Java注解实现接口输出数据脱敏
在后台管理中,对于手机号,身份证,姓名这些数据不允许所有人都能看,这时候我们要对相对数据进行脱敏.
先声明了一个注解
通过对相关接口函数进行声明,以及配置需要脱敏的参数类型SecretTypeEnum,默认脱敏手机号
/**
* 脱敏声明
*/
@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface SecretManage {
SecretTypeEnum[] value() default {SecretTypeEnum.MOBILE};
}
我们目前只支持对手机号
身份证,用户姓名三个字段进行脱敏, 字段名称必须符合枚举的desc值
package com.test.base.enums;
import com.fasterxml.jackson.annotation.JsonValue;
/**
* @author fyf
* @date 2021/2/26
*/
public enum SecretTypeEnum implements BaseEnum {
MOBILE(0, "mobile"),
NAME(1, "name"),
ID(2, "identity")
;
@JsonValue
private int code;
private String desc;
public String getDesc() {
return desc;
}
SecretTypeEnum(int code, String desc) {
this.code = code;
this.desc = desc;
}
@Override
public int code() {
return code;
}
public static SecretTypeEnum checkParam(String paramName) {
SecretTypeEnum[] values = values();
for (int i = 0; i < values.length; i++) {
if (paramName.equals(values[i].getDesc())) {
return values[i];
}
}
return null;
}
}
然后我们需要实现注解的拦截功能
/**
* 对字段进行脱敏管理
* @author: fyf
* @date: 2021/02/23
*/
@Order(1)
@Aspect
@Component
public class SecretManageAspect {
@Pointcut("@annotation(com.test.base.annotations.SecretManage)")
public void pointCut() {
}
@Around("pointCut() && @annotation(secretManage)")
public Object secretManageAround(ProceedingJoinPoint joinPoint, SecretManage secretManage) throws Throwable {
Class returnType = ((MethodSignature) joinPoint.getSignature()).getReturnType();
Object invokeResult = joinPoint.proceed();
if (returnType.isInstance(invokeResult)) {
returnType.cast(invokeResult);
}
Field[] fields = returnType.getDeclaredFields();
List annotationSecretTypeEnums = Arrays.asList(secretManage.value());
for (Field field : fields) {
String fieldName = field.getName();
Class paramType = field.getType();
System.out.println("字段名称:" + fieldName);
SecretTypeEnum secretTypeEnum = SecretTypeEnum.checkParam(fieldName);
long count = annotationSecretTypeEnums.stream().filter(item -> item.equals(secretTypeEnum)).count();
if (secretTypeEnum != null && count > 0) {
fieldName = fieldName.substring(0, 1).toUpperCase() + fieldName.substring(1);
// 获取到setter方法
Method setMethod = returnType.getMethod("set" + fieldName, new Class[]{paramType});
// 获取到getter方法
Method getMethod = returnType.getMethod("get" + fieldName);
// 执行getter方法
Object value = getMethod.invoke(invokeResult);
this.invokeSetter(setMethod, invokeResult, secretTypeEnum, value);
}
}
return invokeResult;
}
/**
* 封装执行setter函数
*/
private void invokeSetter(Method setterMethod, Object invokeResult, SecretTypeEnum secretTypeEnum, Object value)
throws InvocationTargetException, IllegalAccessException {
switch (secretTypeEnum) {
case NAME:
setterMethod.invoke(invokeResult, SecretUtil.nameSecret(value.toString()));
break;
case MOBILE:
setterMethod.invoke(invokeResult, SecretUtil.mobileSecret(value.toString()));
break;
case ID:
setterMethod.invoke(invokeResult, SecretUtil.idNoSecret(value.toString()));
break;
}
}
}
上面我们就是实现了脱敏的功能,现在我们可以mock接口看看结果了,
我对默认声明和脱敏名称和手机号进行了测试
/**
* curl localhost:9999/user/test-secret
*/
@GetMapping("/test-secret")
// @SecretManage(value = {SecretTypeEnum.NAME, SecretTypeEnum.MOBILE})
@SecretManage
public User getSecretUser() {
User user = new User();
user.setId(1);
user.setMobile("13715166409");
user.setName("张志新");
user.setIdentity("370283790911703");
return user;
