лет назад: 8 · c4bf85cb53
--- a/CenterService/doc/response_protocol.json
+++ b/CenterService/doc/response_protocol.json
@@ -1,7 +1,7 @@
 
				 {
			
 
				   "orders": {
			
 
				-    "TransactionId": "100000000020180409224736000001",
			
 
				-    "ResponseTime": "20180409224736",
			
 
				+    "transactionId": "100000000020180409224736000001",
			
 
				+    "responseTime": "20180409224736",
			
 
				     "sign": "这个服务是否要求MD5签名",
			
 
				     "response": {//这个是centerOrder 返回的状态结果
			
 
				       "code": "1999",
			
--- a/CenterService/src/main/java/com/java110/center/smo/impl/CenterServiceSMOImpl.java
+++ b/CenterService/src/main/java/com/java110/center/smo/impl/CenterServiceSMOImpl.java
@@ -11,6 +11,7 @@ import com.java110.common.constant.KafkaConstant;
 
				 import com.java110.common.constant.MappingConstant;
			
 
				 import com.java110.common.constant.ResponseConstant;
			
 
				 import com.java110.common.exception.*;
			
 
				+import com.java110.common.factory.AuthenticationFactory;
			
 
				 import com.java110.common.factory.DataFlowFactory;
			
 
				 import com.java110.common.kafka.KafkaFactory;
			
 
				 import com.java110.common.log.LoggerEngine;
			
@@ -169,6 +170,13 @@ public class CenterServiceSMOImpl extends LoggerEngine implements ICenterService
 
				             throw new NoAuthorityException(ResponseConstant.RESULT_CODE_NO_AUTHORITY_ERROR, "transactionId 不能为空");
			
 
				         }
			
 
				 
			
 
				+        if(!StringUtil.isNullOrNone(dataFlow.getAppRoutes().get(0).getSecurityCode())){
			
 
				+            String sign = AuthenticationFactory.dataFlowMd5(dataFlow);
			
 
				+            if(!sign.equals(dataFlow.getReqSign())){
			
 
				+                throw new NoAuthorityException(ResponseConstant.RESULT_CODE_NO_AUTHORITY_ERROR, "签名失败");
			
 
				+            }
			
 
				+        }
			
 
				+
			
 
				         if (StringUtil.isNullOrNone(dataFlow.getUserId())) {
			
 
				             //添加耗时
			
 
				             DataFlowFactory.addCostTime(dataFlow, "judgeAuthority", "鉴权耗时", startDate);
			
--- a/java110-common/src/main/java/com/java110/common/factory/AuthenticationFactory.java
+++ b/java110-common/src/main/java/com/java110/common/factory/AuthenticationFactory.java
@@ -0,0 +1,56 @@
 
				+package com.java110.common.factory;
			
 
				+
			
 
				+import com.java110.common.constant.ResponseConstant;
			
 
				+import com.java110.common.exception.NoAuthorityException;
			
 
				+import com.java110.entity.center.DataFlow;
			
 
				+import org.apache.commons.codec.digest.DigestUtils;
			
 
				+
			
 
				+import javax.naming.AuthenticationException;
			
 
				+import java.io.UnsupportedEncodingException;
			
 
				+
			
 
				+/**
			
 
				+ *
			
 
				+ * 鉴权工厂类
			
 
				+ * Created by wuxw on 2018/4/23.
			
