feature: 权限中心接收安全策略指令

dcuc-auth-api/src/main/java/com/dragoninfo/dcuc/auth/securitypolicy/facade/IApiSecurityPolicyFacade.java

@@ -0,0 +1,23 @@
+package com.dragoninfo.dcuc.auth.securitypolicy.facade;
+
+import com.dragoninfo.dcuc.auth.api.vo.securitypolicy.req.ReqUserRiskScoreVO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/7/12
+ */
+@FeignClient(name = "dcuc-auth", path = "/dcuc/securityPolicyFacade")
+public interface IApiSecurityPolicyFacade {
+
+    /**
+     * 接收风险指令
+     * @param userRiskScores
+     */
+    @PostMapping("receivePolicy")
+    void receivePolicy(@RequestBody List<ReqUserRiskScoreVO> userRiskScores);
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/enums/securitypolicy/ActionEnum.java

@@ -0,0 +1,50 @@
+package com.dragoninfo.dcuc.auth.api.enums.securitypolicy;
+
+import com.dragonsoft.duceap.base.enums.ICodeEnum;
+
+/**
+ * @author huangzqa
+ */
+
+public enum ActionEnum implements ICodeEnum {
+
+    /**
+     * 撤销令牌
+     */
+    cancel("0", "撤销令牌"),
+
+    /**
+     * 锁定用户
+     */
+    lockUser("1", "锁定用户"),
+
+    /**
+     * 通知
+     */
+    notify("2", "通知"),
+
+    /**
+     * 锁定鉴权 todo 类型待沟通
+     */
+    lockAuthentication("3", "锁定鉴权");
+
+    private final String value;
+
+    private final String label;
+
+    ActionEnum(String value, String label) {
+        this.value = value;
+        this.label = label;
+    }
+
+
+    @Override
+    public String getValue() {
+        return this.value;
+    }
+
+    @Override
+    public String getLabel() {
+        return this.label;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTrustBusinessRespEnum.java → dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/enums/zerotrust/ZeroTrustBusinessRespEnum.java

@@ -1,4 +1,4 @@
-package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
+package com.dragoninfo.dcuc.auth.api.enums.zerotrust;
 
 import com.dragonsoft.duceap.base.enums.ICodeEnum;
 

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/securitypolicy/req/ReqUserRiskScoreVO.java

@@ -0,0 +1,82 @@
+package com.dragoninfo.dcuc.auth.api.vo.securitypolicy.req;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import lombok.Data;
+
+/**
+ * <p>
+ *
+ * </p>
+ *
+ * @author huangzqa
+ * @date 2023/5/12
+ */
+@Data
+public class ReqUserRiskScoreVO {
+
+    /**
+     * 用户ID 身份证号
+     */
+    @JsonProperty("userID")
+    private String userId;
+
+    /**
+     * 用户姓名
+     */
+    private String userName;
+
+    /**
+     * 用户登录IP
+     */
+    @JsonProperty("userIP")
+    private String userIp;
+    /**
+     * 终端Ip
+     */
+    @JsonProperty("deviceIP")
+    private String deviceIp;
+    /**
+     * 终端唯一标识
+     */
+    @JsonProperty("deviceID")
+    private String deviceId;
+    /**
+     * 信用评分
+     */
+    private String riskScore;
+    /**
+     * 评分时间
+     */
+    private String clientTime;
+    /**
+     * 1：综合评分， 2：用户评分， 3：终端评分
+     */
+    private String riskType;
+    /**
+     * 原因， EventID 对应关系参照附录 A
+     */
+    private String reason;
+    /**
+     * 1：是 VM， 0：不是 VM
+     */
+    @JsonProperty("isVM")
+    private String isVm;
+
+    /**
+     * cancel：撤销令牌，认证中心撤销相应令牌。
+     * <p>
+     * lockUser：锁定用户，认证中心对该用户进行锁定，锁定后将拒绝登录。解锁需要在认证中心手动完成。
+     * <p>
+     * notify：通知，下发信任评估结果，认证中心应根据下发的信任评估结果，对用户进行管控。
+     * 枚举含义：0： cancel, 1:lockuser, 2:notify
+     */
+    private String action;
+    /**
+     * 用户令牌
+     */
+    private String userToken;
+    /**
+     * 应用令牌
+     */
+    private String appToken;
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/securitypolicy/resp/ErrorException.java

