♻️ 重构代码

2 years ago · dd8f86c47d
373 changed files with 4778 additions and 6480 deletions
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/context/AuditContext.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/context/AuditContext.java
@ -22,6 +22,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import org.springframework.security.core.Authentication;
 import org.springframework.util.CollectionUtils;
 import com.alibaba.ttl.TransmittableThreadLocal;
@ -41,6 +42,11 @@ public class AuditContext {
     */
    private static final TransmittableThreadLocal<String>              CONTENT         = new TransmittableThreadLocal<>();
    /**
     * Authentication
     */
    private static final TransmittableThreadLocal<Authentication>      AUTHENTICATION  = new TransmittableThreadLocal<>();
    /**
     * 目标对象
     */
@ -122,6 +128,19 @@ public class AuditContext {
        ADDITIONAL_DATA.set(value);
    }
    /**
     * Get Authentication
     *
     * @return {@link Authentication}
     */
    public static Authentication getAuthorization() {
        return AUTHENTICATION.get();
    }
    public static void setAuthorization(Authentication authorization) {
        AUTHENTICATION.set(authorization);
    }
    /**
     * Get Target
     *
@ -156,6 +175,13 @@ public class AuditContext {
        TARGET_LIST.remove();
    }
    /**
     * Remove Authentication
     */
    public static void removeAuthentication() {
        AUTHENTICATION.remove();
    }
    /**
     * remove
     */
@ -182,5 +208,7 @@ public class AuditContext {
        removeAdditionalData();
        removeContent();
        removeTarget();
        removeAuthentication();
    }
 }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Actor.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Actor.java
@ -40,6 +40,8 @@ public class Actor implements Serializable {
    public static final String ACTOR_ID         = "actor.id";
    public static final String ACTOR_TYPE       = "actor.type";
    public static final String ACTOR_AUTH_TYPE  = "actor.auth_type.keyword";
    @Serial
    private static final long  serialVersionUID = -1144169992714000310L;
    /**
@ -54,4 +56,10 @@ public class Actor implements Serializable {
    @Field(type = FieldType.Keyword, name = "type")
    private UserType           type;
    /**
     * 身份验证类型
     */
    @Field(type = FieldType.Keyword, name = "auth_type")
    private String             authType;
 }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/AuditEntity.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/AuditEntity.java
@ -25,18 +25,23 @@ import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 import org.hibernate.annotations.SQLDelete;
 import org.hibernate.annotations.SQLDeleteAll;
 import org.hibernate.annotations.Type;
 import org.hibernate.annotations.Where;
 import cn.topiam.employee.audit.enums.EventStatus;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.UserType;
-import cn.topiam.employee.support.repository.domain.BaseEntity;
+import cn.topiam.employee.support.repository.domain.LogicDeleteEntity;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import lombok.Setter;
 import lombok.ToString;
 import lombok.experimental.Accessors;
 import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_SET;
 import static cn.topiam.employee.support.repository.domain.LogicDeleteEntity.SOFT_DELETE_WHERE;
 /**
 * 审计
@ -51,7 +56,10 @@ import lombok.experimental.Accessors;
@Accessors(chain = true)
@Entity
@Table(name = "audit")
-public class AuditEntity extends BaseEntity<Long> {
+@SQLDelete(sql = "update audit set " + SOFT_DELETE_SET + " where id_ = ?")
@SQLDeleteAll(sql = "update audit set " + SOFT_DELETE_SET + " where id_ = ?")
@Where(clause = SOFT_DELETE_WHERE)
 public class AuditEntity extends LogicDeleteEntity<Long> {
    @Serial
    private static final long serialVersionUID = -3119319193111206582L;
@ -136,4 +144,10 @@ public class AuditEntity extends BaseEntity<Long> {
     */
    @Column(name = "actor_type")
    private UserType          actorType;
    /**
     * 身份验证类型
     */
    @Column(name = "actor_auth_type")
    private String            actorAuthType;
 }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Event.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Event.java
@ -64,7 +64,7 @@ public class Event implements Serializable {
    /**
     * 事件内容
     */
-    @Field(type = FieldType.Text, name = "content")
+    @Field(type = FieldType.Object, name = "content")
    private String             content;
    /**
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/GeoLocation.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/GeoLocation.java
@ -41,7 +41,9 @@ import lombok.Data;
 public class GeoLocation implements Serializable {
    @Serial
-    private static final long   serialVersionUID = -1144169992714000310L;
+    private static final long   serialVersionUID           = -1144169992714000310L;
    public static final String  GEO_LOCATION_PROVINCE_CODE = "geo_location.province_code.keyword";
    /**
     * IP
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Target.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/entity/Target.java
@ -48,6 +48,12 @@ public class Target implements Serializable {
     */
    @Field(type = FieldType.Keyword, name = "id")
    private String             id;
    /**
     * 目标名称
     */
    @Field(type = FieldType.Keyword, name = "name")
    private String             name;
    /**
     *
     * 目标类型
@ -55,4 +61,9 @@ public class Target implements Serializable {
    @Field(type = FieldType.Keyword, name = "type")
    private TargetType         type;
    /**
     * 目标类型名称
     */
    @Field(type = FieldType.Keyword, name = "type_name")
    private String             typeName;
 }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEvent.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEvent.java
@ -18,7 +18,7 @@
 package cn.topiam.employee.audit.event;
 import java.io.Serial;
-import java.util.*;
+import java.util.List;
 import org.springframework.context.ApplicationEvent;
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventListener.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventListener.java
@ -30,7 +30,7 @@ import org.springframework.lang.NonNull;
 import org.springframework.stereotype.Component;
 import cn.topiam.employee.audit.entity.*;
-import cn.topiam.employee.audit.repository.*;
+import cn.topiam.employee.audit.repository.AuditRepository;
 import cn.topiam.employee.core.configuration.EiamSupportProperties;
 import static cn.topiam.employee.common.constants.AuditConstants.getAuditIndexPrefix;
 import static cn.topiam.employee.support.constant.EiamConstants.DEFAULT_DATE_FORMATTER_PATTERN;
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventPublish.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/event/AuditEventPublish.java
@ -35,6 +35,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import com.alibaba.fastjson2.JSONObject;
 import com.google.common.collect.Maps;
 import cn.topiam.employee.audit.entity.*;
 import cn.topiam.employee.audit.enums.EventStatus;
@ -92,12 +93,13 @@ public class AuditEventPublish {
     * @param eventType {@link EventType}
     */
    public void publish(EventType eventType, Authentication authentication, EventStatus eventStatus,
-                        List<Target> targets) {
+                        List<Target> targets, String result) {
        //@formatter:off
        //封装操作事件
        Event event = Event.builder()
                .type(eventType)
                .time(Instant.now())
                .result(result)
                .status(eventStatus).build();
        if (authentication.getPrincipal() instanceof UserDetails){
            String username = ((UserDetails) authentication.getPrincipal()).getUsername();
@ -114,6 +116,37 @@ public class AuditEventPublish {
        //@formatter:on
    }
    /**
     * 发布 审计事件
     *
     * @param eventType {@link EventType}
     */
    public void publish(EventType eventType, Authentication authentication, EventStatus eventStatus,
                        List<Target> targets) {
        //@formatter:off
        //封装操作事件
        Event event = Event.builder()
                .type(eventType)
                .time(Instant.now())
                .status(eventStatus).build();
        if (authentication.getPrincipal() instanceof UserDetails principal){
            String username = principal.getUsername();
            Map<String,String> content= Maps.newConcurrentMap();
            content.put("auth_type",principal.getAuthType());
            content.put("desc",username+"："+event.getType().getDesc());
            event.setContent(JSONObject.toJSONString(content));
        }
        //封装地理位置
        GeoLocation geoLocationModal = getGeoLocation();
        //封装用户代理
        UserAgent userAgent = getUserAgent();
        //封装操作人
        Actor actor = getActor(authentication);
        //Publish AuditEvent
        applicationEventPublisher.publishEvent(new AuditEvent(TraceUtils.get(), ServletContextHelp.getSession().getId(), actor, event, userAgent, geoLocationModal, targets));
        //@formatter:on
    }
    /**
     * 发布 审计事件
     *
@ -209,10 +242,16 @@ public class AuditEventPublish {
        //@formatter:off
        SecurityContext securityContext = SecurityContextHolder.getContext();
        Authentication authentication = securityContext.getAuthentication();
-        return Actor.builder()
+        Object principal = authentication.getPrincipal();
        Actor actor = Actor.builder()
                .id(getActorId(authentication))
                .type(getActorType(authentication))
                .build();
        if (principal instanceof UserDetails){
            actor.setAuthType(((UserDetails) principal).getAuthType());
        }
        return actor;
        //@formatter:on
    }
@ -223,10 +262,15 @@ public class AuditEventPublish {
     */
    private Actor getActor(Authentication authentication) {
        //@formatter:off
-        return Actor.builder()
+        Actor actor = Actor.builder()
                .id(getActorId(authentication))
                .type(getActorType(authentication))
                .build();
        Object principal = authentication.getPrincipal();
        if (principal instanceof UserDetails){
            actor.setAuthType(((UserDetails) principal).getAuthType());
        }
        return actor;
        //@formatter:on
    }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/repository/AuditRepository.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/repository/AuditRepository.java
@ -21,11 +21,11 @@ import java.time.LocalDateTime;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.querydsl.QuerydslPredicateExecutor;
 import org.springframework.data.repository.CrudRepository;
 import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 import cn.topiam.employee.audit.entity.AuditEntity;
 import cn.topiam.employee.support.repository.LogicDeleteRepository;
 /**
 * 行为审计repository
@ -34,7 +34,7 @@ import cn.topiam.employee.audit.entity.AuditEntity;
 * Created by support@topiam.cn on  2021/9/11 22:32
 */
@Repository