 
				+ */
			
 
				+public class AuthenticationFactory {
			
 
				+
			
 
				+    /**
			
 
				+     * md5签名
			
 
				+     * @param inStr
			
 
				+     * @return
			
 
				+     */
			
 
				+    public static String md5(String inStr) throws NoAuthorityException{
			
 
				+        try {
			
 
				+            return DigestUtils.md5Hex(inStr.getBytes("UTF-8"));
			
 
				+        } catch (UnsupportedEncodingException e) {
			
 
				+            throw new NoAuthorityException(ResponseConstant.RESULT_CODE_NO_AUTHORITY_ERROR,"MD5签名过程中出现错误");
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * dataFlow 对象签名
			
 
				+     * @param dataFlow
			
 
				+     * @return
			
 
				+     */
			
 
				+    public static String dataFlowMd5(DataFlow dataFlow) throws NoAuthorityException{
			
 
				+        if(dataFlow == null){
			
 
				+            throw new NoAuthorityException(ResponseConstant.RESULT_CODE_NO_AUTHORITY_ERROR,"MD5签名过程中出现错误");
			
 
				+        }
			
 
				+        String reqInfo = dataFlow.getTransactionId() + dataFlow.getAppId() + dataFlow.getReqBusiness().toJSONString();
			
 
				+        return md5(reqInfo);
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * md5加密
			
 
				+     * @param transactionId 流水
			
 
				+     * @param appId 应用ID
			
 
				+     * @param businesses 内容
			
 
				+     * @return
			
 
				+     */
			
 
				+    public static String md5(String transactionId,String appId,String businesses){
			
 
				+        return md5(transactionId+appId+businesses);
			
 
				+    }
			
 
				+}
			
 
				+
			
 
				+
			
--- a/java110-common/src/main/java/com/java110/common/util/ResponseTemplateUtil.java
+++ b/java110-common/src/main/java/com/java110/common/util/ResponseTemplateUtil.java
@@ -3,6 +3,7 @@ package com.java110.common.util;
 
				 import com.alibaba.fastjson.JSONArray;
			
 
				 import com.alibaba.fastjson.JSONObject;
			
 
				 import com.java110.common.constant.ResponseConstant;
			
 
				+import com.java110.common.factory.AuthenticationFactory;
			
 
				 import com.java110.entity.center.DataFlow;
			
 
				 
			
 
				 import java.util.Date;
			
@@ -49,9 +50,13 @@ public class ResponseTemplateUtil {
 
				 
			
 
				         JSONObject responseInfo = JSONObject.parseObject("{\"orders\":{\"response\":{}}}");
			
 
				         JSONObject orderInfo = responseInfo.getJSONObject("orders");
			
 
				-        orderInfo.put("TransactionId",transactionId);
			
 
				-        orderInfo.put("ResponseTime",DateUtil.getDefaultFormateTimeString(new Date()));
			
 
				-        orderInfo.put("sign",sign);
			
 
				+        orderInfo.put("transactionId",transactionId);
			
 
				+        orderInfo.put("responseTime",DateUtil.getDefaultFormateTimeString(new Date()));
			
 
				+        if(StringUtil.isNullOrNone(sign)) {
			
 
				+            orderInfo.put("sign", AuthenticationFactory.md5(transactionId, orderInfo.getString("responseTime"), business != null && business.size() > 0 ? business.toJSONString() : ""));
			
 
				+        }else {
			
 
				+            orderInfo.put("sign",sign);
			
 
				+        }
			
 
				         JSONObject orderResponseInfo = orderInfo.getJSONObject("response");
			
 
				         orderResponseInfo.put("code",code);
			
 
				         orderResponseInfo.put("message",message);
			
@@ -79,7 +84,11 @@ public class ResponseTemplateUtil {
 
				      * @return
			
 
				      */
			
 
				     public static JSONObject createCommonResponseJson(DataFlow dataFlow){
			
 
				-        return dataFlow.getResponseBusinessJson();
			
 
				+        JSONObject responseJson = dataFlow.getResponseBusinessJson();
			
 
				+        JSONObject orders = responseJson.getJSONObject("orders");
			
 
				+        JSONArray business = responseJson.getJSONArray("business");
			
 
				+        orders.put("sign",AuthenticationFactory.md5(orders.getString("transactionId"),orders.getString("responseTime"),business.toJSONString()));
			
 
				+        return responseJson;
			
 
				     }
			
 
				 
			
 
