micord/ervu-lkrp-fl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into develop

Browse source 
# Conflicts:
#	backend/pom.xml
#	backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
#	backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
#	backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaPersonalDataService.java
#	backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java
#	config/local.env
#	distribution/pom.xml
#	frontend/pom.xml
#	pom.xml
#	resources/pom.xml
This commit is contained in:
gulnaz 2025-02-17 12:58:14 +03:00
commit 0069dcfa5a
22 changed files with 357 additions and 406 deletions
Download patch file Download diff file Expand all files Collapse all files

63
backend/src/main/java/ru/micord/ervu/controller/ExtractController.java
View file

@ -3,6 +3,7 @@ package ru.micord.ervu.controller;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import com.google.protobuf.ByteString;
import com.google.protobuf.InvalidProtocolBufferException;
import org.apache.kafka.common.utils.Bytes;
import org.springframework.beans.factory.annotation.Value;
@ -16,9 +17,14 @@ import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;
import rtl.pgs.ervu.proto.ExtractRegistry;
import rtl.pgs.ervu.proto.ResponseData;
import ru.micord.ervu.dto.ExtractEmptyRequestDto;
import ru.micord.ervu.dto.ExtractRequestDto;
import ru.micord.ervu.exception.ProtobufParsingException;
import ru.micord.ervu.kafka.service.ReplyingKafkaService;
import ru.micord.ervu.security.esia.model.PersonModel;
import ru.micord.ervu.security.esia.service.PersonalDataService;
import ru.micord.ervu.security.esia.token.EsiaTokensStore;
import ru.micord.ervu.security.webbpm.jwt.UserIdsPair;
import ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil;
/**
@ -26,35 +32,62 @@ import ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil;
*/
@RestController
public class ExtractController {
private final PersonalDataService personalDataService;
private final ReplyingKafkaService<Object, Bytes> replyingKafkaService;
@Value("${ervu.kafka.registry.extract.empty.request.topic}")
private String registryExtractEmptyRequestTopic;
@Value("${ervu.kafka.registry.extract.request.topic}")
private String registryExtractRequestTopic;
@Value("${ervu.kafka.registry.extract.reply.topic}")
private String registryExtractReplyTopic;
public ExtractController(ReplyingKafkaService<Object, Bytes> replyingKafkaService) {
public ExtractController(PersonalDataService personalDataService, ReplyingKafkaService<Object, Bytes> replyingKafkaService) {
this.personalDataService = personalDataService;
this.replyingKafkaService = replyingKafkaService;
}
@GetMapping(value = "/extract/{formatRegistry}")
public ResponseEntity<Resource> getExtract(@PathVariable String formatRegistry) {
String ervuId = SecurityUtil.getErvuId();
if (ervuId == null) {
return ResponseEntity.noContent().build();
}
ExtractRequestDto request = new ExtractRequestDto(ervuId, formatRegistry);
byte[] reply = replyingKafkaService.sendMessageAndGetReply(registryExtractRequestTopic,
registryExtractReplyTopic, request).get();
UserIdsPair userIdsPair = SecurityUtil.getUserIdsPair();
String ervuId = userIdsPair.getErvuId();
String fileName;
ByteString file;
try {
ResponseData responseData = ResponseData.parseFrom(reply);
ExtractRegistry extractRegistry = responseData.getDataRegistryInformation()
.getExtractRegistry();
String encodedFilename = URLEncoder.encode(extractRegistry.getFileName(), StandardCharsets.UTF_8);
InputStreamResource resource = new InputStreamResource(extractRegistry.getFile().newInput());
if (ervuId != null) {
ExtractRequestDto request = new ExtractRequestDto(ervuId, formatRegistry);
byte[] reply = replyingKafkaService.sendMessageAndGetReply(registryExtractRequestTopic,
registryExtractReplyTopic, request).get();
ResponseData responseData = ResponseData.parseFrom(reply);
ExtractRegistry extractRegistry = responseData.getDataRegistryInformation()
.getExtractRegistry();
fileName = extractRegistry.getFileName();
file = extractRegistry.getFile();
}
else {
String esiaUserId = userIdsPair.getEsiaUserId(); // esiaUserid is not null here
String esiaAccessToken = EsiaTokensStore.getAccessToken(esiaUserId);
PersonModel personModel = personalDataService.getPersonModel(esiaAccessToken);
ExtractEmptyRequestDto emptyRequest = new ExtractEmptyRequestDto(
personModel.getLastName(),
personModel.getFirstName(), personModel.getMiddleName(), personModel.getBirthDate(),
personModel.getSnils(), formatRegistry
);
byte[] reply = replyingKafkaService.sendMessageAndGetReply(registryExtractEmptyRequestTopic,
registryExtractReplyTopic, emptyRequest).get();
rtl.pgs.ervu.proto.emptyrequest.ResponseData responseData = rtl.pgs.ervu.proto.emptyrequest.ResponseData
.parseFrom(reply);
rtl.pgs.ervu.proto.emptyrequest.ExtractRegistry extractRegistry = responseData.getDataRegistryInformation()
.getExtractRegistry();
fileName = extractRegistry.getFileName();
file = extractRegistry.getFile();
}
String encodedFilename = URLEncoder.encode(fileName, StandardCharsets.UTF_8);
InputStreamResource resource = new InputStreamResource(file.newInput());
return ResponseEntity.ok()
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename*=UTF-8''" + encodedFilename)
.contentType(MediaType.APPLICATION_OCTET_STREAM)

