Merge branch 'dev_externalappauth' into dev

epmet-commons/epmet-commons-dynamic-datasource/pom.xml

@@ -19,6 +19,12 @@
             <version>2.0.0</version>
             <scope>provided</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+            <scope>provided</scope>
+        </dependency>
     </dependencies>
 
     <build>

epmet-commons/epmet-commons-dynamic-datasource/src/main/java/com/epmet/commons/dynamic/datasource/aspect/DataSourceAspect.java

@@ -9,8 +9,8 @@
 package com.epmet.commons.dynamic.datasource.aspect;
 
 import com.epmet.commons.dynamic.datasource.annotation.DataSource;
-import com.epmet.commons.dynamic.datasource.bean.DataSourceParam;
 import com.epmet.commons.dynamic.datasource.config.DynamicContextHolder;
+import com.epmet.commons.dynamic.datasource.util.HttpRequestDataSourceNameFetcher;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -19,12 +19,12 @@ import org.aspectj.lang.annotation.Pointcut;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Component;
 
 import java.lang.reflect.Method;
-import java.lang.reflect.Parameter;
 
 /**
  * 多数据源，切面处理类
@@ -38,6 +38,9 @@ import java.lang.reflect.Parameter;
 public class DataSourceAspect  {
     protected Logger logger = LoggerFactory.getLogger(getClass());
 
+    @Autowired
+    private HttpRequestDataSourceNameFetcher httpRequestDataSourceNameFetcher;
+
     @Pointcut("@annotation(com.epmet.commons.dynamic.datasource.annotation.DataSource) " +
             "|| @within(com.epmet.commons.dynamic.datasource.annotation.DataSource)")
     public void dataSourcePointCut() {
@@ -55,12 +58,14 @@ public class DataSourceAspect  {
         if(targetDataSource != null || methodDataSource != null){
             String value;
             if(methodDataSource != null){
-                value = getDatasourceName(methodDataSource, signature.getMethod().getParameters(), point.getArgs());
+                value = getDatasourceName(methodDataSource);
             }else {
-                value = getDatasourceName(targetDataSource, signature.getMethod().getParameters(), point.getArgs());
+                value = getDatasourceName(targetDataSource);
             }
 
-            DynamicContextHolder.push(value);
+            if (StringUtils.isNotBlank(value)) {
+                DynamicContextHolder.push(value);
+            }
             logger.debug("set datasource is {}", value);
         }
 
@@ -77,33 +82,16 @@ public class DataSourceAspect  {
      * @param dataSource
      * @return
      */
-    public String getDatasourceName(DataSource dataSource, Parameter[] methodParameters, Object[] methodArgValues) {
+    public String getDatasourceName(DataSource dataSource) {
+        String dataSourceName = null;
         if (dataSource.datasourceNameFromArg()) {
-            // 1.从参数中动态获取数据源名称
+            // 1.优先从http header中动态获取数据源名称
-            String datasourceNameFromParam = getDatasourceNameFromArg(methodParameters, methodArgValues);
+            dataSourceName = httpRequestDataSourceNameFetcher.fetchDataSourceName();
-            if (StringUtils.isNotBlank(datasourceNameFromParam)) {
-                // 如果有DatasourceParam类型的参数并且设置了datasourceName值，那么返回这个值，否则使用硬编码的
-                return datasourceNameFromParam;
-            }
         }
-        // 2.硬编码指定数据源名称
+        // 2.硬编码指定默认的数据源名称
-        return dataSource.value();
+        if (StringUtils.isBlank(dataSourceName)) {
-    }
+            dataSourceName = dataSource.value();
-
-    /**
-     * 从参数中取数据源名称
-     * @param parameters
-     * @param argsObject
-     * @return
-     */
-    public String getDatasourceNameFromArg(Parameter[] parameters, Object[] argsObject) {
-        for (int i = 0; i < parameters.length; i++) {
-            if (parameters[i].getType() == DataSourceParam.class) {
-                DataSourceParam param = (DataSourceParam) argsObject[i];
-                return param.getDatasourceName();
-            }
         }
-
+        return dataSourceName;
-        return null;
     }
 }

epmet-commons/epmet-commons-dynamic-datasource/src/main/java/com/epmet/commons/dynamic/datasource/config/DynamicDataSource.java

@@ -8,6 +8,8 @@
 
 package com.epmet.commons.dynamic.datasource.config;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.datasource.lookup.AbstractRoutingDataSource;
 
 /**
@@ -18,9 +20,13 @@ import org.springframework.jdbc.datasource.lookup.AbstractRoutingDataSource;
  */
 public class DynamicDataSource extends AbstractRoutingDataSource {
 
+    private Logger logger = LoggerFactory.getLogger(getClass());
+
     @Override
     protected Object determineCurrentLookupKey() {
-        return DynamicContextHolder.peek();
+        String datasourceName = DynamicContextHolder.peek();
+        logger.info("使用的数据源名称为:{}", datasourceName);
+        return datasourceName;
     }
 
