SpringbootブロッキングによるIPブラックリストの実装

6129 ワード

SpringbootブロッキングによるIPブラックリストの実装


一・業務シーンと実現すべき機能

 redis  IP      。

    :                 ,            。

    :            IP,        , ip     redis ,    redis     ip

二・Springbootでブロックを定義する


@Order(0)
@Aspect
@Component
public class AopInterceptor {


    /**
     *        
     */
    @Pointcut("execution(* com.test.test.api.controller.test.test.*(..))")
    public void pointCut() {
    }

      /**
     *        
     *
     * @throws Throwable
     */
    @Around(value = "pointCut()")
    public Object around(ProceedingJoinPoint point) throws Throwable {
        try {

            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
            //          
            String ip = getIpAddress(request);
            if (checkIpBlack(ip)) {
                //ip       false
                //return false;
                DefaultResponse defaultResponse = new DefaultResponse();
                defaultResponse.setCode(-1);
                defaultResponse.setMessage("ip     ,    .");
                SysLogHelper.log("IpBlackAopInterceptor", "    ip" + ip, "ip     ,    ");
                return defaultResponse;
            } else {
                //ip        true
                SysLogHelper.log("IpBlackAopInterceptor", "    ip" + ip, "ip  ,    ");
                return point.proceed();
            }


        } catch (Exception e) {
            e.printStackTrace();
            SysLogHelper.error("IpBlackAopInterceptor       :", ExceptionUtils.getMessage(e) + "  " + ExceptionUtils.getStackTrace(e), null);
        }
        return point.getArgs();
    }

    //      IP       ,  (     ip   redis )
    public boolean checkIpBlack(String ip) throws Exception {
        IpBlackBody body = new IpBlackBody();
        body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);
        if (body != null) {
            for (int i = 0; i < body.getIp().length; i++) {
                if (body.getIp()[i].equals(ip))
                    return true;
            }
        }
        return false;
    }

}

三、要求ホストIPアドレスの取得

 public final static String getIpAddress(HttpServletRequest request)
            throws IOException {
        //       IP  ,        ,          IP  

        String ip = request.getHeader("x-forwarded-for");

        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            if (ip == null || ip.length() == 0
                    || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("Proxy-Client-IP");
            }
            if (ip == null || ip.length() == 0
                    || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("WL-Proxy-Client-IP");
            }
            if (ip == null || ip.length() == 0
                    || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_CLIENT_IP");
            }
            if (ip == null || ip.length() == 0
                    || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_X_FORWARDED_FOR");
            }
            if (ip == null || ip.length() == 0
                    || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getRemoteAddr();
            }
        } else if (ip.length() > 15) {
            String[] ips = ip.split(",");
            for (int index = 0; index < ips.length; index++) {
                String strIp = (String) ips[index];
                if (!("unknown".equalsIgnoreCase(strIp))) {
                    ip = strIp;
                    break;
                }
            }
        }

        return ip;
    }

四・インタフェースを拡張し、ブラックリストIPをredisに書き込むことを実現し、現在のすべてのブラックリストIPに戻る

@RestController
public class IpBlackController {

    @Autowired(required = false)
    private CacheHelper cacheHelper;

    @PostMapping("/testIpBlack")
    public IpBlackBody IpBlack(@RequestBody IpBlackBody ipBlackBody) throws Exception {

        IpBlackBody body = new IpBlackBody();
        body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);

        if (body != null) {
            //    IP redis   ip
            linkArray(body.getIp(), ipBlackBody.getIp());
            //     body
            body.setIp(linkArray(body.getIp(), ipBlackBody.getIp()));
            //setex         S,          ,        
            // body     ip      redis 
            cacheHelper.setex("IpBlack:ips", 86400, body);

        } else {
            cacheHelper.setex("IpBlack:ips", 86400, ipBlackBody);
            body = cacheHelper.get("IpBlack:ips", IpBlackBody.class);
            return body;
        }
        return body;
    }

    //    String[]   
    public static String[] linkArray(String[] array1, String[] array2) {

        List list = new ArrayList<>();
        if (array1 == null) {
            return array2;
        }
        if (array2 == null) {
            return array1;
        }
        for (int i = 0; i < array1.length; i++) {
            list.add(array1[i]);
        }
        for (int i = 0; i < array2.length; i++) {
            list.add(array2[i]);
        }
        String[] returnValue = new String[list.size()];
        for (int i = 0; i < list.size(); i++) {

            returnValue[i] = list.get(i);
        }
        return returnValue;
    }

}

  :         controller      controller ,                ,          :
1.            ip  
2.    ip       (        redis     ip  )
             redis  ,        IP     redis               IP  。
  :  springboot                  。