Filterで伝達パラメータを取得する(post要求パラメータ問題を解決する)
8219 ワード
1.GETで渡されるパラメータは、request.get Parameeterによって直接取得することができます。
2.Post転送の発生は、request.get InputStream()から直接読み取ることができず、書き換えが必要です。(request.get InputStream()は一回しか読めません。)
方式:書き換えによる HttpServletRequest Wrapper類はget InputStreamのストリームデータを取得し、bodyデータを書き換えて転送します。
XyRequest Wrapper類:
package com.xy.boot.cmiap.filter;
import com.alibaba.fastjson.JSONObject;
import com.xy.boot.common.util.StringUtils;
import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper;
import org.apache.commons.codec.Charsets;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
/**
* Created by fuwenshen
* Date:2018/10/26
* Time:12:21
*/
public class XyRequestWrapper extends HttpServletRequestWrapper {
private String body;
public XyRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
StringBuilder stringBuilder = new StringBuilder();
BufferedReader bufferedReader = null;
try {
InputStream inputStream = request.getInputStream();
if (inputStream != null) {
bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8"));
char[] charBuffer = new char[128];
int bytesRead = -1;
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
stringBuilder.append(charBuffer, 0, bytesRead);
}
} else {
stringBuilder.append("");
}
} catch (IOException ex) {
throw ex;
} finally {
if (bufferedReader != null) {
try {
bufferedReader.close();
} catch (IOException ex) {
throw ex;
}
}
}
body = stringBuilder.toString();
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8"));
ServletInputStream servletInputStream = new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return byteArrayInputStream.read();
}
};
return servletInputStream;
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8));
}
public String getBody() {
return this.body;
}
@Override
public String getParameter(String name) {
return super.getParameter(name);
}
@Override
public Map getParameterMap() {
return super.getParameterMap();
}
@Override
public Enumeration getParameterNames() {
return super.getParameterNames();
}
@Override
public String[] getParameterValues(String name) {
return super.getParameterValues(name);
}
/**
* post //
*
* @param paramMaps
* @return
*/
public void setParamsMaps(Map paramMaps) {
Map paramBodyMap = new HashMap();
if (!StringUtils.isEmpty(body)) {
paramBodyMap = JSONObject.parseObject(body, Map.class);
}
paramBodyMap.putAll(paramMaps);
body = JSONObject.toJSONString(paramBodyMap);
}
}
XySecurityFilterpackage com.xy.boot.cmiap.filter;
import com.alibaba.fastjson.JSONObject;
import com.xy.boot.cmiap.bo.VerifyTokenResultBO;
import com.xy.boot.cmiap.constant.HttpConstant;
import com.xy.boot.cmiap.entity.enums.XyHttpCodeEnum;
import com.xy.boot.cmiap.service.IXySecurityService;
import com.xy.boot.cmiap.service.helper.XyHttpSecurityHelper;
import com.xy.boot.common.util.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
/**
* Created by fuwenshen
* Date:2018/10/29
* Time:15:36
*/
@Component
@Slf4j
@WebFilter(filterName = "xySecurityFilter", urlPatterns = {"/api/adv/*"})
public class XySecurityFilter implements Filter {
@Value("${verify_token_switch}")
private boolean tokenSwitch;
@Value("${zy.app_secret}")
private String zyAppSecret;
@Value("${zy.token}")
private String zyToken;
// token bo
private VerifyTokenResultBO tokenBO=null;
@Autowired
private IXySecurityService iXySecurityService;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
log.debug(" XySecurityFilter!");
//
TreeMap paramsMaps = new TreeMap();
String token = null, v = null, timestamp = null, sign = null;
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
resp.setCharacterEncoding("UTF-8");
resp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
/**
*
*/
token = req.getHeader(HttpConstant.TOKEN);
v = req.getHeader(HttpConstant.V);
timestamp = req.getHeader(HttpConstant.TIMESTAMP);
sign = req.getHeader(HttpConstant.SIGN);
if (StringUtils.isEmpty(token) || StringUtils.isEmpty(v) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(sign)) {
resp.sendError(XyHttpCodeEnum.ILLEGAL_REQUEST.getCode(), XyHttpCodeEnum.ILLEGAL_REQUEST.getMessage());
return;
}
// ,
XyRequestWrapper requestWrapper = new XyRequestWrapper(req);
/**
* token
*/
/*********************************************************/
/**
*
*/
if ("POST".equals(req.getMethod().toUpperCase())) {
String body = requestWrapper.getBody();
paramsMaps = JSONObject.parseObject(body, TreeMap.class);
log.debug("parameterMap:" + paramsMaps.toString());
} else {
Map parameterMap = requestWrapper.getParameterMap();
Set> entries = parameterMap.entrySet();
Iterator> iterator = entries.iterator();
while (iterator.hasNext()) {
Map.Entry next = iterator.next();
paramsMaps.put(next.getKey(), next.getValue()[0]);
}
log.debug("parameterMap:" + paramsMaps.toString());
}
/**
*
*/
/***************************************/
// ( )
if(tokenBO!=null){
Map paramsPlus = new HashMap();
paramsPlus.put(HttpConstant.TOKEN, tokenBO.getTokenCode());
paramsPlus.put(HttpConstant.APPID, tokenBO.getAppid());
requestWrapper.setParamsMaps(paramsPlus);
}
chain.doFilter(requestWrapper, response);
}
@Override
public void destroy() {
}
}