 }

epmet-commons/epmet-commons-dynamic-datasource/src/main/java/com/epmet/commons/dynamic/datasource/enums/DataSourceEnum.java

@@ -0,0 +1,48 @@
+package com.epmet.commons.dynamic.datasource.enums;
+
+/**
+ * 服务-数据源flag-数据源名称对应关系
+ */
+public enum DataSourceEnum {
+
+	DATA_STATISTICAL_REAL("data-statistical-server", "real", "stats"),
+	DATA_STATISTICAL_FAKE("data-statistical-server", "fake", "statsDisplay"),
+	DATA_REPORT_REAL("data-report-server", "real", "stats"),
+	DATA_REPORT_FAKE("data-report-server", "fake", "statsDisplay"),
+	;
+
+	// 服务名
+	private String serviceName;
+	// 数据源标记
+	private String flag;
+	// 数据源，跟yml中的数据源名称保持一致
+	private String dataSourceName;
+
+	DataSourceEnum(String serviceName, String flag, String dataSourceName) {
+		this.serviceName = serviceName;
+		this.flag = flag;
+		this.dataSourceName = dataSourceName;
+	}
+
+	public static DataSourceEnum getEnum(String serviceName, String flag) {
+		DataSourceEnum[] values = DataSourceEnum.values();
+		for (DataSourceEnum value : values) {
+			if (value.serviceName.equals(serviceName) && value.flag.equals(flag)) {
+				return value;
+			}
+		}
+		return null;
+	}
+
+	public String getServiceName() {
+		return serviceName;
+	}
+
+	public String getFlag() {
+		return flag;
+	}
+
+	public String getDataSourceName() {
+		return dataSourceName;
+	}
+}

epmet-commons/epmet-commons-dynamic-datasource/src/main/java/com/epmet/commons/dynamic/datasource/util/AbstractDataSourceNameFetcher.java

@@ -0,0 +1,13 @@
+package com.epmet.commons.dynamic.datasource.util;
+
+import com.epmet.commons.dynamic.datasource.enums.DataSourceEnum;
+
+public abstract class AbstractDataSourceNameFetcher {
+
+    public abstract String fetchDataSourceName();
+
+    //protected String getDataSourceName(String dataType, String serviceName) {
+    //    return DataSourceEnum.getEnum(serviceName, dataType)
+    //}
+
+}

epmet-commons/epmet-commons-dynamic-datasource/src/main/java/com/epmet/commons/dynamic/datasource/util/HttpRequestDataSourceNameFetcher.java

@@ -0,0 +1,44 @@
+package com.epmet.commons.dynamic.datasource.util;
+
+import com.epmet.commons.dynamic.datasource.enums.DataSourceEnum;
+import com.epmet.commons.tools.exception.RenException;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+/**
+ * Http请求中获取数据源名称
+ */
+@Component
+public class HttpRequestDataSourceNameFetcher extends AbstractDataSourceNameFetcher {
+
+    protected Logger logger = LoggerFactory.getLogger(getClass());
+
+    @Autowired
+    private Environment environment;
+
+    @Override
+    public String fetchDataSourceName() {
+        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        javax.servlet.http.HttpServletRequest request = requestAttributes.getRequest();
+        String dataType = request.getHeader("Data-Type");
+
+        logger.info("HttpRequestDataSourceNameFetcher获取到的DataType为:{}", dataType);
+        if (StringUtils.isBlank(dataType)) {
+            return null;
+        }
+
+        String serviceName = environment.getProperty("spring.application.name");
+        DataSourceEnum dataSourceEnum = DataSourceEnum.getEnum(serviceName, dataType);
+        if (dataSourceEnum == null) {
+            throw new RenException(String.format("根据前端传入的DataType[%s]无法找到对应的数据源。", dataType));
+        }
+        logger.info("HttpRequestDataSourceNameFetcher根据DataType:[{}]获取到的DataSourceEnum为{}", dataType, dataSourceEnum.getDataSourceName());
+        return dataSourceEnum.getDataSourceName();
+    }
+}

epmet-commons/epmet-commons-extapp-auth/src/main/java/com/epmet/commons/extappauth/aspect/ExternalAppRequestAuthAspect.java

@@ -37,6 +37,9 @@ public class ExternalAppRequestAuthAspect {
 
     public static final String ACCESS_TOKEN_HEADER_KEY = "AccessToken";
     public static final String APP_ID_HEADER_KEY = "appId";
+    public static final String APP_ID_TIMESTAMP_KEY = "ts";
+    public static final String APP_ID_CUSTOMER_ID_KEY = "CustomerId";
+    public static final String APP_ID_AUTY_TYPE_KEY = "AuthType";
 
