
+     * 被授权人信息
+     */
+    private AuthUserVo userInfo;
+
+    /**
+     * 授权申请内容
+     */
+    private List<ApplyRoleInVo> applyRoleIns;
+
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/TokenDetailRespVo.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/token/vo/AppTokenDetailRespVo.java

@@ -7,6 +7,8 @@ import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
+import java.util.Objects;
+
 /**
  * 令牌详情响应结果
  *
@@ -17,7 +19,7 @@ import lombok.NoArgsConstructor;
 @NoArgsConstructor
 @AllArgsConstructor
 @Data
-public class TokenDetailRespVo {
+public class AppTokenDetailRespVo {
 
     /**
      * 根据令牌标识查询的用户信息
@@ -39,7 +41,12 @@ public class TokenDetailRespVo {
      */
     private UserTokenInfoRespVO userToken;
 
-    public static TokenDetailRespVo empty() {
-        return new TokenDetailRespVo();
+    public static AppTokenDetailRespVo empty() {
+        return new AppTokenDetailRespVo();
+    }
+
+    public boolean isEmpty() {
+        return Objects.isNull(this.appToken) || Objects.isNull(this.userToken);
     }
+
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/bpo/RoleInfoBPO.java

@@ -238,8 +238,9 @@ public class RoleInfoBPO extends BaseBPO<RoleInfo, String> {
         return PersistentFactory.getJdbcDao().paging(sqlBuffer.toString(), searchable, RoleInfoVO.class, orgId, orgId, orgId, applicationId);
     }
 
-    public List<RoleInfo> getRolesByAppIds(String appIds) {
-        String hql = "from RoleInfo t where t.isActive = '1' and ? like concat('%',concat(t.appId,'%'))";
+    public List<RoleInfo> getRolesByAppIds(Collection<String> appIds) {
+        String collect = appIds.stream().collect(Collectors.joining("','"));
+        String hql = "from RoleInfo t where t.isActive = '1' and t.appId in ('" + collect + "')";
         return PersistentFactory.getHibernateDao().find(hql, new Object[]{appIds});
     }
 
@@ -311,4 +312,10 @@ public class RoleInfoBPO extends BaseBPO<RoleInfo, String> {
             return roleInfos.get(0);
         }
     }
+
+    public List<RoleInfo> getByCodes(List<String> roleCodes) {
+        String collect = roleCodes.stream().collect(Collectors.joining("','"));
+        String sql = "SELECT * FROM T_ROLE_INFO WHERE CODE IN ('" + collect + "') AND IS_ACTIVE = '1'";
+        return PersistentFactory.getJdbcDao().queryForList(sql, RoleInfo.class);
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustAppAuthBusiness.java

@@ -5,7 +5,7 @@ import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
 import com.dragoninfo.dcuc.auth.api.enums.securitypolicy.AuthTypeEnum;
 import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.AppAuthReqVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.AppAuthReqVO;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.async.BusiEventPublisher;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustDataAuthBusiness.java

@@ -2,8 +2,8 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.DataAuthReqVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.DataAuthRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.DataAuthReqVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.DataAuthRespVO;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;
@@ -16,7 +16,7 @@ import com.dragoninfo.dcuc.auth.business.zerotrust.IApiCommonBusiness;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IAuthTokenBusiness;
 import com.dragoninfo.dcuc.auth.sub.vo.ApplyInfoVo;
 import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
-import com.dragoninfo.dcuc.auth.token.vo.TokenDetailRespVo;
+import com.dragoninfo.dcuc.auth.token.vo.AppTokenDetailRespVo;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.enums.BooleanEnum;
@@ -71,7 +71,7 @@ public class ZeroTrustDataAuthBusiness implements IZeroTrustDataAuthBusiness {
     @Override
     public ZeroTrustDataRespVO<DataAuthRespVO> dataAuth(DataAuthReqVO dataAuthReqVO) {
         String appTokenId = dataAuthReqVO.getAppTokenId();
-        TokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
+        AppTokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
         if (null == tokenInfo) {
             log.error("查询不到应用令牌信息:{}", appTokenId);
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustFunAuthBusiness.java

@@ -2,7 +2,7 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.FunctionAuthReqVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.FunctionAuthReqVO;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;
@@ -14,7 +14,7 @@ import com.dragoninfo.dcuc.auth.business.zerotrust.IApiCommonBusiness;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IAuthTokenBusiness;
 import com.dragoninfo.dcuc.auth.sub.vo.ApplyInfoVo;
 import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
-import com.dragoninfo.dcuc.auth.token.vo.TokenDetailRespVo;
+import com.dragoninfo.dcuc.auth.token.vo.AppTokenDetailRespVo;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.enums.BooleanEnum;
@@ -69,7 +69,7 @@ public class ZeroTrustFunAuthBusiness implements IZeroTrustFunAuthBusiness {
     @Override
     public ZeroTrustDataRespVO<String> functionAuth(FunctionAuthReqVO functionAuthReqVO) {
         String appTokenId = functionAuthReqVO.getAppTokenId();
-        TokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
+        AppTokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
         if (null == tokenInfo) {
             log.error("查询不到应用令牌信息:{}", appTokenId);
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustServiceAuthBusiness.java

@@ -2,7 +2,7 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ServiceAuthReqVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.ServiceAuthReqVO;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;
@@ -13,7 +13,7 @@ import com.dragoninfo.dcuc.auth.business.zerotrust.IApiCommonBusiness;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IAuthTokenBusiness;
 import com.dragoninfo.dcuc.auth.sub.vo.ApplyInfoVo;
 import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
-import com.dragoninfo.dcuc.auth.token.vo.TokenDetailRespVo;
+import com.dragoninfo.dcuc.auth.token.vo.AppTokenDetailRespVo;
 import com.dragonsoft.duceap.base.enums.BooleanEnum;
 import com.dragonsoft.duceap.commons.util.ObjectUtils;
 import com.dragonsoft.duceap.commons.util.ip.IpUtils;
@@ -66,7 +66,7 @@ public class ZeroTrustServiceAuthBusiness implements IZeroTrustServiceAuthBusine
     @Override
     public ZeroTrustDataRespVO<String> serviceAuth(ServiceAuthReqVO serviceAuthReqVO) {
         String appTokenId = serviceAuthReqVO.getAppTokenId();
-        TokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
+        AppTokenDetailRespVo tokenInfo = authTokenBusiness.getByAppTokenId(appTokenId, true, true);
         if (null == tokenInfo) {
             log.error("查询不到应用令牌信息:{}", appTokenId);
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/zerotrust/IZeroTrustAppAuthBusiness.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.business.zerotrust;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.AppAuthReqVO;
 