				     /**
			
--- a/java110-config/db/CenterService/create_table.db
+++ b/java110-config/db/CenterService/create_table.db
@@ -196,7 +196,7 @@ insert into c_service(service_code,invoke_model,business_type_cd,`name`,seq,url,
 
				 values('query.user.userInfo','1','Q','用户信息查询',1,'http://...','8000418001','0');
			
 
				 
			
 
				 insert into c_service(service_code,invoke_model,business_type_cd,`name`,seq,url,provide_app_id,status_cd)
			
 
				-values('query.order.orderInfo','1','Q','订单信息',1,'http://localhost:8001/queryApi/query','8000418001','0');
			
 
				+values('query.order.orderInfo','1','Q','订单信息',1,'http://center-service/businessApi/query','8000418001','0');
			
 
				 
			
 
				 INSERT INTO c_service_sql(service_code,`name`,params,query_model,`sql`,proc,template,remark,status_cd)
			
 
				 VALUES('query.order.orderInfo','订单信息','oId','1','{
			
--- a/java110-config/src/main/resources/mapper/service/QueryServiceDAOImplMapper.xml
+++ b/java110-config/src/main/resources/mapper/service/QueryServiceDAOImplMapper.xml
@@ -20,15 +20,23 @@
 
				         <parameter property="resMsg" javaType="java.lang.String" jdbcType="CLOB" mode="OUT" />
			
 
				     </parameterMap>
			
 
				 
			
 
				-    <!--保存订单信息 c_orders 中 -->
			
 
				+    <!--执行查询sql -->
			
 
				     <select id="executeSql" parameterType="String" resultType="Map">
			
 
				         ${value}
			
 
				     </select>
			
 
				+    <!--执行 update sql-->
			
 
				+    <update id="updateSql" parameterMap="String">
			
 
				+        ${value}
			
 
				+    </update>
			
 
				 
			
 
				     <select id="executeProc" parameterMap="qryProcParam">
			
 
				         {call ${procNameInfo}?)}
			
 
				     </select>
			
 
				 
			
 
				+    <update id="updateProc" parameterMap="qryProcParam">
			
 
				+        {call ${procNameInfo}?)}
			
 
				+    </update>
			
 
				+
			
 
				     <select id="qureyServiceSqlAll" resultMap="serviceSqlMap">
			
 
				         SELECT css.service_code,css.name,css.params,css.query_model,css.sql,
			
 
				         css.proc,css.template,css.remark,css.status_cd
			
--- a/java110-service/src/main/java/com/java110/service/dao/IQueryServiceDAO.java
+++ b/java110-service/src/main/java/com/java110/service/dao/IQueryServiceDAO.java
@@ -18,6 +18,8 @@ public interface IQueryServiceDAO {
 
				      */
			
 
				     public List<Map> executeSql(String sql);
			
 
				 
			
 
				+    public int updateSql(String sql);
			
 
				+
			
 
				     /**
			
 
				      * 执行存储过程
			
 
				      * @param paramsInfo
			
@@ -25,5 +27,8 @@ public interface IQueryServiceDAO {
 
				      */
			
 
				     public String executeProc(Map<String,Object> paramsInfo);
			
 
				 
			
 
				+
			
 
				+    public String updateProc(Map<String,Object> paramsInfo);
			
 
				+
			
 
				     public List<ServiceSql> qureyServiceSqlAll();
			
 
				 }
			
--- a/java110-service/src/main/java/com/java110/service/dao/impl/QueryServiceDAOImpl.java
+++ b/java110-service/src/main/java/com/java110/service/dao/impl/QueryServiceDAOImpl.java
@@ -23,6 +23,10 @@ public class QueryServiceDAOImpl extends BaseServiceDao implements IQueryService
 
				         return sqlSessionTemplate.selectList("queryServiceDAOImpl.executeSql",sql);
			
 
				     }
			
 
				 
			
 
