5. 代码实现
https://gitee.com/springboot-hlh/spring-boot-csdn/tree/master/09-spring-boot-interface-crypto
5.1 项目结构
5.2 crypto-common
5.2.1 结构
5.3 crypto-spring-boot-starter
5.3.1 接口
5.3.2 重要代码
crypto.properties AES需要的参数配置
# 模式 cn.hutool.crypto.Mode crypto.mode=CTS # 补码方式 cn.hutool.crypto.Mode crypto.padding=PKCS5Padding # 秘钥 crypto.key=testkey123456789 # 盐 crypto.iv=testiv1234567890
spring.factories 自动配置文件
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ xyz.hlh.crypto.config.AppConfig
CryptConfig AES需要的配置参数
package xyz.hlh.crypto.config; import cn.hutool.crypto.Mode; import cn.hutool.crypto.Padding; import lombok.Data; import lombok.EqualsAndHashCode; import lombok.Getter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; import java.io.Serializable; /** * @author HLH * @description: AES需要的配置参数 * @email 17703595860@163.com * @date : Created in 2022/2/4 13:16 */ @Configuration @ConfigurationProperties(prefix = "crypto") @PropertySource("classpath:crypto.properties") @Data @EqualsAndHashCode @Getter public class CryptConfig implements Serializable { private Mode mode; private Padding padding; private String key; private String iv; }
AppConfig 自动配置类
package xyz.hlh.crypto.config; import cn.hutool.crypto.symmetric.AES; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.annotation.Resource; import java.nio.charset.StandardCharsets; /** * @author HLH * @description: 自动配置类 * @email 17703595860@163.com * @date : Created in 2022/2/4 13:12 */ @Configuration public class AppConfig { @Resource private CryptConfig cryptConfig; @Bean public AES aes() { return new AES(cryptConfig.getMode(), cryptConfig.getPadding(), cryptConfig.getKey().getBytes(StandardCharsets.UTF_8), cryptConfig.getIv().getBytes(StandardCharsets.UTF_8)); } }
DecryptRequestBodyAdvice 请求自动解密
package xyz.hlh.crypto.advice; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.SneakyThrows; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.MethodParameter; import org.springframework.http.HttpInputMessage; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.context.request.RequestAttributes; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice; import xyz.hlh.crypto.annotation.DecryptionAnnotation; import xyz.hlh.crypto.common.exception.ParamException; import xyz.hlh.crypto.constant.CryptoConstant; import xyz.hlh.crypto.entity.RequestBase; import xyz.hlh.crypto.entity.RequestData; import xyz.hlh.crypto.util.AESUtil; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import java.io.IOException; import java.lang.reflect.Type; /** * @author HLH * @description: requestBody 自动解密 * @email 17703595860@163.com * @date : Created in 2022/2/4 15:12 */ @ControllerAdvice public class DecryptRequestBodyAdvice implements RequestBodyAdvice { @Autowired private ObjectMapper objectMapper; /** * 方法上有DecryptionAnnotation注解的,进入此拦截器 * @param methodParameter 方法参数对象 * @param targetType 参数的类型 * @param converterType 消息转换器 * @return true,进入,false,跳过 */ @Override public boolean supports(MethodParameter methodParameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { return methodParameter.hasMethodAnnotation(DecryptionAnnotation.class); } @Override public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) throws IOException { return inputMessage; } /** * 转换之后,执行此方法,解密,赋值 * @param body spring解析完的参数 * @param inputMessage 输入参数 * @param parameter 参数对象 * @param targetType 参数类型 * @param converterType 消息转换类型 * @return 真实的参数 */ @SneakyThrows @Override public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { // 获取request RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes(); ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) requestAttributes; if (servletRequestAttributes == null) { throw new ParamException("request错误"); } HttpServletRequest request = servletRequestAttributes.getRequest(); // 获取数据 ServletInputStream inputStream = request.getInputStream(); RequestData requestData = objectMapper.readValue(inputStream, RequestData.class); if (requestData == null || StringUtils.isBlank(requestData.getText())) { throw new ParamException("参数错误"); } // 获取加密的数据 String text = requestData.getText(); // 放入解密之前的数据 request.setAttribute(CryptoConstant.INPUT_ORIGINAL_DATA, text); // 解密 String decryptText = null; try { decryptText = AESUtil.decrypt(text); } catch (Exception e) { throw new ParamException("解密失败"); } if (StringUtils.isBlank(decryptText)) { throw new ParamException("解密失败"); } // 放入解密之后的数据 request.setAttribute(CryptoConstant.INPUT_DECRYPT_DATA, decryptText); // 获取结果 Object result = objectMapper.readValue(decryptText, body.getClass()); // 强制所有实体类必须继承RequestBase类,设置时间戳 if (result instanceof RequestBase) { // 获取时间戳 Long currentTimeMillis = ((RequestBase) result).getCurrentTimeMillis(); // 有效期 60秒 long effective = 60*1000; // 时间差 long expire = System.currentTimeMillis() - currentTimeMillis; // 是否在有效期内 if (Math.abs(expire) > effective) { throw new ParamException("时间戳不合法"); } // 返回解密之后的数据 return result; } else { throw new ParamException(String.format("请求参数类型:%s 未继承:%s", result.getClass().getName(), RequestBase.class.getName())); } } /** * 如果body为空,转为空对象 * @param body spring解析完的参数 * @param inputMessage 输入参数 * @param parameter 参数对象 * @param targetType 参数类型 * @param converterType 消息转换类型 * @return 真实的参数 */ @SneakyThrows @Override public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { String typeName = targetType.getTypeName(); Class<?> bodyClass = Class.forName(typeName); return bodyClass.newInstance(); } }
