Merge branch '84-integrate' into 'develop'

20220622 版本



1. 新增用户信息获取方法

2. dubbo 及 fastjson 版本漏洞修复



See merge request !3

smsb-customer-manager-adapter/pom.xml

@@ -22,8 +22,12 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
         <dependency>
-            <groupId>com.alibaba.cloud</groupId>
-            <artifactId>spring-cloud-starter-dubbo</artifactId>
+            <groupId>org.apache.dubbo</groupId>
+            <artifactId>dubbo-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
         </dependency>
         <!--<dependency>
             <groupId>org.springframework.boot</groupId>

smsb-customer-manager-aop/pom.xml

@@ -32,8 +32,12 @@
             <optional>true</optional>
         </dependency>
         <dependency>
-            <groupId>com.alibaba.cloud</groupId>
-            <artifactId>spring-cloud-starter-dubbo</artifactId>
+            <groupId>org.apache.dubbo</groupId>
+            <artifactId>dubbo-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
         </dependency>
         <dependency>
             <groupId>jakarta.servlet</groupId>

smsb-customer-manager-app/pom.xml

@@ -22,8 +22,12 @@
             <artifactId>lombok</artifactId>
         </dependency>
         <dependency>
-            <groupId>com.alibaba.cloud</groupId>
-            <artifactId>spring-cloud-starter-dubbo</artifactId>
+            <groupId>org.apache.dubbo</groupId>
+            <artifactId>dubbo-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
         </dependency>
         <dependency>
             <groupId>com.inspur</groupId>
@@ -35,7 +39,7 @@
         <dependency>
             <groupId>org.keycloak</groupId>
             <artifactId>keycloak-admin-client</artifactId>
-            <version>18.0.0</version>
+            <version>16.1.0</version>
         </dependency>
         <!--HttpClient -->
         <dependency>

smsb-customer-manager-app/src/main/java/com/inspur/customer/service/keycloak/KeycloakServiceImpl.java

@@ -2,19 +2,24 @@ package com.inspur.customer.service.keycloak;
 
 import com.inspur.customer.service.client.keycloak.KeycloakService;
 import com.inspur.customer.service.dto.KeycloakUserCO;
+import com.inspur.customer.service.dto.Pair;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.dubbo.config.annotation.DubboService;
 import org.keycloak.admin.client.Keycloak;
+import org.keycloak.admin.client.resource.RealmResource;
 import org.keycloak.admin.client.resource.UserResource;
 import org.keycloak.representations.idm.GroupRepresentation;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.representations.idm.UserRepresentation;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cache.annotation.Cacheable;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
 
 import javax.annotation.Resource;
 import java.util.*;
 import java.util.concurrent.atomic.AtomicReference;
+import java.util.stream.Collectors;
 
 @Slf4j
 @DubboService
@@ -78,6 +83,7 @@ public class KeycloakServiceImpl implements KeycloakService {
             if (userRepresentation != null) {
                 KeycloakUserCO keycloakUserCo = new KeycloakUserCO();
                 keycloakUserCo.setId(userRepresentation.getId());
+                keycloakUserCo.setUsername(userRepresentation.getUsername());
                 keycloakUserCo.setEmail(userRepresentation.getEmail());
                 Map<String, List<String>> attributes = userRepresentation.getAttributes();
                 if (attributes != null) {
@@ -126,4 +132,81 @@ public class KeycloakServiceImpl implements KeycloakService {
         return Collections.emptyList();
     }
 
+    @Override
+    public List<String> getAiAuditEnabledGroups() {
+        List<GroupRepresentation> groups = keycloak.realm(realm).groups().groups();
+        List<String> aiAudit = groups.stream().filter(groupRepresentation -> {
+            Map<String, List<String>> attributes = groupRepresentation.getAttributes();
+            if (attributes != null) {
+                List<String> list = attributes.get("aiAudit");
+                return !CollectionUtils.isEmpty(list) && "1".equals(list.get(0));
+            }
+            return false;
+        }).map(GroupRepresentation::getPath).collect(Collectors.toList());
+        return aiAudit;
+    }
+
+    @Override
+    public List<KeycloakUserCO> getGroupSupervisor(String group) {
+        return getUserByRoleAndGroup(group, "ROLE_OPERATION_SUPERVISOR");
+    }
+
+    @Override
+    public List<KeycloakUserCO> getSuperAdmin() {
+        return keycloak.realm(realm).roles().get("ROLE_SUPER_ADMIN").getRoleUserMembers()
+            .stream()
+            .map(this::transfer)
+            .collect(Collectors.toList());
+    }
+
+    @Override
+    public List<KeycloakUserCO> getGroupAdmin(String group) {
+        return getUserByRoleAndGroup(group, "ROLE_ADMIN");
+    }
+
+    @Override
+    public String getSingleAttrByGroupPath(String group, String key) {
+        List<String> list = getAttrByGroupPath(group, key);
+        if (CollectionUtils.isEmpty(list)) {
+            return null;
+        } else {
+            return list.get(0);
+        }
+    }
+
+    @Override
+    public List<KeycloakUserCO> searchUserByAttrEntry(List<Pair> pairList) {
+        String search = pairList.stream()
+            .filter(t -> Objects.nonNull(t) && Objects.nonNull(t.getKey()) && Objects.nonNull(t.getValue()))
+            .map(t -> t.getKey() + ":" + t.getValue())
+            .collect(Collectors.joining(" "));
+        return keycloak.realm(realm).users().searchByAttributes(search).stream().map(this::transfer).collect(Collectors.toList());
+    }
+
+    private List<KeycloakUserCO> getUserByRoleAndGroup(String group, String role) {
+        if (!StringUtils.hasText(group) || !StringUtils.hasText(role)) {
+            return Collections.emptyList();
+        }
+        RealmResource realmResource = keycloak.realm(this.realm);
+        List<UserRepresentation> members = realmResource.groups().group(realmResource.getGroupByPath(group).getId()).members();
+        Set<String> set = realmResource.roles().get(role).getRoleUserMembers().stream().map(UserRepresentation::getId).collect(Collectors.toSet());
+        return members.stream().filter(t -> set.contains(t.getId())).map(this::transfer).collect(Collectors.toList());
+    }
+
+    private KeycloakUserCO transfer(UserRepresentation userRepresentation) {
+        if (userRepresentation == null) {
+            return null;
+        }
+        KeycloakUserCO keycloakUserCo = new KeycloakUserCO();
+        keycloakUserCo.setId(userRepresentation.getId());
+        keycloakUserCo.setUsername(userRepresentation.getUsername());
+        keycloakUserCo.setEmail(userRepresentation.getEmail());
+        Map<String, List<String>> attributes = userRepresentation.getAttributes();
+        if (attributes != null) {
+            keycloakUserCo.setPhone(attributes.get("phone"));
+            keycloakUserCo.setWechat(attributes.get("wechat"));
+            keycloakUserCo.setWechatApplet(attributes.get("wechat-applet-openid"));
+        }
+        return keycloakUserCo;
+    }
 }

