初始项目
This commit is contained in:
liupopo
@@ -0,0 +1,34 @@
|
||||
package com.cxytiandi.encrypt.algorithm;
|
||||
|
||||
import com.cxytiandi.encrypt.util.AesEncryptUtils;
|
||||
|
||||
/**
|
||||
* Aes加密算法实现
|
||||
*
|
||||
* @author zscat
|
||||
* @date 2019-01-12
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
public class AesEncryptAlgorithm implements EncryptAlgorithm {
|
||||
|
||||
public static void main(String[] args) {
|
||||
AesEncryptAlgorithm a = new AesEncryptAlgorithm();
|
||||
try {
|
||||
System.out.println(a.decrypt("2t9Flqu9yxOQOieasr6qRUzLsRxMmFrwiXNRNrup1g/dfIJn5O8zGdMABAN+/fO59iROJeSfoF7YyUUyvg+ZC4MKHhgvPrFtr75H15Xa7avGRR17n4vsyEmuB5ZjvUNIfW4HJ2PyXitwGJjiPv19EXwS9lW+YieHiCGIFwVEZ52e9V3Zy8z1buz1LUMPs04EAZKHCI1W0GDVURrVQxwBM/G5IxW0MW8hiWQXQ8/Vs3Dyav2Me5Wnu8IPWsWIdrFGx74p4ttD/GkVZAiM71lWmnJSW0NDA+38JMonkLeHmCjnbmwH2Js0+lxgxpRWXyt3X/CGzJOfgPF94u2d3WooNsZFHXufi+zISa4HlmO9Q0h9bgcnY/JeK3AYmOI+/X0RfBL2Vb5iJ4eIIYgXBURnnZ71XdnLzPVu7PUtQw+zTgQBkocIjVbQYNVRGtVDHAEzjWPa3WrlgTThWIVfKbOolPMqFly6NU5VpStFyQBrcADtGzRLjKXNzXXAQiORgXTrpwLo4ZIxQx2cr6XfKeEe5FM+VotHr7FjUQSzbzIdJGJznIcgcZnbK2HDemhHFjA7+QTHU6iBLVCV1ccwZGEk+jPuWf8fXo8NJR1NQLs1QGuuoWtMBJLYcwYX8jGKn7TyOeMUSGj1JJgfmqWJDAKq9fHRwxTBjFEFJI7gl7olksgngrxoOBoIFCMbUkFiqTTHbSBs+sBviqXEW638A6buiqVnN67xGDY1GMXhXcMK0UBdYHnkapRReCkgeHPmV4jPsZ2rOo6DXe1EFjb4ce0AQOwGXWYUDwUxxsgEhD4vI6DSZPscUMGtQ0Wy3BV9wDUWCdZ7/1kfKKLUTwAs9I/1Sm0Kb+SZhUNQE1H6TAfplT7oEUQg3ddD+CjHpNqZ8mjX6KCA6LhtqGp8BW4TVkquUTDgNUivJYwmQnQlrBfka2s4mePRJ1qRJ623ZwpqudKtA/ZxR13KnlRK6LR70QF7Qadrj7r8rR8KBy1gS8cKKFUojN9CBfNWOImXayfKidmHSaZvEYu4c48MK1Q4322G/5A/AKCRy7Mqu4qlTRVsHzFmqunY84G3dYNKSKkxeKM2p0sCw9dkVooIw4B1qWmC2w0lQphjpiOib+7JHwmPMsWgCgmDrql1PPBmO6DbwFlJs/nHWctio90mU7ZjJmQwoIoerDN3i1PMhBA/pxndZLRdU9jfiO13JK+LO6wW8iHB2XRmyEFD+sh5EY8rOJlYGNP7npClVRnC9pI44e1xIaQNPaEXM01Pui04KLKdbNul2R8k5Lb9h3twkWnnwCpLiGXlZ1J39vf1zaYFXmypZJNggaTzj12O7Q68u3z1FJbIfE3VC7Z6XbM13AkLXb4ftPCIJ6zVqIXn8kAsPyYl7Eguj9h3SA+v+Uho/pchuQX06WtMGPu0FCJl8Rg/IgJSzRJV8Q4tJBfao3XKgxeZ5xCV9ssdPXLnPOkOtk8npnnlrhPaF5uFAmopL1WAdGIrBUeVM3dVLYRGJTThdTCmP5l5IelpajfNszUxY56ZQcKp",
|
||||
"abcdef0123456789"));
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String content, String encryptKey) throws Exception {
|
||||
return AesEncryptUtils.aesEncrypt(content, encryptKey);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String decrypt(String encryptStr, String decryptKey) throws Exception {
|
||||
return AesEncryptUtils.aesDecrypt(encryptStr, decryptKey);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,25 @@
|
||||
package com.cxytiandi.encrypt.algorithm;
|
||||
|
||||
public interface EncryptAlgorithm {
|
||||
|
||||
/**
|
||||
* 加密
|
||||
*
|
||||
* @param content
|
||||
* @param encryptKey
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
public String encrypt(String content, String encryptKey) throws Exception;
|
||||
|
||||
/**
|
||||
* 解密
|
||||
*
|
||||
* @param encryptStr
|
||||
* @param decryptKey
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
public String decrypt(String encryptStr, String decryptKey) throws Exception;
|
||||
|
||||
}
|
||||
@@ -0,0 +1,143 @@
|
||||
package com.cxytiandi.encrypt.core;
|
||||
|
||||
import com.cxytiandi.encrypt.springboot.init.ApiEncryptDataInit;
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 加解密配置类
|
||||
*
|
||||
* @author zscat
|
||||
* @date 2019-01-12
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@ConfigurationProperties(prefix = "spring.encrypt")
|
||||
public class EncryptionConfig {
|
||||
|
||||
/**
|
||||
* AES加密Key
|
||||
*/
|
||||
private String key = "d7b85f6e214abcda";
|
||||
|
||||
/**
|
||||
* 需要对响应内容进行加密的接口URI<br>
|
||||
* 比如:/user/list<br>
|
||||
* 不支持@PathVariable格式的URI
|
||||
*/
|
||||
private List<String> responseEncryptUriList = new ArrayList<String>();
|
||||
|
||||
/**
|
||||
* 需要对请求内容进行解密的接口URI<br>
|
||||
* 比如:/user/list<br>
|
||||
* 不支持@PathVariable格式的URI
|
||||
*/
|
||||
private List<String> requestDecyptUriList = new ArrayList<String>();
|
||||
|
||||
/**
|
||||
* 响应数据编码
|
||||
*/
|
||||
private String responseCharset = "UTF-8";
|
||||
|
||||
/**
|
||||
* 开启调试模式,调试模式下不进行加解密操作,用于像Swagger这种在线API测试场景