12
backend/src/main/java/ru/micord/ervu/converter/SummonsResponseDataConverter.java
View file

@ -5,6 +5,8 @@ import java.util.Comparator;
import java.util.List;
import java.util.Optional;
import org.springframework.util.StringUtils;
import proto.ervu.rp.summons.RecruitmentInfo;
import ru.micord.ervu.dto.Restriction;
import ru.micord.ervu.dto.SubpoenaResponseDto;
import org.springframework.stereotype.Component;
@ -29,6 +31,7 @@ public class SummonsResponseDataConverter {
private static final String ACTUAL_ADDRESS_CODE = "_3";
public SubpoenaResponseDto convert(SummonsResponseData responseData) {
RecruitmentInfo recruitmentInfo = responseData.getRecruitmentInfo();
SubpoenaResponseDto.Builder builder = new SubpoenaResponseDto.Builder()
.personName(responseData.getFirstName(), responseData.getMiddleName(),
responseData.getLastName()
@ -40,10 +43,11 @@ public class SummonsResponseDataConverter {
.issueOrg(responseData.getIssueOrg())
.issueIdCode(responseData.getIssueIdCode())
.militaryCommissariatName(responseData.getRecruitmentInfo().getMilitaryCommissariatName())
.recruitmentStatusCode(
Integer.parseInt(responseData.getRecruitmentInfo().getRecruitmentStatusCode()))
.recruitmentStartDate(responseData.getRecruitmentInfo().getRecruitmentStart())
.militaryCommissariatName(recruitmentInfo.getMilitaryCommissariatName())
.recruitmentStatusCode(StringUtils.hasText(recruitmentInfo.getRecruitmentStatusCode())
? Integer.parseInt(recruitmentInfo.getRecruitmentStatusCode())
: 0)
.recruitmentStartDate(recruitmentInfo.getRecruitmentStart())
.residenceAddress(getAddressByCode(responseData.getAddressesList(), RESIDENCE_ADDRESS_CODE))
.stayAddress(getAddressByCode(responseData.getAddressesList(), STAY_ADDRESS_CODE))

8
backend/src/main/java/ru/micord/ervu/dto/ExtractEmptyRequestDto.java Normal file
View file

@ -0,0 +1,8 @@
package ru.micord.ervu.dto;
/**
* @author r.latypov
*/
public record ExtractEmptyRequestDto(String lastName, String firstName, String middleName,
String birthDate, String snils, String formatExtractRegistry) {
}

12
backend/src/main/java/ru/micord/ervu/kafka/service/impl/BaseReplyingKafkaService.java
View file

@ -1,10 +1,13 @@
package ru.micord.ervu.kafka.service.impl;
import java.lang.invoke.MethodHandles;
import java.util.Optional;
import java.util.concurrent.ExecutionException;
import org.apache.kafka.clients.consumer.ConsumerRecord;
import org.apache.kafka.clients.producer.ProducerRecord;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.kafka.requestreply.ReplyingKafkaTemplate;
import org.springframework.kafka.requestreply.RequestReplyFuture;
import ru.micord.ervu.kafka.exception.KafkaMessageException;
@ -15,18 +18,25 @@ import ru.micord.ervu.kafka.service.ReplyingKafkaService;
* @author gulnaz
*/
public abstract class BaseReplyingKafkaService<T, V> implements ReplyingKafkaService<T, V> {
private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
@Override
public V sendMessageAndGetReply(String requestTopic, String replyTopic, T requestMessage) {
long startTime = System.currentTimeMillis();
RequestReplyFuture<String, T, V> replyFuture = getTemplate().sendAndReceive(
getProducerRecord(requestTopic, replyTopic, requestMessage));
try {
return Optional.ofNullable(replyFuture.get())
V result = Optional.ofNullable(replyFuture.get())
.map(ConsumerRecord::value)
.orElseThrow(() -> new KafkaMessageException("Kafka return result is null"));
LOGGER.info("Thread {} - KafkaSendMessageAndGetReply: {} ms",
Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
return result;
}
catch (InterruptedException | ExecutionException e) {
LOGGER.error("Thread {} - KafkaSendMessageAndGetReply: {} ms",
Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
throw new KafkaMessageReplyTimeoutException(e);
}
}

