package com.doumee.config.interfaceencryption;
|
|
import com.doumee.config.annotation.EncryptionReq;
|
import com.doumee.config.annotation.EncryptionResp;
|
import com.doumee.config.interfaceencryption.tool.RSAEncrypt;
|
import com.doumee.core.utils.AESUtils;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.lang.Nullable;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.HandlerInterceptor;
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.util.stream.Collectors;
|
|
/**
|
* app自定义token认证
|
*/
|
@Slf4j
|
//@Component
|
public class InterfaceEncryptionMvcConfig implements WebMvcConfigurer {
|
|
/**
|
* 是否开发者
|
*/
|
@Value("${debug_model}")
|
private Boolean isDebug;
|
/**
|
* 添加拦截器
|
*/
|
@Override
|
public void addInterceptors(InterceptorRegistry registry) {
|
//API接口JwtToken拦截器
|
HandlerInterceptor encrypterceptor = new HandlerInterceptor() {
|
@Override
|
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
|
@Nullable Exception ex) throws Exception {
|
if (!(handler instanceof HandlerMethod)) {
|
return ;
|
}
|
/* HandlerMethod handlerMethod = (HandlerMethod) handler;
|
if(!( handlerMethod.hasMethodAnnotation(EncryptionResp.class) || handlerMethod.hasMethodAnnotation(EncryptionResp.class)) ){
|
//如果是加密返回参数
|
String str = generateRandomLetters(16);
|
String afterDealStr = newEncrypt(str);
|
ResponseData response = (ResponseData) object;
|
//对响应内容进行加密
|
ObjectMapper objectMapper = new ObjectMapper();
|
String aesEncryptData = AESUtils.encrypt(objectMapper.writeValueAsString(response.getData()), str);
|
response.setData(aesEncryptData);
|
String aesEncryptMessage = AESUtils.encrypt(objectMapper.writeValueAsString(response.getMessage()), str);
|
response.setMessage(aesEncryptMessage + " " + afterDealStr);
|
return object;
|
}*/
|
|
}
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
// 如果不是映射到方法直接通过
|
if (!(handler instanceof HandlerMethod)) {
|
return true;
|
}
|
HandlerMethod handlerMethod = (HandlerMethod) handler;
|
if(( handlerMethod.hasMethodAnnotation(EncryptionResp.class) || handlerMethod.hasMethodAnnotation(EncryptionResp.class)) ){
|
//如果是加密参数
|
String secretKey = request.getHeader("secretKey");
|
//对key进行解密
|
// String decrypt = RSAEncrypt.decrypt(secretKey, RSAEncrypt.privateKey);
|
//获取请求参数
|
String requestBody = request.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
|
String param = requestBody.toString();
|
//对参数进行解密
|
String decrypt1 = AESUtils.decrypt(param, requestBody);
|
//放入请求
|
request.setAttribute("param", decrypt1);
|
}
|
return true;
|
}
|
};
|
registry.addInterceptor(encrypterceptor).addPathPatterns("/**");
|
}
|
|
|
|
}
|
