碼上快樂

相關內容    簡體    繁體

Springboot框架,實現請求數據解密,響應數據加密的功能。

本文轉載自   查看原文   2018-11-26 13:45   5061 

一、簡要說明:

  在做這個功能的時候,參考了很多文章,也試了用過濾器解決。但總體來說還是很麻煩,所以換了另一種解決方案。直接實現RequestBodyAdvice和ResponseBodyAdvice兩個接口 ,進行加密解密處理。

  關於RequestBodyAdvice和ResponseBodyAdvice接口的作用,可參考該文檔:

  (1)https://blog.csdn.net/qq_16504067/article/details/73225005  

  (2) https://blog.csdn.net/jing956899449/article/details/54315048

二、解密 DecodeRequestBodyAdvice

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Type;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import lombok.extern.slf4j.Slf4j;

@Component
@ControllerAdvice(basePackages = "com.kiki.controller")
@Slf4j
public class DecodeRequestBodyAdvice implements RequestBodyAdvice {

    @Override
    public boolean supports(MethodParameter methodParameter, Type targetType,
            Class<? extends HttpMessageConverter<?>> converterType) {
        //這里設置成false 它就不會再走這個類了
        return true;
    }
    @Override
    public HttpInputMessage beforeBodyRead(HttpInputMessage request, MethodParameter parameter, Type targetType,
            Class<? extends HttpMessageConverter<?>> converterType) throws IOException {
        StringBuilder stringBuilder = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            //這個request其實就是入參 可以從這里獲取流
            //入參放在HttpInputMessage里面  這個方法的返回值也是HttpInputMessage
            InputStream inputStream = request.getBody();
            if (inputStream != null) {
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                char[] charBuffer = new char[128];
                int bytesRead = -1;
                while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
                    stringBuilder.append(charBuffer, 0, bytesRead);
                }
            } else {
                stringBuilder.append("");
            }
        } catch (IOException ex) {
            throw ex;
        } finally {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException ex) {
                    throw ex;
                }
            }
        }
        //獲取請求數據
        String string = stringBuilder.toString();
        /*****************進行解密start*******************/
        log.info("【接受的請求數據】string={}",string);

        String decode =Base64Utils.decode(string);
        log.info("【解密后的請求數據】decode={}",decode);

        //把數據放到我們封裝的對象中
        return new MyHttpInputMessage(request.getHeaders(), new ByteArrayInputStream(decode.getBytes("UTF-8")));
    }

    @Override
    public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
            Class<? extends HttpMessageConverter<?>> converterType) {
        return body;
    }

    @Override
    public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter,
            Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
        return body;
    }
    //這里實現了HttpInputMessage 封裝一個自己的HttpInputMessage
    static class MyHttpInputMessage implements HttpInputMessage {
        HttpHeaders headers;
        InputStream body;

        public MyHttpInputMessage(HttpHeaders headers, InputStream body) {
            this.headers = headers;
            this.body = body;
        }

        @Override
        public InputStream getBody() throws IOException {
            return body;
        }

        @Override
        public HttpHeaders getHeaders() {
            return headers;
        }
    }

}

三、加密 EncodeResponseBodyAdvice 

import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;

@Component
@ControllerAdvice(basePackages = "com.kiki.controller")
@Slf4j
public class EncodeResponseBodyAdvice implements ResponseBodyAdvice<Object> {

    @Override
    public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
        return true;
    }

    @Override
    public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
            Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request,
                    ServerHttpResponse response) {
        System.out.println("response-------->"+body);
        //加密
        log.info("【接受到的數據】encode={}",body);
        String encode = Base64Utils.encode(JSON.toJSONString(body));
        return encode;
    }

}

四、工具類

import java.nio.charset.StandardCharsets;
import java.util.Base64;

public class Base64Utils {
    /**
     * 使用Base64加密字符串
     * @return 加密之后的字符串
     * 
     */
    public static String encode(String data){
        return  Base64.getEncoder().encodeToString(data.getBytes(StandardCharsets.UTF_8));
    }
    /**
     * 使用Base64解密
     * @return 解密之后的字符串
     * 
     */
    public static String decode(String data){
        return new String(Base64.getDecoder().decode(data.replace("\"", "")),StandardCharsets.UTF_8);
    }
    public static void main(String[] args) {
        String encode = encode("{\"key\":\"kiki123\",\"value\":\"hello lmbx\"}");
        System.out.println(encode);
        String decode = decode("eyJrZXkiOiIxMjMiLCJ2YWx1ZSI6ImFhYSJ9");
        System.out.println(decode);
        
    }
}

五、bean

import lombok.Data;

@Data
public class DataBean {
    private String key;
    private String value;
}

 

六、Controller

import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import com.kiki.bean.DataBean;
@RestController
@RequestMapping("/api/")
public class DataController {
    @PostMapping("test")
    public DataBean test(@RequestBody DataBean dataBean) {
        System.out.println("controller::::"+dataBean);
        dataBean.setKey("456");
        dataBean.setValue("0000");
        return dataBean;
    }
}

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 Java框架之SpringMVC 03-RequestMapping-請求數據-響應數據 SpringBoot中如何靈活的實現接口數據的加解密功能? SpringMVC請求參數和響應結果全局加密和解密 Vue框架Element UI教程-axios請求數據 fetch 如何請求數據 java實現AES加密解密--數據加解密 完全代碼實現UITableView下拉更新,異步請求數據 Angular中使用axios實現get請求數據 vue中實現先請求數據再渲染dom HttpClientUtil 工具類 實現跨域請求數據
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM