本文主要是介绍【SpringBoot组件】基于SpringMVC注解 使用AOP对http接口请求响应参数加解密 数据脱敏 @Security @Sensitive,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
原文地址
BY Jason
文章目录
- 原文地址
- 开源地址
- 使用说明
- 1.介绍
- 2.导入依赖
- 3.项目配置
- 4.响应数据脱敏`@Sensitive`
- 4.1实体类字段使用`@Sensitive`注解
- 4.2接口方法上使用`@Sensitive`注解
- 5.响应请求参数加解密`@Security`
- 5.1实体类字段使用`@Security`注解
- 5.2接口方法中使用`@Security`注解
开源地址
- Gitee:https://gitee.com/feizhaiyou/encrypt-spring-boot-starter
使用说明
1.介绍
对SpringWeb项目中SpringMVC注解(@RequestMapping、@GetMapping、@PostMapping、@PutMapping、@DeleteMapping)的接口参数进行脱敏与加解密,仅限于Http请求中字符串类型的参数数据生效,可进行充分扩展,可自进行定义脱敏、加解密等。
2.导入依赖
-
Maven:
依赖已发布至Maven中央仓库,可直接引入依赖。
<dependency><groupId>com.feizhaiyou.encrypt</groupId><artifactId>encrypt-spring-boot-starter</artifactId><version>${latest-version}</version> </dependency> -
本地:
git拉取代码到本地,执行mvn install(选择profile为local,例如:mvn clean install -Plocal)打包下载到本地Maven仓库,项目maven pom引入<dependency><groupId>com.feizhaiyou.encrypt</groupId><artifactId>encrypt-spring-boot-starter</artifactId><version>1.0.0</version> </dependency>
3.项目配置
对称加密:AES 密钥请自行生成
fzy:security:enable: true #是否启动脱敏与加密,默认truemode: base64 #加密后的编码模式:base64、hex,默认base64max-deep: 5 #参数字段递归深度,默认5type: AES #加密方式:AES、RSA,默认AESsecret: +6cuvzvyrFZpRG9pf3r7eQ== #AES加密密钥 密钥请自行生成class-package: #脱敏与加解密实体类所在包 支持包前缀和正则匹配- com.feizhaiyou.test.entitycharset: UTF-8 #字符集
非对称加密:RSA privateKey与publicKey请自行生成
fzy:security:enable: truemode: hexmax-deep: 5type: RSAclass-package:- com.feizhaiyou.test.entitycharset: UTF-8public-key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQwb536Gb2eZ60H/4VQRJUpod0M04yCR6IaEdgAbBACWvc5E2s7gCipO9IQB5tiU08JSQ2Mmfg88uGffK6z5YcKJ/CNWByiNHL3B2GzsgMMBh2a5Dba+KqA3ZFkeXhkw8htej18mM4Xw1KGytAni7sypzjynC+4/m7FcewB6BBxQIDAQABprivate-key: MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAJDBvnfoZvZ5nrQf/hVBElSmh3QzTjIJHohoR2ABsEAJa9zkTazuAKKk70hAHm2JTTwlJDYyZ+Dzy4Z98rrPlhwon8I1YHKI0cvcHYbOyAwwGHZrkNtr4qoDdkWR5eGTDyG16PXyYzhfDUobK0CeLuzKnOPKcL7j+bsVx7AHoEHFAgMBAAECgYBC6av3lW/ywuk/bgJvJLMqegfnCMg+jMSWXU2Q7XbhQvmfE9Fr/GBCzmblSO5Hx83x3WFNxCMMcuVDd/i5rbc+/fKoYyEhuOI91bHRxWR2M1VkNAZpUMeccGM/g15/p0P4pNEFYEaXkUZ170Je8aaECmr8v24ukvGlKFE38RuWgQJBANZCIkBxtY3H3CnT4LXX8NaJlWh7SpSZJsazwblDbubCMBJ+3qSaKxCE9v3d8F9QVPvZKgwd7uWIXHtcDygigVUCQQCs9U8NpV0VgZKbJzEuxaelpmi7eCe02hc5C1NVxQ14vRmV8na//GYOI6s0fNZjkPPGdRvmsTRpDYAeR3U/qX6xAkA+aed2ZGlh0s2Uta7o6e2zYULPu9Ke9Poxud197WHaAMlmKeULiAlxd3pHu6Yw7cLD1qAEBZg47v8ZxFh59Ys9AkEAjk4fxxiB6An+OA4dF2ClOVQb4/NOqCyw4syAupcxKGBeRtOCBSCET6nlWYBFXRKMoIMGe97dQnpLKZ6dx82LYQJBAJADjI2XGtg5HlgIzOLMMsTJ4+3OqCiJLoNAkmozckSQveyuh0Jh0Vvs1nTdfR1DMbsrIR2Me/ugPXzVvtEpU80=
4.响应数据脱敏@Sensitive
在实体类属性或者接口方法(针对直接响应字符串的情况)上使用@Sensitive注解即可。
注解属性说明:
| 参数名 | 类型 | 默认值 | 说明 |
|---|---|---|---|
| required | boolean | true | 是否开启字段加密,默认开启 |
| type | String | com.feizhaiyou.encrypt.constants.SensitiveType.DEFUALT | 脱敏参数类型 |
注意:@Sensitive注解必须用在字符串类型的参数字段或接口返回类型为字符串的接口方法上。
4.1实体类字段使用@Sensitive注解
package com.feizhaiyou.test.entity;import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.encrypt.constants.SensitiveType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;import java.util.List;/*** @author ls* @since 2023-07-28*/
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class User {private String id;@Sensitive(type = SensitiveType.CHINESE_NAME)private String name;@Sensitive(type = SensitiveType.ID_CARD)private String idCard;@Sensitive(type = SensitiveType.EMAIL)private String email;@Sensitive(type = SensitiveType.MOBILE_PHONE)private String phone;private List<Address> addressList;
}
