密钥管理接口
This commit is contained in:
liulu
parent
6893a1aca3
commit
be7bb30fd4
@ -8,6 +8,7 @@ import java.util.Objects;
|
||||
|
||||
/**
|
||||
* 数据的填充模式
|
||||
*
|
||||
* @author Cheney
|
||||
*/
|
||||
@Getter
|
||||
|
||||
@ -14,6 +14,8 @@ public interface KeyInfoService {
|
||||
|
||||
Page<KeyInfoDTO.KeyView> selectPageList(KeyInfoDTO.Query query);
|
||||
|
||||
KeyInfoDTO.KeyView selectById(Long id);
|
||||
|
||||
Long save(KeyInfoDTO.KeySave save);
|
||||
|
||||
void update(KeyInfoDTO.KeyUpdate update);
|
||||
|
||||
@ -158,6 +158,35 @@ public class KeyInfoServiceImpl implements KeyInfoService {
|
||||
return new Page<KeyInfoDTO.KeyView>(page.getCurrent(), page.getSize(), page.getTotal()).setRecords(viewList);
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeyInfoDTO.KeyView selectById(Long id) {
|
||||
KeyInfo keyInfo = keyInfoMapper.selectById(id);
|
||||
Assert.notNull(keyInfo, "密钥ID不存在");
|
||||
LocalDateTime now = LocalDateTime.now();
|
||||
KeyInfoDTO.KeyView view = new KeyInfoDTO.KeyView();
|
||||
BeanUtils.copyProperties(keyInfo, view);
|
||||
Optional.of(keyInfo.getKeyType()).map(KeyCategory::of).map(KeyCategory::getDesc).ifPresent(view::setKeyTypeText);
|
||||
Map<String, String> usageMap = KeyUsage.getUsage(keyInfo.getKeyUsage())
|
||||
.stream()
|
||||
.collect(Collectors.toMap(KeyUsage::getCode, KeyUsage::getDesc));
|
||||
view.setKeyUsages(new ArrayList<>(usageMap.keySet()));
|
||||
view.setKeyUsageText(String.join(",", usageMap.values()));
|
||||
KeyStatus keyStatus = KeyStatus.of(keyInfo.getStatus());
|
||||
if (KeyStatus.ENABLED == keyStatus) {
|
||||
if (now.isBefore(keyInfo.getEffectiveTime())) {
|
||||
view.setStatus(KeyStatus.WAIT_ENABLED.getCode());
|
||||
view.setStatusText(KeyStatus.WAIT_ENABLED.getDesc());
|
||||
} else if (now.isAfter(keyInfo.getExpiredTime())) {
|
||||
view.setStatus(KeyStatus.EXPIRED.getCode());
|
||||
view.setStatusText(KeyStatus.EXPIRED.getDesc());
|
||||
}
|
||||
}
|
||||
if (ObjectUtils.isEmpty(view.getStatusText())) {
|
||||
view.setStatusText(keyStatus.getDesc());
|
||||
}
|
||||
return view;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long save(KeyInfoDTO.KeySave save) {
|
||||
|
||||
@ -218,7 +247,7 @@ public class KeyInfoServiceImpl implements KeyInfoService {
|
||||
|
||||
List<KeyInfo> keyInfos = keyInfoMapper.selectBatchIds(ids);
|
||||
if (CollectionUtils.isEmpty(keyInfos)) {
|
||||
log.warn("enableKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
|
||||
log.warn("updateKey no exist key with ids: {}", ids.stream().map(String::valueOf).collect(Collectors.joining(",")));
|
||||
return;
|
||||
}
|
||||
List<String> unNormalCodes = keyInfos.stream()
|
||||
|
||||
@ -0,0 +1,26 @@
|
||||
package com.sunyard.chsm.param;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import javax.validation.constraints.Max;
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/17
|
||||
*/
|
||||
@Data
|
||||
public class KeyCreateReq {
|
||||
|
||||
/**
|
||||
* 密钥模版编码
|
||||
*/
|
||||
@NotNull(message = "密钥模版不能为空")
|
||||
private String keyTemplateCode;
|
||||
/**
|
||||
* 生成数量
|
||||
*/
|
||||
@NotNull(message = "生成数量不能为空")
|
||||
@Max(value = 100, message = "一次最多生成100个密钥")
|
||||
private Integer genNumber;
|
||||
}
|
||||
