From 35a9e4c8e881da1a71e9dce76c647b39dbb24aec Mon Sep 17 00:00:00 2001 From: AprilWind <2100166581@qq.com> Date: Thu, 18 Dec 2025 19:19:01 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E5=A2=9E=E5=8A=A0=E9=AB=98=E5=AE=89?= =?UTF-8?q?=E5=85=A8=E8=84=B1=E6=95=8F=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/core/utils/DesensitizedUtils.java | 57 ++++++++++++++++--- .../sensitive/core/SensitiveStrategy.java | 5 ++ 2 files changed, 54 insertions(+), 8 deletions(-) diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/DesensitizedUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/DesensitizedUtils.java index 698fd6455..8a2ffcf97 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/DesensitizedUtils.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/DesensitizedUtils.java @@ -28,19 +28,60 @@ public class DesensitizedUtils extends DesensitizedUtil { } int len = value.length(); + int prefixMaskLimit = prefixVisible + maskLength; + int fullLimit = prefixMaskLimit + suffixVisible; - // 总长度小于等于前后可见长度 → 全部掩码 - if (len <= prefixVisible + suffixVisible) { + // 规则 1:长度 <= 中间掩码长度 → 全掩码 + if (len <= maskLength) { return StrUtil.repeat('*', len); } + String mask = StrUtil.repeat('*', maskLength); + + // 规则 2:长度 <= 前缀 + 中间掩码 + if (len <= prefixMaskLimit) { + return value.substring(0, len - maskLength) + mask; + } String prefix = value.substring(0, prefixVisible); - String suffix = value.substring(len - suffixVisible); - // 中间可用于脱敏的最大长度 - int middleLen = len - prefixVisible - suffixVisible; - // 实际掩码长度 至少脱敏 1 位 - int actualMaskLen = Math.max(1, Math.min(maskLength, middleLen)); - return prefix + StrUtil.repeat('*', actualMaskLen) + suffix; + + // 规则 3:长度 <= 前缀 + 中间掩码 + 后缀 + if (len <= fullLimit) { + int suffixLen = len - prefixMaskLimit; + return prefix + mask + value.substring(len - suffixLen); + } + + // 规则 4:标准形态 + return prefix + mask + value.substring(len - suffixVisible); + } + + /** + * 高安全级别脱敏方法(Token / 私钥) + * + * @param value 原始字符串 + * @param prefixVisible 前面可见长度(推荐0~4) + * @param suffixVisible 后面可见长度(推荐0~4) + * @return 脱敏后字符串 + */ + public static String maskHighSecurity(String value, int prefixVisible, int suffixVisible) { + if (StrUtil.isBlank(value)) { + return value; + } + int len = value.length(); + + // 规则1:长度 <= 前缀可见长度 → 全部掩码 + if (len <= prefixVisible) { + return StrUtil.repeat('*', len); + } + + // 规则2:长度 <= 前缀 + 后缀可见长度 → 优先掩码后面 + if (len <= prefixVisible + suffixVisible) { + return value.substring(0, len - prefixVisible) + StrUtil.repeat('*', prefixVisible); + } + + // 规则3:标准形态 → 前后可见,中间全部掩码 + return value.substring(0, prefixVisible) + + StrUtil.repeat('*', len - prefixVisible - suffixVisible) + + value.substring(len - suffixVisible); } } diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveStrategy.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveStrategy.java index c792b6d35..30de412a8 100644 --- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveStrategy.java +++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveStrategy.java @@ -88,6 +88,11 @@ public enum SensitiveStrategy { */ STRING_MASK(s -> DesensitizedUtils.mask(s, 4, 4, 4)), + /** + * 高安全级别脱敏(Token / 私钥):前2位可见,后2位可见,中间全部掩码 + */ + MASK_HIGH_SECURITY(s -> DesensitizedUtils.maskHighSecurity(s, 2, 2)), + /** * 清空为"" */