     @Autowired
     private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient;
@@ -52,6 +55,9 @@ public class ExternalAppRequestAuthAspect {
         HttpServletRequest request = getRequest();
         String token = request.getHeader(ACCESS_TOKEN_HEADER_KEY);
         String appId = request.getHeader(APP_ID_HEADER_KEY);
+        String ts = request.getHeader(APP_ID_TIMESTAMP_KEY);
+        String customerId = request.getHeader(APP_ID_CUSTOMER_ID_KEY);
+        String authType = request.getHeader(APP_ID_AUTY_TYPE_KEY);
 
         if (StringUtils.isAnyBlank(token, appId)) {
             throw new RenException("请求头中的token和appId不能为空");
@@ -62,6 +68,11 @@ public class ExternalAppRequestAuthAspect {
         ExternalAppAuthFormDTO form = new ExternalAppAuthFormDTO();
         form.setAppId(appId);
         form.setToken(token);
+        form.setAuthType(authType);
+        if (StringUtils.isNotBlank(ts)) {
+            // 将字符串转化为时间
+            form.setTs(new Long(ts));
+        }
         Result<ExternalAppAuthResultDTO> result = commonServiceOpenFeignClient.externalAppAuth(form);
         if (result == null) {
             throw new RenException("调用服务进行外部应用认证，返回null");
@@ -84,7 +95,7 @@ public class ExternalAppRequestAuthAspect {
                 if (parameters[i].getType() == ExternalAppRequestParam.class) {
                     ExternalAppRequestParam requestParam = (ExternalAppRequestParam) point.getArgs()[i];
                     requestParam.setAppId(appId);
-                    requestParam.setCustomerId(authResult.getCustomerId());
+                    requestParam.setCustomerId(authResult.getCustomerId() == null ? customerId : authResult.getCustomerId());
                 }
             }
         }

epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java

@@ -104,6 +104,7 @@ public enum EpmetErrorCode {
     OPER_EXTERNAL_APP_AUTH_ERROR(8709, "外部应用认证失败"),
     OPER_EXTERNAL_CUSTOMER_NOT_EXISTS(8710, "该客户不存在"),
     OPER_EXTERNAL_APP_EXISTS(8711, "应用已存在"),
+    OPER_EXT_APP_SECRET_RESET_FAIL(8712, "秘钥更新失败"),
 
 	// 党建声音 前端提示 88段
 	DRAFT_CONTENT_IS_NULL(8801, "至少需要添加一个段落"),

epmet-module/data-statistical/data-statistical-client/src/main/java/com/epmet/constant/DataSourceConstant.java

@@ -4,6 +4,7 @@ public interface DataSourceConstant {
 
     String GOV_ORG = "govOrg";
     String STATS = "stats";
+    String STATS_DISPLAY = "statsDisplay";
     String GOV_ISSUE = "govIssue";
     String GOV_PROJECT = "govProject";
     String GOV_VOICE = "govVoice";

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/controller/DemoController.java

@@ -1,11 +1,15 @@
 package com.epmet.controller;
 
 import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.utils.Result;
 import com.epmet.dto.AgencySubTreeDto;
+import com.epmet.entity.stats.DimAgencyEntity;
 import com.epmet.service.StatsDemoService;
+import com.epmet.service.stats.DimAgencyService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -26,6 +30,9 @@ public class DemoController {
     @Autowired
     private ExecutorService executorService;
 
+    @Autowired
+    private DimAgencyService dimAgencyService;
+
     @GetMapping("testAlarm")
     public void testAlarm() {
         //for (int i = 0; i < 20; i++) {
@@ -91,4 +98,14 @@ public class DemoController {
         List<AgencySubTreeDto> result = demoService.getAllAgency();
         return result;
     }
+
+    /**
+     * 参数指定数据源
+     * @return
+     */
+    @PostMapping("paramDataSource")
+    public Result paramDataSource() {
+        List<DimAgencyEntity> list = dimAgencyService.getAgencyListByCustomerId("ba7c0b5b21e882b263ee8456e2cfb63e");
+        return new Result().ok(list);
+    }
 }

epmet-module/data-statistical/data-statistical-server/src/main/java/com/epmet/service/stats/impl/DimAgencyServiceImpl.java

@@ -19,12 +19,14 @@ package com.epmet.service.stats.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.epmet.commons.dynamic.datasource.annotation.DataSource;
 import com.epmet.commons.mybatis.service.impl.BaseServiceImpl;
 import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.page.PageData;
 import com.epmet.commons.tools.utils.ConvertUtils;
 import com.epmet.commons.tools.constant.FieldConstant;
+import com.epmet.constant.DataSourceConstant;
 import com.epmet.constant.DimAgencyConstant;
 import com.epmet.constant.RobotConstant;
 import com.epmet.constant.StatsSubject;
@@ -208,6 +210,7 @@ public class DimAgencyServiceImpl extends BaseServiceImpl<DimAgencyDao, DimAgenc
         return baseDao.selectTopAgency(customerId);
     }
 
+    @DataSource(value = DataSourceConstant.STATS, datasourceNameFromArg = true)
 	@Override
 	public List<DimAgencyEntity> getAgencyListByCustomerId(String customerId) {
         if (StringUtils.isBlank(customerId)){

epmet-module/data-statistical/data-statistical-server/src/main/resources/bootstrap.yml

