新增加密接口

ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/config/JcjdConfig.java

@@ -7,6 +7,8 @@ package com.lc.ibps.config;
 
 public class JcjdConfig {
 
+    public static final String ENCIPHER_KEY="4qjmkW2f2OWWaT24cuqrkZGhwa6i5WypKsxnukI2Mqn+C4X+qMPn4ex0V8czvFvFrQn87YhVg0ch2kdVcORLDQ=="; //接口加密key
+
     public static final String WT_STATE="待环境检测"; //委托
 
     public static final String ENTRUST="entrust"; //委托

ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/sysdata/controller/UpdateDataTableController.java

@@ -60,11 +60,11 @@ public class UpdateDataTableController {
     @ApiOperation("直接运行查询sql")
     @ApiImplicitParams({@ApiImplicitParam("传入加密的sql字符串")})
     @PostMapping("/encipher")
-    APIResult<Void> encipher(@RequestBody String data) {
+    APIResult<Void> encipher(@RequestBody String data)throws Exception {
         APIResult<Void> apiResult = new APIResult<>();
         //sql解密后在进行查询
         //data
-
+        APIResult<Void> encipher = updateDataTableService.encipher(data);
         Map mapData = JSONObject.parseObject(data); /*转换成map*/
         String sql = (String) mapData.get("sql");
         if (null != sql && !"".equals(sql) && "select".equals(sql.substring(0, 6))) {

ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/sysdata/services/UpdateDataTableService.java

@@ -80,4 +80,6 @@ public interface UpdateDataTableService {
     //批量删除接口 不带where条件
     Integer batchDeleteNoWhere(String tableName);
 
+    APIResult<Void> encipher(String data) throws Exception;
+
 }

ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/sysdata/services/impl/UpdateDataTableImpl.java

@@ -10,6 +10,7 @@ import com.lc.ibps.cloud.entity.APIPageList;
 import com.lc.ibps.cloud.entity.APIPageResult;
 import com.lc.ibps.cloud.entity.APIResult;
 import com.lc.ibps.cloud.provider.GenericProvider;
+import com.lc.ibps.config.JcjdConfig;
 import com.lc.ibps.config.JsonUtilConfig;
 import com.lc.ibps.config.SerialConfig;
 import com.lc.ibps.sysdata.dao.UpdateDataTableDao;
@@ -25,6 +26,9 @@ import org.springframework.util.DigestUtils;
 import org.springframework.web.bind.annotation.RequestBody;
 
 import javax.annotation.Resource;
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
 import java.util.*;
 
 import static com.lc.ibps.api.base.constants.StateEnum.ERROR;
@@ -417,4 +421,42 @@ public class UpdateDataTableImpl extends GenericProvider implements UpdateDataTa
         return i;
     }
 
+    @Override
+    public APIResult<Void> encipher(String data) throws Exception {
+        APIResult<Void> apiResult = new APIResult<>();
+        //sql解密后在进行查询
+        // 前端传递的加密数据为 data，密钥为 key
+        //String encryptedData = "encrypted-data-from-frontend";
+       // String key = "4qjmkW2f2OWWaT24cuqrkZGhwa6i5WypKsxnukI2Mqn+C4X+qMPn4ex0V8czvFvFrQn87YhVg0ch2kdVcORLDQ==";
+        // 将密钥转换为 SecretKeySpec
+        byte[] keyBytes = JcjdConfig.ENCIPHER_KEY.getBytes(StandardCharsets.UTF_8);
+        SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "AES");
+
+        // 创建 AES 解密器
+        try{
+            Cipher cipher = Cipher.getInstance("AES");
+            cipher.init(Cipher.DECRYPT_MODE, secretKey);
+            // Base64 解码并解密数据
+            byte[] encryptedBytes = Base64.getDecoder().decode(data);
+            byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
+            //解密后的数据
+            String decryptedData = new String(decryptedBytes, StandardCharsets.UTF_8);
+            //转map
+            Map mapData = JSONObject.parseObject(decryptedData); /*转换成map*/
+            String sql = (String) mapData.get("sql");
+            if (null != sql && !"".equals(sql) && "select".equals(sql.substring(0, 6))) {
+                apiResult.addVariable("data", updateDataTableDao.inputSqlSelectData(sql));
+                apiResult.setState(StateEnum.SUCCESS.getCode());
+                return apiResult;
+            }
+            apiResult.setState(StateEnum.ERROR.getCode());
+            apiResult.setMessage("参数错误！ 必须为select!!!");
+            return apiResult;
+        }catch (Exception e){
+            apiResult.setMessage(JcjdConfig.ERROR_MASSAGE);
+            apiResult.setState(JcjdConfig.error);
+            throw new Exception(JcjdConfig.EXCEPTION);
+           // return apiResult;
+        }
+    }
 }