update

pom.xml

@@ -24,7 +24,7 @@
         <mysql-connector-java.version>8.0.27</mysql-connector-java.version>
         <mybatis-spring-boot-starter.version>2.2.0</mybatis-spring-boot-starter.version>
         <mybatis.version>3.5.7</mybatis.version>
-        <framework.version>1.0.15</framework.version>
+        <framework.version>1.0.16</framework.version>
 
         <!--        <slf4j.version>1.7.32</slf4j.version>-->
         <!--        <commons-lang3.version>3.12.0</commons-lang3.version>-->

src/main/java/com/zhiqiyun/open/config/RedisConfig.java

@@ -0,0 +1,67 @@
+package com.zhiqiyun.open.config;
+
+import com.alibaba.fastjson.parser.Feature;
+import com.alibaba.fastjson.serializer.SerializerFeature;
+import com.alibaba.fastjson.support.config.FastJsonConfig;
+import com.alibaba.fastjson.support.spring.FastJsonRedisSerializer;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.data.redis.serializer.StringRedisSerializer;
+
+/**
+ * @author jtoms
+ */
+@Configuration
+public class RedisConfig {
+
+    @Bean
+    @DependsOn("redisConnectionFactory")
+    public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) {
+        FastJsonRedisSerializer<Object> fastJsonRedisSerializer = new FastJsonRedisSerializer<>(Object.class);
+
+        FastJsonConfig fastJsonConfig = fastJsonRedisSerializer.getFastJsonConfig();
+        fastJsonConfig.setFeatures(Feature.SupportAutoType);
+        fastJsonConfig.setSerializerFeatures(SerializerFeature.WriteClassName);
+
+        RedisTemplate<String, Object> template = new RedisTemplate<>();
+
+        template.setConnectionFactory(redisConnectionFactory);
+
+        StringRedisSerializer stringRedisSerializer = new StringRedisSerializer();
+
+        // key采用String的序列化方式
+        template.setKeySerializer(stringRedisSerializer);
+        // hash的key也采用String的序列化方式
+        template.setHashKeySerializer(stringRedisSerializer);
+        // value序列化方式采用jackson
+        template.setValueSerializer(fastJsonRedisSerializer);
+        // hash的value序列化方式采用jackson
+        template.setHashValueSerializer(fastJsonRedisSerializer);
+        template.afterPropertiesSet();
+        return template;
+    }
+
+    @Bean
+    public StringRedisTemplate stringRedisTemplate(RedisConnectionFactory jedisConnectionFactory) {
+        StringRedisTemplate template = new StringRedisTemplate();
+
+        template.setConnectionFactory(jedisConnectionFactory);
+
+        StringRedisSerializer stringRedisSerializer = new StringRedisSerializer();
+        // key采用String的序列化方式
+        template.setKeySerializer(stringRedisSerializer);
+        // hash的key也采用String的序列化方式
+        template.setHashKeySerializer(stringRedisSerializer);
+        // value序列化方式采用jackson
+        template.setValueSerializer(stringRedisSerializer);
+        // hash的value序列化方式采用jackson
+        template.setHashValueSerializer(stringRedisSerializer);
+        template.afterPropertiesSet();
+        return template;
+    }
+
+}

src/main/java/com/zhiqiyun/open/config/RedisKeys.java

@@ -5,17 +5,22 @@ package com.zhiqiyun.open.config;
  */
 public interface RedisKeys {
 
-	/**
-	 * 用户登录标识
-	 */
-	String OAUTH = "OAUTH:%s";
+    /**
+     * 用户登录标识
+     */
+    String OAUTH = "OAUTH:%s";
 
-	/**
-	 * 验证码
-	 */
-	String CAPTCHA = "CAPTCHA:%s";
-	/**
-	 * 操作日志临时数据
-	 */
-	String USER_OPERATE_LOG_TEMP = "USER_OPERATE_LOG_TEMP:%s";
+    /**
+     * 验证码
+     */
+    String CAPTCHA = "CAPTCHA:%s";
+    /**
+     * 操作日志临时数据
+     */
+    String USER_OPERATE_LOG_TEMP = "USER_OPERATE_LOG_TEMP:%s";
+
+    /**
+     * AppKey获取Key
+     */
+    String APP_KEY_INFO = "APP_KEY_INFO:%s";
 }

src/main/java/com/zhiqiyun/open/core/models/ApiRequestLog.java

@@ -16,6 +16,7 @@ public class ApiRequestLog {
     private String method;
     private String version;
     private String requestBody;
+    private String responseData;
     private Date serviceBeginTime;
     private Date serviceEndTime;
     private String clientIp;

src/main/java/com/zhiqiyun/open/core/service/AppKeyInfoService.java

@@ -4,4 +4,11 @@ import com.baomidou.mybatisplus.extension.service.IService;
 import com.zhiqiyun.open.core.models.AppKeyInfo;
 
 public interface AppKeyInfoService extends IService<AppKeyInfo> {
+    /**
+     * 获取一个AppKeyInfo
+     *
+     * @param appKey
+     * @return
+     */
+    AppKeyInfo findByAppKey(String appKey);
 }

src/main/java/com/zhiqiyun/open/core/service/impl/AppKeyInfoServiceImpl.java

@@ -1,11 +1,35 @@
 package com.zhiqiyun.open.core.service.impl;
 
