欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Filter中获取传递参数(解决post请求参数问题)

程序员文章站 2024-02-03 11:21:16
...

 

1. GET中传递的参数可以直接通过request.getParameter获取。

2. Post 传递的产生不能过直接从request.getInputStream() 读取,必须要进行重新写。(request.getInputStream()只能够读取一次

方式: 通过重写 HttpServletRequestWrapper 类 获取getInputStream中的流数据,然后在将body数据进行重新写入传递下去。

XyRequestWrapper 类:

package com.xy.boot.cmiap.filter;

import com.alibaba.fastjson.JSONObject;
import com.xy.boot.common.util.StringUtils;
import org.apache.catalina.servlet4preview.http.HttpServletRequestWrapper;
import org.apache.commons.codec.Charsets;

import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;

/**
 * Created by fuwenshen
 * Date:2018/10/26
 * Time:12:21
 */
public class XyRequestWrapper extends HttpServletRequestWrapper {


    private String body;

    public XyRequestWrapper(HttpServletRequest request) throws IOException {
        super(request);
        StringBuilder stringBuilder = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            InputStream inputStream = request.getInputStream();
            if (inputStream != null) {
                bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"UTF-8"));
                char[] charBuffer = new char[128];
                int bytesRead = -1;
                while ((bytesRead = bufferedReader.read(charBuffer)) > 0) {
                    stringBuilder.append(charBuffer, 0, bytesRead);
                }
            } else {
                stringBuilder.append("");
            }
        } catch (IOException ex) {
            throw ex;
        } finally {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (IOException ex) {
                    throw ex;
                }
            }
        }
        body = stringBuilder.toString();
    }


    @Override
    public ServletInputStream getInputStream() throws IOException {
        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(body.getBytes("UTF-8"));
        ServletInputStream servletInputStream = new ServletInputStream() {
            @Override
            public boolean isFinished() {
                return false;
            }

            @Override
            public boolean isReady() {
                return false;
            }

            @Override
            public void setReadListener(ReadListener readListener) {

            }

            @Override
            public int read() throws IOException {
                return byteArrayInputStream.read();
            }
        };
        return servletInputStream;
    }


    @Override
    public BufferedReader getReader() throws IOException {
        return new BufferedReader(new InputStreamReader(this.getInputStream(), Charsets.UTF_8));
    }

    public String getBody() {
        return this.body;
    }


    @Override
    public String getParameter(String name) {
        return super.getParameter(name);
    }

    @Override
    public Map<String, String[]> getParameterMap() {
        return super.getParameterMap();
    }

    @Override
    public Enumeration<String> getParameterNames() {
        return super.getParameterNames();
    }

    @Override
    public String[] getParameterValues(String name) {
        return super.getParameterValues(name);
    }


    /**
     * 设置自定义post参数 //
     *
     * @param paramMaps
     * @return
     */
    public void setParamsMaps(Map paramMaps) {
        Map paramBodyMap = new HashMap();
        if (!StringUtils.isEmpty(body)) {
            paramBodyMap = JSONObject.parseObject(body, Map.class);
        }
        paramBodyMap.putAll(paramMaps);
        body = JSONObject.toJSONString(paramBodyMap);
    }
}
XySecurityFilter
package com.xy.boot.cmiap.filter;

import com.alibaba.fastjson.JSONObject;
import com.xy.boot.cmiap.bo.VerifyTokenResultBO;
import com.xy.boot.cmiap.constant.HttpConstant;
import com.xy.boot.cmiap.entity.enums.XyHttpCodeEnum;
import com.xy.boot.cmiap.service.IXySecurityService;
import com.xy.boot.cmiap.service.helper.XyHttpSecurityHelper;
import com.xy.boot.common.util.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;

/**
 * Created by fuwenshen
 * Date:2018/10/29
 * Time:15:36
 */
@Component
@Slf4j
@WebFilter(filterName = "xySecurityFilter", urlPatterns = {"/api/adv/*"})
public class XySecurityFilter implements Filter {

    @Value("${verify_token_switch}")
    private boolean tokenSwitch;
    @Value("${zy.app_secret}")
    private String zyAppSecret;
    @Value("${zy.token}")
    private String zyToken;

    //验证 token bo
    private VerifyTokenResultBO tokenBO=null;

    @Autowired
    private IXySecurityService iXySecurityService;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        log.debug("进入XySecurityFilter!");
        // 参数集合 初始化
        TreeMap paramsMaps = new TreeMap();
        String token = null, v = null, timestamp = null, sign = null;

        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse resp = (HttpServletResponse) response;
        resp.setCharacterEncoding("UTF-8");
        resp.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        /**
         * 验证通用请求头是否完整
         */
        token = req.getHeader(HttpConstant.TOKEN);
        v = req.getHeader(HttpConstant.V);
        timestamp = req.getHeader(HttpConstant.TIMESTAMP);
        sign = req.getHeader(HttpConstant.SIGN);
        if (StringUtils.isEmpty(token) || StringUtils.isEmpty(v) || StringUtils.isEmpty(timestamp) || StringUtils.isEmpty(sign)) {
            resp.sendError(XyHttpCodeEnum.ILLEGAL_REQUEST.getCode(), XyHttpCodeEnum.ILLEGAL_REQUEST.getMessage());
            return;
        }

        // 防止流读取一次后就没有了, 所以需要将流继续写出去
        XyRequestWrapper requestWrapper = new XyRequestWrapper(req);

        /**
         * 校验token
         */
        /*********************************************************/


        /**
         * 获取请求参数
         */
        if ("POST".equals(req.getMethod().toUpperCase())) {
            String body = requestWrapper.getBody();
            paramsMaps = JSONObject.parseObject(body, TreeMap.class);
            log.debug("parameterMap:" + paramsMaps.toString());

        } else {

            Map<String, String[]> parameterMap = requestWrapper.getParameterMap();
            Set<Map.Entry<String, String[]>> entries = parameterMap.entrySet();
            Iterator<Map.Entry<String, String[]>> iterator = entries.iterator();
            while (iterator.hasNext()) {
                Map.Entry<String, String[]> next = iterator.next();
                paramsMaps.put(next.getKey(), next.getValue()[0]);
            }
            log.debug("parameterMap:" + paramsMaps.toString());
        }


        /**
         * 验证签名是否合法
         */
        /***************************************/

        //设置企业信息(自定义参数)
        if(tokenBO!=null){
            Map paramsPlus = new HashMap();
            paramsPlus.put(HttpConstant.TOKEN, tokenBO.getTokenCode());
            paramsPlus.put(HttpConstant.APPID, tokenBO.getAppid());
            requestWrapper.setParamsMaps(paramsPlus);
        }

        chain.doFilter(requestWrapper, response);

    }


    @Override
    public void destroy() {

    }
}