废话不多说,先上源码(部分脱敏,见谅)
package *.*.interceptor;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import *.*.aop.IgnoreDecryption;
import *.*.enums.ResultEnum;
import *.*.exception.RequestParamException;
import *.*.model.ResultModel;
import *.*.util.Sha256Util;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import java.util.Map;
@Slf4j
@Component
@ControllerAdvice(basePackages = "*.*.controller")
public class RequestBodyInterceptor implements RequestBodyAdvice {
@Value("${base64.encrypt.password}")
private String base64Password;
@ExceptionHandler(RequestParamException.class)
@ResponseBody
public Object handleException(Exception e) {
String message = e.getCause().getMessage();
return new ResultModel(ResultEnum.FAIL_DECRYPTE,message);
}
@Override
public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return methodParameter.hasParameterAnnotation(RequestBody.class);
}
@Override
public HttpInputMessage beforeBodyRead(HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) throws IOException {
// 提取数据
IgnoreDecryption ignoreDecryption = methodParameter.getMethodAnnotation(IgnoreDecryption.class);
if(ignoreDecryption == null){//需要解密
InputStream is = httpInputMessage.getBody();
byte[] data = new byte[is.available()];
is.read(data);
//转数据类型
ObjectMapper mapper = new ObjectMapper();
Map<String, String> m = mapper.readValue(new String(data), Map.class);
String params = m.get("data");
if(StringUtils.isEmpty(params)){
throw new RequestParamException("未获取到入参");
}else {//解密
String decryptedBody = Sha256Util.decrypt(params.getBytes(),base64Password);
System.err.println("解密前数据:"+params);
System.err.println("解密后数据:"+decryptedBody);
if (StringUtils.isEmpty(decryptedBody)) throw new RequestParamException("解密失败");
InputStream inputStream = new ByteArrayInputStream(decryptedBody.getBytes());
return new DecryptHttpInputMessage(httpInputMessage.getHeaders(),inputStream);
}
}
return httpInputMessage;
}
@Override
public Object afterBodyRead(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return body;
}
@Override
public Object handleEmptyBody(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
return body;
}
static class DecryptHttpInputMessage implements HttpInputMessage{
HttpHeaders headers;
InputStream body;
public DecryptHttpInputMessage(HttpHeaders headers,InputStream body){
this.headers = headers;
this.body = body;
}
@Override
public InputStream getBody() throws IOException {
return body;
}
@Override
public HttpHeaders getHeaders() {
return headers;
}
}
}
需求解析:由于业务需要,要求对所有入参进行加解密,前后端传参方式全是body传参,故再body里进行解密操作;考虑到开发测试的时候,加解密body会造成不必要的麻烦,故增加不解密注解;
一、自定义注解 IgnoreDecryption ,开发时加上该注解,可以再body里传明文,提交代码时去掉即可。
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 忽略解密操作 存在即不进行解密
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD})
public @interface IgnoreDecryption {
}
二、实现 RequestBodyAdvice 方法;在读body数据之前进行解密并回传;具体参考文章开始的全代码(beforeBodyRead方法);由于body的数据取过之后就会变空,故解密后需要重新放入。
三、解密异常处理,在解密的时候,需要对解密过程中的非正常状态进行处理,并且返回固定格式;故新建异常并处理返回结果。在RequestBodyAdvice里即可以处理指定异常,也可以处理全局异常;处理全局异常,只需将@ExceptionHandler(RequestParamException.class)换成@ExceptionHandler(Exception.class)即可