Spring对JSON请求加解密
来源:互联网 发布:知敬畏守底线强党性 编辑:程序博客网 时间:2024/06/05 19:58
Spring中处理JSON请求通常使用@RequestBody和@ResponseBody注解,针对JSON请求加解密和过滤字符串,Spring提供了RequestBodyAdvice和ResponseBodyAdvice两个接口
具体使用
1、解密:
import com.hive.util.AESOperator;import org.apache.commons.io.IOUtils;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.core.MethodParameter;import org.springframework.http.HttpHeaders;import org.springframework.http.HttpInputMessage;import org.springframework.http.converter.HttpMessageConverter;import org.springframework.web.bind.annotation.ControllerAdvice;import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;import java.io.IOException;import java.io.InputStream;import java.lang.reflect.Type;/** * 请求数据解密 */@ControllerAdvice(basePackages = "com.hive")public class MyRequestBodyAdvice implements RequestBodyAdvice { private final static Logger logger = LoggerFactory.getLogger(MyResponseBodyAdvice.class); @Override public boolean supports(MethodParameter methodParameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { return true; } @Override public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { return body; } @Override public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) throws IOException { try { return new MyHttpInputMessage(inputMessage); } catch (Exception e) { e.printStackTrace(); return inputMessage; } } @Override public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) { return body; } class MyHttpInputMessage implements HttpInputMessage { private HttpHeaders headers; private InputStream body; public MyHttpInputMessage(HttpInputMessage inputMessage) throws Exception { this.headers = inputMessage.getHeaders(); this.body = IOUtils.toInputStream(AESOperator.getInstance().decrypt(IOUtils.toString(inputMessage.getBody(), "UTF-8")), "UTF-8"); } @Override public InputStream getBody() throws IOException { return body; } @Override public HttpHeaders getHeaders() { return headers; } }}
2、加密:
package com.hive.core.json;import com.fasterxml.jackson.core.JsonProcessingException;import com.fasterxml.jackson.databind.ObjectMapper;import com.hive.util.AESOperator;import org.slf4j.Logger;import org.slf4j.LoggerFactory;import org.springframework.core.MethodParameter;import org.springframework.http.MediaType;import org.springframework.http.server.ServerHttpRequest;import org.springframework.http.server.ServerHttpResponse;import org.springframework.web.bind.annotation.ControllerAdvice;import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;/** * 返回数据加密 */@ControllerAdvice(basePackages = "com.hive")public class MyResponseBodyAdvice implements ResponseBodyAdvice { private final static Logger logger = LoggerFactory.getLogger(MyResponseBodyAdvice.class); private final static String KEY = "!QA2Z@w1sxO*(-8L"; @Override public boolean supports(MethodParameter returnType, Class converterType) { return true; } @Override public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) { boolean encode = false; if (returnType.getMethod().isAnnotationPresent(SerializedField.class)) { //获取注解配置的包含和去除字段 SerializedField serializedField = returnType.getMethodAnnotation(SerializedField.class); //是否加密 encode = serializedField.encode(); } if (encode) { logger.info("对方法method :" + returnType.getMethod().getName() + "返回数据进行加密"); ObjectMapper objectMapper = new ObjectMapper(); try { String result = objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(body); return AESOperator.getInstance().encrypt(result); } catch (JsonProcessingException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); } } return body; }}
注解类:
package com.hive.core.json;import org.springframework.web.bind.annotation.Mapping;import java.lang.annotation.*;@Target({ElementType.METHOD, ElementType.TYPE})@Retention(RetentionPolicy.RUNTIME)@Documented@Mappingpublic @interface SerializedField { /** * 是否加密 * @return */ boolean encode() default true;}
