修改 http message 序列化方式 (fastjson -> jackson).

orion-ops-framework/orion-ops-spring-boot-starter-desensitize/src/main/java/com/orion/ops/framework/desensitize/config/OrionDesensitizeAutoConfiguration.java

@@ -1,14 +1,13 @@
 package com.orion.ops.framework.desensitize.config;
 
-import com.alibaba.fastjson.serializer.SerializeFilter;
+import com.orion.ops.framework.common.constant.AutoConfigureOrderConst;
-import com.alibaba.fastjson.support.config.FastJsonConfig;
+import com.orion.ops.framework.desensitize.core.filter.DesensitizeValueFilter;
-import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
+import com.orion.ops.framework.desensitize.core.serializer.DesensitizeJsonSerializer;
-import com.orion.lang.utils.Arrays1;
-import com.orion.ops.framework.desensitize.core.filter.DesensitizeValueSerializeFilter;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
-import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.AutoConfigureOrder;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 import org.springframework.context.annotation.Bean;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 
 /**
  * 数据脱敏置类
@@ -20,32 +19,25 @@ import org.springframework.context.annotation.Bean;
  * @since 2023/6/29 16:55
  */
 @AutoConfiguration
-@AutoConfigureAfter(name = "com.orion.ops.framework.web.config.OrionWebAutoConfiguration")
+@AutoConfigureOrder(AutoConfigureOrderConst.FRAMEWORK_DESENSITIZE)
 public class OrionDesensitizeAutoConfiguration {
 
     /**
-     * @return 返回 序列化脱敏过滤器
+     * @return fastjson 序列化脱敏过滤器
      */
     @Bean
-    @ConditionalOnBean(FastJsonHttpMessageConverter.class)
+    public DesensitizeValueFilter desensitizeValueFilter() {
-    public DesensitizeValueSerializeFilter desensitizeValueSerializeFilter(FastJsonHttpMessageConverter converter) {
+        return new DesensitizeValueFilter();
-        DesensitizeValueSerializeFilter desensitizeFilter = new DesensitizeValueSerializeFilter();
+    }
-        // 获取 json 配置
+
-        FastJsonConfig config = converter.getFastJsonConfig();
+    /**
-        SerializeFilter[] filters = config.getSerializeFilters();
+     * @return jackson 序列化脱敏过滤器
-        int filterLength = Arrays1.length(filters);
+     */
-        if (filterLength == 0) {
+    @Bean
-            // 未设置配置
+    @ConditionalOnBean(MappingJackson2HttpMessageConverter.class)
-            filters = new SerializeFilter[]{desensitizeFilter};
+    public DesensitizeJsonSerializer desensitizeJsonSerializer(MappingJackson2HttpMessageConverter converter) {
-        } else {
+        DesensitizeJsonSerializer serializer = new DesensitizeJsonSerializer();
-            SerializeFilter[] newFilters = new SerializeFilter[filterLength + 1];
+        return serializer;
-            System.arraycopy(filters, 0, newFilters, 0, filterLength);
-            newFilters[filterLength] = desensitizeFilter;
-            filters = newFilters;
-        }
-        // 更新到配置
-        config.setSerializeFilters(filters);
-        return desensitizeFilter;
     }
 
 }

orion-ops-framework/orion-ops-spring-boot-starter-desensitize/src/main/java/com/orion/ops/framework/desensitize/core/annotation/Desensitize.java

@@ -1,4 +1,8 @@
-package com.orion.ops.framework.common.annotation;
+package com.orion.ops.framework.desensitize.core.annotation;
+
+import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.orion.ops.framework.desensitize.core.serializer.DesensitizeJsonSerializer;
 
 import java.lang.annotation.*;
 
@@ -14,6 +18,8 @@ import java.lang.annotation.*;
 @Target({ElementType.FIELD})
 @Retention(RetentionPolicy.RUNTIME)
 @Documented
+@JacksonAnnotationsInside
+@JsonSerialize(using = DesensitizeJsonSerializer.class)
 public @interface Desensitize {
 
     /**

orion-ops-framework/orion-ops-spring-boot-starter-desensitize/src/main/java/com/orion/ops/framework/desensitize/core/annotation/DesensitizeObject.java

@@ -1,4 +1,4 @@
-package com.orion.ops.framework.common.annotation;
+package com.orion.ops.framework.desensitize.core.annotation;
 
 import java.lang.annotation.*;
 

orion-ops-framework/orion-ops-spring-boot-starter-desensitize/src/main/java/com/orion/ops/framework/desensitize/core/filter/DesensitizeValueFilter.java

