接口加密

eitc-common/pom.xml

@@ -181,7 +181,10 @@
             <groupId>cn.hutool</groupId>
             <artifactId>hutool-all</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-webmvc</artifactId>
+        </dependency>
     </dependencies>
 
 </project>

eitc-common/src/main/java/com/eitc/common/config/ParameterRequestWrapper.java

@@ -0,0 +1,118 @@
+package com.eitc.common.config;
+
+import org.springframework.util.StreamUtils;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.HashMap;
+import java.util.Map;
+
+
+
+
+
+
+
+
+
+
+public class ParameterRequestWrapper  extends HttpServletRequestWrapper {
+    private Map<String , String[]> params = new HashMap<String, String[]>();
+    /**
+     * 缓存下来的HTTP body
+     */
+    private byte[] body;
+
+
+    @SuppressWarnings("unchecked")
+    public ParameterRequestWrapper(HttpServletRequest request) throws IOException {
+        // 将request交给父类，以便于调用对应方法的时候，将其输出，其实父亲类的实现方式和第一种new的方式类似
+        super(request);
+        //将参数表，赋予给当前的Map以便于持有request中的参数
+        this.params.putAll(request.getParameterMap());
+        //将参数表，赋予给当前的Map以便于持有request中的参数
+        this.body = StreamUtils.copyToByteArray(request.getInputStream());
+    }
+    //重载一个构造方法
+    public ParameterRequestWrapper(HttpServletRequest request , Map<String , Object> extendParams) throws IOException {
+        this(request);
+        addAllParameters(extendParams);//这里将扩展参数写入参数表
+    }
+
+
+    public void addAllParameters(Map<String , Object>otherParams) {//增加多个参数
+        for(Map.Entry<String , Object>entry : otherParams.entrySet()) {
+            addParameter(entry.getKey() , entry.getValue());
+        }
+    }
+
+
+    public void addParameter(String name , Object value) {//增加参数
+        if(value != null) {
+            if(value instanceof String[]) {
+                this.params.put(name , (String[])value);
+            }else if(value instanceof String) {
+                this.params.put(name , new String[] {(String)value});
+            }else {
+                this.params.put(name , new String[] {String.valueOf(value)});
+            }
+        }
+    }
+
+
+
+
+    /**
+     * 重新包装输入流
+     * @return
+     * @throws IOException
+     */
+    @Override
+    public ServletInputStream getInputStream() throws IOException {
+        InputStream bodyStream = new ByteArrayInputStream(body);
+        return new ServletInputStream() {
+
+            @Override
+            public int read() throws IOException {
+                return bodyStream.read();
+            }
+
+            /**
+             * 下面的方法一般情况下不会被使用，如果你引入了一些需要使用ServletInputStream的外部组件，可以重点关注一下。
+             * @return
+             */
+            @Override
+            public boolean isFinished() {
+                return false;
+            }
+
+            @Override
+            public boolean isReady() {
+                return true;
+            }
+
+            @Override
+            public void setReadListener(ReadListener readListener) {
+
+            }
+        };
+    }
+
+    @Override
+    public BufferedReader getReader() throws IOException {
+        return new BufferedReader(new InputStreamReader(getInputStream()));
+    }
+
+    public void setInputStream( byte[] in) {
+        this.body = in;
+    }
+
+
+}

eitc-common/src/main/java/com/eitc/common/constant/HttpConst.java

@@ -0,0 +1,21 @@
+package com.eitc.common.constant;
+
+public class HttpConst {
+    /**
+     * 几种常见的Content-Type
+     */
+    public static final String FORM_URLENCODED_CONTENT_TYPE ="application/x-www-form-urlencoded";
+
+    public static final String JSON_CONTENT_TYPE = "application/json";
+
+    public static final String MULTIPART_CONTENT_TYPE = "multipart/form-data";
+    /**
+     * 常见的post/get请求方式
+     */
+    public static final String POST_METHOD = "post";
+
+    public static final String GET_METHOD = "GET";
+
+    public static final String OPTIONS_METHOD = "options";
+
+}

eitc-common/src/main/java/com/eitc/common/core/domain/AjaxResult.java

@@ -2,7 +2,10 @@ package com.eitc.common.core.domain;
 
 import java.util.HashMap;
 import java.util.Objects;
+
+import com.alibaba.fastjson2.JSON;
 import com.eitc.common.constant.HttpStatus;
+import com.eitc.common.utils.CryptoUtil;
 import com.eitc.common.utils.StringUtils;
 
 /**
@@ -55,7 +58,7 @@ public class AjaxResult extends HashMap<String, Object>
         super.put(MSG_TAG, msg);
         if (StringUtils.isNotNull(data))
         {
-            super.put(DATA_TAG, data);
+            super.put(DATA_TAG,  data);
         }
     }
 

eitc-common/src/main/java/com/eitc/common/filter/CustomResponseBodyAdviceAdapter.java

@@ -0,0 +1,60 @@
+package com.eitc.common.filter;
+
+import com.alibaba.fastjson2.JSON;
+import com.eitc.common.core.domain.AjaxResult;
+import com.eitc.common.core.page.TableDataInfo;
+import com.eitc.common.utils.CryptoUtil;
+import org.springframework.core.MethodParameter;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.http.server.ServerHttpRequest;
+import org.springframework.http.server.ServerHttpResponse;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
+
+import java.util.Map;
+
+
+
+
+
+
+
+
+
+
+@ControllerAdvice
+public class CustomResponseBodyAdviceAdapter implements ResponseBodyAdvice<Object> {
+
+    @Override
+    public boolean supports(MethodParameter returnType, Class converterType) {
+        // 这里可以根据需要判断是否需要拦截，例如只拦截特定的Controller的方法
+        return true;
+    }
+
+    @Override
+    public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
+                                  Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
+        // 这里可以对body进行处理，比如添加公共字段，或者修改返回格式等
+        if (body instanceof String) {
+            return "Custom: " + body;
+        } else if (body instanceof ResponseEntity) {
+            ResponseEntity<?> responseEntity = (ResponseEntity<?>) body;
+            Object originalBody = responseEntity.getBody();
+            return ResponseEntity.ok("Custom: " + originalBody);
+        }else if (body instanceof AjaxResult) {
+            AjaxResult ajaxResult = (AjaxResult) body;
+//            String encrypt = CryptoUtil.encrypt(JSON.toJSONString(ajaxResult));
+//            AjaxResult ajaxResult2 = new AjaxResult(200, "success", encrypt);
+//            return ajaxResult2;
+            return ajaxResult;
+        }else if (body instanceof TableDataInfo){
+            TableDataInfo tableDataInfo = (TableDataInfo) body;
+//            AjaxResult ajaxResult = new AjaxResult(200, "success", CryptoUtil.encrypt(JSON.toJSONString(tableDataInfo)));
+//            return ajaxResult;
+            return tableDataInfo;
+        }
+        System.out.println(body);
+        return body;
+    }
+}

eitc-common/src/main/java/com/eitc/common/filter/RepeatableFilter.java

@@ -1,6 +1,14 @@
 package com.eitc.common.filter;
 
-import java.io.IOException;
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.JSONObject;
+import com.alibaba.fastjson2.TypeReference;
+import com.eitc.common.config.ParameterRequestWrapper;
+import com.eitc.common.constant.HttpConst;
+import com.eitc.common.utils.CryptoUtil;
+import com.eitc.common.utils.StringUtils;
+import org.springframework.http.MediaType;
+
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -8,45 +16,195 @@ import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
-import org.springframework.http.MediaType;
-import com.eitc.common.utils.StringUtils;
+import javax.servlet.http.HttpServletResponse;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+
+
+
+
+
+
+
+
 
 /**
  * Repeatable 过滤器
  *
  * @author eitc
  */
-public class RepeatableFilter implements Filter
-{
+public class RepeatableFilter implements Filter {
+
+    private static final String DECRYPT_PARAM_NAME = "decrypt";//请求参数包含的是否加密的字段
+
+    private static final String DEFAULT_DECRYPT_TYPE = "AES";//默认加密的类型
+
     @Override
-    public void init(FilterConfig filterConfig) throws ServletException
-    {
+    public void init(FilterConfig filterConfig) throws ServletException {
 
