移除 jasypt-spring-boot-starter 依赖,使用 hutool AES 替代

This commit is contained in:
YunaiV 2022-11-12 09:15:02 +08:00
parent 3fbb0b4c54
commit ce3aefadd7
8 changed files with 32 additions and 50 deletions

View File

@ -43,7 +43,6 @@
<!-- Bpm 工作流相关 --> <!-- Bpm 工作流相关 -->
<flowable.version>6.7.2</flowable.version> <flowable.version>6.7.2</flowable.version>
<!-- 工具类相关 --> <!-- 工具类相关 -->
<jasypt-spring-boot-starter.version>3.0.4</jasypt-spring-boot-starter.version>
<lombok.version>1.18.24</lombok.version> <lombok.version>1.18.24</lombok.version>
<mapstruct.version>1.5.3.Final</mapstruct.version> <mapstruct.version>1.5.3.Final</mapstruct.version>
<hutool.version>5.8.9</hutool.version> <hutool.version>5.8.9</hutool.version>
@ -407,12 +406,6 @@
<version>${revision}</version> <version>${revision}</version>
</dependency> </dependency>
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
<version>${jasypt-spring-boot-starter.version}</version>
</dependency>
<dependency> <dependency>
<groupId>cn.iocoder.boot</groupId> <groupId>cn.iocoder.boot</groupId>
<artifactId>yudao-spring-boot-starter-excel</artifactId> <artifactId>yudao-spring-boot-starter-excel</artifactId>

View File

@ -59,13 +59,6 @@
<artifactId>dynamic-datasource-spring-boot-starter</artifactId> <!-- 多数据源 --> <artifactId>dynamic-datasource-spring-boot-starter</artifactId> <!-- 多数据源 -->
</dependency> </dependency>
<!-- 工具类相关 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
<optional>true</optional>
</dependency>
</dependencies> </dependencies>
</project> </project>

View File

@ -1,10 +1,11 @@
package cn.iocoder.yudao.framework.mybatis.core.type; package cn.iocoder.yudao.framework.mybatis.core.type;
import cn.hutool.core.lang.Assert; import cn.hutool.core.lang.Assert;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.extra.spring.SpringUtil; import cn.hutool.extra.spring.SpringUtil;
import org.apache.ibatis.type.BaseTypeHandler; import org.apache.ibatis.type.BaseTypeHandler;
import org.apache.ibatis.type.JdbcType; import org.apache.ibatis.type.JdbcType;
import org.jasypt.encryption.StringEncryptor;
import java.sql.CallableStatement; import java.sql.CallableStatement;
import java.sql.PreparedStatement; import java.sql.PreparedStatement;
@ -12,18 +13,20 @@ import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
/** /**
* 字段字段的 TypeHandler 实现类基于 {@link StringEncryptor} 实现 * 字段字段的 TypeHandler 实现类基于 {@link cn.hutool.crypto.symmetric.AES} 实现
* 可通过 jasypt.encryptor.password 配置项设置密钥 * 可通过 jasypt.encryptor.password 配置项设置密钥
* *
* @author 芋道源码 * @author 芋道源码
*/ */
public class EncryptTypeHandler extends BaseTypeHandler<String> { public class EncryptTypeHandler extends BaseTypeHandler<String> {
private static StringEncryptor encryptor; private static final String ENCRYPTOR_PROPERTY_NAME = "mybatis-plus.encryptor.password";
private static AES aes;
@Override @Override
public void setNonNullParameter(PreparedStatement ps, int i, String parameter, JdbcType jdbcType) throws SQLException { public void setNonNullParameter(PreparedStatement ps, int i, String parameter, JdbcType jdbcType) throws SQLException {
ps.setString(i, getEncryptor().encrypt(parameter)); ps.setString(i, encrypt(parameter));
} }
@Override @Override
@ -48,23 +51,25 @@ public class EncryptTypeHandler extends BaseTypeHandler<String> {
if (value == null) { if (value == null) {
return null; return null;
} }
return getEncryptor().decrypt(value); return getEncryptor().decryptStr(value);
} }
public static String encrypt(String rawValue) { public static String encrypt(String rawValue) {
if (rawValue == null) { if (rawValue == null) {
return null; return null;
} }
return getEncryptor().encrypt(rawValue); return getEncryptor().encryptBase64(rawValue);
} }
private static StringEncryptor getEncryptor() { private static AES getEncryptor() {
if (encryptor != null) { if (aes != null) {
return encryptor; return aes;
} }
encryptor = SpringUtil.getBean(StringEncryptor.class); // 构建 AES
Assert.notNull(encryptor, "StringEncryptor 不能为空"); String password = SpringUtil.getProperty(ENCRYPTOR_PROPERTY_NAME);
return encryptor; Assert.notEmpty(password, "配置项({}) 不能为空", ENCRYPTOR_PROPERTY_NAME);
aes = SecureUtil.aes(password.getBytes());
return aes;
} }
} }

View File

@ -83,10 +83,6 @@
</dependency> </dependency>
<!-- 工具类相关 --> <!-- 工具类相关 -->
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
</dependency>
<dependency> <dependency>
<groupId>cn.iocoder.boot</groupId> <groupId>cn.iocoder.boot</groupId>

