1、問題描述
SpringCloud-Config結合Git倉庫對敏感數據進行加密,使用時SpringCloud-Config將加密後的配置文件從Git倉庫下來之後解密,微服務獲取到的就是解密之後的配置文件。
在統一處理敏感數據時使用的是curl命令,但是效率太低了,如是寫了一個Java通過httpclient方式訪問URL去實現批量(本文只是寫了一個簡單的demo,批量並沒有補齊)
使用curl命令加密和解密
curl -H "Content-Type: text/plain" -u 'A81n360vrO':'Rp23JULSF5' http://192.168.0.110:7001/encrypt -d '123456' curl -H "Content-Type: text/plain" -u 'A81n360vrO':'Rp23JULSF5' http://192.168.0.110:7001/decrypt -d 'AQBqzHRjh4absrQdDckiymqcGrsZB4d30tk47ZKJmr6WjA8d5bjuZz2iJE/Qc46umseuZ23tfzbwKq/hYWzFJyKBEjaV8HNYisQ4ljIYP6mcAZMphLoGnrMakW8r1cs5XxQ8QYRjOD0M+uDOPU0aZ1wo19X9VJ2m0nPdFclrUY4H522M0XQ='
2、操作方法
1、引用的pom
<dependency> <groupId>com.squareup.okhttp3</groupId> <artifactId>okhttp</artifactId> <version>3.14.2</version> </dependency>
2、核心代碼
import okhttp3.*; public class Test { public static void main(String[] args) throws Exception{ String userName = "A81n360vrO";//服務連配置中心賬號 String password = "Rp23JULSF5";//服務連配置中心密碼 initClient(userName, password); String pwd = "123456";//待加密的密碼 System.out.println("加密前密碼:"+pwd); String encryptPwd = encrypt(pwd); System.out.println("加密後密碼:"+encryptPwd); String decryptPwd = decrypt(encryptPwd); System.out.println("解密後密碼:"+decryptPwd); } private static OkHttpClient HTTP_CLIENT = null; /** * 初始化httpClient * @param userName * @param password */ private static void initClient(String userName, String password){ HTTP_CLIENT = new OkHttpClient.Builder().authenticator((route, response) -> { String credential = Credentials.basic(userName, password); return response.request().newBuilder().header("Authorization", credential).build(); }).build(); } /** * 通過http方式對數據進行解密 * @param value * @return * @throws Exception */ private static String decrypt(String value) throws Exception{ String url = "http://192.168.0.110:7001/decrypt";//配置中心解密地址 Request request = new Request.Builder().url(url).post(RequestBody.create(MediaType.parse("text/plain"), value.getBytes())).build(); Call call = HTTP_CLIENT.newCall(request); Response response = call.execute(); ResponseBody responseBody = response.body(); return responseBody.string(); } /** * 通過http方式對數據進行加密 * @param value * @return * @throws Exception */ private static String encrypt(String value) throws Exception{ String url = "http://192.168.0.110:7001/encrypt";//配置中心加密地址 Request request = new Request.Builder().url(url).post(RequestBody.create(MediaType.parse("text/plain"), value.getBytes())).build(); Call call = HTTP_CLIENT.newCall(request); Response response = call.execute(); ResponseBody responseBody = response.body(); return responseBody.string(); } }
3、運行結果
加密前密碼:123456 加密後密碼:AQBqzHRjh4absrQdDckiymqcGrsZB4d30tk47ZKJmr6WjA8d5bjuZz2iJE/Qc46umseuZ23tfzbwKq/hYWzFJyKBEjaV8HNYisQ4ljIYB5ccGt7UnskSDMZrzMnk9+WJjCYxA/rgsELGACWDHGE+Cej4elP1zgsRk21UpM4FdURof8d7Wp2vrLyCgW4hij8Uq0XI1hsRO1MVSzSLl2sLAkhv2ULym9rbDtxNmFKSRX30UZjLR2zVvDi7PNVNHRQ+ZyFlTPfm834J/8aiDoVEzXRudjAOq7imbQVqha7g53JxHcFWjc2TWbVLP6mcAZMphLoGnrMakW8r1cs5XxQ8QYRjOD0M+uDOPU0aZ1wo19X9VJ2m0nPdFclrUY4H522M0XQ= 解密後密碼:123456