@@ -0,0 +1,79 @@
+package com.dragoninfo.dcuc.auth.api.vo.securitypolicy.resp;
+
+import java.io.PrintWriter;
+import java.io.Serializable;
+import java.io.StringWriter;
+
+/**
+ * 错误异常
+ *
+ * @author huangzqa
+ * @date 2020/7/9
+ */
+public class ErrorException implements Serializable {
+
+    private static final long serialVersionUID = -3191249189923271500L;
+
+    /**
+     * 名称
+     */
+    private String name;
+
+    /**
+     * 信息
+     */
+    private String message;
+
+    /***
+     * 追踪路径
+     */
+    private String trace;
+
+    public ErrorException(String name, String message, String trace) {
+        this.name = name;
+        this.message = message;
+        this.trace = trace;
+    }
+
+    public static ErrorException errorException(Exception e) {
+        String traceString = getStackTrace(e);
+        return new ErrorException(e.getClass().getName(), e.getMessage(), traceString);
+    }
+
+    private static String getStackTrace(Throwable throwable) {
+        StringWriter stringWriter = new StringWriter();
+
+        try (PrintWriter printWriter = new PrintWriter(stringWriter)) {
+            throwable.printStackTrace(printWriter);
+            return stringWriter.toString();
+        }
+    }
+
+    public static ErrorException empty() {
+        return new ErrorException(null, null, null);
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getMessage() {
+        return message;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+    public String getTrace() {
+        return trace;
+    }
+
+    public void setTrace(String trace) {
+        this.trace = trace;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/securitypolicy/resp/HwSecurityPolicyResp.java

@@ -0,0 +1,144 @@
+package com.dragoninfo.dcuc.auth.api.vo.securitypolicy.resp;
+
+import java.io.Serializable;
+
+/**
+ * 华为安全策略服务返回值
+ *
+ * @author zq.huang
+ * @date 2020/7/20
+ */
+public class HwSecurityPolicyResp<T> implements Serializable {
+
+    private static final long serialVersionUID = 3962167558303736599L;
+
+    /**
+     * 是否成功
+     */
+    private Boolean success;
+
+    /**
+     * 数据
+     */
+    private T data;
+
+    /**
+     * 错误代码
+     */
+    private String errorCode;
+
+    /**
+     * 错误名称
+     */
+    private String errorName;
+
+    /**
+     * 错误消息
+     */
+
+    public HwSecurityPolicyResp() {
+
+    }
+
+
+    private String errorMessage;
+
+    public HwSecurityPolicyResp(Boolean success, T data, String errorCode, String errorName, String errorMessage, ErrorException errorException) {
+        this.success = success;
+        this.data = data;
+        this.errorCode = errorCode;
+        this.errorName = errorName;
+        this.errorMessage = errorMessage;
+        this.errorException = errorException;
+    }
+
+    /**
+     * 成功的相应结果
+     *
+     * @param <T>
+     * @return
+     */
+    public static <T> HwSecurityPolicyResp<T> success(T obj) {
+        ErrorException errorException = new ErrorException(null, null, null);
+        return new HwSecurityPolicyResp<T>(true, obj, null, null, null, errorException);
+    }
+
+    /**
+     * 成功的相应结果
+     *
+     * @param <T>
+     * @return
+     */
+    public static <T> HwSecurityPolicyResp<T> success() {
+        ErrorException errorException = new ErrorException(null, null, null);
+        return new HwSecurityPolicyResp<T>(true, null, null, null, null, errorException);
+    }
+
+    /**
+     * 失败的相应结果
+     *
+     * @param <T>
+     * @return
+     */
+    public static <T> HwSecurityPolicyResp<T> fail(String errName, String errorMessage, ErrorException e) {
+        return new HwSecurityPolicyResp<T>(false, null, "300", errName, errorMessage, e);
+    }
+
+    /**
+     * 错误异常信息
+     */
+    private ErrorException errorException;
+
+
+    public Boolean getSuccess() {
+        return success;
+    }
+
+    public void setSuccess(Boolean success) {
+        this.success = success;
+    }
+
+    public static long getSerialVersionUID() {
+        return serialVersionUID;
+    }
+
+    public T getData() {
+        return data;
+    }
+
+    public void setData(T data) {
+        this.data = data;
+    }
+
+    public String getErrorCode() {
+        return errorCode;
+    }
+
+    public void setErrorCode(String errorCode) {
+        this.errorCode = errorCode;
+    }
+
+    public String getErrorName() {
+        return errorName;
+    }
+
+    public void setErrorName(String errorName) {
+        this.errorName = errorName;
+    }
+
+    public String getErrorMessage() {
+        return errorMessage;
+    }
+
+    public void setErrorMessage(String errorMessage) {
+        this.errorMessage = errorMessage;
+    }
+
+    public ErrorException getErrorException() {
+        return errorException;
+    }
+
+    public void setErrorException(ErrorException errorException) {
+        this.errorException = errorException;
+    }
+}