|
||||
*/
|
||||
private boolean debug = false;
|
||||
|
||||
/**
|
||||
* 过滤器拦截模式
|
||||
*/
|
||||
private String[] urlPatterns = new String[]{"/*"};
|
||||
|
||||
/**
|
||||
* 过滤器执行顺序
|
||||
*/
|
||||
private int order = 1;
|
||||
|
||||
public EncryptionConfig() {
|
||||
super();
|
||||
}
|
||||
|
||||
public EncryptionConfig(String key, List<String> responseEncryptUriList, List<String> requestDecyptUriList,
|
||||
String responseCharset, boolean debug) {
|
||||
super();
|
||||
this.key = key;
|
||||
this.responseEncryptUriList = responseEncryptUriList;
|
||||
this.requestDecyptUriList = requestDecyptUriList;
|
||||
this.responseCharset = responseCharset;
|
||||
this.debug = debug;
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
return key;
|
||||
}
|
||||
|
||||
public void setKey(String key) {
|
||||
this.key = key;
|
||||
}
|
||||
|
||||
public List<String> getResponseEncryptUriList() {
|
||||
// 配置了注解则用注解获取的URI
|
||||
if (ApiEncryptDataInit.responseEncryptUriList.size() > 0) {
|
||||
return ApiEncryptDataInit.responseEncryptUriList;
|
||||
}
|
||||
return responseEncryptUriList;
|
||||
}
|
||||
|
||||
public void setResponseEncryptUriList(List<String> responseEncryptUriList) {
|
||||
this.responseEncryptUriList = responseEncryptUriList;
|
||||
}
|
||||
|
||||
public List<String> getRequestNoNeedDecyptUriList() {
|
||||
// 不需要加密的url
|
||||
if (ApiEncryptDataInit.requestNoNeedDecyptUriList.size() > 0) {
|
||||
return ApiEncryptDataInit.requestNoNeedDecyptUriList;
|
||||
}
|
||||
return requestDecyptUriList;
|
||||
}
|
||||
|
||||
public List<String> getRequestDecyptUriList() {
|
||||
// 配置了注解则用注解获取的URI
|
||||
if (ApiEncryptDataInit.requestDecyptUriList.size() > 0) {
|
||||
return ApiEncryptDataInit.requestDecyptUriList;
|
||||
}
|
||||
return requestDecyptUriList;
|
||||
}
|
||||
|
||||
public void setRequestDecyptUriList(List<String> requestDecyptUriList) {
|
||||
this.requestDecyptUriList = requestDecyptUriList;
|
||||
}
|
||||
|
||||
public String getResponseCharset() {
|
||||
return responseCharset;
|
||||
}
|
||||
|
||||
public void setResponseCharset(String responseCharset) {
|
||||
this.responseCharset = responseCharset;
|
||||
}
|
||||
|
||||
public boolean isDebug() {
|
||||
return debug;
|
||||
}
|
||||
|
||||
public void setDebug(boolean debug) {
|
||||
this.debug = debug;
|
||||
}
|
||||
|
||||
public String[] getUrlPatterns() {
|
||||
return urlPatterns;
|
||||
}
|
||||
|
||||
public void setUrlPatterns(String[] urlPatterns) {
|
||||
this.urlPatterns = urlPatterns;
|
||||
}
|
||||
|
||||
public int getOrder() {
|
||||
return order;
|
||||
}
|
||||
|
||||
public void setOrder(int order) {
|
||||
this.order = order;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,166 @@
|
||||
package com.cxytiandi.encrypt.core;
|
||||
|
||||
import com.cxytiandi.encrypt.algorithm.AesEncryptAlgorithm;
|
||||
import com.cxytiandi.encrypt.algorithm.EncryptAlgorithm;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 数据加解密过滤器
|
||||
*
|
||||
* @author zscat
|
||||
* @date 2019-01-12
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
public class EncryptionFilter implements Filter {
|
||||
|
||||
private Logger logger = LoggerFactory.getLogger(EncryptionFilter.class);
|
||||
|
||||
private EncryptionConfig encryptionConfig;
|
||||
|
||||
private EncryptAlgorithm encryptAlgorithm = new AesEncryptAlgorithm();
|
||||
|
||||
public EncryptionFilter() {
|
||||
this.encryptionConfig = new EncryptionConfig();
|
||||
}
|
||||
|
||||
public EncryptionFilter(EncryptionConfig config) {
|
||||
this.encryptionConfig = config;
|
||||
}
|
||||
|
||||
public EncryptionFilter(EncryptionConfig config, EncryptAlgorithm encryptAlgorithm) {
|
||||
this.encryptionConfig = config;
|
||||
this.encryptAlgorithm = encryptAlgorithm;
|
||||
}
|
||||
|
||||
public EncryptionFilter(String key) {
|
||||
EncryptionConfig config = new EncryptionConfig();
|
||||
config.setKey(key);
|
||||
this.encryptionConfig = config;
|
||||
}
|
||||
|
||||
public EncryptionFilter(String key, List<String> responseEncryptUriList, List<String> requestDecyptUriList,
|
||||
String responseCharset, boolean debug) {
