body 전체 암복호화 대상 필터 (설계서 작성 코딩)
This commit is contained in:
+1
-1
@@ -5,7 +5,7 @@ import java.util.Properties;
|
||||
import com.eactive.eai.adapter.http.client.impl.filter.OutCryptoFilter;
|
||||
|
||||
/**
|
||||
* TODO : 업체 암복호화에 맟추어 커스텀 필요
|
||||
* 카카오뱅크 암복호화에 맟추어 커스텀
|
||||
*/
|
||||
public class KakaobankEncFieldOutCryptoFilter extends EncFieldOutCryptoFilter {
|
||||
|
||||
|
||||
+17
@@ -0,0 +1,17 @@
|
||||
package com.eactive.eai.custom.adapter.http.client.impl.filter;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import com.eactive.eai.adapter.http.client.impl.filter.OutCryptoFilter;
|
||||
|
||||
/**
|
||||
* 토스 암복호화에 맟추어 커스텀
|
||||
*/
|
||||
public class TossEncFieldOutCryptoFilter extends EncFieldOutCryptoFilter {
|
||||
|
||||
protected Properties setProp(Properties p) {
|
||||
p.setProperty(OutCryptoFilter.PROP_DEC_FROM_PATH, "/encrypted_data");
|
||||
p.setProperty(OutCryptoFilter.PROP_ENC_TO_PATH, "/encrypted_data");
|
||||
return p;
|
||||
}
|
||||
}
|
||||
+1
-1
@@ -5,7 +5,7 @@ import java.util.Properties;
|
||||
import com.eactive.eai.adapter.http.client.impl.filter.OutCryptoFilter;
|
||||
|
||||
/**
|
||||
* TODO : 업체 암복호화에 맟추어 커스텀 필요
|
||||
* 토스뱅크 암복호화에 맟추어 커스텀
|
||||
*/
|
||||
public class TossbankEncFieldOutCryptoFilter extends EncFieldOutCryptoFilter {
|
||||
|
||||
|
||||
-74
@@ -1,74 +0,0 @@
|
||||
package com.eactive.eai.custom.adapter.http.dynamic.filter;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.eactive.eai.adapter.http.client.impl.filter.OutCryptoFilter;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.HttpAdapterFilter;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.InCryptoFilter;
|
||||
import com.eactive.eai.common.security.keyderiv.KeyDerivationStrategy;
|
||||
|
||||
/**
|
||||
* DJB ERP 연동용 암복호화 필터.
|
||||
*
|
||||
* DYNAMIC 키 컨텍스트 추출 규칙:
|
||||
* HTTP 헤더 {@code httpHeaderGroup}의 값은 JSON 객체이며,
|
||||
* 그 중 {@code x-emp-nm} 필드 값을 {@code groupSeq}로
|
||||
* runtimeContext에 담아 키 도출 전략에 전달한다.
|
||||
*
|
||||
* 어댑터 프로퍼티 (부모 클래스 공통 설정 외 추가 키):
|
||||
* crypto.context.key runtimeContext에 넣을 키 이름 (기본: groupSeq)
|
||||
* crypto.context.header 컨텍스트 JSON이 담긴 HTTP 헤더명 (기본: httpHeaderGroup)
|
||||
* crypto.context.header.field 헤더 JSON에서 추출할 필드명 (기본: x-emp-nm)
|
||||
*
|
||||
* 어댑터 프로퍼티 설정 예:
|
||||
* crypto.module.name = AES_GCM_NoPadding_DYNAMIC_sample
|
||||
* crypto.scope = FIELD
|
||||
* crypto.dec.enabled = Y
|
||||
* crypto.enc.enabled = N
|
||||
* crypto.dec.from.path = /encryptedData
|
||||
* crypto.dec.to.path = /
|
||||
* crypto.context.key = groupSeq
|
||||
* crypto.context.header = httpHeaderGroup
|
||||
* crypto.context.header.field = x-emp-nm
|
||||
*
|
||||
* 필터 타입 등록 (FQCN):
|
||||
* com.eactive.eai.custom.adapter.http.dynamic.filter.DJBErpCryptoFilter
|
||||
*/
|
||||
public class DJBErpEncFieldInCryptoFilter implements HttpAdapterFilter {
|
||||
|
||||
private final InCryptoFilter filter = new InCryptoFilter();
|
||||
|
||||
protected Properties setProp(Properties p) {
|
||||
p.setProperty(InCryptoFilter.PROP_DEC_FROM_PATH, "/encryptedData");
|
||||
p.setProperty(InCryptoFilter.PROP_ENC_TO_PATH, "/encryptedData");
|
||||
return p;
|
||||
}
|
||||
|
||||
private void setContext(Properties tempProp) {
|
||||
String empSeq = "";
|
||||
// TODO : empSeq 추출
|
||||
tempProp.setProperty(InCryptoFilter.PROP_AAD_HEADER, empSeq);
|
||||
|
||||
String groupSeq = "";
|
||||
// TODO : groupSeq 추출
|
||||
tempProp.setProperty(KeyDerivationStrategy.PARAM_CONTEXT_KEY, groupSeq);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object doPreFilter(String adptGrpName, String adptName, Object message, Properties prop,
|
||||
HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
setContext(prop);
|
||||
return filter.doPreFilter(adptGrpName, adptName, message, setProp(prop), request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object doPostFilter(String adptGrpName, String adptName, Object resultMessage, Properties prop,
|
||||
HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
setContext(prop);
|
||||
return filter.doPostFilter(adptGrpName, adptName, resultMessage, setProp(prop), request, response);
|
||||
}
|
||||
|
||||
}
|
||||
+61
@@ -0,0 +1,61 @@
|
||||
package com.eactive.eai.custom.adapter.http.dynamic.filter;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.eactive.eai.adapter.http.dynamic.HttpAdapterServiceKey;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.HttpAdapterFilter;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.InCryptoFilter;
|
||||
import com.eactive.eai.common.security.keyderiv.KeyDerivationStrategy;
|
||||
|
||||
/**
|
||||
* 더존 연동용 수신 암복호화 필터.
