Biz-SIP业务中台案例实战(20)——App服务的风控规则校验

发布一下 2022年04月07日 18:15 0 0

Biz-SIP金融级业务中台(http://bizsip.bizmda.com)是一套基于领域驱动设计（DDD）架构，能快速构建金融级云原生架构的服务整合中间件，整合了在金融场景里锤炼出来的最佳实践。

风控规则是在App层进行处理的，如果当前App服务配置了风控规则，就会在App服务处理前，自动进行风控评价，根据评价结果决定是否继续执行App服务，并在App服务执行成功后更新风控相关指标数据。

案例要求：

通过Biz-SIP的开放API接口发送请求，针对指定的App服务配置风控指标和风控规则，在调用App服务时，就会根据进行风控规则的检验，校验出错会返回出错信息，校验通过后，会调用App服务后直接返回：

具体代码和配置可以查看Biz-SIP源代码中的Sample相关测试案例（https://gitee.com/szhengye/biz-sip）

一、App服务的开发和配置

首先，我们需要编写一个App服务类（Sample1AppService.java）：

@Slf4j@Servicepublic class Sample1AppService implements AppBeanInterface {    @Override    public JSONObject process(JSONObject message) throws BizException {        log.debug("收到请求数据:\n{}", BizUtils.buildJsonLog(message));        return message;    }}

Sample1AppService类继承了AppBeanInterface接口，实现了process()方法，这个方法的输入输出参数，都是平台统一的JSONObject对象。

可以看到在process()方法中，对输入报文没有做任何修改，是直接把原报文返回的。

然后，在Biz-SIP统一配置目录中的app.yml中，配置对应的App服务：

- app-service-id: /bean/sample1-control-rule  type: app-bean-service  class-name: com.bizmda.bizsip.sample.app.service.Sample1AppService

二、App服务的风控指标和风控规则配置

首先，在配置目录下的control-rule.yml文件中，配置风控指标：

metrics:  - name: metric-sample1-1    desc: 每分钟交易度量    fliding-window-time: 60000  - name: metric-sample1-2    desc: 每分钟交易对手度量    fliding-window-time: 60000

可以看到，我们配置了2个风控指标metric-sample-1、metric-sample-2，滑动时间窗口为60000ms，即60秒（1分钟）。

然后，在配置目录下创建并配置“/control-rule/bean/sample1-control-rule.yml”：

pre-rating-script:rules:  - name: '获取每分钟交易次数'    script: |      var count = sip.getMetric("metric-sample1-1","count",request.account);      log.info("[rules]每分钟交易次数: {}",count);      return count;  - name: '获取每分钟交易金额累计'    script: |      var amount = sip.getMetric("metric-sample1-1","amount",request.account);      log.info("[rules]每分钟交易金额: {}",amount);      return amount;  - name: '获取每分钟交易对手数量'    script: |      var count = sip.getMetric("metric-sample1-2","zset-count",request.account);      log.info("[rules]每分钟交易对手数量: {}",count);      return count;rating-script: |  control.message = "";  if (rules[0].result > 3) {    control.action = "error";    control.message = control.message + "每分钟交易次数超过3次:" + rules[0].result + ",";  }  if (rules[1].result > 1000) {    control.action = "error";    control.message = control.message + "每分钟交易金额超过1000元:" + rules[1].result + ",";  }  if (rules[2].result > 2) {    control.action = "error";    control.message = control.message + "每分钟交易对手数量超过2个:" + rules[2].result + ",";  }  return;updating-script: |  sip.addRecord("metric-sample1-1",request.account,request.amount);  sip.addRecord("metric-sample1-2",request.account,request.other_account);  return;

分别配置了评价前处理脚本（为空）、执行规则脚本、评价脚本、评价后更新脚本。

三、启动应用进行测试

启动SampleAppApplication应用，通过开放平台接口发起请求，进行一系列的测试。

1、针对“每分钟交易次数超过3次”的风控规则测试

首先，连续在一分钟内连接执行以下请求：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":100,"other_account":"002"}' http://localhost:8888/api|jq{"code": 0,"message": "success","extMessage": null,"appServiceId": "/bean/sample1-control-rule","traceId": "88a648f8fd3a4701a250e206e31c08cb","parentTraceId": null,"timestamp": 1649060116207,"data": {"amount": 100,"other_account": "002","account": "001"}}

在60秒内第4次执行，会出现风控规则校验不通过的错误：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":100,"other_account":"002"}' http://localhost:8888/api|jq{"code": 501,"message": "风控规则检查不通过","extMessage": "每分钟交易次数超过3次:4,","appServiceId": "/bean/sample1-control-rule","traceId": "a78178519e5e4761bd2de3293a78a86c","parentTraceId": null,"timestamp": 1649060120530,"data": null}

2、针对“每分钟交易金额超过1000元”的风控规则测试

首先，连续在一分钟内连接执行以下请求：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":500,"other_account":"002"}' http://localhost:8888/api|jq{"code": 0,"message": "success","extMessage": null,"appServiceId": "/bean/sample1-control-rule","traceId": "09b20bf20882459084ca156fc9652373","parentTraceId": null,"timestamp": 1649060560647,"data": {"amount": 500,"other_account": "002","account": "001"}}

在60秒内第4次执行，会出现风控规则校验不通过的错误：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":500,"other_account":"002"}' http://localhost:8888/api|jq{"code": 501,"message": "风控规则检查不通过","extMessage": "每分钟交易金额超过1000元:1500,","appServiceId": "/bean/sample1-control-rule","traceId": "10fd1a0f07b64def8f7d69267aaa222c","parentTraceId": null,"timestamp": 1649060563862,"data": null}

3、针对“每分钟交易对手数量超过2个”的风控规则测试

首先，连续在一分钟内连接执行以下请求，其中”other_account“分别填写不同的值：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":500,"other_account":"002"}' http://localhost:8888/api|jq{"code": 0,"message": "success","extMessage": null,"appServiceId": "/bean/sample1-control-rule","traceId": "18bbd4fb9c8e405195375190094728d0","parentTraceId": null,"timestamp": 1649060818309,"data": {"amount": 500,"other_account": "002","account": "001"}}

在60秒内第4次执行，会出现风控规则校验不通过的错误：

$ curl -H "Content-Type:application/json" -H "Biz-Service-Id:/bean/sample1-control-rule" -X POST --data '{"account":"001","amount":500,"other_account":"005"}' http://localhost:8888/api|jq{"code": 501,"message": "风控规则检查不通过","extMessage": "每分钟交易金额超过1000元:1500,每分钟交易对手数量超过2个:3,","appServiceId": "/bean/sample1-control-rule","traceId": "a9423171d06947c09d555756e614405a","parentTraceId": null,"timestamp": 1649060831138,"data": null}

Biz-SIP网站：http://bizsip.bizmda.com
Gitee代码库：https://gitee.com/szhengye/biz-sip

本文地址：http://0561fc.cn/84216.html