 /**
  * @author mazq

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/zerotrust/IZeroTrustDataAuthBusiness.java

@@ -1,6 +1,8 @@
 package com.dragoninfo.dcuc.auth.auth.business.zerotrust;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.DataAuthReqVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.DataAuthRespVO;
 
 /**
  * @author mazq

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/zerotrust/IZeroTrustFunAuthBusiness.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.business.zerotrust;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.FunctionAuthReqVO;
 
 /**
  * @author mazq

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/zerotrust/IZeroTrustServiceAuthBusiness.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.business.zerotrust;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.ServiceAuthReqVO;
 
 /**
  * @author mazq

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/ApprovalFacade.java

@@ -5,7 +5,7 @@ import com.dragoninfo.dcuc.auth.auth.dto.ApprovalDto;
 import com.dragoninfo.dcuc.auth.auth.service.IApprovalService;
 import com.dragoninfo.dcuc.auth.auth.entity.FuncApproval;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
-import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustApprovalBusiness;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.search.SearchDTO;
@@ -25,7 +25,7 @@ public class ApprovalFacade implements IApprovalFacade {
     private IApprovalService iApprovalService;
 
     @Autowired
-    private IApprovalBusiness iApprovalBusiness;
+    private IZeroTrustApprovalBusiness zeroTrustApprovalBusiness;
 
     @Override
     public ResponseDTO authApply(String appCode, String roleCode, String userIdCard, String approvalIdCard, String reason) {
@@ -57,8 +57,4 @@ public class ApprovalFacade implements IApprovalFacade {
         return iApprovalService.applyResult(approvalDto);
     }
 
-    @Override
-    public ZeroTrustMessageRespVO callBack(ApprovalCallBackReqVO approvalCallBackReqVO) {
-      return  iApprovalBusiness.approvalCallBack(approvalCallBackReqVO);
-    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/RoleInfoFacade.java

@@ -130,11 +130,6 @@ public class RoleInfoFacade implements IRoleInfoFacade {
         return iRoleInfoService.roleQuotaSave(roleQuotaList);
     }
 
-    @Override
-    public List<RoleInfo> getRolesByAppIds(String appIds) {
-        return iRoleInfoService.getRolesByAppIds(appIds);
-    }
-
     @Override
     public Page<RoleInfoVO> getOrgRoleQuota(RoleAuthParamVo vo) {
 
@@ -173,11 +168,6 @@ public class RoleInfoFacade implements IRoleInfoFacade {
         return iRoleInfoService.staffRoleList(userId, appName, orgId,searchable.toSearchDTO());
     }
 
-    @Override
-    public RoleInfo getRoleInfoByCode(String roleCode) {
-        return iRoleInfoService.getRoleInfoByCode(roleCode);
-    }
-
     @Override
     public Page<RoleInfoVO> roleAuthRoleViewPage(SearchDTO searchDTO) {
         return iRoleInfoService.roleAuthRoleViewPage(searchDTO);

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/api/ZeroTrustAuthApplyFacade.java

@@ -0,0 +1,47 @@
+package com.dragoninfo.dcuc.auth.auth.facade.api;
+
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.ApiRoleAuthReqVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.AuthApplyRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiAppRoleRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiRolesReqVo;
+import com.dragoninfo.dcuc.auth.auth.api.IZeroTrustAuthApplyFacade;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustApprovalBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustAuthApplyBusiness;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/11/23
+ */
+@RestController
+@RequestMapping("/dcuc/auth/zeroTrustAuthApplyFacade")
+public class ZeroTrustAuthApplyFacade implements IZeroTrustAuthApplyFacade {
+
+    @Autowired
+    private IZeroTrustAuthApplyBusiness zeroTrustAuthApplyBusiness;
+
+    @Autowired
+    private IZeroTrustApprovalBusiness zeroTrustApprovalBusiness;
+
+    @Override
+    public ZeroTrustDataRespVO<List<ApiAppRoleRespVo>> appRoleInfos(ApiRolesReqVo reqVo) {
+        return zeroTrustAuthApplyBusiness.appRoleInfos(reqVo);
+    }
+
+    @Override
+    public ZeroTrustDataRespVO<AuthApplyRespVo> roleAuthApply(ApiRoleAuthReqVo reqVo) {
+        return zeroTrustAuthApplyBusiness.roleAuthApply(reqVo);
+    }
+
+    @Override
+    public ZeroTrustMessageRespVO callBack(ApprovalCallBackReqVO approvalCallBackReqVO) {
+        return zeroTrustApprovalBusiness.approvalCallBack(approvalCallBackReqVO);
+    }
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/facade/api/ZeroTrustAuthFacade.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.facade.api;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.*;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authticate.*;
 import com.dragoninfo.dcuc.auth.auth.api.IZeroTrustAuthFacade;
 import com.dragoninfo.dcuc.auth.auth.business.zerotrust.IZeroTrustAppAuthBusiness;
 import com.dragoninfo.dcuc.auth.auth.business.zerotrust.IZeroTrustDataAuthBusiness;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/IRoleInfoService.java

@@ -43,17 +43,6 @@ public interface IRoleInfoService {
      */
     ResponseDTO roleQuotaSave(String roleQuotaList) throws Exception;
 
-    /**
-     * 获取机构角色配额授权情况列表
-     *
-     * @param applicationId：应用id
-     * @param orgId：机构id         注：后续直接从缓存取??????
-     * @param searchable
-     * @return
-     */
-    Page<RoleInfoVO> getOrgRoleQuotaList(String applicationId,
-                                         String orgId, Searchable searchable);
-
 
     ResponseDTO roleQuotaUpdate(String roleId, Long initNum);
 
@@ -63,7 +52,7 @@ public interface IRoleInfoService {
      * @param appIds
      * @return
      */
-    List<RoleInfo> getRolesByAppIds(String appIds);
+    List<RoleInfo> getRolesByAppIds(Collection<String> appIds);
 
     /**
      * 根据角色ids获取角色列表
@@ -203,4 +192,11 @@ public interface IRoleInfoService {
      * @return
      */
     List<RoleInfo> getRolesByAppId(String appId);
+
+    /**
+     * 根据code获取角色信息
+     * @param roleCodes
+     * @return
+     */
+    List<RoleInfo> getByCodes(List<String> roleCodes);
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/RoleInfoService.java

