Merge branch 'dev_phonedEncrypt_20220104_lkw' into dev_merge_20220115

pom.xml

@@ -37,6 +37,7 @@
         <junit.jupiter.version>5.0.2</junit.jupiter.version>
         <maven.test.skip>true</maven.test.skip>
         <org.springframework.security.version>3.2.7.RELEASE</org.springframework.security.version>
+        <qg.security.version>0.1.2</qg.security.version>
     </properties>
 
     <dependencies>
@@ -47,19 +48,19 @@
         </dependency>
         <!-- swagger2 start -->
         <dependency>
-        <groupId>io.springfox</groupId>
-        <artifactId>springfox-swagger2</artifactId>
-        <version>RELEASE</version>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger2</artifactId>
+            <version>RELEASE</version>
         </dependency>
         <dependency>
-        <groupId>io.swagger</groupId>
-        <artifactId>swagger-core</artifactId>
-        <version>RELEASE</version>
+            <groupId>io.swagger</groupId>
+            <artifactId>swagger-core</artifactId>
+            <version>RELEASE</version>
         </dependency>
         <dependency>
-        <groupId>io.springfox</groupId>
-        <artifactId>springfox-swagger-ui</artifactId>
-        <version>RELEASE</version>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger-ui</artifactId>
+            <version>RELEASE</version>
         </dependency>
         <!-- swagger2 end -->
         <dependency>
@@ -379,8 +380,8 @@
                     <artifactId>slf4j-log4j12</artifactId>
                 </exclusion>
                 <!--<exclusion>-->
-                    <!--<groupId>commons-io</groupId>-->
-                    <!--<artifactId>commons-io</artifactId>-->
+                <!--<groupId>commons-io</groupId>-->
+                <!--<artifactId>commons-io</artifactId>-->
                 <!--</exclusion>-->
 
                 <exclusion>
@@ -412,6 +413,12 @@
             </exclusions>
         </dependency>
 
+        <!-- 统一加解密包 -->
+        <dependency>
+            <groupId>cn.quantgroup</groupId>
+            <artifactId>security</artifactId>
+            <version>${qg.security.version}</version>
+        </dependency>
     </dependencies>
 
     <build>

src/main/java/cn/quantgroup/xyqb/config/SecurityConfig.java

+package cn.quantgroup.xyqb.config;
+
+import cn.quantgroup.security.AESEncryption;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 统一加解密配置
+ *
+ * @author killer
+ * @date 2022年01月04日
+ * @see <a href="http://confluence.quantgroup.cn/pages/viewpage.action?pageId=61679207">confluence</a>
+ **/
+@Configuration
+public class SecurityConfig {
+
+    @Value("${keystone.security.key}")
+    private String key;
+
+    @Value("${keystone.security.iv}")
+    private String iv;
+
+    @Bean
+    public AESEncryption encryption() {
+        return new AESEncryption(key, iv, true);
+    }
+}

src/main/java/cn/quantgroup/xyqb/entity/Address.java

 package cn.quantgroup.xyqb.entity;
 
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Data;
 
 import javax.persistence.*;
@@ -22,16 +23,20 @@ public class Address extends BaseEntity implements Serializable {
     @Column(name = "province_code")
     private Long provinceCode;
     @Column(name = "province")
+    @Convert(converter = EncryptConverter.class)
     private String province;
     @Column(name = "city_code")
     private Long cityCode;
     @Column(name = "city")
+    @Convert(converter = EncryptConverter.class)
     private String city;
     @Column(name = "district_code")
     private Long districtCode;
     @Column(name = "district")
+    @Convert(converter = EncryptConverter.class)
     private String district;
     @Column(name = "address")
+    @Convert(converter = EncryptConverter.class)
     private String address;
 
