Project Introduction
Log desensitization is a common security requirement. The common method based on the tool class method is too invasive to the code. It's very cumbersome to write.
This project provides an annotation-based method, and has built-in common desensitization methods for easy development.
characteristic
- Annotation-based log desensitization.
- You can customize the implementation of the strategy, and the conditions for the strategy to take effect.
- Common desensitization built-in programs.
- Java deep copy, and the original object does not need to implement any interface.
- User-defined annotations are supported.
custom annotation
maven import
<dependency>
<groupId>com.github.houbb</groupId>
<artifactId>sensitive</artifactId>
<version>0.0.4</version>
</dependency>
custom annotation
New in v0.0.4. Allows functions to customize conditional and policy annotations. case
custom annotation
- strategic desensitization
/**
* 自定义密码脱敏策略
* @author binbin.hou
* date 2019/1/17
* @since 0.0.4
*/
@Inherited
@Documented
@Target(ElementType.FIELD)
@Retention(RetentionPolicy.RUNTIME)
@SensitiveStrategy(CustomPasswordStrategy.class)
public @interface SensitiveCustomPasswordStrategy {
}
- Desensitization effective conditions
/**
* 自定义密码脱敏策略生效条件
* @author binbin.hou
* date 2019/1/17
* @since 0.0.4
*/
@Inherited
@Documented
@Target(ElementType.FIELD)
@Retention(RetentionPolicy.RUNTIME)
@SensitiveCondition(ConditionFooPassword.class)
public @interface SensitiveCustomPasswordCondition{
}
- TIPS @SensitiveStrategy
When the policy is used alone, it is in effect by default.
If there is an @SensitiveCondition annotation, the desensitization strategy will only be executed when the condition is met.
@SensitiveCondition will only take effect on system built-in annotations and custom annotations, because @Sensitive has its own policy conditions.
- Policy Priority @Sensitive
It takes effect first, then the system built-in annotations, and finally the user-defined annotations.
corresponding implementation
The two meta-annotations @SensitiveStrategy and @SensitiveCondition specify the corresponding implementation respectively.
- CustomPasswordStrategy.java
public class CustomPasswordStrategy implements IStrategy {
@Override
public Object des(Object original, IContext context) {
return "**********************";
}
}
- ConditionFooPassword.java
/**
* 让这些 123456 的密码不进行脱敏
* @author binbin.hou
* date 2019/1/2
* @since 0.0.1
*/
public class ConditionFooPassword implements ICondition {
@Override
public boolean valid(IContext context) {
try {
Field field = context.getCurrentField(); final Object currentObj = context.getCurrentObject();
final String name = (String) field.get(currentObj);
return !name.equals("123456");
} catch (IllegalAccessException e) {
throw new RuntimeException(e);
}
}
}
define test objects
Define an object with custom annotations.
public class CustomPasswordModel {
@SensitiveCustomPasswordCondition
@SensitiveCustomPasswordStrategy
private String password;
@SensitiveCustomPasswordCondition
@SensitiveStrategyPassword
private String fooPassword;
//其他方法
}
test
/**
* 自定义注解测试
*/
@Test
public void customAnnotationTest() {
final String originalStr = "CustomPasswordModel{password='hello', fooPassword='123456'}";
final String sensitiveStr = "CustomPasswordModel{password='**********************', fooPassword='123456'}";
CustomPasswordModel model = buildCustomPasswordModel();
Assert.assertEquals(originalStr, model.toString());
CustomPasswordModel sensitive = SensitiveUtil.desCopy(model);
Assert.assertEquals(sensitiveStr, sensitive.toString());
Assert.assertEquals(originalStr, model.toString());
}
The way to build an object is as follows:
/**
* 构建自定义密码对象
* @return 对象
*/
private CustomPasswordModel buildCustomPasswordModel(){
CustomPasswordModel model = new CustomPasswordModel();
model.setPassword("hello");
model.setFooPassword("123456");
return model;
}