From af08632c37b10c0927cf3fb9c75fac0d3a58b9f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?=
<15040126243@163.com>
Date: Mon, 10 Jul 2023 18:20:05 +0800
Subject: [PATCH] =?UTF-8?q?add=20=E6=96=B0=E5=A2=9E=20=E8=AF=B7=E6=B1=82?=
=?UTF-8?q?=E5=8A=A0=E5=AF=86=E4=BC=A0=E8=BE=93=20=E5=90=88=E5=B9=B6?=
=?UTF-8?q?=E4=BC=98=E5=8C=96=20!pr377?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
ruoyi-admin/pom.xml | 7 ---
.../src/main/resources/application.yml | 6 +-
ruoyi-common/pom.xml | 1 -
ruoyi-common/ruoyi-common-bom/pom.xml | 6 --
ruoyi-common/ruoyi-common-cryptapi/pom.xml | 34 -----------
.../cryptapi/annotation/ApiDecrypt.java | 15 -----
.../cryptapi/config/ApiDecryptConfig.java | 47 ---------------
.../dromara/cryptapi/core/AesEncryptor.java | 57 -------------------
.../dromara/cryptapi/core/EncryptContext.java | 35 ------------
.../dromara/cryptapi/core/RsaEncryptor.java | 52 -----------------
.../dromara/cryptapi/enums/EncodeType.java | 13 -----
.../dromara/cryptapi/filter/CryptoFilter.java | 54 ------------------
.../cryptapi/handler/DecryptUrlHandler.java | 55 ------------------
...ot.autoconfigure.AutoConfiguration.imports | 1 -
.../config/ApiDecryptAutoConfiguration.java | 32 +++++++++++
.../common/encrypt/filter/CryptoFilter.java | 48 ++++++++++++++++
.../filter/DecryptRequestBodyWrapper.java | 31 ++++------
.../properties/ApiDecryptProperties.java | 4 +-
...ot.autoconfigure.AutoConfiguration.imports | 2 +
19 files changed, 98 insertions(+), 402 deletions(-)
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/pom.xml
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/annotation/ApiDecrypt.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/config/ApiDecryptConfig.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/AesEncryptor.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/EncryptContext.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/RsaEncryptor.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/enums/EncodeType.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/CryptoFilter.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/handler/DecryptUrlHandler.java
delete mode 100644 ruoyi-common/ruoyi-common-cryptapi/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
create mode 100644 ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java
create mode 100644 ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
rename ruoyi-common/{ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi => ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt}/filter/DecryptRequestBodyWrapper.java (65%)
rename ruoyi-common/{ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi => ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt}/properties/ApiDecryptProperties.java (86%)
diff --git a/ruoyi-admin/pom.xml b/ruoyi-admin/pom.xml
index 3d121c05..81933591 100644
--- a/ruoyi-admin/pom.xml
+++ b/ruoyi-admin/pom.xml
@@ -87,13 +87,6 @@
JustAuth
-
-
- org.dromara
- ruoyi-common-cryptapi
-
-
-
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index 878a9c30..03ca7eab 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -176,10 +176,10 @@ mybatis-encryptor:
# api接口加密
api-decrypt:
# 是否开启全局接口加密
- enable: false
+ enabled: true
# AES 加密头标识
- headerFlag: AES
- # 公私钥 非对称算法的公私钥 如:SM2,RSA
+ headerFlag: encrypt-key
+ # 公私钥 非对称算法的公私钥 如:SM2,RSA 使用者请自行更换
publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ==
privateKey: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y=
diff --git a/ruoyi-common/pom.xml b/ruoyi-common/pom.xml
index e77ea237..45493d3e 100644
--- a/ruoyi-common/pom.xml
+++ b/ruoyi-common/pom.xml
@@ -33,7 +33,6 @@
ruoyi-common-encrypt
ruoyi-common-tenant
ruoyi-common-websocket
- ruoyi-common-cryptapi
ruoyi-common
