一、基本说明

  1.请求方式:POST请求。注解@PostMapping

  2.入参格式:json串

  3.出参格式:json串(整体加密)

  4.使用Base64进行加密解密。具体的加密方式,可以根据需求自己进行修改。

二、过滤器

说明:接收数据时:所有的数据是加密的,请求进来后,先在过滤器中进行拦截解密,之后进行后续操作。

   响应数据时:所有的数据向客户端或者web响应时,先在过滤器中进行拦截加密,之后再响应。

   加密解密的操作在过滤器中执行。

注意:ServletRequest request, ServletResponse response 不能直接修改参数,所以采用包装类进行设置。

具体代码:import java.io.BufferedReader;

  1. import java.io.IOException;
  2. import java.io.PrintWriter;
  3. import java.util.Base64;
  4. import javax.servlet.Filter;
  5. import javax.servlet.FilterChain;
  6. import javax.servlet.FilterConfig;
  7. import javax.servlet.ServletException;
  8. import javax.servlet.ServletRequest;
  9. import javax.servlet.ServletResponse;
  10. import javax.servlet.annotation.WebFilter;
  11. import javax.servlet.http.HttpServletRequest;
  12. import javax.servlet.http.HttpServletResponse;
  13. import org.springframework.stereotype.Component;
  14. import com.lmbx.conf.WrapperedRequest;
  15. import com.lmbx.conf.WrapperedResponse;
  16. import lombok.extern.slf4j.Slf4j;
  17. @Component
  18. @WebFilter(urlPatterns = { "/*" }, filterName = "DataFilter")
  19. @Slf4j
  20. public class DataFilter implements Filter {
  21. @Override
  22. public void init(FilterConfig filterConfig) throws ServletException {
  23. // TODO Auto-generated method stub
  24. }
  25. @Override
  26. public void doFilter(ServletRequest request, ServletResponse response,
  27. FilterChain chain) throws IOException, ServletException {
  28. String requestBody = getRequestBody((HttpServletRequest) request);
  29. //解密请求报文
  30. String requestBodyMw = new String(Base64.getDecoder().decode(requestBody), "utf-8");
  31. log.info("解密请求数据:"+requestBodyMw);
  32. WrapperedRequest wrapRequest = new WrapperedRequest( (HttpServletRequest) request, requestBodyMw);
  33. WrapperedResponse wrapResponse = new WrapperedResponse((HttpServletResponse) response);
  34. chain.doFilter(wrapRequest, wrapResponse);
  35. byte[] data = wrapResponse.getResponseData();
  36. log.info("原始返回数据: " + new String(data, "utf-8"));
  37. // 加密返回报文
  38. String responseBodyMw = Base64.getEncoder().encodeToString(data);
  39. log.info("加密返回数据: " + responseBodyMw);
  40. writeResponse(response, responseBodyMw);
  41. }
  42. @Override
  43. public void destroy() {
  44. // TODO Auto-generated method stub
  45. }
  46. private String getRequestBody(HttpServletRequest req) {
  47. try {
  48. BufferedReader reader = req.getReader();
  49. StringBuffer sb = new StringBuffer();
  50. String line = null;
  51. while ((line = reader.readLine()) != null) {
  52. sb.append(line);
  53. }
  54. String json = sb.toString();
  55. return json;
  56. } catch (IOException e) {
  57. log.info("请求体读取失败"+e.getMessage());
  58. }
  59. return "";
  60. }
  61. private void writeResponse(ServletResponse response, String responseString)
  62. throws IOException {
  63. PrintWriter out = response.getWriter();
  64. out.print(responseString);
  65. out.flush();
  66. out.close();
  67. }
  68. }

