Merge branch 'dev_phonedEncrypt_20220104_lkw' into dev_merge_20220115

1b60e55b · killer · 9dfdf8f4 · 6627c549 · 1b60e55b · 1b60e55b
Commit 1b60e55b authored Jan 15, 2022 by killer
13 changed files
--- a/pom.xml
+++ b/pom.xml
@@ -37,6 +37,7 @@
        <junit.jupiter.version>5.0.2</junit.jupiter.version>
        <maven.test.skip>true</maven.test.skip>
        <org.springframework.security.version>3.2.7.RELEASE</org.springframework.security.version>
+        <qg.security.version>0.1.2</qg.security.version>
    </properties>
    <dependencies>
@@ -412,6 +413,12 @@
            </exclusions>
        </dependency>
+        <!-- 统一加解密包 -->
+        <dependency>
+            <groupId>cn.quantgroup</groupId>
+            <artifactId>security</artifactId>
+            <version>${qg.security.version}</version>
+        </dependency>
    </dependencies>
    <build>

--- a/src/main/java/cn/quantgroup/xyqb/config/SecurityConfig.java
+++ b/src/main/java/cn/quantgroup/xyqb/config/SecurityConfig.java
+package cn.quantgroup.xyqb.config;
+import cn.quantgroup.security.AESEncryption;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+/**
+ * 统一加解密配置
+ *
+ * @author killer
+ * @date 2022年01月04日
+ * @see <a href="http://confluence.quantgroup.cn/pages/viewpage.action?pageId=61679207">confluence</a>
+ **/
+@Configuration
+public class SecurityConfig {
+    @Value("${keystone.security.key}")
+    private String key;
+    @Value("${keystone.security.iv}")
+    private String iv;
+    @Bean
+    public AESEncryption encryption() {
+        return new AESEncryption(key, iv, true);
+    }
+}
--- a/src/main/java/cn/quantgroup/xyqb/entity/Address.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/Address.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Data;
 import javax.persistence.*;
@@ -22,16 +23,20 @@ public class Address extends BaseEntity implements Serializable {
    @Column(name = "province_code")
    private Long provinceCode;
    @Column(name = "province")
+    @Convert(converter = EncryptConverter.class)
    private String province;
    @Column(name = "city_code")
    private Long cityCode;
    @Column(name = "city")
+    @Convert(converter = EncryptConverter.class)
    private String city;
    @Column(name = "district_code")
    private Long districtCode;
    @Column(name = "district")
+    @Convert(converter = EncryptConverter.class)
    private String district;
    @Column(name = "address")
+    @Convert(converter = EncryptConverter.class)
    private String address;

--- a/src/main/java/cn/quantgroup/xyqb/entity/Contact.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/Contact.java
@@ -2,6 +2,7 @@ package cn.quantgroup.xyqb.entity;
 import cn.quantgroup.user.enums.BizType;
 import cn.quantgroup.user.enums.Relation;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.Tuple;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import lombok.AllArgsConstructor;
@@ -10,6 +11,7 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 import javax.persistence.Column;
+import javax.persistence.Convert;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 import java.io.Serializable;
@@ -29,8 +31,10 @@ public class Contact extends BaseEntity implements Serializable {
    @Column(name = "user_id")
    private Long userId;
    @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
    private String name;
    @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String phoneNo;
    @Column(name = "biz_type")
    private BizType bizType = BizType.CASH;

--- a/src/main/java/cn/quantgroup/xyqb/entity/ModifyPhoneNo.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/ModifyPhoneNo.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import com.fasterxml.jackson.annotation.JsonFormat;
 import lombok.Data;
 import javax.persistence.Column;
+import javax.persistence.Convert;
 import javax.persistence.Entity;
 import javax.persistence.Table;
 import java.io.Serializable;
@@ -31,24 +33,28 @@ public class ModifyPhoneNo extends BaseEntity implements Serializable {
    /**
     * 注册人真实姓名
     */
+    @Convert(converter = EncryptConverter.class)
    private String name;
    /**
     * 注册人身份证件号
     */
    @Column(name = "id_card")
+    @Convert(converter = EncryptConverter.class)
    private String idCard;
    /**
     * 原手机号码
     */
    @Column(name = "prev_phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String prevPhoneNo;
    /**
     * 新手机号码
     */
    @Column(name = "cur_phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String curPhoneNo;
    /**

