我有 JSON 请求和响应,我想在日志中打印 JSON,但是有一些我想避免在日志中打印的安全字段,我试图屏蔽字段键: 示例:
屏蔽前:
{"username":"user1","password":"123456","country":"US","creditCardNumber":"1283-1238-0458-3458"}
屏蔽后
{"username":"user1","password":"XXXXXX","country":"US","creditCardNumber":"XXXXXX"}
我正在使用 java Gson 库,请帮我做一下
编辑
我想动态传递 key ,所以在函数 a
中我想屏蔽这些字段,但在函数 b
中不同的字段。
最佳答案
我认为您应该从日志中排除该字段。下面是一个使用 Gson
和 @Expose
注释的简单示例。
public static void main(String[] args) throws IOException {
String json = "{\"username\":\"user1\",\"password\":\"123456\",\"country\":\"US\",\"creditCardNumber\":\"1283-1238-0458-3458\"}";
Gson gson = new Gson();
User user = gson.fromJson(json, User.class);
System.out.println(gson.toJson(user));
Gson gsonExpose = new GsonBuilder().excludeFieldsWithoutExposeAnnotation().create();
System.out.println(gsonExpose.toJson(user));
}
public class User {
@Expose
private String username;
private String password;
@Expose
private String country;
private String creditCardNumber;
}
输出将是:
{"username":"user1","password":"123456","country":"US","creditCardNumber":"1283-1238-0458-3458"}
{"username":"user1","country":"US"}
另一种使用反射的解决方案:
public static void main(String[] args) throws IOException {
String json = "{\"username\":\"user1\",\"password\":\"123456\",\"country\":\"US\",\"creditCardNumber\":\"1283-1238-0458-3458\"}";
Gson gson = new Gson();
User user = gson.fromJson(json, User.class);
List<String> fieldNames = Arrays.asList("password", "creditCardNumber");
System.out.println(mask(user, fieldNames, "XXXXXXX"));
}
public static String mask(Object object, List<String> fieldNames, String mask) {
Field[] fields = object.getClass().getDeclaredFields();
for (int i = 0; i < fields.length; i++) {
if (fieldNames.contains(fields[i].getName())) {
try {
fields[i].setAccessible(true);
if (fields[i].get(object) != null) {
fields[i].set(object, mask);
}
} catch (Exception ex) {
ex.printStackTrace();
}
}
}
Gson gson = new Gson();
return gson.toJson(object);
}
关于java - JSON 中所选键的掩码值,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31241654/