三、WrapperedRequest包装类

  1. import java.io.BufferedReader;
  2. import java.io.ByteArrayInputStream;
  3. import java.io.IOException;
  4. import java.io.InputStream;
  5. import java.io.StringReader;
  6. import javax.servlet.ReadListener;
  7. import javax.servlet.ServletInputStream;
  8. import javax.servlet.http.HttpServletRequest;
  9. import javax.servlet.http.HttpServletRequestWrapper;
  10. public class WrapperedRequest extends HttpServletRequestWrapper {
  11.  
  12. private String requestBody = null;
  13. HttpServletRequest req = null;
  14.  
  15. public WrapperedRequest(HttpServletRequest request) {
  16. super(request);
  17. this.req = request;
  18. }
  19.  
  20. public WrapperedRequest(HttpServletRequest request, String requestBody) {
  21. super(request);
  22. this.requestBody = requestBody;
  23. this.req = request;
  24. }
  25.  
  26. /**
  27. * (non-Javadoc)
  28. *
  29. * @see javax.servlet.ServletRequestWrapper#getReader()
  30. */
  31. @Override
  32. public BufferedReader getReader() throws IOException {
  33. return new BufferedReader(new StringReader(requestBody));
  34. }
  35.  
  36. /**
  37. * (non-Javadoc)
  38. *
  39. * @see javax.servlet.ServletRequestWrapper#getInputStream()
  40. */
  41. @Override
  42. public ServletInputStream getInputStream() throws IOException {
  43. return new ServletInputStream() {
  44. private InputStream in = new ByteArrayInputStream(
  45. requestBody.getBytes(req.getCharacterEncoding()));
  46. @Override
  47. public int read() throws IOException {
  48. return in.read();
  49. }
  50. @Override
  51. public boolean isFinished() {
  52. // TODO Auto-generated method stub
  53. return false;
  54. }
  55. @Override
  56. public boolean isReady() {
  57. // TODO Auto-generated method stub
  58. return false;
  59. }
  60. @Override
  61. public void setReadListener(ReadListener readListener) {
  62. // TODO Auto-generated method stub
  63.  
  64. }
  65. };
  66. }
  67. }
    四、WrapperedResponse包装类
  1. import java.io.ByteArrayOutputStream;
  2. import java.io.IOException;
  3. import java.io.OutputStreamWriter;
  4. import java.io.PrintWriter;
  5. import java.io.UnsupportedEncodingException;
  6. import javax.servlet.ServletOutputStream;
  7. import javax.servlet.WriteListener;
  8. import javax.servlet.http.HttpServletResponse;
  9. import javax.servlet.http.HttpServletResponseWrapper;
  10. public class WrapperedResponse extends HttpServletResponseWrapper {
  11.  
  12. private ByteArrayOutputStream buffer = null;
  13. private ServletOutputStream out = null;
  14. private PrintWriter writer = null;
  15.  
  16. public WrapperedResponse(HttpServletResponse resp) throws IOException {
  17. super(resp);
  18. // 真正存储数据的流
  19. buffer = new ByteArrayOutputStream();
  20. out = new WapperedOutputStream(buffer);
  21. writer = new PrintWriter(new OutputStreamWriter(buffer,
  22. this.getCharacterEncoding()));
  23. }
  24.  
  25. /** 重载父类获取outputstream的方法 */
  26. @Override
  27. public ServletOutputStream getOutputStream() throws IOException {
  28. return out;
  29. }
  30.  
  31. /** 重载父类获取writer的方法 */
  32. @Override
  33. public PrintWriter getWriter() throws UnsupportedEncodingException {
  34. return writer;
  35. }
  36.  
  37. /** 重载父类获取flushBuffer的方法 */
  38. @Override
  39. public void flushBuffer() throws IOException {
  40. if (out != null) {
  41. out.flush();
  42. }
  43. if (writer != null) {
  44. writer.flush();
  45. }
  46. }
  47.  
  48. @Override
  49. public void reset() {
  50. buffer.reset();
  51. }
  52.  
  53. /** 将out、writer中的数据强制输出到WapperedResponse的buffer里面,否则取不到数据 */
  54. public byte[] getResponseData() throws IOException {
  55. flushBuffer();
  56. return buffer.toByteArray();
  57. }
  58.  
  59. /** 内部类,对ServletOutputStream进行包装 */
  60. private class WapperedOutputStream extends ServletOutputStream {
  61. private ByteArrayOutputStream bos = null;
  62.  
  63. public WapperedOutputStream(ByteArrayOutputStream stream)
  64. throws IOException {
  65. bos = stream;
  66. }
  67.  
  68. @Override
  69. public void write(int b) throws IOException {
  70. bos.write(b);
  71. }
  72.  
  73. @Override
  74. public void write(byte[] b) throws IOException {
  75. bos.write(b, 0, b.length);
  76. }
  77.  
  78. @Override
  79. public boolean isReady() {
  80. // TODO Auto-generated method stub
  81. return false;
  82. }
  83.  
  84. @Override
  85. public void setWriteListener(WriteListener writeListener) {
  86. // TODO Auto-generated method stub
  87.  
  88. }
  89. }
  90. }
  1. 五、Controller
  1. import java.io.BufferedReader;
  2. import java.io.InputStreamReader;
  3. import javax.servlet.ServletInputStream;
  4. import javax.servlet.http.HttpServletRequest;
  5. import javax.servlet.http.HttpServletResponse;
  6. import org.springframework.web.bind.annotation.PostMapping;
  7. import org.springframework.web.bind.annotation.RequestMapping;
  8. import org.springframework.web.bind.annotation.RestController;
  9. import com.alibaba.fastjson.JSONObject;
  10. import lombok.extern.slf4j.Slf4j;
  11.  
  12. @RestController
  13. @RequestMapping("/v1/api/")
  14. @Slf4j
  15. public class UserInfoController {
  16.  
  17. //测试
  18. @PostMapping(value = "test",produces = "application/json;charset=UTF-8")
  19. public String test(HttpServletRequest request,HttpServletResponse response) {
  20. JSONObject jsonObject = new JSONObject();
  21. JSONObject clientJson = getClientJson(request, response);
  22. log.info("【客户端收集到的数据为】clientJson={}",clientJson);
  23. return clientJson.toString();
  24. }
  25. public JSONObject getClientJson(HttpServletRequest request,HttpServletResponse response) {
  26. JSONObject json = null;
  27. try {
  28. //提取json
  29. //response.setContentType("application/json; charset=utf-8");
  30. response.setContentType("text/json");
  31. response.setContentType("application/json");
  32. response.setCharacterEncoding("utf-8");
  33. BufferedReader br = null;
  34. if (request.getContentType().contains("text") || request.getContentType().contains("json")) {
  35. br = new BufferedReader(new InputStreamReader((ServletInputStream) request.getInputStream(), "UTF-8"));
  36. StringBuilder sb = new StringBuilder();
  37. String temp;
  38. while ((temp = br.readLine()) != null) {
  39. sb.append(temp);
  40. }
  41. json = JSONObject.parseObject(sb.toString());
  42. }
  43.  
  44. } catch (Exception e) {
  45. e.printStackTrace();
  46. log.error("客户端请求数据异常->" + e.getMessage());
  47. }
  48. log.info(json.toString());
  49. return json;
  50. }
  51.  
  52. }