@@ -155,6 +155,16 @@ dynamic:
       url: @datasource.druid.user.url@
       username: @datasource.druid.user.username@
       password: @datasource.druid.user.password@
+    stats:
+      driver-class-name: com.mysql.cj.jdbc.Driver
+      url: @datasource.druid.stats.url@
+      username: @datasource.druid.stats.username@
+      password: @datasource.druid.stats.password@
+    statsDisplay:
+      driver-class-name: com.mysql.cj.jdbc.Driver
+      url: @datasource.druid.statsdisplay.url@
+      username: @datasource.druid.statsdisplay.username@
+      password: @datasource.druid.statsdisplay.password@
 
 thread:
   # 线程池配置

epmet-module/data-statistical/data-statistical-server/src/main/resources/mapper/stats/DimAgencyDao.xml

@@ -128,6 +128,7 @@
             ID,
             CUSTOMER_ID,
             PID,
+            AGENCY_NAME,
             LEVEL
         FROM
             dim_agency

epmet-module/epmet-common-service/common-service-client/src/main/java/com/epmet/dto/form/ExternalAppAuthFormDTO.java

@@ -15,4 +15,14 @@ public class ExternalAppAuthFormDTO {
      */
     private String token;
 
+    /**
+     * 时间戳
+     */
+    private Long ts;
+
+    /**
+     * 认证类型：md5，jwt
+     */
+    private String authType;
+
 }

epmet-module/epmet-common-service/common-service-client/src/main/java/com/epmet/dto/form/ExternalAppFormDTO.java

@@ -9,8 +9,9 @@ public class ExternalAppFormDTO {
 
     public interface AddExternalApp {}
     public interface UpdateExternalApp {}
+    public interface UpdateAppSecret {}
 
-    @NotBlank(message = "缺少应用ID", groups = { UpdateExternalApp.class })
+    @NotBlank(message = "缺少应用ID", groups = { UpdateExternalApp.class, UpdateAppSecret.class })
     private String appId;
 
     @NotBlank(message = "缺少应用名称", groups = { AddExternalApp.class, UpdateExternalApp.class })

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/constant/ExtAppAuthTypeConstant.java

@@ -0,0 +1,8 @@
+package com.epmet.constant;
+
+public interface ExtAppAuthTypeConstant {
+
+    String JWT = "jwt";
+    String MD5 = "md5";
+
+}

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/controller/ExternalAppController.java

@@ -1,5 +1,6 @@
 package com.epmet.controller;
 
+import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
 import com.epmet.commons.tools.page.PageData;
 import com.epmet.commons.tools.utils.Result;
@@ -40,12 +41,14 @@ public class ExternalAppController {
     public Result<ExternalAppAuthResultDTO> auth(@RequestBody ExternalAppAuthFormDTO formDTO) {
         String appId = formDTO.getAppId();
         String token = formDTO.getToken();
+        Long ts = formDTO.getTs();
+        String authType = formDTO.getAuthType();
         if (StringUtils.isAnyBlank(token, appId)) {
             throw new RenException("请求头中的token和appId不能为空");
         }
 
         logger.info("外部应用请求认证拦截Aspect。appId:{}, token:{}", appId, token);
-        ExternalAppAuthResultDTO auth = externalAppAuthService.auth(appId, token);
+        ExternalAppAuthResultDTO auth = externalAppAuthService.auth(appId, token, ts, authType);
         return new Result<ExternalAppAuthResultDTO>().ok(auth);
     }
 
@@ -95,4 +98,20 @@ public class ExternalAppController {
         return new Result<PageData<ExternalAppResultDTO>>().ok(page);
     }
 
+    /**
+     * 重置应用秘钥
+     * @param formDTO
+     * @return
+     */
+    @PostMapping("/resetsecret")
+    public Result resetSecret(@RequestBody ExternalAppFormDTO formDTO) {
+        ValidatorUtils.validateEntity(formDTO, ExternalAppFormDTO.UpdateAppSecret.class);
+        String newSecret = externalAppService.resetSecret(formDTO.getAppId());
+        if (StringUtils.isBlank(newSecret)) {
+            return new Result().error(EpmetErrorCode.OPER_EXT_APP_SECRET_RESET_FAIL.getCode(),
+                    EpmetErrorCode.OPER_EXT_APP_SECRET_RESET_FAIL.getMsg());
+        }
+        return new Result().ok(newSecret);
+    }
+
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/dao/ExternalAppSecretDao.java

@@ -40,4 +40,5 @@ public interface ExternalAppSecretDao extends BaseDao<ExternalAppSecretEntity> {
      */
     ExternalAppSecretEntity getSecretsByAppId(@Param("appId") String appId);
 
+    int updateSecret(@Param("appId") String appId, @Param("secret") String secret);
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/ExternalAppAuthService.java

