使用filter对response内容进行加密
编写加密类(AES)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
/** * aes加密解密 */public class AesEncryptUtils { //参数分别代表 算法名称/加密模式/数据填充方式 private static String algorithmstr = "AES/ECB/PKCS5Padding"; public static String getAlgorithmstr() { return algorithmstr; } /** * 加密 * @param content 加密的字符串 * @param encryptKey key值 * @return * @throws Exception */ public static String encrypt(String content, String encryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); Cipher cipher = Cipher.getInstance(algorithmstr); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES")); byte[] b = cipher.doFinal(content.getBytes("utf-8")); return Base64.encodeBase64String(b); } /** * 解密 * @param encryptStr 解密的字符串 * @param decryptKey 解密的key值 * @return * @throws Exception */ public static String decrypt(String encryptStr, String decryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); Cipher cipher = Cipher.getInstance(algorithmstr); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES")); byte[] encryptBytes = Base64.decodeBase64(encryptStr); byte[] decryptBytes = cipher.doFinal(encryptBytes); return new String(decryptBytes); } public static void main(String[] args) throws Exception{ String str = "pp2bQLjabobRWp2T5Ro5/GlqWCigmkwHYnrOK11VZkTkIA2hSwnEi1sijfTV6Ozd/"; System.out.println(decrypt(str,"f8db034bda44rtkb")); }} |
编写Filter类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
/** * 过滤器拦截请求,实现加密解密功能 * * @Component 将此Filter交给Spring容器管理 * @WebFilter 通过WebFilter进行Filter声明,这样容器在进行部署的时候就会处理该Filter * */@Componentpublic class EncryptFilter implements Filter { Logger log = LoggerFactory.getLogger(this.getClass()); @Value("${admin.encrypt.excludeUrl}") private String ignoreStr; private String[] ignoreArr; @Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } /** * 有错误相应返回-44 * * @param response * @throws IOException */ private void getFailResponse(HttpServletResponse response) throws IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); PrintWriter out = null; out = response.getWriter();// out.write("{\n" +// " \"status\":"+ Constant.ENCRYPT_FAIL +",\n" +// " \"message\": null,\n" +// " \"data\": []\n" +// "}"); //加密后的错误消息 out.write("+D+JO8tuwkrNbxnTTLdqStifmQceT+LlYETnIG/JZKrbAn+gIiqIp3VbzBV1y6R8B7aY53VM2xHa7cY3Osbnqw=="); out.flush(); out.close(); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) { if(ignoreArr==null){ ignoreArr = ignoreStr.split(","); } HttpServletRequest HttpRequest=(HttpServletRequest)request; HttpServletResponse HttpResponse=(HttpServletResponse)response; boolean flag=isIgnore(HttpRequest,ignoreArr); if(flag) { try { chain.doFilter(HttpRequest, HttpResponse); } catch (IOException e) { e.printStackTrace(); } catch (ServletException e) { e.printStackTrace(); } }else{ try{ //响应处理 包装响应对象 res 并缓存响应数据 ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response); //执行业务逻辑 交给下一个过滤器或servlet处理 chain.doFilter(request, responseWrapper); byte[] resData = responseWrapper.getResponseData(); //设置响应内容格式,防止解析响应内容时出错// responseWrapper.setContentType("text/plain;charset=UTF-8"); //加密响应报文并响应 String encryptBASE64 = AesEncryptUtils.encrypt(new String(resData),Constant.ENCRYPT_STR); PrintWriter out = response.getWriter(); out.print(encryptBASE64); out.flush(); out.close(); }catch(Exception e){ try { getFailResponse((HttpServletResponse)response); } catch (IOException ioException) { ioException.printStackTrace(); } e.printStackTrace(); } }} @Override public void destroy() { // TODO Auto-generated method stub } /** * 哪些路径不处理 * @param request * @param strArr * @return */ public boolean isIgnore(HttpServletRequest request,String[] strArr) { String path=request.getRequestURI(); for(String ignore:strArr) { if(path.contains(ignore)) { return true; } } return false; }} |
下图是对应的application.properties中的配置
其中用到了两个工具类
RequestWrapper
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