-public interface AuditRepository extends CrudRepository<AuditEntity, Long>,
+public interface AuditRepository extends LogicDeleteRepository<AuditEntity, Long>,
                                 QuerydslPredicateExecutor<AuditEntity> {
    /**
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/service/converter/AuditDataConverter.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/service/converter/AuditDataConverter.java
@ -40,13 +40,33 @@ import com.google.common.collect.Lists;
 import cn.topiam.employee.audit.controller.pojo.AuditListQuery;
 import cn.topiam.employee.audit.controller.pojo.AuditListResult;
-import cn.topiam.employee.audit.entity.*;
+import cn.topiam.employee.audit.entity.Actor;
 import cn.topiam.employee.audit.entity.AuditElasticSearchEntity;
 import cn.topiam.employee.audit.entity.Event;
 import cn.topiam.employee.audit.entity.Target;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.audit.enums.TargetType;
 import cn.topiam.employee.common.entity.account.OrganizationEntity;
 import cn.topiam.employee.common.entity.account.UserEntity;
 import cn.topiam.employee.common.entity.account.UserGroupEntity;
 import cn.topiam.employee.common.entity.app.AppEntity;
 import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
 import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
 import cn.topiam.employee.common.entity.authentication.IdentityProviderEntity;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceEntity;
 import cn.topiam.employee.common.entity.setting.AdministratorEntity;
 import cn.topiam.employee.common.entity.setting.MailTemplateEntity;
 import cn.topiam.employee.common.enums.UserType;
 import cn.topiam.employee.common.repository.account.OrganizationRepository;
 import cn.topiam.employee.common.repository.account.UserGroupRepository;
 import cn.topiam.employee.common.repository.account.UserRepository;
 import cn.topiam.employee.common.repository.app.AppPermissionResourceRepository;
 import cn.topiam.employee.common.repository.app.AppPermissionRoleRepository;
 import cn.topiam.employee.common.repository.app.AppRepository;
 import cn.topiam.employee.common.repository.authentication.IdentityProviderRepository;
 import cn.topiam.employee.common.repository.identitysource.IdentitySourceRepository;
 import cn.topiam.employee.common.repository.setting.AdministratorRepository;
 import cn.topiam.employee.common.repository.setting.MailTemplateRepository;
 import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
@ -69,7 +89,7 @@ public interface AuditDataConverter {
     * searchHits 转审计列表
     *
     * @param search {@link SearchHits}
-     * @param page {@link PageModel}
+     * @param page   {@link PageModel}
     * @return {@link Page}
     */
    default Page<AuditListResult> searchHitsConvertToAuditListResult(SearchHits<AuditElasticSearchEntity> search,
@ -94,6 +114,14 @@ public interface AuditDataConverter {
            //用户类型
            result.setUserType(actor.getType().getCode());
            //操作对象
            if (Objects.nonNull(content.getTargets())) {
                for (Target target : content.getTargets()) {
                    if (Objects.nonNull(target.getId())) {
                        target.setName(getTargetName(target.getType(), target.getId()));
                    }
                    target.setTypeName(target.getType().getDesc());
                }
            }
            result.setTargets(content.getTargets());
            list.add(result);
        });
@ -102,7 +130,7 @@ public interface AuditDataConverter {
        result.setPagination(Page.Pagination.builder()
                .total(search.getTotalHits())
                .totalPages(Math.toIntExact(search.getTotalHits() / page.getPageSize()))
-                .current(page.getCurrent()+1)
+                .current(page.getCurrent() + 1)
                .build());
        result.setList(list);
        //@formatter:on
@ -110,10 +138,9 @@ public interface AuditDataConverter {
    }
    /**
     *
     * 获取用户名
     *
-     * @param actorId {@link String}
+     * @param actorId   {@link String}
     * @param actorType {@link UserType}
     * @return {@link String}
     */
@ -140,7 +167,7 @@ public interface AuditDataConverter {
     * 审计列表请求到本机搜索查询
     *
     * @param query {@link AuditListQuery}
-     * @param page {@link PageModel}
+     * @param page  {@link PageModel}
     * @return {@link NativeSearchQuery}
     */
    default NativeSearchQuery auditListRequestConvertToNativeSearchQuery(AuditListQuery query,
@ -201,4 +228,118 @@ public interface AuditDataConverter {
            //排序
            .withSorts(fieldSortBuilders).build();
    }
    /**
     * 获取目标名称
     *
     * @param targetType {@link TargetType}
     * @param id         {@link String}
     * @return
     */
    @SuppressWarnings("AlibabaMethodTooLong")
    default String getTargetName(TargetType targetType, String id) {
        String name = "";
        if (TargetType.USER.equals(targetType) || TargetType.USER_DETAIL.equals(targetType)) {
            UserRepository userRepository = ApplicationContextHelp.getBean(UserRepository.class);
            Optional<UserEntity> user = userRepository.findByIdContainsDeleted(Long.valueOf(id));
            if (user.isPresent()) {
                name = user.get().getUsername();
            }
        }
        if (TargetType.USER_GROUP.equals(targetType)) {
            UserGroupRepository userGroupRepository = ApplicationContextHelp
                .getBean(UserGroupRepository.class);
            Optional<UserGroupEntity> userGroup = userGroupRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (userGroup.isPresent()) {
                name = userGroup.get().getName();
            }
        }
        if (TargetType.IDENTITY_SOURCE.equals(targetType)) {
            IdentitySourceRepository identitySourceRepository = ApplicationContextHelp
                .getBean(IdentitySourceRepository.class);
            Optional<IdentitySourceEntity> identitySource = identitySourceRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (identitySource.isPresent()) {
                name = identitySource.get().getName();
            }
        }
        if (TargetType.ORGANIZATION.equals(targetType)) {
            OrganizationRepository organizationRepository = ApplicationContextHelp
                .getBean(OrganizationRepository.class);
            Optional<OrganizationEntity> organizationEntity = organizationRepository
                .findByIdContainsDeleted(id);
            if (organizationEntity.isPresent()) {
                name = organizationEntity.get().getName();
            }
        }
        if (TargetType.APPLICATION.equals(targetType)) {
            AppRepository appRepository = ApplicationContextHelp.getBean(AppRepository.class);
            Optional<AppEntity> appEntity = appRepository.findByIdContainsDeleted(Long.valueOf(id));
            if (appEntity.isPresent()) {
                name = appEntity.get().getName();
            }
        }
        if (TargetType.APP_PERMISSION_RESOURCE.equals(targetType)) {
            AppPermissionResourceRepository appPermissionResourceRepository = ApplicationContextHelp
                .getBean(AppPermissionResourceRepository.class);
            Optional<AppPermissionResourceEntity> appPermissionResourceEntity = appPermissionResourceRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (appPermissionResourceEntity.isPresent()) {
                name = appPermissionResourceEntity.get().getName();
            }
        }
        if (TargetType.APPLICATION_ACCOUNT.equals(targetType)) {
            if (org.apache.commons.lang3.StringUtils.isNotBlank(id)) {
                name = id;
            }
        }
        if (TargetType.APP_PERMISSION_ROLE.equals(targetType)) {
            AppPermissionRoleRepository appPermissionResourceRepository = ApplicationContextHelp
                .getBean(AppPermissionRoleRepository.class);
            Optional<AppPermissionRoleEntity> appPermissionRoleEntity = appPermissionResourceRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (appPermissionRoleEntity.isPresent()) {
                name = appPermissionRoleEntity.get().getName();
            }
        }
        if (TargetType.ADMINISTRATOR.equals(targetType)) {
            AdministratorRepository administratorRepository = ApplicationContextHelp
                .getBean(AdministratorRepository.class);
            Optional<AdministratorEntity> administratorEntity = administratorRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (administratorEntity.isPresent()) {
                name = administratorEntity.get().getUsername();
            }
        }
        if (TargetType.MAIL_TEMPLATE.equals(targetType)) {
            MailTemplateRepository mailTemplateRepository = ApplicationContextHelp
                .getBean(MailTemplateRepository.class);
            Optional<MailTemplateEntity> mailTemplateEntity = mailTemplateRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (mailTemplateEntity.isPresent()) {
                name = mailTemplateEntity.get().getSender();
            }
        }
        if (TargetType.IDENTITY_PROVIDER.equals(targetType)) {
            IdentityProviderRepository identityProviderRepository = ApplicationContextHelp
                .getBean(IdentityProviderRepository.class);
            Optional<IdentityProviderEntity> identityProviderEntity = identityProviderRepository
                .findByIdContainsDeleted(Long.valueOf(id));
            if (identityProviderEntity.isPresent()) {
                name = identityProviderEntity.get().getName();
            }
        }
        return name;
    }
 }
--- a/eiam-audit/src/main/java/cn/topiam/employee/audit/service/impl/AuditServiceImpl.java
+++ b/eiam-audit/src/main/java/cn/topiam/employee/audit/service/impl/AuditServiceImpl.java
@ -17,7 +17,10 @@
 */
 package cn.topiam.employee.audit.service.impl;
-import java.util.*;
+import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
 import org.springframework.data.elasticsearch.core.ElasticsearchRestTemplate;
--- a/eiam-authentication/eiam-authentication-all/pom.xml
+++ b/eiam-authentication/eiam-authentication-all/pom.xml
@ -63,6 +63,12 @@
            <artifactId>eiam-authentication-wechatwork</artifactId>
            <version>${project.version}</version>
        </dependency>
        <!-- captcha-->
        <dependency>
            <groupId>cn.topiam</groupId>
            <artifactId>eiam-authentication-captcha</artifactId>
            <version>${project.version}</version>
        </dependency>
        <!-- sms-->
        <dependency>
            <groupId>cn.topiam</groupId>
--- a/eiam-authentication/eiam-authentication-captcha/pom.xml
+++ b/eiam-authentication/eiam-authentication-captcha/pom.xml
@ -0,0 +1,42 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
    eiam-authentication-captcha - Employee Identity and Access Management Program
    Copyright © 2020-2023 TopIAM (support@topiam.cn)
    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU Affero General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU Affero General Public License for more details.
