Переглянути джерело

feat(口腔医院): 加密

matianxiang 2 місяців тому
батько
коміт
0bb4000311

+ 23 - 29
eitc-common/src/main/java/com/eitc/common/filter/CustomResponseBodyAdviceAdapter.java

@@ -1,60 +1,54 @@
1 1
 package com.eitc.common.filter;
2 2
 
3 3
 import com.alibaba.fastjson2.JSON;
4
+import com.eitc.common.annotation.IgnoreReturnResultEncryption;
4 5
 import com.eitc.common.core.domain.AjaxResult;
5 6
 import com.eitc.common.core.page.TableDataInfo;
6 7
 import com.eitc.common.utils.CryptoUtil;
8
+import lombok.extern.slf4j.Slf4j;
7 9
 import org.springframework.core.MethodParameter;
8 10
 import org.springframework.http.MediaType;
9
-import org.springframework.http.ResponseEntity;
10 11
 import org.springframework.http.server.ServerHttpRequest;
11 12
 import org.springframework.http.server.ServerHttpResponse;
12 13
 import org.springframework.web.bind.annotation.ControllerAdvice;
13 14
 import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
14 15
 
15
-import java.util.Map;
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
16
+import java.lang.reflect.Method;
17
+import java.util.Objects;
24 18
 
25 19
 
26 20
 @ControllerAdvice
21
+@Slf4j
27 22
 public class CustomResponseBodyAdviceAdapter implements ResponseBodyAdvice<Object> {
28 23
 
29 24
     @Override
30 25
     public boolean supports(MethodParameter returnType, Class converterType) {
31
-        // 这里可以根据需要判断是否需要拦截,例如只拦截特定的Controller的方法
32
-        return true;
26
+        Method method = returnType.getMethod();
27
+        assert method != null;
28
+        IgnoreReturnResultEncryption ra = method.getAnnotation(IgnoreReturnResultEncryption.class);
29
+        return Objects.isNull(ra);
33 30
     }
34 31
 
35 32
     @Override
36 33
     public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
37 34
                                   Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
38
-        // 这里可以对body进行处理,比如添加公共字段,或者修改返回格式等
39
-        if (body instanceof String) {
40
-            return "Custom: " + body;
41
-        } else if (body instanceof ResponseEntity) {
42
-            ResponseEntity<?> responseEntity = (ResponseEntity<?>) body;
43
-            Object originalBody = responseEntity.getBody();
44
-            return ResponseEntity.ok("Custom: " + originalBody);
45
-        }else if (body instanceof AjaxResult) {
35
+        if (body instanceof AjaxResult) {
46 36
             AjaxResult ajaxResult = (AjaxResult) body;
47
-//            String encrypt = CryptoUtil.encrypt(JSON.toJSONString(ajaxResult));
48
-//            AjaxResult ajaxResult2 = new AjaxResult(200, "success", encrypt);
49
-//            return ajaxResult2;
50
-            return ajaxResult;
51
-        }else if (body instanceof TableDataInfo){
37
+            try {
38
+                return CryptoUtil.encrypt(JSON.toJSONString(ajaxResult));
39
+            } catch (Exception e) {
40
+                log.error("AjaxResult加密失败:" + body, e);
41
+                return ajaxResult;
42
+            }
43
+        } else if (body instanceof TableDataInfo) {
52 44
             TableDataInfo tableDataInfo = (TableDataInfo) body;
53
-//            AjaxResult ajaxResult = new AjaxResult(200, "success", CryptoUtil.encrypt(JSON.toJSONString(tableDataInfo)));
54
-//            return ajaxResult;
55
-            return tableDataInfo;
45
+            try {
46
+                return CryptoUtil.encrypt(JSON.toJSONString(tableDataInfo));
47
+            } catch (Exception e) {
48
+                log.error("TableDataInfo加密失败:" + body, e);
49
+                return tableDataInfo;
50
+            }
56 51
         }
57
-        System.out.println(body);
58 52
         return body;
59 53
     }
60 54
 }

+ 35 - 119
eitc-common/src/main/java/com/eitc/common/filter/RepeatableFilter.java

@@ -1,12 +1,12 @@
1 1
 package com.eitc.common.filter;
2 2
 
3
-import com.alibaba.fastjson2.JSON;
3
+import com.alibaba.fastjson2.JSONArray;
4 4
 import com.alibaba.fastjson2.JSONObject;
5
-import com.alibaba.fastjson2.TypeReference;
6 5
 import com.eitc.common.config.ParameterRequestWrapper;
7 6
 import com.eitc.common.constant.HttpConst;
8 7
 import com.eitc.common.utils.CryptoUtil;
9 8
 import com.eitc.common.utils.StringUtils;
9
+import lombok.extern.slf4j.Slf4j;
10 10
 import org.springframework.http.MediaType;
11 11
 