/** * @Description: 请求包装类 * @Date: 2020/5/26 16:29 */public class RequestWrapper extends HttpServletRequestWrapper { private String requestBody = null; //请求体 private HttpServletRequest req = null; // private final byte[] body;//保存流的字节数组 private final Map<String, String> reqHeaders=new HashMap<>(); public RequestWrapper(HttpServletRequest request) throws IOException { super(request); this.req = request;// this.reqHeaders = new HashMap<String, String>();// String sessionStream = getRequestBodyStr(request);//读取流中的参数// body = sessionStream.getBytes(Charset.forName("UTF-8")); } public RequestWrapper(HttpServletRequest request, String requestBody) { super(request); this.requestBody = requestBody; this.req = request;// this.reqHeaders = request.get; } /** * @Description: 获取请求body * @Date: 2020/5/26 10:31 * @Param: [request] * @Return: java.lang.String */ public String getRequestBodyStr(final ServletRequest request) throws IOException { StringBuilder sb = new StringBuilder(); InputStream inputStream = null; BufferedReader reader = null; try { inputStream = cloneInputStream(request.getInputStream()); reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8"))); String line = ""; while ((line = reader.readLine()) != null) { sb.append(line); } } catch (IOException e) { e.printStackTrace(); } finally { if (inputStream != null) { inputStream.close(); } if (reader != null) { reader.close(); } } return sb.toString(); } /** * @Description: 复制输入流 * @Param: [inputStream] * @Return: java.io.InputStream */ public InputStream cloneInputStream(ServletInputStream inputStream) throws IOException { ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); byte[] buffer = new byte[1024]; int len; while ((len = inputStream.read(buffer)) > -1) { byteArrayOutputStream.write(buffer, 0, len); } byteArrayOutputStream.flush(); InputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray()); return byteArrayInputStream; } @Override public BufferedReader getReader() throws IOException { return new BufferedReader(new InputStreamReader(getInputStream())); } @Override public ServletInputStream getInputStream() throws IOException { final ByteArrayInputStream bais = new ByteArrayInputStream(requestBody.getBytes(req.getCharacterEncoding())); return new ServletInputStream() { @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } @Override public int read() throws IOException { return bais.read(); } }; } /** * 添加header的名称和值 * * @param name * @param value */ public void addHeader(String name, String value) { reqHeaders.put(name, value); } @Override public String getHeader(String name) {// log.info("getHeader --->{}", name); String headerValue = super.getHeader(name); if (reqHeaders.containsKey(name)) { headerValue = reqHeaders.get(name); } return headerValue; } /** * 得到headers的名称 */ @Override public Enumeration<String> getHeaderNames() { List<String> names = Collections.list(super.getHeaderNames()); for (String name : reqHeaders.keySet()) { names.add(name); } return Collections.enumeration(names); } @Override public Enumeration<String> getHeaders(String name) {// log.info("getHeaders name --->>>>>>{}", name); List<String> values = Collections.list(super.getHeaders(name));// log.info("getHeaders value --->>>>>>{}", values); if (reqHeaders.containsKey(name)) { values = Arrays.asList(reqHeaders.get(name)); } return Collections.enumeration(values); }} |
ResponseWrapper
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
