diff --git a/UPDATE.md b/UPDATE.md index f0538a3..2f8187e 100644 --- a/UPDATE.md +++ b/UPDATE.md @@ -11,6 +11,7 @@ spring-boot-starter-parent:2.0.5.RELEASE ``` **update:**
1. 升级依赖 +2. 出入参加密 ParamsRequestBodyAdvice/ParamsResponseBodyAdvice 增加开关(默认关) # diff --git a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsRequestBodyAdvice.java b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsRequestBodyAdvice.java index ba6b606..e7dbd02 100644 --- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsRequestBodyAdvice.java +++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsRequestBodyAdvice.java @@ -9,6 +9,7 @@ import com.yexuejc.springboot.base.exception.GatewayException; import com.yexuejc.springboot.base.util.LogUtil; import org.apache.commons.io.IOUtils; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.core.MethodParameter; import org.springframework.http.HttpHeaders; @@ -35,6 +36,7 @@ import java.security.interfaces.RSAPrivateKey; @ControllerAdvice @ConditionalOnClass({RequestBodyAdvice.class, HttpHeaders.class, HttpInputMessage.class, HttpMessageConverter.class}) @EnableConfigurationProperties(RsaProperties.class) +@ConditionalOnProperty(value = "yexuejc.filter.req.enable", matchIfMissing = false) public class ParamsRequestBodyAdvice implements RequestBodyAdvice { private final RsaProperties properties; @@ -49,12 +51,25 @@ public class ParamsRequestBodyAdvice implements RequestBodyAdvice { } @Override - public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) { + public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) { return body; } + /** + * 使用入参加密 + * 自定义入参的解密方式只需要重写 beforeBodyRead 方法即可 + * + * @param inputMessage + * @param parameter + * @param targetType + * @param converterType + * @return + * @throws IOException + */ @Override - public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) throws IOException { + public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) throws IOException { if (properties.isDecrypt()) { ParamsPO paramsPO = JsonUtil.json2Obj(IOUtils.toString(inputMessage.getBody(), "UTF-8"), ParamsPO.class); //RSA解密 @@ -63,7 +78,8 @@ public class ParamsRequestBodyAdvice implements RequestBodyAdvice { RSAPrivateKey rsaPrivateKey = null; if (StrUtil.isEmpty(properties.getPrivateKey())) { rsaPrivateKey = RSA2.getPrivateKey( - this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(), +// this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(), + this.getClass().getResourceAsStream(properties.getPrivateKeyPath()), properties.getPrivateAlias(), properties.getPrivatePwd()); } else { @@ -92,7 +108,8 @@ public class ParamsRequestBodyAdvice implements RequestBodyAdvice { } @Override - public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) { + public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType, Class> converterType) { return body; } diff --git a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsResponseBodyAdvice.java b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsResponseBodyAdvice.java index 4933958..4606068 100644 --- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsResponseBodyAdvice.java +++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/filter/ParamsResponseBodyAdvice.java @@ -7,6 +7,7 @@ import com.yexuejc.base.util.JsonUtil; import com.yexuejc.base.util.StrUtil; import com.yexuejc.springboot.base.util.LogUtil; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.core.MethodParameter; import org.springframework.http.MediaType; @@ -32,6 +33,7 @@ import java.util.Map; @ControllerAdvice @ConditionalOnClass({ResponseBodyAdvice.class, ServerHttpRequest.class, ServerHttpResponse.class, MediaType.class}) @EnableConfigurationProperties(RsaProperties.class) +@ConditionalOnProperty(value = "yexuejc.filter.resp.enable", matchIfMissing = false) public class ParamsResponseBodyAdvice implements ResponseBodyAdvice { private final RsaProperties properties; @@ -47,7 +49,8 @@ public class ParamsResponseBodyAdvice implements ResponseBodyAdvice { } @Override - public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) { + public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class selectedConverterType, + ServerHttpRequest request, ServerHttpResponse response) { if (returnType.getMethod().isAnnotationPresent(SerializedField.class)) { //获取注解配置的包含和去除字段 SerializedField serializedField = returnType.getMethodAnnotation(SerializedField.class); @@ -74,7 +77,8 @@ public class ParamsResponseBodyAdvice implements ResponseBodyAdvice { RSAPrivateKey rsaPrivateKey = null; if (StrUtil.isEmpty(properties.getPrivateKey())) { rsaPrivateKey = RSA2.getPrivateKey( - this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(), +// this.getClass().getResource(properties.getPrivateKeyPath()).getFile().toString(), + this.getClass().getResourceAsStream(properties.getPrivateKeyPath()), properties.getPrivateAlias(), properties.getPrivatePwd()); } else {