@ -0,0 +1,30 @@
|
||||
package com.sunyard.chsm.param;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/17
|
||||
*/
|
||||
@Data
|
||||
public class KeyInfoQuery {
|
||||
|
||||
/**
|
||||
* 当前页
|
||||
*/
|
||||
private int pageNumber = 1;
|
||||
/**
|
||||
* 每页大小
|
||||
*/
|
||||
private int pageSize = 10;
|
||||
/**
|
||||
* 密钥状态
|
||||
*/
|
||||
private String status;
|
||||
/**
|
||||
* 密钥类型: sym_key 对称密钥, asym_key 非对称密钥
|
||||
*/
|
||||
private String keyType;
|
||||
|
||||
|
||||
}
|
||||
@ -0,0 +1,56 @@
|
||||
package com.sunyard.chsm.param;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/17
|
||||
*/
|
||||
@Data
|
||||
public class KeyInfoResp {
|
||||
|
||||
/**
|
||||
* 密钥ID
|
||||
*/
|
||||
private String KeyId;
|
||||
/**
|
||||
* 密钥算法
|
||||
*/
|
||||
private String keyAlg;
|
||||
/**
|
||||
* 密钥类型
|
||||
*/
|
||||
private String keyType;
|
||||
private String keyTypeText;
|
||||
/**
|
||||
* 密钥用途
|
||||
*/
|
||||
private List<String> keyUsages;
|
||||
private String keyUsageText;
|
||||
/**
|
||||
* 校验算法
|
||||
*/
|
||||
private String checkAlg;
|
||||
/**
|
||||
* 校验值
|
||||
*/
|
||||
private String checkValue;
|
||||
/**
|
||||
* 密钥状态
|
||||
*/
|
||||
private String status;
|
||||
private String statusText;
|
||||
/**
|
||||
* 生效时间
|
||||
*/
|
||||
private LocalDateTime effectiveTime;
|
||||
/**
|
||||
* 过期时间
|
||||
*/
|
||||
private LocalDateTime expiredTime;
|
||||
private LocalDateTime createTime;
|
||||
|
||||
}
|
||||
@ -0,0 +1,22 @@
|
||||
package com.sunyard.chsm.param;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
import javax.validation.constraints.Size;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/17
|
||||
*/
|
||||
@Data
|
||||
public class KeyManageReq {
|
||||
|
||||
/**
|
||||
* 密钥id列表
|
||||
*/
|
||||
@Size(min = 1, max = 100, message = "密钥id列表长度在1-100之间")
|
||||
@NotNull(message = "密钥id列表不能为空")
|
||||
private List<Long> ids;
|
||||
}
|
||||
@ -0,0 +1,28 @@
|
||||
package com.sunyard.chsm.param;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import javax.validation.constraints.NotNull;
|
||||
import javax.validation.constraints.Size;
|
||||
import java.time.LocalDate;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/17
|
||||
*/
|
||||
@Data
|
||||
public class KeyUpdateReq {
|
||||
|
||||
/**
|
||||
* 密钥id列表
|
||||
*/
|
||||
@Size(min = 1, max = 100, message = "密钥id列表长度在1-100之间")
|
||||
@NotNull(message = "密钥id列表不能为空")
|
||||
private List<Long> ids;
|
||||
|
||||
/**
|
||||
* 新密钥生效时间 yyyy-MM-dd
|
||||
*/
|
||||
private LocalDate effectiveTime;
|
||||
}
|
||||
@ -1,7 +1,6 @@
|
||||
package com.sunyard.config;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonInclude;
|
||||
import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
|
||||
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
|
||||
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateDeserializer;
|
||||
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
|
||||
@ -62,7 +61,6 @@ public class WebConfig {
|
||||
javaTimeModule.addDeserializer(LocalDate.class, new LocalDateDeserializer(DateFormat.DATE));
|
||||
javaTimeModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(DateFormat.DATE_TIME));
|
||||
builder.modules(javaTimeModule);
|
||||