/** * @Description: 响应包装类 * @Date: 2020/5/26 16:29 */public class ResponseWrapper extends HttpServletResponseWrapper { private ByteArrayOutputStream buffer = null; private ServletOutputStream out = null; private PrintWriter writer = null; public ResponseWrapper(HttpServletResponse response) throws IOException { super(response); buffer = new ByteArrayOutputStream();// 真正存储数据的流 out = new WapperedOutputStream(buffer); writer = new PrintWriter(new OutputStreamWriter(buffer,this.getCharacterEncoding())); } /** 重载父类获取outputstream的方法 */ @Override public ServletOutputStream getOutputStream() throws IOException { return out; } /** 重载父类获取writer的方法 */ @Override public PrintWriter getWriter() throws UnsupportedEncodingException { return writer; } /** 重载父类获取flushBuffer的方法 */ @Override public void flushBuffer() throws IOException { if (out != null) { out.flush(); } if (writer != null) { writer.flush(); } } @Override public void reset() { buffer.reset(); } /** 将out、writer中的数据强制输出到WapperedResponse的buffer里面,否则取不到数据 */ public byte[] getResponseData() throws IOException { flushBuffer(); return buffer.toByteArray(); } /** 内部类,对ServletOutputStream进行包装 */ private class WapperedOutputStream extends ServletOutputStream { private ByteArrayOutputStream bos = null; public WapperedOutputStream(ByteArrayOutputStream stream) throws IOException { bos = stream; } @Override public void write(int b) throws IOException { bos.write(b); } @Override public void write(byte[] b) throws IOException { bos.write(b, 0, b.length); } @Override public boolean isReady() { return false; } @Override public void setWriteListener(WriteListener writeListener) { } }} |
写配置类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
@Configurationpublic class WebConfiguration { @Autowired private EncryptFilter encryptFilter; @Bean public FilterRegistrationBean registFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(encryptFilter); registration.addUrlPatterns("/*"); registration.setName("EncryptFilter"); registration.setOrder(1);// registration.setEnabled(false); return registration; } //做跨域处理,跟这个filter没关系 @Bean public WebMvcConfigurer corsConfigurer() { return new WebMvcConfigurer() { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins("*") .allowCredentials(true) .allowedMethods("*") .allowedHeaders("*") .maxAge(3600); } }; }} |
Springboot数据加密传输
创建加解密注解注解
对于拦截路径上全部采用数据加解密处理,如果有部分接口不需要加解密处理的话,在方法上或者类上加上此注解即可不做加解密处理
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
package com.hars.common.infrastructure.validation.security;import java.lang.annotation.Documented;import java.lang.annotation.ElementType;import java.lang.annotation.Retention;import java.lang.annotation.RetentionPolicy;import java.lang.annotation.Target;/** * 加解密注解 * * @author Huangbigao * @date 2020/8/29 11:02 */@Documented@Target({ElementType.METHOD, ElementType.TYPE,})@Retention(RetentionPolicy.RUNTIME)public @interface CryptoDecryptionSecurity { /** * 是否加解密,默认加解密 * * @return */ boolean cryptoDecryption() default true; /** * 是否进行request 解密,默认进行解密 * * @return */ boolean requestDecryption() default true; /** * 是否对输出结果进行加密,默认进行加密 * * @return */ boolean responseCrypto() default true;} |
ps:注解使用
|
1
2
3
4
5
6
7
8
9
10
11
|
@CryptoDecryptionSecurity(responseCrypto = false)@ApiOperation(value = "微信公众号验证业务处理接口")@GetMapping(value = "/handle/{appid}", produces = "text/plain;charset=utf-8")public String authHandle(@PathVariable String appid, @RequestParam(name = "signature", required = false) String signature, @RequestParam(name = "timestamp", required = false) String timestamp, @RequestParam(name = "nonce", required = false) String nonce, @RequestParam(name = "echostr", required = false) String echostr, HttpServletRequest request) { return weChatMpService.authHandle(appid, signature, timestamp, nonce, echostr, request);} |
创建request解密类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