EncryptResponseBodyAdvice 相应自动加密
package xyz.hlh.crypto.advice; import cn.hutool.json.JSONUtil; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.SneakyThrows; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.MethodParameter; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.server.ServerHttpRequest; import org.springframework.http.server.ServerHttpResponse; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; import sun.reflect.generics.reflectiveObjects.ParameterizedTypeImpl; import xyz.hlh.crypto.annotation.EncryptionAnnotation; import xyz.hlh.crypto.common.entity.Result; import xyz.hlh.crypto.common.exception.CryptoException; import xyz.hlh.crypto.entity.RequestBase; import xyz.hlh.crypto.util.AESUtil; import java.lang.reflect.Type; /** * @author HLH * @description: * @email 17703595860@163.com * @date : Created in 2022/2/4 15:12 */ @ControllerAdvice public class EncryptResponseBodyAdvice implements ResponseBodyAdvice<Result<?>> { @Autowired private ObjectMapper objectMapper; @Override public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) { ParameterizedTypeImpl genericParameterType = (ParameterizedTypeImpl)returnType.getGenericParameterType(); // 如果直接是Result,则返回 if (genericParameterType.getRawType() == Result.class && returnType.hasMethodAnnotation(EncryptionAnnotation.class)) { return true; } if (genericParameterType.getRawType() != ResponseEntity.class) { return false; } // 如果是ResponseEntity<Result> for (Type type : genericParameterType.getActualTypeArguments()) { if (((ParameterizedTypeImpl) type).getRawType() == Result.class && returnType.hasMethodAnnotation(EncryptionAnnotation.class)) { return true; } } return false; } @SneakyThrows @Override public Result<?> beforeBodyWrite(Result<?> body, MethodParameter returnType, MediaType selectedContentType, Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) { // 加密 Object data = body.getData(); // 如果data为空,直接返回 if (data == null) { return body; } // 如果是实体,并且继承了Request,则放入时间戳 if (data instanceof RequestBase) { ((RequestBase)data).setCurrentTimeMillis(System.currentTimeMillis()); } String dataText = JSONUtil.toJsonStr(data); // 如果data为空,直接返回 if (StringUtils.isBlank(dataText)) { return body; } // 如果位数小于16,报错 if (dataText.length() < 16) { throw new CryptoException("加密失败,数据小于16位"); } String encryptText = AESUtil.encryptHex(dataText); return Result.builder() .status(body.getStatus()) .data(encryptText) .message(body.getMessage()) .build(); } }
5.4 crypto-test
5.4.1 结构
5.4.2 重要代码
application.yml 配置文件
spring: mvc: format: date-time: yyyy-MM-dd HH:mm:ss date: yyyy-MM-dd # 日期格式化 jackson: date-format: yyyy-MM-dd HH:mm:ss
Teacher 实体类
package xyz.hlh.crypto.entity; import lombok.AllArgsConstructor; import lombok.Data; import lombok.EqualsAndHashCode; import lombok.NoArgsConstructor; import org.hibernate.validator.constraints.Range; import javax.validation.constraints.NotBlank; import javax.validation.constraints.NotNull; import java.io.Serializable; import java.util.Date; /** * @author HLH * @description: Teacher实体类,使用SpringBoot的validation校验 * @email 17703595860@163.com * @date : Created in 2022/2/4 10:21 */ @Data @NoArgsConstructor @AllArgsConstructor @EqualsAndHashCode(callSuper = true) public class Teacher extends RequestBase implements Serializable { @NotBlank(message = "姓名不能为空") private String name; @NotNull(message = "年龄不能为空") @Range(min = 0, max = 150, message = "年龄不合法") private Integer age; @NotNull(message = "生日不能为空") private Date birthday; }
TestController 测试Controller
package xyz.hlh.crypto.controller; import org.springframework.http.ResponseEntity; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import xyz.hlh.crypto.annotation.DecryptionAnnotation; import xyz.hlh.crypto.annotation.EncryptionAnnotation; import xyz.hlh.crypto.common.entity.Result; import xyz.hlh.crypto.common.entity.ResultBuilder; import xyz.hlh.crypto.entity.Teacher; /** * @author HLH * @description: 测试Controller * @email 17703595860@163.com * @date : Created in 2022/2/4 9:16 */ @RestController public class TestController implements ResultBuilder { /** * 直接返回对象,不加密 * @param teacher Teacher对象 * @return 不加密的对象 */ @PostMapping("/get") public ResponseEntity<Result<?>> get(@Validated @RequestBody Teacher teacher) { return success(teacher); } /** * 返回加密后的数据 * @param teacher Teacher对象 * @return 返回加密后的数据 ResponseBody<Result>格式 */ @PostMapping("/encrypt") @EncryptionAnnotation public ResponseEntity<Result<?>> encrypt(@Validated @RequestBody Teacher teacher) { return success(teacher); } /** * 返回加密后的数据 * @param teacher Teacher对象 * @return 返回加密后的数据 Result格式 */ @PostMapping("/encrypt1") @EncryptionAnnotation public Result<?> encrypt1(@Validated @RequestBody Teacher teacher) { return success(teacher).getBody(); } /** * 返回解密后的数据 * @param teacher Teacher对象 * @return 返回解密后的数据 */ @PostMapping("/decrypt") @DecryptionAnnotation public ResponseEntity<Result<?>> decrypt(@Validated @RequestBody Teacher teacher) { return success(teacher); } }
