JAVA 数据脱敏方式

1、依赖

<dependency><groupId>com.fasterxml.jackson.core</groupId><artifactId>jackson-core</artifactId>
</dependency>
<dependency><groupId>com.fasterxml.jackson.core</groupId><artifactId>jackson-annotations</artifactId>
</dependency>
<dependency><groupId>com.fasterxml.jackson.core</groupId><artifactId>jackson-databind</artifactId>
</dependency>

2、脱敏父类

public abstract class AbstractDesensitization {/*** 脱敏*/public abstract String serialize(String value);
}

3、脱敏注解

@Retention(RetentionPolicy.RUNTIME) //注解的生命周期
@JacksonAnnotationsInside   //标注为组合注解
@JsonSerialize(using = DesensitizationJsonSerializer.class)
public @interface Desensitization {Class<? extends AbstractDesensitization> value();
}

4、脱敏序列化

/*** 脱敏序列化*/
public class DesensitizationJsonSerializer extends JsonSerializer<String> implements ContextualSerializer {private AbstractDesensitization desensitization;// 无参构造方法public DesensitizationJsonSerializer() {}// 有参构造方法public DesensitizationJsonSerializer(AbstractDesensitization desensitization) {this.desensitization = desensitization;}// JsonSerializer@Overridepublic void serialize(String s,JsonGenerator jsonGenerator,SerializerProvider serializerProvider) throws IOException {jsonGenerator.writeString(desensitization.serialize(s));}// ContextualSerializer@Overridepublic JsonSerializer<?> createContextual(SerializerProvider serializerProvider, BeanProperty beanProperty) throws JsonMappingException {JsonSerializer<?> jsonSerializer = null;if(null == beanProperty){
jsonSerializer = serializerProvider.findNullValueSerializer(beanProperty);
} if(!Objects.equals(beanProperty.getType().getRawClass(), String.class)){jsonSerializer = serializerProvider.findValueSerializer(beanProperty.getType(), beanProperty);}if(Objects.equals(beanProperty.getType().getRawClass(), String.class)){jsonSerializer = setDesensitization(jsonSerializer, beanProperty);}return jsonSerializer;}/*** 设置脱敏*/private JsonSerializer<?> setDesensitization(JsonSerializer<?> jsonSerializer, BeanProperty beanProperty) {Desensitization desensitization = beanProperty.getAnnotation(Desensitization.class);if (desensitization == null){ desensitization = beanProperty.getContextAnnotation(Desensitization.class);}if (desensitization != null) {try {jsonSerializer = new DesensitizationJsonSerializer(desensitization.value().newInstance());} catch (InstantiationException e) {e.printStackTrace();} catch (IllegalAccessException e) {e.printStackTrace();}}return jsonSerializer;}
}

5、手机号脱敏

public class MobilePhoneDesensitization extends AbstractDesensitization {@Overridepublic String serialize(String value) {return value.replaceAll("(\\d{3})\\d{4}(\\d{4})","$1****$2");}
}

6、手机号脱敏

public class IdCardDesensitization extends AbstractDesensitization {@Overridepublic String serialize(String value) {return value.replaceAll("(?<=\\w{3})\\w(?=\\w{4})","*");}
}

7、测试

@Data
public class User {@Desensitization(IdCardDesensitization.class)private String idCard;@Desensitization(MobilePhoneDesensitization.class)private String mobilePhone;
}