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTrustDataRespVO.java

@@ -1,5 +1,6 @@
 package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
 
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.DataItemRespVO;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import lombok.Data;

dcuc-auth-model/src/main/java/com/dragoninfo/dcuc/auth/api/vo/zerotrust/ZeroTustMessageRespVO.java

@@ -1,5 +1,6 @@
 package com.dragoninfo.dcuc.auth.api.vo.zerotrust;
 
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.BusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.ResultRespVO;
 import com.fasterxml.jackson.annotation.JsonIgnore;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustAppAuthBusiness.java

@@ -4,7 +4,7 @@ import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.AppAuthReqVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.async.BusiEventPublisher;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustDataAuthBusiness.java

@@ -3,7 +3,7 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.DataAuthReqVO;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.DataAuthRespVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustFunAuthBusiness.java

@@ -2,7 +2,7 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.FunctionAuthReqVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/auth/business/impl/zerotrust/ZeroTrustServiceAuthBusiness.java

@@ -2,7 +2,7 @@ package com.dragoninfo.dcuc.auth.auth.business.impl.zerotrust;
 
 import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ServiceAuthReqVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustDataRespVO;
 import com.dragoninfo.dcuc.auth.audit.enums.AuthResultEnum;
 import com.dragoninfo.dcuc.auth.audit.service.log.LogInfoFillService;

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/ICacheBusiness.java

@@ -80,4 +80,17 @@ public interface ICacheBusiness {
      * @return key:openId value:userTokenId
      */
     Map<String, String> getUserTokenIdByOpenId(Collection<String> openIds);
+
+    /**
+     * 锁定人员鉴权
+     * @param idcard
+     */
+    void lockUserAuthentication(String idcard);
+
+    /**
+     * 判断人员鉴权是否被锁定
+     * @param idcard
+     * @return
+     */
+    boolean isUserAuthLocked(String idcard);
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/AuthTokenBusinessImpl.java

@@ -6,7 +6,7 @@ import com.dragoninfo.dcuc.app.facade.IApplyInfoFacade;
 import com.dragoninfo.dcuc.auth.api.vo.MessageRespVO;
 import com.dragoninfo.dcuc.auth.api.vo.ResultRespPageVo;
 import com.dragoninfo.dcuc.auth.api.vo.ResultRespVO;
-import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTrustBusinessRespEnum;
+import com.dragoninfo.dcuc.auth.api.enums.zerotrust.ZeroTrustBusinessRespEnum;
 import com.dragoninfo.dcuc.auth.api.vo.zerotrust.ZeroTustMessageRespVO;
 import com.dragoninfo.dcuc.auth.audit.dto.TokenOperationDto;
 import com.dragoninfo.dcuc.auth.audit.service.log.QmAuditPushService;
@@ -26,7 +26,6 @@ import org.apache.commons.collections4.CollectionUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.ParameterizedTypeReference;
-import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
@@ -35,7 +34,6 @@ import org.springframework.stereotype.Service;
 import org.springframework.web.client.RestTemplate;
 
 import java.util.*;
-import java.util.concurrent.TimeUnit;
 
