Java如何进行数据脱敏

1.SQL数据脱敏实现

MYSQL(电话号码,身份证)数据脱敏的实现

1

2

3

4

5

6

7

8

-- CONCAT()、LEFT()和RIGHT()字符串函数组合使用,请看下面具体实现

-- CONCAT(str1,str2,…):返回结果为连接参数产生的字符串

-- LEFT(str,len):返回从字符串str 开始的len 最左字符

-- RIGHT(str,len):从字符串str 开始,返回最右len 字符

-- 电话号码脱敏sql:

SELECT mobilePhone AS 脱敏前电话号码,CONCAT(LEFT(mobilePhone,3), '********' ) AS 脱敏后电话号码 FROM t_s_user

-- 身份证号码脱敏sql:

SELECT idcard AS 未脱敏身份证, CONCAT(LEFT(idcard,3), '****' ,RIGHT(idcard,4)) AS 脱敏后身份证号 FROM t_s_user

2.JAVA数据脱敏实现

数据脱敏插件,目前支持地址脱敏、银行卡号脱敏、中文姓名脱敏、固话脱敏、身份证号脱敏、手机号脱敏、密码脱敏 一个是正则脱敏、另外一个根据显示长度脱敏,默认是正则脱敏,可以根据自己的需要配置自己的规则。

3 mybatis-mate-sensitive-jackson

mybatisplus 的新作,可以测试使用,生产需要收费。

根据定义的策略类型,对数据进行脱敏,当然策略可以自定义。

1

2

3

4

5

6

7

8

9

10

11

12

13

# 目前已有

package mybatis.mate.strategy;

public interface SensitiveType {

    String chineseName = "chineseName";

    String idCard = "idCard";

    String phone = "phone";

    String mobile = "mobile";

    String address = "address";

    String email = "email";

    String bankCard = "bankCard";

    String password = "password";

    String carNumber = "carNumber";

}

Demo 代码目录

Java如何进行数据脱敏_第1张图片

 1、pom.xml

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">

    <parent>

        <groupId>com.baomidougroupId>

        <artifactId>mybatis-mate-examplesartifactId>

        <version>0.0.1-SNAPSHOTversion>

    parent>

    <modelVersion>4.0.0modelVersion>

    <artifactId>mybatis-mate-sensitive-jacksonartifactId>

    <dependencies>

        <dependency>

            <groupId>mysqlgroupId>

            <artifactId>mysql-connector-javaartifactId>

        dependency>

    dependencies>

project>

2、appliation.yml

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

# DataSource Config

spring:

  datasource:

#    driver-class-name: org.h2.Driver

#    schema: classpath:db/schema-h2.sql

#    data: classpath:db/data-h2.sql

#    url: jdbc:h2:mem:test

#    username: root

#    password: test

    driver-class-name: com.mysql.cj.jdbc.Driver

    url: jdbc:mysql://localhost:3306/mybatis_mate?useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC

    username: root

    password: 123456

# Mybatis Mate 配置

mybatis-mate:

  cert:

    grant: thisIsTestLicense

    license: as/bsBaSVrsA9FfjC/N77ruEt2/QZDrW+MHETNuEuZBra5mlaXZU+DE1ZvF8UjzlLCpH3TFVH3WPV+Ya7Ugiz1Rx4wSh/FK6Ug9lhos7rnsNaRB/+mR30aXqtlLt4dAmLAOCT56r9mikW+t1DDJY8TVhERWMjEipbqGO9oe1fqYCegCEX8tVCpToKr5J1g1V86mNsNnEGXujnLlEw9jBTrGxAyQroD7Ns1Dhwz1K4Y188mvmRQp9t7OYrpgsC7N9CXq1s1c2GtvfItHArkqHE4oDrhaPjpbMjFWLI5/XqZDtW3D+AVcH7pTcYZn6vzFfDZEmfDFV5fQlT3Rc+GENEg==

# Logger Config

logging:

  level:

    mybatis.mate: debug

3、Appliation启动类

1

2

3

4

5

6

7

8

9

10

package mybatis.mate.sensitive.jackson;

import org.springframework.boot.SpringApplication;

import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication

public class SensitiveJacksonApplication {

    // 测试访问 http://localhost:8080/info ,http://localhost:8080/list

    public static void main(String[] args) {

        SpringApplication.run(SensitiveJacksonApplication.class, args);

