我们在日常开发中,经常有一些数据中的部分需要隐藏起来,达到数据安全的目的,这一个过程就是数据脱敏。
一、自定义数据脱敏枚举类
package com.example.springbootdemo.enums;
import lombok.Getter;
import java.util.function.Function;
/**
* 数据脱敏策略枚举
*/
@Getter
public enum DesensitizationStrategyEnum {
/**
* 用户名
*/
USERNAME(s -> s.replaceAll("(\\S)\\S(\\S*)", "$1*$2")),
/**
* 身份证
*/
ID_CARD(s -> s.replaceAll("(\\d{4})\\d{10}(\\w{4})", "$1****$2")),
/**
* 手机号
*/
PHONE(s -> s.replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2")),
/**
* 地址
*/
ADDRESS(s -> s.replaceAll("(\\S{4})\\S{2}(\\S*)\\S{2}", "$1****"));
private final Function<String, String> desensitizer;
DesensitizationStrategyEnum(Function<String, String> desensitizer) {
this.desensitizer = desensitizer;
}
public Function<String, String> desensitizer() {
return desensitizer;
}
}二、自定义数据脱敏序列化类
package com.example.springbootdemo.bean;
import com.example.springbootdemo.annotation.Desensitization;
import com.example.springbootdemo.enums.DesensitizationStrategyEnum;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.BeanProperty;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider;
import com.fasterxml.jackson.databind.ser.ContextualSerializer;
import java.io.IOException;
import java.util.Objects;
/**
* @author qx
* @date 2023/08/19
* @desc 自定义Json序列化 用于对使用脱敏注解的字段进行数据脱敏
*/
public class DesensitizationJsonSerializer extends JsonSerializer<String> implements ContextualSerializer {
private DesensitizationStrategyEnum strategy;
@Override
public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws
IOException {
gen.writeString(strategy.desensitizer().apply(value));
}
/**
* 获取属性上的注解属性
*/
@Override
public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property) throws
JsonMappingException {
Desensitization annotation = property.getAnnotation(Desensitization.class);
if (Objects.nonNull(annotation) && Objects.equals(String.class,
property.getType().getRawClass())) {
this.strategy = annotation.strategy();
return this;
}
return prov.findValueSerializer(property.getType(), property);
}
}
三、自定义数据脱敏注解
package com.example.springbootdemo.annotation;
import com.example.springbootdemo.bean.DesensitizationJsonSerializer;
import com.example.springbootdemo.enums.DesensitizationStrategyEnum;
import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target(ElementType.FIELD)
@Retention(RetentionPolicy.RUNTIME)
// 使用jackson注解
@JacksonAnnotationsInside
@JsonSerialize(using = DesensitizationJsonSerializer.class)
public @interface Desensitization {
DesensitizationStrategyEnum strategy();
}
四、定义一个实体类进行测试
在属性加上自定义的数据脱敏注解,实现对返回的数据进行数据脱敏。
package com.example.springbootdemo.bean;
import com.example.springbootdemo.annotation.Desensitization;
import com.example.springbootdemo.enums.DesensitizationStrategyEnum;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
/**
* @author qx
* @date 2023/08/19
* @desc 数据实体
*/
@Getter
@Setter
@AllArgsConstructor
@NoArgsConstructor
public class Student {
@Desensitization(strategy = DesensitizationStrategyEnum.USERNAME)
private String userName;
@Desensitization(strategy = DesensitizationStrategyEnum.ADDRESS)
private String address;
@Desensitization(strategy = DesensitizationStrategyEnum.PHONE)
private String phone;
@Desensitization(strategy = DesensitizationStrategyEnum.ID_CARD)
private String idCard;
}
五、测试
package com.example.springbootdemo.controller;
import com.example.springbootdemo.bean.Student;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* @author qx
* @date 2023/08/19
* @desc 测试
*/
@RestController
public class DesensitizationController {
/**
* 数据脱敏测试
*
* @return
*/
@GetMapping("/testDesensitization")
public Student test() {
return new Student("qx", "广东省广州市天河区天河路", "18878889999", "450322210227355544");
}
}
我们启动项目,在浏览器上测试这个请求。
我们可以看到返回的数据已经加上了数据脱敏的功能,实现对部分数据进行隐藏。
标签:springbootdemo,SpringBoot,自定义,example,import,com,annotation,脱敏 From: https://blog.51cto.com/u_13312531/7152703