1 自定义注解 该注解放在作用再controller上
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface EncryptFilter {
boolean decryptRequest() default true;
boolean encryptResponse() default true;
}
2 对请求数据进行数据处理
@RestControllerAdvice
@Slf4j
public class DecryptRequestBodyAdapter extends RequestBodyAdviceAdapter {
@Override
public boolean supports(MethodParameter methodParameter, Type targetType,
Class> converterType) {
Method method = methodParameter.getMethod();
if (Objects.nonNull(method)) {
EncryptFilter encryptFilter = method.getAnnotation(EncryptFilter.class);
if (Objects.nonNull(encryptFilter)) {
return encryptFilter.decryptRequest();
}
}
return false;
}
@Override
public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter methodParameter, Type targetType,
Class> converterType) throws IOException {
// 读取加密的请求体
InputStream body = inputMessage.getBody();
HttpHeaders headers = inputMessage.getHeaders();
headers.remove("Content-Length");
String s = StreamUtil.getBodyString(body);
log.info("解密前请求body:" + s);
if (Strings.isNotEmpty(s)) {
// 使用sm4解密
String bodyDec = null;
try {
bodyDec = Sm4Util.decryptEcb(Constants.KEY,s);
} catch (Exception e) {
e.printStackTrace();
}
log.info("解密后请求body:" + bodyDec);
if (Strings.isNotEmpty(bodyDec)) {
// 使用解密后的数据,构造新的读取流
InputStream inputStream = new ByteArrayInputStream(bodyDec.getBytes(StandardCharsets.UTF_8));
return new HttpInputMessage() {
@Override
public HttpHeaders getHeaders() {
return inputMessage.getHeaders();
}
@Override
public InputStream getBody() {
return inputStream;
}
};
}
}
return inputMessage;
}
3 对返回结果进行数据加密 继承ResponseBodyAdvice
//@RestControllerAdvice("com.example.springbootEncrypt.controller")
// 表示com.example.springbootEncrypt.controller此包下的所有响应对象都会经过此拦截器,并对响应体加密
@RestControllerAdvice
@Slf4j
public class EncryptResponseBodyAdapter implements ResponseBodyAdvice
