移除 jasypt-spring-boot-starter 依赖，使用 hutool AES 替代

yudao-dependencies/pom.xml

@@ -43,7 +43,6 @@
         <!-- Bpm 工作流相关 -->
         <flowable.version>6.7.2</flowable.version>
         <!-- 工具类相关 -->
-        <jasypt-spring-boot-starter.version>3.0.4</jasypt-spring-boot-starter.version>
         <lombok.version>1.18.24</lombok.version>
         <mapstruct.version>1.5.3.Final</mapstruct.version>
         <hutool.version>5.8.9</hutool.version>
@@ -407,12 +406,6 @@
                 <version>${revision}</version>
             </dependency>
 
-            <dependency>
-                <groupId>com.github.ulisesbocchio</groupId>
-                <artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
-                <version>${jasypt-spring-boot-starter.version}</version>
-            </dependency>
-
             <dependency>
                 <groupId>cn.iocoder.boot</groupId>
                 <artifactId>yudao-spring-boot-starter-excel</artifactId>

yudao-framework/yudao-spring-boot-starter-mybatis/pom.xml

@@ -59,13 +59,6 @@
             <artifactId>dynamic-datasource-spring-boot-starter</artifactId> <!-- 多数据源 -->
         </dependency>
 
-        <!-- 工具类相关 -->
-        <dependency>
-            <groupId>com.github.ulisesbocchio</groupId>
-            <artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
-            <optional>true</optional>
-        </dependency>
-
     </dependencies>
 
 </project>

yudao-framework/yudao-spring-boot-starter-mybatis/src/main/java/cn/iocoder/yudao/framework/mybatis/core/type/EncryptTypeHandler.java

@@ -1,10 +1,11 @@
 package cn.iocoder.yudao.framework.mybatis.core.type;
 
 import cn.hutool.core.lang.Assert;
+import cn.hutool.crypto.SecureUtil;
+import cn.hutool.crypto.symmetric.AES;
 import cn.hutool.extra.spring.SpringUtil;
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
-import org.jasypt.encryption.StringEncryptor;
 
 import java.sql.CallableStatement;
 import java.sql.PreparedStatement;
@@ -12,18 +13,20 @@ import java.sql.ResultSet;
 import java.sql.SQLException;
 
 /**
- * 字段字段的 TypeHandler 实现类，基于 {@link StringEncryptor} 实现
+ * 字段字段的 TypeHandler 实现类，基于 {@link cn.hutool.crypto.symmetric.AES} 实现
  * 可通过 jasypt.encryptor.password 配置项，设置密钥
  *
  * @author 芋道源码
  */
 public class EncryptTypeHandler extends BaseTypeHandler<String> {
 
-    private static StringEncryptor encryptor;
+    private static final String ENCRYPTOR_PROPERTY_NAME = "mybatis-plus.encryptor.password";
+
+    private static AES aes;
 
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, String parameter, JdbcType jdbcType) throws SQLException {
-        ps.setString(i, getEncryptor().encrypt(parameter));
+        ps.setString(i, encrypt(parameter));
     }
 
     @Override
@@ -48,23 +51,25 @@ public class EncryptTypeHandler extends BaseTypeHandler<String> {
         if (value == null) {
             return null;
         }
-        return getEncryptor().decrypt(value);
+        return getEncryptor().decryptStr(value);
     }
 
     public static String encrypt(String rawValue) {
         if (rawValue == null) {
             return null;
         }
-        return getEncryptor().encrypt(rawValue);
+        return getEncryptor().encryptBase64(rawValue);
     }
 
-    private static StringEncryptor getEncryptor() {
-        if (encryptor != null) {
-            return encryptor;
+    private static AES getEncryptor() {
+        if (aes != null) {
+            return aes;
         }
-        encryptor = SpringUtil.getBean(StringEncryptor.class);
-        Assert.notNull(encryptor, "StringEncryptor 不能为空");
-        return encryptor;
+        // 构建 AES
+        String password = SpringUtil.getProperty(ENCRYPTOR_PROPERTY_NAME);
+        Assert.notEmpty(password, "配置项({}) 不能为空", ENCRYPTOR_PROPERTY_NAME);
+        aes = SecureUtil.aes(password.getBytes());
+        return aes;
     }
 
 }

yudao-module-infra/yudao-module-infra-biz/pom.xml

@@ -83,10 +83,6 @@
         </dependency>
 
         <!-- 工具类相关 -->
-        <dependency>
-            <groupId>com.github.ulisesbocchio</groupId>
-            <artifactId>jasypt-spring-boot-starter</artifactId> <!-- 加解密 -->
-        </dependency>
 
         <dependency>
             <groupId>cn.iocoder.boot</groupId>

yudao-module-infra/yudao-module-infra-biz/src/test/java/cn/iocoder/yudao/module/infra/service/db/DataSourceConfigServiceImplTest.java

