加密问题

2025-07-23 11:33:06 +08:00
parent e89c99d2ca
commit 6aed3167b3
4 changed files with 60 additions and 9 deletions
--- a/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java
@ -8,6 +8,7 @@ import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
+import org.springframework.util.PathMatcher;

 /**
 * api 解密自动配置
@ -20,10 +21,10 @@ import org.springframework.context.annotation.Bean;
 public class ApiDecryptAutoConfiguration {

    @Bean
-    public FilterRegistrationBean<CryptoFilter> cryptoFilterRegistration(ApiDecryptProperties properties) {
+    public FilterRegistrationBean<CryptoFilter> cryptoFilterRegistration(ApiDecryptProperties properties, PathMatcher pathMatcher) {
        FilterRegistrationBean<CryptoFilter> registration = new FilterRegistrationBean<>();
        registration.setDispatcherTypes(DispatcherType.REQUEST);
-        registration.setFilter(new CryptoFilter(properties));
+        registration.setFilter(new CryptoFilter(properties,pathMatcher));
        registration.addUrlPatterns("/*");
        registration.setName("cryptoFilter");
        registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE);
--- a/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
@ -11,12 +11,15 @@ import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.encrypt.annotation.ApiEncrypt;
 import org.dromara.common.encrypt.properties.ApiDecryptProperties;
 import org.springframework.http.HttpMethod;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.PathMatcher;
 import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerExceptionResolver;
 import org.springframework.web.servlet.HandlerExecutionChain;
 import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

 import java.io.IOException;
+import java.util.List;


 /**
@ -26,23 +29,36 @@ import java.io.IOException;
 */
 public class CryptoFilter implements Filter {
    private final ApiDecryptProperties properties;
+    private final PathMatcher pathMatcher;

-    public CryptoFilter(ApiDecryptProperties properties) {
+    public CryptoFilter(ApiDecryptProperties properties, PathMatcher pathMatcher) {
        this.properties = properties;
+        this.pathMatcher = pathMatcher;
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest servletRequest = (HttpServletRequest) request;
        HttpServletResponse servletResponse = (HttpServletResponse) response;
+
+        // 获取加密注解
+        //ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
+        //boolean responseFlag = apiEncrypt != null && apiEncrypt.response();
+
+        //直接全局加密
        boolean responseFlag = true;
-        if ("OPTIONS".equalsIgnoreCase(servletRequest.getMethod())) {
-            // 是预检请求就直接返回不走响应加密
-            responseFlag = false;
+
+        // 检查请求是否被排除
+        if (isExcludedPath(servletRequest.getRequestURI())) {
+            chain.doFilter(request, response);
+            return;
        }
-//        // 获取加密注解
-//        ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
-//        boolean responseFlag = apiEncrypt != null && apiEncrypt.response();
+        if ("OPTIONS".equalsIgnoreCase(servletRequest.getMethod())) {
+            chain.doFilter(request, response);
+            return;
+        }
+
+

        ServletRequest requestWrapper = null;
        ServletResponse responseWrapper = null;
@ -88,6 +104,25 @@ public class CryptoFilter implements Filter {
        }
    }

+    private boolean isExcludedPath(String requestUri) {
+        // 从配置中获取放行的URL列表
+        List<String> excludedPaths = properties.getExcludedPaths();
+
+        if (CollectionUtils.isEmpty(excludedPaths)) {
+            return false;
+        }
+
+        // 检查请求URI是否匹配任何一个放行路径
+        for (String excludedPath : excludedPaths) {
+            // 支持简单的Ant风格路径匹配（如 /api/public/**）
+            if (pathMatcher.match(excludedPath, requestUri)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
    /**
     * 获取 ApiEncrypt 注解
     */
--- a/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java
@ -3,6 +3,9 @@ package org.dromara.common.encrypt.properties;
 import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;

+import java.util.ArrayList;
+import java.util.List;
+
 /**
 * api解密属性配置类
 * @author wdhcr
@ -31,4 +34,10 @@ public class ApiDecryptProperties {
     */
    private String privateKey;

+    /**
+     * cory
+     * 需要放行的接口路径列表（支持Ant风格路径匹配）
+     */
+    private List<String> excludedPaths = new ArrayList<>();
+
 }