@@ -256,21 +256,6 @@ public class RoleInfoService implements IRoleInfoService {
         return ResponseDTO.success("保存成功", null);
     }
 
-    /**
-     * 获取机构角色配额授权情况列表
-     *
-     * @param applicationId：应用id
-     * @param orgId：机构id         注：后续直接从缓存取??????
-     * @param searchable
-     * @return
-     */
-    @Override
-    public Page<RoleInfoVO> getOrgRoleQuotaList(String applicationId,
-                                                String orgId, Searchable searchable) {
-        Page<RoleInfoVO> page = roleInfoBPO.getOrgRoleQuotaList(applicationId, orgId, searchable);
-        return page;
-    }
-
     /**
      * 根据角色id修改角色的初始配额
      *
@@ -290,7 +275,10 @@ public class RoleInfoService implements IRoleInfoService {
      * @return
      */
     @Override
-    public List<RoleInfo> getRolesByAppIds(String appIds) {
+    public List<RoleInfo> getRolesByAppIds(Collection<String> appIds) {
+        if (CollectionUtils.isEmpty(appIds)) {
+            return Collections.emptyList();
+        }
         return roleInfoBPO.getRolesByAppIds(appIds);
     }
 
@@ -299,10 +287,6 @@ public class RoleInfoService implements IRoleInfoService {
         return roleInfoBPO.roleListByRoleIds(roleIds);
     }
 
-    public List<CountVO> getQuotoCountByAppId(String appId) {
-        return orgQuotaBPO.getQuotoCountByAppId(appId);
-    }
-
     @Override
     public Page<RoleInfoVO> getOrgRoleQuota(String applicationId, String orgId, SearchDTO searchDTO) {
         Searchable searchable = Searchable.toSearchable(searchDTO);
@@ -609,4 +593,12 @@ public class RoleInfoService implements IRoleInfoService {
     public List<RoleInfo> getRolesByAppId(String appId) {
         return roleInfoBPO.getRolesByAppId(appId);
     }
+
+    @Override
+    public List<RoleInfo> getByCodes(List<String> roleCodes) {
+        if (CollectionUtils.isEmpty(roleCodes)) {
+            return Collections.emptyList();
+        }
+        return roleInfoBPO.getByCodes(roleCodes);
+    }
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/zerotrust/RoleAuthApplyServiceImpl.java

@@ -1,5 +1,7 @@
 package com.dragoninfo.dcuc.auth.auth.service.impl.zerotrust;
 
+import cn.hutool.core.bean.BeanUtil;
+import com.dragoninfo.dcuc.auth.auth.dto.RoleAuthApplyDto;
 import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.FlowApplyReqDto;
 import com.dragoninfo.dcuc.auth.auth.dto.zerotrust.approval.FlowSubmitRespDTO;
 import com.dragoninfo.dcuc.auth.auth.entity.zerotrust.RoleAuthApply;
@@ -9,17 +11,20 @@ import com.dragoninfo.dcuc.auth.auth.repo.zerotrust.RoleAuthApplyRepository;
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleAuthApplyService;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.ApplyRoleInVo;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.RoleAuthApplySaveVo;
-import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustApprovalBusiness;
 import com.dragoninfo.dcuc.auth.config.zerotrust.ApprovalProperties;
 import com.dragoninfo.dcuc.auth.sub.entity.AuthUserInfo;
 import com.dragoninfo.dcuc.auth.sub.service.IAuthUserInfoService;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
 import com.dragonsoft.duceap.base.entity.http.ResponseDTO;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
 import com.dragonsoft.duceap.base.entity.security.BaseSecurityUser;
 import com.dragonsoft.duceap.base.utils.UserContextUtils;
 import com.dragonsoft.duceap.commons.util.UUIDUtils;
+import com.dragonsoft.duceap.commons.util.collections.CollectionUtils;
 import com.dragonsoft.duceap.commons.util.json.JsonUtils;
+import com.dragonsoft.duceap.commons.util.string.StringUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Example;
@@ -28,10 +33,7 @@ import org.springframework.transaction.annotation.Transactional;
 
 import java.time.LocalDate;
 import java.time.format.DateTimeFormatter;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.stream.Collectors;
 
 /**
@@ -46,7 +48,7 @@ public class RoleAuthApplyServiceImpl implements IRoleAuthApplyService {
 
     private RoleAuthApplyRepository repository;
 
-    private IApprovalBusiness approvalBusiness;
+    private IZeroTrustApprovalBusiness approvalBusiness;
 
     private ApprovalProperties approvalProperties;
 
@@ -63,7 +65,7 @@ public class RoleAuthApplyServiceImpl implements IRoleAuthApplyService {
     }
 
     @Autowired
-    public void setApprovalBusiness(IApprovalBusiness approvalBusiness) {
+    public void setApprovalBusiness(IZeroTrustApprovalBusiness approvalBusiness) {
         this.approvalBusiness = approvalBusiness;
     }
 
@@ -80,46 +82,68 @@ public class RoleAuthApplyServiceImpl implements IRoleAuthApplyService {
         if (null == userInfo) {
             return ResponseStatus.fail("授权主体人员不存在");
         }
+        RoleAuthApplyDto applyDto = new RoleAuthApplyDto();
+        applyDto.setApplyRoleIns(saveVo.getApplyRoleInVos());
+        AuthUserVo userVo = new AuthUserVo();
+        BeanUtil.copyProperties(userInfo, userVo);
+        applyDto.setUserInfo(userVo);
+        return applyAndPushToApproval(Collections.singletonList(applyDto), null);
+    }
 