package com.hars.common.infrastructure.utils.filter;import com.alibaba.fastjson.JSON;import com.alibaba.fastjson.JSONObject;import com.alibaba.fastjson.TypeReference;import com.hars.common.infrastructure.utils.aes.AesUtil;import com.hars.common.infrastructure.utils.http.HttpContextUtil;import com.hars.common.infrastructure.utils.string.StringUtil;import java.io.ByteArrayInputStream;import java.io.IOException;import java.io.InputStream;import java.util.Collections;import java.util.Enumeration;import java.util.HashMap;import java.util.LinkedHashSet;import java.util.Map;import java.util.Set;import javax.servlet.ReadListener;import javax.servlet.ServletInputStream;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletRequestWrapper;import org.springframework.util.Assert;/** * @author Huangbigao * @date 2020/8/29 10:12 */public class DecryptionRequestUtil extends HttpServletRequestWrapper { private static final String APPLICATION_JSON = "application/json"; /** * 所有参数的Map集合 */ private Map<String, String[]> parameterMap; /** * 输入流 */ private InputStream inputStream; private final boolean valueValid = true; public DecryptionRequestUtil(HttpServletRequest request, String password) { super(request); String encrypt; String contentType = request.getHeader("Content-Type"); if (contentType != null && contentType.contains(APPLICATION_JSON)) { //json String bodyStr = HttpContextUtil.getBodyString(request); if (StringUtil.isBlank(bodyStr)){ return; } encrypt = (String) JSON.parseObject(bodyStr).get("encrypt"); } else { // url encrypt = request.getParameter("encrypt"); } String jsonData = AesUtil.decrypt(encrypt, password); if (StringUtil.isBlank(jsonData)){ return; } if (contentType != null && contentType.contains(APPLICATION_JSON)) { if (this.inputStream == null) { this.inputStream = new DecryptionInputStream(new ByteArrayInputStream(jsonData.getBytes())); } } parameterMap = buildParams(jsonData); } private Map<String, String[]> buildParams(String src) { Map<String, String[]> map = new HashMap<>(); Map<String, String> params = JSONObject.parseObject(src, new TypeReference<Map<String, String>>() { }); for (String key : params.keySet()) { map.put(key, new String[]{params.get(key)}); } return map; } @Override public String getParameter(String name) { String[] values = getParameterMap().get(name); if (valueValid){ if (values != null) { return (values.length > 0 ? values[0] : null); } return super.getParameter(name); }else { return (values.length > 0 ? values[0] : null); } } @Override public String[] getParameterValues(String name) { String[] values = getParameterMap().get(name); if (valueValid){ if (values != null) { return values; } return super.getParameterValues(name); }else { return values; } } @Override public Enumeration<String> getParameterNames() { Map<String, String[]> multipartParameters = getParameterMap(); if (valueValid){ if (multipartParameters.isEmpty()) { return super.getParameterNames(); } }else { if (multipartParameters.isEmpty()) { return null; } } Set<String> paramNames = new LinkedHashSet<>(); Enumeration<String> paramEnum = super.getParameterNames(); while (paramEnum.hasMoreElements()) { paramNames.add(paramEnum.nextElement()); } paramNames.addAll(multipartParameters.keySet()); return Collections.enumeration(paramNames); } @Override public Map<String, String[]> getParameterMap() { if (valueValid){ return parameterMap == null ? super.getParameterMap() : parameterMap; }else { return parameterMap == null ? new HashMap<>() : parameterMap; } } @Override public ServletInputStream getInputStream() throws IOException { if (valueValid){ return this.inputStream == null ? super.getInputStream() : (ServletInputStream) this.inputStream; }else { return this.inputStream == null ? null : (ServletInputStream) this.inputStream; } } /** * 自定义ServletInputStream */ private class DecryptionInputStream extends ServletInputStream { private final InputStream sourceStream; /** * Create a DelegatingServletInputStream for the given source stream. * * @param sourceStream the source stream (never {@code null}) */ public DecryptionInputStream(InputStream sourceStream) { Assert.notNull(sourceStream, "Source InputStream must not be null"); this.sourceStream = sourceStream; } @Override public int read() throws IOException { return this.sourceStream.read(); } @Override public void close() throws IOException { super.close(); this.sourceStream.close(); } @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } }} |
