XuqmGroup-Server/license-service/src/main/java/com/xuqm/license/controller/LicensePublicController.java

package com.xuqm.license.controller;

import com.fasterxml.jackson.annotation.JsonAlias;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.JsonNode;
import com.xuqm.common.exception.BusinessException;
import com.xuqm.common.model.ApiResponse;
import com.xuqm.common.security.LicenseFileCrypto;
import com.xuqm.license.service.DeviceService;
import jakarta.validation.Valid;
import jakarta.validation.constraints.NotBlank;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.Map;

@RestController
@RequestMapping("/api/license")
public class LicensePublicController {

    private final DeviceService deviceService;

    public LicensePublicController(DeviceService deviceService) {
        this.deviceService = deviceService;
    }

    @PostMapping("/register")
    public ResponseEntity<ApiResponse<Map<String, Object>>> register(@Valid @RequestBody RegisterRequest req) {
        String resolvedAppKey = resolveAppKey(req.appKey(), req.packageName(), req.licenseFile());
        DeviceService.RegisterResult result = deviceService.register(
                resolvedAppKey,
                req.packageName(),
                req.deviceId(),
                req.deviceName(),
                req.deviceModel(),
                req.deviceVendor(),
                req.osVersion(),
                req.userInfo());
        Map<String, Object> data = new java.util.LinkedHashMap<>();
        data.put("success", result.success());
        data.put("token", result.token());
        if (result.message() != null) {
            data.put("message", result.message());
        }
        return ResponseEntity.ok(ApiResponse.success(data));
    }

    @PostMapping("/verify")
    public ResponseEntity<ApiResponse<Map<String, Object>>> verify(@Valid @RequestBody VerifyRequest req) {
        String resolvedAppKey = resolveAppKey(req.appKey(), req.packageName(), req.licenseFile());
        DeviceService.VerifyResult result = deviceService.verify(resolvedAppKey, req.packageName(), req.deviceId(), req.token(), req.userInfo());
        Map<String, Object> data = new java.util.LinkedHashMap<>();
        data.put("valid", result.valid());
        if (result.error() != null) {
            data.put("error", result.error());
        }
        return ResponseEntity.ok(ApiResponse.success(data));
    }

    private static String resolveAppKey(String appKey, String packageName, String licenseFile) {
        if (licenseFile != null && !licenseFile.isBlank()) {
            LicenseFileCrypto.LicensePayload payload = LicenseFileCrypto.decrypt(licenseFile);
            if (!payload.matchesPackageName(packageName)) {
                throw new BusinessException(403, "包名与应用配置不匹配");
            }
            return payload.appKey();
        }
        if (appKey == null || appKey.isBlank()) {
            throw new BusinessException(400, "appKey 或 licenseFile 必须提供其中一个");
        }
        return appKey;
    }

    public record RegisterRequest(
            String appKey,
            @NotBlank @JsonProperty("packageName") @JsonAlias("package_name") String packageName,
            @JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile,
            @NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId,
            @JsonProperty("deviceName") @JsonAlias("device_name") String deviceName,
            @JsonProperty("deviceModel") @JsonAlias("device_model") String deviceModel,
            @JsonProperty("deviceVendor") @JsonAlias("device_vendor") String deviceVendor,
            @JsonProperty("osVersion") @JsonAlias("os_version") String osVersion,
            @JsonProperty("userInfo") @JsonAlias("user_info") JsonNode userInfo
    ) {}

    public record VerifyRequest(
            String appKey,
            @NotBlank @JsonProperty("packageName") @JsonAlias("package_name") String packageName,
            @JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile,
            @NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId,
            @NotBlank String token,
            @JsonProperty("userInfo") @JsonAlias("user_info") JsonNode userInfo
    ) {}
}
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`package com.xuqm.license.controller;`