    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 -->
 <project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <parent>
        <artifactId>eiam-authentication</artifactId>
        <groupId>cn.topiam</groupId>
        <version>1.0.0-beta1</version>
        <relativePath>../pom.xml</relativePath>
    </parent>
    <modelVersion>4.0.0</modelVersion>
    <artifactId>eiam-authentication-captcha</artifactId>
    <packaging>jar</packaging>
    <dependencies>
        <!--   common     -->
        <dependency>
            <groupId>cn.topiam</groupId>
            <artifactId>eiam-authentication-core</artifactId>
            <version>${project.version}</version>
        </dependency>
    </dependencies>
 </project>
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/CaptchaValidator.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/CaptchaValidator.java
@ -1,5 +1,5 @@
 /*
- * eiam-portal - Employee Identity and Access Management Program
+ * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
@ -15,24 +15,23 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-package cn.topiam.employee.portal.mfa;
+package cn.topiam.employee.authentication.captcha;
-import cn.topiam.employee.core.security.mfa.MfaProviderValidator;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 /**
 * Sms提供商验证
 *
 * @author TopIAM
- * Created by support@topiam.cn on  2022/7/31 20:50
+ * Created by support@topiam.cn on  2022/8/14 22:09
 */
-public class SmsProviderValidator implements MfaProviderValidator {
+public interface CaptchaValidator {
    /**
     * 验证
     *
-     * @param code {@link String}
+     * @param request {@link HttpServletRequest}
     * @param response {@link HttpServletResponse}
     * @return {@link Boolean}
     */
-    @Override
+    boolean validate(HttpServletRequest request, HttpServletResponse response);
    public boolean validate(String code) {
        return true;
    }
 }
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/NoneCaptchaProvider.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/NoneCaptchaProvider.java
@ -1,5 +1,5 @@
 /*
- * eiam-portal - Employee Identity and Access Management Program
+ * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
@ -15,24 +15,28 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-package cn.topiam.employee.portal.mfa.email;
+package cn.topiam.employee.authentication.captcha;
-import cn.topiam.employee.core.security.mfa.MfaProviderValidator;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 /**
- * OTP 提供商验证
+ * None
 *
 * @author TopIAM
- * Created by support@topiam.cn on  2022/7/31 20:50
+ * Created by support@topiam.cn on  2021/9/27 19:06
 */
-public class EmailOtpProviderValidator implements MfaProviderValidator {
+public class NoneCaptchaProvider implements CaptchaValidator {
    /**
     * 验证
     *
-     * @param code {@link String}
+     * @param request  {@link HttpServletRequest}
     * @param response {@link HttpServletResponse}
     * @return {@link Boolean}
     */
    @Override
-    public boolean validate(String code) {
+    public boolean validate(HttpServletRequest request, HttpServletResponse response) {
        return true;
    }
 }
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/configurer/package-info.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/configurer/package-info.java
@ -1,5 +1,5 @@
 /*
- * eiam-protocol-oidc - Employee Identity and Access Management Program
+ * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
@ -15,10 +15,4 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-/**
+package cn.topiam.employee.authentication.captcha.configurer;
 * 处理器
 *
 * @author TopIAM
 * Created by support@topiam.cn on 2020/10/29 23:12
 */
 package cn.topiam.employee.protocol.oidc.handler;
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/filter/CaptchaValidatorFilter.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/filter/CaptchaValidatorFilter.java
@ -0,0 +1,121 @@
 /*
 * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package cn.topiam.employee.authentication.captcha.filter;
 import java.io.IOException;
 import java.util.Objects;
 import java.util.UUID;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
 import org.springframework.lang.NonNull;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.OrRequestMatcher;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.filter.OncePerRequestFilter;
 import com.alibaba.fastjson2.JSONObject;
 import cn.topiam.employee.authentication.captcha.CaptchaValidator;
 import cn.topiam.employee.common.constants.AuthorizeConstants;
 import cn.topiam.employee.support.result.ApiRestResult;
 import cn.topiam.employee.support.trace.TraceUtils;
 import static cn.topiam.employee.common.constants.AuthorizeConstants.FORM_LOGIN;
 import static cn.topiam.employee.support.constant.EiamConstants.CAPTCHA_CODE_SESSION;
 import static cn.topiam.employee.support.exception.enums.ExceptionStatus.EX000102;
 import static cn.topiam.employee.support.util.HttpResponseUtils.flushResponse;
 /**
 * 验证码过滤器
 *
 * @author TopIAM
 * Created by support@topiam.cn on 2020/10/23 22:34
 */
 public class CaptchaValidatorFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(@NonNull HttpServletRequest request,
                                    @NonNull HttpServletResponse response,
                                    @NonNull FilterChain filterChain) throws ServletException,
                                                                      IOException {
        if (requiresAuthentication(request)) {
            TraceUtils.put(UUID.randomUUID().toString());
            boolean validate = captchaValidator.validate(request, response);
            if (!validate) {
                response.setStatus(HttpStatus.BAD_REQUEST.value());
                flushResponse(response, JSONObject.toJSONString(ApiRestResult.builder()
                    .status(EX000102.getCode()).message(EX000102.getMessage()).build()));
                return;
            }
            filterChain.doFilter(request, response);
            TraceUtils.remove();
            return;
        }
        filterChain.doFilter(request, response);
    }
    /**
     * 校验验证码
     *
     * @param captcha {@link String}
     * @return boolean
     */
    public boolean validate(String captcha) {
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder
            .getRequestAttributes();
        HttpServletRequest request = Objects.requireNonNull(attributes).getRequest();
        String value = String.valueOf(request.getSession().getAttribute(CAPTCHA_CODE_SESSION));
        return StringUtils.equals(value, captcha);
    }
    /**
     * 需要认证
     *
     * @param request {@link HttpServletRequest}
     * @return {@link Boolean}
     */
    protected boolean requiresAuthentication(HttpServletRequest request) {
        OrRequestMatcher requestMatcher = new OrRequestMatcher(
            //登录
            new AntPathRequestMatcher(FORM_LOGIN, HttpMethod.POST.name()),
            //发送OTP
            new AntPathRequestMatcher(AuthorizeConstants.LOGIN_OTP_SEND, HttpMethod.POST.name()));
        return requestMatcher.matches(request);
    }
    /**
     * CaptchaValidator
     */
    private final CaptchaValidator captchaValidator;
    /**
     *
     * @param captchaValidator {@link CaptchaValidator}
     */
    public CaptchaValidatorFilter(CaptchaValidator captchaValidator) {
        this.captchaValidator = captchaValidator;
    }
 }
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/filter/package-info.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/filter/package-info.java
@ -0,0 +1,18 @@
 /*
 * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package cn.topiam.employee.authentication.captcha.filter;
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/GeeTestCaptchaProviderConfig.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/GeeTestCaptchaProviderConfig.java
@ -1,5 +1,5 @@
 /*
- * eiam-portal - Employee Identity and Access Management Program
+ * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
@ -15,38 +15,37 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-package cn.topiam.employee.portal.pojo.result;
+package cn.topiam.employee.authentication.captcha.geetest;
 import java.io.Serial;
 import java.io.Serializable;
-import cn.topiam.employee.common.enums.MfaFactor;
+import javax.validation.constraints.NotEmpty;
 import cn.topiam.employee.core.security.captcha.CaptchaProviderConfig;
 import lombok.Builder;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 /**
- * Mfa 登录方式
+ * 极速验证码
 *
 * @author TopIAM
- * Created by support@topiam.cn on  2022/8/13 21:29
+ * Created by support@topiam.cn on  2022/8/14 22:44
 */
@Builder
@Data
-public class LoginMfaFactorResult implements Serializable {
+@EqualsAndHashCode(callSuper = true)
 public class GeeTestCaptchaProviderConfig extends CaptchaProviderConfig {
    @Serial
-    private static final long serialVersionUID = 7255002979319970337L;
+    private static final long serialVersionUID = 3279601494863893521L;
    /**
-     * provider
+     * 验证码ID
     */
-    private MfaFactor         factor;
+    @NotEmpty(message = "验证码ID不能为空")
-    /**
+    private String            captchaId;
-     * 可用
+
     */
    private Boolean           usable;
    /**
-     * 目标
+     * 验证码KEY
     */
-    private String            target;
+    @NotEmpty(message = "验证码KEY不能为空")
    private String            captchaKey;
 }
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/GeeTestCaptchaValidator.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/GeeTestCaptchaValidator.java
@ -0,0 +1,120 @@
 /*
 * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package cn.topiam.employee.authentication.captcha.geetest;
 import java.util.Map;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.codec.digest.HmacAlgorithms;
 import org.apache.commons.codec.digest.HmacUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.*;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestTemplate;
 import com.alibaba.fastjson2.JSONObject;
 import cn.topiam.employee.authentication.captcha.CaptchaValidator;
 import cn.topiam.employee.common.util.RequestUtils;
 /**
 * 极速验证
 *
 * @author TopIAM
 * Created by support@topiam.cn on  2022/8/14 19:11
 */
 public class GeeTestCaptchaValidator implements CaptchaValidator {
    private static final String RESULT  = "result";
    private static final String SUCCESS = "success";
    private final Logger        logger  = LoggerFactory.getLogger(GeeTestCaptchaValidator.class);
    /**
     * 验证
     *
     * @param request {@link HttpServletRequest}
     * @param response {@link HttpServletResponse}
     * @return {@link Boolean}
     */
    @Override
    public boolean validate(HttpServletRequest request, HttpServletResponse response) {
        Map<String, Object> getParams = RequestUtils.getParams(request);
        // 1.初始化极验参数信息
        String captchaId = config.getCaptchaId();
        String captchaKey = config.getCaptchaKey();
        String domain = "https://gcaptcha4.geetest.com";
        // 2.获取用户验证后前端传过来的验证流水号等参数
        String lotNumber = (String) getParams.get("lot_number");
        String captchaOutput = (String) getParams.get("captcha_output");
        String passToken = (String) getParams.get("pass_token");
        String genTime = (String) getParams.get("gen_time");
        // 3.生成签名
        // 生成签名使用标准的hmac算法，使用用户当前完成验证的流水号lot_number作为原始消息message，使用客户验证私钥作为key
        // 采用sha256散列算法将message和key进行单向散列生成最终的签名
        String signToken = new HmacUtils(HmacAlgorithms.HMAC_SHA_256, captchaKey)
            .hmacHex(lotNumber);
        // 4.上传校验参数到极验二次验证接口, 校验用户验证状态
        MultiValueMap<String, String> queryParams = new LinkedMultiValueMap<>();
        queryParams.add("lot_number", lotNumber);
        queryParams.add("captcha_output", captchaOutput);
        queryParams.add("pass_token", passToken);
        queryParams.add("gen_time", genTime);
        queryParams.add("sign_token", signToken);
        // captcha_id 参数建议放在 url 后面, 方便请求异常时可以在日志中根据id快速定位到异常请求
        String url = String.format(domain + "/validate" + "?captcha_id=%s", captchaId);
        HttpHeaders headers = new HttpHeaders();
        HttpMethod method = HttpMethod.POST;
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        JSONObject jsonObject;
        //注意处理接口异常情况，当请求极验二次验证接口异常时做出相应异常处理
        //保证不会因为接口请求超时或服务未响应而阻碍业务流程
        try {
            HttpEntity<MultiValueMap<String, String>> requestEntity = new HttpEntity<>(queryParams,
                headers);
            ResponseEntity<String> responseEntity = restTemplate.exchange(url, method,
                requestEntity, String.class);
            String resBody = responseEntity.getBody();
            jsonObject = JSONObject.parseObject(resBody);
        } catch (Exception e) {
