Pass Secured parameters in Lightning Community URL

Lighting communities is better and faster approach for modern day communities bundled with lot of native features, it is provides a unique customer experience with Salesforce platform.

PROBLEM STATEMENT

Sometimes you need to pass Salesforce recordIds, names etc in URL of public communities by doing so you are exposing confidential information to public users and which can be easily tempered.

URL -: yourcommunitydomanin.force.com/s/uid=0050rgrtsr56erY

SOLUTION

Encrypting and Decrypting is very easy in Salesforce using Crypto class. There are different algorithms which be used based on your choice.  For example :- AES128,AES192 etc.

Step 1 :- Get Encryption Key

This key will be used for encryption and decryption it should be the same key, it can be stored in Custom Label or a constant variable of Utility class.

 Blob key = Crypto.generateAesKey(128);
 String stringKey = EncodingUtil.base64Encode(key);
 // stringKey :- sERGHIjRmOatRbhN6XX7Jg==
Step 2 :- Encrypt Data
 // Sample Id = 0050rgrtsr56erY
Blob encryptedData = Crypto.encryptWithManagedIV('AES128',CRYPTOKEY,Blob.valueOf('0050rgrtsr56erY');
 String encrptedData = EncodingUtil.base64Encode(encryptedData);
 //your encrypted Id :- EbbAsfE0wqTdXztvhDm10QE1tisDI+jQMUg/TNKkEUw=
Step 2 :- Decrypt Data

Blob decryptedData = Crypto.decryptWithManagedIV('AES128',CRYPTOKEY,EncodingUtil.base64Decode(data));
 String finalData = decryptedData.toString();
 // Your Id = 0050rgrtsr56erY
Step 2 :- Complete Code
public class MyUtilityClass{

    public static final Blob CRYPTOKEY = EncodingUtil.base64Decode(Label.EncryptionKey);

	// Encrypt Data
    public static String getEncryptedData(String data){
        Blob encryptedData = Crypto.encryptWithManagedIV('AES128',CRYPTOKEY,Blob.valueOf(data));
        return EncodingUtil.base64Encode(encryptedData);
    }

    // Decrypt Data
    public static String getDecryptedData(String data){
        Blob decryptedData = Crypto.decryptWithManagedIV('AES128',CRYPTOKEY,EncodingUtil.base64Decode(data));
        return decryptedData.toString();
    }

}
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s