4
backend/src/main/java/ru/micord/ervu/security/esia/config/EsiaConfig.java
View file

@ -32,10 +32,10 @@ public class EsiaConfig {
@Value("${esia.client.cert.hash}")
private String clientCertHash;
@Value("${esia.request.timeout:60}")
@Value("${request.timeout:20}")
private long requestTimeout;
@Value("${esia.connection.timeout:30}")
@Value("${connection.timeout:10}")
private long connectionTimeout;
@Value("${esia.logout.url:idp/ext/Logout}")

39
backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java
View file

@ -50,7 +50,7 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token;
import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils;
import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.getCurrentUsername;
import static ru.micord.ervu.security.webbpm.jwt.util.SecurityUtil.getCurrentUserEsiaId;
/**
* @author Eduard Tihomirov
@ -234,12 +234,14 @@ public class EsiaAuthService {
throw new EsiaException(e);
}
finally {
LOGGER.info("Thread {}: SignSecret: {}ms RequestAccessToken: {}ms VerifySecret: {}ms",
LOGGER.info("Thread {} - SignSecret: {} ms RequestAccessToken: {} ms VerifySecret: {} ms",
Thread.currentThread().getId(), signSecret, requestAccessToken, verifySecret);
}
PersonModel personModel = null;
String ervuId = null;
try {
Response ervuIdResponse = getErvuIdResponse(esiaAccessTokenStr);
personModel = personalDataService.getPersonModel(esiaAccessTokenStr);
Response ervuIdResponse = getErvuIdResponse(personModel);
ervuId = ervuIdResponse.getErvuId();
}
catch (EsiaException | JsonProcessingException e) {
@ -309,7 +311,8 @@ public class EsiaAuthService {
Long expiresIn = tokenResponse.getExpiresIn();
EsiaTokensStore.addAccessToken(prnOid, esiaAccessTokenStr, expiresIn);
EsiaTokensStore.addRefreshToken(prnOid, esiaNewRefreshTokenStr, expiresIn);
Response ervuIdResponse = getErvuIdResponse(esiaAccessTokenStr);
PersonModel personModel = personalDataService.getPersonModel(esiaAccessTokenStr);
Response ervuIdResponse = getErvuIdResponse(personModel);
createTokenAndAddCookie(response, esiaAccessToken.getSbjId(), ervuIdResponse.getErvuId(), expiresIn);
}
catch (Exception e) {
@ -329,6 +332,7 @@ public class EsiaAuthService {
.uri(URI.create(esiaConfig.getSignUrl()))
.header("Content-Type", "text/plain")
.POST(HttpRequest.BodyPublishers.ofString(requestBody, StandardCharsets.UTF_8))
.timeout(Duration.ofSeconds(esiaConfig.getRequestTimeout()))
.build();
HttpResponse<String> response = HttpClient.newBuilder()
.connectTimeout(Duration.ofSeconds(esiaConfig.getConnectionTimeout()))
@ -368,24 +372,12 @@ public class EsiaAuthService {
}
}
public Response getErvuIdResponse(String accessToken) throws JsonProcessingException {
long requestPersonData = 0, requestIdERVU = 0;
try {
long startTime = System.currentTimeMillis();
PersonModel personModel = personalDataService.getPersonModel(accessToken);
requestPersonData = System.currentTimeMillis() - startTime;
Person person = copyToPerson(personModel);
startTime = System.currentTimeMillis();
String kafkaResponse = replyingKafkaService.sendMessageAndGetReply(requestTopic,
requestReplyTopic, objectMapper.writeValueAsString(person)
);
requestIdERVU = System.currentTimeMillis() - startTime;
return objectMapper.readValue(kafkaResponse, Response.class);
}
finally {
LOGGER.info("Thread {}: RequestPersonData: {}ms RequestIdERVU: {}ms",
Thread.currentThread().getId(), requestPersonData, requestIdERVU);
}
public Response getErvuIdResponse(PersonModel personModel) throws JsonProcessingException {
Person person = copyToPerson(personModel);
String kafkaResponse = replyingKafkaService.sendMessageAndGetReply(requestTopic,
requestReplyTopic, objectMapper.writeValueAsString(person)
);
return objectMapper.readValue(kafkaResponse, Response.class);
}
private Person copyToPerson(PersonModel personModel) {
@ -405,7 +397,7 @@ public class EsiaAuthService {
private String getMessageId(Exception exception) {
return Integer.toUnsignedString(Objects
.hashCode(getCurrentUsername()), 36)
.hashCode(getCurrentUserEsiaId()), 36)
+ "-"
+ Integer.toUnsignedString(exception.hashCode(), 36);
}
@ -465,6 +457,7 @@ public class EsiaAuthService {
.uri(URI.create(esiaConfig.getSignVerifyUrl()))
.header("Content-Type", "text/plain")
.POST(HttpRequest.BodyPublishers.ofString(accessToken, StandardCharsets.UTF_8))
.timeout(Duration.ofSeconds(esiaConfig.getRequestTimeout()))
.build();
return HttpClient.newBuilder()
.connectTimeout(Duration.ofSeconds(esiaConfig.getConnectionTimeout()))

