Spring Boot集成 Druid数据库密码加密

1、使用AES对称加密数据库密码

public class AesUtils {
	
	private final static String  KEY="112b3b4d5e6f7m8n";
	private static final String KEY_ALGORITHM = "AES";
	/**"算法/模式/补码方式"*/
	private static final String CIPHER_ALGORITHM = "AES/ECB/PKCS5Padding";
	private static final String DEFAULT_CHARSET = "UTF-8";

	public static String encrypt(String content) {
		try {
			byte[] byteContent = content.getBytes(DEFAULT_CHARSET);
			SecretKeySpec sKeySpec = new SecretKeySpec(KEY.getBytes(), KEY_ALGORITHM);
			Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
			cipher.init(Cipher.ENCRYPT_MODE, sKeySpec);
			byte[] encrypted = cipher.doFinal(byteContent);
			return  new String(Base64Utils.encode(encrypted));
		} catch (Exception e) {
			e.printStackTrace();
			throw new RuntimeException(e);
		}
	}

	public static String decrypt(String content) {
		try {
			byte[] byteContent = Base64Utils.decodeFromString(content);
			SecretKeySpec key = new SecretKeySpec(KEY.getBytes(), KEY_ALGORITHM);
			Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
			cipher.init(Cipher.DECRYPT_MODE, key);
			byte[] rByte = cipher.doFinal(byteContent);
			return new String(rByte, DEFAULT_CHARSET);
		} catch (Exception e) {
			e.printStackTrace();
			throw new RuntimeException(e);
		}
	}
}

   AesUtils.encrypt("root")运算得出数据库加密后密码  Wb3QAAhCDQvcNSzVz5z3lw=

2、数据源配置

   yml文件：

spring:
  datasource:
    type: com.alibaba.druid.pool.DruidDataSource
    driverClassName: com.mysql.cj.jdbc.Driver
    one:
      url: jdbc:mysql://${serverIp}:3306/cateen_db?useUnicode=true&characterEncoding=utf-8
      username: root
      password: Wb3QAAhCDQvcNSzVz5z3lw==
    two:
      url: jdbc:mysql://${serverIp}:3306/fee_db?useUnicode=true&characterEncoding=utf-8
      username: root
      password: Wb3QAAhCDQvcNSzVz5z3lw==

数据源注入spring

@Configuration
public class MyDataSourceConfig {

    @Bean("dataSourceOne")
    @ConfigurationProperties(prefix = "spring.datasource.one")
    public DruidDataSource dataSourceOne(){
        return new DruidDataSource();
    }

    @Bean("dataSourceTwo")
    @ConfigurationProperties(prefix = "spring.datasource.two")
    public DruidDataSource dataSourceTwo(){
        return new DruidDataSource();
    }

}

3、数据库密码解密

@Component
public class CustomBeanPostProcessor extends ConfigurationClassPostProcessor implements  BeanPostProcessor  {

    private final static Logger LOGGER = LoggerFactory.getLogger(CustomBeanPostProcessor.class);

    private ConfigurableListableBeanFactory  beanFactory;

    @Override
    public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) {
        super.postProcessBeanFactory(beanFactory);
        this.beanFactory=beanFactory;
    }

    @Override
    public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
        String dataSourceOne ="dataSourceOne";
        String dataSourceTwo ="dataSourceTwo";
        if (StringUtils.equals(dataSourceOne,beanName)){
            DruidDataSource druidDataSourceOne = (DruidDataSource) beanFactory.getBean(dataSourceOne);
            String password = druidDataSourceOne.getPassword();
            LOGGER.info("druidDataSourceOne--->pwd="+ password);
            druidDataSourceOne.setPassword(AesUtils.decrypt(password));
        }
        if (StringUtils.equals(dataSourceTwo,beanName)){
            DruidDataSource druidDataSourceTwo = (DruidDataSource) beanFactory.getBean(dataSourceTwo);
            String password = druidDataSourceTwo.getPassword();
            LOGGER.info("druidDataSourceTwo--->pwd="+ password);
            druidDataSourceTwo.setPassword(AesUtils.decrypt(password));
        }
        return bean;
    }
}