六、测试

说明:可以直接使用postman进行测试。

这里使用httpclient进行测试。

  1. import java.io.BufferedReader;
  2. import java.io.IOException;
  3. import java.io.InputStreamReader;
  4. import java.nio.charset.Charset;
  5. import java.util.Base64;
  6. import org.apache.http.HttpEntity;
  7. import org.apache.http.HttpResponse;
  8. import org.apache.http.HttpStatus;
  9. import org.apache.http.client.HttpClient;
  10. import org.apache.http.client.methods.HttpGet;
  11. import org.apache.http.client.methods.HttpPost;
  12. import org.apache.http.entity.StringEntity;
  13. import org.apache.http.impl.client.DefaultHttpClient;
  14. import org.apache.http.util.EntityUtils;
  15. import org.junit.Test;
  16. import org.junit.runner.RunWith;
  17. import org.springframework.boot.test.context.SpringBootTest;
  18. import org.springframework.test.context.junit4.SpringRunner;
  19.  
  20. import com.alibaba.fastjson.JSON;
  21. import com.alibaba.fastjson.JSONObject;
  22. import com.lmbx.util.DES;
  23. import com.lmbx.util.DESCoderUtil;
  24.  
  25. import lombok.extern.slf4j.Slf4j;
  26.  
  27. @RunWith(SpringRunner.class)
  28. @SpringBootTest
  29. @Slf4j
  30. public class test2 {
  31.  
  32. @Test
  33. public void test() throws Exception {
  34.  
  35. String url="http://localhost:8080/v1/api/test";
  36. String json="{\"placeId\":\"2\",\"mediaCode\":\"ottauto\",\"cId\":\"1\"}";
  37. String responseBodyMw =new String(Base64.getDecoder().decode(json), "utf-8");
  38. String doPost = doPost(url,responseBodyMw,null);
  39. System.out.println(doPost);
  40. }
  41.  
  42. public synchronized static JSONObject doGet(String url) {
  43. JSONObject jsonObject=null;
  44. try {
  45. HttpClient client = new DefaultHttpClient();
  46. HttpGet request = new HttpGet(url);
  47. System.out.println(request);
  48. HttpResponse response = client.execute(request);
  49. if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) {
  50. String strResult = EntityUtils.toString(response.getEntity());
  51. System.out.println("请求结果为——》"+strResult);
  52. jsonObject=JSON.parseObject(strResult);
  53. return jsonObject;
  54. }
  55. }
  56. catch (IOException e) {
  57. e.printStackTrace();
  58. }
  59. return jsonObject;
  60. }
  61.  
  62. public static String doPost(String url,String json,String token){
  63. DefaultHttpClient client = new DefaultHttpClient();
  64. HttpPost post = new HttpPost(url);
  65. String response = null;
  66. try {
  67. StringEntity s = new StringEntity(json,Charset.forName("UTF-8"));
  68. s.setContentEncoding("UTF-8");
  69. s.setContentType("application/json");//发送json数据需要设置contentType
  70. post.setEntity(s);
  71. post.setHeader("token", token);
  72. post.setHeader("Content-Type", "application/json; charset=UTF-8");
  73. HttpResponse res = client.execute(post);
  74. if(res.getStatusLine().getStatusCode() == HttpStatus.SC_OK){
  75. HttpEntity httpEntity = res.getEntity();
  76. BufferedReader reader = null;
  77.  
  78. reader = new BufferedReader(new InputStreamReader(httpEntity.getContent(), "UTF-8"), 10 * 1024);
  79. StringBuilder strBuilder = new StringBuilder();
  80. String line = null;
  81. while ((line = reader.readLine()) != null) {
  82. strBuilder.append(line);
  83. }
  84. response = strBuilder.toString();
  85. }
  86. } catch (Exception e) {
  87. throw new RuntimeException(e);
  88. }
  89. return response;
  90. }
  91. }
  1.  

   

SpringBoot框架中,使用过滤器进行加密解密操作(一)的更多相关文章

  1. CI框架中自带的加密解密如何应用

    首先我们找到配置文件application/config/config.php  ,找到如下代码: ? 1 $config['encryption_key'] = "YOUR KEY&quo ...

  2. Springboot 使用过滤器进行加密解密(二)

    之前写过一篇关于过滤器实现加密解密功能的文章,但是在实际开发业务中发现,还是有一些问题的,在此特地说明. 第一:过滤器走两遍的问题: 1.过滤器上,添加了两个注解 第一个:@Compent   将此F ...

  3. php中base64_decode与base64_encode加密解密函数

    php中base64_decode与base64_encode加密解密函数,实例分析了base64加密解密函数的具体用法,具有一定的实用价值,需要的朋友可以参考下 本文实例讲述了php中base64_ ...