				+    public int updateSql(String sql){
			
 
				+        return sqlSessionTemplate.update("queryServiceDAOImpl.updateSql",sql);
			
 
				+    }
			
 
				+
			
 
				     @Override
			
 
				     public String executeProc(Map<String,Object> paramsInfo) {
			
 
				         String paramsInfoStr = "";
			
@@ -45,6 +49,28 @@ public class QueryServiceDAOImpl extends BaseServiceDao implements IQueryService
 
				         return paramsInfo.get("resMsg") ==null ?"" :paramsInfo.get("resMsg").toString();
			
 
				     }
			
 
				 
			
 
				+    @Override
			
 
				+    public String updateProc(Map<String,Object> paramsInfo) {
			
 
				+        String paramsInfoStr = "";
			
 
				+        for (String key : paramsInfo.keySet()){
			
 
				+            if("procName".equals(key)){
			
 
				+                paramsInfoStr += (paramsInfo.get("procName") + "(");
			
 
				+            }else{
			
 
				+                if(StringUtil.isNullOrNone(paramsInfo.get(key))){
			
 
				+                    paramsInfoStr += "'',";
			
 
				+                }else{
			
 
				+                    paramsInfoStr += "'"+paramsInfo.get(key)+"',";
			
 
				+                }
			
 
				+            }
			
 
				+        }
			
 
				+
			
 
				+        paramsInfo.put("paramsInfo",paramsInfoStr);
			
 
				+
			
 
				+        sqlSessionTemplate.update("queryServiceDAOImpl.updateProc",paramsInfo);
			
 
				+
			
 
				+        return paramsInfo.get("resMsg") ==null ?"" :paramsInfo.get("resMsg").toString();
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * 查询 ServiceSql
			
 
				      * @return
			
--- a/java110-service/src/main/java/com/java110/service/rest/QueryApi.java
+++ b/java110-service/src/main/java/com/java110/service/rest/QueryApi.java
@@ -21,12 +21,12 @@ import java.util.Map;
 
				  * Created by wuxw on 2018/4/20.
			
 
				  */
			
 
				 @RestController
			
 
				-public class QueryApi extends BaseController {
			
 
				+public class BusinessApi extends BaseController {
			
 
				 
			
 
				     @Autowired
			
 
				     private IQueryServiceSMO queryServiceSMOImpl;
			
 
				 
			
 
				-    @RequestMapping(path = "/queryApi/query",method= RequestMethod.GET)
			
 
				+    @RequestMapping(path = "/businessApi/query",method= RequestMethod.GET)
			
 
				     public String queryGet(HttpServletRequest request) {
			
 
				         return ResponseTemplateUtil.createBusinessResponseJson(ResponseConstant.RESULT_CODE_ERROR,"不支持Get方法请求").toJSONString();
			
 
				     }
			
@@ -48,7 +48,7 @@ public class QueryApi extends BaseController {
 
				      * @return
			
 
				      */
			
 
				     @RequestMapping(path = "/queryApi/query",method= RequestMethod.POST)
			
 
				-    public String servicePost(@RequestBody String businessInfo) {
			
 
				+    public String queryPost(@RequestBody String businessInfo) {
			
 
				         try {
			
 
				             DataQuery dataQuery = DataQueryFactory.newInstance().builder(businessInfo);
			
 
				             initConfig(dataQuery);
			
@@ -60,6 +60,40 @@ public class QueryApi extends BaseController {
 
				         }
			
 
				     }
			
 
				 
			
 
				+    @RequestMapping(path = "/businessApi/do",method= RequestMethod.GET)
			
 
				+    public String doGet(HttpServletRequest request) {
			
 
				+        return ResponseTemplateUtil.createBusinessResponseJson(ResponseConstant.RESULT_CODE_ERROR,"不支持Get方法请求").toJSONString();
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * {
			