}
下面是测试结果
Java注解的字段脱敏处理
有这样一个场景,系统中可以出现敏感的数据,在打印日志的时候,我们并不希望打印出现,这样,我们使用自己定义注解,来解决这个问题。
定义需要脱敏的字段规则
import java.lang.reflect.Array; import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.Collection; import java.util.HashSet; import java.util.Iterator; import java.util.Map; import java.util.Map.Entry; import java.util.Set; import org.apache.commons.lang.ArrayUtils; import org.apache.commons.lang.StringUtils; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.serializer.SerializerFeature; import com.google.gson.Gson; import com.ucf.platform.framework.core.annotation.SensitiveInfo; import com.ucf.platform.framework.core.log.UcfLogger; import com.ucf.platform.framework.core.log.UcfLoggerFactory; /** * @Title: SensitiveInfoUtils.java * @Copyright: Copyright (c) 2011 * @Description:
* 敏感信息屏蔽工具
*/ public final class SensitiveInfoUtils { private final static UcfLogger logger = UcfLoggerFactory.getLogger(SensitiveInfoUtils.class); /** * [中文姓名] 只显示第一个汉字,其他隐藏为2个星号<例子:李**> * * @param name * @return */ public static String chineseName(String fullName) { if (StringUtils.isBlank(fullName)) { return ""; } String name = StringUtils.left(fullName, 1); return StringUtils.rightPad(name, StringUtils.length(fullName), "*"); } /** * [中文姓名] 只显示第一个汉字,其他隐藏为2个星号<例子:李**> * * @param familyName * @param givenName * @return */ public static String chineseName(String familyName, String givenName) { if (StringUtils.isBlank(familyName) || StringUtils.isBlank(givenName)) { return ""; } return chineseName(familyName + givenName); } /** * [身份证号] 显示最后四位,其他隐藏。共计18位或者15位。<例子:*************5762> * * @param id * @return */ public static String idCardNum(String id) { if (StringUtils.isBlank(id)) { return ""; } String num = StringUtils.right(id, 4); return StringUtils.leftPad(num, StringUtils.length(id), "*"); } /** * [固定电话] 后四位,其他隐藏<例子:****1234> * * @param num * @return */ public static String fixedPhone(String num) { if (StringUtils.isBlank(num)) { return ""; } return StringUtils.leftPad(StringUtils.right(num, 4), StringUtils.length(num), "*"); } /** * [手机号码] 前三位,后四位,其他隐藏<例子:138******1234> * * @param num * @return */ public static String mobilePhone(String num) { if (StringUtils.isBlank(num)) { return ""; } return StringUtils.left(num, 3).concat(StringUtils.removeStart(StringUtils.leftPad(StringUtils.right(num, 4), StringUtils.length(num), "*"), "***")); } /** * [地址] 只显示到地区,不显示详细地址;我们要对个人信息增强保护<例子:北京市海淀区****> * * @param address * @param sensitiveSize * 敏感信息长度 * @return */ public static String address(String address, int sensitiveSize) { if (StringUtils.isBlank(address)) { return ""; } int length = StringUtils.length(address); return StringUtils.rightPad(StringUtils.left(address, length - sensitiveSize), length, "*"); } /** * [电子邮箱] 邮箱前缀仅显示第一个字母,前缀其他隐藏,用星号代替,@及后面的地址显示<例子:g**@163.com> * * @param email * @return */ public static String email(String email) { if (StringUtils.isBlank(email)) { return ""; } int index = StringUtils.indexOf(email, "@"); if (index <= 1) return email; else return StringUtils.rightPad(StringUtils.left(email, 1), index, "*").concat(StringUtils.mid(email, index, StringUtils.length(email))); } /** * [银行卡号] 前六位,后四位,其他用星号隐藏每位1个星号<例子:6222600**********1234> * * @param cardNum * @return */ public static String bankCard(String cardNum) { if (StringUtils.isBlank(cardNum)) { return ""; } return