|
||||
this.encryptionConfig = new EncryptionConfig(key, responseEncryptUriList, requestDecyptUriList, responseCharset, debug);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
||||
throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
HttpServletResponse resp = (HttpServletResponse) response;
|
||||
String uri = req.getRequestURI();
|
||||
logger.info("RequestURI: {}", uri);
|
||||
boolean notStatus = this.contains(encryptionConfig.getRequestNoNeedDecyptUriList(), uri, req.getMethod());
|
||||
// 调试模式不加解密
|
||||
if (notStatus || encryptionConfig.isDebug() || uri.startsWith("/swagger-ui") || uri.startsWith("/v2/api-doc")
|
||||
|| uri.startsWith("/webjars") || uri.startsWith("/swagger-resources")
|
||||
|| uri.endsWith(".js") || uri.endsWith(".css") || uri.endsWith(".png")
|
||||
|| uri.endsWith(".html") || uri.endsWith(".jpeg") || uri.endsWith(".jpg")) {
|
||||
chain.doFilter(req, resp);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
boolean decryptionStatus = this.contains(encryptionConfig.getRequestDecyptUriList(), uri, req.getMethod());
|
||||
boolean encryptionStatus = this.contains(encryptionConfig.getResponseEncryptUriList(), uri, req.getMethod());
|
||||
|
||||
|
||||
// 没有配置具体加解密的URI默认全部都开启加解密
|
||||
if (encryptionConfig.getRequestDecyptUriList().size() == 0
|
||||
&& encryptionConfig.getResponseEncryptUriList().size() == 0) {
|
||||
decryptionStatus = true;
|
||||
encryptionStatus = true;
|
||||
}
|
||||
|
||||
// 没有加解密操作
|
||||
if (decryptionStatus == false && encryptionStatus == false) {
|
||||
chain.doFilter(req, resp);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
EncryptionResponseWrapper responseWrapper = null;
|
||||
EncryptionReqestWrapper reqestWrapper = null;
|
||||
// 配置了需要解密才处理
|
||||
if (decryptionStatus) {
|
||||
reqestWrapper = new EncryptionReqestWrapper(req);
|
||||
String requestData = reqestWrapper.getRequestData();
|
||||
logger.debug("RequestData: {}", requestData);
|
||||
try {
|
||||
String decyptRequestData = encryptAlgorithm.decrypt(requestData, encryptionConfig.getKey());
|
||||
logger.debug("DecyptRequestData: {}", decyptRequestData);
|
||||
reqestWrapper.setRequestData(decyptRequestData);
|
||||
} catch (Exception e) {
|
||||
logger.error("请求数据解密失败", e);
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
if (encryptionStatus) {
|
||||
responseWrapper = new EncryptionResponseWrapper(resp);
|
||||
}
|
||||
|
||||
// 同时需要加解密
|
||||
if (encryptionStatus && decryptionStatus) {
|
||||
chain.doFilter(reqestWrapper, responseWrapper);
|
||||
} else if (encryptionStatus) { //只需要响应加密
|
||||
chain.doFilter(req, responseWrapper);
|
||||
} else if (decryptionStatus) { //只需要请求解密
|
||||
chain.doFilter(reqestWrapper, resp);
|
||||
}
|
||||
|
||||
// 配置了需要加密才处理
|
||||
if (encryptionStatus) {
|
||||
String responeData = responseWrapper.getResponseData();
|
||||
logger.debug("ResponeData: {}", responeData);
|
||||
ServletOutputStream out = null;
|
||||
try {
|
||||
responeData = encryptAlgorithm.encrypt(responeData, encryptionConfig.getKey());
|
||||
logger.debug("EncryptResponeData: {}", responeData);
|
||||
response.setContentLength(responeData.length());
|
||||
response.setCharacterEncoding(encryptionConfig.getResponseCharset());
|
||||
out = response.getOutputStream();
|
||||
out.write(responeData.getBytes(encryptionConfig.getResponseCharset()));
|
||||
} catch (Exception e) {
|
||||
logger.error("响应数据加密失败", e);
|
||||
throw new RuntimeException(e);
|
||||
} finally {
|
||||
if (out != null) {
|
||||
out.flush();
|
||||
out.close();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private boolean contains(List<String> list, String uri, String methodType) {
|
||||
if (list.contains(uri)) {
|
||||
return true;
|
||||
}
|
||||
String prefixUri = methodType.toLowerCase() + ":" + uri;
|
||||
logger.debug("contains uri: {}", prefixUri);
|
||||
if (list.contains(prefixUri)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void destroy() {
|
||||
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,58 @@
|
||||
package com.cxytiandi.encrypt.core;
|
||||
|
||||
import com.cxytiandi.encrypt.util.StreamUtils;
|
||||
|