@@ -8,8 +8,8 @@ import com.orion.lang.utils.Strings;
 import com.orion.lang.utils.collect.Maps;
 import com.orion.lang.utils.reflect.Annotations;
 import com.orion.lang.utils.reflect.Fields;
-import com.orion.ops.framework.common.annotation.Desensitize;
+import com.orion.ops.framework.desensitize.core.annotation.Desensitize;
-import com.orion.ops.framework.common.annotation.DesensitizeObject;
+import com.orion.ops.framework.desensitize.core.annotation.DesensitizeObject;
 
 import java.lang.reflect.Field;
 import java.util.HashMap;
@@ -17,13 +17,15 @@ import java.util.List;
 import java.util.Map;
 
 /**
- * 脱敏序列化器
+ * fastjson 脱敏序列化器
+ * <p>
+ * 用于全局日志打印
  *
  * @author Jiahang Li
  * @version 1.0.0
  * @since 2023/6/30 12:19
  */
-public class DesensitizeValueSerializeFilter implements ValueFilter {
+public class DesensitizeValueFilter implements ValueFilter {
 
     private static final Map<String, Map<String, Desensitize>> DESENSITIZE_FIELDS = new HashMap<>();
 
@@ -32,7 +34,7 @@ public class DesensitizeValueSerializeFilter implements ValueFilter {
         if (object == null || value == null) {
             return value;
         }
-        Desensitize config = doDesensitizeField(object, name);
+        Desensitize config = this.doDesensitizeField(object, name);
         // 无需脱敏
         if (config == null) {
             return value;

orion-ops-framework/orion-ops-spring-boot-starter-desensitize/src/main/java/com/orion/ops/framework/desensitize/core/serializer/DesensitizeJsonSerializer.java

@@ -0,0 +1,52 @@
+package com.orion.ops.framework.desensitize.core.serializer;
+
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanProperty;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.ser.ContextualSerializer;
+import com.orion.lang.utils.Desensitizes;
+import com.orion.lang.utils.Objects1;
+import com.orion.ops.framework.desensitize.core.annotation.Desensitize;
+
+import java.io.IOException;
+import java.util.Objects;
+
+/**
+ * jackson 脱敏序列化器
+ * <p>
+ * 用于 http 响应
+ *
+ * @author Jiahang Li
+ * @version 1.0.0
+ * @since 2023/7/11 17:10
+ */
+public class DesensitizeJsonSerializer extends JsonSerializer<Object> implements ContextualSerializer {
+
+    private Desensitize desensitize;
+
+    @Override
+    public JsonSerializer<?> createContextual(SerializerProvider prov, BeanProperty property) throws JsonMappingException {
+        Desensitize desensitize = property.getAnnotation(Desensitize.class);
+        if (Objects.nonNull(desensitize)) {
+            this.desensitize = desensitize;
+            return this;
+        }
+        return prov.findValueSerializer(property.getType(), property);
+
+    }
+
+    @Override
+    public void serialize(Object value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
+        // 为空判断
+        if (value == null) {
+            gen.writeNull();
+            return;
+        }
+        // 脱敏
+        String mix = Desensitizes.mix(Objects1.toString(value), desensitize.keepStart(), desensitize.keepEnd(), desensitize.replacer());
+        gen.writeString(mix);
+    }
+
+}

orion-ops-framework/orion-ops-spring-boot-starter-log/src/main/java/com/orion/ops/framework/log/core/interceptor/AbstractLogPrinterInterceptor.java

@@ -62,8 +62,8 @@ public abstract class AbstractLogPrinterInterceptor implements LogPrinterInterce
 
     @SuppressWarnings("ALL")
     @Autowired(required = false)
-    @Qualifier("desensitizeValueSerializeFilter")
+    @Qualifier("desensitizeValueFilter")
-    private ValueFilter desensitizeValueSerializeFilter;
+    private ValueFilter desensitizeValueFilter;
 
     public AbstractLogPrinterInterceptor(LogPrinterConfig config) {
         this.config = config;
@@ -89,8 +89,8 @@ public abstract class AbstractLogPrinterInterceptor implements LogPrinterInterce
         fieldFilterList.add(ignoreFilter);
         fieldFilterList.add(desensitizeFilter);
         // 注解脱敏 未引入
-        if (desensitizeValueSerializeFilter != null) {
+        if (desensitizeValueFilter != null) {
-            fieldFilterList.add(desensitizeValueSerializeFilter);
+            fieldFilterList.add(desensitizeValueFilter);
         }
         this.fieldFilters = fieldFilterList.toArray(new SerializeFilter[0]);
     }

orion-ops-framework/orion-ops-spring-boot-starter-web/src/main/java/com/orion/ops/framework/web/config/OrionWebAutoConfiguration.java