创建response加密类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
package com.hars.common.infrastructure.utils.filter;import java.io.ByteArrayOutputStream;import java.io.IOException;import javax.servlet.ServletOutputStream;import javax.servlet.WriteListener;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpServletResponseWrapper;/** * @author Huangbigao * @date 2020/8/29 13:11 */public class ResponseWrapperUtil extends HttpServletResponseWrapper { private ByteArrayOutputStream buffer; private ServletOutputStream out; public ResponseWrapperUtil(HttpServletResponse httpServletResponse) { super(httpServletResponse); buffer = new ByteArrayOutputStream(); out = new WrapperOutputStream(buffer); } @Override public ServletOutputStream getOutputStream() throws IOException { return out; } @Override public void flushBuffer() throws IOException { if (out != null) { out.flush(); } } public byte[] getContent() throws IOException { flushBuffer(); return buffer.toByteArray(); } private static class WrapperOutputStream extends ServletOutputStream { private ByteArrayOutputStream bos; WrapperOutputStream(ByteArrayOutputStream bos) { this.bos = bos; } @Override public void write(int b) throws IOException { bos.write(b); } @Override public boolean isReady() { // TODO Auto-generated method stub return false; } @Override public void setWriteListener(WriteListener arg0) { // TODO Auto-generated method stub } }} |
创建AES加密工具类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
package com.hars.common.infrastructure.utils.aes;import com.hars.common.infrastructure.utils.string.StringUtil;import java.nio.charset.StandardCharsets;import java.util.Base64;import javax.crypto.Cipher;import javax.crypto.spec.SecretKeySpec;import lombok.extern.slf4j.Slf4j;/** * AES 加解密 工具类 * * @author Huangbigao * @date 2020/8/28 15:17 */@Slf4jpublic class AesUtil { /** * AES解密 * * @param content 密文 * @param password 秘钥,必须为16个字符组成 * @return 明文 */ public static String decrypt(String content, String password) { try { if (StringUtil.isBlank(content) || StringUtil.isBlank(password)) { return null; } byte[] encryptByte = Base64.getDecoder().decode(content); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(password.getBytes(), "AES")); byte[] decryptBytes = cipher.doFinal(encryptByte); return new String(decryptBytes); } catch (Exception e) { log.error(e.getMessage(), e); return null; } } /** * AES加密 * * @param content 明文 * @param password 秘钥,必须为16个字符组成 * @return 密文 */ public static String encrypt(String content, String password) { try { if (StringUtil.isBlank(content) || StringUtil.isBlank(password)) { return null; } Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(password.getBytes(), "AES")); byte[] encryptStr = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)); return Base64.getEncoder().encodeToString(encryptStr); } catch (Exception e) { log.error(e.getMessage(), e); return null; } } |
创建加解密Filter类
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
package com.hars.user.infrastructure.filter;import com.alibaba.fastjson.JSON;import com.hars.common.infrastructure.utils.aes.AesUtil;import com.hars.common.infrastructure.utils.filter.DecryptionRequestUtil;import com.hars.common.infrastructure.utils.filter.ResponseWrapperUtil;import com.hars.common.infrastructure.validation.security.CryptoDecryptionSecurity;import com.hars.result.infrastructure.advice.Response;import java.io.IOException;import java.util.ArrayList;import java.util.List;import java.util.Map;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.ServletException;import javax.servlet.ServletOutputStream;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.springframework.beans.factory.BeanFactoryUtils;import org.springframework.context.ApplicationContext;import org.springframework.core.annotation.AnnotationAwareOrderComparator;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.HandlerExecutionChain;import org.springframework.web.servlet.HandlerMapping;/** * @author