自定义过滤器实现对请求报文统一解密对响应加密

时间:2025-03-26 08:19:10
  • import ;
  • import ;
  • import ;
  • import ;
  • import ;
  • import ;
  • import ;
  • import ;
  • import okhttp3.HttpUrl;
  • import okhttp3.Interceptor;
  • import okhttp3.MediaType;
  • import okhttp3.Request;
  • import okhttp3.RequestBody;
  • import okhttp3.Response;
  • import okhttp3.ResponseBody;
  • import ;
  • /**
  • * Time: 2024/3/4
  • * Author:
  • * Description:
  • * 通过统一的拦截器配置哪些接口需要加解密和签名,哪些不需要,比如登录,修改密码,获取验证码可能不需要,但是业务接口需要
  • */
  • public class EncryptRetrofitUrlInterceptor implements Interceptor {
  • /**
  • * 接口是否需要加解密和签名
  • */
  • private boolean encrypt;
  • public EncryptRetrofitUrlInterceptor() {
  • }
  • public EncryptRetrofitUrlInterceptor( boolean encrypt) {
  • = encrypt;
  • }
  • @Override
  • public Response intercept(Chain chain) throws IOException {
  • Request request = ();
  • builder = null;
  • //这是在链接后面拼接公共参数
  • // if ((key) || (value)){
  • // builder = ()
  • // .newBuilder();
  • // }else{
  • // builder = ()
  • // .newBuilder()
  • // .addQueryParameter(key, value);
  • // }
  • builder = ()
  • .newBuilder();
  • //这是把参数拼接到请求头中
  • Request newRequest = null;
  • httpBuilder = ();
  • httpBuilder
  • .addHeader("client-version", )
  • .addHeader(EncryptConstants.CLIENT_NAME_HEADER, "App");
  • if (encrypt){
  • //对请求报文进行统一的加密和签名
  • (EncryptConstants.ENCRYPT_HEADER, String.valueOf(true));
  • String encryptRequestJson = encryptAndSignRequest(request);
  • RequestBody body = (().contentType(), encryptRequestJson);
  • (body);
  • newRequest = (().url()).build();
  • Response response = (newRequest);
  • //对返回报文进行统一验签和解密
  • return decryptResponse(response);
  • }else{
  • newRequest = (().url()).build();
  • return (newRequest);
  • }
  • }
  • private String encryptAndSignRequest(Request request){
  • String jsonRequest = readDataFromRequestBody(());
  • try {
  • ("jsonRequest: " + jsonRequest);
  • //这里是对请求报文进行加密和签名
  • String encryptBody = (EncryptConstants.APP_ID, EncryptConstants.ENCRYPT_TYPE,
  • EncryptConstants.APP_PRIVATE_KEY, EncryptConstants.PLATFORM_PUBLIC_KEY, jsonRequest);
  • ("encryptBody: " + encryptBody);
  • return encryptBody;
  • } catch (Exception e) {
  • throw new RuntimeException(e);
  • }
  • }
  • private String readDataFromRequestBody(RequestBody requestBody){
  • Buffer buffer = new Buffer();
  • try {
  • (buffer);
  • } catch (IOException e) {
  • ();
  • return "";
  • }
  • //编码设为UTF-8
  • Charset charset = ("UTF-8");
  • MediaType contentType = ();
  • if (contentType != null) {
  • charset = (("UTF-8"));
  • }
  • //拿到request
  • String requestString = (charset);
  • return requestString;
  • }
  • //这里是统一对响应报文进行验签和解密
  • private Response decryptResponse(Response response){
  • try {
  • builder = ();
  • Response clone = ();
  • ResponseBody body = ();
  • if (body != null) {
  • MediaType mediaType = ();
  • if (mediaType != null) {
  • String bodyString = body.string();
  • ("decryptResponse bodyString: " + bodyString);
  • JSONObject job = (bodyString);
  • JSONObject dataObj = (JSONObject)job.get("data");
  • if (dataObj == null){
  • LogUtils.error("decryptResponse result data is null");
  • return response;
  • }
  • String resonseData = ();
  • ChannelBaseResponse encryptResponse = (resonseData, ChannelBaseResponse.class);
  • boolean verify = (encryptResponse, EncryptConstants.PLATFORM_PUBLIC_KEY, EncryptConstants.ENCRYPT_TYPE);
  • if (!verify){
  • LogUtils.error("decryptResponse verifySign error verify false");
  • return null;
  • }
  • //平台私钥解密得到对称密钥
  • String randomKey = (EncryptConstants.APP_PRIVATE_KEY, EncryptConstants.ENCRYPT_TYPE, ());
  • //得到解密的业务数据
  • String busData = (randomKey, EncryptConstants.ENCRYPT_TYPE, a());
  • ("decryptResponse busData: " + busData);
  • body = (mediaType, busData);
  • return ().body(body).build();
  • }
  • }
  • } catch (Exception e) {
  • LogUtils.error("解密错误: " + ());
  • }
  • return response;
  • }
  • }