builder.serializerByType(Long.class, ToStringSerializer.instance);
|
||||
builder.serializationInclusion(JsonInclude.Include.NON_NULL);
|
||||
builder.failOnUnknownProperties(false);
|
||||
};
|
||||
|
||||
@ -19,21 +19,6 @@
|
||||
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!-- JUnit 5 API (仅单元测试使用)-->
|
||||
<dependency>
|
||||
<groupId>org.junit.jupiter</groupId>
|
||||
<artifactId>junit-jupiter-api</artifactId>
|
||||
<version>5.8.0</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<!-- Spring Boot Test (仅单元测试使用) -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.sunyard.chsm</groupId>
|
||||
<artifactId>chsm-common</artifactId>
|
||||
@ -54,6 +39,13 @@
|
||||
<groupId>io.jsonwebtoken</groupId>
|
||||
<artifactId>jjwt</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Spring Boot Test (仅单元测试使用) -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@ -17,5 +17,9 @@ public class UserContext {
|
||||
return (AppUser) requestAttributes.getAttribute(ATTRIBUTE_APP_USER, RequestAttributes.SCOPE_REQUEST);
|
||||
}
|
||||
|
||||
public static Long getCurrentAppId() {
|
||||
return getCurrentUser().getAppId();
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -1,17 +1,23 @@
|
||||
package com.sunyard.chsm.controller;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.sunyard.chsm.auth.AuthCode;
|
||||
import com.sunyard.chsm.constant.AuthCodeConst;
|
||||
import com.sunyard.chsm.model.R;
|
||||
import com.sunyard.chsm.model.dto.KeyInfoDTO;
|
||||
import com.sunyard.chsm.service.KeyInfoService;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
import com.sunyard.chsm.param.KeyCreateReq;
|
||||
import com.sunyard.chsm.param.KeyInfoQuery;
|
||||
import com.sunyard.chsm.param.KeyInfoResp;
|
||||
import com.sunyard.chsm.param.KeyManageReq;
|
||||
import com.sunyard.chsm.param.KeyUpdateReq;
|
||||
import com.sunyard.chsm.service.KeyManageService;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.validation.Valid;
|
||||
|
||||
/**
|
||||
* 密钥管理类接口
|
||||
@ -20,22 +26,106 @@ import javax.annotation.Resource;
|
||||
* @since 2024/12/6
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("/key/manage")
|
||||
@RequestMapping("/key")
|
||||
public class KeyManageController {
|
||||
|
||||
@Resource
|
||||
private KeyInfoService keyInfoService;
|
||||
private KeyManageService keyManageService;
|
||||
|
||||
/**
|
||||
* 查询密钥列表
|
||||
*
|
||||
* @param query 查询条件
|
||||
* @return 分页列表
|
||||
*/
|
||||
@PostMapping("/pageList")
|
||||
public R<Page<KeyInfoResp>> queryPageList(@RequestBody KeyInfoQuery query) {
|
||||
Page<KeyInfoResp> page = keyManageService.queryPageList(query);
|
||||
return R.data(page);
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询密钥详情
|
||||
*
|
||||
* @param id 查询条件
|
||||
* @return 分页列表
|
||||
*/
|
||||
@PostMapping("/info")
|
||||
public R<KeyInfoResp> queryInfo(Long id) {
|
||||
Assert.notNull(id, "密钥id不能为空");
|
||||
KeyInfoResp resp = keyManageService.queryInfo(id);
|
||||
return R.data(resp);
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建密钥
|
||||
*
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/gen")
|
||||
public R<Long> save(@Valid @RequestBody KeyCreateReq req) {
|
||||
Long id = keyManageService.create(req);
|
||||
return R.data(id);