 

src/main/java/cn/quantgroup/xyqb/entity/Contact.java

@@ -2,6 +2,7 @@ package cn.quantgroup.xyqb.entity;
 
 import cn.quantgroup.user.enums.BizType;
 import cn.quantgroup.user.enums.Relation;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.Tuple;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import lombok.AllArgsConstructor;
@@ -10,6 +11,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import javax.persistence.Column;
+import javax.persistence.Convert;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 import java.io.Serializable;
@@ -29,8 +31,10 @@ public class Contact extends BaseEntity implements Serializable {
     @Column(name = "user_id")
     private Long userId;
     @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
     private String name;
     @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String phoneNo;
     @Column(name = "biz_type")
     private BizType bizType = BizType.CASH;

src/main/java/cn/quantgroup/xyqb/entity/ModifyPhoneNo.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 
 import javax.persistence.Column;
+import javax.persistence.Convert;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 import java.io.Serializable;
@@ -31,24 +33,28 @@ public class ModifyPhoneNo extends BaseEntity implements Serializable {
     /**
      * 注册人真实姓名
      */
+    @Convert(converter = EncryptConverter.class)
     private String name;
 
     /**
      * 注册人身份证件号
      */
     @Column(name = "id_card")
+    @Convert(converter = EncryptConverter.class)
     private String idCard;
 
     /**
      * 原手机号码
      */
     @Column(name = "prev_phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String prevPhoneNo;
 
     /**
      * 新手机号码
      */
     @Column(name = "cur_phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String curPhoneNo;
 
     /**

src/main/java/cn/quantgroup/xyqb/entity/User.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
 
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
+import javax.persistence.*;
 import java.io.Serializable;
 import java.util.Objects;
 
 /**
- * Created by Miraculous on 15/7/4.
+ * 用户表
+ *
+ * @author Miraculous
+ * @date 2015年07月04日
  */
 @Getter
 @Setter
 @ToString
 @Entity
-@Table(name = "user",
-       uniqueConstraints = @UniqueConstraint(columnNames = "phone_no"))
+@Table(name = "user", uniqueConstraints = @UniqueConstraint(columnNames = "phone_no"))
 public class User extends BaseEntity implements Serializable {
+
     private static final long serialVersionUID = -1L;
 
-    //手机号
+    /**
+     * 手机号
+     */
     @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String phoneNo;
 
-    //uuid
+    /**
+     * password
+     */
     @Column(name = "password")
     private String password;
 
-    //第一次用户来源 channel_id
+    /**
+     * 第一次用户来源 channel_id
+     */
     @Column(name = "registered_from")
     private Long registeredFrom;
 
-    //uuid
+    /**
+     * uuid
+     */
     @Column(name = "uuid")
     private String uuid;
 
+    /**
+     * 是否禁用
+     */
     @Column(name = "enable")
     private Boolean enable;
 
     /**
      * 是否有密码
      *
-     * @return
+     * @return true/false
      */
     public boolean getHasPassword() {
         return Objects.nonNull(password) && !Objects.equals("", password);

src/main/java/cn/quantgroup/xyqb/entity/UserAuthorized.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.AuthPattern;
 import lombok.Data;
 import org.hibernate.annotations.GenericGenerator;
@@ -26,9 +27,11 @@ public class UserAuthorized {
 
     //证件号
     @Column(name = "id_no")
+    @Convert(converter = EncryptConverter.class)
     private String idNo;
 
     @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
     private String name;
 
     @Column(name = "auth_pattern")

src/main/java/cn/quantgroup/xyqb/entity/UserDetail.java

 package cn.quantgroup.xyqb.entity;
 
 import cn.quantgroup.motan.retbean.XUserDetail;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.Gender;
 import cn.quantgroup.xyqb.model.IdType;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
 
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
+import javax.persistence.*;
 import java.io.Serializable;
-import java.sql.Timestamp;
 import java.util.Optional;
 
 /**
@@ -32,13 +29,16 @@ public class UserDetail extends BaseEntity implements Serializable {
     private Long userId;
 
     @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String phoneNo;
 
     @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
     private String name;
 
     //证件号
     @Column(name = "id_no")
+    @Convert(converter = EncryptConverter.class)
     private String idNo;
 
     //0 身份证 1 军官证 2 护照

src/main/java/cn/quantgroup/xyqb/entity/UserSpouse.java

@@ -2,12 +2,12 @@ package cn.quantgroup.xyqb.entity;
 
 
 import cn.quantgroup.user.enums.MaritalStatus;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import lombok.*;
 
 import javax.persistence.*;
 import java.io.Serializable;
-import java.sql.Timestamp;
 
