基于Java实现数据脱敏
用法
Jdk版本
大于等于1.8
maven依赖
<dependency>
<groupId>red.zyc</groupId>
<artifactId>desensitization</artifactId>
<version>2.4.6</version>
</dependency>
例子
对象域值脱敏
下面是一个Child类,其中包含了一些敏感域以及一些嵌套的敏感域
public class Child {
@ChineseNameSensitive
private String name = "李富贵";
@IdCardNumberSensitive
private String idCardNumber = "321181199301096000";
@UsccSensitive
private String unifiedSocialCreditCode = "91310106575855456U";
@CharSequenceSensitive
private String string = "123456";
@EmailSensitive
private String email = "123456@qq.com";
@PasswordSensitive
private String password = "123456";
@CascadeSensitive
private Mother mother = new Mother();
@CascadeSensitive
private Father father = new Father();
private @PasswordSensitive
String[] passwords = {"123456", "1234567", "12345678"};
private List<@CascadeSensitive Parent> parents1 = Stream.of(new Father(), new Mother()).collect(Collectors.toList());
private List<@EmailSensitive String> emails1 = Stream.of("123456@qq.com", "1234567@qq.com", "1234568@qq.com").collect(Collectors.toList());
private Map<@ChineseNameSensitive String, @EmailSensitive String> emails2 = Stream.of("张三", "李四", "小明").collect(Collectors.toMap(s -> s, s -> "123456@qq.com"));
}
只需要在敏感数据字段上标记相应类型的敏感注解,例如@ChineseNameSensitive
、@EmailSensitive
等注解,如果你的数据字段是需要级联脱敏的对象,你只需要在该字段上标注@CascadeSensitive
注解,最后调用以下方法即可擦除对象中的所有敏感信息然后返回一个新的Child对象。
Child child=Sensitive.desensitize(new Child());
值脱敏
可能你的敏感信息是一个字符串类型的值或者是一个Collection
、Array
、Map
之类的值,同样擦除它们的敏感信息也很简单
static void desensitize(){
// String
System.out.printf("字符串脱敏: %s%n",Sensitive.desensitize("123456@qq.com",new TypeToken<@EmailSensitive String>(){
}));
// Collection
System.out.printf("集合脱敏: %s%n",Sensitive.desensitize(Stream.of("123456@qq.com","1234567@qq.com","1234568@qq.com").collect(Collectors.toList()),
new TypeToken<List<@EmailSensitive String>>(){
}));
// Array
System.out.printf("数组脱敏: %s%n",Arrays.toString(Sensitive.desensitize(new String[]{"123456@qq.com","1234567@qq.com","12345678@qq.com"},
new TypeToken<@EmailSensitive String[]>(){
})));
// Map
System.out.printf("Map脱敏: %s%n",Sensitive.desensitize(Stream.of("张三","李四","小明").collect(Collectors.toMap(s->s,s->"123456@qq.com")),
new TypeToken<Map<@ChineseNameSensitive String, @EmailSensitive String>>(){
}));
}
在上面的例子中通过TypeToken构造需要脱敏对象的类型以便我们能够准确的捕获被脱敏对象的实际类型和相应的敏感注解。 这里有一个很重要的地方需要我们格外的关注:由于jdk在解析注解时的bug导致无法正确的获取嵌套类上的注解,TypeToken必须在静态方法、静态代码块中初始化或者作为静态变量初始化,不能在实例方法、实例代码块中初始化同时也不能作为成员变量初始化,这样运行时才能正确的获取脱敏对象上的注解。
转载自:
https://github.com/Allurx/desensitization