当前位置:   article > 正文

Java:SpringBoot使用AES对JSON数据加密和解密_json加密解密

json加密解密

1、加密解密原理

客户端和服务端都可以加密和解密,使用base64进行网络传输

加密方

字符串 -> AES加密 -> base64
  • 1

解密方

base64 -> AES解密 -> 字符串
  • 1

2、项目示例

2.1、项目结构

$ tree -I target -I test
.
├── pom.xml
└── src
    └── main
        ├── java
        │   └── com
        │       └── example
        │           └── demo
        │               ├── Application.java
        │               ├── annotation
        │               │   └── SecretData.java
        │               ├── config
        │               │   ├── CrossConfig.java
        │               │   ├── DecryptRequestBodyAdvice.java
        │               │   ├── EncryptResponseBodyAdvice.java
        │               │   ├── SecretConfig.java
        │               │   └── WebMvcConfig.java
        │               ├── controller
        │               │   ├── IndexController.java
        │               │   └── UserController.java
        │               ├── request
        │               │   └── JsonRequest.java
        │               ├── response
        │               │   ├── JsonResult.java
        │               │   └── JsonResultVO.java
        │               ├── service
        │               │   ├── SecretDataService.java
        │               │   └── impl
        │               │       └── SecretDataServiceImpl.java
        │               └── utils
        │                   └── CipherUtil.java
        └── resources
            ├── application.yml
            ├── static
            │   ├── axios.min.js
            │   └── crypto-js.min.js
            └── templates
                └── index.html
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39

2.2、常规业务代码

pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.7</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>

    <groupId>com.example</groupId>
    <artifactId>demo</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>demo</name>
    <description>Demo project for Spring Boot</description>

    <properties>
        <java.version>1.8</java.version>
        <mybatis-plus.version>3.5.2</mybatis-plus.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>

        <dependency>
            <groupId>commons-codec</groupId>
            <artifactId>commons-codec</artifactId>
            <version>1.15</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>

        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-devtools</artifactId>
            <scope>runtime</scope>
            <optional>true</optional>
        </dependency>

        <!-- test -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>

        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85

Application.java

package com.example.demo;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13

WebMvcConfig.java

package com.example.demo.config;


import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

@Slf4j
@Configuration
public class WebMvcConfig extends WebMvcConfigurationSupport {

    // 设置静态资源映射
    @Override
    protected void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/static/**")
                .addResourceLocations("classpath:/static/");
    }
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19

CrossConfig.java

package com.example.demo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
 * 处理跨域问题
 */
@Configuration
public class CrossConfig {
    @Bean
    public CorsFilter corsFilter() {
        CorsConfiguration config = new CorsConfiguration();
        config.addAllowedOrigin("*");
        config.setAllowCredentials(false);
        config.addAllowedMethod("*");
        config.addAllowedHeader("*");
        config.setMaxAge(3600L);

        UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
        configSource.registerCorsConfiguration("/**", config);
        return new CorsFilter(configSource);
    }
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27

JsonRequest.java

package com.example.demo.request;

import lombok.Data;

/**
 * 统一的请求体数据
 */
@Data
public class JsonRequest {
    /**
     * 未加密数据
     */
    private Object data;
    /**
     * 加密数据
     */
    private String encryptData;
}


  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20

JsonResult.java

package com.example.demo.response;

import lombok.Data;

/**
 * 统一的返回体数据 不加密
 */
@Data
public class JsonResult<T> {
    private String message;

    private T data;

    private Integer code;

    public static <T> JsonResult success(T data){
        JsonResult<T> jsonResult = new JsonResult<>();
        jsonResult.setCode(0);
        jsonResult.setData(data);
        jsonResult.setMessage("success");
        return jsonResult;
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24

JsonResultVO.java

package com.example.demo.response;

import lombok.Data;

/**
 * 统一的返回体数据 加密
 */
@Data
public class JsonResultVO {
    private String message;

    private String encryptData;

    private Integer code;
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16

IndexController.java

package com.example.demo.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;

@Controller
public class IndexController {
    @GetMapping("/")
    public String index(){
        return "index";
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13