||||
import javax.servlet.ReadListener;
|
||||
import javax.servlet.ServletInputStream;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletRequestWrapper;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
|
||||
public class EncryptionReqestWrapper extends HttpServletRequestWrapper {
|
||||
|
||||
private byte[] requestBody = new byte[0];
|
||||
|
||||
public EncryptionReqestWrapper(HttpServletRequest request) {
|
||||
super(request);
|
||||
try {
|
||||
requestBody = StreamUtils.copyToByteArray(request.getInputStream());
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public ServletInputStream getInputStream() throws IOException {
|
||||
final ByteArrayInputStream bais = new ByteArrayInputStream(requestBody);
|
||||
return new ServletInputStream() {
|
||||
@Override
|
||||
public int read() throws IOException {
|
||||
return bais.read();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isFinished() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isReady() {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setReadListener(ReadListener listener) {
|
||||
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
public String getRequestData() {
|
||||
return new String(requestBody);
|
||||
}
|
||||
|
||||
public void setRequestData(String requestData) {
|
||||
this.requestBody = requestData.getBytes();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,48 @@
|
||||
package com.cxytiandi.encrypt.core;
|
||||
|
||||
import javax.servlet.ServletOutputStream;
|
||||
import javax.servlet.WriteListener;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpServletResponseWrapper;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
|
||||
public class EncryptionResponseWrapper extends HttpServletResponseWrapper {
|
||||
|
||||
private ServletOutputStream filterOutput;
|
||||
|
||||
private ByteArrayOutputStream output;
|
||||
|
||||
public EncryptionResponseWrapper(HttpServletResponse response) {
|
||||
super(response);
|
||||
output = new ByteArrayOutputStream();
|
||||
}
|
||||
|
||||
@Override
|
||||
public ServletOutputStream getOutputStream() throws IOException {
|
||||
if (filterOutput == null) {
|
||||
filterOutput = new ServletOutputStream() {
|
||||
@Override
|
||||
public void write(int b) throws IOException {
|
||||
output.write(b);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isReady() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setWriteListener(WriteListener writeListener) {
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
return filterOutput;
|
||||
}
|
||||
|
||||
public String getResponseData() {
|
||||
return output.toString();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,13 @@
|
||||
package com.cxytiandi.encrypt.springboot;
|
||||
|
||||
public class HttpMethodTypePrefixConstant {
|
||||
|
||||
public static final String GET = "get:";
|
||||
|
||||
public static final String POST = "post:";
|
||||
|
||||
public static final String DELETE = "delete:";
|
||||
|
||||
public static final String PUT = "put:";
|
||||
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
package com.cxytiandi.encrypt.springboot.annotation;
|
||||
|
||||
/**
|
||||
* 解密注解
|
||||
* <p>
|
||||
* <p>加了此注解的接口将进行数据解密操作<p>
|
||||
*
|
||||
* @author zscat
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@Target(ElementType.METHOD)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Documented
|
||||
public @interface Decrypt {
|
||||
|
||||
String value() default "";
|
||||
|
||||
}
|
||||
@@ -0,0 +1,32 @@
|
||||
package com.cxytiandi.encrypt.springboot.annotation;
|
||||
|
||||
import com.cxytiandi.encrypt.springboot.autoconfigure.EncryptAutoConfiguration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
|
||||
/**
|
||||
* 启用加密Starter
|
||||
* <p>
|
||||
* <p>在Spring Boot启动类上加上此注解<p>
|
||||
* <p>
|
||||
* <pre class="code">
|
||||
* @SpringBootApplication
|
||||
* @EnableEncrypt
|
||||
* public class App {
|
||||
* public static void main(String[] args) {
|
||||
* SpringApplication.run(App.class, args);
|
||||
* }
|
||||
* }
|
||||
* <pre>
|
||||
*
|
||||
* @author zscat
|
||||
*
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@Target({ElementType.TYPE})