--- a/src/main/java/cn/quantgroup/xyqb/entity/User.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/User.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
-import javax.persistence.Column;
+import javax.persistence.*;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
 import java.io.Serializable;
 import java.util.Objects;
 /**
- * Created by Miraculous on 15/7/4.
+ * 用户表
+ *
+ * @author Miraculous
+ * @date 2015年07月04日
 */
 @Getter
 @Setter
 @ToString
 @Entity
-@Table(name = "user",
+@Table(name = "user", uniqueConstraints = @UniqueConstraint(columnNames = "phone_no"))
-       uniqueConstraints = @UniqueConstraint(columnNames = "phone_no"))
 public class User extends BaseEntity implements Serializable {
    private static final long serialVersionUID = -1L;
-    //手机号
+    /**
+     * 手机号
+     */
    @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String phoneNo;
-    //uuid
+    /**
+     * password
+     */
    @Column(name = "password")
    private String password;
-    //第一次用户来源 channel_id
+    /**
+     * 第一次用户来源 channel_id
+     */
    @Column(name = "registered_from")
    private Long registeredFrom;
-    //uuid
+    /**
+     * uuid
+     */
    @Column(name = "uuid")
    private String uuid;
+    /**
+     * 是否禁用
+     */
    @Column(name = "enable")
    private Boolean enable;
    /**
     * 是否有密码
     *
-     * @return
+     * @return true/false
     */
    public boolean getHasPassword() {
        return Objects.nonNull(password) && !Objects.equals("", password);

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserAuthorized.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserAuthorized.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.AuthPattern;
 import lombok.Data;
 import org.hibernate.annotations.GenericGenerator;
@@ -26,9 +27,11 @@ public class UserAuthorized {
    //证件号
    @Column(name = "id_no")
+    @Convert(converter = EncryptConverter.class)
    private String idNo;
    @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
    private String name;
    @Column(name = "auth_pattern")

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserDetail.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserDetail.java
 package cn.quantgroup.xyqb.entity;
 import cn.quantgroup.motan.retbean.XUserDetail;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.model.Gender;
 import cn.quantgroup.xyqb.model.IdType;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
-import javax.persistence.Column;
+import javax.persistence.*;
-import javax.persistence.Entity;
-import javax.persistence.Table;
-import javax.persistence.UniqueConstraint;
 import java.io.Serializable;
-import java.sql.Timestamp;
 import java.util.Optional;
 /**
@@ -32,13 +29,16 @@ public class UserDetail extends BaseEntity implements Serializable {
    private Long userId;
    @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String phoneNo;
    @Column(name = "name")
+    @Convert(converter = EncryptConverter.class)
    private String name;
    //证件号
    @Column(name = "id_no")
+    @Convert(converter = EncryptConverter.class)
    private String idNo;
    //0 身份证 1 军官证 2 护照

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserSpouse.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserSpouse.java
@@ -2,12 +2,12 @@ package cn.quantgroup.xyqb.entity;
 import cn.quantgroup.user.enums.MaritalStatus;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import lombok.*;
 import javax.persistence.*;
 import java.io.Serializable;
-import java.sql.Timestamp;
 @Data
 @Entity
@@ -24,6 +24,7 @@ public class UserSpouse extends BaseEntity implements Serializable {
    private Long userId;
    @Column(name = "spouse_phone")
+    @Convert(converter = EncryptConverter.class)
    private String spousePhone;
    @Column(name = "spouse_name")

--- a/src/main/java/cn/quantgroup/xyqb/entity/UuidPhoneMapping.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UuidPhoneMapping.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.ToString;
@@ -28,6 +29,7 @@ public class UuidPhoneMapping implements Serializable {
    private String uuid;
    @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String phoneNo;