|
||||
}
|
||||
|
||||
/**
|
||||
* 更新密钥
|
||||
*
|
||||
* @param req 参数
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/update")
|
||||
public R<Void> update(@Valid @RequestBody KeyUpdateReq req) {
|
||||
keyManageService.update(req);
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
/**
|
||||
* 启用密钥
|
||||
*
|
||||
* @param param 密钥id
|
||||
* @param req 密钥ids
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/enable")
|
||||
@AuthCode(AuthCodeConst.key_enable)
|
||||
public R<Void> enableKey(@Validated @RequestBody KeyInfoDTO.IDs param) {
|
||||
keyInfoService.enableKey(param.getIds());
|
||||
public R<Void> enableKey(@Valid @RequestBody KeyManageReq req) {
|
||||
keyManageService.enableKey(req.getIds());
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
/**
|
||||
* 停用密钥
|
||||
*
|
||||
* @param req 密钥id
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/disable")
|
||||
public R<Void> disableKey(@Valid @RequestBody KeyManageReq req) {
|
||||
keyManageService.disableKey(req.getIds());
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
/**
|
||||
* 归档密钥
|
||||
*
|
||||
* @param req 密钥id
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/archive")
|
||||
public R<Void> archiveKey(@Valid @RequestBody KeyManageReq req) {
|
||||
keyManageService.archiveKey(req.getIds());
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
/**
|
||||
* 销毁密钥
|
||||
*
|
||||
* @param req 密钥id
|
||||
* @return id
|
||||
*/
|
||||
@PostMapping("/destroy")
|
||||
public R<Void> destroyKey(@Valid @RequestBody KeyManageReq req) {
|
||||
keyManageService.destroyKey(req.getIds());
|
||||
return R.ok();
|
||||
}
|
||||
|
||||
|
||||
@ -1,8 +1,121 @@
|
||||
package com.sunyard.chsm.service;
|
||||
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import com.sunyard.chsm.auth.AppUser;
|
||||
import com.sunyard.chsm.auth.UserContext;
|
||||
import com.sunyard.chsm.mapper.KeyInfoMapper;
|
||||
import com.sunyard.chsm.model.dto.KeyInfoDTO;
|
||||
import com.sunyard.chsm.model.entity.KeyInfo;
|
||||
import com.sunyard.chsm.param.KeyCreateReq;
|
||||
import com.sunyard.chsm.param.KeyInfoQuery;
|
||||
import com.sunyard.chsm.param.KeyInfoResp;
|
||||
import com.sunyard.chsm.param.KeyUpdateReq;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/16
|
||||
*/
|
||||
public interface KeyManageService {
|
||||
@Slf4j
|
||||
@Service
|
||||
@Transactional
|
||||
public class KeyManageService {
|
||||
|
||||
@Resource
|
||||
private KeyInfoMapper keyInfoMapper;
|
||||
@Resource
|
||||
private KeyInfoService keyInfoService;
|
||||
|
||||
public Page<KeyInfoResp> queryPageList(KeyInfoQuery query) {
|
||||
KeyInfoDTO.Query nq = new KeyInfoDTO.Query();
|
||||
BeanUtils.copyProperties(query, nq);
|
||||
nq.setAppId(UserContext.getCurrentAppId());
|
||||
Page<KeyInfoDTO.KeyView> page = keyInfoService.selectPageList(nq);
|
||||
List<KeyInfoDTO.KeyView> records = page.getRecords();
|
||||
if (CollectionUtils.isEmpty(records)) {
|
||||
return new Page<>(page.getCurrent(), page.getSize(), page.getTotal());
|
||||
}
|
||||
List<KeyInfoResp> viewList = records.stream()
|
||||
.map(it -> {
|
||||
KeyInfoResp resp = new KeyInfoResp();
|
||||
BeanUtils.copyProperties(it, resp);
|
||||
resp.setKeyId(it.getCode());