-        // 填充业务数据
-        Map<String, String> bizData = getBizData(saveVo, userInfo);
-
+    private String getRoleAuthApplyTitle(String applyUserName) {
         DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd");
         String format = formatter.format(LocalDate.now());
-        // 先推送成功后保存权限申请内容
-        String title = format + "-" + UserContextUtils.getCurrentUser().getName() + "角色授权申请";
+        return format + "-" + applyUserName + "角色授权申请";
+    }
+
+    @Override
+    public ResponseStatus applyAndPushToApproval(List<RoleAuthApplyDto> roleAuthApplyDtos, String taskTypeClass) {
+        String title = getRoleAuthApplyTitle(UserContextUtils.getCurrentUser().getName());
+        // 填充业务数据
+        Map<String, String> bizData = getBizData(roleAuthApplyDtos);
+
+        if (StringUtils.isBlank(taskTypeClass)) {
+            taskTypeClass = approvalProperties.getRoleAuthTaskType();
+        }
+
         FlowApplyReqDto applyDto = FlowApplyReqDto.builder()
                 .title(title)
                 .processDefId(ApprovalApplyTypeEnum.ROLE_AUTH_APPLY.getValue())
                 // TODO 后续填入
                 .bo(Collections.emptyMap())
                 .bizData(bizData)
-                .taskClass(approvalProperties.getRoleAuthTaskType())
+                .taskClass(taskTypeClass)
                 .build();
         ResponseDTO<FlowSubmitRespDTO> applyRespDto = approvalBusiness.approvalFlowApplyAndSubmitFirst(applyDto, UUIDUtils.getUUID());
         if (ResponseUtil.isFail(applyRespDto)) {
             log.info("申请推送审批失败");
             return ResponseDTO.fail("申请推送审批失败", (Object) null);
         }
+        // 先推送成功后保存权限申请内容
         FlowSubmitRespDTO flowSubmitRespDTO = ResponseUtil.getResult(applyRespDto);
         String processInstId = flowSubmitRespDTO.getProcessInstId();
 
         // 推送成功之后保存角色授权内容
-        List<ApplyRoleInVo> applyRoleInVos = saveVo.getApplyRoleInVos();
-        List<RoleAuthApply> collect = applyRoleInVos.stream()
-                .map(e -> {
-                    RoleAuthApply roleAuthApply = new RoleAuthApply();
-                    roleAuthApply.setUserId(userId);
-                    roleAuthApply.setProcessInstId(processInstId);
-                    roleAuthApply.setAppId(e.getAppId());
-                    roleAuthApply.setRoleCode(e.getRoleCode());
-                    roleAuthApply.setApprovalResult(AuthApplyStatusEnum.APPLYING.getValue());
-                    return roleAuthApply;
-                }).collect(Collectors.toList());
-
-        repository.saveAll(collect);
-
-        return ResponseDTO.success("", (Object) null);
+        List<RoleAuthApply> collect = roleAuthApplyDtos.stream().flatMap(e -> {
+            List<ApplyRoleInVo> applyRoleInVos = e.getApplyRoleIns();
+            AuthUserVo userInfo = e.getUserInfo();
+            return applyRoleInVos.stream()
+                    .map(applyRoleInVo -> {
+                        RoleAuthApply roleAuthApply = new RoleAuthApply();
+                        roleAuthApply.setUserId(userInfo.getId());
+                        roleAuthApply.setProcessInstId(processInstId);
+                        roleAuthApply.setAppId(applyRoleInVo.getAppId());
+                        roleAuthApply.setRoleCode(applyRoleInVo.getRoleCode());
+                        roleAuthApply.setApprovalResult(AuthApplyStatusEnum.APPLYING.getValue());
+                        return roleAuthApply;
+                    });
+        }).collect(Collectors.toList());
+
+        if (CollectionUtils.isNotEmpty(collect)) {
+            repository.saveAll(collect);
+        }
+
+        return ResponseStatus.success();
     }
 
     @Override
@@ -136,14 +160,21 @@ public class RoleAuthApplyServiceImpl implements IRoleAuthApplyService {
         repository.updateApprovalResult(processInstId, approvalResult);
     }
 
-    private Map<String, String> getBizData(RoleAuthApplySaveVo saveVo, AuthUserInfo userInfo) {
+    private Map<String, String> getBizData(List<RoleAuthApplyDto> applyDtos) {
         Map<String, String> bizData = new HashMap<>();
-        // 授权主体人员信息
-        bizData.put("authUserName", userInfo.getName());
-        bizData.put("authUserIdcard", userInfo.getIdcard());
-        // 授权客体角色信息
-        List<ApplyRoleInVo> applyRoleInVos = saveVo.getApplyRoleInVos();
-        bizData.put("authRoleInfos", JsonUtils.toJSONString(applyRoleInVos));
+        List<Map<String, String>> list = new ArrayList<>();
+        for (RoleAuthApplyDto applyDto : applyDtos) {
+            Map<String, String> map = new HashMap<>();
+            AuthUserVo userInfo = applyDto.getUserInfo();
+            // 授权主体人员信息
+            map.put("authUserName", userInfo.getName());
+            map.put("authUserIdcard", userInfo.getIdcard());
+            // 授权客体角色信息
+            List<ApplyRoleInVo> applyRoleInVos = applyDto.getApplyRoleIns();
+            map.put("authRoleInfos", JsonUtils.toJSONString(applyRoleInVos));
+            list.add(map);
+        }
+        bizData.put("authInfos", JsonUtils.toJSONString(list));
         // 授权操作人信息
         BaseSecurityUser currentUser = UserContextUtils.getCurrentUser();
         bizData.put("authOperateUserName", currentUser.getName());

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/impl/zerotrust/RoleOperateApplyServiceImpl.java

@@ -11,7 +11,7 @@ import com.dragoninfo.dcuc.auth.auth.repo.zerotrust.RoleOperateContentRepository
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleOperateApplyService;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage.RoleOperateApplyVo;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.rolemanage.RoleSaveVo;
-import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustApprovalBusiness;
 import com.dragoninfo.dcuc.auth.config.zerotrust.ApprovalProperties;
 import com.dragoninfo.dcuc.auth.sub.enumresource.OperateTypeEnum;
 import com.dragoninfo.dcuc.common.utils.ResponseUtil;
@@ -43,7 +43,7 @@ public class RoleOperateApplyServiceImpl implements IRoleOperateApplyService {
 
     private RoleOperateContentRepository repository;
 
-    private IApprovalBusiness approvalBusiness;
+    private IZeroTrustApprovalBusiness approvalBusiness;
 
     private ApprovalProperties approvalProperties;
 
@@ -53,7 +53,7 @@ public class RoleOperateApplyServiceImpl implements IRoleOperateApplyService {
     }
 
     @Autowired
-    public void setApprovalBusiness(IApprovalBusiness approvalBusiness) {
+    public void setApprovalBusiness(IZeroTrustApprovalBusiness approvalBusiness) {
         this.approvalBusiness = approvalBusiness;
     }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/service/zerotrust/IRoleAuthApplyService.java