StringUtils.left(cardNum, 6).concat(StringUtils.removeStart(StringUtils.leftPad(StringUtils.right(cardNum, 4), StringUtils.length(cardNum), "*"), "******")); } /** * [公司开户银行联号] 公司开户银行联行号,显示前两位,其他用星号隐藏,每位1个星号<例子:12********> * * @param code * @return */ public static String cnapsCode(String code) { if (StringUtils.isBlank(code)) { return ""; } return StringUtils.rightPad(StringUtils.left(code, 2), StringUtils.length(code), "*"); } /** * 获取脱敏json串 <注意:递归引用会导致java.lang.StackOverflowError> * * @param javaBean * @return */ public static String getJson(Object javaBean) { String json = null; if (null != javaBean) { Class raw = javaBean.getClass(); try { if (raw.isInterface()) return json; Gson g = new Gson(); Object clone = g.fromJson(g.toJson(javaBean, javaBean.getClass()), javaBean.getClass()); SetreferenceCounter = new HashSet (); SensitiveInfoUtils.replace(SensitiveInfoUtils.findAllField(raw), clone, referenceCounter); json = JSON.toJSONString(clone, SerializerFeature.WriteMapNullValue, SerializerFeature.WriteNullListAsEmpty); referenceCounter.clear(); referenceCounter = null; } catch (Throwable e) { logger.error("SensitiveInfoUtils.getJson() ERROR", e); } } return json; } private static Field[] findAllField(Class clazz) { Field[] fileds = clazz.getDeclaredFields(); while (null != clazz.getSuperclass() && !Object.class.equals(clazz.getSuperclass())) { fileds = (Field[]) ArrayUtils.addAll(fileds, clazz.getSuperclass().getDeclaredFields()); clazz = clazz.getSuperclass(); } return fileds; } private static void replace(Field[] fields, Object javaBean, Set referenceCounter) throws IllegalArgumentException, IllegalAccessException { if (null != fields && fields.length > 0) { for (Field field : fields) { field.setAccessible(true); if (null != field && null != javaBean) { Object value = field.get(javaBean); if (null != value) { Class type = value.getClass(); // 1.处理子属性,包括集合中的 if (type.isArray()) { int len = Array.getLength(value); for (int i = 0; i < len; i++) { Object arrayObject = Array.get(value, i); SensitiveInfoUtils.replace(SensitiveInfoUtils.findAllField(arrayObject.getClass()), arrayObject, referenceCounter); } } else if (value instanceof Collection) { Collection c = (Collection) value; Iterator it = c.iterator(); while (it.hasNext()) { Object collectionObj = it.next(); SensitiveInfoUtils.replace(SensitiveInfoUtils.findAllField(collectionObj.getClass()), collectionObj, referenceCounter); } } else if (value instanceof Map) { Map m = (Map) value; Set set = m.entrySet(); for (Object o : set) { Entry entry = (Entry) o; Object mapVal = entry.getValue(); SensitiveInfoUtils.replace(SensitiveInfoUtils.findAllField(mapVal.getClass()), mapVal, referenceCounter); } } else if (!type.isPrimitive() && !StringUtils.startsWith(type.getPackage().getName(), "javax.") && !StringUtils.startsWith(type.getPackage().getName(), "java.") && !StringUtils.startsWith(field.getType().getName(), "javax.") && !StringUtils.startsWith(field.getName(), "java.") && referenceCounter.add(value.hashCode())) { SensitiveInfoUtils.replace(SensitiveInfoUtils.findAllField(type), value, referenceCounter); } } // 2. 