@@ -1,30 +1,27 @@
 package com.orion.ops.framework.web.config;
 
-import com.alibaba.fastjson.serializer.SerializerFeature;
-import com.alibaba.fastjson.support.config.FastJsonConfig;
-import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.module.SimpleModule;
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
 import com.orion.lang.utils.collect.Lists;
+import com.orion.ops.framework.common.constant.AutoConfigureOrderConst;
 import com.orion.ops.framework.common.constant.FilterOrderConst;
 import com.orion.ops.framework.common.filter.FilterCreator;
-import com.orion.ops.framework.web.core.convert.CustomerFastJsonHttpMessageConverter;
-import com.orion.ops.framework.web.core.convert.SerializeConfig;
 import com.orion.ops.framework.web.core.filter.TraceIdFilter;
 import com.orion.ops.framework.web.core.handler.GlobalExceptionHandler;
 import com.orion.ops.framework.web.core.handler.WrapperResultHandler;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
+import org.springframework.boot.autoconfigure.AutoConfigureOrder;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.http.MediaType;
 import org.springframework.http.converter.ByteArrayHttpMessageConverter;
 import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.converter.ResourceRegionHttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.util.AntPathMatcher;
 import org.springframework.web.bind.annotation.RestController;
@@ -48,7 +45,7 @@ import java.util.List;
  * @since 2023/6/16 16:26
  */
 @AutoConfiguration
-@EnableConfigurationProperties(SerializeConfig.class)
+@AutoConfigureOrder(AutoConfigureOrderConst.FRAMEWORK_WEB)
 public class OrionWebAutoConfiguration implements WebMvcConfigurer {
 
     @Value("${orion.api.prefix}")
@@ -78,39 +75,6 @@ public class OrionWebAutoConfiguration implements WebMvcConfigurer {
         return new WrapperResultHandler();
     }
 
-    /**
-     * @param serializeConfig 序列化配置
-     * @return http message fast json 转换器
-     */
-    @Bean
-    public FastJsonHttpMessageConverter fastJsonHttpMessageConverter(SerializeConfig serializeConfig) {
-        // json 转换器
-        CustomerFastJsonHttpMessageConverter converter = new CustomerFastJsonHttpMessageConverter(serializeConfig);
-        // 配置
-        FastJsonConfig config = new FastJsonConfig();
-        // 支持的类型
-        List<MediaType> mediaTypes = Lists.of(
-                MediaType.APPLICATION_JSON,
-                MediaType.APPLICATION_FORM_URLENCODED,
-                MediaType.APPLICATION_XHTML_XML,
-                MediaType.TEXT_PLAIN,
-                MediaType.TEXT_HTML,
-                MediaType.TEXT_XML
-        );
-        converter.setSupportedMediaTypes(mediaTypes);
-        // 序列化配置
-        config.setSerializerFeatures(
-                SerializerFeature.DisableCircularReferenceDetect,
-                SerializerFeature.WriteMapNullValue,
-                SerializerFeature.WriteNullListAsEmpty,
-                SerializerFeature.IgnoreNonFieldGetter
-        );
-        config.setCharset(StandardCharsets.UTF_8);
-        converter.setFastJsonConfig(config);
-        converter.setDefaultCharset(StandardCharsets.UTF_8);
-        return converter;
-    }
-
     /**
      * @return http message jackson 转换器
      */
@@ -125,9 +89,11 @@ public class OrionWebAutoConfiguration implements WebMvcConfigurer {
                 MediaType.TEXT_PLAIN,
                 MediaType.TEXT_HTML,
                 MediaType.TEXT_XML,
-                new MediaType("application", "vnd.spring-boot.actuator.v2+json")
+                MediaType.ALL
         );
         converter.setSupportedMediaTypes(mediaTypes);
+        converter.setDefaultCharset(StandardCharsets.UTF_8);
+        // 默认 objectMapper
         ObjectMapper objectMapper = converter.getObjectMapper();
         objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
         // 序列化配置
@@ -142,18 +108,14 @@ public class OrionWebAutoConfiguration implements WebMvcConfigurer {
      * @return http message 转换器列表
      */
     @Bean
-    public HttpMessageConverters httpMessageConverters(FastJsonHttpMessageConverter fastJsonConverter,
+    public HttpMessageConverters httpMessageConverters(MappingJackson2HttpMessageConverter jacksonConvert) {
-                                                       MappingJackson2HttpMessageConverter jacksonConvert) {
-        List<HttpMessageConverter<?>> defaultConverters = new HttpMessageConverters().getConverters();
         List<HttpMessageConverter<?>> converters = new ArrayList<>();
-        // 将 byte converter 添加至首位 - fix swagger api 返回base64报错
+        // 添加 byte converter - swagger api
         converters.add(new ByteArrayHttpMessageConverter());
-        // 添加自定义 converter - using WrapperResultHandler/脱敏
+        // 添加 resource region - admin api log
-        converters.add(fastJsonConverter);
+        converters.add(new ResourceRegionHttpMessageConverter());
-        // 添加自定义 converter - jackson
+        // 添加 json converter - jackson
         converters.add(jacksonConvert);
-        // 添加默认处理器
-        converters.addAll(defaultConverters);
         return new HttpMessageConverters(false, converters);
     }
 