UserController.java

package com.example.demo.controller;

import com.example.demo.annotation.SecretData;
import com.example.demo.response.JsonResult;
import org.springframework.web.bind.annotation.*;

import java.util.HashMap;
import java.util.Map;

/**
 * 对该Controller中的所有方法进行加解密处理
 */
@RestController
@SecretData
public class UserController {

    @GetMapping("/user/getUser")
    public JsonResult getUser() {
        Map<String, String> user = new HashMap<>();
        user.put("name", "Tom");
        user.put("age", "18");

        return JsonResult.success(user);
    }

    @PostMapping("/user/addUser")
    public Object addUser(@RequestBody Map<String, String> data) {
        System.out.println(data);
        return data;
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32

2.3、加密的实现

application.yml

secret:
  key: 1234567890123456 # 密钥位数为16位
  enabled: true # 开启加解密功能
  • 1
  • 2
  • 3

SecretData.java

package com.example.demo.annotation;


import org.springframework.web.bind.annotation.Mapping;

import java.lang.annotation.*;

/**
 * 只有添加有该注解的Controller类或是具体接口方法才进行数据的加密解密
 */
@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Mapping
@Documented
public @interface SecretData {

}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17

DecryptRequestBodyAdvice.java

package com.example.demo.config;

import com.example.demo.annotation.SecretData;
import com.example.demo.request.JsonRequest;
import com.example.demo.service.SecretDataService;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAdapter;

import javax.annotation.Resource;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;

/**
 * 对请求内容进行解密
 * 只有开启了加解密功能才会生效
 * 仅对使用了@RqestBody注解的生效
 * https://blog.csdn.net/xingbaozhen1210/article/details/98189562
 */
@ControllerAdvice
// @ConditionalOnProperty(name = "secret.enabled", havingValue = "true")
public class DecryptRequestBodyAdvice extends RequestBodyAdviceAdapter {

    @Resource
    private SecretDataService secretDataService;

    @Override
    public boolean supports(MethodParameter methodParameter, Type targetType,
                            Class<? extends HttpMessageConverter<?>> converterType) {
        return methodParameter.getMethod().isAnnotationPresent(SecretData.class)
                || methodParameter.getMethod().getDeclaringClass().isAnnotationPresent(SecretData.class);
    }

    @Override
    public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
                                           Class<? extends HttpMessageConverter<?>> converterType) throws IOException {
        System.out.println("beforeBodyRead");

        String body = inToString(inputMessage.getBody());
        System.out.println(body);

        ObjectMapper objectMapper = new ObjectMapper();
        JsonRequest jsonRequest = objectMapper.readValue(body, JsonRequest.class);

        // 默认取data数据,如果提交加密数据则解密
        String decryptData = null;
        if (jsonRequest.getEncryptData() != null) {
            decryptData = secretDataService.decrypt(jsonRequest.getEncryptData());
        } else{
            decryptData = objectMapper.writeValueAsString(jsonRequest.getData());
        }

        String data = decryptData;

        // 解密后的数据
        System.out.println(data);

        return new HttpInputMessage() {
            @Override
            public HttpHeaders getHeaders() {
                return inputMessage.getHeaders();
            }

            @Override
            public InputStream getBody() throws IOException {
                return new ByteArrayInputStream(data.getBytes());
            }
        };
    }

    /**
     * 读取输入流为字符串
     *
     * @param is
     * @return
     */
    private String inToString(InputStream is) {
        byte[] buf = new byte[10 * 1024];
        int length = -1;
        StringBuilder sb = new StringBuilder();
        try {
            while ((length = is.read(buf)) != -1) {
                sb.append(new String(buf, 0, length));
            }
            return sb.toString();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98

EncryptResponseBodyAdvice.java

package com.example.demo.config;

import com.example.demo.annotation.SecretData;
import com.example.demo.response.JsonResult;
import com.example.demo.response.JsonResultVO;
import com.example.demo.service.SecretDataService;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.SneakyThrows;
import org.springframework.beans.BeanUtils;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

import javax.annotation.Resource;