@@ -1,10 +1,9 @@
 package com.epmet.service;
 
 import com.epmet.dto.result.ExternalAppAuthResultDTO;
-import com.epmet.dto.result.ExternalAppResultDTO;
 
 public interface ExternalAppAuthService {
 
-    ExternalAppAuthResultDTO auth(String appId, String token);
+    ExternalAppAuthResultDTO auth(String appId, String token, Long ts, String authType);
 
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/ExternalAppService.java

@@ -32,4 +32,6 @@ public interface ExternalAppService {
     ExternalAppResultDTO updateById(String appId, String appName, String customerId);
 
     PageData<ExternalAppResultDTO> listPage(Integer pageNo, Integer pageSize, String customerId);
+
+    String resetSecret(String appId);
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppAuthServiceImpl.java

@@ -1,19 +1,10 @@
 package com.epmet.service.impl;
 
-import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.constant.ExtAppAuthTypeConstant;
-import com.epmet.commons.tools.exception.ExceptionUtils;
-import com.epmet.commons.tools.exception.RenException;
-import com.epmet.commons.tools.redis.RedisKeys;
-import com.epmet.commons.tools.redis.RedisUtils;
-import com.epmet.dao.ExternalAppDao;
-import com.epmet.dao.ExternalAppSecretDao;
 import com.epmet.dto.result.ExternalAppAuthResultDTO;
-import com.epmet.dto.result.ExternalAppResultDTO;
-import com.epmet.entity.ExternalAppEntity;
-import com.epmet.entity.ExternalAppSecretEntity;
 import com.epmet.service.ExternalAppAuthService;
-import com.epmet.utils.externalapp.ExtAppJwtTokenUtils;
+import com.epmet.utils.externalapp.ExtAppJwtAuthProcessor;
-import io.jsonwebtoken.Claims;
+import com.epmet.utils.externalapp.ExtAppMD5AuthProcessor;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -26,90 +17,23 @@ public class ExternalAppAuthServiceImpl implements ExternalAppAuthService {
     private static Logger logger = LoggerFactory.getLogger(ExternalAppAuthServiceImpl.class);
 
     @Autowired
-    private RedisUtils redisUtils;
+    private ExtAppJwtAuthProcessor jwtAuthProcessor;
 
     @Autowired
-    private ExtAppJwtTokenUtils jwtTokenUtils;
+    private ExtAppMD5AuthProcessor md5AuthProcessor;
-
-    @Autowired
-    private ExternalAppSecretDao externalAppSecretDao;
-
-    @Autowired
-    private ExternalAppDao externalAppDao;
-
-    private int diffMillins = 1000 * 60 * 5;
 
     @Override
-    public ExternalAppAuthResultDTO auth(String appId, String token) {
+    public ExternalAppAuthResultDTO auth(String appId, String token, Long ts, String authType) {
-        String secret;
+        // 没传或者传的jwt都用jwtprocessor处理
-        if (StringUtils.isBlank(secret = getTokenByAppId(appId))) {
+        if (StringUtils.isBlank(authType) || ExtAppAuthTypeConstant.JWT.equals(authType)) {
-            return fillAuthResult(false, String.format("根据AppId:%s没有找到对应的秘钥", appId), null);
+            return jwtAuthProcessor.auth(appId, token, ts);
+        } else if (ExtAppAuthTypeConstant.MD5.equals(authType)) {
+            return md5AuthProcessor.auth(appId, token, ts);
+        } else {
+            ExternalAppAuthResultDTO rst = new ExternalAppAuthResultDTO();
+            rst.setMessage("错误的认证类型");
+            rst.setSuccess(false);
+            return rst;
         }
-
-        Claims claim;
-        try {
-            claim = jwtTokenUtils.getClaimByToken(token, secret);
-        } catch (Exception e) {
-            String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
-            logger.error("解析token失败:{}", errorStackTrace);
-            return fillAuthResult(false, "解析token失败", null);
-        }
-
-        String appIdIn = (String)claim.get("appId");
-        String customerId = (String)claim.get("customerId");
-        Long timestamp = (Long)claim.get("ts");
-
-        //校验时间戳，允许5分钟误差
-        if (StringUtils.isAnyBlank(appIdIn, customerId) || timestamp == null) {
-            logger.error("access token不完整。{},{},{}", appIdIn, customerId, timestamp);
-            return fillAuthResult(false, "access token不完整。", null);
-        }
-
-        // TODO
-//        if (!validTimeStamp(timestamp)) {
-//            logger.error("服务器存在时差过大，请求被拒绝", appId, appIdIn);
-//            return fillAuthResult(false, "服务器存在时差过大，请求被拒绝", null);
-//        }
-
-        if (!appId.equals(appIdIn)) {
-            logger.error("AppId不对应，token外部的:{}, token内部解析出来的:{}", appId, appIdIn);
-            return fillAuthResult(false, "Header中的AppId不匹配", null);
-        }
-        return fillAuthResult(true, "解析成功", customerId);
-    }
-
-    private boolean validTimeStamp(Long timestamp) {
-        long now = System.currentTimeMillis();
-//        System.out.println(new Date(timestamp));
-        if (Math.abs(now - timestamp) > diffMillins) {
-            return false;
-        }
-        return true;
-    }
-
-    /**
-     * 通过APP ID查询对应的秘钥
-     * @param appId
-     * @return
-     */
-    public String getTokenByAppId(String appId) {
-        String secret = (String)redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
-        if (StringUtils.isBlank(secret)) {
-            ExternalAppSecretEntity secretEntity = externalAppSecretDao.getSecretsByAppId(appId);
-            if (secretEntity == null) {
-                return null;
-            }
-            secret = secretEntity.getSecret();
-            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
-        }
-        return secret;
-    }
-
-    public ExternalAppAuthResultDTO fillAuthResult(Boolean result, String message, String customerId) {
-        ExternalAppAuthResultDTO authResult = new ExternalAppAuthResultDTO();
-        authResult.setSuccess(result);
-        authResult.setMessage(message);
-        authResult.setCustomerId(customerId);
-        return authResult;
     }
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/service/impl/ExternalAppServiceImpl.java