 /**
  * token业务类

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/business/impl/RedisCacheBusinessImpl.java

@@ -9,6 +9,7 @@ import com.dragoninfo.dcuc.auth.token.enums.TokenActionEnum;
 import com.dragoninfo.dcuc.auth.token.enums.TokenTypeEnum;
 import com.dragoninfo.dcuc.auth.token.vo.AppTokenInfoRespVO;
 import com.dragoninfo.dcuc.auth.token.vo.UserTokenInfoRespVO;
+import com.dragonsoft.duceap.base.enums.BooleanEnum;
 import com.dragonsoft.duceap.base.exception.ApplicationException;
 import com.dragonsoft.duceap.commons.util.collections.CollectionUtils;
 import com.dragonsoft.duceap.commons.util.string.StringUtils;
@@ -35,6 +36,11 @@ public class RedisCacheBusinessImpl implements ICacheBusiness {
      */
     private static final String USER_OPEN_ID_APP_ID_KEY_TYPE = "OPEN_APP_ID";
 
+    /**
+     * 锁定人员鉴权
+     */
+    private static final String USER_AUTHENTICATION_LOCK_KEY_TYPE = "USER_AUTH_LOCK";
+
     @Resource
     private StringRedisTemplate stringRedisTemplate;
 
@@ -183,6 +189,19 @@ public class RedisCacheBusinessImpl implements ICacheBusiness {
         return map;
     }
 
+    @Override
+    public void lockUserAuthentication(String idcard) {
+        String key = getKeyPrefix(idcard, USER_AUTHENTICATION_LOCK_KEY_TYPE);
+        stringRedisTemplate.opsForValue().set(key, BooleanEnum.TRUE.value, 5, TimeUnit.MINUTES);
+    }
+
+    @Override
+    public boolean isUserAuthLocked(String idcard) {
+        String key = getKeyPrefix(idcard, USER_AUTHENTICATION_LOCK_KEY_TYPE);
+        Boolean hasKey = stringRedisTemplate.hasKey(key);
+        return  hasKey!= null && hasKey;
+    }
+
     @Override
     public void appTokenActionHandle(AppTokenInfoRespVO tokenInfo, String action) {
         if (null == tokenInfo) {
@@ -221,15 +240,17 @@ public class RedisCacheBusinessImpl implements ICacheBusiness {
     }
 
 
-    private String getKeyPrefix(String id, String tokenType) {
-        if (tokenType.equals(TokenTypeEnum.APP.getValue())) {
+    private String getKeyPrefix(String id, String type) {
+        if (type.equals(TokenTypeEnum.APP.getValue())) {
             return AuthRedisConstant.REDIS_APP_TOKEN_NAMESPACE + id;
-        } else if (tokenType.equals(TokenTypeEnum.USER.getValue())) {
+        } else if (type.equals(TokenTypeEnum.USER.getValue())) {
             return AuthRedisConstant.REDIS_USER_TOKEN_NAMESPACE + id;
-        } else if (tokenType.equals(USER_OPEN_ID_TOKEN_ID_KEY_TYPE)) {
+        } else if (type.equals(USER_OPEN_ID_TOKEN_ID_KEY_TYPE)) {
             return AuthRedisConstant.REDIS_OPEN_ID_TOKEN_NAMESPACE + id;
-        } else if (tokenType.equals(USER_OPEN_ID_APP_ID_KEY_TYPE)) {
+        } else if (type.equals(USER_OPEN_ID_APP_ID_KEY_TYPE)) {
             return AuthRedisConstant.REDIS_OPEN_AUTH_APP_ID_NAMESPACE + id;
+        } else if (type.equals(USER_AUTHENTICATION_LOCK_KEY_TYPE)) {
+            return AuthRedisConstant.USER_AUTH_LOCK_NAMESPACE + id;
         } else {
             throw new ApplicationException("不支持的类型");
         }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/constance/AuthRedisConstant.java

