1.使用jackson 脱敏
1..先写一个注解
import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import org.springblade.common.enums.SensitiveTypeEnum;
import org.springblade.common.utils.SensitiveSerialize;
import java.lang.annotation.*;
@Target({ElementType.FIELD,ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@JacksonAnnotationsInside
@JsonSerialize(using = SensitiveSerialize.class)
public @interface SensitiveData {
/**
* 脱敏类型
* @return
*/
SensitiveTypeEnum type();
}
2.创建一个SensitiveSerialize类,指定序列号的时,使用的脱敏的实现类
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.BeanProperty;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.ser.ContextualSerializer;
import org.springblade.common.annotation.SensitiveData;
import org.springblade.common.enums.SensitiveTypeEnum;
import java.io.IOException;
import java.util.Objects;
public class SensitiveSerialize extends JsonSerializer<String> implements ContextualSerializer {
/**
* 脱敏类型
*/
private SensitiveTypeEnum type;
@Override
public void serialize(String s, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
jsonGenerator.writeString(type.maskSensitiveData(s));
}
@Override
public JsonSerializer<?> createContextual(SerializerProvider serializerProvider, BeanProperty beanProperty) throws JsonMappingException {
// 为空直接跳过
if (beanProperty != null) {
// 非 String 类直接跳过
if (Objects.equals(beanProperty.getType().getRawClass(), String.class)) {
SensitiveData sensitiveWrapped = beanProperty.getAnnotation(SensitiveData.class);
if (sensitiveWrapped == null) {
sensitiveWrapped = beanProperty.getContextAnnotation(SensitiveData.class);
}
if (sensitiveWrapped != null) {
// 如果能得到注解,就将注解的 value 传入 SensitiveSerialize
return new SensitiveSerialize(sensitiveWrapped.type());
}
}
return serializerProvider.findValueSerializer(beanProperty.getType(), beanProperty);
}
return serializerProvider.findNullValueSerializer(beanProperty);
}
public SensitiveSerialize() {
}
public SensitiveSerialize(SensitiveTypeEnum type) {
this.type = type;
}
3.创建一个枚举类
import cn.hutool.core.util.DesensitizedUtil;
import lombok.Getter;
import org.springblade.modules.desensitization.service.CustomMaskService;
public enum SensitiveTypeEnum {
MOBILE("mobile", "手机号") {
@Override
public String maskSensitiveData(String data) {
// 手机号前3位后4位脱敏,中间部分加*处理,比如:138****5678
return DesensitizedUtil.mobilePhone(data);
}
},
IDENTIFY("identify", "身份证号") {
@Override
public String maskSensitiveData(String data) {
// 身份证前3位后4位脱敏,中间部分加*处理,比如:110***********3706
return DesensitizedUtil.idCardNum(data, 3, 4);
}
},
BANKCARD("bankcard", "银行卡号") {
@Override
public String maskSensitiveData(String data) {
// 银行卡号前4位后4位脱敏,中间部分加*处理,比如:6225 **** **** *** 0845
return DesensitizedUtil.bankCard(data);
}
},
EMAIL("email", "邮箱") {
@Override
public String maskSensitiveData(String data) {
// 邮箱@符号后明文显示,@符号前的字符串,只显示第一个字符,其余加*处理,比如:z***********@test.com
return DesensitizedUtil.email(data);
}
},
DEFAULT("default", "默认") {
@Override
public String maskSensitiveData(String data) {
// 默认原值返回,其他这个也没啥意义^_^
return data;
}
},
CUSTOM("custom", "自定义") {
@Override
public String maskSensitiveData(String data, CustomMaskService customMaskService) {
// 可以自定义处理的service,根据实际使用情况可能需要添加参数,调整一下即可
return customMaskService.maskData(data);
}
};
@Getter
private String type;
@Getter
private String desc;
SensitiveTypeEnum(String type, String desc) {
this.type = type;
this.desc = desc;
}
/**
* 遮挡敏感数据
*
* @param data
* @return
*/
public String maskSensitiveData(String data) {
return data;
}
public String maskSensitiveData(String data, CustomMaskService customMaskService) {
return null;
}
}
4.在需要脱敏的实体类添加注解就好了
@ApiModelProperty(value = "负责人身份证号", example = "") @SensitiveData(type = IDENTIFY) private String principalIdCard;