diff --git a/ruoyi-common/ruoyi-common-bom/pom.xml b/ruoyi-common/ruoyi-common-bom/pom.xml
index 5014954d..ef8afda5 100644
--- a/ruoyi-common/ruoyi-common-bom/pom.xml
+++ b/ruoyi-common/ruoyi-common-bom/pom.xml
@@ -172,12 +172,6 @@
${revision}
-
-
- org.dromara
- ruoyi-common-cryptapi
- ${revision}
-
diff --git a/ruoyi-common/ruoyi-common-cryptapi/pom.xml b/ruoyi-common/ruoyi-common-cryptapi/pom.xml
deleted file mode 100644
index ee0c5777..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/pom.xml
+++ /dev/null
@@ -1,34 +0,0 @@
-
-
-
- org.dromara
- ruoyi-common
- ${revision}
-
- 4.0.0
-
- ruoyi-common-cryptapi
-
-
- ruoyi-common-cryptapi 接口请求参数加密模块
-
-
-
-
-
- org.dromara
- ruoyi-common-core
-
-
- cn.hutool
- hutool-crypto
-
-
- org.springframework
- spring-webmvc
-
-
-
-
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/annotation/ApiDecrypt.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/annotation/ApiDecrypt.java
deleted file mode 100644
index 2e2bdee7..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/annotation/ApiDecrypt.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.dromara.cryptapi.annotation;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-/**
- * 当标有当前注解的接口,接口穿参为加密字符串,进行解密后为dto对象, 不影响后续参数校验。
- * @author wdhcr
- */
-@Retention(RetentionPolicy.RUNTIME)
-@Target(ElementType.METHOD)
-public @interface ApiDecrypt {
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/config/ApiDecryptConfig.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/config/ApiDecryptConfig.java
deleted file mode 100644
index c74339b8..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/config/ApiDecryptConfig.java
+++ /dev/null
@@ -1,47 +0,0 @@
-package org.dromara.cryptapi.config;
-
-import cn.hutool.core.collection.CollectionUtil;
-import jakarta.servlet.DispatcherType;
-import lombok.RequiredArgsConstructor;
-import org.dromara.cryptapi.filter.CryptoFilter;
-import org.dromara.cryptapi.handler.DecryptUrlHandler;
-import org.dromara.cryptapi.properties.ApiDecryptProperties;
-import org.springframework.boot.autoconfigure.AutoConfiguration;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
-
-import java.util.HashMap;
-import java.util.List;
-
-@AutoConfiguration
-@RequiredArgsConstructor
-@EnableConfigurationProperties(ApiDecryptProperties.class)
-public class ApiDecryptConfig {
-
- private final DecryptUrlHandler decryptUrlHandler;
-
- private final ApiDecryptProperties apiDecryptProperties;
-
- @Bean
- public FilterRegistrationBean cryptoFilterRegistration() {
- FilterRegistrationBean registration = new FilterRegistrationBean<>();
- registration.setDispatcherTypes(DispatcherType.REQUEST);
- registration.setFilter(new CryptoFilter());
- List urls = decryptUrlHandler.getUrls();
- if (CollectionUtil.isNotEmpty(urls) || apiDecryptProperties.getEnable()) {
- registration.setEnabled(true);
- registration.addUrlPatterns(urls.toArray(new String[0]));
- } else {
- registration.setEnabled(false);
- }
- registration.setName("cryptoFilter");
- HashMap param = new HashMap<>();
- param.put(CryptoFilter.CRYPTO_PUBLIC_KEY, apiDecryptProperties.getPublicKey());
- param.put(CryptoFilter.CRYPTO_PRIVATE_KEY, apiDecryptProperties.getPrivateKey());
- param.put(CryptoFilter.CRYPTO_HEADER_FLAG, apiDecryptProperties.getHeaderFlag());
- registration.setInitParameters(param);
- registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
- return registration;
- }
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/AesEncryptor.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/AesEncryptor.java
deleted file mode 100644
index 29b4f4b4..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/AesEncryptor.java
+++ /dev/null
@@ -1,57 +0,0 @@
-package org.dromara.cryptapi.core;
-
-import cn.hutool.core.util.ArrayUtil;