     }
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
-            throws IOException, ServletException
-    {
-        ServletRequest requestWrapper = null;
-        if (request instanceof HttpServletRequest
-                && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE))
+            throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest) request;
+        HttpServletResponse res = (HttpServletResponse) response;
         {
+
+            String contentType = req.getContentType();//获取contentType请求头
+            String method = req.getMethod();//获取请求方法  post/get
+            //2 处理post请求  只处理application/x-www-form-urlencoded  application/json,对于multipart/form-data，直接放行
+            if (!method.trim().equalsIgnoreCase(HttpConst.GET_METHOD)) {
+                if (contentType.trim().toLowerCase().contains(HttpConst.MULTIPART_CONTENT_TYPE)) {
+                    chain.doFilter(req, response);
+                    return;
+                }
+                //处理application/x-www-form-urlencoded
+                if (contentType.trim().toLowerCase().contains(HttpConst.FORM_URLENCODED_CONTENT_TYPE)) {
+                    String decrypt = request.getParameter(DECRYPT_PARAM_NAME);
+                    if(decrypt==null||decrypt.trim().isEmpty()){
+                        chain.doFilter(request, response);
+                        return;
+                    }
+                    chain.doFilter(req, response);
+                    return;
+                }
+                //处理application/json
+                if (contentType.trim().toLowerCase().contains(HttpConst.JSON_CONTENT_TYPE)) {
+                    ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(req);
+//                    String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
+//                    // 解密
+//                    String decrypt = CryptoUtil.decrypt(collect);
+//                    System.out.println(decrypt);
+//                    byte[] bytes = decrypt.getBytes(StandardCharsets.UTF_8);
+//                    ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
+//                    try {
+//                        binaryStream.write(bytes);
+//                        byte[] byteArray = binaryStream.toByteArray();
+//                        requestWrapper.setInputStream(byteArray);
+//                    } catch (IOException e) {
+//                        e.printStackTrace();
+//                    } finally {
+//                        try {
+//                            binaryStream.close();
+//                        } catch (IOException e) {
+//                            e.printStackTrace();
+//                        }
+//                    }
+                    chain.doFilter(requestWrapper, response);
+                    return;
+                }
+            }
+        }
+
+
+        HttpServletRequest requestWrapper = null;
+        if (req instanceof HttpServletRequest
+                && StringUtils.startsWithIgnoreCase(req.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
             requestWrapper = new RepeatedlyRequestWrapper((HttpServletRequest) request, response);
         }
-        if (null == requestWrapper)
-        {
-            chain.doFilter(request, response);
+        if (null == requestWrapper) {
+            chain.doFilter(req, res);
+        } else {
+            chain.doFilter(requestWrapper, res);
         }
-        else
-        {
-            chain.doFilter(requestWrapper, response);
+    }
+
+
+    /**
+     * 字符串解密
+     *
+     * @param value
+     * @return
+     */
+    public String decryptParam(String value, String decryptType) {
+        if (decryptType.trim().equalsIgnoreCase(DEFAULT_DECRYPT_TYPE)) {
+//            return AESCipher.decryptAES(value,AESCipher.KEY);
+            return "111";
+        } else {
+            return value + "+++";
+        }
+
+    }
+
+    /**
+     * 普通的post/get请求
+     *
+     * @param parameterMap
+     */
+    public Map<String, String[]> decryptParamForNormalRequest(Map<String, String[]> parameterMap, String decryptType) {
+        Map<String, String[]> decryptMap = new HashMap<>();
+        if (parameterMap == null || parameterMap.size() == 0) {
+            return decryptMap;
+        }
+        for (Map.Entry<String, String[]> entry : parameterMap.entrySet()) {
+            String key = entry.getKey();
+            if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
+                continue;
+            }
+            String[] value = entry.getValue();
+            //String decryptKey = decodeParam(key,decryptType);
+            String[] decryptValue = null;
+            if (value != null && value.length > 0) {
+                decryptValue = new String[value.length];
+                for (int i = 0; i < value.length; i++) {
+                    decryptValue[i] = decryptParam(value[i], decryptType);
+                }
+            }
+            decryptMap.put(key, decryptValue);
+        }
+        //打印用
+        StringBuffer printStr = new StringBuffer();
+        for (Map.Entry<String, String[]> entry1 : decryptMap.entrySet()) {
+            printStr.append(entry1.getKey()).append("=").append(Arrays.asList(entry1.getValue())).append("&");
+        }
+        System.out.println("ParamsFilter:发送的请求参数:" + JSON.toJSONString(printStr));
+        return decryptMap;
+    }
+
+    /**
+     * post的application/json请求
+     *
+     * @param body
+     */
+    public String decryptParamForPostJsonRequest(String body, String decryptType) {
+        String decryptBody = "{}";
+        if (body == null || body.trim().isEmpty() || body.trim().equalsIgnoreCase("{}") || !body.trim().contains(":")) {
+            return decryptBody;
+        }
+        Map<String, Object> map = JSON.parseObject(body, new TypeReference<Map<String, Object>>() {
+        });
+        if (map == null || map.size() == 0) {
+            return decryptBody;
+        }
+        Map<String, Object> decryptMap = new HashMap<>();
+        for (Map.Entry<String, Object> entry : map.entrySet()) {
+            String key = entry.getKey();
+            if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
+                continue;
+            }
+            Object value = entry.getValue();
+            String valueStr = String.valueOf(value);
+            if (valueStr == null || valueStr.trim().isEmpty() || valueStr.trim().equalsIgnoreCase("null")) {
+                valueStr = null;
+            }
+            decryptMap.put(key, decryptParam(valueStr, decryptType));
         }
+        decryptBody = JSON.toJSONString(decryptMap);
+        System.out.println("ParamsFilter:发送的请求参数:" + decryptBody);
+        return decryptBody;
     }
 