            logger.error("验证发生异常:  {}", e.getMessage());
            return false;
        }
        // 5.根据极验返回的用户验证状态, 网站主进行自己的业务逻辑
        if (SUCCESS.equals(jsonObject.getString(RESULT))) {
            logger.info("验证成功:  {}", jsonObject.toJSONString());
            return true;
        }
        logger.info("验证失败:  {}", jsonObject.toJSONString());
        return true;
    }
    private final GeeTestCaptchaProviderConfig config;
    private final RestTemplate                 restTemplate;
    public GeeTestCaptchaValidator(GeeTestCaptchaProviderConfig config, RestTemplate restTemplate) {
        this.config = config;
        this.restTemplate = restTemplate;
    }
 }
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/package-info.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/geetest/package-info.java
@ -0,0 +1,18 @@
 /*
 * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 package cn.topiam.employee.authentication.captcha.geetest;
--- a/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/package-info.java
+++ b/eiam-authentication/eiam-authentication-captcha/src/main/java/cn/topiam/employee/authentication/captcha/package-info.java
@ -1,5 +1,5 @@
 /*
- * eiam-portal - Employee Identity and Access Management Program
+ * eiam-authentication-captcha - Employee Identity and Access Management Program
 * Copyright © 2020-2023 TopIAM (support@topiam.cn)
 *
 * This program is free software: you can redistribute it and/or modify
@ -15,4 +15,4 @@
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-package cn.topiam.employee.portal.mfa;
+package cn.topiam.employee.authentication.sms;
--- a/eiam-authentication/pom.xml
+++ b/eiam-authentication/pom.xml
@ -40,6 +40,7 @@
        <module>eiam-authentication-wechatwork</module>
        <module>eiam-authentication-sms</module>
        <module>eiam-authentication-mfa</module>
        <module>eiam-authentication-captcha</module>
        <module>eiam-authentication-all</module>
    </modules>
--- a/eiam-common/src/main/resources/db/1.0.0-changelog.xml
+++ b/eiam-common/src/main/resources/db/1.0.0-changelog.xml
@ -647,6 +647,39 @@
                <constraints nullable="true"/>
            </column>
        </createTable>
        <createTable remarks="TSA 应用配置" tableName="app_tsa_config">
            <column name="id_" type="BIGINT" remarks="主键ID">
                <constraints nullable="false" primaryKey="true"/>
            </column>
            <column name="app_id" remarks="应用ID" type="BIGINT">
                <constraints nullable="false"/>
            </column>
            <column name="login_page" remarks="登录页面URL" type="VARCHAR(500)">
                <constraints nullable="false"/>
            </column>
            <column name="auto_login_steps" remarks="自动登录步骤" type="JSON">
                <constraints nullable="false"/>
            </column>
            <column name="create_account_steps" remarks="创建账号步骤" type="JSON">
                <constraints nullable="false"/>
            </column>
            <column name="create_by" remarks="创建者" type="VARCHAR(64)">
                <constraints nullable="false"/>
            </column>
            <column defaultValueComputed="CURRENT_TIMESTAMP" name="create_time" remarks="创建时间" type="datetime">
                <constraints nullable="false"/>
            </column>
            <column name="update_by" remarks="修改者" type="VARCHAR(64)">
                <constraints nullable="false"/>
            </column>
            <column defaultValueComputed="CURRENT_TIMESTAMP" name="update_time" remarks="修改时间" type="datetime">
                <constraints nullable="false"/>
            </column>
            <column name="remark_" remarks="备注" type="TEXT"/>
            <column name="is_deleted" remarks="删除标记" type="TINYINT(1)" defaultValueNumeric="0">
                <constraints nullable="true"/>
            </column>
        </createTable>
        <createTable remarks="应用权限角色表" tableName="app_permission_role">
            <column name="id_" remarks="主键ID" type="BIGINT" >
                <constraints nullable="false" primaryKey="true"/>
--- a/eiam-common/src/main/resources/db/eiam-changelog-master.xml
+++ b/eiam-common/src/main/resources/db/eiam-changelog-master.xml
@ -24,4 +24,4 @@
        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog https://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd
          http://www.liquibase.org/xml/ns/dbchangelog https://www.liquibase.org/xml/ns/pro/liquibase-pro-4.3.xsd">
    <include file="db/1.0.0-changelog.xml" relativeToChangelogFile="false"/>
-</databaseChangeLog>
+</databaseChangeLog>
--- a/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleApiConfiguration.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleApiConfiguration.java
@ -17,17 +17,18 @@
 */
 package cn.topiam.employee.console.configuration;
 import org.springdoc.core.GroupedOpenApi;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.Environment;
 import cn.topiam.employee.EiamConsoleApplication;
 import cn.topiam.employee.common.constants.AuthenticationConstants;
 import cn.topiam.employee.support.util.AppVersionUtils;
 import io.swagger.v3.oas.models.OpenAPI;
 import io.swagger.v3.oas.models.info.Contact;
 import io.swagger.v3.oas.models.info.Info;
 import org.springdoc.core.GroupedOpenApi;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.Environment;
 import static cn.topiam.employee.common.constants.AccountConstants.ACCOUNT_API_DOC_GROUP_NAME;
 import static cn.topiam.employee.common.constants.AccountConstants.ACCOUNT_API_PATHS;
 import static cn.topiam.employee.common.constants.AnalysisConstants.ANALYSIS_GROUP_NAME;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleFrontendConfiguration.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleFrontendConfiguration.java
@ -17,6 +17,8 @@
 */
 package cn.topiam.employee.console.configuration;
 import java.io.IOException;
 import org.jetbrains.annotations.NotNull;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.Resource;
@ -24,8 +26,6 @@ import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.resource.PathResourceResolver;
 import java.io.IOException;
 /**
 * 控制台前端配置
 *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleSecurityConfiguration.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleSecurityConfiguration.java
@ -17,18 +17,9 @@
 */
 package cn.topiam.employee.console.configuration;
-import cn.topiam.employee.common.constants.AuthorizeConstants;
+import java.util.Objects;
-import cn.topiam.employee.common.entity.setting.SettingEntity;
+import java.util.stream.Collectors;
-import cn.topiam.employee.common.geo.GeoLocationService;
+
 import cn.topiam.employee.common.repository.setting.SettingRepository;
 import cn.topiam.employee.console.security.handler.*;
 import cn.topiam.employee.console.security.listener.ConsoleAuthenticationFailureEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleAuthenticationSuccessEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleLogoutSuccessEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleSessionInformationExpiredStrategy;
 import cn.topiam.employee.core.endpoint.security.PublicSecretEndpoint;
 import cn.topiam.employee.core.security.form.FormLoginSecretFilter;
 import lombok.RequiredArgsConstructor;
 import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.cloud.context.config.annotation.RefreshScope;
@ -46,8 +37,21 @@ import org.springframework.security.web.util.matcher.RequestMatcher;
 import org.springframework.session.security.web.authentication.SpringSessionRememberMeServices;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import java.util.Objects;
+import cn.topiam.employee.common.constants.AuthorizeConstants;
-import java.util.stream.Collectors;
+import cn.topiam.employee.common.entity.setting.SettingEntity;
 import cn.topiam.employee.common.geo.GeoLocationService;
 import cn.topiam.employee.common.repository.setting.SettingRepository;
 import cn.topiam.employee.console.security.handler.*;
 import cn.topiam.employee.console.security.listener.ConsoleAuthenticationFailureEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleAuthenticationSuccessEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleLogoutSuccessEventListener;
 import cn.topiam.employee.console.security.listener.ConsoleSessionInformationExpiredStrategy;
 import cn.topiam.employee.core.endpoint.security.PublicSecretEndpoint;
 import cn.topiam.employee.core.security.form.FormLoginSecretFilter;
 import lombok.RequiredArgsConstructor;
 import static org.springframework.boot.autoconfigure.security.StaticResourceLocation.*;
 import static org.springframework.security.config.Customizer.withDefaults;
 import static cn.topiam.employee.common.constants.AuthorizeConstants.FE_LOGIN;
 import static cn.topiam.employee.common.constants.AuthorizeConstants.LOGIN_PATH;
@ -55,8 +59,6 @@ import static cn.topiam.employee.common.constants.ConfigBeanNameConstants.DEFAUL
 import static cn.topiam.employee.common.constants.SessionConstants.CURRENT_STATUS;
 import static cn.topiam.employee.core.setting.constant.SecuritySettingConstants.*;
 import static cn.topiam.employee.support.constant.EiamConstants.*;
 import static org.springframework.boot.autoconfigure.security.StaticResourceLocation.*;
 import static org.springframework.security.config.Customizer.withDefaults;
 /**
 * ConsoleSecurityConfiguration
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/CurrentUserEndpoint.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/CurrentUserEndpoint.java
@ -17,6 +17,19 @@
 */
 package cn.topiam.employee.console.controller;
 import java.io.Serializable;
 import java.util.Optional;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import com.alibaba.fastjson2.JSON;
 import cn.topiam.employee.common.entity.setting.AdministratorEntity;
 import cn.topiam.employee.common.exception.UserNotFoundException;
 import cn.topiam.employee.common.repository.setting.AdministratorRepository;
@ -25,20 +38,11 @@ import cn.topiam.employee.core.security.util.SecurityUtils;
 import cn.topiam.employee.support.result.ApiRestResult;
 import cn.topiam.employee.support.util.DesensitizationUtil;
 import cn.topiam.employee.support.util.HttpResponseUtils;
-import com.alibaba.fastjson2.JSON;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.Serializable;
 import java.util.Optional;
 import io.swagger.v3.oas.annotations.media.Schema;
 import static cn.topiam.employee.common.constants.SessionConstants.CURRENT_USER;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/OrganizationController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/OrganizationController.java
@ -17,6 +17,13 @@
 */
 package cn.topiam.employee.console.controller.account;
 import java.util.List;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.constants.AccountConstants;
@ -30,14 +37,9 @@ import cn.topiam.employee.console.service.account.OrganizationService;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import java.util.List;
 /**
 * 系统账户-组织架构
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserController.java
@ -17,6 +17,19 @@
 */
 package cn.topiam.employee.console.controller.account;
 import java.io.Serializable;
 import java.util.List;
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.entity.account.query.UserListNotInGroupQuery;
@ -39,23 +52,13 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import java.io.Serializable;
 import java.util.List;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AccountConstants.USER_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserGroupController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserGroupController.java
@ -17,6 +17,16 @@
 */
 package cn.topiam.employee.console.controller.account;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import com.google.common.collect.Lists;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.entity.account.UserGroupEntity;
@ -36,19 +46,12 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import com.google.common.collect.Lists;
+
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import static cn.topiam.employee.common.constants.AccountConstants.USER_GROUP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserIdpBindController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/account/UserIdpBindController.java
@ -17,13 +17,14 @@
 */
 package cn.topiam.employee.console.controller.account;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AccountConstants.USER_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/analysis/AnalysisController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/analysis/AnalysisController.java
@ -17,20 +17,21 @@
 */
 package cn.topiam.employee.console.controller.analysis;
-import cn.topiam.employee.console.pojo.query.analysis.AnalysisQuery;
+import java.util.List;