-import cn.hutool.core.util.StrUtil;
-import cn.hutool.crypto.SecureUtil;
-import cn.hutool.crypto.symmetric.AES;
-import org.dromara.cryptapi.enums.EncodeType;
-
-import java.nio.charset.StandardCharsets;
-
-/**
- * AES算法实现
- *
- * @author 老马
- * @version 4.6.0
- */
-public class AesEncryptor {
-
- private final AES aes;
-
- public AesEncryptor(EncryptContext context) {
- String password = context.getPassword();
- if (StrUtil.isBlank(password)) {
- throw new IllegalArgumentException("AES没有获得秘钥信息");
- }
- // aes算法的秘钥要求是16位、24位、32位
- int[] array = {16, 24, 32};
- if (!ArrayUtil.contains(array, password.length())) {
- throw new IllegalArgumentException("AES秘钥长度应该为16位、24位、32位,实际为" + password.length() + "位");
- }
- aes = SecureUtil.aes(context.getPassword().getBytes(StandardCharsets.UTF_8));
- }
-
-
- /**
- * 加密
- *
- * @param value 待加密字符串
- * @param encodeType 加密后的编码格式
- */
- public String encrypt(String value, EncodeType encodeType) {
- if (encodeType == EncodeType.HEX) {
- return aes.encryptHex(value);
- } else {
- return aes.encryptBase64(value);
- }
- }
-
- /**
- * 解密
- *
- * @param value 待加密字符串
- */
- public String decrypt(String value) {
- return this.aes.decryptStr(value);
- }
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/EncryptContext.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/EncryptContext.java
deleted file mode 100644
index 76804adb..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/EncryptContext.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package org.dromara.cryptapi.core;
-
-import lombok.Data;
-import org.dromara.cryptapi.enums.EncodeType;
-
-/**
- * 加密上下文 用于encryptor传递必要的参数。
- *
- * @author 老马
- * @version 4.6.0
- */
-@Data
-public class EncryptContext {
-
- /**
- * 安全秘钥
- */
- private String password;
-
- /**
- * 公钥
- */
- private String publicKey;
-
- /**
- * 私钥
- */
- private String privateKey;
-
- /**
- * 编码方式,base64/hex
- */
- private EncodeType encode;
-
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/RsaEncryptor.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/RsaEncryptor.java
deleted file mode 100644
index 9f8806d1..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/core/RsaEncryptor.java
+++ /dev/null
@@ -1,52 +0,0 @@
-package org.dromara.cryptapi.core;
-
-import cn.hutool.core.codec.Base64;
-import cn.hutool.crypto.SecureUtil;
-import cn.hutool.crypto.asymmetric.KeyType;
-import cn.hutool.crypto.asymmetric.RSA;
-import org.dromara.common.core.utils.StringUtils;
-import org.dromara.cryptapi.enums.EncodeType;
-
-
-/**
- * RSA算法实现
- *
- * @author 老马
- * @version 4.6.0
- */
-public class RsaEncryptor {
-
- private final RSA rsa;
-
- public RsaEncryptor(EncryptContext context) {
- String privateKey = context.getPrivateKey();
- String publicKey = context.getPublicKey();
- if (StringUtils.isAnyEmpty(privateKey, publicKey)) {
- throw new IllegalArgumentException("RSA公私钥均需要提供,公钥加密,私钥解密。");
- }
- this.rsa = SecureUtil.rsa(Base64.decode(privateKey), Base64.decode(publicKey));
- }
-
- /**
- * 加密
- *
- * @param value 待加密字符串
- * @param encodeType 加密后的编码格式
- */
- public String encrypt(String value, EncodeType encodeType) {
- if (encodeType == EncodeType.HEX) {
- return rsa.encryptHex(value, KeyType.PublicKey);
- } else {
- return rsa.encryptBase64(value, KeyType.PublicKey);
- }
- }
-
- /**
- * 解密
- *
- * @param value 待加密字符串
- */
- public String decrypt(String value) {
- return this.rsa.decryptStr(value, KeyType.PrivateKey);
- }
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/enums/EncodeType.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/enums/EncodeType.java
deleted file mode 100644
index 7ee356af..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/enums/EncodeType.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package org.dromara.cryptapi.enums;
