Filter中获取传递参数方式(解决Post请求参数问题)

1. GET中传递的参数可以直接通过request.getParameter获取。

2. Post 传递的产生不能过直接从request.getInputStream() 读取,必须要进行重新写。(request.getInputStream()只能够读取一次

方式: 通过重写HttpServletRequestWrapper 类 获取getInputStream中的流数据,然后在将body数据进行重新写入传递下去。

XyRequestWrapper 类:

package com.xy.boot.cmiap.filter;

import com.alibaba.fastjson.JSONObject;
import com.xy.boot.common.util.StringUtils;
import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper;
import org.apache.commons.codec.Charsets;

import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;

/**
 * Created by fuwenshen
 * Date:2018/10/26
 * Time:12:21
 */
public class XyRequestWrapper extends HttpServletRequestWrapper {


    private String body;

    public XyRequestWrapper(HttpServletRequest request) throws IOException {
        super(request);
        StringBuilder stringBuilder = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            InputStream inputStream = request.getInputStream();
            if (inputStream != null) {
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8"));
                char[] charBuffer = new char[128];
                int bytesRead = -1;
                while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
                    stringBuilder.append(charBuffer, 0, bytesRead);
                }
            } else {
                stringBuilder.append("");
            }
        } catch (IOException ex) {
            throw ex;
        } finally {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException ex) {
                    throw ex;
                }
            }
        }
        body = stringBuilder.toString();
    }


    @Override
    public ServletInputStream getInputStream() throws IOException {
        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8"));
        ServletInputStream servletInputStream = new ServletInputStream() {
            @Override
            public boolean isFinished() {
                return false;
            }

            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setReadListener(ReadListener readListener) {

            }

            @Override
            public int read() throws IOException {
                return byteArrayInputStream.read();
            }
        };
        return servletInputStream;
    }


    @Override
    public BufferedReader getReader() throws IOException {
        return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8));
    }

    public String getBody() {
        return this.body;
    }


    @Override
    public String getParameter(String name) {
        return super.getParameter(name);
    }

    @Override
    public Map<String, String[]> getParameterMap() {
        return super.getParameterMap();
    }

    @Override
    public Enumeration<String> getParameterNames() {
        return super.getParameterNames();
    }

    @Override
    public String[] getParameterValues(String name) {
        return super.getParameterValues(name);
    }


    /**
     * 设置自定义post参数 //
     *
     * @param paramMaps
     * @return
     */
    public void setParamsMaps(Map paramMaps) {
        Map paramBodyMap = new HashMap();
        if (!StringUtils.isEmpty(body)) {
            paramBodyMap = JSONObject.parseObject(body, Map.class);
        }
        paramBodyMap.putAll(paramMaps);
        body = JSONObject.toJSONString(paramBodyMap);
    }
}

XySecurityFilter

package com.xy.boot.cmiap.filter;

import com.alibaba.fastjson.JSONObject;
import com.xy.boot.cmiap.bo.VerifyTokenResultBO;
import com.xy.boot.cmiap.constant.HttpConstant;
import com.xy.boot.cmiap.entity.enums.XyHttpCodeEnum;
import com.xy.boot.cmiap.service.IXySecurityService;
import com.xy.boot.cmiap.service.helper.XyHttpSecurityHelper;
import com.xy.boot.common.util.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;

/**
 * Created by fuwenshen
 * Date:2018/10/29
 * Time:15:36
 */
@Component
@Slf4j
@WebFilter(filterName = "xySecurityFilter", urlPatterns = {"/api/adv/*"})
public class XySecurityFilter implements Filter {

    @Value("${verify_token_switch}")
    private boolean tokenSwitch;
    @Value("${zy.app_secret}")
    private String zyAppSecret;
    @Value("${zy.token}")
    private String zyToken;

    //验证 token bo
    private VerifyTokenResultBO tokenBO=null;

    @Autowired
    private IXySecurityService iXySecurityService;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        log.debug("进入XySecurityFilter!");
        // 参数集合 初始化
        TreeMap paramsMaps = new TreeMap();
        String token = null, v = null, timestamp = null, sign = null;

        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        resp.setCharacterEncoding("UTF-8");
        resp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        /**
         * 验证通用请求头是否完整
         */
        token = req.getHeader(HttpConstant.TOKEN);
        v = req.getHeader(HttpConstant.V);
        timestamp = req.getHeader(HttpConstant.TIMESTAMP);
        sign = req.getHeader(HttpConstant.SIGN);
        if (StringUtils.isEmpty(token) || StringUtils.isEmpty(v) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(sign)) {
            resp.sendError(XyHttpCodeEnum.ILLEGAL_REQUEST.getCode(), XyHttpCodeEnum.ILLEGAL_REQUEST.getMessage());
            return;
        }

        // 防止流读取一次后就没有了, 所以需要将流继续写出去
        XyRequestWrapper requestWrapper = new XyRequestWrapper(req);

        /**
         * 校验token
         */
        /*********************************************************/


        /**
         * 获取请求参数
         */
        if ("POST".equals(req.getMethod().toUpperCase())) {
            String body = requestWrapper.getBody();
            paramsMaps = JSONObject.parseObject(body, TreeMap.class);
            log.debug("parameterMap:" + paramsMaps.toString());

        } else {

            Map<String, String[]> parameterMap = requestWrapper.getParameterMap();
            Set<Map.Entry<String, String[]>> entries = parameterMap.entrySet();
            Iterator<Map.Entry<String, String[]>> iterator = entries.iterator();
            while (iterator.hasNext()) {
                Map.Entry<String, String[]> next = iterator.next();
                paramsMaps.put(next.getKey(), next.getValue()[0]);
            }
            log.debug("parameterMap:" + paramsMaps.toString());
        }


        /**
         * 验证签名是否合法
         */
        /***************************************/

        //设置企业信息(自定义参数)
        if(tokenBO!=null){
            Map paramsPlus = new HashMap();
            paramsPlus.put(HttpConstant.TOKEN, tokenBO.getTokenCode());
            paramsPlus.put(HttpConstant.APPID, tokenBO.getAppid());
            requestWrapper.setParamsMaps(paramsPlus);
        }

        chain.doFilter(requestWrapper, response);

    }


    @Override
    public void destroy() {

    }
}
收藏 (0)
评论列表
正在载入评论列表...
我是有底线的
为您推荐
    暂时没有数据