在系统开发过程中经常碰到手机号、地址等敏感信息的脱敏操作,这里记录下我们系统中使用的方式
1、定义脱敏枚举类
这里使用jdk8函数式编程的特性,绑定函数操作
public enum DataMaskEnum {
/*名称脱敏*/
USERNAME(s->s.replaceAll("(\\S)\\S(\\S*)","$1*$2")),
/*手机号脱敏*/
PHONE(s->s.replaceAll("(\\d{3})\\d{4}(\\d{4})","$1****$2")),
/*地址脱敏*/
ADDRESS(s->s.replaceAll("(\\S{3})\\S{2}(\\S*)\\S{2}","$1****$2****"))
;
private Function<String,String> function;
DataMaskEnum(Function<String, String> function) {
this.function = function;
}
public Function<String, String> function(){
return this.function;
}
}
2、定义数据脱敏注解
@Target({ElementType.FIELD,ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@JacksonAnnotationsInside
@JsonSerialize(using = DataMaskingSerializer.class)
public @interface DataMask {
//默认是手机号脱敏
DataMaskEnum function() default DataMaskEnum.PHONE;
}
3、结合jackson处理序列化操作
public final class DataMaskingSerializer extends JsonSerializer<String> implements ContextualSerializer {
private DataMaskEnum dataMaskEnum;
@Override
public void serialize(String s, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
jsonGenerator.writeString(dataMaskEnum.function().apply(s));
}
@Override
public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty beanProperty) throws JsonMappingException {
DataMask annotation = beanProperty.getAnnotation(DataMask.class);
if(Objects.nonNull(annotation)&&Objects.equals(String.class,beanProperty.getType().getRawClass())){
this.dataMaskEnum=annotation.function();
return this;
}
return prov.findValueSerializer(beanProperty.getType(),beanProperty);
}
}
4、实例操作
public class SysUser{
@DataMask
private String phoneNumber;
@DataMask(function=DataMaskEnum.ADDRESS)
private String address;
//...
}
至此代码 已完结,正常请求接口时对应字段的响应结果即为脱敏后的数据。
来源:
http://spring4all.com/forum-post/3259.html