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Documented
|
||||
@Inherited
|
||||
@Import({EncryptAutoConfiguration.class})
|
||||
public @interface EnableEncrypt {
|
||||
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
package com.cxytiandi.encrypt.springboot.annotation;
|
||||
|
||||
/**
|
||||
* 加密注解
|
||||
* <p>
|
||||
* <p>加了此注解的接口将进行数据加密操作<p>
|
||||
*
|
||||
* @author zscat
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@Target(ElementType.METHOD)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Documented
|
||||
public @interface Encrypt {
|
||||
|
||||
String value() default "";
|
||||
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
package com.cxytiandi.encrypt.springboot.annotation;
|
||||
|
||||
/**
|
||||
* 指定某个方法不需要加密
|
||||
*
|
||||
* @author zscat
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@Target(ElementType.METHOD)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Documented
|
||||
public @interface NotNeedEncrypt {
|
||||
String value() default "";
|
||||
}
|
||||
@@ -0,0 +1,56 @@
|
||||
package com.cxytiandi.encrypt.springboot.autoconfigure;
|
||||
|
||||
import com.cxytiandi.encrypt.algorithm.EncryptAlgorithm;
|
||||
import com.cxytiandi.encrypt.core.EncryptionConfig;
|
||||
import com.cxytiandi.encrypt.core.EncryptionFilter;
|
||||
import com.cxytiandi.encrypt.springboot.init.ApiEncryptDataInit;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
|
||||
/**
|
||||
* 加解密自动配置
|
||||
*
|
||||
* @author zscat
|
||||
* @about 2019-04-30
|
||||
*/
|
||||
@Configuration
|
||||
@EnableAutoConfiguration
|
||||
@EnableConfigurationProperties(EncryptionConfig.class)
|
||||
public class EncryptAutoConfiguration {
|
||||
|
||||
@Autowired
|
||||
private EncryptionConfig encryptionConfig;
|
||||
|
||||
@Autowired(required = false)
|
||||
private EncryptAlgorithm encryptAlgorithm;
|
||||
|
||||
/**
|
||||
* 不要用泛型注册Filter,泛型在Spring Boot 2.x版本中才有
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@SuppressWarnings({"rawtypes", "unchecked"})
|
||||
@Bean
|
||||
public FilterRegistrationBean filterRegistration() {
|
||||
FilterRegistrationBean registration = new FilterRegistrationBean();
|
||||
if (encryptAlgorithm != null) {
|
||||
registration.setFilter(new EncryptionFilter(encryptionConfig, encryptAlgorithm));
|
||||
} else {
|
||||
registration.setFilter(new EncryptionFilter(encryptionConfig));
|
||||
}
|
||||
registration.addUrlPatterns(encryptionConfig.getUrlPatterns());
|
||||
registration.setName("EncryptionFilter");
|
||||
registration.setOrder(encryptionConfig.getOrder());
|
||||
return registration;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public ApiEncryptDataInit apiEncryptDataInit() {
|
||||
return new ApiEncryptDataInit();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,137 @@
|
||||
package com.cxytiandi.encrypt.springboot.init;
|
||||
|
||||
import com.cxytiandi.encrypt.springboot.HttpMethodTypePrefixConstant;
|
||||
import com.cxytiandi.encrypt.springboot.annotation.Decrypt;
|
||||
import com.cxytiandi.encrypt.springboot.annotation.Encrypt;
|
||||
import com.cxytiandi.encrypt.springboot.annotation.NotNeedEncrypt;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationContextAware;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class ApiEncryptDataInit implements ApplicationContextAware {
|
||||
|
||||
/**
|
||||
* 需要对响应内容进行加密的接口URI<br>
|
||||
* 比如:/user/list<br>
|
||||
* 不支持@PathVariable格式的URI
|
||||
*/
|
||||
public static List<String> responseEncryptUriList = new ArrayList<String>();
|
||||
/**
|
||||
* 需要对请求内容进行解密的接口URI<br>
|
||||
* 比如:/user/list<br>
|
||||
* 不支持@PathVariable格式的URI
|
||||
*/
|
||||
public static List<String> requestDecyptUriList = new ArrayList<String>();
|
||||
/**
|
||||
* 需要对请求内容进行不需要解密的URI<br>
|
||||
* 比如:/user/list<br>
|
||||
* 不支持@PathVariable格式的URI
|
||||
*/
|
||||
public static List<String> requestNoNeedDecyptUriList = new ArrayList<String>();
|
||||
private Logger logger = LoggerFactory.getLogger(ApiEncryptDataInit.class);
|
||||
private String contextPath;
|
||||
|
||||
@Override
|
||||
public void setApplicationContext(ApplicationContext ctx) throws BeansException {