orion-ops-framework/orion-ops-spring-boot-starter-web/src/main/java/com/orion/ops/framework/web/core/convert/CustomerFastJsonHttpMessageConverter.java

@@ -1,40 +0,0 @@
-package com.orion.ops.framework.web.core.convert;
-
-import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
-import org.springframework.http.MediaType;
-
-import java.lang.reflect.Type;
-import java.util.List;
-
-/**
- * 自定义 fastjson 转换器
- *
- * @author Jiahang Li
- * @version 1.0.0
- * @since 2023/7/11 11:46
- */
-public class CustomerFastJsonHttpMessageConverter extends FastJsonHttpMessageConverter {
-
-    private final SerializeConfig serializeConfig;
-
-    public CustomerFastJsonHttpMessageConverter(SerializeConfig serializeConfig) {
-        this.serializeConfig = serializeConfig;
-    }
-
-    @Override
-    public boolean canRead(Type type, Class<?> contextClass, MediaType mediaType) {
-        List<String> unsupportedClasses = serializeConfig.getUnsupportedClasses();
-        if (unsupportedClasses != null) {
-            if (unsupportedClasses.contains(contextClass.getName())) {
-                return false;
-            }
-        }
-        return super.canRead(type, contextClass, mediaType);
-    }
-
-    @Override
-    public boolean canWrite(Type type, Class<?> clazz, MediaType mediaType) {
-        return super.canWrite(type, clazz, mediaType);
-    }
-
-}

orion-ops-framework/orion-ops-spring-boot-starter-web/src/main/java/com/orion/ops/framework/web/core/convert/SerializeConfig.java

@@ -1,29 +0,0 @@
-package com.orion.ops.framework.web.core.convert;
-
-import lombok.Data;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * 序列化配置
- *
- * @author Jiahang Li
- * @version 1.0.0
- * @since 2023/7/11 14:57
- */
-@Data
-@ConfigurationProperties("orion.serializer")
-public class SerializeConfig {
-
-    /**
-     * 不支持的序列化类型
-     */
-    private List<String> unsupportedClasses;
-
-    public SerializeConfig() {
-        this.unsupportedClasses = new ArrayList<>();
-    }
-
-}

orion-ops-framework/orion-ops-spring-boot-starter-web/src/main/resources/META-INF/spring-configuration-metadata.json

@@ -14,11 +14,6 @@
       "name": "orion.api.cors",
       "type": "java.lang.Boolean",
       "description": "是否开启 cors 过滤器."
-    },
-    {
-      "name": "orion.serializer.unsupported-classes",
-      "type": "java.util.List",
-      "description": "不支持的序列化类型."
     }
   ]
 }

orion-ops-launch/src/main/resources/application.yaml

@@ -133,11 +133,6 @@ orion:
     prefix: /orion-api
     # 是否开启跨域
     cors: true
-  serializer:
-    # 不支持的序列化类型
-    unsupported-classes:
-      - de.codecentric.boot.admin.server.web.InstancesController
-      - org.springframework.boot.actuate.endpoint.web.servlet.AbstractWebMvcEndpointHandlerMapping$OperationHandler
   swagger:
     # swagger 配置
     title: orion-ops-pro 运维平台