|
||||
*
|
||||
* {@code HttpAdapterServiceKey.INBOUND_HEADER} 프로퍼티로 전달된 수신 헤더 Map에서
|
||||
* 두 가지 컨텍스트 값을 추출하여 {@link InCryptoFilter}에 위임한다.
|
||||
*
|
||||
* x-emp-nm : GCM AAD 값 ({@code CRYPTO_AAD_HEADER} 프로퍼티에 설정)
|
||||
* x-chnl-nm : DYNAMIC 키 도출 컨텍스트 ({@code contextKey} 프로퍼티에 설정)
|
||||
* → {@code HsmContextSha256KeyDerivationStrategy}가 채널명 기반으로 키를 동적 생성
|
||||
*
|
||||
* 암복호화 필드 경로: {@code /encryptedData}
|
||||
*
|
||||
* 필터 타입 등록 (FQCN):
|
||||
* com.eactive.eai.custom.adapter.http.dynamic.filter.DouzoneEncFieldInCryptoFilter
|
||||
*/
|
||||
public class DouzoneEncFieldInCryptoFilter implements HttpAdapterFilter {
|
||||
|
||||
private final InCryptoFilter filter = new InCryptoFilter();
|
||||
|
||||
protected Properties setProp(Properties p) {
|
||||
p.setProperty(InCryptoFilter.PROP_DEC_FROM_PATH, "/encryptedData");
|
||||
p.setProperty(InCryptoFilter.PROP_ENC_TO_PATH, "/encryptedData");
|
||||
return p;
|
||||
}
|
||||
|
||||
private void setContext(Properties tempProp) {
|
||||
Properties inboundHeaders = (Properties) tempProp.get(HttpAdapterServiceKey.INBOUND_HEADER);
|
||||
String empNm = inboundHeaders.getProperty("x-emp-nm");
|
||||
tempProp.setProperty(InCryptoFilter.PROP_AAD_HEADER, empNm);
|
||||
|
||||
String chnlNm = inboundHeaders.getProperty("x-chnl-nm");
|
||||
tempProp.setProperty(KeyDerivationStrategy.PARAM_CONTEXT_KEY, chnlNm);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object doPreFilter(String adptGrpName, String adptName, Object message, Properties prop,
|
||||
HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
setContext(prop);
|
||||
return filter.doPreFilter(adptGrpName, adptName, message, setProp(prop), request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object doPostFilter(String adptGrpName, String adptName, Object resultMessage, Properties prop,
|
||||
HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
setContext(prop);
|
||||
return filter.doPostFilter(adptGrpName, adptName, resultMessage, setProp(prop), request, response);
|
||||
}
|
||||
|
||||
}
|
||||
+1
-1
@@ -5,7 +5,7 @@ import java.util.Properties;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.InCryptoFilter;
|
||||
|
||||
/**
|
||||
* TODO : 업체 암복호화에 맟추어 커스텀 필요
|
||||
* 카카오뱅크 암복호화에 맟추어 커스텀 필요
|
||||
*/
|
||||
public class KakaobankEncFieldInCryptoFilter extends EncFieldInCryptoFilter {
|
||||
|
||||
|
||||
+18
@@ -0,0 +1,18 @@
|
||||
package com.eactive.eai.custom.adapter.http.dynamic.filter;
|
||||
|
||||
import java.util.Properties;
|
||||
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.InCryptoFilter;
|
||||
|
||||
/**
|
||||
* 토스 암복호화에 맟추어 커스텀 필요
|
||||
*/
|
||||
public class TossEncFieldInCryptoFilter extends EncFieldInCryptoFilter {
|
||||
|
||||
protected Properties setProp(Properties p) {
|
||||
p.setProperty(InCryptoFilter.PROP_DEC_FROM_PATH, "/encrypted_data");
|
||||
p.setProperty(InCryptoFilter.PROP_ENC_TO_PATH, "/encrypted_data");
|
||||
return p;
|
||||
}
|
||||
|
||||
}
|
||||
+1
-1
@@ -5,7 +5,7 @@ import java.util.Properties;
|
||||
import com.eactive.eai.adapter.http.dynamic.filter.InCryptoFilter;
|
||||
|
||||
/**
|
||||
* TODO : 업체 암복호화에 맟추어 커스텀 필요
|
||||
* 토스뱅크 암복호화에 맟추어 커스텀 필요
|
||||
*/
|
||||
public class TossbankEncFieldInCryptoFilter extends EncFieldInCryptoFilter {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user