From b68ebc43f85d7262d8c8044d714d719902fb2413 Mon Sep 17 00:00:00 2001 From: mjkhan21 Date: Thu, 25 Jan 2024 15:26:08 +0900 Subject: [PATCH] =?UTF-8?q?encrypt(...)=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cokr/xit/base/crypto/CryptoConfig.java | 12 +-- .../xit/base/crypto/CryptographySupport.java | 76 +++++++++---------- .../base/crypto/web/CleanupCryptography.java | 22 ------ 3 files changed, 37 insertions(+), 73 deletions(-) delete mode 100644 src/main/java/cokr/xit/base/crypto/web/CleanupCryptography.java diff --git a/src/main/java/cokr/xit/base/crypto/CryptoConfig.java b/src/main/java/cokr/xit/base/crypto/CryptoConfig.java index 71081a7..42c0c42 100644 --- a/src/main/java/cokr/xit/base/crypto/CryptoConfig.java +++ b/src/main/java/cokr/xit/base/crypto/CryptoConfig.java @@ -6,26 +6,16 @@ import org.apache.ibatis.session.defaults.DefaultSqlSessionFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Conditional; import org.springframework.context.annotation.Configuration; -import org.springframework.web.servlet.config.annotation.EnableWebMvc; -import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import cokr.xit.base.crypto.Cryptography.Config; -import cokr.xit.base.crypto.web.CleanupCryptography; import cokr.xit.foundation.util.ConditionSupport; -@EnableWebMvc @Configuration @Conditional(ConditionSupport.InBoot.class) -public class CryptoConfig implements WebMvcConfigurer { +public class CryptoConfig { @Resource(name = "sqlSession") private DefaultSqlSessionFactory sqlSessionFactory; - @Override - public void addInterceptors(InterceptorRegistry registry) { - registry.addInterceptor(new CleanupCryptography()).addPathPatterns(new String[] {"/", "/**/*.do"}); - } - @Bean CryptographySupport cryptographySupport() { Config config = Cryptography.Config.get(); diff --git a/src/main/java/cokr/xit/base/crypto/CryptographySupport.java b/src/main/java/cokr/xit/base/crypto/CryptographySupport.java index 6108935..1c01fbb 100644 --- a/src/main/java/cokr/xit/base/crypto/CryptographySupport.java +++ b/src/main/java/cokr/xit/base/crypto/CryptographySupport.java @@ -1,9 +1,7 @@ package cokr.xit.base.crypto; -import java.sql.PreparedStatement; import java.sql.SQLException; import java.sql.Statement; -import java.util.ArrayList; import java.util.List; import java.util.Map; import java.util.function.BiFunction; @@ -11,10 +9,13 @@ import java.util.stream.Collectors; import org.apache.commons.beanutils.BeanUtils; import org.apache.commons.beanutils.PropertyUtils; -import org.apache.ibatis.executor.parameter.ParameterHandler; +import org.apache.ibatis.executor.Executor; import org.apache.ibatis.executor.resultset.ResultSetHandler; +import org.apache.ibatis.mapping.MappedStatement; import org.apache.ibatis.plugin.Intercepts; import org.apache.ibatis.plugin.Signature; +import org.apache.ibatis.session.ResultHandler; +import org.apache.ibatis.session.RowBounds; import cokr.xit.base.crypto.Cryptography.Config; import cokr.xit.foundation.data.paging.MybatisPlugin; @@ -23,31 +24,12 @@ import cokr.xit.foundation.data.paging.MybatisPlugin; * @author mjkhan */ @Intercepts({ - @Signature(type = ParameterHandler.class, method = "setParameters", args = {PreparedStatement.class}), - @Signature(type = ResultSetHandler.class, method = "handleResultSets", args = {Statement.class}) + @Signature(type = Executor.class, method = "query", args = {MappedStatement.class, Object.class, RowBounds.class, ResultHandler.class}), + @Signature(type = ResultSetHandler.class, method = "handleResultSets", args = {Statement.class}), + + @Signature(type = Executor.class, method = "update", args = {MappedStatement.class, Object.class}) }) public class CryptographySupport extends MybatisPlugin { - private static final ThreadLocal> cached = new ThreadLocal<>(); - - private static boolean isCached(Object obj) { - List objs = cached.get(); - return objs != null ? objs.contains(obj) : false; - } - - private static void setCache(Object obj) { - List objs = cached.get(); - if (objs == null) - cached.set(objs = new ArrayList<>()); - objs.add(obj); - } - - public static void clear() { - List objs = cached.get(); - if (objs != null) - objs.clear(); - cached.remove(); - } - private Map cryptos; public CryptographySupport() { @@ -62,10 +44,8 @@ public class CryptographySupport extends MybatisPlugin { } @Override - protected Object setParameters(ParameterHandler parameterHandler, PreparedStatement statement) throws SQLException { - Object obj = parameterHandler.getParameterObject(); - encrypt(obj); - return super.setParameters(parameterHandler, statement); + protected Object query(Executor executor, MappedStatement mappedStatement, Object obj, RowBounds rowBounds, ResultHandler resultHandler) throws SQLException { + return encrypt(obj, () -> super.query(executor, mappedStatement, obj, rowBounds, resultHandler)); } @Override @@ -82,24 +62,43 @@ public class CryptographySupport extends MybatisPlugin { return obj; } + @Override + protected Object update(Executor executor, MappedStatement mappedStatement, Object obj) throws SQLException { + return encrypt(obj, () -> super.update(executor, mappedStatement, obj)); + } + private boolean isEnabled(Object obj) { return !isEmpty(obj) && !isEmpty(cryptos); } - private void encrypt(Object obj) { - if (!isEnabled(obj)) return; + private static interface ResultSupplier { + Object get() throws Exception; + } + + private Object encrypt(Object obj, ResultSupplier resultSupplier) { + boolean enabled = isEnabled(obj); + if (enabled) + process(obj, (arg) -> convert(arg, (crypto, val) -> crypto.encrypt(val))); - process(obj, (arg) -> convert(arg, (crypto, val) -> crypto.encrypt(val), true)); + Object result = null; + try { + result = resultSupplier.get(); + } catch (Exception e) { + throw runtimeException(e); + } + + if (enabled) + process(obj, (arg) -> convert(arg, (crypto, val) -> crypto.decrypt(val))); + + return result; } - private void convert(Object obj, BiFunction converter, boolean cache) { + private void convert(Object obj, BiFunction converter) { List targetValues = Cryptography.Config.get().getTargetValues(obj); if (targetValues.isEmpty()) return; try { - if (cache && isCached(obj)) return; - for (Cryptography.TargetValue target: targetValues) { for (String cryptoDef: target.getCryptoDefs()) { Cryptography crypto = cryptos.get(cryptoDef); @@ -127,9 +126,6 @@ public class CryptographySupport extends MybatisPlugin { } } } - - if (cache) - setCache(obj); } catch (Exception e) { throw runtimeException(e); } @@ -138,6 +134,6 @@ public class CryptographySupport extends MybatisPlugin { private void decrypt(Object obj) { if (!isEnabled(obj)) return; - convert(obj, (crypto, val) -> crypto.decrypt(val), false); + convert(obj, (crypto, val) -> crypto.decrypt(val)); } } \ No newline at end of file diff --git a/src/main/java/cokr/xit/base/crypto/web/CleanupCryptography.java b/src/main/java/cokr/xit/base/crypto/web/CleanupCryptography.java deleted file mode 100644 index 49305f2..0000000 --- a/src/main/java/cokr/xit/base/crypto/web/CleanupCryptography.java +++ /dev/null @@ -1,22 +0,0 @@ -package cokr.xit.base.crypto.web; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import cokr.xit.base.crypto.CryptographySupport; -import cokr.xit.foundation.web.RequestInterceptor; - -/**암호화한 데이터를 갖는 객체들의 캐시를 비우는 RequestInterceptor - * @author mjkhan - */ -public class CleanupCryptography extends RequestInterceptor { - @Override - public void afterCompletion(HttpServletRequest hreq, HttpServletResponse hresp, Object handler, Exception ex) throws Exception { - CryptographySupport.clear(); - } - - @Override - public void afterConcurrentHandlingStarted(HttpServletRequest hreq, HttpServletResponse hresp, Object handler) throws Exception { - CryptographySupport.clear(); - } -} \ No newline at end of file