介绍
日志脱敏是常见的安全需求。普通的基于工具类方法的方式,对代码的入侵性太强,编写起来又特别麻烦。sensitive框架提供注解式的方式,并且内置了常见的脱敏方式,便于开发。其支持 logback 和 log4j2 等常见的日志脱敏插件。
日志脱敏
为了金融交易的安全性,国家强制规定对于以下信息是要日志脱敏的:
-
用户名
-
手机号
-
邮箱
-
银行卡号
-
密码
-
身份证号
核心API简介
SensitiveUtil工具类的核心方法列表如下:
| 方法 | 参数 | 结果 | 说明 |
|---|---|---|---|
| desCopy() | 目标对象 | 深度拷贝脱敏对象 | 适应性更强 |
| desJson() | 目标对象 | 脱敏对象 json | 性能较好 |
| desCopyCollection() | 目标对象集合 | 深度拷贝脱敏对象集合 | |
| desJsonCollection() | 目标对象集合 | 脱敏对象 json 集合 |
内置注解与映射
| 注解 | 等价 @Sensitive | 备注 |
|---|---|---|
| @SensitiveStrategyChineseName | @Sensitive(strategy = StrategyChineseName.class) | 中文名称脱敏 |
| @SensitiveStrategyPassword | @Sensitive(strategy = StrategyPassword.class) | 密码脱敏 |
| @SensitiveStrategyEmail | @Sensitive(strategy = StrategyEmail.class) | email 脱敏 |
| @SensitiveStrategyCardId | @Sensitive(strategy = StrategyCardId.class) | 卡号脱敏 |
| @SensitiveStrategyPhone | @Sensitive(strategy = StrategyPhone.class) | 手机号脱敏 |
| @SensitiveStrategyIdNo | @Sensitive(strategy = StrategyIdNo.class) | 身份证脱敏 |
| @SensitiveStrategyAddress | @Sensitive(strategy = StrategyAddress.class) | 地址脱敏 |
| @SensitiveStrategyGps | @Sensitive(strategy = StrategyGps.class) | GPS 脱敏 |
| @SensitiveStrategyIp | @Sensitive(strategy = StrategyIp.class) | IP 脱敏 |
| @SensitiveStrategyBirthday | @Sensitive(strategy = StrategyBirthday.class) | 生日脱敏 |
| @SensitiveStrategyPassport | @Sensitive(strategy = StrategyPassport.class) | 护照脱敏 |
| @SensitiveStrategyMaskAll | @Sensitive(strategy = StrategyMaskAll.class) | 全部脱敏 |
| @SensitiveStrategyMaskHalf | @Sensitive(strategy = StrategyMaskHalf.class) | 一半脱敏 |
| @SensitiveStrategyMaskRange | @Sensitive(strategy = StrategyMaskRange.class) | 指定范围脱敏 |
快速开始
1. 环境准备
JDK 1.8+
Maven 3.x
2. maven导入
<dependency>
<groupId>com.github.houbb</groupId>
<artifactId>sensitive-core</artifactId>
<version>1.7.0</version>
</dependency>
3. 定义对象
public class User {
/**
* 中文名称脱敏
*/
@SensitiveStrategyChineseName
private String username;
/**
* 密码脱敏
*/
@SensitiveStrategyPassword
private String password;
/**
* 护照脱敏
*/
@SensitiveStrategyPassport
private String passport;
/**
* 身份证脱敏
*/
@SensitiveStrategyIdNo
private String idNo;
/**
* 卡号脱敏
*/
@SensitiveStrategyCardId
private String bandCardId;
/**
* 手机号脱敏
*/
@SensitiveStrategyPhone
private String phone;
/**
* email脱敏
*/
@SensitiveStrategyEmail
private String email;
/**
* 地址脱敏
*/
@SensitiveStrategyAddress
private String address;
/**
* 生日脱敏
*/
@SensitiveStrategyBirthday
private String birthday;
/**
* GPS 脱敏
*/
@SensitiveStrategyGps
private String gps;
/**
* IP 脱敏
*/
@SensitiveStrategyIp
private String ip;
/**
* 全部脱敏
*/
@SensitiveStrategyMaskAll
private String maskAll;
/**
* 一半脱敏
*/
@SensitiveStrategyMaskHalf
private String maskHalf;
/**
* 指定范围脱敏
*/
@SensitiveStrategyMaskRange
private String maskRange;
//Getter & Setter
//toString()
}
4. 测试脱敏功能
public static void main(String[] args) {
User user = getUser();
User sensitiveUser = SensitiveUtil.desCopy(user);
System.out.println("desCopy方法脱敏: " + sensitiveUser.toString());
System.out.println();
String sensitiveJson = SensitiveUtil.desJson(user);
System.out.println("desJson方法脱敏: " + sensitiveJson);
}
private static User getUser() {
User user = new User();
user.setUsername("张三");
user.setPassword("123456");
user.setPassport("CN1234567");
user.setPhone("13066668888");
user.setAddress("中国上海市浦东新区外滩18号");
user.setEmail("whatanice@code.com");
user.setBirthday("20220831");
user.setGps("66.888888");
user.setIp("127.0.0.1");
user.setMaskAll("可恶啊我会被全部掩盖");
user.setMaskHalf("还好我只会被掩盖一半");
user.setMaskRange("我比较灵活指定掩盖范围");
user.setBandCardId("666123456789066");
user.setIdNo("360123202306018888");
return user;
}
5. 打印效果
desCopy方法脱敏: User(username=张*, password=null, passport=CN*****67, idNo=3****************8, bandCardId=666123*******66, phone=1306****888, email=wh************.com, address=中国上海********8号, birthday=20*****1, gps=66*****88, ip=127***0.1, maskAll=**********, maskHalf=还好我只会*****, maskRange=我*********围)
desJson方法脱敏: {"address":"中国上海********8号","bandCardId":"666123*******66","birthday":"20*****1","email":"wh************.com","gps":"66*****88","idNo":"3****************8","ip":"127***0.1","maskAll":"**********","maskHalf":"还好我只会*****","maskRange":"我*********围","passport":"CN*****67","phone":"1306****888","username":"张*"}
结语
感谢您的阅读,请动动您可爱的小手✌
~点赞,留言,关注,分享 4暴击(∩_∩)