7
backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaPersonalDataService.java
View file

@ -1,5 +1,6 @@
package ru.micord.ervu.security.esia.service;
import java.lang.invoke.MethodHandles;
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
@ -8,6 +9,8 @@ import java.time.Duration;
import java.util.Base64;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ru.micord.ervu.security.esia.exception.EsiaException;
import ru.micord.ervu.security.esia.config.EsiaConfig;
import ru.micord.ervu.security.esia.model.EsiaAccessToken;
@ -23,6 +26,7 @@ import org.springframework.stereotype.Service;
*/
@Service
public class EsiaPersonalDataService implements PersonalDataService {
private static final Logger LOGGER = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
@Autowired
private EsiaConfig esiaConfig;
@ -32,6 +36,7 @@ public class EsiaPersonalDataService implements PersonalDataService {
@Override
public PersonModel getPersonModel(String accessToken) {
long startTime = System.currentTimeMillis();
try {
EsiaAccessToken esiaAccessToken = readToken(accessToken);
String prnsId = esiaAccessToken.getSbjId();
@ -39,9 +44,11 @@ public class EsiaPersonalDataService implements PersonalDataService {
personModel.setPassportModel(
getPassportModel(prnsId, accessToken, personModel.getrIdDoc()));
personModel.setPrnsId(prnsId);
LOGGER.info("Thread {} - RequestPersonData: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
return personModel;
}
catch (Exception e) {
LOGGER.error("Thread {} - RequestPersonData: {} ms", Thread.currentThread().getId(), System.currentTimeMillis() - startTime);
throw new EsiaException(e);
}
}

7
backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/JwtAuthentication.java
View file

@ -17,8 +17,11 @@ public class JwtAuthentication implements Authentication {
private final Authentication authentication;
private final String token;
private final UserIdsPair userIdsPair;
public JwtAuthentication(Authentication authentication, String userAccountId, String token) {
this.userAccountId = userAccountId;
this.userIdsPair = new UserIdsPair(userAccountId);
this.authentication = authentication;
this.token = token;
}
@ -31,6 +34,10 @@ public class JwtAuthentication implements Authentication {
return userAccountId;
}
public UserIdsPair getUserIdsPair() {
return userIdsPair;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authentication.getAuthorities();

36
backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/UserIdsPair.java Normal file
View file

@ -0,0 +1,36 @@
package ru.micord.ervu.security.webbpm.jwt;
public class UserIdsPair {
private final String esiaUserId;
private final String ervuId;
public UserIdsPair(String idsConcatenated) {
if (idsConcatenated == null) {
this.esiaUserId = null;
this.ervuId = null;
}
else {
String[] ids = idsConcatenated.split(":");
this.esiaUserId = ids[0];
this.ervuId = ids.length == 2 ? ids[1] : null;
}
}
public UserIdsPair(String esiaUserId, String ervuId) {
this.esiaUserId = esiaUserId;
this.ervuId = ervuId;
}
public String getEsiaUserId() {
return esiaUserId;
}
public String getErvuId() {
return ervuId;
}
public String getIdsConcatenated() {
return esiaUserId + (ervuId == null ? "" : ":" + ervuId);
}
}