Huangbigao * @date 2020/8/28 16:26 */public class CryptoDecryptionFilter implements Filter { //方法映射集 private List<HandlerMapping> handlerMappings; public CryptoDecryptionFilter(ApplicationContext applicationContext) { Map<String, HandlerMapping> matchingBeans = BeanFactoryUtils.beansOfTypeIncludingAncestors(applicationContext, HandlerMapping.class, true, false); if (!matchingBeans.isEmpty()) { this.handlerMappings = new ArrayList<>(matchingBeans.values()); AnnotationAwareOrderComparator.sort(this.handlerMappings); } } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; //判断方法上是否存在注解,如果不存在,默认加解密 //类上的注解 CryptoDecryptionSecurity classFlag = null; //方法上的注解 CryptoDecryptionSecurity methodFlag = null; try { HandlerExecutionChain handlerExecutionChain = getHandler(httpServletRequest); Object handler = handlerExecutionChain != null ? handlerExecutionChain.getHandler() : null; if (handler instanceof HandlerMethod) { HandlerMethod method = (HandlerMethod) handler; classFlag = method.getBeanType().getAnnotation(CryptoDecryptionSecurity.class); methodFlag = method.getMethodAnnotation(CryptoDecryptionSecurity.class); //如果方法注解存在,且不加密,则直接返回 if (methodFlag != null && !methodFlag.cryptoDecryption()) { chain.doFilter(request, response); return; } //如果类注解存在,且不加密,则直接返回 if (classFlag != null && !classFlag.cryptoDecryption()) { chain.doFilter(request, response); return; } } } catch (Exception e) { response.setContentType("application/json; charset=UTF-8"); response.getWriter().write(JSON.toJSONString(Response.error("该请求无效", 601))); return; } CryptoDecryptionSecurity currentFlag = null; if (methodFlag != null) { currentFlag = methodFlag; } else if (classFlag != null) { currentFlag = classFlag; } //加解密密码 String password = "Hbg584782648!@hb"; ResponseWrapperUtil responseWrapper = null; //加解密处理 if (currentFlag == null || (currentFlag.requestDecryption() && currentFlag.responseCrypto())) { ServletRequest requestWrapper = new DecryptionRequestUtil(httpServletRequest, password); responseWrapper = new ResponseWrapperUtil(httpServletResponse); chain.doFilter(requestWrapper, responseWrapper); } else if (currentFlag.requestDecryption() && !currentFlag.responseCrypto()) { ServletRequest requestWrapper = new DecryptionRequestUtil(httpServletRequest, password); chain.doFilter(requestWrapper, response); } else if (!currentFlag.requestDecryption() && currentFlag.responseCrypto()) { responseWrapper = new ResponseWrapperUtil(httpServletResponse); chain.doFilter(request, responseWrapper); } else { chain.doFilter(request, response); } if (responseWrapper != null) { byte[] content = responseWrapper.getContent();//获取返回值 //判断是否有值 if (content.length > 0) { String result = new String(content, "UTF-8"); //加密 String encryptStr = AesUtil.encrypt(result, password); //把返回值输出到客户端 ServletOutputStream out = response.getOutputStream(); out.write(encryptStr.getBytes()); out.flush(); } } } /** * 获取访问目标方法 * * @param request * @return HandlerExecutionChain * @throws Exception */ private HandlerExecutionChain getHandler(HttpServletRequest request) throws Exception { if (this.handlerMappings != null) { for (HandlerMapping hm : this.handlerMappings) { HandlerExecutionChain handler = hm.getHandler(request); if (handler != null) { return handler; } } } return null; }} |
定义过滤器的拦截路径
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
@Autowiredprivate ApplicationContext applicationContext;/** * 添加加解密过滤器 * * @return */@Beanpublic FilterRegistrationBean encryptionDataFilterRegistration() { FilterRegistrationBean<CryptoDecryptionFilter> registration = new FilterRegistrationBean<>(); registration.setFilter(new CryptoDecryptionFilter(applicationContext)); registration.addUrlPatterns("/*"); registration.setName("cryptoDecryptionFilter"); registration.setOrder(2); return registration;} |
以上为个人经验,希望能给大家一个参考,也希望大家多多支持服务器之家。
原文链接:https://blog.csdn.net/temp_44/article/details/107762290
