2021-05-11 AOP加解密请求数据

APP端ajax请求进行了加密，所以服务端需要对指定Controller的请求参数进行解密，以及一些通用的操作。
不完善，仅作思路参考。

/**
 * 功 能: AOP切面类，用于处理方法参数如:参数解密、加密等
 */
@Aspect
@Component
public class HttpAspect {

    private final String httpPonit = "execution(public * com.haiyisoft.gcwz.ui.appbase..*Controller.*(..))";

    @Pointcut(httpPonit)
    public void excuteHttpPoint() {

    }

    /**
     * 环绕执行方法
     */
    @Around("excuteHttpPoint()")
    public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        // 获取header中reqEncrypt的值，如果为true则需要解密请求参数
        String reqEncrypt = request.getHeader(AppConstants.HEADER_REQ_ENCRYPT);
        String drop = request.getHeader(AppConstants.HEADER_REQ_Drop);
        String method = request.getMethod();
        Object[] obj = joinPoint.getArgs();
        // 只有POST请求，且加密标志为true时才进行解密
        if ("POST".equals(method) && "true".equals(reqEncrypt)) {
            for (int i = 0, length = obj.length; i < length; i++) {
                // 如果是String字符串，直接进行解密
                if (obj[i] instanceof String) {
                    String param = String.valueOf(obj[i]);
                    if (StringUtils.isNotBlank(param)) {
                        obj[i] = RSAUtil.decrypt(param, AppConstants.RSA_PRI_KEY);
                    }
                } else if (obj[i] instanceof Object[]) {
                    // 如果是数组，直接进行解密
                    Object[] arr = (Object[]) obj[i];
                    for (int j = 0, len = arr.length; j < len; j++) {
                        if (arr[j] instanceof String) {
                            arr[j] = RSAUtil.decrypt(String.valueOf(arr[j]), AppConstants.RSA_PRI_KEY);
                        }
                    }
                } else if (obj[i] != null && !(obj[i] instanceof HttpServletRequest) && !(obj[i] instanceof HttpServletResponse)) {
                    Class clazz = obj[i].getClass();
                    if (clazz == null || clazz.getClassLoader() == null) {
                        continue;
                    }
                    Field[] fs = clazz.getDeclaredFields();
                    for (Field f : fs) {
                        // 设置些属性是可以访问的
                        f.setAccessible(true);
                        // 得到此属性的类型
                        System.out.println(f.get(obj[i]));
                        System.out.println(f.getName());
                        String fieldType = f.getType().toString();
                        Object fieldValue = f.get(obj[i]);
                        if (fieldValue != null) {
                            if (fieldType.endsWith("String")) {
                                // 给属性设值
                                f.set(obj[i], RSAUtil.decrypt(String.valueOf(fieldValue), AppConstants.RSA_PRI_KEY));
                            } else if (fieldType.endsWith("List")) {
                                System.out.println(fieldValue.getClass());
                                List obj1 = (List) fieldValue;
                                for (Object t : obj1) {
                                    Class listClazz = t.getClass();
                                    if (listClazz == null || listClazz.getClassLoader() == null) {
                                        continue;
                                    }
                                    Field[] listFs = listClazz.getDeclaredFields();
                                    for (Field listF : listFs) {
                                        // 设置些属性是可以访问的
                                        listF.setAccessible(true);
                                        String listFileType = listF.getType().toString();
                                        Object listFieldValue = listF.get(t);
                                        if (listFieldValue != null && listFileType.endsWith("String")) {
                                            // 给属性设值
                                            listF.set(t, RSAUtil.decrypt(String.valueOf(listFieldValue), AppConstants.RSA_PRI_KEY));
                                        }
                                    }
                                }
                            }

                        }
                    }
                }

            }
        }
        // 获取下拉
        List  droplist = new ArrayList();
        if(drop != null && !"".equals(drop)){
            DropBeanUtil dropBeanUtil = new DropBeanUtil();
            droplist =  JSON.parseArray(drop, DropVO.class);
            for(DropVO dropvo : droplist){
                List dropitem = new ArrayList();
                if(dropvo.getFilter() != null && !"".equals(dropvo.getFilter())){//传入filter
                    if(dropvo.getService() != null && !"".equals(dropvo.getService())){//没有传入service
                        dropitem = dropBeanUtil.getDrop(dropvo.getDropname(), dropvo.getFilter());
                    }else{//传入service
                        dropitem = dropBeanUtil.getDropFromService(dropvo.getService(), dropvo.getDropname(), dropvo.getFilter());
                    }
                }else{//没有传入filter
                    if(dropvo.getService() != null && !"".equals(dropvo.getService())){//传入service
                        dropitem = dropBeanUtil.getDropFromService(dropvo.getService(), dropvo.getDropname());
                    }else{//没有传入service
                        dropitem = dropBeanUtil.getDrop(dropvo.getDropname());
                    }
                }
                Map map = dropitem.stream().collect(Collectors.toMap(DropBean::getValue, DropBean::getLabel));
                dropvo.setDropmap(map);
            }
        }
        Object result = joinPoint.proceed(obj);
        // 对请求结果进行处理 如加密等等
        
        if(droplist.size() > 0 && droplist != null){
            ResultVO resultvo = (ResultVO) result;
            resultvo.setDrop(droplist);
        }
        return result;
    }
}