  4. springboot框架中集成thymeleaf引擎,使用form表单提交数据,debug结果后台获取不到数据

    springboot框架中集成thymeleaf引擎,使用form表单提交数据,debug结果后台获取不到数据 表单html: <form class="form-horizontal ...

  5. JAVA和PYTHON同时实现AES的加密解密操作---且生成的BASE62编码一致

    终于有机会生产JAVA的东东了. 有点兴奋. 花了一天搞完.. java(关键key及算法有缩减): package com.security; import javax.crypto.Cipher; ...

  6. .NET和JAVA中BYTE的区别以及JAVA中“DES/CBC/PKCS5PADDING” 加密解密在.NET中的实现

    场景:java 作为客户端调用已有的一个.net写的server的webservice,输入string,返回字节数组. 问题:返回的值不是自己想要的,跟.net客户端直接调用总是有差距 分析:平台不 ...

  7. C#中的三种 加密解密

    刚刚学会的C#的加密与解密(三种)MD5加密/RSA加密与解密/DES加密.也是刚刚申请的blog随便发布一下. (一).MD5加密 MD5 md5 = new MD5CryptoServicePro ...

  8. Springboot框架中request.getInputStream()获取不到上传的文件流

    Springboot框架中用下面的代码,使用request.getInputStream()获取不到上传的文件流 @PostMapping("/upload_img") publi ...

  9. SpringBoot项目中,表单的验证操作

    在创建Springboot项目中,我们使用了表单验证操作,这一操作将极大地简化我们编程的开发 1.接收数据,以及验证 @PostMapping("/save") public Mo ...

随机推荐

  1. 深入理解Redis系列之SpringBoot集成Redis

    SpringBoot环境 快速搭建一个SpringBoot工程 进入 https://start.spring.io 网站, 使用该网站初始化一个SpringBoot工程 添加相关依赖 因为使用spr ...

  2. 关于以base64编码形式上传图片

    第一次用,记录一下 HTML中的样式 HTML代码 1 <li class="orther" style="padding-top: 15px;"> ...

  3. HTML5-2

    1 html5新增表单元素 <form> <!-- 数字 还有箭头,可以加减数字 并且可以设置最大最小值 --> <input type="number&quo ...

  4. python学习博客地址集合。。。

    python学习博客地址集合...   老师讲课博客目录 http://www.bootcdn.cn/bootstrap/  bootstrap cdn在线地址 http://www.cnblogs. ...

  5. python之路-数据运算

    位运算: 运算符 描述                                                                   实例 +  加-两个对象相加         ...

  6. cocoapods 换源

    1. 用以下步骤换源: pod repo remove master pod repo add master https://code.aliyun.com/Magi/CocoaPods.git po ...

  7. jsp页面传中文到后台乱码怎么办?

    一般从前台传值到后腰如果传的值是中文的话,又不用post传值方式,到后台显示会显示成乱码的形式.所以以下方法亲测有效防止乱码. 前台jsp页面: var taskTitle = $('#taskTit ...

  8. 查询数据库:models.Books.objects.all()[10: 20]与models.Books.objects.filter(id__gt=10, id__lt=20).values() 的区别

    1. models.Books.objects.all()[10: 20] (10:20  之间是冒号,不是逗号.)查出的是 QuerySet对象,如需进行操作,得进一步进行剥皮. 查询代码: 查询结 ...

  9. SharePoint Framework 向web部件中添加外部库

    博客地址:http://blog.csdn.net/FoxDave 在进行开发的时候,你很可能会想要引用一些公开的JavaScript库到你的项目中,本文将会介绍如何打包和共享这些库. 打包脚本 默认 ...

  10. 信息技术手册可视化进度报告 基于BeautifulSoup框架的python3爬取数据并连接保存到MySQL数据库

    老师给我们提供了一个word文档,里面是一份信息行业热词解释手册,要求我们把里面的文字存进数据库里面,然后在前台展示出来. 首先面临的问题是怎么把数据导进MySQL数据库,大家都有自己的方法,我采用了 ...