-import cn.topiam.employee.console.pojo.result.analysis.*;
+
 import cn.topiam.employee.console.service.analysis.AnalysisService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import java.util.List;
+import cn.topiam.employee.console.pojo.query.analysis.AnalysisQuery;
 import cn.topiam.employee.console.pojo.result.analysis.*;
 import cn.topiam.employee.console.service.analysis.AnalysisService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AnalysisConstants.ANALYSIS_GROUP_NAME;
 import static cn.topiam.employee.common.constants.AnalysisConstants.ANALYSIS_PATH;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppAccessPolicyController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppAccessPolicyController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.app;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.entity.app.query.AppAccessPolicyQuery;
@ -30,14 +35,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppAccountController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppAccountController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.app;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.entity.app.query.AppAccountQuery;
@ -28,14 +33,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppCertController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppCertController.java
@ -17,14 +17,8 @@
 */
 package cn.topiam.employee.console.controller.app;
-import cn.topiam.employee.application.saml2.pojo.AppSaml2StandardConfigGetResult;
+import java.util.List;
-import cn.topiam.employee.console.pojo.query.app.AppCertQuery;
+
 import cn.topiam.employee.console.pojo.result.app.AppCertListResult;
 import cn.topiam.employee.console.service.app.AppCertService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -32,8 +26,16 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import java.util.List;
+import cn.topiam.employee.application.saml2.pojo.AppSaml2StandardConfigGetResult;
 import cn.topiam.employee.console.pojo.query.app.AppCertQuery;
 import cn.topiam.employee.console.pojo.result.app.AppCertListResult;
 import cn.topiam.employee.console.service.app.AppCertService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.app;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.application.saml2.pojo.AppSaml2StandardConfigGetResult;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
@ -33,14 +38,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionActionController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionActionController.java
@ -17,13 +17,8 @@
 */
 package cn.topiam.employee.console.controller.app;
-import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
+import java.util.List;
-import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
+
 import cn.topiam.employee.console.service.app.AppPermissionActionService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
@ -33,8 +28,15 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import java.util.List;
+import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
 import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
 import cn.topiam.employee.console.service.app.AppPermissionActionService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.RequiredArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionPolicyController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionPolicyController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.app;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.common.entity.app.query.AppPolicyQuery;
 import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyGetResult;
 import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
@ -31,14 +36,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionResourceController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionResourceController.java
@ -17,6 +17,16 @@
 */
 package cn.topiam.employee.console.controller.app;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.CheckValidityType;
@ -34,20 +44,12 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.RequiredArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionRoleController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppPermissionRoleController.java
@ -17,6 +17,16 @@
 */
 package cn.topiam.employee.console.controller.app;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.CheckValidityType;
@ -31,20 +41,12 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.RequiredArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppSaml2Controller.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppSaml2Controller.java
@ -17,24 +17,27 @@
 */
 package cn.topiam.employee.console.controller.app;
-import cn.topiam.employee.console.pojo.result.app.ParseSaml2MetadataResult;
+import java.io.IOException;
-import cn.topiam.employee.console.service.app.AppSaml2Service;
+
-import cn.topiam.employee.support.lock.Lock;
+import javax.validation.Valid;
-import cn.topiam.employee.support.result.ApiRestResult;
+import javax.validation.constraints.NotBlank;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
-import javax.validation.Valid;
+import cn.topiam.employee.console.pojo.result.app.ParseSaml2MetadataResult;
-import javax.validation.constraints.NotBlank;
+import cn.topiam.employee.console.service.app.AppSaml2Service;
-import java.io.IOException;
+import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppTemplateController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/app/AppTemplateController.java
@ -17,14 +17,11 @@
 */
 package cn.topiam.employee.console.controller.app;
-import cn.topiam.employee.common.enums.app.AppType;
+import java.util.List;
-import cn.topiam.employee.console.pojo.result.app.AppTemplateResult;
+import java.util.Map;
-import cn.topiam.employee.console.service.app.AppTemplateService;
+
-import cn.topiam.employee.support.result.ApiRestResult;
+import javax.validation.constraints.NotEmpty;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -33,10 +30,16 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
-import javax.validation.constraints.NotEmpty;
+import cn.topiam.employee.common.enums.app.AppType;
-import java.util.List;
+import cn.topiam.employee.console.pojo.result.app.AppTemplateResult;
-import java.util.Map;
+import cn.topiam.employee.console.service.app.AppTemplateService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.RequiredArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AppConstants.APP_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/authentication/IdentityProviderController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/authentication/IdentityProviderController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.authentication;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.constants.AuthenticationConstants;
@ -32,13 +37,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 /**
 * 身份提供商
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.identitysource;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceEntity;
@ -37,14 +42,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AccountConstants.IDENTITY_SOURCE_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceEventController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceEventController.java
@ -17,22 +17,24 @@
 */
 package cn.topiam.employee.console.controller.identitysource;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import cn.topiam.employee.console.pojo.query.identity.IdentitySourceEventRecordListQuery;
 import cn.topiam.employee.console.pojo.result.identitysource.IdentitySourceEventRecordListResult;
 import cn.topiam.employee.console.service.identitysource.IdentitySourceEventRecordService;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AccountConstants.IDENTITY_SOURCE_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceSyncController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/identitysource/IdentitySourceSyncController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.identitysource;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.console.pojo.query.identity.IdentitySourceSyncHistoryListQuery;
@ -29,14 +34,11 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.AccountConstants.IDENTITY_SOURCE_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/session/SessionManageEndpoint.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/session/SessionManageEndpoint.java
@ -17,6 +17,28 @@
 */
 package cn.topiam.employee.console.controller.session;
 import java.io.Serial;
 import java.io.Serializable;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.alibaba.fastjson2.JSON;
 import com.alibaba.fastjson2.annotation.JSONField;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.context.AuditContext;
 import cn.topiam.employee.audit.entity.Target;
@ -33,33 +55,16 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import cn.topiam.employee.support.util.HttpResponseUtils;
 import cn.topiam.employee.support.web.useragent.UserAgent;
-import com.alibaba.fastjson2.JSON;
+
 import com.alibaba.fastjson2.annotation.JSONField;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.Data;
 import lombok.experimental.Accessors;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import javax.servlet.http.HttpServletRequest;
+import io.swagger.v3.oas.annotations.Operation;
-import javax.servlet.http.HttpServletResponse;
+import io.swagger.v3.oas.annotations.tags.Tag;
-import java.io.Serial;
+import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.USERNAME;
 import java.io.Serializable;
 import java.time.LocalDateTime;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import static cn.topiam.employee.common.constants.SessionConstants.SESSION_PATH;
 import static cn.topiam.employee.support.constant.EiamConstants.DEFAULT_DATE_TIME_FORMATTER_PATTERN;
 import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.USERNAME;
 /**
 * 会话管理
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/AdministratorController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/AdministratorController.java
@ -17,6 +17,14 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.CheckValidityType;
@ -33,18 +41,12 @@ import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.NotNull;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/GeoIpLibraryController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/GeoIpLibraryController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.geo.GeoLocation;
@ -27,15 +32,12 @@ import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import static cn.topiam.employee.common.constants.ConfigBeanNameConstants.GEO_LOCATION;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 import static cn.topiam.employee.core.setting.constant.GeoIpProviderConstants.IPADDRESS_SETTING_NAME;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/MailProviderController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/MailProviderController.java
@ -17,6 +17,13 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import java.util.HashMap;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.MailType;
@ -29,16 +36,11 @@ import cn.topiam.employee.core.message.mail.MailMsgEventPublish;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import java.util.HashMap;
+import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/MailTemplateController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/MailTemplateController.java
@ -17,6 +17,14 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import java.util.List;
 import java.util.Objects;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.MailType;
@ -27,17 +35,11 @@ import cn.topiam.employee.console.service.setting.MailTemplateService;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import java.util.List;
+import lombok.AllArgsConstructor;
 import java.util.Objects;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SecurityController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SecurityController.java
@ -17,6 +17,13 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import java.util.List;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.console.pojo.result.setting.*;
@ -29,16 +36,11 @@ import cn.topiam.employee.console.service.setting.SecuritySettingService;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import java.util.List;
+import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SmsProviderController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SmsProviderController.java
@ -17,6 +17,12 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import java.util.LinkedHashMap;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.common.enums.MailType;
@ -29,15 +35,11 @@ import cn.topiam.employee.core.security.password.PasswordGenerator;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
-import java.util.LinkedHashMap;
