package com.hispeed.boot.annotation;
import org.springframework.web.bind.annotation.Mapping;
import java.lang.annotation.*;
/**
* 请求数据解密
* Created by liangmm on 2018-12-3.
*/
@Target({ElementType.METHOD,ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Mapping
@Documented
public @interface SecurityParameter {
//入参是否解密,默认解密
boolean inDecode() default true;
//出参是否加密,默认加密
boolean outEncode() default true;
}
package com.hispeed.boot.aop;
import com.hispeed.boot.annotation.SecurityParameter;
import com.hispeed.boot.util.AesEncryptUtils;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
/**
* Created by liangmm on 2018-12-3.
*/
@ControllerAdvice(basePackages = {"com.hispeed.boot.controller"})
public class DecodeRequestBodyAdvice implements RequestBodyAdvice {
private static final Logger logger= LoggerFactory.getLogger("DecodeRequestBodyAdvice");
@Override
public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return true;
}
@Override
public Object handleEmptyBody(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return body;
}
@Override
public HttpInputMessage beforeBodyRead(HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) throws IOException {
try{
boolean encode=false;
if(methodParameter.getMethod().isAnnotationPresent(SecurityParameter.class)){
//获取注解配置的包含和去除字段
SecurityParameter serializedField = methodParameter.getMethodAnnotation(SecurityParameter.class);
//入参是否需要解密
encode=serializedField.inDecode();
}
if(encode){
//入参需要解密
logger.info("--对方法"+methodParameter.getMethod().getName()+"返回数据进行解密");
return new MyHttpInputMessage(httpInputMessage);
}else{
return httpInputMessage;
}
}catch (Exception e){
e.printStackTrace();
logger.error("--对方法"+methodParameter.getMethod().getName()+"返回数据进行解密异常:"+e.getMessage());
return httpInputMessage;
}
// return httpInputMessage;
}
@Override
public Object afterBodyRead(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return body;
}
class MyHttpInputMessage implements HttpInputMessage{
private HttpHeaders headers;
private InputStream body;
public MyHttpInputMessage(HttpInputMessage httpInputMessage) throws Exception {
this.headers=httpInputMessage.getHeaders();
this.body= IOUtils.toInputStream(AesEncryptUtils.decrypt(easpString(IOUtils.toString(httpInputMessage.getBody(),"utf-8"))),"utf-8");
}
@Override
public InputStream getBody() throws IOException {
return body;
}
@Override
public HttpHeaders getHeaders() {
return headers;
}
public String easpString(String requestData){
System.out.println("--requestData:"+requestData);
// if(!Strings.isNullOrEmpty(requestData)){
// String str="{\"requestData\":";
// logger.info("--requestBody"+this.body);
// if(!requestData.startsWith(str)){
// throw new RuntimeException("参数【requestData】缺失异常");
// }else{
// int closeLen=requestData.length()-1;
// int openLen=str.length();
// String substring= StringUtils.substring(requestData,openLen,closeLen);
// return substring;
// }
// }
return requestData;
}
}
}
package com.hispeed.boot.aop;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hispeed.boot.annotation.SecurityParameter;
import com.hispeed.boot.util.AesEncryptUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
/**
* 返回数据加密
* Created by liangmm on 2018-12-3.
