-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathProgram.cs
More file actions
201 lines (166 loc) · 8.95 KB
/
Program.cs
File metadata and controls
201 lines (166 loc) · 8.95 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
using FlowableWrapper.Api.Filters;
using FlowableWrapper.Application.Services;
using FlowableWrapper.Application.Slots;
using FlowableWrapper.Configuration;
using FlowableWrapper.Domain.Abstractions;
using FlowableWrapper.Domain.ElasticSearch;
using FlowableWrapper.Domain.Flowable;
using FlowableWrapper.Domain.Services;
using FlowableWrapper.Infrastructure.CurrentUser;
using FlowableWrapper.Infrastructure.ElasticSearch;
using FlowableWrapper.Infrastructure.Flowable;
using FlowableWrapper.Infrastructure.Security;
using FlowableWrapper.Infrastructure.Slots;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Authorization;
using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using process.Domain.DistributedLock;
using process.Infrastructure.DistributedLock;
using StackExchange.Redis;
var builder = WebApplication.CreateBuilder(args);
// ═══════════════════════════════════════════════════════════════
// 配置绑定(IOptions<T> 模式)
// ═══════════════════════════════════════════════════════════════
builder.Services.Configure<ElasticSearchOptions>(
builder.Configuration.GetSection("ElasticSearch"));
builder.Services.Configure<FlowableOptions>(
builder.Configuration.GetSection("Flowable"));
builder.Services.Configure<BusinessTypeProcessMapping>(
builder.Configuration.GetSection("BusinessTypeProcessMapping"));
builder.Services.Configure<RedisOptions>(
builder.Configuration.GetSection("Redis"));
builder.Services.Configure<JwtOptions>(
builder.Configuration.GetSection(JwtOptions.SectionName));
var jwtSection = builder.Configuration.GetSection(JwtOptions.SectionName);
var jwtMode = jwtSection["Mode"] ?? "Oidc";
var authBuilder = builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme);
if (string.Equals(jwtMode, "TrustedJwt", StringComparison.OrdinalIgnoreCase))
{
authBuilder.AddScheme<AuthenticationSchemeOptions, TrustedJwtAuthenticationHandler>(
JwtBearerDefaults.AuthenticationScheme, _ => { });
}
else
{
authBuilder.AddJwtBearer(options =>
{
options.Authority = jwtSection["Authority"];
options.RequireHttpsMetadata = bool.Parse(jwtSection["RequireHttpsMetadata"] ?? "true");
options.MapInboundClaims = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false
};
});
}
builder.Services.AddAuthorization(options =>
{
var authenticatedUserPolicy = new AuthorizationPolicyBuilder(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser()
.Build();
options.DefaultPolicy = authenticatedUserPolicy;
options.FallbackPolicy = authenticatedUserPolicy;
});
builder.Services.AddSingleton<IConnectionMultiplexer>(sp =>
{
var options = sp.GetRequiredService<IOptions<RedisOptions>>().Value;
return ConnectionMultiplexer.Connect(options.ConnectionString);
});
// ═══════════════════════════════════════════════════════════════
// 基础设施:当前用户
// ═══════════════════════════════════════════════════════════════
builder.Services.AddHttpContextAccessor();
builder.Services.AddScoped<ICurrentUser, HttpContextCurrentUser>();
// ═══════════════════════════════════════════════════════════════
// 基础设施:Flowable HTTP 客户端
// ═══════════════════════════════════════════════════════════════
// 使用 IHttpClientFactory 管理 HttpClient 生命周期
builder.Services.AddHttpClient<FlowableHttpClient>();
// Flowable 各 Service 实现(Scoped,跟随请求生命周期)
builder.Services.AddScoped<IFlowableRuntimeService, FlowableRuntimeServiceImpl>();
builder.Services.AddScoped<IFlowableTaskService, FlowableTaskServiceImpl>();
builder.Services.AddScoped<IFlowableHistoryService, FlowableHistoryServiceImpl>();
builder.Services.AddScoped<IFlowableRepositoryService, FlowableRepositoryServiceImpl>();
// ═══════════════════════════════════════════════════════════════
// 基础设施:Elasticsearch
// ═══════════════════════════════════════════════════════════════
builder.Services.AddSingleton<IElasticSearchService, ElasticSearchServiceImpl>();
// ═══════════════════════════════════════════════════════════════
// 应用服务(Phase 3-9 逐步注册,此处预留占位注释)
// ═══════════════════════════════════════════════════════════════
// Phase 3 — Slot 模型
builder.Services.AddScoped<SlotVariableConverter>();
builder.Services.AddScoped<IProcessSlotConfigProvider, ElasticSearchSlotConfigProvider>();
// Phase 3 (Patch Plan V1.2) - assignee contract services
// AssigneeContractConverter: role contract -> RecommendedAssigneesSnapshot
builder.Services.AddScoped<AssigneeContractConverter>();
// LoopAssignmentProjector is deprecated and no longer registered.
// Phase 5 — 任务执行
builder.Services.AddScoped<TaskExecutionAppService>();
// Phase 6 — 流程生命周期
builder.Services.AddScoped<ProcessLifecycleAppService>();
// Phase 7 — BPMN 部署
builder.Services.AddScoped<BpmnDeploymentAppService>();
// Phase 8 — 回调
// 1. 注册 ProcessCallbackAppService
builder.Services.AddScoped<ProcessCallbackAppService>();
// 2. 注册具名 HttpClient(用于回调业务系统)
builder.Services.AddHttpClient("BusinessCallback");
//
// 说明:
// ProcessCallbackAppService 通过 IHttpClientFactory.CreateClient("BusinessCallback")
// 获取 HttpClient 实例,由 IHttpClientFactory 统一管理连接池
// 避免直接 new HttpClient() 造成 Socket 耗尽
//
// 如果业务系统回调需要公共配置(如基础 URL、超时、重试策略),
// 可以在此处统一配置,例如:
//
builder.Services.AddHttpClient("BusinessCallback", client =>
{
client.Timeout = TimeSpan.FromSeconds(30);
});
//
// 如果后续引入 Polly 做 HTTP 重试(可选,当前由 Flowable 重试机制兜底),
// 可以在此处添加:
// .AddTransientHttpErrorPolicy(p => p.RetryAsync(3));
// Phase 9 — 查询
builder.Services.AddScoped<ProcessQueryAppService>();
// Phase 10 — 流程图渲染
builder.Services.AddScoped<ProcessFlowRenderAppService>();
// 开启redis注册
builder.Services.AddSingleton<IDistributedLockService, RedisDistributedLockService>();
// ═══════════════════════════════════════════════════════════════
// MVC + 全局异常过滤器
// ═══════════════════════════════════════════════════════════════
builder.Services.AddControllers(options =>
{
options.Filters.Add<GlobalExceptionFilter>();
});
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new() { Title = "流程中心 API", Version = "v1" });
// TODO: Phase N Keycloak JWT 接入后在此添加 Bearer 认证配置
});
// CORS(开发阶段全开,生产环境按需限制)
builder.Services.AddCors(options =>
{
options.AddDefaultPolicy(policy =>
policy.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
});
// ═══════════════════════════════════════════════════════════════
// 中间件管道
// ═══════════════════════════════════════════════════════════════
var app = builder.Build();
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
}
app.UseCors();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();