--- a/src/main/java/cn/quantgroup/xyqb/entity/WechatUserInfo.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/WechatUserInfo.java
 package cn.quantgroup.xyqb.entity;
+import cn.quantgroup.xyqb.entity.converter.EncryptConverter;
 import cn.quantgroup.xyqb.util.EmojiUtil;
 import lombok.Data;
 import org.springframework.beans.BeanUtils;
 import javax.persistence.*;
 import java.io.Serializable;
-import java.sql.Timestamp;
 /**
 * Created by 11 on 2017/1/17.
@@ -23,6 +23,7 @@ public class WechatUserInfo extends BaseEntity implements Serializable {
    @Column(name = "open_id")
    private String openId;
    @Column(name = "phone_no")
+    @Convert(converter = EncryptConverter.class)
    private String phoneNo = "";
    @Column(name = "app_name")
    private String appName = "xyqb";

--- a/src/main/java/cn/quantgroup/xyqb/entity/converter/EncryptConverter.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/converter/EncryptConverter.java
+package cn.quantgroup.xyqb.entity.converter;
+import cn.quantgroup.security.AESEncryption;
+import cn.quantgroup.security.CipherUtil;
+import cn.quantgroup.xyqb.util.ApplicationContextHolder;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import javax.persistence.AttributeConverter;
+import javax.persistence.Converter;
+/**
+ * 通用字段加解密转换器
+ *
+ * @author killer
+ * @date 2022年01月04日
+ **/
+@Slf4j
+@Converter
+public class EncryptConverter implements AttributeConverter<String, String> {
+    @Override
+    public String convertToDatabaseColumn(String entityAttribute) {
+        if (StringUtils.isBlank(entityAttribute)) {
+            return entityAttribute;
+        }
+        /* 加密 */
+        AESEncryption aesEncryption = ApplicationContextHolder.getBean(AESEncryption.class);
+        return aesEncryption.encryptBase64(entityAttribute);
+    }
+    @Override
+    public String convertToEntityAttribute(String databaseColumn) {
+        if (StringUtils.isBlank(databaseColumn)) {
+            return databaseColumn;
+        }
+        /* 解密(兼容数据库字段未执行全部加密前的查询) */
+        AESEncryption aesEncryption = ApplicationContextHolder.getBean(AESEncryption.class);
+        if (CipherUtil.isCipherBase64(databaseColumn)) {
+            return aesEncryption.decryptBase64(databaseColumn);
+        }
+        return databaseColumn;
+    }
+}
--- a/src/main/resources/sql/2022-01-05.sql
+++ b/src/main/resources/sql/2022-01-05.sql
+# 数据加密需求 http://confluence.quantgroup.cn/pages/viewpage.action?pageId=61679207
+-- 身份证号长度修改
+alter table xyqb_user.user_detail modify column id_no varchar(128) default '' comment '身份证号';
+alter table xyqb_user.user_authorized modify column id_no varchar(128) default '' comment '身份证号';
+alter table xyqb_user.user_modify_phone_no modify column id_card varchar(128) default '' comment '身份证号';
+-- 姓名长度修改
+alter table xyqb_user.contact modify column name varchar(128) default '' comment '用户姓名';
+alter table xyqb_user.user_authorized modify column name varchar(128) default '' comment '用户姓名';
+alter table xyqb_user.user_detail modify column name varchar(128) default '' comment '真实姓名';
+alter table xyqb_user.user_modify_phone_no modify column name varchar(128) default '' comment '注册人真实姓名';
+alter table xyqb_user.user_spouse modify column spouse_name varchar(128) default '' comment '配偶姓名';
+-- 地址长度修改
+alter table xyqb_user.address modify column province varchar(128) default '' comment '省';
+alter table xyqb_user.address modify column city varchar(128) default '' comment '市';
+alter table xyqb_user.address modify column district varchar(128) default '' comment '区';
+alter table xyqb_user.address modify column address varchar(255) default '' comment '详细地址';
\ No newline at end of file