默认是true,我这边使用false。注解类中还可以定义需要过滤的字符串
AES加密类
package com.hive.util;import sun.misc.BASE64Decoder;import sun.misc.BASE64Encoder;import javax.crypto.Cipher;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;/** * AES CBC加密 */public class AESOperator { /* * 加密用的Key 可以用26个字母和数字组成 此处使用AES-128-CBC加密模式,key需要为16位。 */ private String KEY = "!QA2Z@w1sxO*(-8L"; private String VECTOR = "!WFNZFU_{H%M(S|a"; private static AESOperator instance = null; private AESOperator() { } public static AESOperator getInstance() { return Nested.instance; } //于内部静态类只会被加载一次,故该实现方式时线程安全的! static class Nested { private static AESOperator instance = new AESOperator(); } /** * 加密 * * @param content * @return * @throws Exception */ public String encrypt(String content) throws Exception { return encrypt(content, KEY, VECTOR); } /** * 加密 * * @param content * @return * @throws Exception */ public String encrypt(String content,String key) throws Exception { return encrypt(content, key, VECTOR); } /** * 加密 * * @param content * @param key * @param vector * @return * @throws Exception */ public String encrypt(String content, String key, String vector) throws Exception { if (key == null) { return null; } if (key.length() != 16) { return null; } SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); IvParameterSpec iv = new IvParameterSpec(vector.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encrypted = cipher.doFinal(content.getBytes("UTF-8")); return new BASE64Encoder().encode(encrypted);// 此处使用BASE64做转码。 } /** * 解密 * * @param content * @return * @throws Exception */ public String decrypt(String content) throws Exception { return decrypt(content, KEY, VECTOR); } /** * 解密 * * @param content * @return * @throws Exception */ public String decrypt(String content,String key) throws Exception { return decrypt(content, key, VECTOR); } /** * 解密 * * @param content * @param key * @param vector * @return * @throws Exception */ public String decrypt(String content, String key, String vector) throws Exception { try { if (key == null) { return null; } if (key.length() != 16) { return null; } SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); IvParameterSpec iv = new IvParameterSpec(vector.getBytes()); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = new BASE64Decoder().decodeBuffer(content);// 先用base64解密 byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original, "UTF-8"); return originalString; } catch (Exception ex) { return null; } } public static void main(String[] args) throws Exception { // 需要加密的字串 String cSrc = "我爱你"; // 加密 long lStart = System.currentTimeMillis(); String enString = AESOperator.getInstance().encrypt(cSrc,"!QA2Z@w1sxO*(-8L"); System.out.println("加密后的字串是:" + enString); long lUseTime = System.currentTimeMillis() - lStart; System.out.println("加密耗时:" + lUseTime + "毫秒"); // 解密 lStart = System.currentTimeMillis(); String DeString = AESOperator.getInstance().decrypt(enString); System.out.println("解密后的字串是:" + DeString); lUseTime = System.currentTimeMillis() - lStart; System.out.println("解密耗时:" + lUseTime + "毫秒"); }}
0 0
- Spring对JSON请求加解密
- Spring对JSON请求加解密
- spring +hibernate对数据库配置信息加解密(DBCP)
- Spring全局加解密
- AES 对字符串 加解密
- RSA对文件加解密
- Retrofit对接口加解密
- JavaScript实现http请求数据加解密
- 请求链接参数Base64加解密
- IOS中json字符串原生数据请求&IOS跨平台AES128字符串加解密&AFNetworking框架的简单封装使用
- PHP对信息加解密函数
- ClassLoader对Java源码加解密
- Des 对文件进行加解密
- 使用AES对文件的加解密
- 用MD5对文件进行加解密
- C#对字符串的加解密
- openssl生成公钥私钥对 加解密
- openssl生成公钥私钥对 加解密
- 欢迎使用CSDN-markdown编辑器
- 开源一个C# Class实现Openfire登陆、推出、消息发送,方便其他系统集成IM功能了
- Android和java开发常见错误和异常整合
- android studio中gradle更新办法
- 关于Mybatis的逆向工程生成pojo和mapper
- Spring对JSON请求加解密
- KCF跟踪源码-带注释
- MATLAB矩阵生成
- 一个事半功倍的Java反射库
- linux命令大全
- assets文件夹中文件名有中文导致gradle build时出错
- ES、PES、PS、TS流
- ActiveMQ使用
- 用vue实现点击按钮,滑出面板(二)完结版