-
-public enum EncodeType {
- /**
- * base64编码
- */
- BASE64,
-
- /**
- * 16进制编码
- */
- HEX
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/CryptoFilter.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/CryptoFilter.java
deleted file mode 100644
index b96e74db..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/CryptoFilter.java
+++ /dev/null
@@ -1,54 +0,0 @@
-package org.dromara.cryptapi.filter;
-
-import jakarta.servlet.*;
-import jakarta.servlet.http.HttpServletRequest;
-import lombok.SneakyThrows;
-import org.dromara.common.core.utils.StringUtils;
-import org.dromara.cryptapi.core.EncryptContext;
-import org.dromara.cryptapi.core.RsaEncryptor;
-import org.springframework.http.HttpMethod;
-import org.springframework.http.MediaType;
-
-import java.util.Objects;
-
-
-/**
- * Crypto 过滤器
- *
- * @author wdhcr
- */
-public class CryptoFilter implements Filter {
-
- public static final String CRYPTO_PUBLIC_KEY = "publicKey";
- public static final String CRYPTO_PRIVATE_KEY = "privateKey";
- public static final String CRYPTO_HEADER_FLAG = "headerFlag";
- private RsaEncryptor rsaEncryptor;
- private String headerFlag;
-
-
- @Override
- public void init(FilterConfig filterConfig) {
- EncryptContext encryptContext = new EncryptContext();
- encryptContext.setPublicKey(filterConfig.getInitParameter(CryptoFilter.CRYPTO_PUBLIC_KEY));
- encryptContext.setPrivateKey(filterConfig.getInitParameter(CryptoFilter.CRYPTO_PRIVATE_KEY));
- headerFlag = filterConfig.getInitParameter(CryptoFilter.CRYPTO_HEADER_FLAG);
- rsaEncryptor = new RsaEncryptor(encryptContext);
- }
-
- @SneakyThrows
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) {
- ServletRequest requestWrapper = null;
- HttpServletRequest httpServletRequest = (HttpServletRequest) request;
- if (StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)
- && (HttpMethod.PUT.matches(httpServletRequest.getMethod()) || HttpMethod.POST.matches(httpServletRequest.getMethod()))) {
- requestWrapper = new DecryptRequestBodyWrapper(httpServletRequest, rsaEncryptor, headerFlag);
- }
- chain.doFilter(Objects.requireNonNullElse(requestWrapper, request), response);
- }
-
- @Override
- public void destroy() {
-
- }
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/handler/DecryptUrlHandler.java b/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/handler/DecryptUrlHandler.java
deleted file mode 100644
index cf01ea79..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/handler/DecryptUrlHandler.java
+++ /dev/null
@@ -1,55 +0,0 @@
-package org.dromara.cryptapi.handler;
-
-import cn.hutool.core.collection.CollectionUtil;
-import cn.hutool.core.util.ReUtil;
-import lombok.Data;
-import lombok.RequiredArgsConstructor;
-import org.dromara.cryptapi.annotation.ApiDecrypt;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.stereotype.Component;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.method.HandlerMethod;
-import org.springframework.web.servlet.mvc.condition.PathPatternsRequestCondition;
-import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
-import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
-
-import java.util.*;
-import java.util.regex.Pattern;
-
-/**
- * 获取需要解密的Url配置
- *
- * @author wdhcr
- */
-@Data
-@Component
-@RequiredArgsConstructor
-public class DecryptUrlHandler implements InitializingBean {
-
- private static final Pattern PATTERN = Pattern.compile("\\{(.*?)}");
-
- private List urls = new ArrayList<>();
-
- private final RequestMappingHandlerMapping requestMappingHandlerMapping;
-
- @Override
- public void afterPropertiesSet() {
- Set set = new HashSet<>();
- Map map = requestMappingHandlerMapping.getHandlerMethods();