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.zhiqiyun.open.config.RedisKeys;
 import com.zhiqiyun.open.core.mapper.AppKeyInfoMapper;
 import com.zhiqiyun.open.core.models.AppKeyInfo;
+import com.zhiqiyun.open.core.models.OauthInfo;
 import com.zhiqiyun.open.core.service.AppKeyInfoService;
+import org.springframework.data.redis.core.BoundValueOperations;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
+import javax.annotation.Resource;
+
 @Service
 public class AppKeyInfoServiceImpl extends ServiceImpl<AppKeyInfoMapper, AppKeyInfo> implements AppKeyInfoService {
+
+    @Resource
+    private RedisTemplate<String, AppKeyInfo> redisTemplate;
+
+    @Override
+    public AppKeyInfo findByAppKey(String appKey) {
+        String redisKey = String.format(RedisKeys.APP_KEY_INFO, appKey);
+
+        BoundValueOperations<String, AppKeyInfo> boundValueOperations = this.redisTemplate.boundValueOps(redisKey);
+        AppKeyInfo appKeyInfo = boundValueOperations.get();
+        if (appKeyInfo == null) {
+            appKeyInfo = this.baseMapper.selectById(appKey);
+            if (appKeyInfo != null) {
+                boundValueOperations.set(appKeyInfo);
+            }
+        }
+        return appKeyInfo;
+    }
 }

src/main/java/com/zhiqiyun/open/mvc/manager/controller/AppKeyInfoController.java

@@ -76,9 +76,6 @@ public class AppKeyInfoController {
         if (StringUtils.isNotBlank(params.getClientIp())) {
             queryWrapper.eq("client_ip", params.getClientIp());
         }
-        if (StringUtils.isNotBlank(params.getRequestBody())) {
-            queryWrapper.like("request_body", params.getRequestBody());
-        }
         if (params.getServiceBeginTime() != null) {
             queryWrapper.between("service_begin_time", params.getServiceBeginTime().getStatDate(), params.getServiceBeginTime().getEndDate());
         }

src/main/java/com/zhiqiyun/open/mvc/manager/params/QueryApiRequestLogParams.java

@@ -14,7 +14,6 @@ public class QueryApiRequestLogParams extends QueryPageParams {
     private String appKey;
     private String method;
     private String version;
-    private String requestBody;
     private RangeDate serviceBeginTime;
     private String clientIp;
 

src/main/java/com/zhiqiyun/open/router/config/DbBaseAppSecretManager.java

@@ -12,7 +12,7 @@ public class DbBaseAppSecretManager implements AppSecretManager {
 
     @Override
     public boolean isValidAppKey(String appKey) {
-        AppKeyInfo appSecretInfo = this.appKeyInfoService.getById(appKey);
-        return appSecretInfo != null;
+        AppKeyInfo appKeyInfo = this.appKeyInfoService.findByAppKey(appKey);
+        return appKeyInfo != null;
     }
 }

src/main/java/com/zhiqiyun/open/router/config/DesTransportSecurity.java

@@ -15,8 +15,8 @@ public class DesTransportSecurity implements TransportSecurity {
     @Override
     public String responseEncrypt(String appKey, String s) {
         if (StringUtils.isNotBlank(appKey)) {
-            AppKeyInfo appSecretInfo = this.appKeyInfoService.getById(appKey);
-            s = DES.encrypt(appSecretInfo.getEncryptKey(), s);
+            AppKeyInfo appKeyInfo = this.appKeyInfoService.findByAppKey(appKey);
+            s = DES.encrypt(appKeyInfo.getEncryptKey(), s);
         }
         return s;
     }
@@ -24,8 +24,8 @@ public class DesTransportSecurity implements TransportSecurity {
     @Override
     public String requestDecrypt(String appKey, String s) {
         if (StringUtils.isNotBlank(appKey)) {
-            AppKeyInfo appSecretInfo = this.appKeyInfoService.getById(appKey);
-            s = DES.decrypt(appSecretInfo.getEncryptKey(), s);
+            AppKeyInfo appKeyInfo = this.appKeyInfoService.findByAppKey(appKey);
+            s = DES.decrypt(appKeyInfo.getEncryptKey(), s);
         }
         return s;
     }

