对传入加密参数的自动解密,业务里面用得不多,只有密码传输时用了下加解密,仅限字符串参数。有类似需求的可以参考扩展,核心是实现SpringMVC的HandlerMethodArgumentResolver 扩展类
加解密参数处理类:
public class EncrypMethodArgHandler implements HandlerMethodArgumentResolver {
@Override
public boolean supportsParameter(MethodParameter parameter) {
//处理带Encrypt注解的参数
return null != parameter.getParameterAnnotation(Encrypt.class);
}
@Override
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
//解下密返回就完事了
return encryptParamValue(webRequest, parameter.getParameterName());
}
privateString encryptParamValue(NativeWebRequest webRequest, String parameterName) {
String value = webRequest.getParameter(parameterName);
if (isNotNull(value)) {
value = decrypt(parameterName, value);
}
return value;
}
privateString decrypt(String parameterName, String value) {
try {
value = UtilCrypt.decryptAES(value);
} catch (Exception e) {
throw new LocalException("参数" + parameterName + "解码失败");
}
return value;
}
}
Encrypt 注解:
@Target({ ElementType.METHOD, ElementType.FIELD, ElementType.PARAMETER, ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
public @interface Encrypt {
String[] value() default {};
//可以扩展指定加解密方式
}
注册加密类
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
resolvers.add(new EncrypMethodArgHandler());
}
}
实际使用:
@RequestMapping("/edit/password")
@SystemLog(" 修改密码")
public JsonResult editPassword(String userId, @Encrypt String password) throws Exception {
return service.editPassword(userId, password);
}