Merge branch 'mazq-jiekouyouhua-230523' into 'release/v1.2.0'

feature: 鉴权失败发送审计日志缺失字段修改

See merge request dcuc-tjdsj/auth-service!241

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustDataAuthBusiness.java

@@ -81,6 +81,15 @@ public class ZeroTrustDataAuthBusiness implements IZeroTrustDataAuthBusiness {
         dto.setCurrentIdcard(tokenInfo.getUserToken().getPid());
         dto.setIdcard(tokenInfo.getUserToken().getPid());
         dto.setDataItemsDtoList(Collections.emptyList());
+        AuthUserVo userInfo = tokenInfo.getUserInfo();
+        if (null == userInfo) {
+            log.error("查询不到用户信息:{}", tokenInfo.getUserToken().getPid());
+
+            // 发送鉴权失败日志
+            logInfoFillService.sendDataAuthenticationLog(AuthResultEnum.FAIL, dto, IpUtils.getIp(), appTokenId, tokenInfo.getUserToken().getUserTokenId());
+
+            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
+        }
 
         // 任务信息校验
         String taskId = dataAuthReqVO.getTaskId();
@@ -108,16 +117,6 @@ public class ZeroTrustDataAuthBusiness implements IZeroTrustDataAuthBusiness {
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL);
         }
 
-        AuthUserVo userInfo = tokenInfo.getUserInfo();
-        if (null == userInfo) {
-            log.error("查询不到用户信息:{}", tokenInfo.getUserToken().getPid());
-
-            // 发送鉴权失败日志
-            logInfoFillService.sendDataAuthenticationLog(AuthResultEnum.FAIL, dto, IpUtils.getIp(), appTokenId, tokenInfo.getUserToken().getUserTokenId());
-
-            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
-        }
-
         DataAuthV2ReqDTO v2ReqDTO = new DataAuthV2ReqDTO();
         v2ReqDTO.setIdcard(userInfo.getIdcard());
         v2ReqDTO.setResourceId(dataAuthReqVO.getResourceId());
@@ -128,6 +127,8 @@ public class ZeroTrustDataAuthBusiness implements IZeroTrustDataAuthBusiness {
         ResponseDTO<Set<String>> responseDTO = dataAuthBusiness.dataAuth(v2ReqDTO);
         if (ResponseUtil.isFail(responseDTO)) {
             log.error("数据鉴权失败:{}", responseDTO.getMessage());
+            // 发送鉴权失败日志
+            logInfoFillService.sendDataAuthenticationLog(AuthResultEnum.FAIL, dto, IpUtils.getIp(), appTokenId, tokenInfo.getUserToken().getUserTokenId());
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL);
         }
 

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustFunAuthBusiness.java

@@ -79,6 +79,18 @@ public class ZeroTrustFunAuthBusiness implements IZeroTrustFunAuthBusiness {
         RoleApiDto roleApiDto = new RoleApiDto();
         roleApiDto.setAppCode(appCode);
         AuthUserVo userInfo = tokenInfo.getUserInfo();
+        if (userInfo == null) {
+            log.error("查询不到用户信息:{}", tokenInfo.getUserToken().getPid());
+            // 发送鉴权失败日志
+            logInfoFillService.sendFunAuthenticationLog(AuthResultEnum.FAIL, roleApiDto, Collections.emptyList(),
+                    IpUtils.getRealIpAdrress(RequestUtils.getRequest()),
+                    tokenInfo.getUserToken().getUserTokenId(), appTokenId);
+
+            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
+        }
+
+        roleApiDto.setUserId(userInfo.getId());
+        roleApiDto.setIdcard(userInfo.getIdcard());
 
         // 任务信息校验
         String taskId = functionAuthReqVO.getTaskId();
@@ -93,20 +105,6 @@ public class ZeroTrustFunAuthBusiness implements IZeroTrustFunAuthBusiness {
             return checkTaskIdMessage.toDataRespVO();
         }
 