     @Override
-    public void destroy()
-    {
+    public void destroy() {
 
     }
+
+
 }

eitc-common/src/main/java/com/eitc/common/utils/CryptoUtil.java

@@ -0,0 +1,116 @@
+package com.eitc.common.utils;
+
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+
+
+
+
+
+
+
+
+
+public class CryptoUtil {
+
+    private final static String IV = "1234567890123456";//需要前端与后端配置一致
+    private final static String KEY = "1234567890123456";
+
+    /***
+     * 加密
+     * @param  data 要加密的数据
+     * @return encrypt
+     */
+    public static String encrypt(String data){
+        return encrypt(data, KEY, IV);
+    }
+
+    public static Object decryptObject(Object obj) throws Exception{
+        return ObjectUtils.decryptObjectValues(obj);
+    }
+
+    /***
+     * param data 需要解密的数据
+     * 调用desEncrypt（）方法
+     */
+    public static String decrypt(String data){
+        return decrypt(data, KEY, IV);
+    }
+
+    /**
+     * 加密方法
+     * @param data  要加密的数据
+     * @param key 加密key
+     * @param iv 加密iv
+     * @return 加密的结果
+     */
+    private static String encrypt(String data, String key, String iv){
+        try {
+            //"算法/模式/补码方式"NoPadding PkcsPadding
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            int blockSize = cipher.getBlockSize();
+
+            byte[] dataBytes = data.getBytes();
+            int plaintextLength = dataBytes.length;
+            if (plaintextLength % blockSize != 0) {
+                plaintextLength = plaintextLength + (blockSize - (plaintextLength % blockSize));
+            }
+
+            byte[] plaintext = new byte[plaintextLength];
+            System.arraycopy(dataBytes, 0, plaintext, 0, dataBytes.length);
+
+            SecretKeySpec keyspec = new SecretKeySpec(key.getBytes(), "AES");
+            IvParameterSpec ivspec = new IvParameterSpec(iv.getBytes());
+
+            cipher.init(Cipher.ENCRYPT_MODE, keyspec, ivspec);
+            byte[] encrypted = cipher.doFinal(plaintext);
+
+            return Base64.encodeBase64String(encrypted);
+
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+    /**
+     * 解密方法
+     * @param data 要解密的数据
+     * @param key  解密key
+     * @param iv 解密iv
+     * @return 解密的结果
+     */
+    private static String decrypt(String data, String key, String iv){
+        try {
+            if(StringUtils.isEmpty(data)) {
+                return "";
+            }
+            byte[] encrypted1 = new Base64().decode(data);
+            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+            SecretKeySpec keySpec = new SecretKeySpec(key.getBytes(), "AES");
+            IvParameterSpec ivSpec = new IvParameterSpec(iv.getBytes());
+            cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
+            byte[] original = cipher.doFinal(encrypted1);
+            return new String(original, StandardCharsets.UTF_8).trim();
+
+        } catch (Exception e) {
+            e.printStackTrace();
+            return "解析错误";
+        }
+    }
+
+    public static void main(String[] args) {
+
+
+
+       String a = encrypt("123456");
+       System.out.println(a);
+       String b = decrypt(a);
+       System.out.println(b);
+    }
+}

eitc-common/src/main/java/com/eitc/common/utils/ObjectUtils.java

@@ -0,0 +1,50 @@
+package com.eitc.common.utils;
+
+import com.eitc.common.utils.bean.BeanUtils;
+import lombok.extern.log4j.Log4j2;
+
+import java.beans.PropertyDescriptor;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
+import static sun.invoke.util.Wrapper.isPrimitiveType;
+
+
+
+
+
+
+
+
+
+@Log4j2
+public class ObjectUtils {
+    public static Object decryptObjectValues(Object obj) throws Exception{
+        if (obj == null) {
+            return null;
+        }
+        Class<?> objClass = obj.getClass();
+        PropertyDescriptor[] propertyDescriptors = BeanUtils.getPropertyDescriptors(objClass);
+        for (PropertyDescriptor propertyDescriptor : propertyDescriptors) {
+            Method readMethod = propertyDescriptor.getReadMethod();
+            Method writeMethod = propertyDescriptor.getWriteMethod();
+            if (readMethod != null && writeMethod!=null) {
+                try {
+                    Object value = readMethod.invoke(obj);
+                    if(value==null) {
+                        continue;
+                    }
+                    if(isPrimitiveType(value.getClass()) && value instanceof String) {
+                        String changeValue = CryptoUtil.decrypt((String)value);
+                        writeMethod.invoke(obj, changeValue);
+                    }
+                } catch (IllegalAccessException | InvocationTargetException e) {
+                    e.printStackTrace();
+                    log.error("反射获取类【" + objClass.getName() + "】方法异常，", e);
+                }
+            }
+        }
+        return obj;
+
+    }
+}