|
||||
this.contextPath = ctx.getEnvironment().getProperty("server.servlet.context-path");
|
||||
Map<String, Object> beanMap = ctx.getBeansWithAnnotation(RestController.class);
|
||||
initData(beanMap);
|
||||
beanMap = ctx.getBeansWithAnnotation(Controller.class);
|
||||
initData(beanMap);
|
||||
}
|
||||
|
||||
private void initData(Map<String, Object> beanMap) {
|
||||
if (beanMap != null) {
|
||||
for (Object bean : beanMap.values()) {
|
||||
Class<?> clz = bean.getClass();
|
||||
Method[] methods = clz.getMethods();
|
||||
for (Method method : methods) {
|
||||
if (method.isAnnotationPresent(Encrypt.class)) {
|
||||
// 注解中的URI优先级高
|
||||
String uri = method.getAnnotation(Encrypt.class).value();
|
||||
if (!StringUtils.hasText(uri)) {
|
||||
uri = getApiUri(clz, method);
|
||||
}
|
||||
logger.debug("Encrypt URI: {}", uri);
|
||||
responseEncryptUriList.add(uri);
|
||||
}
|
||||
if (method.isAnnotationPresent(Decrypt.class)) {
|
||||
String uri = method.getAnnotation(Decrypt.class).value();
|
||||
if (!StringUtils.hasText(uri)) {
|
||||
uri = getApiUri(clz, method);
|
||||
}
|
||||
logger.debug("Decrypt URI: {}", uri);
|
||||
requestDecyptUriList.add(uri);
|
||||
}
|
||||
if (method.isAnnotationPresent(NotNeedEncrypt.class)) {
|
||||
String uri = method.getAnnotation(NotNeedEncrypt.class).value();
|
||||
if (!StringUtils.hasText(uri)) {
|
||||
uri = getApiUri(clz, method);
|
||||
}
|
||||
logger.debug("NotNeedEncrypt URI: {}", uri);
|
||||
requestNoNeedDecyptUriList.add(uri);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private String getApiUri(Class<?> clz, Method method) {
|
||||
String methodType = "";
|
||||
StringBuilder uri = new StringBuilder();
|
||||
|
||||
if (clz.isAnnotationPresent(RequestMapping.class)) {
|
||||
uri.append(formatUri(clz.getAnnotation(RequestMapping.class).value()[0]));
|
||||
}
|
||||
|
||||
if (method.isAnnotationPresent(GetMapping.class)) {
|
||||
|
||||
methodType = HttpMethodTypePrefixConstant.GET;
|
||||
uri.append(formatUri(method.getAnnotation(GetMapping.class).value()[0]));
|
||||
|
||||
} else if (method.isAnnotationPresent(PostMapping.class)) {
|
||||
|
||||
methodType = HttpMethodTypePrefixConstant.POST;
|
||||
uri.append(formatUri(method.getAnnotation(PostMapping.class).value()[0]));
|
||||
|
||||
} else if (method.isAnnotationPresent(RequestMapping.class)) {
|
||||
|
||||
RequestMapping requestMapping = method.getAnnotation(RequestMapping.class);
|
||||
RequestMethod m = requestMapping.method()[0];
|
||||
methodType = m.name().toLowerCase() + ":";
|
||||
uri.append(formatUri(requestMapping.value()[0]));
|
||||
|
||||
} else if (method.isAnnotationPresent(PutMapping.class)) {
|
||||
|
||||
methodType = HttpMethodTypePrefixConstant.PUT;
|
||||
uri.append(formatUri(method.getAnnotation(PutMapping.class).value()[0]));
|
||||
|
||||
} else if (method.isAnnotationPresent(GetMapping.class)) {
|
||||
|
||||
methodType = HttpMethodTypePrefixConstant.DELETE;
|
||||
uri.append(formatUri(method.getAnnotation(GetMapping.class).value()[0]));
|
||||
|
||||
}
|
||||
|
||||
if (StringUtils.hasText(this.contextPath)) {
|
||||
return methodType + this.contextPath + uri.toString();
|
||||
}
|
||||
return methodType + uri.toString();
|
||||
}
|
||||
|
||||
private String formatUri(String uri) {
|
||||
if (uri.startsWith("/")) {
|
||||
return uri;
|
||||
}
|
||||
return "/" + uri;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
package com.cxytiandi.encrypt.util;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
|
||||
import javax.crypto.Cipher;
|
||||
import javax.crypto.KeyGenerator;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
|
||||
public class AesEncryptUtils {
|
||||
private static final String KEY = "d7b85f6e214abcda";
|
||||
private static final String ALGORITHMSTR = "AES/ECB/PKCS5Padding";
|
||||
|
||||
public static String base64Encode(byte[] bytes) {
|
||||
return Base64.encodeBase64String(bytes);
|
||||
}
|
||||
|
||||
public static byte[] base64Decode(String base64Code) throws Exception {
|
||||
return Base64.decodeBase64(base64Code);
|
||||
}
|
||||
|
||||
