From 927c39be5ca81533b8cac217848be84e6570c517 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90Li?=
 <15040126243@163.com>
Date: Sat, 23 Dec 2023 23:07:48 +0800
Subject: [PATCH] =?UTF-8?q?fix=20=E4=BF=AE=E5=A4=8D=20CryptoFilter=20?=
 =?UTF-8?q?=E4=BB=A3=E7=A0=81=E9=80=BB=E8=BE=91=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/encrypt/filter/CryptoFilter.java   | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
index 84b85d38..8d898c04 100644
--- a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
+++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
@@ -37,7 +37,7 @@ public class CryptoFilter implements Filter {
         HttpServletRequest servletRequest = (HttpServletRequest) request;
         HttpServletResponse servletResponse = (HttpServletResponse) response;
 
-        boolean encryptFlag = false;
+        boolean responseFlag = false;
         ServletRequest requestWrapper = null;
         ServletResponse responseWrapper = null;
         EncryptResponseBodyWrapper responseBodyWrapper = null;
@@ -48,24 +48,24 @@ public class CryptoFilter implements Filter {
             if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) {
                 // 是否存在加密标头
                 String headerValue = servletRequest.getHeader(properties.getHeaderFlag());
+                // 获取加密注解
+                ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
+                responseFlag = apiEncrypt != null && apiEncrypt.response();
                 if (StringUtils.isNotBlank(headerValue)) {
                     // 请求解密
                     requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());
-                    // 获取加密注解
-                    ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
+                } else {
+                    // 是否有注解，有就报错，没有放行
                     if (ObjectUtil.isNotNull(apiEncrypt)) {
-                        // 响应加密标志
-                        encryptFlag = apiEncrypt.response();
-                    } else {
-                        // 是否有注解，有就报错，没有放行
-                        HandlerExceptionResolver exceptionResolver = SpringUtils.getBean(HandlerExceptionResolver.class);
+                        HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver", HandlerExceptionResolver.class);
                         exceptionResolver.resolveException(
                             servletRequest, servletResponse, null,
                             new ServiceException("没有访问权限，请联系管理员授权", HttpStatus.FORBIDDEN));
+                        return;
                     }
                 }
                 // 判断是否响应加密
-                if (encryptFlag) {
+                if (responseFlag) {
                     responseBodyWrapper = new EncryptResponseBodyWrapper(servletResponse);
                     responseWrapper = responseBodyWrapper;
                 }
@@ -76,7 +76,7 @@ public class CryptoFilter implements Filter {
             ObjectUtil.defaultIfNull(requestWrapper, request),
             ObjectUtil.defaultIfNull(responseWrapper, response));
 
-        if (encryptFlag) {
+        if (responseFlag) {
             servletResponse.reset();
             // 对原始内容加密
             String encryptContent = responseBodyWrapper.getEncryptContent(