|
||||
return resp;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
|
||||
return new Page<KeyInfoResp>(page.getCurrent(), page.getSize(), page.getTotal()).setRecords(viewList);
|
||||
}
|
||||
|
||||
public KeyInfoResp queryInfo(Long id) {
|
||||
checkIds(Collections.singletonList(id));
|
||||
KeyInfoDTO.KeyView view = keyInfoService.selectById(id);
|
||||
KeyInfoResp resp = new KeyInfoResp();
|
||||
BeanUtils.copyProperties(view, resp);
|
||||
resp.setKeyId(view.getCode());
|
||||
return resp;
|
||||
}
|
||||
|
||||
public Long create(KeyCreateReq req) {
|
||||
KeyInfoDTO.KeySave save = new KeyInfoDTO.KeySave();
|
||||
save.setApplicationId(UserContext.getCurrentAppId());
|
||||
save.setKeyTemplateCode(req.getKeyTemplateCode());
|
||||
save.setGenNumber(req.getGenNumber());
|
||||
return keyInfoService.save(save);
|
||||
}
|
||||
|
||||
|
||||
public void update(KeyUpdateReq req) {
|
||||
Assert.notNull(req.getEffectiveTime(), "新密钥生效时间不能为空");
|
||||
checkIds(req.getIds());
|
||||
KeyInfoDTO.KeyUpdate update = new KeyInfoDTO.KeyUpdate();
|
||||
update.setIds(req.getIds());
|
||||
update.setEffectiveTime(req.getEffectiveTime());
|
||||
keyInfoService.update(update);
|
||||
}
|
||||
|
||||
public void enableKey(List<Long> ids) {
|
||||
checkIds(ids);
|
||||
keyInfoService.enableKey(ids);
|
||||
}
|
||||
|
||||
public void disableKey(List<Long> ids) {
|
||||
checkIds(ids);
|
||||
keyInfoService.disableKey(ids);
|
||||
}
|
||||
|
||||
public void archiveKey(List<Long> ids) {
|
||||
checkIds(ids);
|
||||
keyInfoService.archiveKey(ids);
|
||||
}
|
||||
|
||||
public void destroyKey(List<Long> ids) {
|
||||
checkIds(ids);
|
||||
keyInfoService.destroyKey(ids);
|
||||
}
|
||||
|
||||
|
||||
private void checkIds(List<Long> ids) {
|
||||
AppUser appUser = UserContext.getCurrentUser();
|
||||
List<KeyInfo> keyInfos = keyInfoMapper.selectBatchIds(ids);
|
||||
Assert.notEmpty(keyInfos, "密钥ID不正确");
|
||||
String msg = keyInfos.stream()
|
||||
.filter(it -> !Objects.equals(it.getApplicationId(), appUser.getAppId()))
|
||||
.map(KeyInfo::getCode)
|
||||
.collect(Collectors.joining(", "));
|
||||
Assert.isTrue(ObjectUtils.isEmpty(msg), "密钥ID:" + msg + "不属于当前应用, 无权操作");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -1,16 +0,0 @@
|
||||
package com.sunyard.chsm.service.impl;
|
||||
|
||||
import com.sunyard.chsm.service.KeyManageService;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
/**
|
||||
* @author liulu
|
||||
* @since 2024/12/16
|
||||
*/
|
||||
@Slf4j
|
||||
@Service
|
||||
@Transactional
|
||||
public class KeyManageServiceImpl implements KeyManageService {
|
||||
}
|
||||
@ -1,4 +1,4 @@
|
||||
package com.sunyard.chsm.sdf;
|
||||
package sdf;
|
||||
|
||||
import com.sunyard.chsm.enums.ManufacturerModelEnum;
|
||||
import com.sunyard.chsm.sdf.adapter.SdfApiAdapter;
|
||||
6
pom.xml
6
pom.xml
@ -37,9 +37,11 @@
|
||||
<artifactId>lombok</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<!-- JUnit 5 API (仅单元测试使用)-->
|
||||
<dependency>
|
||||
<groupId>junit</groupId>
|
||||
<artifactId>junit</artifactId>
|
||||
<groupId>org.junit.jupiter</groupId>
|
||||
<artifactId>junit-jupiter-api</artifactId>
|
||||
<version>5.8.0</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user