+import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SmsTemplateController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/SmsTemplateController.java
@ -17,14 +17,10 @@
 */
 package cn.topiam.employee.console.controller.setting;
-import cn.topiam.employee.common.enums.Language;
+import java.util.List;
-import cn.topiam.employee.console.pojo.result.setting.SmsTemplateListResult;
+
-import cn.topiam.employee.console.service.setting.SmsTemplateService;
+import javax.validation.constraints.NotNull;
-import cn.topiam.employee.support.result.ApiRestResult;
+
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -32,9 +28,16 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import javax.validation.constraints.NotNull;
+import cn.topiam.employee.common.enums.Language;
-import java.util.List;
+import cn.topiam.employee.console.pojo.result.setting.SmsTemplateListResult;
 import cn.topiam.employee.console.service.setting.SmsTemplateService;
 import cn.topiam.employee.support.result.ApiRestResult;
 import lombok.AllArgsConstructor;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/StorageController.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/controller/setting/StorageController.java
@ -17,6 +17,11 @@
 */
 package cn.topiam.employee.console.controller.setting;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import cn.topiam.employee.audit.annotation.Audit;
 import cn.topiam.employee.audit.enums.EventType;
 import cn.topiam.employee.console.pojo.result.setting.StorageProviderConfigResult;
@ -25,14 +30,11 @@ import cn.topiam.employee.console.service.setting.StorageSettingService;
 import cn.topiam.employee.support.lock.Lock;
 import cn.topiam.employee.support.preview.Preview;
 import cn.topiam.employee.support.result.ApiRestResult;
-import io.swagger.v3.oas.annotations.Operation;
+
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import static cn.topiam.employee.common.constants.SettingConstants.SETTING_PATH;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/OrganizationConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/OrganizationConverter.java
@ -17,6 +17,14 @@
 */
 package cn.topiam.employee.console.converter.account;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import cn.topiam.employee.common.entity.account.OrganizationEntity;
 import cn.topiam.employee.console.pojo.result.account.OrganizationChildResult;
 import cn.topiam.employee.console.pojo.result.account.OrganizationResult;
@ -24,13 +32,6 @@ import cn.topiam.employee.console.pojo.result.account.OrganizationRootResult;
 import cn.topiam.employee.console.pojo.result.account.OrganizationTreeResult;
 import cn.topiam.employee.console.pojo.save.account.OrganizationCreateParam;
 import cn.topiam.employee.console.pojo.update.account.OrganizationUpdateParam;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 /**
 * 组织架构数据映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/UserConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/UserConverter.java
@ -17,6 +17,31 @@
 */
 package cn.topiam.employee.console.converter.account;
 import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import org.elasticsearch.index.query.BoolQueryBuilder;
 import org.elasticsearch.index.query.QueryBuilders;
 import org.elasticsearch.search.sort.FieldSortBuilder;
 import org.elasticsearch.search.sort.SortBuilder;
 import org.elasticsearch.search.sort.SortBuilders;
 import org.elasticsearch.search.sort.SortOrder;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.elasticsearch.core.SearchHits;
 import org.springframework.data.elasticsearch.core.query.NativeSearchQuery;
 import org.springframework.data.elasticsearch.core.query.NativeSearchQueryBuilder;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
 import com.google.common.collect.Lists;
 import com.google.common.collect.Sets;
 import cn.topiam.employee.audit.entity.AuditElasticSearchEntity;
 import cn.topiam.employee.audit.entity.Event;
 import cn.topiam.employee.audit.enums.EventType;
@ -35,30 +60,6 @@ import cn.topiam.employee.console.pojo.update.account.UserUpdateParam;
 import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import com.google.common.collect.Lists;
 import com.google.common.collect.Sets;
 import org.elasticsearch.index.query.BoolQueryBuilder;
 import org.elasticsearch.index.query.QueryBuilders;
 import org.elasticsearch.search.sort.FieldSortBuilder;
 import org.elasticsearch.search.sort.SortBuilder;
 import org.elasticsearch.search.sort.SortBuilders;
 import org.elasticsearch.search.sort.SortOrder;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.elasticsearch.core.SearchHits;
 import org.springframework.data.elasticsearch.core.query.NativeSearchQuery;
 import org.springframework.data.elasticsearch.core.query.NativeSearchQueryBuilder;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.StringUtils;
 import java.time.LocalDateTime;
 import java.time.ZoneId;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.Set;
 import static cn.topiam.employee.audit.entity.Actor.ACTOR_ID;
 import static cn.topiam.employee.audit.entity.Event.EVENT_TIME;
 import static cn.topiam.employee.audit.entity.Event.EVENT_TYPE;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/UserGroupConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/account/UserGroupConverter.java
@ -17,6 +17,18 @@
 */
 package cn.topiam.employee.console.converter.account;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import com.google.common.collect.Lists;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.account.QUserGroupEntity;
 import cn.topiam.employee.common.entity.account.UserEntity;
 import cn.topiam.employee.common.entity.account.UserGroupEntity;
@ -29,16 +41,6 @@ import cn.topiam.employee.console.pojo.save.account.UserGroupCreateParam;
 import cn.topiam.employee.console.pojo.update.account.UserGroupUpdateParam;
 import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.google.common.collect.Lists;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 用户映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppAccessPolicyConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppAccessPolicyConverter.java
@ -17,16 +17,17 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.mapstruct.Mapper;
 import org.springframework.util.CollectionUtils;
 import cn.topiam.employee.common.entity.app.AppAccessPolicyEntity;
 import cn.topiam.employee.common.entity.app.po.AppAccessPolicyPO;
 import cn.topiam.employee.console.pojo.result.app.AppAccessPolicyResult;
 import cn.topiam.employee.console.pojo.save.app.AppAccessPolicyCreateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import org.mapstruct.Mapper;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 应用授权策略 Converter
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppAccountConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppAccountConverter.java
@ -17,17 +17,18 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import cn.topiam.employee.common.entity.app.AppAccountEntity;
 import cn.topiam.employee.common.entity.app.po.AppAccountPO;
 import cn.topiam.employee.console.pojo.result.app.AppAccountListResult;
 import cn.topiam.employee.console.pojo.save.app.AppAccountCreateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 应用账户映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppCertConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppCertConverter.java
@ -17,18 +17,20 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.app.AppCertEntity;
 import cn.topiam.employee.common.entity.app.QAppCertEntity;
 import cn.topiam.employee.console.pojo.query.app.AppCertQuery;
 import cn.topiam.employee.console.pojo.result.app.AppCertListResult;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 /**
 * 应用证书Converter
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppConverter.java
@ -17,6 +17,19 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.List;
 import java.util.Objects;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.AlternativeJdkIdGenerator;
 import org.springframework.util.IdGenerator;
 import com.google.common.collect.Lists;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.application.ApplicationService;
 import cn.topiam.employee.application.ApplicationServiceLoader;
 import cn.topiam.employee.common.entity.app.AppEntity;
@ -27,17 +40,6 @@ import cn.topiam.employee.console.pojo.result.app.AppListResult;
 import cn.topiam.employee.console.pojo.update.app.AppUpdateParam;
 import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.google.common.collect.Lists;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.AlternativeJdkIdGenerator;
 import org.springframework.util.IdGenerator;
 import java.util.List;
 import java.util.Objects;
 /**
 * 应用映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionActionConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionActionConverter.java
@ -17,21 +17,23 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.ObjectUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.app.AppPermissionActionEntity;
 import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
 import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
 import cn.topiam.employee.common.enums.PermissionActionType;
 import cn.topiam.employee.console.pojo.query.app.AppPermissionActionListQuery;
 import cn.topiam.employee.console.pojo.result.app.AppPermissionActionListResult;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.ObjectUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 权限映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionPolicyConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionPolicyConverter.java
@ -17,18 +17,19 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import cn.topiam.employee.common.entity.app.AppPermissionPolicyEntity;
 import cn.topiam.employee.common.entity.app.po.AppPermissionPolicyPO;
 import cn.topiam.employee.console.pojo.result.app.AppPermissionPolicyListResult;
 import cn.topiam.employee.console.pojo.save.app.AppPermissionPolicyCreateParam;
 import cn.topiam.employee.console.pojo.update.app.AppPermissionPolicyUpdateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 策略映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionResourceConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionResourceConverter.java
@ -17,6 +17,18 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.app.AppPermissionResourceEntity;
 import cn.topiam.employee.common.entity.app.QAppPermissionResourceEntity;
 import cn.topiam.employee.console.pojo.query.app.AppResourceListQuery;
@ -25,16 +37,6 @@ import cn.topiam.employee.console.pojo.result.app.AppPermissionResourceListResul
 import cn.topiam.employee.console.pojo.save.app.AppPermissionResourceCreateParam;
 import cn.topiam.employee.console.pojo.update.app.AppPermissionResourceUpdateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 资源映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionRoleConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/AppPermissionRoleConverter.java
@ -17,6 +17,18 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.app.AppPermissionRoleEntity;
 import cn.topiam.employee.common.entity.app.QAppPermissionRoleEntity;
 import cn.topiam.employee.console.pojo.query.app.AppPermissionRoleListQuery;
@ -25,16 +37,6 @@ import cn.topiam.employee.console.pojo.result.app.AppPermissionRoleResult;
 import cn.topiam.employee.console.pojo.save.app.AppPermissionRoleCreateParam;
 import cn.topiam.employee.console.pojo.update.app.PermissionRoleUpdateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import org.springframework.util.ObjectUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 角色映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/UserIdpBindConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/app/UserIdpBindConverter.java
@ -17,13 +17,14 @@
 */
 package cn.topiam.employee.console.converter.app;
 import java.util.ArrayList;
 import java.util.List;
 import org.mapstruct.Mapper;
 import cn.topiam.employee.common.entity.account.po.UserIdpBindPo;
 import cn.topiam.employee.console.pojo.result.app.UserIdpBindListResult;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import org.mapstruct.Mapper;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 用户身份提供商绑定
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/authentication/IdentityProviderConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/authentication/IdentityProviderConverter.java
@ -17,6 +17,24 @@
 */
 package cn.topiam.employee.console.converter.authentication;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import javax.validation.ConstraintViolationException;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.querydsl.QPageRequest;
 import com.alibaba.fastjson2.JSONObject;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.authentication.common.IdentityProviderCategory;