@@ -35,4 +35,9 @@ public class AuthRedisConstant {
      */
     public static final String REDIS_APP_TOKEN_NAMESPACE = REDIS_AUTH_NAMESPACE + "APP_TOKEN:";
 
+    /**
+     * 人员鉴权锁定命名空间
+     */
+    public static final String USER_AUTH_LOCK_NAMESPACE = REDIS_AUTH_NAMESPACE + "APP_TOKEN:";
+
 }

dcuc-auth-service/src/main/java/com/dragoninfo/dcuc/auth/securitypolicy/ApiSecurityPolicyFacade.java

@@ -0,0 +1,59 @@
+package com.dragoninfo.dcuc.auth.securitypolicy;
+
+import com.dragoninfo.dcuc.auth.api.enums.securitypolicy.ActionEnum;
+import com.dragoninfo.dcuc.auth.api.vo.securitypolicy.req.ReqUserRiskScoreVO;
+import com.dragoninfo.dcuc.auth.business.IAuthTokenBusiness;
+import com.dragoninfo.dcuc.auth.business.ICacheBusiness;
+import com.dragoninfo.dcuc.auth.securitypolicy.facade.IApiSecurityPolicyFacade;
+import com.dragoninfo.dcuc.auth.token.enums.TokenActionEnum;
+import com.dragoninfo.dcuc.auth.token.enums.TokenTypeEnum;
+import com.dragoninfo.dcuc.auth.token.vo.TokenReceiveVO;
+import com.dragoninfo.dcuc.auth.token.vo.UserTokenInfoRespVO;
+import com.dragonsoft.duceap.commons.util.enums.EnumUtils;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+/**
+ * @author mazq
+ * @date 2023/7/12
+ */
+@Slf4j
+@RestController
+@RequestMapping(value = "/dcuc/securityPolicyFacade")
+public class ApiSecurityPolicyFacade implements IApiSecurityPolicyFacade {
+
+    private ICacheBusiness cacheBusiness;
+
+    @Autowired
+    public void setCacheBusiness(ICacheBusiness cacheBusiness) {
+        this.cacheBusiness = cacheBusiness;
+    }
+
+    @Override
+    public void receivePolicy(List<ReqUserRiskScoreVO> userRiskScores) {
+        for (ReqUserRiskScoreVO reqUserRiskScoreVO : userRiskScores) {
+            String userId = reqUserRiskScoreVO.getUserId();
+            String riskScore = reqUserRiskScoreVO.getRiskScore();
+            log.info("新数据userId" + userId + "评分为:" + riskScore);
+
+            String action = reqUserRiskScoreVO.getAction();
+            ActionEnum actionEnum = EnumUtils.enumOf(ActionEnum.class, action);
+            if (actionEnum.equals(ActionEnum.cancel)) {
+                String userTokenId = reqUserRiskScoreVO.getUserToken();
+                log.info("===============接收到撤销令牌指令, 删除令牌缓存:{}=============", userTokenId);
+                UserTokenInfoRespVO userToken = cacheBusiness.getUserToken(userTokenId);
+                if (null != userToken) {
+                    cacheBusiness.userTokenActionHandle(userToken, TokenActionEnum.OFFLINE.getValue());
+                }
+            } else if (actionEnum.equals(ActionEnum.lockAuthentication)) {
+                log.info("===============接收到鉴权锁定指令, 锁定人员标识：{}=============", userId);
+                cacheBusiness.lockUserAuthentication(userId);
+            }
+
+        }
+    }
+}