refactor(data): 重构加密解密逻辑
- 移除 EncryptionRequestContext 类,改为在 request 中存储 corpId - 优化 decryptAround 方法,简化代码结构 - 新增 BaseController 类,提供公共方法获取 corpId 和 UUIDdev
liujun
parent
20e5630137
commit
39cc0b8cfe
|
|
@ -26,39 +26,34 @@ public class EncryptionAspect {
|
|||
@Around("@annotation(EncryptionMapping)")
|
||||
public Object decryptAround(ProceedingJoinPoint joinPoint) throws Throwable {
|
||||
Object[] args = joinPoint.getArgs();
|
||||
if (args.length == 0){
|
||||
if (args.length == 0) {
|
||||
return R.error("参数不能为空");
|
||||
}
|
||||
|
||||
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
||||
if (attributes == null){
|
||||
if (attributes == null) {
|
||||
return R.error("系统异常:1000");
|
||||
}
|
||||
|
||||
HttpServletRequest request = attributes.getRequest();
|
||||
|
||||
String headerValue = request.getHeader("X-app-Id");
|
||||
EncryptionRequestContext.setAppId(headerValue);
|
||||
request.setAttribute("corpId", headerValue);
|
||||
|
||||
try {
|
||||
// 读取原始加密数据
|
||||
String encryptedData = new BufferedReader(new InputStreamReader(request.getInputStream()))
|
||||
.lines()
|
||||
.collect(Collectors.joining(System.lineSeparator()));
|
||||
// 读取原始加密数据
|
||||
String encryptedData = new BufferedReader(new InputStreamReader(request.getInputStream()))
|
||||
.lines()
|
||||
.collect(Collectors.joining(System.lineSeparator()));
|
||||
|
||||
EncryptionReqDto reqDto = JSONObject.parseObject(encryptedData, EncryptionReqDto.class);
|
||||
if (StringUtils.isEmpty(reqDto.getData())){
|
||||
return R.error("系统异常:2000");
|
||||
}
|
||||
// 解密请求参数
|
||||
String decryptedData = AesEncryptionUtil.decrypt(reqDto.getData());
|
||||
// 替换原始参数为解密后的数据
|
||||
args[0] = JSONObject.parseObject(decryptedData,args[0].getClass());
|
||||
return joinPoint.proceed(args);
|
||||
}catch (Exception e){
|
||||
throw new RuntimeException(e);
|
||||
} finally {
|
||||
EncryptionRequestContext.clear();
|
||||
EncryptionReqDto reqDto = JSONObject.parseObject(encryptedData, EncryptionReqDto.class);
|
||||
if (StringUtils.isEmpty(reqDto.getData())) {
|
||||
return R.error("系统异常:2000");
|
||||
}
|
||||
// 解密请求参数
|
||||
String decryptedData = AesEncryptionUtil.decrypt(reqDto.getData());
|
||||
// 替换原始参数为解密后的数据
|
||||
args[0] = JSONObject.parseObject(decryptedData, args[0].getClass());
|
||||
return joinPoint.proceed(args);
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -1,18 +0,0 @@
|
|||
package com.zcloud.modules.data.aop;
|
||||
|
||||
public class EncryptionRequestContext {
|
||||
|
||||
private static final ThreadLocal<String> CORP_ID_HOLDER = new ThreadLocal<>();
|
||||
|
||||
public static void setCorpId(String appId) {
|
||||
CORP_ID_HOLDER.set(appId);
|
||||
}
|
||||
|
||||
public static String getCorpId() {
|
||||
return CORP_ID_HOLDER.get();
|
||||
}
|
||||
|
||||
public static void clear() {
|
||||
CORP_ID_HOLDER.remove();
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
package com.zcloud.modules.data.base;
|
||||
|
||||
import com.zcloud.modules.util.UuidUtil;
|
||||
import org.springframework.web.context.request.RequestContextHolder;
|
||||
import org.springframework.web.context.request.ServletRequestAttributes;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
public class BaseController {
|
||||
|
||||
public String getCorpId() {
|
||||
if (getRequest().getAttribute("corpId") == null){
|
||||
return null;
|
||||
}else {
|
||||
return getRequest().getAttribute("corpId").toString();
|
||||
}
|
||||
}
|
||||
|
||||
public HttpServletRequest getRequest() {
|
||||
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
||||
if (attributes != null) {
|
||||
return attributes.getRequest();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public String getUuid() {
|
||||
return UuidUtil.get32UUID();
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue