In This post We will learn how one can encrypt and decrypt a url using apex.
Sometimes requirement comes when we have to generate a visualforce page url so that user click on this url and open that page and perform some operation but there is also some security risks associated with it .
What if someone use that url and changes the values of user by using url.
So security is the major concern with the urls . to overcome this problem apex already have some predefined methods to encrypt and decrypt a url .
Now the question is how one can encrypt and decrypt a url by using these functions
Here are the steps :
- Create a RichtextArea field in object to store encrypted url.
- Associate A unique id with your visual force page link . so that you can encrypt or encode this id
like : https://visualforce.com/apex/VFTestPAge?id=’+encodedId’
This id can be any unique value like record id(here we are using account id).
- Later we can decrypt url in the user end so that user can easily open url.
Steps For URL Encryption :
- Generate an AES key to perform Encryption
Blob key = Blob.valueOf(‘aAk!h@37WQ9bsAfk’);
2 . Create a Encoded cypher text.
Here we are encoding accountid into cypertext . so consider acc.id as account id .
string encodedCipherText = EncodingUtil.base64Encode(Crypto.encryptWithManagedIV('AES128', key, Blob.valueOf(acc.Id)));
3. Encode cypher text using URLEncode method
string encodedId = encodingUtil.URLEncode(encodedCipherText,’UTF-8′);
4. Now Embed encodeId to your visualforce page url like
https://c.visualforce.com/apex/visualforcePage?id=’+encodedId
Steps For URL Decryption :
1 . Get the visual force page parameter
string encodedAccountid = ApexPages.currentPage().getParameters().get(‘id’);
2. Decode paramter id into blob
Blob blobData = EncodingUtil.base64Decode(encodedcontactid);
3. Decyrpt id using key
Blob decryptedBlob = Crypto.decryptWithManagedIV(‘AES128’, key, blobData);
4 . Convert blob to string
string decodedId = decryptedBlob.toString();
Example Code :
Encryption : Code for Encryption
Blob key = Blob.valueOf('aAk!h@37WQ9bsAfk');
string encodedCipherText = EncodingUtil.base64Encode(Crypto.encryptWithManagedIV('AES128', key, Blob.valueOf(c.Id)));
string encodedId = encodingUtil.URLEncode(encodedCipherText,'UTF-8');
Encrypted_URL__c = 'https://c.visualforce.com/apex/visualforcepage?id='+encodedId));
Decryption : Code for Decryption
Blob key = Blob.valueOf('aAk!h@37WQ9bsAfk');
string encodedcontactid = ApexPages.currentPage().getParameters().get('id');
Blob blobData = EncodingUtil.base64Decode(encodedcontactid);
Blob decryptedBlob = Crypto.decryptWithManagedIV('AES128', key, blobData);
string decodedId = decryptedBlob.toString();
Decrypted_URL__c = 'https://c.visualforce.com/apex/visualforcepage?id='+decodedId));
Hits: 3092