- List requestMappingInfos = map.entrySet().stream().filter(item -> {
- HandlerMethod method = item.getValue();
- ApiDecrypt decrypt = method.getMethodAnnotation(ApiDecrypt.class);
- // 标有解密注解的并且是post 或者put 请求的handler
- return decrypt != null && CollectionUtil.containsAny(item.getKey().getMethodsCondition().getMethods(), Arrays.asList(RequestMethod.PUT, RequestMethod.POST));
- }).map(Map.Entry::getKey).toList();
- requestMappingInfos.forEach(info -> {
- // 获取注解上边的 path 替代 path variable 为 *
- Optional.ofNullable(info.getPathPatternsCondition())
- .map(PathPatternsRequestCondition::getPatterns)
- .orElseGet(HashSet::new)
- .forEach(url -> set.add(ReUtil.replaceAll(url.getPatternString(), PATTERN, "*")));
- });
- urls.addAll(set);
- }
-
-}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/ruoyi-common/ruoyi-common-cryptapi/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
deleted file mode 100644
index 533d4be7..00000000
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
+++ /dev/null
@@ -1 +0,0 @@
-org.dromara.cryptapi.config.ApiDecryptConfig
diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java
new file mode 100644
index 00000000..098f6bc8
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java
@@ -0,0 +1,32 @@
+package org.dromara.common.encrypt.config;
+
+import jakarta.servlet.DispatcherType;
+import org.dromara.common.encrypt.filter.CryptoFilter;
+import org.dromara.common.encrypt.properties.ApiDecryptProperties;
+import org.springframework.boot.autoconfigure.AutoConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+
+/**
+ * api 解密自动配置
+ *
+ * @author wdhcr
+ */
+@AutoConfiguration
+@EnableConfigurationProperties(ApiDecryptProperties.class)
+@ConditionalOnProperty(value = "api-decrypt.enabled", havingValue = "true")
+public class ApiDecryptAutoConfiguration {
+
+ @Bean
+ public FilterRegistrationBean cryptoFilterRegistration(ApiDecryptProperties properties) {
+ FilterRegistrationBean registration = new FilterRegistrationBean<>();
+ registration.setDispatcherTypes(DispatcherType.REQUEST);
+ registration.setFilter(new CryptoFilter(properties));
+ registration.addUrlPatterns("/*");
+ registration.setName("cryptoFilter");
+ registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
+ return registration;
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
new file mode 100644
index 00000000..6d039bb1
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
@@ -0,0 +1,48 @@
+package org.dromara.common.encrypt.filter;
+
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.encrypt.properties.ApiDecryptProperties;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.MediaType;
+
+import java.io.IOException;
+import java.util.Objects;
+
+
+/**
+ * Crypto 过滤器
+ *
+ * @author wdhcr
+ */
+public class CryptoFilter implements Filter {
+ private final ApiDecryptProperties properties;
+
+ public CryptoFilter(ApiDecryptProperties properties) {
+ this.properties = properties;
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ ServletRequest requestWrapper = null;
+ HttpServletRequest servletRequest = (HttpServletRequest) request;
+ // 是否为 json 请求
+ if (StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
+ // 是否为 put 或者 post 请求
+ if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) {
+ // 是否存在加密标头
+ String headerValue = servletRequest.getHeader(properties.getHeaderFlag());
+ if (StringUtils.isNotBlank(headerValue)) {
+ requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPublicKey(), properties.getPrivateKey(), properties.getHeaderFlag());
+ }
+ }
+ }
+ chain.doFilter(Objects.requireNonNullElse(requestWrapper, request), response);
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/DecryptRequestBodyWrapper.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java
similarity index 65%
