时间:2022-07-12 10:55:48 | 栏目:JAVA代码 | 点击:次
参数可以直接通过request.getParameter获取。
产生不能过直接从request.getInputStream() 读取,必须要进行重新写。(request.getInputStream()只能够读取一次)
方式:
通过重写 HttpServletRequestWrapper 类 获取getInputStream中的流数据,然后在将body数据进行重新写入传递下去。
package com.xy.boot.cmiap.filter; import com.alibaba.fastjson.JSONObject; import com.xy.boot.common.util.StringUtils; import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper; import org.apache.commons.codec.Charsets; import javax.servlet.ReadListener; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import java.io.*; import java.util.Enumeration; import java.util.HashMap; import java.util.Map; /** * Created by fuwenshen * Date:2018/10/26 * Time:12:21 */ public class XyRequestWrapper extends HttpServletRequestWrapper { private String body; public XyRequestWrapper(HttpServletRequest request) throws IOException { super(request); StringBuilder stringBuilder = new StringBuilder(); BufferedReader bufferedReader = null; try { InputStream inputStream = request.getInputStream(); if (inputStream != null) { bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8")); char[] charBuffer = new char[128]; int bytesRead = -1; while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { stringBuilder.append(charBuffer, 0, bytesRead); } } else { stringBuilder.append(""); } } catch (IOException ex) { throw ex; } finally { if (bufferedReader != null) { try { bufferedReader.close(); } catch (IOException ex) { throw ex; } } } body = stringBuilder.toString(); } @Override public ServletInputStream getInputStream() throws IOException { final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8")); ServletInputStream servletInputStream = new ServletInputStream() { @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } @Override public int read() throws IOException { return byteArrayInputStream.read(); } }; return servletInputStream; } @Override public BufferedReader getReader() throws IOException { return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8)); } public String getBody() { return this.body; } @Override public String getParameter(String name) { return super.getParameter(name); } @Override public Map<String, String[]> getParameterMap() { return super.getParameterMap(); } @Override public Enumeration<String> getParameterNames() { return super.getParameterNames(); } @Override public String[] getParameterValues(String name) { return super.getParameterValues(name); } /** * 设置自定义post参数 // * * @param paramMaps * @return */ public void setParamsMaps(Map paramMaps) { Map paramBodyMap = new HashMap(); if (!StringUtils.isEmpty(body)) { paramBodyMap = JSONObject.parseObject(body, Map.class); } paramBodyMap.putAll(paramMaps); body = JSONObject.toJSONString(paramBodyMap); } }
package com.xy.boot.cmiap.filter; import com.alibaba.fastjson.JSONObject; import com.xy.boot.cmiap.bo.VerifyTokenResultBO; import com.xy.boot.cmiap.constant.HttpConstant; import com.xy.boot.cmiap.entity.enums.XyHttpCodeEnum; import com.xy.boot.cmiap.service.IXySecurityService; import com.xy.boot.cmiap.service.helper.XyHttpSecurityHelper; import com.xy.boot.common.util.StringUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.*; /** * Created by fuwenshen * Date:2018/10/29 * Time:15:36 */ @Component @Slf4j @WebFilter(filterName = "xySecurityFilter", urlPatterns = {"/api/adv/*"}) public class XySecurityFilter implements Filter { @Value("${verify_token_switch}") private boolean tokenSwitch; @Value("${zy.app_secret}") private String zyAppSecret; @Value("${zy.token}") private String zyToken; //验证 token bo private VerifyTokenResultBO tokenBO=null; @Autowired private IXySecurityService iXySecurityService; @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { log.debug("进入XySecurityFilter!"); // 参数集合 初始化 TreeMap paramsMaps = new TreeMap(); String token = null, v = null, timestamp = null, sign = null; HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; resp.setCharacterEncoding("UTF-8"); resp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); /** * 验证通用请求头是否完整 */ token = req.getHeader(HttpConstant.TOKEN); v = req.getHeader(HttpConstant.V); timestamp = req.getHeader(HttpConstant.TIMESTAMP); sign = req.getHeader(HttpConstant.SIGN); if (StringUtils.isEmpty(token) || StringUtils.isEmpty(v) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(sign)) { resp.sendError(XyHttpCodeEnum.ILLEGAL_REQUEST.getCode(), XyHttpCodeEnum.ILLEGAL_REQUEST.getMessage()); return; } // 防止流读取一次后就没有了, 所以需要将流继续写出去 XyRequestWrapper requestWrapper = new XyRequestWrapper(req); /** * 校验token */ /*********************************************************/ /** * 获取请求参数 */ if ("POST".equals(req.getMethod().toUpperCase())) { String body = requestWrapper.getBody(); paramsMaps = JSONObject.parseObject(body, TreeMap.class); log.debug("parameterMap:" + paramsMaps.toString()); } else { Map<String, String[]> parameterMap = requestWrapper.getParameterMap(); Set<Map.Entry<String, String[]>> entries = parameterMap.entrySet(); Iterator<Map.Entry<String, String[]>> iterator = entries.iterator(); while (iterator.hasNext()) { Map.Entry<String, String[]> next = iterator.next(); paramsMaps.put(next.getKey(), next.getValue()[0]); } log.debug("parameterMap:" + paramsMaps.toString()); } /** * 验证签名是否合法 */ /***************************************/ //设置企业信息(自定义参数) if(tokenBO!=null){ Map paramsPlus = new HashMap(); paramsPlus.put(HttpConstant.TOKEN, tokenBO.getTokenCode()); paramsPlus.put(HttpConstant.APPID, tokenBO.getAppid()); requestWrapper.setParamsMaps(paramsPlus); } chain.doFilter(requestWrapper, response); } @Override public void destroy() { } }