smsb-customer-manager-client/src/main/java/com/inspur/customer/service/client/keycloak/KeycloakService.java

@@ -1,5 +1,7 @@
 package com.inspur.customer.service.client.keycloak;
 import com.inspur.customer.service.dto.KeycloakUserCO;
+import com.inspur.customer.service.dto.Pair;
+
 import java.util.List;
 import java.util.Map;
 
@@ -46,4 +48,27 @@ public interface KeycloakService {
      * @return
      */
     List<String> getAttrByGroupPath(String groupPath, String key);
+
+    /**
+     * getAiAuditList
+     *
+     * @return
+     */
+    List<String> getAiAuditEnabledGroups();
+
+    List<KeycloakUserCO> getGroupSupervisor(String group);
+
+    List<KeycloakUserCO> getSuperAdmin();
+
+    List<KeycloakUserCO> getGroupAdmin(String group);
+
+    String getSingleAttrByGroupPath(String group, String key);
+
+    /**
+     * 根据属性键值对查找用户
+     *
+     * @param entries 属性键值对
+     * @return 找到的用户
+     */
+    List<KeycloakUserCO> searchUserByAttrEntry(List<Pair> entries);
 }

smsb-customer-manager-client/src/main/java/com/inspur/customer/service/dto/KeycloakUserCO.java

@@ -18,6 +18,8 @@ public class KeycloakUserCO implements Serializable {
 
     private String id;
 
+    private String username;
+
     private String phone;
 
     private String email;

smsb-customer-manager-client/src/main/java/com/inspur/customer/service/dto/Pair.java

@@ -0,0 +1,22 @@
+package com.inspur.customer.service.dto;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+
+/**
+ * @author zengweijie
+ * @version 1.0
+ * @date 2022/6/23 9:43
+ **/
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class Pair implements Serializable {
+
+    private static final long serialVersionUID = -5443549207721208232L;
+    private String key;
+    private String value;
+}

smsb-customer-manager-start-web/src/main/resources/bootstrap.yml

@@ -1,6 +1,4 @@
 spring:
-  profiles:
-    active: dev
   main:
     allow-bean-definition-overriding: true
     allow-circular-references: true
@@ -14,9 +12,3 @@ spring:
       config:
         file-extension: yml
         refresh-enabled: true
-        group: ${spring.application.name}
-        namespace: 1365e7bc-51b7-44fe-a902-7327e4c9ed4a
-      discovery:
-        namespace: 1365e7bc-51b7-44fe-a902-7327e4c9ed4a
-system:
-  appKey: 10.180.88.71

smsb-customer-manager-start-web/src/test/java/com/inspur/customer/KeycloakTest.java

@@ -0,0 +1,37 @@
+package com.inspur.customer;
+
+import lombok.extern.slf4j.Slf4j;
+import org.junit.jupiter.api.Test;
+import org.keycloak.admin.client.Keycloak;
+import org.keycloak.representations.idm.UserRepresentation;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+
+import javax.annotation.Resource;
+import java.util.List;
+import java.util.Optional;
+
+/**
+ * @author zengweijie
+ * @version 1.0
+ * @date 2022/6/22 17:32
+ **/
+@Slf4j
+@SpringBootTest
+public class KeycloakTest {
+    @Resource
+    Keycloak keycloak;
+    @Value("${keycloak.realm}")
+    private String realm;
+
+    @Test
+    void test() {
+        List<UserRepresentation> userRepresentations = keycloak.realm(realm).users().searchByAttributes("wechat-applet-openid:oLBkj42qubLayXZWmFlGnKh5X");
+        for (UserRepresentation userRepresentation : userRepresentations) {
+            log.info(userRepresentation.toString());
+            log.info(userRepresentation.getUsername());
+            Optional.ofNullable(userRepresentation.getAttributes()).ifPresent(t -> log.info(t.toString()));
+            log.info("_______________________________");
+        }
+    }
+}