JAVA数据脱敏
Posted l_learning
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了JAVA数据脱敏相关的知识,希望对你有一定的参考价值。
为了保护用户隐私,需要对敏感信息进行脱敏处理,如:姓名、电话号码、身份证
基于jackson,通过自定义注解的方式实现数据脱敏
添加依赖
spring-web、spring-boot-starter-web已经集成了jackson相关包,不用添加
<!--jackson依赖-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
</dependency>
脱敏注解
DesensitizationJsonSerializer.class: 脱敏序列化类
@Retention(RetentionPolicy.RUNTIME)
@JacksonAnnotationsInside
@JsonSerialize(using = DesensitizationJsonSerializer.class)
public @interface Desensitization
Class<? extends AbstractDesensitization> value();
脱敏序列化
/**
* 脱敏序列化
*/
public class DesensitizationJsonSerializer extends JsonSerializer<String> implements ContextualSerializer
private AbstractDesensitization desensitization;
public DesensitizationJsonSerializer()
public DesensitizationJsonSerializer(AbstractDesensitization desensitization)
this.desensitization = desensitization;
@Override
public void serialize(String s, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException
jsonGenerator.writeString(desensitization.serialize(s));;
@Override
public JsonSerializer<?> createContextual(SerializerProvider serializerProvider, BeanProperty beanProperty) throws JsonMappingException
JsonSerializer<?> jsonSerializer = null;
if(null == beanProperty) jsonSerializer = serializerProvider.findNullValueSerializer(beanProperty);
if(!Objects.equals(beanProperty.getType().getRawClass(), String.class))
jsonSerializer = serializerProvider.findValueSerializer(beanProperty.getType(), beanProperty);
if(Objects.equals(beanProperty.getType().getRawClass(), String.class))
jsonSerializer = setDesensitization(jsonSerializer, beanProperty);
return jsonSerializer;
/**
* 设置脱敏
* @param beanProperty
* @return
*/
private JsonSerializer<?> setDesensitization(JsonSerializer<?> jsonSerializer, BeanProperty beanProperty)
Desensitization desensitization = beanProperty.getAnnotation(Desensitization.class);
if (desensitization == null) desensitization = beanProperty.getContextAnnotation(Desensitization.class);
if (desensitization != null)
//设置脱敏实例
try
jsonSerializer = new DesensitizationJsonSerializer(desensitization.value().newInstance());
catch (InstantiationException e)
e.printStackTrace();
catch (IllegalAccessException e)
e.printStackTrace();
return jsonSerializer;
脱敏类
脱敏父类
子类通过继承AbstractDesensitization实现扩展
public abstract class AbstractDesensitization
/**
* 脱敏
* @param value
* @return
*/
public abstract String serialize(String value);
中文姓名脱敏
public class ChineseNameDesensitization extends AbstractDesensitization
@Override
public String serialize(String value)
String serializeValue = "";
if(value.length() < 3)
serializeValue = value.replaceAll(".*(?=[\\\\u4e00-\\\\u9fa5])","*");
else
serializeValue = value.replaceAll("(?<=[\\\\u4e00-\\\\u9fa5]).*(?=[\\\\u4e00-\\\\u9fa5])","*");
return serializeValue;
手机号脱敏
public class MobilePhoneDesensitization extends AbstractDesensitization
@Override
public String serialize(String value)
return value.replaceAll("(\\\\d3)\\\\d4(\\\\d4)","$1****$2");
身份证脱敏
public class IdCardDesensitization extends AbstractDesensitization
@Override
public String serialize(String value)
return value.replaceAll("(?<=\\\\w3)\\\\w(?=\\\\w4)","*");
测试
添加脱敏注解
public class User
@Desensitization(ChineseNameDesensitization.class)
private String name;
private Integer age;
@Desensitization(IdCardDesensitization.class)
private String idCard;
@Desensitization(MobilePhoneDesensitization.class)
private String mobilePhone;
//...get and set
新建UserController,查询用户信息
@RestController
public class UserController
@GetMapping("/users")
private List<User> users() throws Exception
List<User> girls = new ArrayList<>();
User user = new User();
user.setName("西施");
user.setAge(18);
user.setIdCard("123456789123456202");
user.setMobilePhone("12345678901");
User user2 = new User();
user2.setName("杨贵妃");
user2.setAge(18);
user2.setIdCard("123456789123456202");
user2.setMobilePhone("12345678901");
User user3 = new User();
user3.setName("古代四大美女之一 * 貂蝉");
user3.setAge(18);
user3.setIdCard("123456789123456202");
user3.setMobilePhone("12345678901");
User user4 = new User();
user4.setName("古代四大美女之一 * 王昭君");
user4.setAge(18);
user4.setIdCard("123456789123456202");
user4.setMobilePhone("12345678901");
User user5 = new User();
user5.setName(null);
user5.setAge(18);
user5.setIdCard(null);
user5.setMobilePhone(null);
girls.add(user);
girls.add(user2);
girls.add(user3);
girls.add(user4);
girls.add(user5);
return girls;
返回json效果
以上是关于JAVA数据脱敏的主要内容,如果未能解决你的问题,请参考以下文章