/**
 * 对响应内容加密
 */
@ControllerAdvice
@ConditionalOnProperty(name = "secret.enabled", havingValue = "true")
public class EncryptResponseBodyAdvice implements ResponseBodyAdvice<Object> {

    @Resource
    private SecretDataService secretDataService;

    @Override
    public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
        return returnType.getMethod().isAnnotationPresent(SecretData.class)
                || returnType.getMethod().getDeclaringClass().isAnnotationPresent(SecretData.class);
    }


    @SneakyThrows
    @Override
    public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
                                  Class<? extends HttpMessageConverter<?>> selectedConverterType,
                                  ServerHttpRequest request, ServerHttpResponse response) {
        System.out.println("beforeBodyWrite");

        // 仅对JsonResult对象数据加密
        if (body instanceof JsonResult) {
            JsonResult jsonResult = (JsonResult) body;

            JsonResultVO jsonResultVO = new JsonResultVO();
            BeanUtils.copyProperties(jsonResult, jsonResultVO);

            String jsonStr = new ObjectMapper().writeValueAsString(jsonResult.getData());

            jsonResultVO.setEncryptData(secretDataService.encrypt(jsonStr));
            return jsonResultVO;
        } else {
            return body;
        }
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61

SecretConfig.java

package com.example.demo.config;

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;

@Configuration
@ConfigurationProperties(prefix = "secret")
public class SecretConfig {

    private Boolean enabled;

    private String key;

    public Boolean getEnabled() {
        return enabled;
    }

    public void setEnabled(Boolean enabled) {
        this.enabled = enabled;
    }

    public String getKey() {
        return key;
    }

    public void setKey(String key) {
        this.key = key;
    }

}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31

SecretDataService.java

package com.example.demo.service;

/**
 * 加密解密的接口
 */
public interface SecretDataService {
    /**
     * 数据加密
     *
     * @param data 待加密数据
     * @return String 加密结果
     */
    String encrypt(String data);

    /**
     * 数据解密
     *
     * @param data 待解密数据
     * @return String 解密后的数据
     */
    String decrypt(String data);
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23

SecretDataServiceImpl.java

package com.example.demo.service.impl;


import com.example.demo.config.SecretConfig;
import com.example.demo.service.SecretDataService;
import com.example.demo.utils.CipherUtil;
import org.springframework.stereotype.Service;

import javax.annotation.Resource;

/**
 * 具体的加解密实现
 */
@Service
public class SecretDataServiceImpl implements SecretDataService {
    @Resource
    private SecretConfig secretConfig;

    @Override
    public String decrypt(String data) {
        return CipherUtil.decrypt(secretConfig.getKey(), data);
    }

    @Override
    public String encrypt(String data) {
        return CipherUtil.encrypt(secretConfig.getKey(), data);
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29

CipherUtil.java

package com.example.demo.utils;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.Charset;
import java.util.Base64;

/**
 * 数据加密解密工具类
 * 加密后返回base64
 */
public class CipherUtil {
    /**
     * 定义加密算法
     */
    private static final String ALGORITHM = "AES/ECB/PKCS5Padding";

    /**
     * 解密
     *
     * @param secretKey
     * @param cipherText base64
     * @return
     */
    public static String decrypt(String secretKey, String cipherText) {
        // 将Base64编码的密文解码
        byte[] encrypted = Base64.getDecoder().decode(cipherText);

        try {
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            SecretKeySpec key = new SecretKeySpec(secretKey.getBytes(), "AES");
            cipher.init(Cipher.DECRYPT_MODE, key);
            return new String(cipher.doFinal(encrypted));

        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /**
     * 加密
     *
     * @param secretKey
     * @param plainText base64
     * @return
     */
    public static String encrypt(String secretKey, String plainText) {
        try {
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            SecretKeySpec key = new SecretKeySpec(secretKey.getBytes(), "AES");
            cipher.init(Cipher.ENCRYPT_MODE, key);
            return Base64.getEncoder().encodeToString(cipher.doFinal(plainText.getBytes(Charset.forName("UTF-8"))));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58

