title: ep_自定義注解實作加解密及脫敏
date: 2020-04-28 09:44
定義自定義注解
@Documented
@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
@Order(Ordered.HIGHEST_PRECEDENCE)
public @interface PrivateData {
}
@Documented
@Target({ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Order(Ordered.HIGHEST_PRECEDENCE)
public @interface PrivateDataMethod {
}
首先定義兩個自定義注解,privateData和privateDataMethod,分別將@Target屬性定義為FIELD和METHOD,
構造AOP邏輯
- 申明一個切入點
@Pointcut("@annotation(com.max.base.services.annotation.PrivateDataMethod)")
public void annotationPointCut() {
}
對所有添加@privateDataMethod注解的方法進行切入,
- 申明通知
@Around("annotationPointCut()")
public Object around(ProceedingJoinPoint joinPoint) {
Object responseObj = null;
try {
Object[] request = joinPoint.getArgs();
for (Object object : request) {
if (object instanceof Collection) {
Collection collection = (Collection) object;
collection.forEach(var -> {
try {
handleEncrypt(var);
} catch (IllegalAccessException e) {
e.printStackTrace();
}
});
} else {
handleEncrypt(object);
}
}
responseObj = joinPoint.proceed();
if (responseObj instanceof Collection) {
Collection collection = (Collection) responseObj;
collection.forEach(var -> {
try {
handleDecrypt(var);
} catch (IllegalAccessException e) {
e.printStackTrace();
}
});
} else {
handleDecrypt(responseObj);
}
} catch (Throwable throwable) {
throwable.printStackTrace();
log.error("SecureFieldAop 例外{}", throwable);
}
return responseObj;
}
申明Aroud通知,對于方法輸入輸出的物件進行判斷,如果是非集合物件則直接進行加解密操作,否則則拆分集合,逐一操作
- 處理加解密
/**
* 處理加密
* @param requestObj
*/
private void handleEncrypt(Object requestObj) throws IllegalAccessException {
if (Objects.isNull(requestObj)) {
return;
}
Field[] fields = requestObj.getClass().getDeclaredFields();
for (Field field : fields) {
boolean hasSecureField = field.isAnnotationPresent(PrivateData.class);
if (hasSecureField) {
Boolean accessible = field.isAccessible();
if (!accessible) {
field.setAccessible(true);
}
String plaintextValue = https://www.cnblogs.com/RickTu/p/(String) field.get(requestObj);
String encryptValue = AseUtil.encrypt(plaintextValue, secretKey);
field.set(requestObj, encryptValue);
if (!accessible) {
field.setAccessible(false);
}
}
}
}
通過反射獲取物件的Field串列,對于擁有@PrivateData注解的欄位執行encryptValue()方法并用加密后的字串覆寫原欄位,
解密邏輯與加密類似,不做贅述,
測驗
- 標識
insert()方法為需要加密的方法
public interface CmTenantMapper {
int deleteByPrimaryKey(Long id);
@PrivateDataMethod
int insert(CmTenant record);
int insertSelective(CmTenant record);
CmTenant selectByPrimaryKey(Long id);
int updateByPrimaryKeySelective(CmTenant record);
int updateByPrimaryKey(CmTenant record);
}
- 對傳入物件中需要加密的欄位添加注解
public class CmTenant {
private Long id;
private String tenantId;
@PrivateData
private String tenantName;
private String createBy;
private Date createDate;
private String updateBy;
private Date updateDate;
private String remarks;
private Byte delFlag;
//set get...
- 呼叫insert方法查看資料保存結果
傳入物件
{
"createBy": "可樂可不樂",
"delFlag": "NOTDELETE",
"remarks": "測驗加密",
"tenantId": "996",
"tenantName": "椅子團隊出品",
"updateBy": "可樂可不樂"
}
資料庫保存物件
- 解密測驗不做注釋,大家自行嘗試
脫敏邏輯
脫敏邏輯與加解密基本一致,需要注意的一點是脫敏的注解需要添加type型別
@Documented
@Target({ElementType.FIELD})
@Retention(RetentionPolicy.RUNTIME)
@Order(Ordered.HIGHEST_PRECEDENCE)
public @interface MaskingField {
MaskingTypeEnum type();
}
在MaskingTypeEnum中定義脫敏的分類
public enum MaskingTypeEnum {
/*身份證號碼*/
ID_CARD,
/*手機號碼*/
PHONE,
/*地址*/
ADDRESS,
/*姓名*/
NAME
}
在使用是MaskingTypeEnum時標識欄位的型別
@MaskingField(type = MaskingTypeEnum.NAME)
private String cpName;
后續~~bug~~功能大家自行研究, peace~
本文由博客一文多發平臺 OpenWrite 發布!
轉載請註明出處,本文鏈接:https://www.uj5u.com/houduan/508983.html
標籤:Java
上一篇:【Java面試】面試遇到寬泛的問題,這么回答就穩了,談談你對Redis的理解
下一篇:從華為離職了