@@ -1,6 +1,7 @@
 package cn.iocoder.yudao.module.infra.service.db;
 
 import cn.hutool.core.util.ReflectUtil;
+import cn.hutool.crypto.symmetric.AES;
 import cn.iocoder.yudao.framework.mybatis.core.type.EncryptTypeHandler;
 import cn.iocoder.yudao.framework.mybatis.core.util.JdbcUtils;
 import cn.iocoder.yudao.framework.test.core.ut.BaseDbUnitTest;
@@ -9,7 +10,6 @@ import cn.iocoder.yudao.module.infra.controller.admin.db.vo.DataSourceConfigUpda
 import cn.iocoder.yudao.module.infra.dal.dataobject.db.DataSourceConfigDO;
 import cn.iocoder.yudao.module.infra.dal.mysql.db.DataSourceConfigMapper;
 import com.baomidou.dynamic.datasource.spring.boot.autoconfigure.DynamicDataSourceProperties;
-import org.jasypt.encryption.StringEncryptor;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.MockedStatic;
@@ -24,7 +24,8 @@ import static cn.iocoder.yudao.framework.test.core.util.AssertUtils.assertServic
 import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomLongId;
 import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.randomPojo;
 import static cn.iocoder.yudao.module.infra.enums.ErrorCodeConstants.DATA_SOURCE_CONFIG_NOT_EXISTS;
-import static org.junit.jupiter.api.Assertions.*;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.mockito.ArgumentMatchers.anyString;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mockStatic;
@@ -45,7 +46,7 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest {
     private DataSourceConfigMapper dataSourceConfigMapper;
 
     @MockBean
-    private StringEncryptor stringEncryptor;
+    private AES aes;
 
     @MockBean
     private DynamicDataSourceProperties dynamicDataSourceProperties;
@@ -53,9 +54,9 @@ public class DataSourceConfigServiceImplTest extends BaseDbUnitTest {
     @BeforeEach
     public void setUp() {
         // mock 一个空实现的 StringEncryptor，避免 EncryptTypeHandler 报错
-        ReflectUtil.setFieldValue(EncryptTypeHandler.class, "encryptor", stringEncryptor);
-        when(stringEncryptor.encrypt(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
-        when(stringEncryptor.decrypt(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
+        ReflectUtil.setFieldValue(EncryptTypeHandler.class, "aes", aes);
+        when(aes.encryptBase64(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
+        when(aes.decryptStr(anyString())).then((Answer<String>) invocation -> invocation.getArgument(0));
     }
 
     @Test

yudao-server/src/main/resources/application-dev.yaml

@@ -63,10 +63,6 @@ spring:
     database: 1 # 数据库索引
 #    password: 123456 # 密码，建议生产环境开启
 
-jasypt:
-  encryptor:
-    password: yuanma # 加解密的秘钥
-
 --- #################### 定时任务相关配置 ####################
 
 # Quartz 配置项，对应 QuartzProperties 配置类

yudao-server/src/main/resources/application-local.yaml

@@ -45,37 +45,33 @@ spring:
       datasource:
         master:
           name: ruoyi-vue-pro
-          url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
+          url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
           #          url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例
           #          url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例
           #          url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例
           #          url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.master.name} # SQLServer 连接的示例
           username: root
-          password: ${RUOYI_VUE_PRO}
+          password: 123456
         #          username: sa
         #          password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W
         slave: # 模拟从库，可根据自己需要修改
           name: ruoyi-vue-pro
-          url: jdbc:mysql://139.9.196.247:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
+          url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.master.name}?allowMultiQueries=true&useUnicode=true&useSSL=false&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&autoReconnect=true&nullCatalogMeansCurrent=true # MySQL Connector/J 8.X 连接的示例
           #          url: jdbc:mysql://127.0.0.1:3306/${spring.datasource.dynamic.datasource.slave.name}?useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&characterEncoding=UTF-8&serverTimezone=CTT # MySQL Connector/J 5.X 连接的示例
           #          url: jdbc:postgresql://127.0.0.1:5432/${spring.datasource.dynamic.datasource.slave.name} # PostgreSQL 连接的示例
           #          url: jdbc:oracle:thin:@127.0.0.1:1521:xe # Oracle 连接的示例
           #          url: jdbc:sqlserver://127.0.0.1:1433;DatabaseName=${spring.datasource.dynamic.datasource.slave.name} # SQLServer 连接的示例
           username: root
-          password: ${RUOYI_VUE_PRO}
+          password: 123456
   #          username: sa
   #          password: JSm:g(*%lU4ZAkz06cd52KqT3)i1?H7W
 
   # Redis 配置。Redisson 默认的配置足够使用，一般不需要进行调优
   redis:
-    host: 139.9.196.247 # 地址
+    host: 127.0.0.1 # 地址
     port: 6379 # 端口
     database: 0 # 数据库索引
-    password: 123456 # 密码，建议生产环境开启
-
-jasypt:
-  encryptor:
-    password: yuanma # 加解密的秘钥
+#    password: 123456 # 密码，建议生产环境开启
 
 --- #################### 定时任务相关配置 ####################
 

yudao-server/src/main/resources/application.yaml

@@ -56,6 +56,8 @@ mybatis-plus:
       logic-delete-value: 1 # 逻辑已删除值(默认为 1)
       logic-not-delete-value: 0 # 逻辑未删除值(默认为 0)
   type-aliases-package: ${yudao.info.base-package}.module.*.dal.dataobject
+  encryptor:
+    password: XDV71a+xqStEA3WH # 加解密的秘钥，可使用 https://www.imaegoo.com/2020/aes-key-generator/ 网站生成
 
 --- #################### 验证码相关配置 ####################