1 tahun lalu · b34633fd74
--- a/framework-security/src/main/java/com/chelvc/framework/security/config/SecurityConfigurer.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/config/SecurityConfigurer.java
@@ -6,9 +6,9 @@ import javax.servlet.Filter;
 
															 import com.chelvc.framework.base.interceptor.StandardUnifiedResponseWrapper;
														
 
															 import com.chelvc.framework.base.interceptor.UnifiedResponseWrapper;
														
 
															+import com.chelvc.framework.base.util.StringUtils;
														
 
															 import com.chelvc.framework.security.annotation.Encrypt;
														
 
															 import com.chelvc.framework.security.context.SecurityContextHolder;
														
 
															-import lombok.extern.slf4j.Slf4j;
														
 
															 import org.aopalliance.intercept.MethodInvocation;
														
 
															 import org.springframework.boot.web.servlet.FilterRegistrationBean;
														
 
															 import org.springframework.context.annotation.Bean;
														
@@ -35,7 +35,6 @@ import org.springframework.web.filter.CorsFilter;
 
															  * @author Woody
														
 
															  * @date 2023/4/5
														
 
															  */
														
 
															-@Slf4j
														
 
															 @Configuration
														
 
															 @EnableGlobalMethodSecurity(prePostEnabled = true)
														
 
															 public class SecurityConfigurer extends GlobalMethodSecurityConfiguration {
														
@@ -70,13 +69,9 @@ public class SecurityConfigurer extends GlobalMethodSecurityConfiguration {
 
															             public Object wrap(NativeWebRequest request, MethodParameter method, Object value) {
														
 
															                 // 判断方法返回值是否需要加密
														
 
															                 Method target = Objects.requireNonNull(method.getMethod());
														
 
															-                if (target.getReturnType() == String.class && target.isAnnotationPresent(Encrypt.class)) {
														
 
															-                    try {
														
 
															-                        value = SecurityContextHolder.encrypt((String) value);
														
 
															-                    } catch (Exception e) {
														
 
															-                        // 如果加密失败则回退到明文传输
														
 
															-                        log.error("Data encrypt failed: {}", e.getMessage());
														
 
															-                    }
														
 
															+                if (target.getReturnType() == String.class && target.isAnnotationPresent(Encrypt.class)
														
 
															+                        && StringUtils.nonEmpty(value)) {
														
 
															+                    value = SecurityContextHolder.encrypt((String) value, true);
														
 
															                 }
														
 
															                 return super.wrap(request, method, value);
														
 
															             }
														
--- a/framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/context/SecurityContextHolder.java
@@ -73,6 +73,29 @@ public class SecurityContextHolder {
 
															         return CODEC_CHARACTERISTIC_PREFIX + ciphertext + CODEC_CHARACTERISTIC_SUFFIX;
														
 
															     }
														
 
															+    /**
														
 
															+     * 数据加密
														
 
															+     *
														
 
															+     * @param plaintext 数据明文
														
 
															+     * @param safety    是否使用安全模式（如果加密失败则返回明文）
														
 
															+     * @return 数据密文
														
 
															+     */
														
 
															+    public static String encrypt(String plaintext, boolean safety) {
														
 
															+        // 非安全模式
														
 
															+        if (!safety) {
														
 
															+            return encrypt(plaintext);
														
 
															+        }
														
 
															+
														
 
															+        // 安全模式
														
 
															+        try {
														
 
															+            return encrypt(plaintext);
														
 
															+        } catch (Exception e) {
														
 
															+            // 如果加密失败则返回明文
														
 
															+            log.error("Data encrypt failed: {}", e.getMessage());
														
 
															+            return plaintext;
														
 
															+        }
														
 
															+    }
														
 
															+
														
 
															     /**
														
 
															      * 数据解密
														
 
															      *
														
--- a/framework-security/src/main/java/com/chelvc/framework/security/interceptor/JacksonEncryptSerializer.java
+++ b/framework-security/src/main/java/com/chelvc/framework/security/interceptor/JacksonEncryptSerializer.java
@@ -11,7 +11,6 @@ import com.fasterxml.jackson.databind.JsonSerializer;
 
															 import com.fasterxml.jackson.databind.SerializerProvider;
														
 
															 import com.fasterxml.jackson.databind.ser.ContextualSerializer;
														
 
															 import com.fasterxml.jackson.databind.ser.std.StdSerializer;
														
 
															-import lombok.extern.slf4j.Slf4j;
														
 
															 /**
														
 
															  * 敏感数据加密序列化处理器
														
@@ -19,7 +18,6 @@ import lombok.extern.slf4j.Slf4j;
 
															  * @author Woody
														
 
															  * @date 2023/7/28
														
 
															  */
														
 
															-@Slf4j
														
 
															 public class JacksonEncryptSerializer extends StdSerializer<String> implements ContextualSerializer {
														
 
															     /**
														
 
															      * 敏感字段加密注解实例
														
@@ -40,13 +38,7 @@ public class JacksonEncryptSerializer extends StdSerializer<String> implements C
 
															         if (this.encrypt == null || StringUtils.isEmpty(plaintext)) {
														
 
															             generator.writeString(plaintext);
														
 
															         } else {
														
 
															-            try {
														
 
															-                generator.writeString(SecurityContextHolder.encrypt(plaintext));
														
 
															-            } catch (Exception e) {
														
 
															-                // 如果加密失败则回退到明文传输
														
 
															-                log.error("Data encrypt failed: {}", e.getMessage());
														
 
															-                generator.writeString(plaintext);
														
 
															-            }
														
 
															+            generator.writeString(SecurityContextHolder.encrypt(plaintext, true));
														
 
															         }
														
 
															     }