    }

}

4、配置类,自定义脱敏策略

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

package mybatis.mate.sensitive.jackson.config;

import mybatis.mate.databind.ISensitiveStrategy;

import mybatis.mate.strategy.SensitiveStrategy;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

@Configuration

public class SensitiveStrategyConfig {

    /**

     * 注入脱敏策略

     */

    @Bean

    public ISensitiveStrategy sensitiveStrategy() {

        // 自定义 testStrategy 类型脱敏处理

        return new SensitiveStrategy().addStrategy("testStrategy", t -> t + "***test***");

    }

}

5、业务类

User,注解标识脱敏字段,及选用脱敏策略

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

package mybatis.mate.sensitive.jackson.entity;

import lombok.Getter;

import lombok.Setter;

import mybatis.mate.annotation.FieldSensitive;

import mybatis.mate.sensitive.jackson.config.SensitiveStrategyConfig;

import mybatis.mate.strategy.SensitiveType;

@Getter

@Setter

public class User {

    private Long id;

    /**

     * 这里是一个自定义的策略 {@link SensitiveStrategyConfig} 初始化注入

     */

    @FieldSensitive("testStrategy")

    private String username;

    /**

     * 默认支持策略 {@link SensitiveType }

     */

    @FieldSensitive(SensitiveType.mobile)

    private String mobile;

    @FieldSensitive(SensitiveType.email)

    private String email;

}

UserController

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

package mybatis.mate.sensitive.jackson.controller;

import mybatis.mate.databind.ISensitiveStrategy;

import mybatis.mate.databind.RequestDataTransfer;

import mybatis.mate.sensitive.jackson.entity.User;

import mybatis.mate.sensitive.jackson.mapper.UserMapper;

import mybatis.mate.strategy.SensitiveType;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.web.bind.annotation.GetMapping;

import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

@RestController

public class UserController {

    @Autowired

    private UserMapper userMapper;

    @Autowired

    private ISensitiveStrategy sensitiveStrategy;

    // 测试访问 http://localhost:8080/info

    @GetMapping("/info")

    public User info() {

        return userMapper.selectById(1L);

    }

    // 测试返回 map 访问 http://localhost:8080/map

    @GetMapping("/map")

    public Map map() {

        // 测试嵌套对象脱敏

        Map userMap = new HashMap<>();

        userMap.put("user", userMapper.selectById(1L));

        userMap.put("test", 123);

        userMap.put("userMap", new HashMap() {{

            put("user2", userMapper.selectById(2L));

            put("test2", "hi china");

        }});

        // 手动调用策略脱敏

        userMap.put("mobile", sensitiveStrategy.getStrategyFunctionMap()

                .get(SensitiveType.mobile).apply("15315388888"));

        return userMap;

    }

    // 测试访问 http://localhost:8080/list

    // 不脱敏 http://localhost:8080/list?skip=1

    @GetMapping("/list")

    public List list(HttpServletRequest request) {

        if ("1".equals(request.getParameter("skip"))) {

            // 跳过脱密处理

            RequestDataTransfer.skipSensitive();

        }

        return userMapper.selectList(null);

    }

}

UserMapper

1

2

3

4

5

6

7

package mybatis.mate.sensitive.jackson.mapper;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;

import mybatis.mate.sensitive.jackson.entity.User;

import org.apache.ibatis.annotations.Mapper;

@Mapper

public interface UserMapper extends BaseMapper {

}

6、测试

1

GET http://localhost:8080/list

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

[

  {

    "id": 1,

    "username": "Jone***test***",

    "mobile": "153******81",

    "email": "t****@baomidou.com"

  },

  {

    "id": 2,

    "username": "Jack***test***",

    "mobile": "153******82",

    "email": "t****@baomidou.com"

  },

  {

    "id": 3,

    "username": "Tom***test***",

    "mobile": "153******83",

    "email": "t****@baomidou.com"

  }

]

1

GET http://localhost:8080/list?skip=1

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

[

  {

    "id": 1,

    "username": "Jone",

    "mobile": "15315388881",

    "email": "[email protected]"

  },

  {

    "id": 2,

    "username": "Jack",

    "mobile": "15315388882",

    "email": "[email protected]"

  },

  {

    "id": 3,

    "username": "Tom",

    "mobile": "15315388883",

    "email": "[email protected]"

  }

]

你可能感兴趣的:(java,开发语言)