			`import com.fasterxml.jackson.annotation.JsonAlias;`
			`import com.fasterxml.jackson.annotation.JsonProperty;`
Store license check user info 2026-05-15 21:29:48 +08:00			`import com.fasterxml.jackson.databind.JsonNode;`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`import com.xuqm.common.exception.BusinessException;`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`import com.xuqm.common.model.ApiResponse;`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`import com.xuqm.common.security.LicenseFileCrypto;`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`import com.xuqm.license.service.DeviceService;`
			`import jakarta.validation.Valid;`
			`import jakarta.validation.constraints.NotBlank;`
			`import org.springframework.http.ResponseEntity;`
			`import org.springframework.web.bind.annotation.PostMapping;`
			`import org.springframework.web.bind.annotation.RequestBody;`
			`import org.springframework.web.bind.annotation.RequestMapping;`
			`import org.springframework.web.bind.annotation.RestController;`

			`import java.util.Map;`

			`@RestController`
			`@RequestMapping("/api/license")`
			`public class LicensePublicController {`

			`private final DeviceService deviceService;`

			`public LicensePublicController(DeviceService deviceService) {`
			`this.deviceService = deviceService;`
			`}`

			`@PostMapping("/register")`
			`public ResponseEntity<ApiResponse<Map<String, Object>>> register(@Valid @RequestBody RegisterRequest req) {`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`String resolvedAppKey = resolveAppKey(req.appKey(), req.packageName(), req.licenseFile());`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`DeviceService.RegisterResult result = deviceService.register(`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`resolvedAppKey,`
feat: validate packageName against appKey on SDK and license init SdkConfigController: require packageName param; reject with 403 if it doesn't match the platform-specific name registered for the app (skipped when app has no name configured yet). LicensePublicController: add required packageName to register/verify requests. DeviceService: validatePackageName() checks against android/ios/harmony names stored on AppLicenseEntity; rejects if any are configured and none match. AppLicenseEntity: add android_package_name, ios_bundle_id, harmony_bundle_name columns (auto-migrated via ddl-auto=update). LicenseInternalController/AppLicenseService: accept and persist package names via upsert endpoint. LicenseServiceClient/FeatureServiceManager: pass app package names when syncing license records to license-service. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:31:50 +08:00			`req.packageName(),`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`req.deviceId(),`
			`req.deviceName(),`
			`req.deviceModel(),`
			`req.deviceVendor(),`
Store license check user info 2026-05-15 21:29:48 +08:00			`req.osVersion(),`
			`req.userInfo());`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`Map<String, Object> data = new java.util.LinkedHashMap<>();`
			`data.put("success", result.success());`
			`data.put("token", result.token());`
			`if (result.message() != null) {`
			`data.put("message", result.message());`
			`}`
			`return ResponseEntity.ok(ApiResponse.success(data));`
			`}`

			`@PostMapping("/verify")`
			`public ResponseEntity<ApiResponse<Map<String, Object>>> verify(@Valid @RequestBody VerifyRequest req) {`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`String resolvedAppKey = resolveAppKey(req.appKey(), req.packageName(), req.licenseFile());`
			`DeviceService.VerifyResult result = deviceService.verify(resolvedAppKey, req.packageName(), req.deviceId(), req.token(), req.userInfo());`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`Map<String, Object> data = new java.util.LinkedHashMap<>();`
			`data.put("valid", result.valid());`
			`if (result.error() != null) {`
			`data.put("error", result.error());`
			`}`
			`return ResponseEntity.ok(ApiResponse.success(data));`
			`}`

feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`private static String resolveAppKey(String appKey, String packageName, String licenseFile) {`
			`if (licenseFile != null && !licenseFile.isBlank()) {`
			`LicenseFileCrypto.LicensePayload payload = LicenseFileCrypto.decrypt(licenseFile);`
			`if (!payload.matchesPackageName(packageName)) {`
			`throw new BusinessException(403, "包名与应用配置不匹配");`
			`}`
			`return payload.appKey();`
			`}`
			`if (appKey == null \|\| appKey.isBlank()) {`
			`throw new BusinessException(400, "appKey 或 licenseFile 必须提供其中一个");`
			`}`
			`return appKey;`
			`}`

Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`public record RegisterRequest(`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`String appKey,`
feat: validate packageName against appKey on SDK and license init SdkConfigController: require packageName param; reject with 403 if it doesn't match the platform-specific name registered for the app (skipped when app has no name configured yet). LicensePublicController: add required packageName to register/verify requests. DeviceService: validatePackageName() checks against android/ios/harmony names stored on AppLicenseEntity; rejects if any are configured and none match. AppLicenseEntity: add android_package_name, ios_bundle_id, harmony_bundle_name columns (auto-migrated via ddl-auto=update). LicenseInternalController/AppLicenseService: accept and persist package names via upsert endpoint. LicenseServiceClient/FeatureServiceManager: pass app package names when syncing license records to license-service. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:31:50 +08:00			`@NotBlank @JsonProperty("packageName") @JsonAlias("package_name") String packageName,`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`@JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile,`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`@NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId,`
			`@JsonProperty("deviceName") @JsonAlias("device_name") String deviceName,`
			`@JsonProperty("deviceModel") @JsonAlias("device_model") String deviceModel,`
			`@JsonProperty("deviceVendor") @JsonAlias("device_vendor") String deviceVendor,`
Store license check user info 2026-05-15 21:29:48 +08:00			`@JsonProperty("osVersion") @JsonAlias("os_version") String osVersion,`
			`@JsonProperty("userInfo") @JsonAlias("user_info") JsonNode userInfo`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`) {}`

			`public record VerifyRequest(`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`String appKey,`
feat: validate packageName against appKey on SDK and license init SdkConfigController: require packageName param; reject with 403 if it doesn't match the platform-specific name registered for the app (skipped when app has no name configured yet). LicensePublicController: add required packageName to register/verify requests. DeviceService: validatePackageName() checks against android/ios/harmony names stored on AppLicenseEntity; rejects if any are configured and none match. AppLicenseEntity: add android_package_name, ios_bundle_id, harmony_bundle_name columns (auto-migrated via ddl-auto=update). LicenseInternalController/AppLicenseService: accept and persist package names via upsert endpoint. LicenseServiceClient/FeatureServiceManager: pass app package names when syncing license records to license-service. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:31:50 +08:00			`@NotBlank @JsonProperty("packageName") @JsonAlias("package_name") String packageName,`
feat: license 文件作为通用凭证支持所有服务 SDK 初始化 - LicenseFileCrypto 移至 common 模块并新增 decrypt() 方法 - LicenseFileCrypto.LicensePayload 携带 appKey / packageName / iosBundleId / harmonyBundleName，matchesPackageName() 支持三端包名任一匹配 - tenant-service downloadLicenseFile：去掉"License 服务已开通"限制，app 创建即可下载；payload 新增 iosBundleId / harmonyBundleName - im / push / update / license 四个服务 SDK 初始化端点均支持双模式： · licenseFile 模式：解密文件取 appKey，比对 packageName（无需调 tenant-service） · appKey 模式：调 tenant-service 取 platformInfo 比对 packageName（原有逻辑） - appKey 参数由必填改为可选（与 licenseFile 二选一） Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> 2026-05-22 16:47:30 +08:00			`@JsonProperty("licenseFile") @JsonAlias("license_file") String licenseFile,`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`@NotBlank @JsonProperty("deviceId") @JsonAlias("device_id") String deviceId,`
Store license check user info 2026-05-15 21:29:48 +08:00			`@NotBlank String token,`
			`@JsonProperty("userInfo") @JsonAlias("user_info") JsonNode userInfo`
Add license service and tenant integration 2026-05-15 21:00:24 +08:00			`) {}`
			`}`