使⽤jackson进⾏json序列化时进⾏敏感字段脱敏(加密)或者
忽略
需求:
1、通过注解的⽅式指定字段在序列化时进⾏脱敏或者加密;
2、通过注解的⽅式指定字段在序列化时忽略掉;
3、某些情况下需要处理的类不是我们可以修改的,但是也要实现上述两项需求;
实现如下:
⼯具类SensitiveJsonUtil:
赵思绾
ample.jackson;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;梦见蛇是什么预兆
import com.JsonProcessingException;
import com.fasterxml.jackson.databind.DerializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
public class SensitiveJsonUtil {
private static ObjectMapper objectMapper = new ObjectMapper();
static {
// 反序列化时忽略不存在的字段
// 注册处理敏感字段的扩展模块
// 通过mixIn功能来按字段名忽略⼀些字段
objectMapper.addMixIn(Object.class, IgnoreSensitiveFieldsMixin.class);
}
@JsonIgnoreProperties(
value = {
"password",
"cret",
"token"
}
)
static class IgnoreSensitiveFieldsMixin {
}
public static String toJsonString(Object object) {
try {
return objectMapper.writeValueAsString(object);
} catch (JsonProcessingException e) {
throw new RuntimeException(String.format("toJsonString error, %s", e.getMessage()), e);
}
}
}
扩展模块类SensitiveFieldProcessModule(这⾥仅为demo,所以⼀些相关的类直接以嵌套类放在了⼀起)
ample.jackson;
import com.fasterxml.jackson.annotation.JacksonAnnotation;
import com.JsonGenerator;
import com.JsonProcessingException;
import com.Version;
import com.util.VersionUtil;
import com.fasterxml.jackson.databind.*;
import com.fasterxml.BeanPropertyWriter;
import com.fasterxml.BeanSerializerModifier;
import com.fasterxml.pe.MapType;
import s.lang3.StringUtils;
import java.io.IOException;
import java.lang.annotation.ElementType;拼音yu
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.util.ArrayList;
import java.util.List;
public class SensitiveFieldProcessModule extends Module {
private static final String MODULE_NAME = "jackson-nsitive-field-process-module";
private Version version = VersionUtil.parVersion("0.0.1", "ample", MODULE_NAME);
@Override
public String getModuleName() {
return MODULE_NAME;
}
@Override
public Version version() {
return version;
}
@Override
public void tupModule(SetupContext tupContext) {
tupContext.addBeanSerializerModifier(new SensitiveFieldModifier());
}
public static class SensitiveFieldModifier extends BeanSerializerModifier {
@Override
public List<BeanPropertyWriter> changeProperties(SerializationConfig config, BeanDescription bean
Desc, List<BeanPropertyWriter> beanProperties) { List<BeanPropertyWriter> newWriters = new ArrayList<>();
for (BeanPropertyWriter writer : beanProperties) {
if (Annotation(Sensitive.class) != null && Type().isTypeOrSubTypeOf(String.class)) {
// 如果带有 @Sensitive 注解,并且是字符串,则使⽤⾃定义处理
JsonSerializer<Object> rializer = new Serializer());
writer.assignSerializer(rializer);
}
newWriters.add(writer);
满天星作文
}
return newWriters;
// super.changeProperties(config, beanDesc, beanProperties);
}
@Override
public JsonSerializer<?> modifyMapSerializer(SerializationConfig config, MapType valueType, BeanDescription beanDesc, JsonSerializer<?> rializer) { difyMapSerializer(config, valueType, beanDesc, rializer);
}
}
@JacksonAnnotation
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.FIELD})
public @interface Sensitive {
}
public static class SensitiveJsonSerializer extends JsonSerializer<Object> {
private final JsonSerializer<Object> rializer;
public SensitiveJsonSerializer(JsonSerializer<Object> rializer) {
this.rializer = rializer;
}
@Override
public void rialize(Object object, JsonGenerator jsonGenerator, SerializerProvider rializerProvider) throws IOException, JsonProcessingException { if (object != null && object instanceof String) {
String str = (String) object;
if (StringUtils.isNotBlank(str)) {
object = processSensitiveField(str);
}
}
if (this.rializer == null) {
rializerProvider.defaultSerializeValue(object, jsonGenerator);
} el {
this.rializer.rialize(object, jsonGenerator, rializerProvider);
}
}
private static String processSensitiveField(String input) {
带紫的女孩名字if (StringUtils.isBlank(input)) {
return input;
}
input = im(input);
int strLen = input.length();
瓦斯抽放if (strLen <= 1) {
return "*";
} el if (strLen == 2) {
return String.format("%s*", input.charAt(0));
} el if (strLen == 3) {
return String.format("%s*%s", input.charAt(0), input.charAt(strLen - 1));
340111} el {
int left = strLen / 4;
int right = strLen / 3;
return String.format("%s%s%s",
StringUtils.left(input, left),
StringUtils.right(input, right));
}
}
}
}
使⽤⽰例:
ample;
ample.jackson.SensitiveFieldProcessModule;
ample.jackson.SensitiveJsonUtil;
import java.util.HashMap;
import java.util.Map;
public class App {
public static void main(String[] args) {
Person person = new Person();
person.tUrname("张⼀⼆");
person.tIdNumber("1000000000112245");集中精力
person.tPassword("123456(password)");
Map<String, String> otherInfo = new HashMap<>();
otherInfo.put("nation", "CN");
otherInfo.put("cret", "(cret)");
person.tOtherInfo(otherInfo);
System.out.JsonString(person));
// 输出:{"urname":"张⼀⼆","idNumber":"1000*******12245","otherInfo":{"nation":"CN"}} }
static class Person {
private String urname;
@SensitiveFieldProcessModule.Sensitive
private String idNumber;
private String password;
private Map<String, String> otherInfo;
// ... 省略getter/tter
}
}
参考⽂档:
1. : 通过⾃定义模块来进⾏指定字段的加解密
2.
3.
4.
5.