@@ -1,5 +1,6 @@
 package com.dragoninfo.dcuc.auth.auth.service.zerotrust;
 
+import com.dragoninfo.dcuc.auth.auth.dto.RoleAuthApplyDto;
 import com.dragoninfo.dcuc.auth.auth.entity.zerotrust.RoleAuthApply;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.RoleAuthApplySaveVo;
 import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
@@ -20,6 +21,14 @@ public interface IRoleAuthApplyService {
      */
     ResponseStatus roleAuthApply(RoleAuthApplySaveVo saveVo);
 
+    /**
+     * 角色授权批量申请
+     * @param roleAuthApplyDtos
+     * @param taskTypeClass
+     * @return
+     */
+    ResponseStatus applyAndPushToApproval(List<RoleAuthApplyDto> roleAuthApplyDtos, String taskTypeClass);
+
     /**
      * 根据流程实例id查询申请内容
      * @param processInstId

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/AuthTokenBusinessImpl.java

@@ -110,14 +110,14 @@ public class AuthTokenBusinessImpl implements IAuthTokenBusiness {
     }
 
     @Override
-    public TokenDetailRespVo getByAppTokenId(String appTokenId, boolean needUserInfo, boolean needAppInfo) {
+    public AppTokenDetailRespVo getByAppTokenId(String appTokenId, boolean needUserInfo, boolean needAppInfo) {
         AppTokenInfoRespVO appToken = getAppTokenInfo(appTokenId);
         log.info("====转换查询到的结果:{}========", JSON.toJSONString(appToken));
         if (null == appToken) {
-            return TokenDetailRespVo.empty();
+            return AppTokenDetailRespVo.empty();
         }
         UserTokenInfoRespVO userToken = appToken.getUserToken();
-        TokenDetailRespVo.TokenDetailRespVoBuilder builder = TokenDetailRespVo.builder();
+        AppTokenDetailRespVo.AppTokenDetailRespVoBuilder builder = AppTokenDetailRespVo.builder();
         builder.appToken(appToken).userToken(userToken);
         // 根据用户令牌获取用户信息
         if (needUserInfo) {

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ApprovalBusinessImpl.java → dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ZeroTrustApprovalBusinessImpl.java

@@ -20,7 +20,7 @@ import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IApprovalResultService;
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleAuthApplyService;
 import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleOperateApplyService;
 import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.approval.ApprovalCallBackReqVO;
-import com.dragoninfo.dcuc.auth.business.zerotrust.IApprovalBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustApprovalBusiness;
 import com.dragoninfo.dcuc.auth.business.zerotrust.IApproveRemoteCallBusiness;
 import com.dragoninfo.dcuc.auth.config.zerotrust.ApprovalProperties;
 import com.dragoninfo.dcuc.auth.constance.ZerotrustAuthRedisConstant;
@@ -38,7 +38,6 @@ import com.dragonsoft.duceap.commons.util.date.DateConst;
 import com.dragonsoft.duceap.commons.util.date.DateUtils;
 import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
 import com.dragonsoft.duceap.commons.util.string.StringUtils;
-import com.gentlyweb.utils.CollectionsUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
@@ -58,7 +57,7 @@ import java.util.concurrent.TimeUnit;
  */
 @Slf4j
 @Service
-public class ApprovalBusinessImpl implements IApprovalBusiness {
+public class ZeroTrustApprovalBusinessImpl implements IZeroTrustApprovalBusiness {
 
     private IRoleInfoService roleInfoService;
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/zerotrust/ZeroTrustAuthApplyBusinessImpl.java