14
backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java
View file

@ -16,6 +16,7 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import ru.micord.ervu.security.esia.token.EsiaTokensStore;
import ru.micord.ervu.security.exception.UnauthorizedException;
import ru.micord.ervu.security.webbpm.jwt.UserIdsPair;
import ru.micord.ervu.security.webbpm.jwt.model.Token;
import ru.cg.webbpm.modules.resources.api.ResourceMetadataUtils;
@ -43,16 +44,17 @@ public class JwtTokenService {
}
public Token createAccessToken(String userAccountId, Long expiresIn, String ervuId) {
String idsConcatenated = new UserIdsPair(userAccountId, ervuId).getIdsConcatenated();
Date expirationDate = new Date(System.currentTimeMillis() + 1000L * expiresIn);
String value = Jwts.builder()
.setSubject(userAccountId + ":" + ervuId)
.setSubject(idsConcatenated)
.setIssuer(tokenIssuerName)
.setIssuedAt(new Date(System.currentTimeMillis()))
.setExpiration(expirationDate)
.signWith(signingKey)
.compact();
return new Token(userAccountId + ":" + ervuId, tokenIssuerName, expirationDate, value);
return new Token(idsConcatenated, tokenIssuerName, expirationDate, value);
}
public boolean isValid(Token token) {
@ -65,8 +67,8 @@ public class JwtTokenService {
LOGGER.info("Token {} is expired ", token.getValue());
return false;
}
String[] ids = token.getUserAccountId().split(":");
return EsiaTokensStore.validateAccessToken(ids[0]);
String esiaUserId = new UserIdsPair(token.getUserAccountId()).getEsiaUserId();
return EsiaTokensStore.validateAccessToken(esiaUserId);
}
public Token getToken(String token) {
@ -90,8 +92,8 @@ public class JwtTokenService {
String authToken = extractAuthToken(request);
if (authToken != null) {
String[] ids = getToken(authToken).getUserAccountId().split(":");
return ids[0];
String esiaUserId = new UserIdsPair(getToken(authToken).getUserAccountId()).getEsiaUserId();
return esiaUserId;
}
else {
throw new UnauthorizedException("Failed to get auth data. User unauthorized.");

11
backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/util/SecurityUtil.java
View file

@ -8,6 +8,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.util.WebUtils;
import ru.micord.ervu.security.webbpm.jwt.JwtAuthentication;
import ru.micord.ervu.security.webbpm.jwt.UserIdsPair;
public final class SecurityUtil {
public static final String AUTH_TOKEN = "auth_token";
@ -23,17 +24,13 @@ public final class SecurityUtil {
return cookie != null ? cookie.getValue() : null;
}
public static String getErvuId() {
public static UserIdsPair getUserIdsPair() {
return Optional.ofNullable(SecurityContextHolder.getContext().getAuthentication())
.map(a -> ((JwtAuthentication) a).getUserAccountId())
.map(userAccountId -> {
String ervuId = userAccountId.split(":")[1];
return "null".equals(ervuId) ? null : ervuId;
})
.map(a -> ((JwtAuthentication) a).getUserIdsPair())
.orElse(null);
}
public static String getCurrentUsername() {
public static String getCurrentUserEsiaId() {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.isAuthenticated()) {
return auth.getName();

4
backend/src/main/java/ru/micord/ervu/service/SubpoenaService.java
View file

@ -31,7 +31,9 @@ public class SubpoenaService {
}
public SubpoenaResponseDto getSubpoenaData() {
String ervuId = SecurityUtil.getErvuId();
String ervuId = SecurityUtil.getUserIdsPair() == null
? null
: SecurityUtil.getUserIdsPair().getErvuId();
if (ervuId == null) {
return new SubpoenaResponseDto.Builder().build();

27
backend/src/main/resources/ProtoResponseUnknownRecruitData.proto Normal file
View file

@ -0,0 +1,27 @@
syntax = "proto3";
package rtl.pgs.ervu.proto.emptyrequest;
import "google/protobuf/timestamp.proto";
option java_multiple_files = true;
option java_outer_classname = "LkrpUnknownRecruitResponse";
option java_package = "rtl.pgs.ervu.proto.emptyrequest";
message ExtractRegistry {
string fileName = 1;
string fileType = 2;
string fileDatetime = 3;
bytes file = 4;
};
message DataRegistryInformation {
ExtractRegistry extractRegistry = 1;
};
message ResponseData {
string lastName = 1;
string firstName = 2;
string middleName = 3;
string birthDate = 4;
DataRegistryInformation dataRegistryInformation = 5;
};