浏览器中实现加密解密

templates/index.html

<!DOCTYPE html>
<html lang="zh" xmlns:th="http://www.thymeleaf.org">
  <head>
    <meta charset="UTF-8" />
    <title>接口数据加密解密</title>
  </head>
  <body>
    <!-- 引入依赖 -->
    <!-- <script src="https://cdn.bootcdn.net/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script> -->
    <script src="/static/crypto-js.min.js"></script>
    <!-- <script src="https://cdn.bootcdn.net/ajax/libs/axios/1.3.6/axios.min.js"></script> -->
    <script src="/static/axios.min.js"></script>

    <h1>查看控制台</h1>
    
    <!-- 加密解密模块 -->
    <script type="text/javascript">
      const SECRET_KEY = "1234567890123456";

      /**
       * 加密方法
       * @param data 待加密数据
       * @returns {string|*}
       */
      function encrypt(data) {
        let key = CryptoJS.enc.Utf8.parse(SECRET_KEY);

        if (typeof data === "object") {
          data = JSON.stringify(data);
        }
        let plainText = CryptoJS.enc.Utf8.parse(data);

        let secretText = CryptoJS.AES.encrypt(plainText, key, {
          mode: CryptoJS.mode.ECB,
          padding: CryptoJS.pad.Pkcs7
        }).toString();

        return secretText;
      }

      /**
       * 解密数据
       * @param data 待解密数据
       */
      function decrypt(data) {
        let key = CryptoJS.enc.Utf8.parse(SECRET_KEY);

        let result = CryptoJS.AES.decrypt(data, key, {
          mode: CryptoJS.mode.ECB,
          padding: CryptoJS.pad.Pkcs7
        }).toString(CryptoJS.enc.Utf8);

        return JSON.parse(result);
      }
    </script>

    <!-- http请求模块 -->
    <script type="text/javascript">
      // 获取加密数据并解密
      axios.get("http://127.0.0.1:8080/user/getUser").then((res) => {
        console.log("接收到api返回加密数据:");
        console.log(decrypt(res.data.encryptData));
      });

      // 提交加密参数
      const data = {
        name: "Tom",
        age: "18",
      };

      axios
        .post("http://127.0.0.1:8080/user/addUser", {
          encryptData: encrypt(data),
        })
        .then((res) => {
          console.log("接收到api返回未加密数据:");
          console.log(res.data);
        });
    </script>
  </body>
</html>
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81

2.4、接口测试

  • 开发环境不加密更易于开发调试
  • 生产环境需要数据加密

前后端都可以通过参数 encryptData 判断对方提交/返回的数据是否为加密数据,如果是加密数据则进行解密操作

接口返回加密数据

GET http://127.0.0.1:8080/user/getUser
  • 1

未加密的数据

{
    "message": "success",
    "data": {
        "name": "Tom",
        "age": "18"
    },
    "code": 0
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8

返回数据

{
    "message": "success",
    "encryptData": "kun2Wvk2LNKICaXIeIExA7jKRyqOV0qCv5KQXFOzfpQ=",
    "code": 0
}
  • 1
  • 2
  • 3
  • 4
  • 5

客户端提交参数

POST http://127.0.0.1:8080/user/addUser
  • 1

提交数据

{
    "data": {
        "name": "Tom",
        "age": "18"
    }
}
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6

提交加密数据

{
    "encryptData": "kun2Wvk2LNKICaXIeIExA7jKRyqOV0qCv5KQXFOzfpQ="
}
  • 1
  • 2
  • 3

2.5、总结

服务端

  • 全局开关:通过控制secret.enabled=true全局开启返回数据加密
  • 全局局部:可以通过SecretData或者自定义PassSecretData来控制单个控制器或者单个接口的需要或不需要加密

客户端

  • 可以根据开发环境、测试环境、生产环境来控制是否开启加密
  • 需要注意,FormData传输文件的数据格式可以考虑不加密

相同点

  • 服务端和客户端都通过对方传输的encryptData来判断是否为加密数据
  • 服务端和客户端都可以根据自己的环境来决定是否开启数据加密

完整代码:https://github.com/mouday/spring-boot-demo/tree/master/SpringBoot-Secret

参考文章

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/菜鸟追梦旅行/article/detail/581779
推荐阅读
相关标签
  

闽ICP备14008679号