View File

@ -1,6 +1,7 @@
package cn.iocoder.yudao.module.infra.service.db; package cn.iocoder.yudao.module.infra.service.db;
import cn.hutool.core.util.ReflectUtil; import cn.hutool.core.util.ReflectUtil;
import cn.hutool.crypto.symmetric.AES;
import cn.iocoder.yudao.framework.mybatis.core.type.EncryptTypeHandler; import cn.iocoder.yudao.framework.mybatis.core.type.EncryptTypeHandler;
import cn.iocoder.yudao.framework.mybatis.core.util.JdbcUtils; import cn.iocoder.yudao.framework.mybatis.core.util.JdbcUtils;
import cn.iocoder.yudao.framework.test.core.ut.BaseDbUnitTest; import cn.iocoder.yudao.framework.test.core.ut.BaseDbUnitTest;
@ -9,7 +10,6 @@ import cn.iocoder.yudao.module.infra.controller.admin.db.vo.DataSourceConfigUpda
import cn.iocoder.yudao.module.infra.dal.dataobject.db.DataSourceConfigDO; import cn.iocoder.yudao.module.infra.dal.dataobject.db.DataSourceConfigDO;
import cn.iocoder.yudao.module.infra.dal.mysql.db.DataSourceConfigMapper; import cn.iocoder.yudao.module.infra.dal.mysql.db.DataSourceConfigMapper;
import com.baomidou.dynamic.datasource.spring.boot.autoconfigure.DynamicDataSourceProperties; import com.baomidou.dynamic.datasource.spring.boot.autoconfigure.DynamicDataSourceProperties;
import org.jasypt.encryption.StringEncryptor;
import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.mockito.MockedStatic; import org.mockito.MockedStatic;
@ -24,7 +24,8 @@ import static cn.iocoder.yudao.framework.test.core.util.AssertUtils.assertServic
import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomLongId; import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomLongId;
import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomPojo; import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomPojo;
import static cn.iocoder.yudao.module.infra.enums.ErrorCodeConstants.DATA_SOURCE_CONFIG_NOT_EXISTS; import static cn.iocoder.yudao.module.infra.enums.ErrorCodeConstants.DATA_SOURCE_CONFIG_NOT_EXISTS;
import static org.junit.jupiter.api.Assertions.*; import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mockStatic; import static org.mockito.Mockito.mockStatic;
@ -45,7 +46,7 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest {
private DataSourceConfigMapper dataSourceConfigMapper; private DataSourceConfigMapper dataSourceConfigMapper;
@MockBean @MockBean
private StringEncryptor stringEncryptor; private AES aes;
@MockBean @MockBean
private DynamicDataSourceProperties dynamicDataSourceProperties; private DynamicDataSourceProperties dynamicDataSourceProperties;
@ -53,9 +54,9 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest {
@BeforeEach @BeforeEach
public void setUp() { public void setUp() {
// mock 一个空实现的 StringEncryptor避免 EncryptTypeHandler 报错 // mock 一个空实现的 StringEncryptor避免 EncryptTypeHandler 报错
ReflectUtil.setFieldValue(EncryptTypeHandler.class, "encryptor", stringEncryptor); ReflectUtil.setFieldValue(EncryptTypeHandler.class, "aes", aes);
when(stringEncryptor.encrypt(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0)); when(aes.encryptBase64(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
when(stringEncryptor.decrypt(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0)); when(aes.decryptStr(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
} }
@Test @Test

View File

@ -63,10 +63,6 @@ spring:
database: 1 # 数据库索引 database: 1 # 数据库索引
# password: 123456 # 密码,建议生产环境开启 # password: 123456 # 密码,建议生产环境开启
jasypt:
encryptor:
password: yuanma # 加解密的秘钥
--- #################### 定时任务相关配置 #################### --- #################### 定时任务相关配置 ####################
# Quartz 配置项,对应 QuartzProperties 配置类 # Quartz 配置项,对应 QuartzProperties 配置类

View File

@ -45,37 +45,33 @@ spring:
datasource: datasource:
master: master:
name: ruoyi-vue-pro name: ruoyi-vue-pro
url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
# url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例 # url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例
# url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例 # url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例
# url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例 # url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例
# url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.master.name} # SQLServer 连接的示例 # url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.master.name} # SQLServer 连接的示例
username: root username: root
password: ${RUOYI_VUE_PRO} password: 123456
# username: sa # username: sa
# password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W
slave: # 模拟从库,可根据自己需要修改 slave: # 模拟从库,可根据自己需要修改
name: ruoyi-vue-pro name: ruoyi-vue-pro
url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
# url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例 # url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例
# url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例 # url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例
# url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例 # url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例
# url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.slave.name} # SQLServer 连接的示例 # url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.slave.name} # SQLServer 连接的示例
username: root username: root
password: ${RUOYI_VUE_PRO} password: 123456
# username: sa # username: sa
# password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W
# Redis 配置。Redisson 默认的配置足够使用,一般不需要进行调优 # Redis 配置。Redisson 默认的配置足够使用,一般不需要进行调优
redis: redis:
host: 139.9.196.247 # 地址 host: 127.0.0.1 # 地址
port: 6379 # 端口 port: 6379 # 端口
database: 0 # 数据库索引 database: 0 # 数据库索引
password: 123456 # 密码,建议生产环境开启 # password: 123456 # 密码,建议生产环境开启
jasypt:
encryptor:
password: yuanma # 加解密的秘钥
--- #################### 定时任务相关配置 #################### --- #################### 定时任务相关配置 ####################

View File

@ -56,6 +56,8 @@ mybatis-plus:
logic-delete-value: 1 # 逻辑已删除值(默认为 1) logic-delete-value: 1 # 逻辑已删除值(默认为 1)
logic-not-delete-value: 0 # 逻辑未删除值(默认为 0) logic-not-delete-value: 0 # 逻辑未删除值(默认为 0)
type-aliases-package: ${yudao.info.base-package}.module.*.dal.dataobject type-aliases-package: ${yudao.info.base-package}.module.*.dal.dataobject
encryptor:
password: XDV71a+xqStEA3WH # 加解密的秘钥,可使用 https://www.imaegoo.com/2020/aes-key-generator/ 网站生成
--- #################### 验证码相关配置 #################### --- #################### 验证码相关配置 ####################