-        if (userInfo == null) {
-            log.error("查询不到用户信息:{}", tokenInfo.getUserToken().getPid());
-            // 发送鉴权失败日志
-            logInfoFillService.sendFunAuthenticationLog(AuthResultEnum.FAIL, roleApiDto, Collections.emptyList(),
-                    IpUtils.getRealIpAdrress(RequestUtils.getRequest()),
-                    tokenInfo.getUserToken().getUserTokenId(), appTokenId);
-
-            return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
-        }
-
-
-        roleApiDto.setUserId(userInfo.getId());
-        roleApiDto.setIdcard(userInfo.getIdcard());
-
         ApplyInfoVo applyInfo = tokenInfo.getApplyInfo();
         if (ObjectUtils.isEmpty(applyInfo)) {
             log.error("应用不存在:{}", tokenInfo.getAppToken().getAppId());

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustServiceAuthBusiness.java

@@ -72,20 +72,6 @@ public class ZeroTrustServiceAuthBusiness implements IZeroTrustServiceAuthBusine
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.TOKEN_FAIL);
         }
 
-        // 任务信息校验
-        String taskId = serviceAuthReqVO.getTaskId();
-        ZeroTrustDataRespVO<String> checkTaskIdMessage = apiCommonBusiness.taskIdCheck(appTokenId, taskId);
-        if (!checkTaskIdMessage.isRespSuccess()) {
-            log.error("==============任务信息校验失败：{}===========", taskId);
-
-            // 发送鉴权失败日志
-            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, null, tokenInfo.getAppToken().getAppId(),
-                    tokenInfo.getUserToken().getUserTokenId(), appTokenId, Collections.emptyList(),
-                    IpUtils.getRealIpAdrress(RequestUtils.getRequest()));
-
-            return checkTaskIdMessage.toDataRespVO();
-        }
-
         AuthUserVo userInfo = tokenInfo.getUserInfo();
         if (userInfo == null) {
             log.error("查询不到用户信息:{}", tokenInfo.getUserToken().getPid());
@@ -102,7 +88,7 @@ public class ZeroTrustServiceAuthBusiness implements IZeroTrustServiceAuthBusine
         if (ObjectUtils.isEmpty(applyInfo)) {
             log.error("应用不存在:{}", tokenInfo.getAppToken().getAppId());
             // 发送鉴权失败日志
-            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, null, tokenInfo.getAppToken().getAppId(),
+            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, userInfo.getIdcard(), tokenInfo.getAppToken().getAppId(),
                     tokenInfo.getUserToken().getUserTokenId(), appTokenId, Collections.emptyList(),
                     IpUtils.getRealIpAdrress(RequestUtils.getRequest()));
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL);
@@ -110,11 +96,26 @@ public class ZeroTrustServiceAuthBusiness implements IZeroTrustServiceAuthBusine
         if (BooleanEnum.TRUE.getValue().equals(applyInfo.getApplyStatus())) {
             log.error("应用已停用:{},状态：{}", applyInfo.getApplyCode(), applyInfo.getApplyStatus());
             // 发送鉴权失败日志
-            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, null, tokenInfo.getAppToken().getAppId(),
+            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, userInfo.getIdcard(), tokenInfo.getAppToken().getAppId(),
                     tokenInfo.getUserToken().getUserTokenId(), appTokenId, Collections.emptyList(),
                     IpUtils.getRealIpAdrress(RequestUtils.getRequest()));
             return ZeroTrustDataRespVO.resultEnumMessage(ZeroTrustBusinessRespEnum.OPERATE_FAIL);
         }
+
+        // 任务信息校验
+        String taskId = serviceAuthReqVO.getTaskId();
+        ZeroTrustDataRespVO<String> checkTaskIdMessage = apiCommonBusiness.taskIdCheck(appTokenId, taskId);
+        if (!checkTaskIdMessage.isRespSuccess()) {
+            log.error("==============任务信息校验失败：{}===========", taskId);
+
+            // 发送鉴权失败日志
+            logInfoFillService.sendServiceAuthenticationLog(AuthResultEnum.FAIL, userInfo.getIdcard(), tokenInfo.getAppToken().getAppId(),
+                    tokenInfo.getUserToken().getUserTokenId(), appTokenId, Collections.emptyList(),
+                    IpUtils.getRealIpAdrress(RequestUtils.getRequest()));
+
+            return checkTaskIdMessage.toDataRespVO();
+        }
+
         String appCode = tokenInfo.getAppToken().getAppId();
         String userTokenId = tokenInfo.getUserToken().getUserTokenId();