特别提示:本人博客部分有参考网络其他博客,但均是本人亲手编写过并验证通过。如发现博客有错误,请及时提出以免误导其他人,谢谢!欢迎转载,但记得标明文章出处:http://www.cnblogs.com/mao2080/
1、问题描述
SpringCloud-Config结合Git仓库对敏感数据进行加密,使用时SpringCloud-Config将加密后的配置文件从Git仓库下来之后解密,微服务获取到的就是解密之后的配置文件。
在统一处理敏感数据时使用的是curl命令,但是效率太低了,如是写了一个Java通过httpclient方式访问URL去实现批量(本文只是写了一个简单的demo,批量并没有补齐)
使用curl命令加密和解密
curl -H "Content-Type: text/plain" -u 'A81n360vrO':'Rp23JULSF5' http://192.168.0.110:7001/encrypt -d '123456' curl -H "Content-Type: text/plain" -u 'A81n360vrO':'Rp23JULSF5' http://192.168.0.110:7001/decrypt -d 'AQBqzHRjh4absrQdDckiymqcGrsZB4d30tk47ZKJmr6WjA8d5bjuZz2iJE/Qc46umseuZ23tfzbwKq/hYWzFJyKBEjaV8HNYisQ4ljIYP6mcAZMphLoGnrMakW8r1cs5XxQ8QYRjOD0M+uDOPU0aZ1wo19X9VJ2m0nPdFclrUY4H522M0XQ='
2、操作方法
1、引用的pom
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>3.14.2</version>
</dependency>
2、核心代码
import okhttp3.*;
public class Test {
public static void main(String[] args) throws Exception{
String userName = "A81n360vrO";//服务连配置中心账号
String password = "Rp23JULSF5";//服务连配置中心密码
initClient(userName, password);
String pwd = "123456";//待加密的密码
System.out.println("加密前密码:"+pwd);
String encryptPwd = encrypt(pwd);
System.out.println("加密后密码:"+encryptPwd);
String decryptPwd = decrypt(encryptPwd);
System.out.println("解密后密码:"+decryptPwd);
}
private static OkHttpClient HTTP_CLIENT = null;
/**
* 初始化httpClient
* @param userName
* @param password
*/
private static void initClient(String userName, String password){
HTTP_CLIENT = new OkHttpClient.Builder().authenticator((route, response) -> {
String credential = Credentials.basic(userName, password);
return response.request().newBuilder().header("Authorization", credential).build();
}).build();
}
/**
* 通过http方式对数据进行解密
* @param value
* @return
* @throws Exception
*/
private static String decrypt(String value) throws Exception{
String url = "http://192.168.0.110:7001/decrypt";//配置中心解密地址
Request request = new Request.Builder().url(url).post(RequestBody.create(MediaType.parse("text/plain"), value.getBytes())).build();
Call call = HTTP_CLIENT.newCall(request);
Response response = call.execute();
ResponseBody responseBody = response.body();
return responseBody.string();
}
/**
* 通过http方式对数据进行加密
* @param value
* @return
* @throws Exception
*/
private static String encrypt(String value) throws Exception{
String url = "http://192.168.0.110:7001/encrypt";//配置中心加密地址
Request request = new Request.Builder().url(url).post(RequestBody.create(MediaType.parse("text/plain"), value.getBytes())).build();
Call call = HTTP_CLIENT.newCall(request);
Response response = call.execute();
ResponseBody responseBody = response.body();
return responseBody.string();
}
}
3、运行结果
加密前密码:123456 加密后密码:AQBqzHRjh4absrQdDckiymqcGrsZB4d30tk47ZKJmr6WjA8d5bjuZz2iJE/Qc46umseuZ23tfzbwKq/hYWzFJyKBEjaV8HNYisQ4ljIYB5ccGt7UnskSDMZrzMnk9+WJjCYxA/rgsELGACWDHGE+Cej4elP1zgsRk21UpM4FdURof8d7Wp2vrLyCgW4hij8Uq0XI1hsRO1MVSzSLl2sLAkhv2ULym9rbDtxNmFKSRX30UZjLR2zVvDi7PNVNHRQ+ZyFlTPfm834J/8aiDoVEzXRudjAOq7imbQVqha7g53JxHcFWjc2TWbVLP6mcAZMphLoGnrMakW8r1cs5XxQ8QYRjOD0M+uDOPU0aZ1wo19X9VJ2m0nPdFclrUY4H522M0XQ= 解密后密码:123456