 
				+     "bId":"12345678",
			
 
				+     "serviceCode": "querycustinfo",
			
 
				+     "serviceName": "查询客户",
			
 
				+     "remark": "备注",
			
 
				+     "datas": {
			
 
				+     "params": {
			
 
				+     //这个做查询时的参数
			
 
				+     }
			
 
				+     //这里是具体业务
			
 
				+     }
			
 
				+     }
			
 
				+     * @param businessInfo
			
 
				+     * @return
			
 
				+     */
			
 
				+    @RequestMapping(path = "/businessApi/do",method= RequestMethod.POST)
			
 
				+    public String doPost(@RequestBody String businessInfo) {
			
 
				+        try {
			
 
				+            DataQuery dataQuery = DataQueryFactory.newInstance().builder(businessInfo);
			
 
				+            initConfig(dataQuery);
			
 
				+            queryServiceSMOImpl.commonDoService(dataQuery);
			
 
				+            return dataQuery.getResponseInfo().toJSONString();
			
 
				+        }catch (Exception e){
			
 
				+            logger.error("请求订单异常",e);
			
 
				+            return ResponseTemplateUtil.createBusinessResponseJson(ResponseConstant.RESULT_CODE_ERROR,e.getMessage()+e).toJSONString();
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * 初始化配置
			
 
				      * @param dataQuery
			
--- a/java110-service/src/main/java/com/java110/service/smo/IQueryServiceSMO.java
+++ b/java110-service/src/main/java/com/java110/service/smo/IQueryServiceSMO.java
@@ -17,4 +17,13 @@ public interface IQueryServiceSMO {
 
				      * @throws BusinessException
			
 
				      */
			
 
				     public void commonQueryService(DataQuery dataQuery) throws BusinessException;
			
 
				+
			
 
				+
			
 
				+    /**
			
 
				+     * c_common_sql
			
 
				+     * 公共受理服务
			
 
				+     * @return
			
 
				+     * @throws BusinessException
			
 
				+     */
			
 
				+    public void commonDoService(DataQuery dataQuery) throws BusinessException;
			
 
				 }
			
--- a/java110-service/src/main/java/com/java110/service/smo/impl/QueryServiceSMOImpl.java
+++ b/java110-service/src/main/java/com/java110/service/smo/impl/QueryServiceSMOImpl.java
@@ -57,7 +57,72 @@ public class QueryServiceSMOImpl extends LoggerEngine implements IQueryServiceSM
 
				         }
			
 
				 
			
 
				     }
			
 
				+    @Override
			
 
				+    public void commonDoService(DataQuery dataQuery) throws BusinessException {
			
 
				+        //查询缓存查询 对应处理的ServiceSql
			
 
				+        try {
			
 
				+            ServiceSql currentServiceSql = ServiceSqlCache.getServiceSql(dataQuery.getServiceCode());
			
 
				+            if (currentServiceSql == null) {
			
 
				+                throw new BusinessException(ResponseConstant.RESULT_CODE_INNER_ERROR,"未提供该服务 serviceCode = " + dataQuery.getServiceCode());
			
 
				+            }
			
 
				+            if ("".equals(currentServiceSql.getQueryModel())) {
			
 
				+                throw new BusinessException(ResponseConstant.RESULT_CODE_INNER_ERROR,"配置服务 serviceCode = " + dataQuery.getServiceCode() + " 错误，未配置QueryModel,请联系管理员");
			
 
				+            }
			
 
				+            dataQuery.setServiceSql(currentServiceSql);
			
 
				+            if (CommonConstant.QUERY_MODEL_SQL.equals(currentServiceSql.getQueryModel())) {
			
 
				+                doExecuteUpdateSql(dataQuery);
			
 
				+                return;
			
 
				+            }
			
 
				+            doExecuteUpdateProc(dataQuery);
			
 
				+        }catch (BusinessException e){
			
 
				+            logger.error("公用查询异常：",e);
			