 @Data
 @Entity
@@ -24,6 +24,7 @@ public class UserSpouse extends BaseEntity implements Serializable {
     private Long userId;
 
     @Column(name = "spouse_phone")
+    @Convert(converter = EncryptConverter.class)
     private String spousePhone;
 
     @Column(name = "spouse_name")

src/main/java/cn/quantgroup/xyqb/entity/UuidPhoneMapping.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
@@ -28,6 +29,7 @@ public class UuidPhoneMapping implements Serializable {
     private String uuid;
 
     @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String phoneNo;
 
 

src/main/java/cn/quantgroup/xyqb/entity/WechatUserInfo.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.util.EmojiUtil;
 import lombok.Data;
 import org.springframework.beans.BeanUtils;
 
 import javax.persistence.*;
 import java.io.Serializable;
-import java.sql.Timestamp;
 
 /**
  * Created by 11 on 2017/1/17.
@@ -23,6 +23,7 @@ public class WechatUserInfo extends BaseEntity implements Serializable {
     @Column(name = "open_id")
     private String openId;
     @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
     private String phoneNo = "";
     @Column(name = "app_name")
     private String appName = "xyqb";

src/main/java/cn/quantgroup/xyqb/entity/converter/EncryptConverter.java

+package cn.quantgroup.xyqb.entity.converter;
+
+import cn.quantgroup.security.AESEncryption;
+import cn.quantgroup.security.CipherUtil;
+import cn.quantgroup.xyqb.util.ApplicationContextHolder;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+
+import javax.persistence.AttributeConverter;
+import javax.persistence.Converter;
+
+/**
+ * 通用字段加解密转换器
+ *
+ * @author killer
+ * @date 2022年01月04日
+ **/
+@Slf4j
+@Converter
+public class EncryptConverter implements AttributeConverter<String, String> {
+
+    @Override
+    public String convertToDatabaseColumn(String entityAttribute) {
+
+        if (StringUtils.isBlank(entityAttribute)) {
+            return entityAttribute;
+        }
+
+        /* 加密 */
+        AESEncryption aesEncryption = ApplicationContextHolder.getBean(AESEncryption.class);
+        return aesEncryption.encryptBase64(entityAttribute);
+    }
+
+    @Override
+    public String convertToEntityAttribute(String databaseColumn) {
+
+        if (StringUtils.isBlank(databaseColumn)) {
+            return databaseColumn;
+        }
+
+        /* 解密(兼容数据库字段未执行全部加密前的查询) */
+        AESEncryption aesEncryption = ApplicationContextHolder.getBean(AESEncryption.class);
+        if (CipherUtil.isCipherBase64(databaseColumn)) {
+            return aesEncryption.decryptBase64(databaseColumn);
+        }
+        return databaseColumn;
+    }
+}

src/main/resources/sql/2022-01-05.sql

+# 数据加密需求 http://confluence.quantgroup.cn/pages/viewpage.action?pageId=61679207
+-- 身份证号长度修改
+alter table xyqb_user.user_detail modify column id_no varchar(128) default '' comment '身份证号';
+alter table xyqb_user.user_authorized modify column id_no varchar(128) default '' comment '身份证号';
+alter table xyqb_user.user_modify_phone_no modify column id_card varchar(128) default '' comment '身份证号';
+-- 姓名长度修改
+alter table xyqb_user.contact modify column name varchar(128) default '' comment '用户姓名';
+alter table xyqb_user.user_authorized modify column name varchar(128) default '' comment '用户姓名';
+alter table xyqb_user.user_detail modify column name varchar(128) default '' comment '真实姓名';
+alter table xyqb_user.user_modify_phone_no modify column name varchar(128) default '' comment '注册人真实姓名';
+alter table xyqb_user.user_spouse modify column spouse_name varchar(128) default '' comment '配偶姓名';
+-- 地址长度修改
+alter table xyqb_user.address modify column province varchar(128) default '' comment '省';
+alter table xyqb_user.address modify column city varchar(128) default '' comment '市';
+alter table xyqb_user.address modify column district varchar(128) default '' comment '区';
+alter table xyqb_user.address modify column address varchar(255) default '' comment '详细地址';
\ No newline at end of file