src/main/java/com/zhiqiyun/open/router/config/RequestLogInterceptor.java

@@ -4,6 +4,7 @@ import com.alibaba.fastjson.JSON;
 import com.dliyun.oap.framework.annotation.ServiceMethod;
 import com.dliyun.oap.framework.context.OapRequestContext;
 import com.dliyun.oap.framework.interceptor.AbstractOapInterceptor;
+import com.dliyun.oap.framework.response.OapResponse;
 import com.zhiqiyun.open.core.models.ApiRequestLog;
 import com.zhiqiyun.open.core.service.ApiRequestLogService;
 import com.zhiqiyun.open.utils.DateUtil;
@@ -50,6 +51,10 @@ public class RequestLogInterceptor extends AbstractOapInterceptor {
                 requestLog.setServiceBeginTime(new Date(orc.getServiceBeginTime()));
                 requestLog.setServiceEndTime(new Date(orc.getServiceEndTime()));
                 requestLog.setClientIp(orc.getClientIp());
+                OapResponse response = orc.getOapResponse();
+                if (response != null) {
+                    requestLog.setResponseData(JSON.toJSONString(response));
+                }
                 this.apiRequestLogService.save(requestLog);
             } catch (Exception e) {
                 log.warn("save ApiRequestLog error", e);

src/main/java/com/zhiqiyun/open/router/config/ServicePermissionController.java

@@ -0,0 +1,23 @@
+package com.zhiqiyun.open.router.config;
+
+import com.dliyun.oap.framework.security.ServiceAccessController;
+import com.zhiqiyun.open.core.models.AppKeyInfo;
+import com.zhiqiyun.open.core.service.AppKeyInfoService;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import java.util.List;
+
+public class ServicePermissionController implements ServiceAccessController {
+
+    @Autowired
+    private AppKeyInfoService appKeyInfoService;
+
+    public boolean isAppGranted(String appKey, String method, String version) {
+        AppKeyInfo appKeyInfo = this.appKeyInfoService.findByAppKey(appKey);
+        if (appKeyInfo == null) {
+            return false;
+        }
+        List<String> permissions = appKeyInfo.getPermissions();
+        return permissions != null && permissions.contains(String.format("%s:%s", method, version));
+    }
+}

src/main/resources/application.properties

@@ -13,9 +13,6 @@ spring.datasource.password=liucheng123@
 mybatis-plus.config-location=classpath:mybatis/sqlMapConfig.xml
 mybatis-plus.mapper-locations=classpath:mybatis/mappers/*.xml
 mybatis-plus.type-enums-package=com.zhiqiyun.open.core.enmus
-#mybatis-plus.configuration.default-enum-type-handler=com.baomidou.mybatisplus.core.handlers.MybatisEnumTypeHandler
-#mybatis-plus.type-handlers-package=com.zhiqiyun.open.mybatis.typeHandler
-
 #######################redis###############################
 spring.redis.host=39.99.217.107
 spring.redis.password=hnylredis@
@@ -25,7 +22,7 @@ spring.redis.database=0
 #spring.oap.security.file-upload-controller-class=com.dliyun.oap.framework.impl.DefaultFileUploadController
 spring.oap.security.app-secret-manager-class=com.zhiqiyun.open.router.config.DbBaseAppSecretManager
 spring.oap.service.transport-security-class=com.zhiqiyun.open.router.config.DesTransportSecurity
-#spring.oap.security.service-access-controller-class=com.dliyun.oap.framework.impl.DefaultServiceAccessController
+spring.oap.security.service-access-controller-class=com.zhiqiyun.open.router.config.ServicePermissionController
 #spring.oap.security.invoke-times-controller-class=com.dliyun.oap.framework.impl.DefaultInvokeTimesController
 #\u7EBF\u7A0B\u6C60\u914D\u7F6E
 #spring.oap.executor.core-pool-size=5

src/main/resources/db/migration/V1.0.1__app_key.sql

@@ -29,6 +29,7 @@ CREATE TABLE `api_request_log`
     `method`             VARCHAR(50) NULL DEFAULT NULL,
     `version`            VARCHAR(50) NULL DEFAULT NULL,
     `request_body`       TEXT        NULL DEFAULT NULL,
+    `response_data`      TEXT        NULL DEFAULT NULL,
     `client_ip`          VARCHAR(64) NOT NULL,
     `service_begin_time` DATETIME    NOT NULL,
     `service_end_time`   DATETIME    NOT NULL,