public static byte[] aesEncryptToBytes(String content, String encryptKey) throws Exception {
|
||||
KeyGenerator kgen = KeyGenerator.getInstance("AES");
|
||||
kgen.init(128);
|
||||
Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
|
||||
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES"));
|
||||
return cipher.doFinal(content.getBytes("utf-8"));
|
||||
}
|
||||
|
||||
public static String aesEncrypt(String content, String encryptKey) throws Exception {
|
||||
return base64Encode(aesEncryptToBytes(content, encryptKey));
|
||||
}
|
||||
|
||||
public static String aesDecryptByBytes(byte[] encryptBytes, String decryptKey) throws Exception {
|
||||
KeyGenerator kgen = KeyGenerator.getInstance("AES");
|
||||
kgen.init(128);
|
||||
Cipher cipher = Cipher.getInstance(ALGORITHMSTR);
|
||||
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES"));
|
||||
byte[] decryptBytes = cipher.doFinal(encryptBytes);
|
||||
return new String(decryptBytes, "utf-8");
|
||||
}
|
||||
|
||||
public static String aesDecrypt(String encryptStr, String decryptKey) throws Exception {
|
||||
return aesDecryptByBytes(base64Decode(encryptStr), decryptKey);
|
||||
}
|
||||
|
||||
public static void main(String[] args) throws Exception {
|
||||
String content = "你好";
|
||||
System.out.println("加密前:" + content);
|
||||
|
||||
String encrypt = aesEncrypt(content, KEY);
|
||||
System.out.println(encrypt.length() + ":加密后:" + encrypt);
|
||||
|
||||
String decrypt = aesDecrypt("2t9Flqu9yxOQOieasr6qRUzLsRxMmFrwiXNRNrup1g/dfIJn5O8zGdMABAN+/fO59iROJeSfoF7YyUUyvg+ZC4MKHhgvPrFtr75H15Xa7avGRR17n4vsyEmuB5ZjvUNIfW4HJ2PyXitwGJjiPv19EXwS9lW+YieHiCGIFwVEZ52e9V3Zy8z1buz1LUMPs04EAZKHCI1W0GDVURrVQxwBM/G5IxW0MW8hiWQXQ8/Vs3Dyav2Me5Wnu8IPWsWIdrFGx74p4ttD/GkVZAiM71lWmnJSW0NDA+38JMonkLeHmCjnbmwH2Js0+lxgxpRWXyt3X/CGzJOfgPF94u2d3WooNsZFHXufi+zISa4HlmO9Q0h9bgcnY/JeK3AYmOI+/X0RfBL2Vb5iJ4eIIYgXBURnnZ71XdnLzPVu7PUtQw+zTgQBkocIjVbQYNVRGtVDHAEzjWPa3WrlgTThWIVfKbOolPMqFly6NU5VpStFyQBrcADtGzRLjKXNzXXAQiORgXTrpwLo4ZIxQx2cr6XfKeEe5FM+VotHr7FjUQSzbzIdJGJznIcgcZnbK2HDemhHFjA7+QTHU6iBLVCV1ccwZGEk+jPuWf8fXo8NJR1NQLs1QGuuoWtMBJLYcwYX8jGKn7TyOeMUSGj1JJgfmqWJDAKq9fHRwxTBjFEFJI7gl7olksgngrxoOBoIFCMbUkFiqTTHbSBs+sBviqXEW638A6buiqVnN67xGDY1GMXhXcMK0UBdYHnkapRReCkgeHPmV4jPsZ2rOo6DXe1EFjb4ce0AQOwGXWYUDwUxxsgEhD4vI6DSZPscUMGtQ0Wy3BV9wDUWCdZ7/1kfKKLUTwAs9I/1Sm0Kb+SZhUNQE1H6TAfplT7oEUQg3ddD+CjHpNqZ8mjX6KCA6LhtqGp8BW4TVkquUTDgNUivJYwmQnQlrBfka2s4mePRJ1qRJ623ZwpqudKtA/ZxR13KnlRK6LR70QF7Qadrj7r8rR8KBy1gS8cKKFUojN9CBfNWOImXayfKidmHSaZvEYu4c48MK1Q4322G/5A/AKCRy7Mqu4qlTRVsHzFmqunY84G3dYNKSKkxeKM2p0sCw9dkVooIw4B1qWmC2w0lQphjpiOib+7JHwmPMsWgCgmDrql1PPBmO6DbwFlJs/nHWctio90mU7ZjJmQwoIoerDN3i1PMhBA/pxndZLRdU9jfiO13JK+LO6wW8iHB2XRmyEFD+sh5EY8rOJlYGNP7npClVRnC9pI44e1xIaQNPaEXM01Pui04KLKdbNul2R8k5Lb9h3twkWnnwCpLiGXlZ1J39vf1zaYFXmypZJNggaTzj12O7Q68u3z1FJbIfE3VC7Z6XbM13AkLXb4ftPCIJ6zVqIXn8kAsPyYl7Eguj9h3SA+v+Uho/pchuQX06WtMGPu0FCJl8Rg/IgJSzRJV8Q4tJBfao3XKgxeZ5xCV9ssdPXLnPOkOtk8npnnlrhPaF5uFAmopL1WAdGIrBUeVM3dVLYRGJTThdTCmP5l5IelpajfNszUxY56ZQcKp", KEY);
|
||||
System.out.println("解密后:" + decrypt);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,169 @@
|
||||
package com.cxytiandi.encrypt.util;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.io.OutputStream;
|
||||
import java.nio.charset.Charset;
|
||||
|
||||
public abstract class StreamUtils {
|
||||
|
||||
public static final int BUFFER_SIZE = 4096;
|
||||
|
||||
private static final byte[] EMPTY_CONTENT = new byte[0];
|
||||
|
||||
|
||||
public static byte[] copyToByteArray(InputStream in) throws IOException {
|
||||
if (in == null) {
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream(BUFFER_SIZE);
|
||||
copy(in, out);
|
||||
return out.toByteArray();
|
||||
}
|
||||
|
||||
public static String copyToString(InputStream in, Charset charset) throws IOException {
|
||||
if (in == null) {
|
||||
return "";
|
||||
}
|
||||
|
||||
StringBuilder out = new StringBuilder();
|
||||
InputStreamReader reader = new InputStreamReader(in, charset);
|
||||
char[] buffer = new char[BUFFER_SIZE];
|
||||
int bytesRead = -1;
|
||||
while ((bytesRead = reader.read(buffer)) != -1) {
|
||||
out.append(buffer, 0, bytesRead);
