From ce3aefadd70b70516fd664bfcd580d67914276a8 Mon Sep 17 00:00:00 2001 From: YunaiV Date: Sat, 12 Nov 2022 09:15:02 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A7=BB=E9=99=A4=20jasypt-spring-boot-starter?= =?UTF-8?q?=20=E4=BE=9D=E8=B5=96=EF=BC=8C=E4=BD=BF=E7=94=A8=20hutool=20AES?= =?UTF-8?q?=20=E6=9B=BF=E4=BB=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- yudao-dependencies/pom.xml | 7 ----- .../yudao-spring-boot-starter-mybatis/pom.xml | 7 ----- .../mybatis/core/type/EncryptTypeHandler.java | 29 +++++++++++-------- .../yudao-module-infra-biz/pom.xml | 4 --- .../db/DataSourceConfigServiceImplTest.java | 13 +++++---- .../src/main/resources/application-dev.yaml | 4 --- .../src/main/resources/application-local.yaml | 16 ++++------ .../src/main/resources/application.yaml | 2 ++ 8 files changed, 32 insertions(+), 50 deletions(-) diff --git a/yudao-dependencies/pom.xml b/yudao-dependencies/pom.xml index b58f2d1a7..b573bab17 100644 --- a/yudao-dependencies/pom.xml +++ b/yudao-dependencies/pom.xml @@ -43,7 +43,6 @@ 6.7.2 - 3.0.4 1.18.24 1.5.3.Final 5.8.9 @@ -407,12 +406,6 @@ ${revision} - - com.github.ulisesbocchio - jasypt-spring-boot-starter - ${jasypt-spring-boot-starter.version} - - cn.iocoder.boot yudao-spring-boot-starter-excel diff --git a/yudao-framework/yudao-spring-boot-starter-mybatis/pom.xml b/yudao-framework/yudao-spring-boot-starter-mybatis/pom.xml index 5567cedc7..acf2c8b21 100644 --- a/yudao-framework/yudao-spring-boot-starter-mybatis/pom.xml +++ b/yudao-framework/yudao-spring-boot-starter-mybatis/pom.xml @@ -59,13 +59,6 @@ dynamic-datasource-spring-boot-starter - - - com.github.ulisesbocchio - jasypt-spring-boot-starter - true - - diff --git a/yudao-framework/yudao-spring-boot-starter-mybatis/src/main/java/cn/iocoder/yudao/framework/mybatis/core/type/EncryptTypeHandler.java b/yudao-framework/yudao-spring-boot-starter-mybatis/src/main/java/cn/iocoder/yudao/framework/mybatis/core/type/EncryptTypeHandler.java index f5d5a8fd1..7ef0f4ece 100644 --- a/yudao-framework/yudao-spring-boot-starter-mybatis/src/main/java/cn/iocoder/yudao/framework/mybatis/core/type/EncryptTypeHandler.java +++ b/yudao-framework/yudao-spring-boot-starter-mybatis/src/main/java/cn/iocoder/yudao/framework/mybatis/core/type/EncryptTypeHandler.java @@ -1,10 +1,11 @@ package cn.iocoder.yudao.framework.mybatis.core.type; import cn.hutool.core.lang.Assert; +import cn.hutool.crypto.SecureUtil; +import cn.hutool.crypto.symmetric.AES; import cn.hutool.extra.spring.SpringUtil; import org.apache.ibatis.type.BaseTypeHandler; import org.apache.ibatis.type.JdbcType; -import org.jasypt.encryption.StringEncryptor; import java.sql.CallableStatement; import java.sql.PreparedStatement; @@ -12,18 +13,20 @@ import java.sql.ResultSet; import java.sql.SQLException; /** - * 字段字段的 TypeHandler 实现类,基于 {@link StringEncryptor} 实现 + * 字段字段的 TypeHandler 实现类,基于 {@link cn.hutool.crypto.symmetric.AES} 实现 * 可通过 jasypt.encryptor.password 配置项,设置密钥 * * @author 芋道源码 */ public class EncryptTypeHandler extends BaseTypeHandler { - private static StringEncryptor encryptor; + private static final String ENCRYPTOR_PROPERTY_NAME = "mybatis-plus.encryptor.password"; + + private static AES aes; @Override public void setNonNullParameter(PreparedStatement ps, int i, String parameter, JdbcType jdbcType) throws SQLException { - ps.setString(i, getEncryptor().encrypt(parameter)); + ps.setString(i, encrypt(parameter)); } @Override @@ -48,23 +51,25 @@ public class