经常遇到安全检查,检查代码里是否包含了密码等信息,而在系统工程的yml里往往需要配置链接数据库、redis等的密码信息,这时候需要加密处理。
一、引入jar包
<!--swagger增加账号和密码-->
<dependency>
<groupId>com.github.xiaoymin</groupId>
<artifactId>swagger-bootstrap-ui</artifactId>
<version>1.9.6</version>
</dependency>
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
二、工具类生成加密后密码
JasyptStringConfig文件
package XXX;
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class JasyptStringConfig {
@Bean("jasyptStringEncryptor")
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("cRpveO6vVOBrLd0ZKqz4u5iZQNkg1TvN");
config.setAlgorithm("PBEWithMD5AndDES");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setIvGeneratorClassName("org.jasypt.salt.NoOpIVGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
}
加解密工具类JasyptUtil
package XXXX;
import XXX.JasyptStringConfig;
public class JasyptUtil {
//加密方法
public static String encrypt (String encryptStr){
JasyptStringConfig jasyptStringConfig = new JasyptStringConfig();
return jasyptStringConfig.stringEncryptor().encrypt(encryptStr);
}
//解密方法
public static String decrypt (String decryptStr){
JasyptStringConfig jasyptStringConfig = new JasyptStringConfig();
return jasyptStringConfig.stringEncryptor().decrypt(decryptStr);
}
public static void main(String[] args) {
String aaa=encrypt("cesi");
System.out.print("加密密文为"+aaa);
String bbb=decrypt(aaa);
System.out.print("解密报文为"+bbb);
}
}
三、swagger配置
配置文件为SwaggerConfig,重点增加上@EnableSwaggerBootstrapUI标签
package XXX;
import com.github.xiaoymin.swaggerbootstrapui.annotations.EnableSwaggerBootstrapUI;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import springfox.documentation.builders.ParameterBuilder;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.schema.ModelRef;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Parameter;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
import java.util.List;
@Profile({"dev", "test", "uat", "pro", "exp"})
@Configuration
@EnableSwagger2
@EnableSwaggerBootstrapUI
public class SwaggerConfig {
//略
}
四、yml配置
application.yml文件
server:
port: 8082
spring:
application:
name: xxx
profiles:
active:
- dev
swagger:
production: false
basic:
# 开启身份认证功能
enable: true
username: BZCS(UbvpnKhcla7Rxa7NV1sGog==)
password: BZCS(DHwR/QUVTE3CTxMSxkdFrCXPOOO4rP6E)
application-dev.yml文件中增加如下段落
jasypt:
encryptor:
property:
prefix: BZCS(
suffix: )
五、显示效果,输入自定义的账号和密码,即可实现登录显示swagger信息