赞
踩
往期热门文章:
- 1、isEmpty和isBlank的区别,至少一半人答不上来...
- 2、Lombok同时使⽤@Data和@Builder 的坑
- 3、IntelliJ IDEA快捷键大全 + 动图演示,建议收藏!
- 4、如何防止你的 jar 被反编译?
- 5、大公司为什么禁止SpringBoot项目使用Tomcat?
- juejin.cn/post/7110110794188062727
下午惬意时光,突然产品小姐姐走到我面前,打断我短暂的摸鱼time,企图与我进行深入交流,还好我早有防备没有闪,打开瑞star的点单页面,暗示没有一杯coffee解决不了的需求,需求是某些接口返回的信息,涉及到敏感数据的必须进行脱敏操作,我思考一反,表示某问题,马上安排。
1.要做成可配置多策略的脱敏操作,要不然一个个接口进行脱敏操作,重复的工作量太多,很显然违背了“多写一行算我输”的程序员规范,思来想去,定义数据脱敏注解和数据脱敏逻辑的接口, 在返回类上,对需要进行脱敏的属性加上,并指定对应的脱敏策略操作。
2.接下来我只需要拦截控制器返回的数据,找到带有脱敏注解的属性操作即可,一开始打算用@ControllerAdvice去实现,但发现需要自己去反射类获取注解,当返回对象比较复杂,需要递归去反射,性能一下子就会降低,于是换种思路,我想到平时使用的@JsonFormat,跟我现在的场景很类似,通过自定义注解跟字段解析器,对字段进行自定义解析,tql
- @Target({ElementType.FIELD, ElementType.TYPE})
- @Retention(RetentionPolicy.RUNTIME)
- @Documented
- public @interface DataMasking {
-
- DataMaskingFunc maskFunc() default DataMaskingFunc.NO_MASK;
-
- }
- public interface DataMaskingOperation {
-
- String MASK_CHAR = "*";
-
- String mask(String content, String maskChar);
-
- }
-
- public enum DataMaskingFunc {
-
- /**
- * 脱敏转换器
- */
- NO_MASK((str, maskChar) -> {
- return str;
- }),
- ALL_MASK((str, maskChar) -> {
- if (StringUtils.hasLength(str)) {
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < str.length(); i++) {
- sb.append(StringUtils.hasLength(maskChar) ? maskChar : DataMaskingOperation.MASK_CHAR);
- }
- return sb.toString();
- } else {
- return str;
- }
- });
-
- private final DataMaskingOperation operation;
-
- private DataMaskingFunc(DataMaskingOperation operation) {
- this.operation = operation;
- }
-
- public DataMaskingOperation operation() {
- return this.operation;
- }
-
- }
-
- public final class DataMaskingSerializer extends StdScalarSerializer<Object> {
- private final DataMaskingOperation operation;
-
- public DataMaskingSerializer() {
- super(String.class, false);
- this.operation = null;
- }
-
- public DataMaskingSerializer(DataMaskingOperation operation) {
- super(String.class, false);
- this.operation = operation;
- }
-
-
- public boolean isEmpty(SerializerProvider prov, Object value) {
- String str = (String)value;
- return str.isEmpty();
- }
-
- public void serialize(Object value, JsonGenerator gen, SerializerProvider provider) throws IOException {
- if (Objects.isNull(operation)) {
- String content = DataMaskingFunc.ALL_MASK.operation().mask((String) value, null);
- gen.writeString(content);
- } else {
- String content = operation.mask((String) value, null);
- gen.writeString(content);
- }
- }
-
- public final void serializeWithType(Object value, JsonGenerator gen, SerializerProvider provider, TypeSerializer typeSer) throws IOException {
- this.serialize(value, gen, provider);
- }
-
- public JsonNode getSchema(SerializerProvider provider, Type typeHint) {
- return this.createSchemaNode("string", true);
- }
-
- public void acceptJsonFormatVisitor(JsonFormatVisitorWrapper visitor, JavaType typeHint) throws JsonMappingException {
- this.visitStringFormat(visitor, typeHint);
- }
- }
- @Slf4j
- public class DataMaskingAnnotationIntrospector extends NopAnnotationIntrospector {
-
- @Override
- public Object findSerializer(Annotated am) {
- DataMasking annotation = am.getAnnotation(DataMasking.class);
- if (annotation != null) {
- return new DataMaskingSerializer(annotation.maskFunc().operation());
- }
- return null;
- }
-
- }
- @Configuration(
- proxyBeanMethods = false
- )
- public class DataMaskConfiguration {
-
- @Configuration(
- proxyBeanMethods = false
- )
- @ConditionalOnClass({Jackson2ObjectMapperBuilder.class})
- static class JacksonObjectMapperConfiguration {
- JacksonObjectMapperConfiguration() {
- }
-
- @Bean
- @Primary
- ObjectMapper jacksonObjectMapper(Jackson2ObjectMapperBuilder builder) {
- ObjectMapper objectMapper = builder.createXmlMapper(false).build();
- AnnotationIntrospector ai = objectMapper.getSerializationConfig().getAnnotationIntrospector();
- AnnotationIntrospector newAi = AnnotationIntrospectorPair.pair(ai, new DataMaskingAnnotationIntrospector());
- objectMapper.setAnnotationIntrospector(newAi);
- return objectMapper;
- }
- }
-
- }
- public class User implements Serializable {
- /**
- * 主键ID
- */
- private Long id;
-
- /**
- * 姓名
- */
- @DataMasking(maskFunc = DataMaskingFunc.ALL_MASK)
- private String name;
-
- /**
- * 年龄
- */
- private Integer age;
-
- /**
- * 邮箱
- */
- @DataMasking(maskFunc = DataMaskingFunc.ALL_MASK)
- private String email;
-
- }
- 往期热门文章:
-
- 1、计算机专业会不会成为下一个土木?
- 2、xxl-job惊艳的设计,怎能叫人不爱
- 3、ArrayList#subList这四个坑,一不小心就中招
- 4、面试官:大量请求 Redis 不存在的数据,从而影响数据库,该如何解决?
- 5、MySQL 暴跌!
- 6、超越 Xshell!号称下一代 Terminal 终端神器,用完爱不释手!
- 7、IDEA 官宣全新默认 UI,太震撼了!!
- 8、让你直呼「卧槽」的 GitHub 项目!
- 9、Kafka又笨又重,为啥不选Redis?
- 10、50多个高频免费 API 接口分享
Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。