From 78c91d0733ed359957a18db05930977eca75b5e5 Mon Sep 17 00:00:00 2001
From: MichelleChung <1242874891@qq.com>
Date: 星期一, 27 十一月 2023 10:56:59 +0800
Subject: [PATCH] !451 响应加密功能 * update 优化调整加解密判断逻辑, 避免 NPE ; * rollback 回滚错误提交, 保留加密组件开关 ; * add 新增注解 @ApiEncrypt 用于校验接口加解密 ; * add 新增 EncryptResponseBodyWrapper 加密响应参数包装类 ;
---
ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java | 75 +++++++++++++++++++++++++++++++++++--
1 files changed, 71 insertions(+), 4 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
index c31e025..76ce37e 100644
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
@@ -3,10 +3,19 @@
import cn.hutool.core.util.ObjectUtil;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.dromara.common.core.constant.HttpStatus;
+import org.dromara.common.core.exception.ServiceException;
+import org.dromara.common.core.utils.SpringUtils;
import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.encrypt.annotation.ApiEncrypt;
import org.dromara.common.encrypt.properties.ApiDecryptProperties;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerExceptionResolver;
+import org.springframework.web.servlet.HandlerExecutionChain;
+import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import java.io.IOException;
@@ -25,8 +34,14 @@
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- ServletRequest requestWrapper = null;
HttpServletRequest servletRequest = (HttpServletRequest) request;
+ HttpServletResponse servletResponse = (HttpServletResponse) response;
+
+ boolean encryptFlag = false;
+ ServletRequest requestWrapper = null;
+ ServletResponse responseWrapper = null;
+ EncryptResponseBodyWrapper responseBodyWrapper = null;
+
// 鏄惁涓� json 璇锋眰
if (StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
// 鏄惁涓� put 鎴栬�� post 璇锋眰
@@ -34,16 +49,68 @@
// 鏄惁瀛樺湪鍔犲瘑鏍囧ご
String headerValue = servletRequest.getHeader(properties.getHeaderFlag());
if (StringUtils.isNotBlank(headerValue)) {
- requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPublicKey(), properties.getPrivateKey(), properties.getHeaderFlag());
+ // 璇锋眰瑙e瘑
+ requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());
+ // 鑾峰彇鍔犲瘑娉ㄨВ
+ ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
+ if (ObjectUtil.isNotNull(apiEncrypt)) {
+ // 鍝嶅簲鍔犲瘑鏍囧織
+ encryptFlag = apiEncrypt.response();
+ } else {
+ // 鏄惁鏈夋敞瑙o紝鏈夊氨鎶ラ敊锛屾病鏈夋斁琛�
+ HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver");
+ exceptionResolver.resolveException(
+ servletRequest, servletResponse, null,
+ new ServiceException("娌℃湁璁块棶鏉冮檺锛岃鑱旂郴绠$悊鍛樻巿鏉�", HttpStatus.FORBIDDEN));
+ }
+ }
+ // 鍒ゆ柇鏄惁鍝嶅簲鍔犲瘑
+ if (encryptFlag) {
+ responseBodyWrapper = new EncryptResponseBodyWrapper(servletResponse);
+ responseWrapper = responseBodyWrapper;
}
}
}
- chain.doFilter(ObjectUtil.defaultIfNull(requestWrapper, request), response);
+ chain.doFilter(
+ ObjectUtil.defaultIfNull(requestWrapper, request),
+ ObjectUtil.defaultIfNull(responseWrapper, response));
+
+ if (encryptFlag) {
+ servletResponse.reset();
+ // 瀵瑰師濮嬪唴瀹瑰姞瀵�
+ String encryptContent = responseBodyWrapper.getEncryptContent(
+ servletResponse, properties.getPublicKey(), properties.getHeaderFlag());
+ // 瀵瑰姞瀵嗗悗鐨勫唴瀹瑰啓鍑�
+ servletResponse.getWriter().write(encryptContent);
+ }
+ }
+
+ /**
+ * 鑾峰彇 ApiEncrypt 娉ㄨВ
+ */
+ private ApiEncrypt getApiEncryptAnnotation(HttpServletRequest servletRequest) {
+ RequestMappingHandlerMapping handlerMapping = SpringUtils.getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class);
+ // 鑾峰彇娉ㄨВ
+ try {
+ HandlerExecutionChain mappingHandler = handlerMapping.getHandler(servletRequest);
+ System.out.println(mappingHandler);
+ if (ObjectUtil.isNotNull(mappingHandler)) {
+ Object handler = mappingHandler.getHandler();
+ if (ObjectUtil.isNotNull(handler)) {
+ // 浠巋andler鑾峰彇娉ㄨВ
+ if (handler instanceof HandlerMethod handlerMethod) {
+ return handlerMethod.getMethodAnnotation(ApiEncrypt.class);
+ }
+ }
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ return null;
}
@Override
public void destroy() {
-
}
}
--
Gitblit v1.9.3