common/ruoyi-flex
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

完善API加解密

Browse Source
This commit is contained in:
dataprince 2024-01-16 08:49:04 +08:00
parent 2868e20c86
commit 8f1ce9a5df
1 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ruoyi-common/ruoyi-common-encrypt/src/main/java/com/ruoyi/common/encrypt/filter/CryptoFilter.java
View File

@ -37,7 +37,7 @@ public class CryptoFilter implements Filter {
HttpServletRequest servletRequest = (HttpServletRequest) request; HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpServletResponse servletResponse = (HttpServletResponse) response; HttpServletResponse servletResponse = (HttpServletResponse) response;
boolean encryptFlag = false; boolean responseFlag = false;
ServletRequest requestWrapper = null; ServletRequest requestWrapper = null;
ServletResponse responseWrapper = null; ServletResponse responseWrapper = null;
EncryptResponseBodyWrapper responseBodyWrapper = null; EncryptResponseBodyWrapper responseBodyWrapper = null;
@ -48,24 +48,24 @@ public class CryptoFilter implements Filter {
if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) { if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) {
// 是否存在加密标头 // 是否存在加密标头
String headerValue = servletRequest.getHeader(properties.getHeaderFlag()); String headerValue = servletRequest.getHeader(properties.getHeaderFlag());
// 获取加密注解
ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
responseFlag = apiEncrypt != null && apiEncrypt.response();
if (StringUtils.isNotBlank(headerValue)) { if (StringUtils.isNotBlank(headerValue)) {
// 请求解密 // 请求解密
requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag()); requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());
// 获取加密注解
ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
if (ObjectUtil.isNotNull(apiEncrypt)) {
// 响应加密标志
encryptFlag = apiEncrypt.response();
} else { } else {
// 是否有注解有就报错没有放行 // 是否有注解有就报错没有放行
HandlerExceptionResolver exceptionResolver = SpringUtils.getBean(HandlerExceptionResolver.class); if (ObjectUtil.isNotNull(apiEncrypt)) {
HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver", HandlerExceptionResolver.class);
exceptionResolver.resolveException( exceptionResolver.resolveException(
servletRequest, servletResponse, null, servletRequest, servletResponse, null,
new ServiceException("没有访问权限,请联系管理员授权", HttpStatus.FORBIDDEN)); new ServiceException("没有访问权限,请联系管理员授权", HttpStatus.FORBIDDEN));
return;
} }
} }
// 判断是否响应加密 // 判断是否响应加密
if (encryptFlag) { if (responseFlag) {
responseBodyWrapper = new EncryptResponseBodyWrapper(servletResponse); responseBodyWrapper = new EncryptResponseBodyWrapper(servletResponse);
responseWrapper = responseBodyWrapper; responseWrapper = responseBodyWrapper;
} }
@ -76,7 +76,7 @@ public class CryptoFilter implements Filter {
ObjectUtil.defaultIfNull(requestWrapper, request), ObjectUtil.defaultIfNull(requestWrapper, request),
ObjectUtil.defaultIfNull(responseWrapper, response)); ObjectUtil.defaultIfNull(responseWrapper, response));
if (encryptFlag) { if (responseFlag) {
servletResponse.reset(); servletResponse.reset();
// 对原始内容加密 // 对原始内容加密
String encryptContent = responseBodyWrapper.getEncryptContent( String encryptContent = responseBodyWrapper.getEncryptContent(