 import cn.topiam.employee.authentication.common.IdentityProviderType;
 import cn.topiam.employee.authentication.common.config.IdentityProviderConfig;
@ -39,22 +57,6 @@ import cn.topiam.employee.support.repository.page.domain.Page;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.repository.page.domain.QueryDslRequest;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.alibaba.fastjson2.JSONObject;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.querydsl.QPageRequest;
 import javax.validation.ConstraintViolationException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import static cn.topiam.employee.authentication.common.IdentityProviderType.*;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceConverter.java
@ -17,6 +17,25 @@
 */
 package cn.topiam.employee.console.converter.identitysource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import javax.validation.ConstraintViolationException;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.domain.Page;
 import org.springframework.data.querydsl.QPageRequest;
 import org.springframework.util.CollectionUtils;
 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.constants.CommonConstants;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceEntity;
 import cn.topiam.employee.common.entity.identitysource.QIdentitySourceEntity;
@ -31,28 +50,12 @@ import cn.topiam.employee.console.pojo.update.identity.IdentitySourceUpdateParam
 import cn.topiam.employee.core.context.ServerContextHelp;
 import cn.topiam.employee.identitysource.core.IdentitySourceConfig;
 import cn.topiam.employee.identitysource.dingtalk.DingTalkConfig;
-import cn.topiam.employee.identitysource.ldap.LdapConfig;
+import cn.topiam.employee.identitysource.feishu.FeiShuConfig;
 import cn.topiam.employee.identitysource.wechatwork.WeChatWorkConfig;
 import cn.topiam.employee.support.exception.TopIamException;
 import cn.topiam.employee.support.repository.page.domain.PageModel;
 import cn.topiam.employee.support.repository.page.domain.QueryDslRequest;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.data.domain.Page;
 import org.springframework.data.querydsl.QPageRequest;
 import org.springframework.util.CollectionUtils;
 import javax.validation.ConstraintViolationException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 /**
 * 身份源转换器
@ -204,7 +207,7 @@ public interface IdentitySourceConverter {
        }
        //飞书
        if (Objects.equals(provider, IdentitySourceProvider.FEISHU)) {
-            clientConfig = param.getBasicConfig().to(LdapConfig.class);
+            clientConfig = param.getBasicConfig().to(FeiShuConfig.class);
        }
        //放置参数，并验证参数
        if (!Objects.nonNull(clientConfig)) {
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceEventRecordConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceEventRecordConverter.java
@ -17,6 +17,17 @@
 */
 package cn.topiam.employee.console.converter.identitysource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.springframework.util.CollectionUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.account.UserGroupEntity;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceEventRecordEntity;
 import cn.topiam.employee.common.entity.identitysource.QIdentitySourceEventRecordEntity;
@ -25,15 +36,6 @@ import cn.topiam.employee.console.pojo.result.account.UserGroupListResult;
 import cn.topiam.employee.console.pojo.result.identitysource.IdentitySourceEventRecordListResult;
 import cn.topiam.employee.support.context.ApplicationContextHelp;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 /**
 * 身份源事件记录转换器
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceSyncConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/identitysource/IdentitySourceSyncConverter.java
@ -17,6 +17,18 @@
 */
 package cn.topiam.employee.console.converter.identitysource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.account.UserGroupEntity;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceSyncHistoryEntity;
 import cn.topiam.employee.common.entity.identitysource.IdentitySourceSyncRecordEntity;
@ -28,16 +40,6 @@ import cn.topiam.employee.console.pojo.result.account.UserGroupListResult;
 import cn.topiam.employee.console.pojo.result.identitysource.IdentitySourceSyncHistoryListResult;
 import cn.topiam.employee.console.pojo.result.identitysource.IdentitySourceSyncRecordListResult;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
 /**
 * 身份源转换器
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/AdministratorConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/AdministratorConverter.java
@ -17,6 +17,17 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import cn.topiam.employee.common.entity.account.query.UserListQuery;
 import cn.topiam.employee.common.entity.setting.AdministratorEntity;
 import cn.topiam.employee.common.entity.setting.QAdministratorEntity;
@ -26,15 +37,6 @@ import cn.topiam.employee.console.pojo.result.setting.AdministratorResult;
 import cn.topiam.employee.console.pojo.save.setting.AdministratorCreateParam;
 import cn.topiam.employee.console.pojo.update.setting.AdministratorUpdateParam;
 import cn.topiam.employee.support.repository.page.domain.Page;
 import com.querydsl.core.types.ExpressionUtils;
 import com.querydsl.core.types.Predicate;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import org.springframework.util.CollectionUtils;
 import java.util.ArrayList;
 import java.util.List;
 /**
 * 管理员映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/GeoLocationSettingConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/GeoLocationSettingConverter.java
@ -17,6 +17,16 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.Objects;
 import javax.validation.ValidationException;
 import org.mapstruct.Mapper;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import cn.topiam.employee.common.crypto.EncryptionModule;
 import cn.topiam.employee.common.entity.setting.SettingEntity;
 import cn.topiam.employee.common.geo.GeoLocationProviderConfig;
@ -27,14 +37,6 @@ import cn.topiam.employee.console.pojo.result.setting.GeoIpProviderResult;
 import cn.topiam.employee.console.pojo.save.setting.GeoIpProviderSaveParam;
 import cn.topiam.employee.console.pojo.save.setting.MailProviderSaveParam;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.mapstruct.Mapper;
 import javax.validation.ValidationException;
 import java.util.Objects;
 import static cn.topiam.employee.core.setting.constant.GeoIpProviderConstants.IPADDRESS_SETTING_NAME;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/MailTemplateConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/MailTemplateConverter.java
@ -17,19 +17,20 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.ArrayList;
 import java.util.List;
 import org.mapstruct.Mapper;
 import org.mapstruct.Mapping;
 import cn.topiam.employee.common.entity.setting.MailTemplateEntity;
 import cn.topiam.employee.common.enums.MailType;
 import cn.topiam.employee.console.pojo.result.setting.EmailTemplateListResult;
 import cn.topiam.employee.console.pojo.result.setting.EmailTemplateResult;
 import cn.topiam.employee.console.pojo.save.setting.EmailCustomTemplateSaveParam;
-import org.mapstruct.Mapper;
+import static org.springframework.web.util.HtmlUtils.htmlUnescape;
 import org.mapstruct.Mapping;
 import java.util.ArrayList;
 import java.util.List;
 import static cn.topiam.employee.core.message.mail.MailUtils.readEmailContent;
 import static org.springframework.web.util.HtmlUtils.htmlUnescape;
 /**
 * 消息服务数据映射
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/MessageSettingConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/MessageSettingConverter.java
@ -17,6 +17,18 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.Objects;
 import javax.validation.ValidationException;
 import org.mapstruct.Mapper;
 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import cn.topiam.employee.common.crypto.EncryptContextHelp;
 import cn.topiam.employee.common.crypto.EncryptionModule;
 import cn.topiam.employee.common.entity.setting.SettingEntity;
@ -35,16 +47,6 @@ import cn.topiam.employee.console.pojo.save.setting.MailProviderSaveParam;
 import cn.topiam.employee.console.pojo.save.setting.SmsProviderSaveParam;
 import cn.topiam.employee.console.pojo.setting.SmsProviderConfigResult;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.alibaba.fastjson2.JSONObject;
 import com.alibaba.fastjson2.JSONWriter;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.mapstruct.Mapper;
 import javax.validation.ValidationException;
 import java.util.Objects;
 import static cn.topiam.employee.core.context.SettingContextHelp.getSmsProviderConfig;
 import static cn.topiam.employee.core.setting.constant.MessageSettingConstants.MESSAGE_PROVIDER_EMAIL;
 import static cn.topiam.employee.core.setting.constant.MessageSettingConstants.MESSAGE_SMS_PROVIDER;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/PasswordPolicyConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/PasswordPolicyConverter.java
@ -17,17 +17,17 @@
 */
 package cn.topiam.employee.console.converter.setting;
-import cn.topiam.employee.common.entity.setting.SettingEntity;
+import java.util.*;
-import cn.topiam.employee.console.pojo.result.setting.PasswordPolicyConfigResult;
+import java.util.stream.Collectors;
-import cn.topiam.employee.console.pojo.save.setting.PasswordPolicySaveParam;
+
 import cn.topiam.employee.core.security.password.enums.PasswordComplexityRule;
 import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.mapstruct.Mapper;
-import java.util.*;
+import cn.topiam.employee.common.entity.setting.SettingEntity;
-import java.util.stream.Collectors;
+import cn.topiam.employee.console.pojo.result.setting.PasswordPolicyConfigResult;
-
+import cn.topiam.employee.console.pojo.save.setting.PasswordPolicySaveParam;
 import cn.topiam.employee.core.security.password.enums.PasswordComplexityRule;
 import static cn.topiam.employee.core.setting.constant.PasswordPolicySettingConstants.*;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/SecuritySettingConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/SecuritySettingConverter.java
@ -17,6 +17,21 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.stream.Collectors;
 import javax.validation.ValidationException;
 import org.apache.commons.lang3.ObjectUtils;
 import org.mapstruct.Mapper;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import cn.topiam.employee.authentication.captcha.geetest.GeeTestCaptchaProviderConfig;
 import cn.topiam.employee.common.entity.setting.SettingEntity;
 import cn.topiam.employee.common.enums.CaptchaProviderType;
@ -30,21 +45,9 @@ import cn.topiam.employee.console.pojo.save.setting.SecurityCaptchaSaveParam;
 import cn.topiam.employee.console.pojo.save.setting.SecurityMfaSaveParam;
 import cn.topiam.employee.core.security.captcha.CaptchaProviderConfig;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.commons.lang3.ObjectUtils;
 import org.mapstruct.Mapper;
 import javax.validation.ValidationException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.stream.Collectors;
 import static cn.topiam.employee.core.setting.constant.MfaSettingConstants.*;
 import static cn.topiam.employee.core.setting.constant.SecuritySettingConstants.*;
 import static liquibase.sqlgenerator.core.MarkChangeSetRanGenerator.COMMA;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/StorageSettingConverter.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/StorageSettingConverter.java
@ -17,6 +17,16 @@
 */
 package cn.topiam.employee.console.converter.setting;
 import java.util.Objects;
 import javax.validation.ValidationException;
 import org.mapstruct.Mapper;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import cn.topiam.employee.common.crypto.EncryptionModule;
 import cn.topiam.employee.common.entity.setting.SettingEntity;
 import cn.topiam.employee.common.storage.StorageConfig;
@ -28,14 +38,6 @@ import cn.topiam.employee.common.storage.impl.QiNiuKodoStorage;
 import cn.topiam.employee.console.pojo.result.setting.StorageProviderConfigResult;
 import cn.topiam.employee.console.pojo.save.setting.StorageConfigSaveParam;
 import cn.topiam.employee.support.validation.ValidationHelp;
 import com.fasterxml.jackson.annotation.JsonTypeInfo;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.mapstruct.Mapper;
 import javax.validation.ValidationException;
 import java.util.Objects;
 import static cn.topiam.employee.core.setting.constant.StorageProviderSettingConstants.STORAGE_PROVIDER_KEY;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAdminPasswordInitializeListener.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAdminPasswordInitializeListener.java
@ -17,10 +17,13 @@
 */
 package cn.topiam.employee.console.listener;
-import cn.topiam.employee.common.entity.setting.AdministratorEntity;