@@ -130,4 +130,13 @@ public class ExternalAppServiceImpl implements ExternalAppService {
         return new PageData<>(list, pageInfo.getTotal());
     }
 
+    @Override
+    public String resetSecret(String appId) {
+        String secret = genSecret();
+        if (externalAppSecretDao.updateSecret(appId, secret) > 0) {
+            return secret;
+        }
+        return null;
+    }
+
 }

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppAuthProcessor.java

@@ -0,0 +1,73 @@
+package com.epmet.utils.externalapp;
+
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.dao.ExternalAppSecretDao;
+import com.epmet.dto.result.ExternalAppAuthResultDTO;
+import com.epmet.entity.ExternalAppSecretEntity;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+
+/**
+ * 外部应用认证处理器父类
+ */
+public abstract class ExtAppAuthProcessor {
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    @Autowired
+    private ExternalAppSecretDao externalAppSecretDao;
+
+    private int diffMillins = 1000 * 60 * 5;
+
+    public abstract ExternalAppAuthResultDTO auth(String appId, String token, Long ts);
+
+    /**
+     * 通过APP ID查询对应的秘钥
+     * @param appId
+     * @return
+     */
+    public String getTokenByAppId(String appId) {
+        String secret = (String)redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
+        if (StringUtils.isBlank(secret)) {
+            ExternalAppSecretEntity secretEntity = externalAppSecretDao.getSecretsByAppId(appId);
+            if (secretEntity == null) {
+                return null;
+            }
+            secret = secretEntity.getSecret();
+            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
+        }
+        return secret;
+    }
+
+    /**
+     * 时间戳校验
+     * @param timestamp
+     * @return
+     */
+    protected boolean validTimeStamp(Long timestamp) {
+        long now = System.currentTimeMillis();
+        if (Math.abs(now - timestamp) > diffMillins) {
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * 封装结果
+     * @param result
+     * @param message
+     * @param customerId
+     * @return
+     */
+    public ExternalAppAuthResultDTO fillAuthResult(Boolean result, String message, String customerId) {
+        ExternalAppAuthResultDTO authResult = new ExternalAppAuthResultDTO();
+        authResult.setSuccess(result);
+        authResult.setMessage(message);
+        authResult.setCustomerId(customerId);
+        return authResult;
+    }
+
+}

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtAuthProcessor.java

@@ -0,0 +1,61 @@
+package com.epmet.utils.externalapp;
+
+import com.epmet.commons.tools.exception.ExceptionUtils;
+import com.epmet.dto.result.ExternalAppAuthResultDTO;
+import io.jsonwebtoken.Claims;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+/**
+ * jwt 认证处理器
+ */
+@Component
+public class ExtAppJwtAuthProcessor extends ExtAppAuthProcessor {
+
+    private static Logger logger = LoggerFactory.getLogger(ExtAppJwtAuthProcessor.class);
+
+    @Autowired
+    private ExtAppJwtTokenUtils jwtTokenUtils;
+
+    public ExternalAppAuthResultDTO auth(String appId, String token, Long ts) {
+        String secret;
+        if (StringUtils.isBlank(secret = getTokenByAppId(appId))) {
+            return fillAuthResult(false, String.format("根据AppId:%s没有找到对应的秘钥", appId), null);
+        }
+
+        Claims claim;
+        try {
+            claim = jwtTokenUtils.getClaimByToken(token, secret);
+        } catch (Exception e) {
+            String errorStackTrace = ExceptionUtils.getErrorStackTrace(e);
+            logger.error("解析token失败:{}", errorStackTrace);
+            return fillAuthResult(false, "解析token失败", null);
+        }
+
+        String appIdIn = (String)claim.get("appId");
+        String customerId = (String)claim.get("customerId");
+        Long timestamp = (Long)claim.get("ts");
+
+        //校验时间戳，允许5分钟误差
+        if (StringUtils.isAnyBlank(appIdIn, customerId) || timestamp == null) {
+            logger.error("access token不完整。{},{},{}", appIdIn, customerId, timestamp);
+            return fillAuthResult(false, "access token不完整。", null);
+        }
+
+        // TODO 暂时去掉时间差判断
+        //if (!validTimeStamp(timestamp)) {
+        //    logger.error("服务器存在时差过大，请求被拒绝");
+        //    return fillAuthResult(false, "服务器存在时差过大，请求被拒绝", null);
+        //}
+
+        if (!appId.equals(appIdIn)) {
+            logger.error("AppId不对应，token外部的:{}, token内部解析出来的:{}", appId, appIdIn);
+            return fillAuthResult(false, "Header中的AppId不匹配", null);
+        }
+
+        return fillAuthResult(true, "解析成功，认证成功", customerId);
+    }
+}

