说明:想了解mybatis拦截器实现bean加解密原理的同学先去其他平台了解后,
在应用上遇到问题/想借鉴下应用方法的可以继续往下看~
1、定义加密类、加密字段的注解
import java.lang.annotation.*;
/**
* 需要加解密的类注解
*/
@Documented
@Inherited
@Target({ ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
public @interface EncryptDecryptClass {
}
// todo 给每个字段定义其特定的加解密方法
import com.okcoin.hris.oksafe.EncryptDecrypt.EncryptDecrypt;
import java.lang.annotation.*;
/**
* 加密字段注解
* @author lpp
*/
@Documented
@Inherited
@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
public @interface EncryptDecryptField {
Class<? extends EncryptDecrypt> encryptDecrypt();// 自定义的加解密实现类
}
2、加解密方法工具包 (具体加解密不懂的同学建议先调试,思考后再沟通博主协助解答哦~)
因为该加解密机制也是在生产环境应用才1个月之久,目前加解密算法较单一,后续会增强~
**
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.core.annotation.AnnotationUtils;
import java.lang.reflect.Field;
import java.util.*;
import java.util.stream.Collectors;
/***
*@author lpp
*@since 2021/11/26 下午4:49
*/
@Slf4j
public class EncryptDecryptUtil {
/**
* 是否需要解密
*
* @param object
* @return
*/
public static boolean needToDecrypt(Object object) {
Class<?> objectClass = object.getClass();
EncryptDecryptClass encryptDecryptClass = AnnotationUtils.findAnnotation(objectClass, EncryptDecryptClass.class);
return Objects.nonNull(encryptDecryptClass);
}
/**
* 字段集合的解密
*
* @param object 集合数据
* @throws IllegalAccessException IllegalAccessException
*/
public static void fieldListDecrypt(Object object) throws IllegalAccessException, InstantiationException {
ArrayList resultList = (ArrayList) object;
if (resultList.isEmpty() || !needToDecrypt(resultList.get(0))) {
return;
}
Field[] declaredFields = EncryptDecryptUtil.getFields(resultList.get(0).getClass());
if (ArrayUtils.isEmpty(declaredFields)) {
return;
}
for (Object o : resultList) {
decrypt(declaredFields, o);
}
}
/**
* 多个 field 解密方法
*
* @param declaredFields 解密字段
* @param result 结果
* @throws IllegalAccessException IllegalAccessException
*/
public static void decrypt(Field[] declaredFields, Object result) throws IllegalAccessException, InstantiationException {
for (Field field : declaredFields) {
decrypt(field, result);
}
}
/**
* 单个 field 解密方法
*
* @param field 字段
* @param result 结果
* @throws IllegalAccessException IllegalAccessException
*/
private static void decrypt(Field field, Object result) throws IllegalAccessException, InstantiationException {
fieldObjectDecrypt(field, result);
field.setAccessible(true);
Object object = field.get(result);
if (Objects.isNull(object)) {
return;
}
if (!(object instanceof String)) {
return;
}
String fieldValue = (String) object;
if (StringUtils.isBlank(fieldValue)) {
return;
}