Filter中获取传递参数
1. GET 传递
参数可以直接通过request.getParameter获取。
2. Post 传递
产生不能过直接从request.getInputStream() 读取,必须要进行重新写。(request.getInputStream()只能够读取一次)
方式:
通过重写 HttpServletRequestWrapper 类 获取getInputStream中的流数据,然后在将body数据进行重新写入传递下去。
XyRequestWrapper 类
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
package com.xy.boot.cmiap.filter; import com.alibaba.fastjson.JSONObject; import com.xy.boot.common.util.StringUtils; import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper; import org.apache.commons.codec.Charsets; import javax.servlet.ReadListener; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import java.io.*; import java.util.Enumeration; import java.util.HashMap; import java.util.Map; /** * Created by fuwenshen * Date:2018/10/26 * Time:12:21 */ public class XyRequestWrapper extends HttpServletRequestWrapper { private String body; public XyRequestWrapper(HttpServletRequest request) throws IOException { super (request); StringBuilder stringBuilder = new StringBuilder(); BufferedReader bufferedReader = null ; try { InputStream inputStream = request.getInputStream(); if (inputStream != null ) { bufferedReader = new BufferedReader( new InputStreamReader(inputStream, "UTF-8" )); char [] charBuffer = new char [ 128 ]; int bytesRead = - 1 ; while ((bytesRead = bufferedReader.read(charBuffer)) > 0 ) { stringBuilder.append(charBuffer, 0 , bytesRead); } } else { stringBuilder.append( "" ); } } catch (IOException ex) { throw ex; } finally { if (bufferedReader != null ) { try { bufferedReader.close(); } catch (IOException ex) { throw ex; } } } body = stringBuilder.toString(); } @Override public ServletInputStream getInputStream() throws IOException { final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes( "UTF-8" )); ServletInputStream servletInputStream = new ServletInputStream() { @Override public boolean isFinished() { return false ; } @Override public boolean isReady() { return false ; } @Override public void setReadListener(ReadListener readListener) { } @Override public int read() throws IOException { return byteArrayInputStream.read(); } }; return servletInputStream; } @Override public BufferedReader getReader() throws IOException { return new BufferedReader( new InputStreamReader( this .getInputStream(), Charsets.UTF_8)); } public String getBody() { return this .body; } @Override public String getParameter(String name) { return super .getParameter(name); } @Override public Map<String, String[]> getParameterMap() { return super .getParameterMap(); } @Override public Enumeration<String> getParameterNames() { return super .getParameterNames(); } @Override public String[] getParameterValues(String name) { return super .getParameterValues(name); } /** * 设置自定义post参数 // * * @param paramMaps * @return */ public void setParamsMaps(Map paramMaps) { Map paramBodyMap = new HashMap(); if (!StringUtils.isEmpty(body)) { paramBodyMap = JSONObject.parseObject(body, Map. class ); } paramBodyMap.putAll(paramMaps); body = JSONObject.toJSONString(paramBodyMap); } } |
XySecurityFilter
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
package com.xy.boot.cmiap.filter; import com.alibaba.fastjson.JSONObject; import com.xy.boot.cmiap.bo.VerifyTokenResultBO; import com.xy.boot.cmiap.constant.HttpConstant; import com.xy.boot.cmiap.entity.enums.XyHttpCodeEnum; import com.xy.boot.cmiap.service.IXySecurityService; import com.xy.boot.cmiap.service.helper.XyHttpSecurityHelper; import com.xy.boot.common.util.StringUtils; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.*; /** * Created by fuwenshen * Date:2018/10/29 * Time:15:36 */ @Component @Slf4j @WebFilter (filterName = "xySecurityFilter" , urlPatterns = { "/api/adv/*" }) public class XySecurityFilter implements Filter { @Value ( "${verify_token_switch}" ) private boolean tokenSwitch; @Value ( "${zy.app_secret}" ) private String zyAppSecret; @Value ( "${zy.token}" ) private String zyToken; //验证 token bo private VerifyTokenResultBO tokenBO= null ; @Autowired private IXySecurityService iXySecurityService; @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { log.debug( "进入XySecurityFilter!" ); // 参数集合 初始化 TreeMap paramsMaps = new TreeMap(); String token = null , v = null , timestamp = null , sign = null ; HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; resp.setCharacterEncoding( "UTF-8" ); resp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); /** * 验证通用请求头是否完整 */ token = req.getHeader(HttpConstant.TOKEN); v = req.getHeader(HttpConstant.V); timestamp = req.getHeader(HttpConstant.TIMESTAMP); sign = req.getHeader(HttpConstant.SIGN); if (StringUtils.isEmpty(token) || StringUtils.isEmpty(v) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(sign)) { resp.sendError(XyHttpCodeEnum.ILLEGAL_REQUEST.getCode(), XyHttpCodeEnum.ILLEGAL_REQUEST.getMessage()); return ; } // 防止流读取一次后就没有了, 所以需要将流继续写出去 XyRequestWrapper requestWrapper = new XyRequestWrapper(req); /** * 校验token */ /*********************************************************/ /** * 获取请求参数 */ if ( "POST" .equals(req.getMethod().toUpperCase())) { String body = requestWrapper.getBody(); paramsMaps = JSONObject.parseObject(body, TreeMap. class ); log.debug( "parameterMap:" + paramsMaps.toString()); } else { Map<String, String[]> parameterMap = requestWrapper.getParameterMap(); Set<Map.Entry<String, String[]>> entries = parameterMap.entrySet(); Iterator<Map.Entry<String, String[]>> iterator = entries.iterator(); while (iterator.hasNext()) { Map.Entry<String, String[]> next = iterator.next(); paramsMaps.put(next.getKey(), next.getValue()[ 0 ]); } log.debug( "parameterMap:" + paramsMaps.toString()); } /** * 验证签名是否合法 */ /***************************************/ //设置企业信息(自定义参数) if (tokenBO!= null ){ Map paramsPlus = new HashMap(); paramsPlus.put(HttpConstant.TOKEN, tokenBO.getTokenCode()); paramsPlus.put(HttpConstant.APPID, tokenBO.getAppid()); requestWrapper.setParamsMaps(paramsPlus); } chain.doFilter(requestWrapper, response); } @Override public void destroy() { } } |
以上为个人经验,希望能给大家一个参考,也希望大家多多支持服务器之家。
原文链接:https://blog.csdn.net/fuwenshen/article/details/90203395