ResponseBodyAdvice 在你使用了 @ResponseBody 注解的时候才会生效,RequestBodyAdvice 在你使用了 @RequestBody 注解的时候才会生效
package org.jeecg.modules.auth.util;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Base64;
public class ThreeDESUtils {
/**
* 加解密统一编码方式
*/
private final static String ENCODING = "utf-8";
/**
* 加解密方式
*/
private final static String ALGORITHM = "DESede";
/**
*加密模式及填充方式
*/
private final static String PATTERN = "DESede/ECB/pkcs5padding";
/**
* 3DES加密
*
* @param plainText 普通文本
* @param sK 秘钥
* @return
* @throws Exception
*/
public static String encode(String plainText,String sK) throws Exception {
SecretKey secretKey = new SecretKeySpec(sK.getBytes(ENCODING), ALGORITHM);
// 3DES加密采用pkcs5padding填充
Cipher cipher = Cipher.getInstance(PATTERN);
// 用密匙初始化Cipher对象
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
// 执行加密操作
byte[] encryptData = cipher.doFinal(plainText.getBytes(ENCODING));
return Base64.getEncoder().encodeToString(encryptData);
}
/**
* 3DES解密
*
* @param encryptText 加密文本
* @return
* @throws Exception
*/
public static String decode(String encryptText, String sK) throws Exception {
SecretKey secretKey = new SecretKeySpec(sK.getBytes(ENCODING), ALGORITHM);
// 3DES加密采用pkcs5padding填充
Cipher cipher = Cipher.getInstance(PATTERN);
// 用密匙初始化Cipher对象
cipher.init(Cipher.DECRYPT_MODE, secretKey);
// 正式执行解密操作
byte[] decryptData = cipher.doFinal(Base64.getDecoder().decode(encryptText));
return new String(decryptData, ENCODING);
}
}
秘钥
package org.jeecg.modules.auth.config;
import lombok.Data;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
@Data
@Configuration
public class EncryptConfig {
@Value("${3DES.key}")
private String key;
}
/**
* 加密
*/
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface EncryptThreeDES {
}
/**
* 解密
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD,ElementType.PARAMETER})
public @interface DecryptThreeDES {
}
解密拦截器
package org.jeecg.modules.auth.intercept; import org.jeecg.modules.auth.annotation.DecryptThreeDES; import org.jeecg.modules.auth.config.EncryptConfig; import org.jeecg.modules.auth.util.ThreeDESUtils; import org.springframework.core.MethodParameter; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpInputMessage; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAdapter; import javax.annotation.Resource; import java.io.*; import java.lang.reflect.Type; import java.nio.charset.StandardCharsets; import java.util.stream.Collectors; @ControllerAdvice public class DecryptRequest extends RequestBodyAdviceAdapter { @Resource private EncryptConfig encryptConfig; @Override public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) { return methodParameter.hasMethodAnnotation(DecryptThreeDES.class) || methodParameter.hasParameterAnnotation(DecryptThreeDES.class); } @Override public HttpInputMessage beforeBodyRead(final HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) throws IOException { String result = new BufferedReader(new InputStreamReader(inputMessage.getBody())) .lines().collect(Collectors.joining("\n")); try { String decrypt = ThreeDESUtils.decode(result, encryptConfig.getKey()); final ByteArrayInputStream bais = new ByteArrayInputStream(decrypt.getBytes(StandardCharsets.UTF_8)); return new HttpInputMessage() { @Override public InputStream getBody() throws IOException { return bais; } @Override public HttpHeaders getHeaders() { return inputMessage.getHeaders(); } }; } catch (Exception e) { e.printStackTrace(); } return super.beforeBodyRead(inputMessage, parameter, targetType, converterType); } }
加密拦截器
package org.jeecg.modules.auth.intercept;
import com.alibaba.fastjson.JSONObject;
import org.jeecg.common.api.vo.Result;
import org.jeecg.modules.auth.annotation.EncryptThreeDES;
import org.jeecg.modules.auth.config.EncryptConfig;
import org.jeecg.modules.auth.util.ThreeDESUtils;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import javax.annotation.Resource;
@ControllerAdvice
public class EncryptResponse implements ResponseBodyAdvice<Result> {
@Resource
private EncryptConfig encryptConfig;
public EncryptResponse() {
super();
}
@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
return returnType.hasMethodAnnotation(EncryptThreeDES.class);
}
@Override
public Result beforeBodyWrite(Result body, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> aClass, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
String keyBytes = encryptConfig.getKey();
try {
if (body.getMessage()!=null) {
body.setMessage(ThreeDESUtils.encode(body.getMessage(),keyBytes));
}
if (body.getResult() != null) {
String jsonObject = JSONObject.toJSONString(body.getResult());
body.setResult(ThreeDESUtils.encode(jsonObject, keyBytes));
}
} catch (Exception e) {
e.printStackTrace();
}
return body;
}
}