处理自身的属性 SensitiveInfo annotation = field.getAnnotation(SensitiveInfo.class); if (field.getType().equals(String.class) && null != annotation) { String valueStr = (String) value; if (StringUtils.isNotBlank(valueStr)) { switch (annotation.type()) { case CHINESE_NAME: { field.set(javaBean, SensitiveInfoUtils.chineseName(valueStr)); break; } case ID_CARD: { field.set(javaBean, SensitiveInfoUtils.idCardNum(valueStr)); break; } case FIXED_PHONE: { field.set(javaBean, SensitiveInfoUtils.fixedPhone(valueStr)); break; } case MOBILE_PHONE: { field.set(javaBean, SensitiveInfoUtils.mobilePhone(valueStr)); break; } case ADDRESS: { field.set(javaBean, SensitiveInfoUtils.address(valueStr, 4)); break; } case EMAIL: { field.set(javaBean, SensitiveInfoUtils.email(valueStr)); break; } case BANK_CARD: { field.set(javaBean, SensitiveInfoUtils.bankCard(valueStr)); break; } case CNAPS_CODE: { field.set(javaBean, SensitiveInfoUtils.cnapsCode(valueStr)); break; } } } } } } } } //---------------------------------------------------------------------------------------------- public static Method [] findAllMethod(Class clazz){ Method [] methods= clazz.getMethods(); return methods; } //---------------------------------------------------------------------------------------------- public static enum SensitiveType { /** * 中文名 */ CHINESE_NAME, /** * 身份证号 */ ID_CARD, /** * 座机号 */ FIXED_PHONE, /** * 手机号 */ MOBILE_PHONE, /** * 地址 */ ADDRESS, /** * 电子邮件 */ EMAIL, /** * 银行卡 */ BANK_CARD, /** * 公司开户银行联号 */ CNAPS_CODE; } }
声明注解
import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Inherited; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; import com.ucf.platform.framework.core.util.SensitiveInfoUtils; /** * @Title: SensitiveInfo.java * @Copyright: Copyright (c) 2015 * @Description:
* 敏感信息注解标记
*/ @Target({ElementType.FIELD,ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) @Inherited @Documented public @interface SensitiveInfo { public SensitiveInfoUtils.SensitiveType type() ; }
测试
public class JavaBeanA {
public JavaBeanA(String name,String id){
}
@SensitiveInfo(type=SensitiveType.CHINESE_NAME)
private String name = "A先生";
private JavaBeanB b;
private Date date;
private List list;
private Map map;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public JavaBeanB getB() {
return b;
}
public void setB(JavaBeanB b) {
this.b = b;
}
public List getList() {
return list;
}
public void setList(List list) {
this.list = list;
}
public Map getMap() {
return map;
}
public void setMap(Map map) {
this.map = map;
}
public Date getDate() {
return date;
}
public void setDate(Date date) {
this.date = date;
}
}
public class JavaBeanB {
@SensitiveInfo(type=SensitiveType.CHINESE_NAME)
private String name = "B先生";
private JavaBeanA a;
private Set list;
private Map map;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public JavaBeanA getA() {
return a;
}
public void setA(JavaBeanA a) {
this.a = a;
}
public Set getList() {
return list;
}
public void setList(Set list) {
this.list = list;
}
public Map getMap() {
return map;
}
public void setMap(Map map) {
this.map = map;
}
}
public class SensitiveInfoUtilsTest {
/**
* [中文姓名] 只显示第一个汉字,其他隐藏为2个星号<例子:李**>
*/
@Test
public void testChineseNameString() {
System.out.println(SensitiveInfoUtils.chineseName("李先生"));
}
/**
* [中文姓名] 只显示第一个汉字,其他隐藏为2个星号<例子:李**>
*/
@Test
public void testChineseNameStringString() {
System.out.println(SensitiveInfoUtils.chineseName("李","雷"));
}
/**
* [身份证号] 显示最后四位,其他隐藏。共计18位或者15位。<例子:*************5762>
*/
@Test
public void testIdCardNum() {
System.out.println(SensitiveInfoUtils.idCardNum("1103541983073188711"));