@@ -0,0 +1,358 @@
+package com.dragoninfo.dcuc.auth.business.impl.zerotrust;
+
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import com.dragoninfo.dcuc.app.entity.ApplyInfo;
+import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.AuthApplyRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.ApiRoleAuthContentVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.ApiRoleAuthReqVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.AuthApplyRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiAppRoleRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiRoleRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiRolesReqVo;
+import com.dragoninfo.dcuc.auth.auth.dto.RoleAuthApplyDto;
+import com.dragoninfo.dcuc.auth.auth.entity.RoleInfo;
+import com.dragoninfo.dcuc.auth.auth.service.IRoleInfoService;
+import com.dragoninfo.dcuc.auth.auth.service.zerotrust.IRoleAuthApplyService;
+import com.dragoninfo.dcuc.auth.auth.vo.zerotrust.roleauthapply.ApplyRoleInVo;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IAuthTokenBusiness;
+import com.dragoninfo.dcuc.auth.business.zerotrust.IZeroTrustAuthApplyBusiness;
+import com.dragoninfo.dcuc.auth.sub.entity.AuthUserInfo;
+import com.dragoninfo.dcuc.auth.sub.service.IAuthUserInfoService;
+import com.dragoninfo.dcuc.auth.sub.vo.ApplyInfoVo;
+import com.dragoninfo.dcuc.auth.sub.vo.AuthUserVo;
+import com.dragoninfo.dcuc.auth.token.vo.AppTokenDetailRespVo;
+import com.dragoninfo.dcuc.auth.token.vo.AppTokenInfoRespVO;
+import com.dragoninfo.dcuc.auth.token.vo.UserTokenInfoRespVO;
+import com.dragoninfo.dcuc.common.enums.UserExtInfoEnum;
+import com.dragoninfo.dcuc.common.utils.DcucBeanUtil;
+import com.dragoninfo.dcuc.common.utils.ResponseUtil;
+import com.dragoninfo.duceap.core.enums.ResultEnum;
+import com.dragoninfo.duceap.core.response.Result;
+import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
+import com.dragonsoft.duceap.base.entity.security.SecurityUser;
+import com.dragonsoft.duceap.base.enums.BooleanEnum;
+import com.dragonsoft.duceap.base.utils.UserContextUtils;
+import com.dragonsoft.duceap.commons.util.collections.CollectionUtils;
+import com.dragonsoft.duceap.commons.util.string.StringUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+/**
+ * @author mazq
+ * @date 2023/11/23
+ */
+@Slf4j
+@Service
+public class ZeroTrustAuthApplyBusinessImpl implements IZeroTrustAuthApplyBusiness {
+
+    private IRoleAuthApplyService roleAuthApplyService;
+
+    private IApplyInfoFacade applyInfoFacade;
+
+    private IRoleInfoService roleInfoService;
+
+    private IAuthUserInfoService userInfoService;
+
+    private IAuthTokenBusiness authTokenBusiness;
+
+    @Autowired
+    public void setUserInfoService(IAuthUserInfoService userInfoService) {
+        this.userInfoService = userInfoService;
+    }
+
+    @Autowired
+    public void setAuthTokenBusiness(IAuthTokenBusiness authTokenBusiness) {
+        this.authTokenBusiness = authTokenBusiness;
+    }
+
+    @Autowired
+    public void setRoleAuthApplyService(IRoleAuthApplyService roleAuthApplyService) {
+        this.roleAuthApplyService = roleAuthApplyService;
+    }
+
+    @Autowired
+    public void setApplyInfoFacade(IApplyInfoFacade applyInfoFacade) {
+        this.applyInfoFacade = applyInfoFacade;
+    }
+
+    @Autowired
+    public void setRoleInfoService(IRoleInfoService roleInfoService) {
+        this.roleInfoService = roleInfoService;
+    }
+
+    @Override
+    public ZeroTrustDataRespVO<List<ApiAppRoleRespVo>> appRoleInfos(ApiRolesReqVo reqVo) {
+        log.info("角色授权申请,应用令牌:{}, 申请内容:{}", reqVo.getAppTokenId(), JSONUtil.toJsonStr(reqVo));
+
+        // 校验应用令牌
+        AppTokenDetailRespVo appTokenDetail = authTokenBusiness.getByAppTokenId(reqVo.getAppTokenId(), false, true);
+        if (appTokenDetail.isEmpty()) {
+            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
+        }
+
+        ApplyInfoVo tokenAppInfo = appTokenDetail.getApplyInfo();
+        List<String> appCodes = reqVo.getAppCodes();
+        if (CollectionUtils.isEmpty(appCodes)) {
+            appCodes = new ArrayList<>();
+            appCodes.add(tokenAppInfo.getApplyCode());
+        }
+
+        // 查询应用下的角色
+        List<ApplyInfo> appInfos = applyInfoFacade.getListByCodes(appCodes);
+        if (CollectionUtils.isEmpty(appInfos)) {
+            ZeroTrustDataRespVO.success(Collections.emptyList());
+        }
+
+        Map<String, ApplyInfo> appMap = appInfos.stream().collect(Collectors.toMap(ApplyInfo::getId, e -> e));
+        List<RoleInfo> roles = roleInfoService.getRolesByAppIds(appMap.keySet());
+        Map<String, List<RoleInfo>> roleGroup = roles.stream().collect(Collectors.groupingBy(RoleInfo::getAppId));
+        List<ApiAppRoleRespVo> respVos = roleGroup.entrySet().stream().map(e -> {
+            ApiAppRoleRespVo vo = new ApiAppRoleRespVo();
+            ApplyInfo applyInfo = appMap.get(e.getKey());
+            vo.setAppCode(applyInfo.getApplyCode());
+            vo.setAppName(applyInfo.getApplyName());
+            List<RoleInfo> value = e.getValue();
+            List<ApiRoleRespVo> collect = value.stream().map(r -> {
+                ApiRoleRespVo roleRespVo = new ApiRoleRespVo();
+                roleRespVo.setRoleCode(r.getCode());
+                roleRespVo.setRoleName(r.getName());
+                return roleRespVo;
+            }).collect(Collectors.toList());
+            vo.setRoleInfos(collect);
+            return vo;
+        }).collect(Collectors.toList());
+
+        return ZeroTrustDataRespVO.success(respVos);
+    }
+
+    @Override
+    public ZeroTrustDataRespVO<AuthApplyRespVo> roleAuthApply(ApiRoleAuthReqVo reqVo) {
+        log.info("角色授权申请,应用令牌:{}, 申请内容:{}", reqVo.getAppTokenId(), JSONUtil.toJsonStr(reqVo));
+
+        // 校验应用令牌
+        AppTokenDetailRespVo appTokenDetail = authTokenBusiness.getByAppTokenId(reqVo.getAppTokenId(), true, true);
+        if (appTokenDetail.isEmpty()) {
+            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
+        }
+        AuthUserVo tokenUserInfo = appTokenDetail.getUserInfo();
+        ApplyInfoVo tokenAppInfo = appTokenDetail.getApplyInfo();
+
+        // 校验申请人
+        Result<List<AuthUserVo>> userResult = getApplyUserInfo(reqVo, tokenUserInfo);
+        List<AuthUserVo> users = userResult.getContent();
+        if (userResult.isFail()) {
+            return getErrorApplyResp(AuthApplyRespEnum.USER_NOT_EXIST, users);
+        }
+        // 校验申请的应用
+        Result<List<ApplyInfoVo>> appResult = getAppInfos(reqVo, tokenAppInfo);
+        List<ApplyInfoVo> applyInfoVos = appResult.getContent();
+        if (appResult.isFail()) {
+            return getErrorApplyResp(AuthApplyRespEnum.APP_NOT_EXIST, applyInfoVos);
+        }
+        // 校验申请的角色
+        Result<List<RoleInfo>> roleResult = getApplyRoles(reqVo, applyInfoVos);
+        List<RoleInfo> roles = roleResult.getContent();
+        if (roleResult.isFail()) {
+            return getErrorApplyResp(AuthApplyRespEnum.ROLE_NOT_EXIST, roles);
+        }
+
+        Map<String, List<RoleInfo>> roleMap = roles.stream().collect(Collectors.groupingBy(RoleInfo::getAppId));
+        Map<String, AuthUserVo> userVoMap = users.stream().collect(Collectors.toMap(AuthUserVo::getIdcard, e -> e));
+        Map<String, ApplyInfoVo> appVoMap = applyInfoVos.stream().collect(Collectors.toMap(ApplyInfoVo::getApplyCode, e -> e));
+        // 设置为当前登录人
+        setSecurityUser(appTokenDetail);
+
+        // 组装批量申请dto
+        List<RoleAuthApplyDto> applyDtos = getApplyDtos(reqVo, tokenUserInfo.getIdcard(), tokenAppInfo.getApplyCode(), userVoMap, appVoMap, roleMap);
+
+        ResponseStatus status = roleAuthApplyService.applyAndPushToApproval(applyDtos, null);
+        if (ResponseUtil.isFail(status)) {
+            return getErrorApplyResp(AuthApplyRespEnum.OTHER, status.getMessage());
+        }
+        return ZeroTrustDataRespVO.success(AuthApplyRespVo.success());
+    }
+
+    private ZeroTrustDataRespVO<AuthApplyRespVo> getErrorApplyResp(AuthApplyRespEnum authApplyRespEnum, Object content) {
+        AuthApplyRespVo vo = new AuthApplyRespVo();
+        vo.setRespCode(authApplyRespEnum.getValue());
+        vo.setRespMsg(authApplyRespEnum.getLabel());
+        switch (authApplyRespEnum) {
+            case APP_NOT_EXIST:
+                List<ApplyInfoVo> apps = (List<ApplyInfoVo>) content;
+                List<String> appCodes = apps.stream().map(ApplyInfoVo::getApplyCode).collect(Collectors.toList());
+                vo.setRespContent(appCodes);
+                break;
+            case USER_NOT_EXIST:
+                List<AuthUserVo> userVos = (List<AuthUserVo>) content;
+                List<String> idcards = userVos.stream().map(AuthUserVo::getIdcard).collect(Collectors.toList());
+                vo.setRespContent(idcards);
+                break;
+            case ROLE_NOT_EXIST:
+                List<RoleInfo> roleInfos = (List<RoleInfo>) content;
+                Map<String, List<String>> roleAppMap = roleInfos.stream()
+                        .collect(Collectors.groupingBy(RoleInfo::getAppId, Collectors.mapping(RoleInfo::getCode, Collectors.toList())));
+                List<String> collect = roleAppMap.entrySet().stream().map(e -> {
+                    JSONObject jsonObject = new JSONObject();
+                    jsonObject.put("appCode", e.getKey());
+                    jsonObject.put("roleCodes", e.getValue());
+                    return jsonObject.toString();
+                }).collect(Collectors.toList());
+                vo.setRespContent(collect);
+                break;
+            case SERVICE_NOT_EXIST:
+                // TODO
+                break;
+            case OTHER:
+            default:
+                vo.setRespContent(Collections.emptyList());
+                vo.setRespMsg(content.toString());
+                break;
+        }
+        return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL, vo);
+    }
+
+    private List<RoleAuthApplyDto> getApplyDtos(ApiRoleAuthReqVo reqVo, String defaultIdcard, String defaultAppCode,
+                                                Map<String, AuthUserVo> userVoMap, Map<String, ApplyInfoVo> appVoMap, Map<String, List<RoleInfo>> roleMap) {
+        List<ApiRoleAuthContentVo> contents = reqVo.getContents();
+        return contents.stream().map(e -> {
+            String applyUserIdcard = Optional.ofNullable(e.getApplyUserIdcard()).orElse(defaultIdcard);
+            String appCode = Optional.ofNullable(e.getAppCode()).orElse(defaultAppCode);
+
+            RoleAuthApplyDto applyDto = new RoleAuthApplyDto();
+            applyDto.setUserInfo(userVoMap.get(applyUserIdcard));
+
+            ApplyInfoVo applyInfoVo = appVoMap.get(appCode);
+            List<RoleInfo> roleList = roleMap.get(applyInfoVo.getId());
+            List<ApplyRoleInVo> collect = roleList.stream().map(r -> {
+                ApplyRoleInVo applyVo = new ApplyRoleInVo();
+                applyVo.setApply(BooleanEnum.FALSE.value);
+                applyVo.setRoleCode(r.getCode());
+                applyVo.setRoleName(r.getName());
+                applyVo.setAppId(applyInfoVo.getId());
+                applyVo.setAppName(applyInfoVo.getApplyName());
+                return applyVo;
+            }).collect(Collectors.toList());
+            applyDto.setApplyRoleIns(collect);
+            return applyDto;
+        }).collect(Collectors.toList());
+    }
+
+    private Result<List<RoleInfo>> getApplyRoles(ApiRoleAuthReqVo reqVo, List<ApplyInfoVo> applyInfoVos) {
+        Map<String, ApplyInfoVo> appMap = applyInfoVos.stream().collect(Collectors.toMap(ApplyInfoVo::getApplyCode, e -> e));
+        List<ApiRoleAuthContentVo> contents = reqVo.getContents();
+        List<String> roleCodes = contents.stream()
+                .map(ApiRoleAuthContentVo::getRoleCodes)
+                .flatMap(List::stream)
+                .collect(Collectors.toList());
+        List<RoleInfo> roleInfos = roleInfoService.getByCodes(roleCodes);
+        Map<String, List<RoleInfo>> roleMap = roleInfos.stream().collect(Collectors.groupingBy(RoleInfo::getAppId));
+        for (ApiRoleAuthContentVo authVo : contents) {
+            String appCode = authVo.getAppCode();
+            List<String> appRoleCodes = authVo.getRoleCodes();
+            ApplyInfoVo applyInfoVo = appMap.get(appCode);
+            List<RoleInfo> roles = roleMap.get(applyInfoVo.getId());
+            if (CollectionUtils.isEmpty(roles)) {
+                List<RoleInfo> notExistRoles = mapNotExistRoles(appRoleCodes, applyInfoVo);
+                return Result.fail(ResultEnum.FAIL.getValue(), "角色不存在", notExistRoles);
+            }
+            Set<String> exist = roles.stream().map(RoleInfo::getCode).collect(Collectors.toSet());
+            List<String> notExist = appRoleCodes.stream().filter(e -> !exist.contains(e)).collect(Collectors.toList());
+            if (CollectionUtils.isEmpty(notExist)) {
+                List<RoleInfo> notExistRoles = mapNotExistRoles(notExist, applyInfoVo);
+                return Result.fail(ResultEnum.FAIL.getValue(), "角色不存在", notExistRoles);
+            }
+        }
+        return Result.success(roleInfos);
+    }
+
+    private static List<RoleInfo> mapNotExistRoles(List<String> appRoleCodes, ApplyInfoVo applyInfoVo) {
+        return appRoleCodes.stream().map(e -> {
+            RoleInfo roleInfo = new RoleInfo();
+            roleInfo.setAppId(applyInfoVo.getApplyCode());
+            roleInfo.setCode(e);
+            return roleInfo;
+        }).collect(Collectors.toList());
+    }
+
+    private Result<List<ApplyInfoVo>> getAppInfos(ApiRoleAuthReqVo reqVo, ApplyInfoVo defaultApp) {
+        List<ApiRoleAuthContentVo> contents = reqVo.getContents();
+        List<String> appCodes = contents.stream().map(ApiRoleAuthContentVo::getAppCode)
+                .filter(StringUtils::isNotBlank)
+                .distinct()
+                .collect(Collectors.toList());
+        List<ApplyInfoVo> appInfoVos = new ArrayList<>();
+        appInfoVos.add(defaultApp);
+        if (CollectionUtils.isNotEmpty(appCodes)) {
+            List<ApplyInfo> appInfos = applyInfoFacade.getListByCodes(appCodes);
+            Set<String> exist = appInfos.stream().map(ApplyInfo::getApplyCode).collect(Collectors.toSet());
+            List<String> collect = appCodes.stream().filter(e -> !exist.contains(e)).collect(Collectors.toList());
+            if (CollectionUtils.isNotEmpty(collect)) {
+                List<ApplyInfoVo> notExistApps = collect.stream().map(e -> {
+                    ApplyInfoVo vo = new ApplyInfoVo();
+                    vo.setApplyCode(e);
+                    return vo;
+                }).collect(Collectors.toList());
+                return Result.fail(ResultEnum.FAIL.getValue(), "应用资源不存在", notExistApps);
+            }
+            List<ApplyInfoVo> list = DcucBeanUtil.createCopyToObjectList(appInfos, ApplyInfoVo.class);
+            appInfoVos.addAll(list);
+        }
+        return Result.success(appInfoVos);
+    }
+
+    private Result<List<AuthUserVo>> getApplyUserInfo(ApiRoleAuthReqVo reqVo, AuthUserVo defaultUserVo) {
+        List<String> applyUserIdcards = reqVo.getContents()
+                .stream()
+                .map(ApiRoleAuthContentVo::getApplyUserIdcard)
+                .distinct()
+                .filter(StringUtils::isNotBlank)
+                .collect(Collectors.toList());
+
+        List<AuthUserVo> list = new ArrayList<>();
+        list.add(defaultUserVo);
+        if (CollectionUtils.isNotEmpty(applyUserIdcards)) {
+            List<AuthUserInfo> userInfos = userInfoService.findByIdcards(applyUserIdcards);
+            // 判断人员是否都存在
+            Set<String> exist = userInfos.stream().map(AuthUserInfo::getIdcard).collect(Collectors.toSet());
+            List<String> collect = applyUserIdcards.stream().filter(e -> !exist.contains(e)).collect(Collectors.toList());
+            if (CollectionUtils.isNotEmpty(collect)) {
+                List<AuthUserVo> notExistUsers = collect.stream().map(e -> {
+                    AuthUserVo vo = new AuthUserVo();
+                    vo.setIdcard(e);
+                    return vo;
+                }).collect(Collectors.toList());
+                return Result.fail(ResultEnum.FAIL.getValue(), "申请授权人员不存在", notExistUsers);
+            }
+            List<AuthUserVo> userVos = DcucBeanUtil.createCopyToObjectList(userInfos, AuthUserVo.class);
+            list.addAll(userVos);
+        }
+        return Result.success(list);
+    }
+
+    private void setSecurityUser(AppTokenDetailRespVo appTokenDetail) {
+        UserTokenInfoRespVO userToken = appTokenDetail.getUserToken();
+        AppTokenInfoRespVO appToken = appTokenDetail.getAppToken();
+        AuthUserVo userInfo = appTokenDetail.getUserInfo();
+        SecurityUser securityUser = new SecurityUser();
+        securityUser.setId(userInfo.getId());
+        securityUser.setIdcard(userInfo.getIdcard());
+        securityUser.setManId(userInfo.getId());
+        securityUser.setSecurityOrg(userInfo.getOrgCode());
+        securityUser.setDeptId(userInfo.getOrgId());
+        Map<String, Object> ext = new HashMap<>();
+        ext.put(UserExtInfoEnum.APP_TOKEN_ID.getValue(), appToken.getAppTokenId());
+        ext.put(UserExtInfoEnum.USER_TOKEN_ID.getValue(), userToken.getUserTokenId());
+        ext.put(UserExtInfoEnum.OPEN_ID.getValue(), userToken.getPid());
+        securityUser.setExtendtions(ext);
+        UserContextUtils.setCurrentUser(securityUser);
+    }
+
+}