12 12
 import javax.servlet.Filter;
@@ -20,25 +20,15 @@ import javax.servlet.http.HttpServletResponse;
20 20
 import java.io.ByteArrayOutputStream;
21 21
 import java.io.IOException;
22 22
 import java.nio.charset.StandardCharsets;
23
-import java.util.Arrays;
24
-import java.util.HashMap;
25
-import java.util.Map;
26 23
 import java.util.stream.Collectors;
27 24
 
28 25
 
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37 26
 /**
38 27
  * Repeatable 过滤器
39 28
  *
40 29
  * @author eitc
41 30
  */
31
+@Slf4j
42 32
 public class RepeatableFilter implements Filter {
43 33
 
44 34
     private static final String DECRYPT_PARAM_NAME = "decrypt";//请求参数包含的是否加密的字段
@@ -57,7 +47,7 @@ public class RepeatableFilter implements Filter {
57 47
         HttpServletResponse res = (HttpServletResponse) response;
58 48
         {
59 49
             String contentType = req.getContentType();//获取contentType请求头
60
-            if(StringUtils.isNotBlank(contentType)){
50
+            if (StringUtils.isNotBlank(contentType)) {
61 51
                 String method = req.getMethod();//获取请求方法  post/get
62 52
                 //2 处理post请求  只处理application/x-www-form-urlencoded  application/json,对于multipart/form-data,直接放行
63 53
                 if (method.trim().equalsIgnoreCase(HttpConst.POST_METHOD) || method.trim().equalsIgnoreCase(HttpConst.PUT_METHOD)) {
@@ -68,7 +58,7 @@ public class RepeatableFilter implements Filter {
68 58
                     //处理application/x-www-form-urlencoded
69 59
                     if (contentType.trim().toLowerCase().contains(HttpConst.FORM_URLENCODED_CONTENT_TYPE)) {
70 60
                         String decrypt = request.getParameter(DECRYPT_PARAM_NAME);
71
-                        if(decrypt==null||decrypt.trim().isEmpty()){
61
+                        if (decrypt == null || decrypt.trim().isEmpty()) {
72 62
                             chain.doFilter(request, response);
73 63
                             return;
74 64
                         }
@@ -78,25 +68,36 @@ public class RepeatableFilter implements Filter {
78 68
                     //处理application/json
79 69
                     if (contentType.trim().toLowerCase().contains(HttpConst.JSON_CONTENT_TYPE)) {
80 70
                         ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(req);
81
-    //                    String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
82
-    //                    // 解密
83
-    //                    String decrypt = CryptoUtil.decrypt(collect);
84
-    //                    System.out.println(decrypt);
85
-    //                    byte[] bytes = decrypt.getBytes(StandardCharsets.UTF_8);
86
-    //                    ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
87
-    //                    try {
88
-    //                        binaryStream.write(bytes);
89
-    //                        byte[] byteArray = binaryStream.toByteArray();
90
-    //                        requestWrapper.setInputStream(byteArray);
91
-    //                    } catch (IOException e) {
92
-    //                        e.printStackTrace();
93
-    //                    } finally {
94
-    //                        try {
95
-    //                            binaryStream.close();
96
-    //                        } catch (IOException e) {
97
-    //                            e.printStackTrace();
98
-    //                        }
99
-    //                    }
71
+                        try {
72
+                            String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
73
+                            // 解密
74
+                            String decrypt = CryptoUtil.decrypt(collect);
75
+                            String jsonString = null;
76
+                            try {
77
+                                JSONObject parseObject = JSONObject.parseObject(decrypt);
78
+                                jsonString = parseObject.toJSONString();
79
+                            } catch (Exception e) {
80
+                                JSONArray jsonArray = JSONArray.parseArray(decrypt);
81
+                                jsonString = jsonArray.toJSONString();
82
+                            }
83
+                            byte[] bytes = jsonString.getBytes(StandardCharsets.UTF_8);
84
+                            ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
85
+                            try {
86
+                                binaryStream.write(bytes);
87
+                                byte[] byteArray = binaryStream.toByteArray();
88
+                                requestWrapper.setInputStream(byteArray);
89
+                            } catch (IOException e) {
90
+                                e.printStackTrace();
91
+                            } finally {
92
+                                try {
93
+                                    binaryStream.close();
94
+                                } catch (IOException e) {
95
+                                    e.printStackTrace();
96
+                                }
97
+                            }
98
+                        } catch (Exception e) {
99
+                            log.error("解密失败:" + req.getContextPath(), e);
100
+                        }
100 101
                         chain.doFilter(requestWrapper, response);
101 102
                         return;
102 103
                     }
@@ -117,91 +118,6 @@ public class RepeatableFilter implements Filter {
117 118
         }
118 119
     }
119 120
 