+import java.io.BufferedWriter;
-import cn.topiam.employee.common.enums.UserStatus;
+import java.io.File;
-import cn.topiam.employee.common.repository.setting.AdministratorRepository;
+import java.io.FileWriter;
-import cn.topiam.employee.support.trace.TraceUtils;
+import java.util.Locale;
 import java.util.Optional;
 import java.util.concurrent.TimeUnit;
 import org.redisson.api.RLock;
 import org.redisson.api.RedissonClient;
 import org.slf4j.Logger;
@ -34,13 +37,10 @@ import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.JdkIdGenerator;
-import java.io.BufferedWriter;
+import cn.topiam.employee.common.entity.setting.AdministratorEntity;
-import java.io.File;
+import cn.topiam.employee.common.enums.UserStatus;
-import java.io.FileWriter;
+import cn.topiam.employee.common.repository.setting.AdministratorRepository;
-import java.util.Locale;
+import cn.topiam.employee.support.trace.TraceUtils;
 import java.util.Optional;
 import java.util.concurrent.TimeUnit;
 import static cn.topiam.employee.support.constant.EiamConstants.DEFAULT_ADMIN_USERNAME;
 import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
 import static cn.topiam.employee.support.util.CreateFileUtil.createFile;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAesSecretInitializeListener.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAesSecretInitializeListener.java
@ -17,10 +17,9 @@
 */
 package cn.topiam.employee.console.listener;
-import cn.topiam.employee.common.entity.setting.SettingEntity;
+import java.util.Objects;
-import cn.topiam.employee.common.repository.setting.SettingRepository;
+import java.util.concurrent.TimeUnit;
-import cn.topiam.employee.support.trace.TraceUtils;
+
 import cn.topiam.employee.support.util.AesUtils;
 import org.redisson.api.RLock;
 import org.redisson.api.RedissonClient;
 import org.springframework.boot.SpringApplication;
@ -31,9 +30,10 @@ import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.JdkIdGenerator;
-import java.util.Objects;
+import cn.topiam.employee.common.entity.setting.SettingEntity;
-import java.util.concurrent.TimeUnit;
+import cn.topiam.employee.common.repository.setting.SettingRepository;
-
+import cn.topiam.employee.support.trace.TraceUtils;
 import cn.topiam.employee.support.util.AesUtils;
 import static cn.topiam.employee.common.constants.SettingConstants.AES_SECRET;
 import static cn.topiam.employee.support.constant.EiamConstants.COLON;
 import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/other/IdentitySourceConfigValidatorParam.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/other/IdentitySourceConfigValidatorParam.java
@ -17,16 +17,21 @@
 */
 package cn.topiam.employee.console.pojo.other;
-import cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider;
+import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotNull;
 import org.springdoc.api.annotations.ParameterObject;
 import com.alibaba.fastjson2.JSONObject;
-import io.swagger.v3.oas.annotations.Parameter;
+
-import io.swagger.v3.oas.annotations.media.Schema;
+import cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import javax.validation.constraints.NotNull;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.media.Schema;
 import java.io.Serializable;
 /**
 * 身份源配置验证器入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/other/OrganizationExcelData.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/other/OrganizationExcelData.java
@ -17,15 +17,19 @@
 */
 package cn.topiam.employee.console.pojo.other;
-import cn.topiam.employee.common.enums.OrganizationType;
+import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotNull;
 import org.hibernate.validator.constraints.Length;
 import com.alibaba.excel.annotation.ExcelProperty;
 import com.alibaba.excel.annotation.write.style.ColumnWidth;
 import lombok.Data;
 import org.hibernate.validator.constraints.Length;
-import javax.validation.constraints.NotNull;
+import cn.topiam.employee.common.enums.OrganizationType;
-import java.io.Serial;
+
-import java.io.Serializable;
+import lombok.Data;
 /**
 * 组织架构Excel
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/account/UserGroupListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/account/UserGroupListQuery.java
@ -17,14 +17,16 @@
 */
 package cn.topiam.employee.console.pojo.query.account;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import java.io.Serial;
 import java.io.Serializable;
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询用户列表入参
 *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/analysis/AnalysisQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/analysis/AnalysisQuery.java
@ -17,17 +17,19 @@
 */
 package cn.topiam.employee.console.pojo.query.analysis;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import lombok.Getter;
 import org.elasticsearch.search.aggregations.bucket.histogram.DateHistogramInterval;
 import org.springframework.format.annotation.DateTimeFormat;
 import javax.validation.constraints.NotNull;
 import java.io.Serializable;
 import java.time.LocalDateTime;
 import java.time.Period;
 import javax.validation.constraints.NotNull;
 import org.elasticsearch.search.aggregations.bucket.histogram.DateHistogramInterval;
 import org.springframework.format.annotation.DateTimeFormat;
 import lombok.Data;
 import lombok.Getter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import static cn.topiam.employee.support.constant.EiamConstants.DEFAULT_DATE_TIME_FORMATTER_PATTERN;
 /**
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppCertQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppCertQuery.java
@ -17,14 +17,18 @@
 */
 package cn.topiam.employee.console.pojo.query.app;
 import java.io.Serializable;
 import javax.validation.constraints.NotBlank;
 import org.springdoc.api.annotations.ParameterObject;
 import cn.topiam.employee.common.enums.app.AppCertUsingType;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import javax.validation.constraints.NotBlank;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serializable;
+import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询应用证书列表入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionActionListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionActionListQuery.java
@ -17,15 +17,18 @@
 */
 package cn.topiam.employee.console.pojo.query.app;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import javax.validation.constraints.NotEmpty;
 import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotEmpty;
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询权限列表入参
 *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionRoleListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppPermissionRoleListQuery.java
@ -17,13 +17,16 @@
 */
 package cn.topiam.employee.console.pojo.query.app;
-import io.swagger.v3.oas.annotations.Parameter;
+import java.io.Serializable;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import javax.validation.constraints.NotNull;
-import java.io.Serializable;
+
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 分页查询角色入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppQuery.java
@ -17,13 +17,16 @@
 */
 package cn.topiam.employee.console.pojo.query.app;
 import java.io.Serializable;
 import org.springdoc.api.annotations.ParameterObject;
 import cn.topiam.employee.common.enums.app.AppProtocol;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import java.io.Serializable;
+import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询应用列表入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppResourceListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/app/AppResourceListQuery.java
@ -17,13 +17,16 @@
 */
 package cn.topiam.employee.console.pojo.query.app;
-import io.swagger.v3.oas.annotations.Parameter;
+import java.io.Serializable;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import javax.validation.constraints.NotNull;
-import java.io.Serializable;
+
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 分页查询资源入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/authentication/IdentityProviderListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/authentication/IdentityProviderListQuery.java
@ -17,15 +17,18 @@
 */
 package cn.topiam.employee.console.pojo.query.authentication;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import javax.validation.constraints.NotNull;
 import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotNull;
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * @author TopIAM
 * Created by support@topiam.cn on  2022/3/21 20:52
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceEventRecordListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceEventRecordListQuery.java
@ -17,16 +17,19 @@
 */
 package cn.topiam.employee.console.pojo.query.identity;
 import java.io.Serial;
 import java.io.Serializable;
 import org.springdoc.api.annotations.ParameterObject;
 import cn.topiam.employee.common.enums.SyncStatus;
 import cn.topiam.employee.common.enums.identitysource.IdentitySourceActionType;
 import cn.topiam.employee.common.enums.identitysource.IdentitySourceObjectType;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serializable;
+import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询身份源事件记录列表入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceListQuery.java
@ -17,14 +17,16 @@
 */
 package cn.topiam.employee.console.pojo.query.identity;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 import java.io.Serial;
 import java.io.Serializable;
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 查询身份源列表入参
 *
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceSyncHistoryListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceSyncHistoryListQuery.java
@ -17,17 +17,21 @@
 */
 package cn.topiam.employee.console.pojo.query.identity;
 import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotBlank;
 import org.springdoc.api.annotations.ParameterObject;
 import cn.topiam.employee.common.enums.SyncStatus;
 import cn.topiam.employee.common.enums.TriggerType;
 import cn.topiam.employee.common.enums.identitysource.IdentitySourceObjectType;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import javax.validation.constraints.NotBlank;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.media.Schema;
 import java.io.Serializable;
 /**
 * 查询身份源列表入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceSyncRecordListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/identity/IdentitySourceSyncRecordListQuery.java
@ -17,17 +17,21 @@
 */
 package cn.topiam.employee.console.pojo.query.identity;
 import java.io.Serial;
 import java.io.Serializable;
 import javax.validation.constraints.NotBlank;
 import org.springdoc.api.annotations.ParameterObject;
 import cn.topiam.employee.common.enums.SyncStatus;
 import cn.topiam.employee.common.enums.identitysource.IdentitySourceActionType;
 import cn.topiam.employee.common.enums.identitysource.IdentitySourceObjectType;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
-import javax.validation.constraints.NotBlank;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.media.Schema;
 import java.io.Serializable;
 /**
 * 查询身份源同步详情入参
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/setting/AdministratorListQuery.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/query/setting/AdministratorListQuery.java
@ -17,10 +17,12 @@
 */
 package cn.topiam.employee.console.pojo.query.setting;
 import org.springdoc.api.annotations.ParameterObject;
 import lombok.Data;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
 import org.springdoc.api.annotations.ParameterObject;
 /**
 * @author TopIAM
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/account/OrganizationChildResult.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/account/OrganizationChildResult.java
@ -17,13 +17,15 @@
 */
 package cn.topiam.employee.console.pojo.result.account;
 import java.io.Serial;
 import java.io.Serializable;
 import com.fasterxml.jackson.annotation.JsonProperty;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serializable;
+import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 获取子组织
--- a/eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/account/OrganizationResult.java
+++ b/eiam-console/src/main/java/cn/topiam/employee/console/pojo/result/account/OrganizationResult.java
@ -17,13 +17,15 @@
 */
 package cn.topiam.employee.console.pojo.result.account;
 import java.io.Serial;
 import java.io.Serializable;
 import cn.topiam.employee.common.enums.OrganizationType;
-import io.swagger.v3.oas.annotations.Parameter;
+
 import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.Data;
-import java.io.Serial;
+import io.swagger.v3.oas.annotations.Parameter;
-import java.io.Serializable;
+import io.swagger.v3.oas.annotations.media.Schema;
 /**
 * 获取组织
--- a/Show More
+++ b/Show More