前言
由于公司业务需求需要对传来的密码解密,每个都解密一次太过于麻烦,借助spring RequestBodyAdvice 特性来做统一解密处理
1、自定义注解
package cn.oq.dz.finance.common.annotation;
/**
* @Description: j
* @Author: hongwang.zhang
* @CreateDate: 2019/10/12 15:07
* @Version: 1.0
*/
import java.lang.annotation.*;
@Documented
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.FIELD ,ElementType.METHOD })
public @interface Decrypt {
/**
* 解密方式
* @return
*/
String value() default "";
}
package cn.oq.dz.finance.web.advice;
import cn.oq.dz.finance.business.ElectronicAccountBusiness;
import cn.oq.dz.finance.common.annotation.Decrypt;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Field;
import java.lang.reflect.Type;
/**
* @Description: spring mvc 全局入参解密
* 需要在 controller 添加 @Decrypt 注解 和需要解密的字段加上 @Decrypt 注解
* @Author: hongwang.zhang
* @CreateDate: 2019/10/12 14:54
* @Version: 1.0
*/
@Slf4j
@ControllerAdvice
public class RequestControllerAdvice implements RequestBodyAdvice {
@Autowired
private ElectronicAccountBusiness electronicAccountBusiness;
@Override
public boolean supports(MethodParameter methodParameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
return true;
}
@Override
public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
return null;
}
@Override
public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) throws IOException {
if(parameter.getMethodAnnotation(Decrypt.class) == null){
return inputMessage;
}
return new HttpInputMessage() {
@Override
public InputStream getBody() throws IOException {
String bodyStr = IOUtils.toString(inputMessage.getBody(),"utf-8");
JSONObject jsonObject = JSONObject.parseObject(bodyStr);
Class clazz = null;
try {
clazz = Class.forName(targetType.getTypeName());
} catch (ClassNotFoundException e) {
log.info("RequestControllerAdvice:",e);
}
if(clazz == null ){
return (InputStream) inputMessage;
}
for (Field field : clazz.getDeclaredFields()) {
Decrypt decrypt = field.getAnnotation(Decrypt.class);
if(decrypt != null){
jsonObject.put(field.getName(),electronicAccountBusiness.decryptionPassword(jsonObject.getString(field.getName())));
}
}
return IOUtils.toInputStream(jsonObject.toJSONString(),"utf-8");
}
@Override
public HttpHeaders getHeaders() {
return inputMessage.getHeaders();
}
};
}
@Override
public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
return body;
}
}