120
-
121
-    /**
122
-     * 字符串解密
123
-     *
124
-     * @param value
125
-     * @return
126
-     */
127
-    public String decryptParam(String value, String decryptType) {
128
-        if (decryptType.trim().equalsIgnoreCase(DEFAULT_DECRYPT_TYPE)) {
129
-//            return AESCipher.decryptAES(value,AESCipher.KEY);
130
-            return "111";
131
-        } else {
132
-            return value + "+++";
133
-        }
134
-
135
-    }
136
-
137
-    /**
138
-     * 普通的post/get请求
139
-     *
140
-     * @param parameterMap
141
-     */
142
-    public Map<String, String[]> decryptParamForNormalRequest(Map<String, String[]> parameterMap, String decryptType) {
143
-        Map<String, String[]> decryptMap = new HashMap<>();
144
-        if (parameterMap == null || parameterMap.size() == 0) {
145
-            return decryptMap;
146
-        }
147
-        for (Map.Entry<String, String[]> entry : parameterMap.entrySet()) {
148
-            String key = entry.getKey();
149
-            if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
150
-                continue;
151
-            }
152
-            String[] value = entry.getValue();
153
-            //String decryptKey = decodeParam(key,decryptType);
154
-            String[] decryptValue = null;
155
-            if (value != null && value.length > 0) {
156
-                decryptValue = new String[value.length];
157
-                for (int i = 0; i < value.length; i++) {
158
-                    decryptValue[i] = decryptParam(value[i], decryptType);
159
-                }
160
-            }
161
-            decryptMap.put(key, decryptValue);
162
-        }
163
-        //打印用
164
-        StringBuffer printStr = new StringBuffer();
165
-        for (Map.Entry<String, String[]> entry1 : decryptMap.entrySet()) {
166
-            printStr.append(entry1.getKey()).append("=").append(Arrays.asList(entry1.getValue())).append("&");
167
-        }
168
-        System.out.println("ParamsFilter:发送的请求参数:" + JSON.toJSONString(printStr));
169
-        return decryptMap;
170
-    }
171
-
172
-    /**
173
-     * post的application/json请求
174
-     *
175
-     * @param body
176
-     */
177
-    public String decryptParamForPostJsonRequest(String body, String decryptType) {
178
-        String decryptBody = "{}";
179
-        if (body == null || body.trim().isEmpty() || body.trim().equalsIgnoreCase("{}") || !body.trim().contains(":")) {
180
-            return decryptBody;
181
-        }
182
-        Map<String, Object> map = JSON.parseObject(body, new TypeReference<Map<String, Object>>() {
183
-        });
184
-        if (map == null || map.size() == 0) {
185
-            return decryptBody;
186
-        }
187
-        Map<String, Object> decryptMap = new HashMap<>();
188
-        for (Map.Entry<String, Object> entry : map.entrySet()) {
189
-            String key = entry.getKey();
190
-            if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
191
-                continue;
192
-            }
193
-            Object value = entry.getValue();
194
-            String valueStr = String.valueOf(value);
195
-            if (valueStr == null || valueStr.trim().isEmpty() || valueStr.trim().equalsIgnoreCase("null")) {
196
-                valueStr = null;
197
-            }
198
-            decryptMap.put(key, decryptParam(valueStr, decryptType));
199
-        }
200
-        decryptBody = JSON.toJSONString(decryptMap);
201
-        System.out.println("ParamsFilter:发送的请求参数:" + decryptBody);
202
-        return decryptBody;
203
-    }
204
-
205 121
     @Override
206 122
     public void destroy() {
207 123
 

+ 2 - 1
eitc-patient-app/src/main/java/com/eitc/patient/controller/ApiAppController.java

@@ -7,6 +7,7 @@ import com.eitc.common.annotation.Log;
7 7
 import com.eitc.common.core.controller.BaseController;
8 8
 import com.eitc.common.core.domain.AjaxResult;
9 9
 import com.eitc.common.enums.BusinessType;
10
+import com.eitc.common.utils.CryptoUtil;
10 11
 import com.eitc.common.utils.InterfaceVerificationUtil;
11 12
 import com.eitc.patient.domain.AppUser;
12 13
 import com.eitc.patient.domain.ProtocolTemplate;
@@ -81,7 +82,7 @@ public class ApiAppController extends BaseController {
81 82
         String saSignStr = InterfaceVerificationUtil.getSaSignStr(new HashMap<>());
82 83
         String url = fileUrl + "api/sys/clinict/appGetClinictList?" + saSignStr;
83 84
         String object = restTemplate.getForObject(url, String.class);
84
-        return JSONObject.parseObject(object, AjaxResult.class);
85
+        return JSONObject.parseObject(CryptoUtil.decrypt(object), AjaxResult.class);
85 86
     }
86 87
 
87 88
     /**