1. 引入依赖
<!--yml配置密码加密展示-->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
2.创建配置类
package com.admin.common.config;
import com.alilitech.datasource.routing.encrypt.resolver.EncryptPropertyResolver;
import com.admin.common.constants.ActionConstants;
import com.admin.common.utils.JasyptUtils;
import com.admin.common.utils.KmsUtil;
import com.ulisesbocchio.jasyptspringboot.EncryptablePropertyResolver;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.stereotype.Component;
/**
* @author rc yml文件重要配置解码
*/
@Configuration
@Slf4j
@Component
public class EncryptionPropertyConfig implements EncryptPropertyResolver {
@Bean(name="encryptablePropertyResolver")
public EncryptablePropertyResolver encryptablePropertyResolver() {
return new EncryptionPropertyResolver();
}
@Override
public boolean supportResolve(String key, String value) {
// 值以DES@开头的均为DES加密,需要解密
if(value.startsWith("RC@")) {
return true;
}
if(value.startsWith("GOWIN@")) {
return true;
}
return false;
}
@Override
public String resolve(String value) {
// 值以DES@开头的均为DES加密,需要解密
if(value.startsWith("RC@")) {
String tmpVal = JasyptUtils.decyptPwd(ActionConstants.JASYPT_ENCRYPTOR_PWD,value.substring(3));
return tmpVal;
}
if(value.startsWith("GO@")) {
String substring = value.substring(6);
String tmpVal = KmsUtil.decrypt(KmsUtil.GOWINDBSTR,substring);
return tmpVal;
}
return value;
}
class EncryptionPropertyResolver implements EncryptablePropertyResolver {
@Override
public String resolvePropertyValue(String value) {
if(StringUtils.isBlank(value)) {
return value;
}
// 值以DES@开头的均为DES加密,需要解密
if(value.startsWith("RC@")) {
String tmpVal = resolveDESValue(value.substring(3));
return tmpVal;
}
if(value.startsWith("GO@")) {
String substring = value.substring(6);
String tmpVal = KmsUtil.decrypt(KmsUtil.GOWINDBSTR,substring);
return tmpVal;
}
// 不需要解密的值直接返回
return value;
}
private String resolveDESValue(String value) {
// 自定义DES密文解密
return JasyptUtils.decyptPwd(ActionConstants.JASYPT_ENCRYPTOR_PWD,value);
}
}
}
3.配置文件编写
spring:
datasource:
url: jdbc:mysql://172.0.0.1:3306/test?characterEncoding=utf-8&allowMultiQueries=true&useSSL=false&serverTimezone=GMT%2b8:00&useInformationSchema=true
username: root
password: RC@2NSWKlzpHuWi96LjKdRglg==
mail:
default-encoding: utf-8
host: mail.baidu.com
protocol: smtp
username: test
from: test@sp.test.com
password: GO@dsfadsgdgf/dgsdgsd==
properties:
mail:
smtp:
socketFactory:
class: javax.net.ssl.SSLSocketFactory
4.启动类配置 (可以不用)
@SpringBootApplication
// 入口类添加该注解,开启属性自动解密功能
@EnableEncryptableProperties
public class DemoSpringBootApplication {
// 注册这两个bean
@Bean(name = "encryptablePropertyDetector")
public EncryptablePropertyDetector encryptablePropertyDetector() {
return new MyEncryptablePropertyDetector();
}
@Bean(name = "encryptablePropertyResolver")
public EncryptablePropertyResolver encryptablePropertyResolver() {
return new MyEncryptablePropertyResolver();
}
}