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/zerotrust/IAuthTokenBusiness.java

@@ -2,7 +2,6 @@ package com.dragoninfo.dcuc.auth.business.zerotrust;
 
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustMessageRespVO;
 import com.dragoninfo.dcuc.auth.token.vo.*;
-import com.dragoninfo.duceap.core.response.Result;
 
 import java.util.List;
 
@@ -36,7 +35,7 @@ public interface IAuthTokenBusiness {
      * @param needAppInfo 是否需要应用信息
      * @return
      */
-    TokenDetailRespVo getByAppTokenId(String appTokenId, boolean needUserInfo, boolean needAppInfo);
+    AppTokenDetailRespVo getByAppTokenId(String appTokenId, boolean needUserInfo, boolean needAppInfo);
 
     /**
      * 接收令牌

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/zerotrust/IApprovalBusiness.java → dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/zerotrust/IZeroTrustApprovalBusiness.java

@@ -15,7 +15,7 @@ import com.dragonsoft.duceap.base.entity.http.ResponseStatus;
  * @author mazq
  * @date 2023/4/4
  */
-public interface IApprovalBusiness {
+public interface IZeroTrustApprovalBusiness {
 
     /**
      * 审批流程申请

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/zerotrust/IZeroTrustAuthApplyBusiness.java

@@ -0,0 +1,34 @@
+package com.dragoninfo.dcuc.auth.business.zerotrust;
+
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.ApiRoleAuthReqVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.authapply.AuthApplyRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiAppRoleRespVo;
+import com.dragoninfo.dcuc.auth.api.vo.zerotrust.role.ApiRolesReqVo;
+
+import java.util.List;
+
+/**
+ * 权限申请api接口业务类
+ *
+ * @author mazq
+ * @date 2023/11/23
+ */
+public interface IZeroTrustAuthApplyBusiness {
+
+    /**
+     * 应用角色列表
+     * @param reqVo
+     * @return
+     */
+    ZeroTrustDataRespVO<List<ApiAppRoleRespVo>> appRoleInfos(ApiRolesReqVo reqVo);
+
+
+    /**
+     * 角色授权申请
+     *
+     * @param reqVo
+     * @return
+     */
+    ZeroTrustDataRespVO<AuthApplyRespVo> roleAuthApply(ApiRoleAuthReqVo reqVo);
+}