*/
@ControllerAdvice(basePackages = {"com.hispeed.boot.controller"})
public class EncodeResponseBodyAdvice implements ResponseBodyAdvice{
private static final Logger logger= LoggerFactory.getLogger("EncodeResponseBodyAdvice");
@Override
public boolean supports(MethodParameter methodParameter, Class aClass) {
return true;
}
@Override
public Object beforeBodyWrite(Object body, MethodParameter methodParameter, MediaType mediaType, Class aClass, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
boolean encode=false;
if(methodParameter.getMethod().isAnnotationPresent(SecurityParameter.class)){
//获取注解配置的包含的去除字段
SecurityParameter securityParameter = methodParameter.getMethodAnnotation(SecurityParameter.class);
encode=securityParameter.outEncode();
}
if(encode){
logger.info("--对方法"+methodParameter.getMethod().getName()+"返回数据进行加密");
ObjectMapper objectMapper=new ObjectMapper();
try{
String result=objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(body);
return AesEncryptUtils.encrypt(result);
}catch (Exception e){
e.printStackTrace();
logger.error("对方法"+methodParameter.getMethod().getName()+"返回数据进行加密异常:"+e.getMessage());
}
}
return body;
}
}
package com.hispeed.boot.util;
import org.apache.tomcat.util.codec.binary.Base64;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
/**
* DES 加解密
* DES是一种对称加密算法,所谓对称加密算法:加密和解密使用相同密钥的算法。DES加密算法出自IBM的研究,
* 后来被美国政府正式采用,之后开始广泛流传,但是近些年使用越来越少,因为DES使用56位密钥,以现代计算机的能力,
* 24小时即可被破解。虽然如此,在某些简单应用中,我们还是可以使用DES加密算法,本文简单讲解DES的Java实现。
* 注意:DES加密和解密过程中,密钥长度都必须是8的倍数。
* 前后端数据传输加密工具类
* Created by liangmm on 2018-12-3.
*/
public class AesEncryptUtils {
//可配置到constant中,并读取配置文件注入,16位,自己定义
private static final String KEY="abcdef0123456789";
//参数分别代表 算法名称/加密模式/数据填充方式
private static final String ALGORITHMSTR="AES/ECB/PKCS5Padding";
/**
*
* @param content 加密的字符串
* @param encryptKey key值
* @return
* @throws Exception
*/
public static String encrypt(String content,String encryptKey) throws Exception {
KeyGenerator kgen=KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher= Cipher.getInstance(ALGORITHMSTR);
cipher.init(Cipher.ENCRYPT_MODE,new SecretKeySpec(encryptKey.getBytes(),"AES"));
byte[] b=cipher.doFinal(content.getBytes("utf-8"));
//采用Base64算法进行转码,避免出现中文乱码
return Base64.encodeBase64String(b);
}
/**
*
* @param encryptStr 解密的字符串
* @param decryptKey 解密的key值
* @return
* @throws Exception
*/
public static String decrypt(String encryptStr,String decryptKey) throws Exception {
KeyGenerator kgen=KeyGenerator.getInstance("AES");
kgen.init(128);
Cipher cipher=Cipher.getInstance(ALGORITHMSTR);
cipher.init(Cipher.DECRYPT_MODE,new SecretKeySpec(decryptKey.getBytes(),"AES"));
//采用base64算法进行转码,避免出现中文乱码
byte[] encryptBytes=Base64.decodeBase64(encryptStr);
byte[] decryptBytes=cipher.doFinal(encryptBytes);
return new String(decryptBytes);
}
public static String encrypt(String content) throws Exception {
return encrypt(content,KEY);
}
public static String decrypt(String encryptStr) throws Exception {
return decrypt(encryptStr,KEY);
}
// public static void main(String[] args) {
// Map<String,String> map=new HashMap<>();
// map.put("key","value");
// map.put("国籍","中国");
// String content= JSONObject.toJSONString(map);
// System.out.println("加密前:"+content);
// try {
// String encrypt=encrypt(content);
// System.out.println("加密后:"+encrypt);
// String decrypt=decrypt(encrypt);
// System.out.println("解密后:"+decrypt);
// } catch (Exception e) {
// e.printStackTrace();
// }
// }
}
package com.hispeed.boot.controller;
import com.google.common.collect.Maps;
import com.hispeed.boot.annotation.SecurityParameter;
import com.hispeed.boot.entity.User;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.ResponseBody;
import java.util.Map;
/**
* Created by liangmm on 2018-12-3.
*/
@Controller
public class TestController {
@GetMapping("index")
public String index(){
return "index";
}
//测试返回数据,会自动加密
@GetMapping("/find")
@ResponseBody
@SecurityParameter
public Object findUser(){
User user=new User();
user.setLoginName("zhangsan");
return user;
}
//
@PostMapping("/save")
@ResponseBody
@SecurityParameter
public Object save(@RequestBody User user){
System.out.println("--loginName:"+user);
Map<String,String> map= Maps.newHashMap();
map.put("result","success");
return user;
}
}