Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Spring Boot - Encrypt JSON data

Tags:

json

spring

jackson

spring-boot

In our application we have to encrypt/decrypt the Json property values (not the property name) for each request and response. Example,
{"userName":"encrypted value", "email":"encrypted value"}

We use Sprint boot 1.3 and we are using @RequestBody and @ResponseBody annotations to bind the request json with the object and serialise the response object as JSON.

We don't want to call encrypt/decrypt method in our each controller method. Is there any way we can instruct sprint to decrypt the json values before binding with the request object? Similarly, to encrypt the response object field values before converting them to json? Or customising Jackson may help us?

Thanks!

like image 524
Raj Avatar asked Nov 22 '16 11:11

Raj

1 Answers

You can write your own http message converter. Since you are using spring boot it would be quite easy: just extend your custom converter from AbstractHttpMessageConverter and mark the class with @Component annotation.

From spring docs:

You can contribute additional converters by simply adding beans of that type in a Spring Boot context. If a bean you add is of a type that would have been included by default anyway (like MappingJackson2HttpMessageConverter for JSON conversions) then it will replace the default value.

And here is a simple example:

@Component
public class Converter extends AbstractHttpMessageConverter<Object> {

    public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");

    @Inject
    private ObjectMapper objectMapper;

    public Converter(){
        super(MediaType.APPLICATION_JSON_UTF8,
            new MediaType("application", "*+json", DEFAULT_CHARSET));
    }

    @Override
    protected boolean supports(Class<?> clazz) {
        return true;
    }

    @Override
    protected Object readInternal(Class<? extends Object> clazz,
                                  HttpInputMessage inputMessage) throws IOException, HttpMessageNotReadableException {
        return objectMapper.readValue(decrypt(inputMessage.getBody()), clazz);
    }

    @Override
    protected void writeInternal(Object o, HttpOutputMessage outputMessage) throws IOException, HttpMessageNotWritableException {
        outputMessage.getBody().write(encrypt(objectMapper.writeValueAsBytes(o)));
    }

    private InputStream decrypt(InputStream inputStream){
        // do your decryption here 
        return inputStream;
    }

    private byte[] encrypt(byte[] bytesToEncrypt){
        // do your encryption here 
        return bytesToEncrypt;
    }
}
like image 118
eparvan Avatar answered Oct 14 '22 08:10

eparvan
Sign in to Comment

Related questions

Update or reload UITableView after completion of delete action on detail view
User Registration in Devise through API
Unmarshal JSON Array of arrays in Go
Jackson + Tomcat - java.lang.VerifyError: Cannot inherit from final class
node.js + MySQL & JSON-result - Callback-issue & no response to client
Return Json from Generic List in Web API
Unable to deserialize classes with multiple constructors with Json.NET [duplicate]
Populate select2 with JSON after init doesnt work
Python 3.x cannot serialize Decimal() to JSON
How can I serialize dynamic object to JSON in C# MVC Controller action?
Polymorphism in JSON, Jersey and Jackson
How do people handle authentication for RESTful api's (technology agnostic)
Get a JSON file from URL and display
Does ServiceStack.Text offer pretty-printing of JSON?
Read Json file data using javascript?
Root object or no? What is the best practice for API responses?
Why is json.loads an order of magnitude faster than ast.literal_eval?
Can web.config httpErrors section and a WebAPI area coexist?
AFNetworking and Swift
Sending JSON in POST request with retrofit [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!