rename from ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/DecryptRequestBodyWrapper.java
rename to ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java
index 8d014c8d..fa9a3107 100644
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/filter/DecryptRequestBodyWrapper.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java
@@ -1,18 +1,12 @@
-package org.dromara.cryptapi.filter;
+package org.dromara.common.encrypt.filter;
-import cn.hutool.core.codec.Base64;
import cn.hutool.core.io.IoUtil;
import jakarta.servlet.ReadListener;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import org.dromara.common.core.constant.Constants;
-import org.dromara.common.core.exception.base.BaseException;
-import org.dromara.common.core.utils.StringUtils;
-import org.dromara.cryptapi.core.AesEncryptor;
-import org.dromara.cryptapi.core.EncryptContext;
-import org.dromara.cryptapi.core.RsaEncryptor;
-import org.dromara.cryptapi.enums.EncodeType;
+import org.dromara.common.encrypt.utils.EncryptUtils;
import org.springframework.http.MediaType;
import java.io.BufferedReader;
@@ -30,21 +24,18 @@ public class DecryptRequestBodyWrapper extends HttpServletRequestWrapper {
private final byte[] body;
- public DecryptRequestBodyWrapper(HttpServletRequest request, RsaEncryptor rsaEncryptor, String headerFlag) throws IOException {
+ public DecryptRequestBodyWrapper(HttpServletRequest request, String publicKey, String privateKey, String headerFlag) throws IOException {
super(request);
- String requestRsa = request.getHeader(headerFlag);
- if (StringUtils.isEmpty(requestRsa)) {
- throw new BaseException("加密AES的动态密码不能为空");
- }
- String decryptAes = new String(Base64.decode(rsaEncryptor.decrypt(requestRsa)));
+ // 获取 AES 密码 采用 RSA 加密
+ String headerRsa = request.getHeader(headerFlag);
+ String decryptAes = EncryptUtils.decryptByRsa(headerRsa, privateKey);
+ // 解密 AES 密码
+ String aesPassword = EncryptUtils.decryptByBase64(decryptAes);
request.setCharacterEncoding(Constants.UTF8);
byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false);
- String requestBody = StringUtils.toEncodedString(readBytes, StandardCharsets.UTF_8);
- EncryptContext encryptContext = new EncryptContext();
- encryptContext.setPassword(decryptAes);
- encryptContext.setEncode(EncodeType.BASE64);
- AesEncryptor aesEncryptor = new AesEncryptor(encryptContext);
- String decryptBody = aesEncryptor.decrypt(requestBody);
+ String requestBody = new String(readBytes, StandardCharsets.UTF_8);
+ // 解密 body 采用 AES 加密
+ String decryptBody = EncryptUtils.decryptByAes(requestBody, aesPassword);
body = decryptBody.getBytes(StandardCharsets.UTF_8);
}
diff --git a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/properties/ApiDecryptProperties.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
similarity index 86%
rename from ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/properties/ApiDecryptProperties.java
rename to ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
index f7dc6b0b..9e25b7b9 100644
--- a/ruoyi-common/ruoyi-common-cryptapi/src/main/java/org/dromara/cryptapi/properties/ApiDecryptProperties.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
@@ -1,4 +1,4 @@
-package org.dromara.cryptapi.properties;
+package org.dromara.common.encrypt.properties;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
@@ -14,7 +14,7 @@ public class ApiDecryptProperties {
/**
* 加密开关
*/
- private Boolean enable;
+ private Boolean enabled;
/**
* 头部标识
diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
index fe37589d..132cf295 100644
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -1 +1,3 @@
org.dromara.common.encrypt.config.EncryptorAutoConfiguration
+org.dromara.common.encrypt.config.ApiDecryptAutoConfiguration
+