EncryptTypeHandler extends BaseTypeHandler { if (value == null) { return null; } - return getEncryptor().decrypt(value); + return getEncryptor().decryptStr(value); } public static String encrypt(String rawValue) { if (rawValue == null) { return null; } - return getEncryptor().encrypt(rawValue); + return getEncryptor().encryptBase64(rawValue); } - private static StringEncryptor getEncryptor() { - if (encryptor != null) { - return encryptor; + private static AES getEncryptor() { + if (aes != null) { + return aes; } - encryptor = SpringUtil.getBean(StringEncryptor.class); - Assert.notNull(encryptor, "StringEncryptor 不能为空"); - return encryptor; + // 构建 AES + String password = SpringUtil.getProperty(ENCRYPTOR_PROPERTY_NAME); + Assert.notEmpty(password, "配置项({}) 不能为空", ENCRYPTOR_PROPERTY_NAME); + aes = SecureUtil.aes(password.getBytes()); + return aes; } } diff --git a/yudao-module-infra/yudao-module-infra-biz/pom.xml b/yudao-module-infra/yudao-module-infra-biz/pom.xml index e06eebb54..5987ce90a 100644 --- a/yudao-module-infra/yudao-module-infra-biz/pom.xml +++ b/yudao-module-infra/yudao-module-infra-biz/pom.xml @@ -83,10 +83,6 @@ - - com.github.ulisesbocchio - jasypt-spring-boot-starter - cn.iocoder.boot diff --git a/yudao-module-infra/yudao-module-infra-biz/src/test/java/cn/iocoder/yudao/module/infra/service/db/DataSourceConfigServiceImplTest.java b/yudao-module-infra/yudao-module-infra-biz/src/test/java/cn/iocoder/yudao/module/infra/service/db/DataSourceConfigServiceImplTest.java index c23edf537..e1c997f7b 100755 --- a/yudao-module-infra/yudao-module-infra-biz/src/test/java/cn/iocoder/yudao/module/infra/service/db/DataSourceConfigServiceImplTest.java +++ b/yudao-module-infra/yudao-module-infra-biz/src/test/java/cn/iocoder/yudao/module/infra/service/db/DataSourceConfigServiceImplTest.java @@ -1,6 +1,7 @@ package cn.iocoder.yudao.module.infra.service.db; import cn.hutool.core.util.ReflectUtil; +import cn.hutool.crypto.symmetric.AES; import cn.iocoder.yudao.framework.mybatis.core.type.EncryptTypeHandler; import cn.iocoder.yudao.framework.mybatis.core.util.JdbcUtils; import cn.iocoder.yudao.framework.test.core.ut.BaseDbUnitTest; @@ -9,7 +10,6 @@ import cn.iocoder.yudao.module.infra.controller.admin.db.vo.DataSourceConfigUpda import cn.iocoder.yudao.module.infra.dal.dataobject.db.DataSourceConfigDO; import cn.iocoder.yudao.module.infra.dal.mysql.db.DataSourceConfigMapper; import com.baomidou.dynamic.datasource.spring.boot.autoconfigure.DynamicDataSourceProperties; -import org.jasypt.encryption.StringEncryptor; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.MockedStatic; @@ -24,7 +24,8 @@ import static cn.iocoder.yudao.framework.test.core.util.AssertUtils.assertServic import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomLongId; import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomPojo; import static cn.iocoder.yudao.module.infra.enums.ErrorCodeConstants.DATA_SOURCE_CONFIG_NOT_EXISTS; -import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertNull; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.mockStatic; @@ -45,7 +46,7 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest { private DataSourceConfigMapper dataSourceConfigMapper; @MockBean - private StringEncryptor stringEncryptor; + private AES aes; @MockBean private DynamicDataSourceProperties dynamicDataSourceProperties; @@ -53,9 +54,9 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest { @BeforeEach public void