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppJwtTokenUtils.java

@@ -75,11 +75,13 @@ public class ExtAppJwtTokenUtils {
 
     public static void genToken() {
         HashMap<String, Object> claim = new HashMap<>();
-        claim.put("appId", "227fb75ae4baa820755aaf43bf7f0a69");
+        claim.put("appId", "2c448b7da527055fbeebb628f8d3dcb0");
         claim.put("customerId", "c1");
-        claim.put("ts", System.currentTimeMillis() - 1000 * 60 * 4);
+        long ts = System.currentTimeMillis() - 1000 * 60 * 4;
+        System.out.println("时间戳:" + ts);
+        claim.put("ts", ts);
 
-        String abc = new ExtAppJwtTokenUtils().createToken(claim, "4a762660254c57996343f8ee42fbc0a6");
+        String abc = new ExtAppJwtTokenUtils().createToken(claim, "d4b73db4cf8e46ef99fa1f95149c2791ef2396fded114dd09e406cbce83fc88a");
         System.out.println(abc);
     }
 

epmet-module/epmet-common-service/common-service-server/src/main/java/com/epmet/utils/externalapp/ExtAppMD5AuthProcessor.java

@@ -0,0 +1,42 @@
+package com.epmet.utils.externalapp;
+
+import com.epmet.commons.tools.utils.Md5Util;
+import com.epmet.dto.result.ExternalAppAuthResultDTO;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+/**
+ * md5 认证处理器
+ */
+@Component
+public class ExtAppMD5AuthProcessor extends ExtAppAuthProcessor {
+
+    private static Logger logger = LoggerFactory.getLogger(ExtAppMD5AuthProcessor.class);
+
+    public ExternalAppAuthResultDTO auth(String appId, String token, Long ts) {
+        if (ts == null) {
+            return fillAuthResult(false, "需要传入时间戳参数", null);
+        }
+        String secret;
+        if (StringUtils.isBlank(secret = getTokenByAppId(appId))) {
+            return fillAuthResult(false, String.format("根据AppId:%s没有找到对应的秘钥", appId), null);
+        }
+
+        String localDigest = Md5Util.md5(secret.concat(":") + ts);
+        if (!localDigest.equals(token)) {
+            // 调用方生成的摘要跟本地生成的摘要不匹配
+            return fillAuthResult(false, "签名不匹配，认证失败", null);
+        }
+
+        // TODO 暂时去掉时间差判断
+        //if (!validTimeStamp(ts)) {
+        //    logger.error("服务器存在时差过大，请求被拒绝");
+        //    return fillAuthResult(false, "服务器存在时差过大，请求被拒绝", null);
+        //}
+
+        return fillAuthResult(true, "签名匹配，认证成功", null);
+    }
+
+}

epmet-module/epmet-common-service/common-service-server/src/main/resources/db/migration/V0.0.3__extApp.sql