 
				+            dataQuery.setResponseInfo(ResponseTemplateUtil.createBusinessResponseJson(ResponseConstant.RESULT_PARAM_ERROR,
			
 
				+                    e.getMessage()));
			
 
				+        }
			
 
				+
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * {"PARAM:"{
			
 
				+     "param1": "$.a.#A#Object",
			
 
				+     "param2": "$.a.b.A#B#Array",
			
 
				+     "param3": "$.a.b.c.A.B#C#Array"
			
 
				+     },"TEMPLATE":"{}"
			
 
				+     }
			
 
				+     * 执行sql
			
 
				+     * @param dataQuery
			
 
				+     */
			
 
				+    private void doExecuteUpdateSql(DataQuery dataQuery) throws BusinessException{
			
 
				+
			
 
				+        try {
			
 
				+            JSONObject params = dataQuery.getRequestParams();
			
 
				+            JSONObject sqlObj = JSONObject.parseObject(dataQuery.getServiceSql().getSql());
			
 
				 
			
 
				+            String currentSql = "";
			
 
				+            for(String key : sqlObj.keySet()) {
			
 
				+                currentSql = sqlObj.getString(key);
			
 
				+                String[] sqls = currentSql.split("#");
			
 
				+                String currentSqlNew = "";
			
 
				+                for (int sqlIndex = 0; sqlIndex < sqls.length; sqlIndex++) {
			
 
				+                    if (sqlIndex % 2 == 0) {
			
 
				+                        currentSqlNew += sqls[sqlIndex];
			
 
				+                        continue;
			
 
				+                    }
			
 
				+                    currentSqlNew += params.get(sqls[sqlIndex]) instanceof Integer ? params.getInteger(sqls[sqlIndex]) : "'" + params.getString(sqls[sqlIndex]) + "'";
			
 
				+                }
			
 
				+
			
 
				+                int flag = queryServiceDAOImpl.updateSql(currentSqlNew);
			
 
				+
			
 
				+                if (flag < 1) {
			
 
				+                    throw new BusinessException(ResponseConstant.RESULT_PARAM_ERROR, "调用接口失败");
			
 
				+                }
			
 
				+            }
			
 
				+
			
 
				+        }catch (Exception e){
			
 
				+            logger.error("数据交互异常：",e);
			
 
				+            throw new BusinessException(ResponseConstant.RESULT_CODE_INNER_ERROR,"数据交互异常。。。");
			
 
				+        }
			
 
				+    }
			
 
				     /**
			
 
				      * {"PARAM:"{
			
 
				      "param1": "$.a.#A#Object",
			
@@ -167,6 +232,27 @@ public class QueryServiceSMOImpl extends LoggerEngine implements IQueryServiceSM
 
				 
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * 执行存储
			
 
				+     * @param dataQuery
			
 
				+     */
			
 
				+    private void doExecuteUpdateProc(DataQuery dataQuery){
			
 
				+        Map info = new TreeMap();
			
 
				+        info.put("procName",dataQuery.getServiceSql().getProc());
			
 
				+        JSONObject params = dataQuery.getRequestParams();
			
 
				+        info.putAll(params);
			
 
				+
			
 
				+        String jsonStr = queryServiceDAOImpl.updateProc(info);
			
 
				+
			
 
				+        if(!Assert.isJsonObject(jsonStr)){
			
 
				+            throw new BusinessException(ResponseConstant.RESULT_CODE_INNER_ERROR,"存储过程 procName = " + dataQuery.getServiceSql().getProc() + " 返回结果不是Json格式");
			
 
				+        }
			
 
				+
			
 
				+        dataQuery.setResponseInfo(ResponseTemplateUtil.createBusinessResponseJson(ResponseConstant.RESULT_CODE_SUCCESS,
			
 
				+                "成功",JSONObject.parseObject(jsonStr)));
			
 
				+    }
			
 
				+
			
 
				+
			
 
				     /**
			
 
				      * 执行存储
			
 
				      * @param dataQuery