setUp() { // mock 一个空实现的 StringEncryptor,避免 EncryptTypeHandler 报错 - ReflectUtil.setFieldValue(EncryptTypeHandler.class, "encryptor", stringEncryptor); - when(stringEncryptor.encrypt(anyString())).then((Answer) invocation -> invocation.getArgument(0)); - when(stringEncryptor.decrypt(anyString())).then((Answer) invocation -> invocation.getArgument(0)); + ReflectUtil.setFieldValue(EncryptTypeHandler.class, "aes", aes); + when(aes.encryptBase64(anyString())).then((Answer) invocation -> invocation.getArgument(0)); + when(aes.decryptStr(anyString())).then((Answer) invocation -> invocation.getArgument(0)); } @Test diff --git a/yudao-server/src/main/resources/application-dev.yaml b/yudao-server/src/main/resources/application-dev.yaml index 9b4340c73..256afc005 100644 --- a/yudao-server/src/main/resources/application-dev.yaml +++ b/yudao-server/src/main/resources/application-dev.yaml @@ -63,10 +63,6 @@ spring: database: 1 # 数据库索引 # password: 123456 # 密码,建议生产环境开启 -jasypt: - encryptor: - password: yuanma # 加解密的秘钥 - --- #################### 定时任务相关配置 #################### # Quartz 配置项,对应 QuartzProperties 配置类 diff --git a/yudao-server/src/main/resources/application-local.yaml b/yudao-server/src/main/resources/application-local.yaml index 4c5ed6f48..ad111ff3c 100644 --- a/yudao-server/src/main/resources/application-local.yaml +++ b/yudao-server/src/main/resources/application-local.yaml @@ -45,37 +45,33 @@ spring: datasource: master: name: ruoyi-vue-pro - url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 + url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 # url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例 # url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例 # url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例 # url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.master.name} # SQLServer 连接的示例 username: root - password: ${RUOYI_VUE_PRO} + password: 123456 # username: sa # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W slave: # 模拟从库,可根据自己需要修改 name: ruoyi-vue-pro - url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 + url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例 # url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例 # url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例 # url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例 # url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.slave.name} # SQLServer 连接的示例 username: root - password: ${RUOYI_VUE_PRO} + password: 123456 # username: sa # password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W # Redis 配置。Redisson 默认的配置足够使用,一般不需要进行调优 redis: - host: 139.9.196.247 # 地址 + host: 127.0.0.1 # 地址 port: 6379 # 端口 database: 0 # 数据库索引 - password: 123456 # 密码,建议生产环境开启 - -jasypt: - encryptor: - password: yuanma # 加解密的秘钥 +# password: 123456 # 密码,建议生产环境开启 --- #################### 定时任务相关配置 #################### diff --git a/yudao-server/src/main/resources/application.yaml b/yudao-server/src/main/resources/application.yaml index a9d638ae2..beb0aee7c 100644 --- a/yudao-server/src/main/resources/application.yaml +++ b/yudao-server/src/main/resources/application.yaml @@ -56,6 +56,8 @@ mybatis-plus: logic-delete-value: 1 # 逻辑已删除值(默认为 1) logic-not-delete-value: 0 # 逻辑未删除值(默认为 0) type-aliases-package: ${yudao.info.base-package}.module.*.dal.dataobject + encryptor: + password: XDV71a+xqStEA3WH # 加解密的秘钥,可使用 https://www.imaegoo.com/2020/aes-key-generator/ 网站生成 --- #################### 验证码相关配置 ####################