@@ -0,0 +1,56 @@
+SET NAMES utf8mb4;
+SET FOREIGN_KEY_CHECKS = 0;
+
+CREATE TABLE `external_app` (
+  `ID` varchar(64) NOT NULL COMMENT '主键',
+  `APP_NAME` varchar(64) NOT NULL COMMENT 'APP名字',
+  `CUSTOMER_ID` varchar(64) DEFAULT NULL COMMENT '客户ID',
+  `DEL_FLAG` tinyint(1) DEFAULT NULL COMMENT '是否删除，0：未删除，1：已删除',
+  `REVISION` int(10) DEFAULT NULL COMMENT '乐观锁',
+  `CREATED_BY` varchar(64) DEFAULT NULL COMMENT '创建者id',
+  `CREATED_TIME` datetime DEFAULT NULL COMMENT '创建时间',
+  `UPDATED_BY` varchar(64) DEFAULT NULL COMMENT '更新者id',
+  `UPDATED_TIME` datetime DEFAULT NULL COMMENT '更新时间',
+  PRIMARY KEY (`ID`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='外部应用列表';
+
+CREATE TABLE `external_app_secret` (
+  `ID` varchar(64) NOT NULL COMMENT '主键',
+  `APP_ID` varchar(64) NOT NULL COMMENT 'APP ID',
+  `SECRET` varchar(255) NOT NULL COMMENT '秘钥',
+  `DEL_FLAG` tinyint(1) DEFAULT NULL COMMENT '是否删除，0：未删除，1：已删除',
+  `REVISION` int(10) DEFAULT NULL COMMENT '乐观锁',
+  `CREATED_BY` varchar(64) DEFAULT NULL COMMENT '创建者id',
+  `CREATED_TIME` datetime DEFAULT NULL COMMENT '创建时间',
+  `UPDATED_BY` varchar(64) DEFAULT NULL COMMENT '更新者id',
+  `UPDATED_TIME` datetime DEFAULT NULL COMMENT '更新时间',
+  PRIMARY KEY (`ID`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='外部应用秘钥列表';
+
+CREATE TABLE `external_customer` (
+  `ID` varchar(64) NOT NULL COMMENT '客户ID',
+  `CUSTOMER_NAME` varchar(255) NOT NULL COMMENT '客户名称',
+  `DEL_FLAG` tinyint(1) DEFAULT NULL COMMENT '是否删除，0：未删除，1：已删除',
+  `REVISION` int(10) DEFAULT NULL COMMENT '乐观锁',
+  `CREATED_BY` varchar(64) DEFAULT NULL COMMENT '创建者id',
+  `CREATED_TIME` datetime DEFAULT NULL COMMENT '创建时间',
+  `UPDATED_BY` varchar(64) DEFAULT NULL COMMENT '更新者id',
+  `UPDATED_TIME` datetime DEFAULT NULL COMMENT '更新时间',
+  PRIMARY KEY (`ID`) USING BTREE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+BEGIN;
+INSERT INTO `external_app` VALUES ('227fb75ae4baa820755aaf43bf7f0a69', '便捷通行', '7e07311f4c4a56c65fa1dd5d16e0b743', 0, 0, 'wxz', '2020-08-18 13:39:32', 'wxz', '2020-08-18 13:39:37');
+INSERT INTO `external_app` VALUES ('acc4ad66c82a7b46e741364b4c62dce2', '市北大屏', 'b09527201c4409e19d1dbc5e3c3429a1', 0, 0, 'wxz', '2020-08-18 13:39:32', 'wxz', '2020-08-18 13:39:37');
+INSERT INTO `external_app` VALUES ('dbfad3110c124c89948d16e8b06a8888', '数据采集', 'b09527201c4409e19d1dbc5e3c3429a1', 0, 0, 'wxz', '2020-08-18 13:39:32', 'wxz', '2020-08-18 13:39:37');
+
+INSERT INTO `external_app_secret` VALUES ('44ed58fd256ae51b473b6ff8555c7131', '227fb75ae4baa820755aaf43bf7f0a69', 'a44a4fc41eb513cd93a0f957db3ef764e189e6aebb2369471396a8c3b32f61ed', 0, 0, 'wxz', '2020-08-18 13:40:03', 'xz', '2020-08-18 13:40:07');
+INSERT INTO `external_app_secret` VALUES ('95d16f5fe76d1139023107476871a077', 'dbfad3110c124c89948d16e8b06a8888', '0f7e983b017ac180b0da1877abe11bab22ab6288580e64d39b5e415dbb0fcc8f', 0, 0, 'wxz', '2020-08-18 13:40:03', 'xz', '2020-08-18 13:40:07');
+INSERT INTO `external_app_secret` VALUES ('9ca67b7b02dc2e80e9ba6ba4793aea54', 'acc4ad66c82a7b46e741364b4c62dce2', '612d304095c50369c3ef06e490f05779eeb8f19ff16566c73aeafafc5fa01970', 0, 0, 'wxz', '2020-08-18 13:40:03', 'xz', '2020-08-18 13:40:07');
+
+INSERT INTO `external_customer` VALUES ('7e07311f4c4a56c65fa1dd5d16e0b743', '外挂功能', 0, 0, 'wxz', '2020-08-19 14:21:52', 'APP_USER', '2020-08-21 15:23:35');
+INSERT INTO `external_customer` VALUES ('b09527201c4409e19d1dbc5e3c3429a1', '市北党建', 0, 0, 'wxz', '2020-08-19 14:21:52', 'wxz', '2020-08-19 14:21:58');
+
+COMMIT;
+
+SET FOREIGN_KEY_CHECKS = 1;

epmet-module/epmet-common-service/common-service-server/src/main/resources/mapper/ExternalAppSecretDao.xml

@@ -15,6 +15,13 @@
         <result property="updatedTime" column="UPDATED_TIME"/>
     </resultMap>
 
+    <!--更新秘钥-->
+    <update id="updateSecret">
+        update external_app_secret
+        set SECRET=#{secret}
+        where ID = #{appId}
+    </update>
+
     <select id="getSecretsByAppId" resultType="com.epmet.entity.ExternalAppSecretEntity">
         SELECT
             ID,