package com.feizhaiyou.test.entity;import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.encrypt.constants.SensitiveType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;/*** @author ls* @since 2023-07-28*/
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class Address {private String id;@Sensitive(type = SensitiveType.ADDRESS)private String address;private String areaCode;
}
Controller
package com.feizhaiyou.test.controller;import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.test.entity.Address;
import com.feizhaiyou.test.entity.Result;
import com.feizhaiyou.test.entity.User;
import org.springframework.web.bind.annotation.*;import java.util.Collections;
import java.util.UUID;/*** @author ls* @since 2023-07-28*/
@RestController
@RequestMapping("/test")
public class TestController {@GetMapping("/get/{id}")public Result get(@PathVariable("id") String id) {User user = User.builder().id(id).idCard("110222199703036666").email("243607654@qq.com").name("热巴").phone("13939393939").addressList(Arrays.asList(Address.builder().address("北京市东城区长安街").areaCode("100000").id(UUID.randomUUID().toString()).build())).build();return Result.OK(user);}
}
PostMan调用测试:
4.2接口方法上使用@Sensitive注解
Controller
package com.feizhaiyou.test.controller;import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.test.entity.Address;
import com.feizhaiyou.test.entity.Result;
import com.feizhaiyou.test.entity.User;
import org.springframework.web.bind.annotation.*;import java.util.Collections;
import java.util.UUID;/*** @author ls* @since 2023-07-21*/
@RestController
@RequestMapping("/test")
public class TestController {@GetMapping("/getAddress")@Sensitivepublic String getAddress() {return "北京市东城区长安街";}}
PostMan调用测试:
5.响应请求参数加解密@Security
在实体类属性或者接口方法(针对直接响应字符串的情况)上使用@Security注解即可。
注解属性说明:
| 参数名 | 类型 | 默认值 | 说明 |
|---|---|---|---|
| encrypt | boolean | true | 是否对响应加密,默认开启 |
| decrypt | boolean | true | 是否对请求解密,默认开启 |
注意:@Security注解必须用在字符串类型的参数(实体类属性或方法参数)或接口返回类型为字符串的接口方法上。
5.1实体类字段使用@Security注解
package com.feizhaiyou.test.entity;import com.feizhaiyou.encrypt.annotation.Security;
import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.encrypt.constants.SensitiveType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;import java.util.List;@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class User {private String id;// name 即加密又解密@Securityprivate String name;// idCard 不进行解密只加密@Security(decrypt = false)private String idCard;// email 不进行加密只解密@Security(encrypt = false)private String email;private String phone;private List<Address> addressList;
}
package com.feizhaiyou.test.entity;import com.feizhaiyou.encrypt.annotation.Security;
import com.feizhaiyou.encrypt.annotation.Sensitive;
import com.feizhaiyou.encrypt.constants.SensitiveType;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;/*** @author ls* @since 2023-07-28*/
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
public class Address {private String id;@Securityprivate String address;private String areaCode;
}
Controller
@PostMapping("/post/{id}")public Result get(@PathVariable("id") String id, @RequestBody User user) {System.out.println("id = " + id + ", user = " + user);return Result.OK(user);}
PostMan调用测试:
控制台输出:
5.2接口方法中使用@Security注解
Controller
@GetMapping("/getEmail")@Securitypublic String getEmail(@Security String name) {System.out.println("name = " + name);return "243607654@qq.com";}
PostMan调用测试:
控制台输出:
说明:
用在方法上,可以对接口响应的字符串进行加密
用在参数中,可以对接口请求参数的字符串进行解密
这篇关于【SpringBoot组件】基于SpringMVC注解 使用AOP对http接口请求响应参数加解密 数据脱敏 @Security @Sensitive的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
