package com.webmanage.config; import com.webmanage.util.AESUtil; import org.springframework.boot.SpringApplication; import org.springframework.boot.env.EnvironmentPostProcessor; import org.springframework.core.Ordered; import org.springframework.core.env.ConfigurableEnvironment; import org.springframework.core.env.EnumerablePropertySource; import org.springframework.core.env.MapPropertySource; import org.springframework.core.env.MutablePropertySources; import org.springframework.util.StringUtils; import java.util.HashMap; import java.util.Map; /** * 在应用启动早期对敏感配置进行解密 */ public class EncryptedPropertyEnvironmentPostProcessor implements EnvironmentPostProcessor, Ordered { @Override public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) { Map overrides = new HashMap<>(); // 扫描所有可枚举属性源,收集以 AES: 开头的属性值并解密,放入最高优先级覆盖源 for (org.springframework.core.env.PropertySource ps : environment.getPropertySources()) { if (ps instanceof EnumerablePropertySource) { EnumerablePropertySource eps = (EnumerablePropertySource) ps; for (String name : eps.getPropertyNames()) { Object raw = eps.getProperty(name); if (raw instanceof String) { String value = (String) raw; if (EncryptedPropertyDetector.isEncrypted(value)) { String cipher = EncryptedPropertyDetector.stripPrefix(value); String plain = AESUtil.decryptWithDefaultKey(cipher); overrides.put(name, plain); } } } } } if (!overrides.isEmpty()) { MutablePropertySources sources = environment.getPropertySources(); sources.addFirst(new MapPropertySource("decryptedSensitiveProperties", overrides)); } } // 确保尽早执行 @Override public int getOrder() { // 在配置文件加载完成后执行,避免拿不到值 return Ordered.LOWEST_PRECEDENCE; } }