}
/**
* [固定电话] 后四位,其他隐藏<例子:****1234>
*/
@Test
public void testFixedPhone() {
System.out.println(SensitiveInfoUtils.fixedPhone("01077482277"));
}
/**
* [手机号码] 前三位,后四位,其他隐藏<例子:138******1234>
*/
@Test
public void testMobilePhone() {
System.out.println(SensitiveInfoUtils.mobilePhone("13777446578"));
}
/**
* [地址] 只显示到地区,不显示详细地址;我们要对个人信息增强保护<例子:北京市海淀区****>
*/
@Test
public void testAddress() {
System.out.println(SensitiveInfoUtils.address("北京朝阳区酒仙桥中路26号院4号楼人人大厦",8));
}
/**
* [电子邮箱] 邮箱前缀仅显示第一个字母,前缀其他隐藏,用星号代替,@及后面的地址显示<例子:g**@163.com>
*/
@Test
public void testEmail() {
System.out.println(SensitiveInfoUtils.email("[email protected]"));
}
/**
* [银行卡号] 前六位,后四位,其他用星号隐藏每位1个星号<例子:6222600**********1234>
*/
@Test
public void testBankCard() {
System.out.println(SensitiveInfoUtils.bankCard("6228480402565890018"));
}
/**
* [公司开户银行联号] 公司开户银行联行号,显示前两位,其他用星号隐藏,每位1个星号<例子:12********>
*/
@Test
public void testCnapsCode() {
System.out.println(SensitiveInfoUtils.cnapsCode("102100029679"));
}
/**
* 获取脱敏json串 <注意:递归引用会导致java.lang.StackOverflowError>
*/
@Test
public void testGetJson() {
// ThreadPoolExecutor consumeExecutor = new ThreadPoolExecutor(30, 30 + 10, 5, TimeUnit.SECONDS, new ArrayBlockingQueue(30 + 10), new ThreadFactory() {
// @Override
// public Thread newThread(Runnable r) {
// Thread myThread = new Thread(r);
// myThread.setName("TT");
// return myThread;
// }
// }, new ThreadPoolExecutor.CallerRunsPolicy());
// while (true) {
// consumeExecutor.execute(new Runnable() {
// @Override
// public void run() {}
// });
// }
JavaBeanA a1 = new JavaBeanA("","");
JavaBeanA a2 = new JavaBeanA("","");
JavaBeanB b1 = new JavaBeanB();
a1.setB(b1);
// a1.setDate(new Date());
List a1l = new ArrayList();
a1l.add(b1);
a1.setList(a1l);
Map a1m = new HashMap();
a1m.put("b1", b1);
a1.setMap(a1m);
b1.setA(a2);
Set b1l = new HashSet();
b1.setList(b1l);
Map b1m = new HashMap();
b1m.put("a2", a2);
b1.setMap(b1m);
long t = System.currentTimeMillis();
System.out.println(t);
System.out.println(SensitiveInfoUtils.getJson(a1));
System.out.println(System.currentTimeMillis()-t);
System.out.println(JSON.toJSON(a1));
System.out.println(System.currentTimeMillis()-t);
}
}
测试结果:
李**
李*
***************8711
*******2277
137****6578
北京朝阳区酒仙桥中路26号********
6*******@qq.com
622848*********0018
10**********
1443435915750
{"b":{"a":{"b":null,"date":null,"list":[],"map":null,"name":"A**"},"list":[],"map":{"a2":{"b":null,"date":null,"list":[],"map":null,"name":"A**"}},"name":"B**"},"date":null,"list":[{"a":{"b":null,"date":null,"list":[],"map":null,"name":"A**"},"list":[],"map":{"a2":{"b":null,"date":null,"list":[],"map":null,"name":"A**"}},"name":"B**"}],"map":{"b1":{"a":{"b":null,"date":null,"list":[],"map":null,"name":"A**"},"list":[],"map":{"a2":{"b":null,"date":null,"list":[],"map":null,"name":"A**"}},"name":"B**"}},"name":"A**"}
289
{"b":{"a":{"name":"A先生"},"list":[],"map":{"a2":{"name":"A先生"}},"name":"B先生"},"list":[{"a":{"name":"A先生"},"list":[],"map":{"a2":{"name":"A先生"}},"name":"B先生"}],"map":{"b1":{"a":{"name":"A先生"},"list":[],"map":{"a2":{"name":"A先生"}},"name":"B先生"}},"name":"A先生"}
300
使用了google 的API,可以使用maven在添加,配置如下:
com.google.code.gson gson
说明:在需要脱敏的字段上使用定义好的注解,在具体的使用时用SensitiveInfoUtils.getJson(a1),如果不需要脱敏的输出,尽量不要打印JSON,使用对象的toString()输出。效率更高。
以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。