|
||||
}
|
||||
return out.toString();
|
||||
}
|
||||
|
||||
|
||||
public static void copy(byte[] in, OutputStream out) throws IOException {
|
||||
out.write(in);
|
||||
}
|
||||
|
||||
|
||||
public static void copy(String in, Charset charset, OutputStream out) throws IOException {
|
||||
Writer writer = new OutputStreamWriter(out, charset);
|
||||
writer.write(in);
|
||||
writer.flush();
|
||||
}
|
||||
|
||||
public static int copy(InputStream in, OutputStream out) throws IOException {
|
||||
int byteCount = 0;
|
||||
byte[] buffer = new byte[BUFFER_SIZE];
|
||||
int bytesRead = -1;
|
||||
while ((bytesRead = in.read(buffer)) != -1) {
|
||||
out.write(buffer, 0, bytesRead);
|
||||
byteCount += bytesRead;
|
||||
}
|
||||
out.flush();
|
||||
return byteCount;
|
||||
}
|
||||
|
||||
public static long copyRange(InputStream in, OutputStream out, long start, long end) throws IOException {
|
||||
long skipped = in.skip(start);
|
||||
if (skipped < start) {
|
||||
throw new IOException("Skipped only " + skipped + " bytes out of " + start + " required");
|
||||
}
|
||||
|
||||
long bytesToCopy = end - start + 1;
|
||||
byte[] buffer = new byte[StreamUtils.BUFFER_SIZE];
|
||||
while (bytesToCopy > 0) {
|
||||
int bytesRead = in.read(buffer);
|
||||
if (bytesRead == -1) {
|
||||
break;
|
||||
} else if (bytesRead <= bytesToCopy) {
|
||||
out.write(buffer, 0, bytesRead);
|
||||
bytesToCopy -= bytesRead;
|
||||
} else {
|
||||
out.write(buffer, 0, (int) bytesToCopy);
|
||||
bytesToCopy = 0;
|
||||
}
|
||||
}
|
||||
return (end - start + 1 - bytesToCopy);
|
||||
}
|
||||
|
||||
/**
|
||||
* Drain the remaining content of the given InputStream.
|
||||
* Leaves the InputStream open when done.
|
||||
*
|
||||
* @param in the InputStream to drain
|
||||
* @return the number of bytes read
|
||||
* @throws IOException in case of I/O errors
|
||||
* @since 4.3
|
||||
*/
|
||||
public static int drain(InputStream in) throws IOException {
|
||||
byte[] buffer = new byte[BUFFER_SIZE];
|
||||
int bytesRead = -1;
|
||||
int byteCount = 0;
|
||||
while ((bytesRead = in.read(buffer)) != -1) {
|
||||
byteCount += bytesRead;
|
||||
}
|
||||
return byteCount;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an efficient empty {@link InputStream}.
|
||||
*
|
||||
* @return a {@link ByteArrayInputStream} based on an empty byte array
|
||||
* @since 4.2.2
|
||||
*/
|
||||
public static InputStream emptyInput() {
|
||||
return new ByteArrayInputStream(EMPTY_CONTENT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a variant of the given {@link InputStream} where calling
|
||||
* {@link InputStream#close() close()} has no effect.
|
||||
*
|
||||
* @param in the InputStream to decorate
|
||||
* @return a version of the InputStream that ignores calls to close
|
||||
*/
|
||||
public static InputStream nonClosing(InputStream in) {
|
||||
return new NonClosingInputStream(in);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a variant of the given {@link OutputStream} where calling
|
||||
* {@link OutputStream#close() close()} has no effect.
|
||||
*
|
||||
* @param out the OutputStream to decorate
|
||||
* @return a version of the OutputStream that ignores calls to close
|
||||
*/
|
||||
public static OutputStream nonClosing(OutputStream out) {
|
||||
return new NonClosingOutputStream(out);
|
||||
}
|
||||
|
||||
|
||||
private static class NonClosingInputStream extends FilterInputStream {
|
||||
|
||||
public NonClosingInputStream(InputStream in) {
|
||||
super(in);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws IOException {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private static class NonClosingOutputStream extends FilterOutputStream {
|
||||
|
||||
public NonClosingOutputStream(OutputStream out) {
|
||||
super(out);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void write(byte[] b, int off, int let) throws IOException {
|
||||
// It is critical that we override this method for performance
|
||||
out.write(b, off, let);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void close() throws IOException {
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user