解決在Filter中讀取Request中的流後, 而後再Control中讀取不到的作法
咱們來看一下核心代碼: filter中主要作的事情, 就是來校驗請求是否合法, 是否有篡改過值. java
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if (Boolean.valueOf(authentication)) {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
if (BasicdataCommonsConstant.POST.equalsIgnoreCase(httpServletRequest.getMethod())) {
// 防止流讀取一次後就沒有了, 因此須要將流繼續寫出去
ServletRequest requestWrapper = new BodyReaderHttpServletRequestWrapper(httpServletRequest);
String body = HttpHelper.getBodyString(requestWrapper);
if (StringUtils.isBlank(body)) {
LOGGER.error("非法請求, 沒有APP_KEY, APP_SECRET");
OutWriterUtil.outJson(response, gson.toJson(new Response(ErrorCode.AUTH_ERROR_ILLEGAL_FROMTYPE)));
return;
}
Map<String, String> parameters = gson.fromJson(body, new TypeToken<Map<String, String>>() {
}.getType());
String APP_KEY = parameters.get("appKey");
String APP_SECRET = parameters.get("appSecret");
TAuthUser authUser = authUserMap.get(APP_KEY);
if (authUser == null) {
LOGGER.error("非法請求, 沒有APP_KEY, APP_SECRET");
OutWriterUtil.outJson(response, gson.toJson(new Response(ErrorCode.AUTH_ERROR_ILLEGAL_FROMTYPE)));
return;
} else if (StringUtils.isBlank(APP_SECRET)) {
LOGGER.error("非法請求, APP_SECRET爲空, user={}", gson.toJson(authUser));
OutWriterUtil.outJson(response, gson.toJson(new Response(ErrorCode.AUTH_ERROR_FROMTYPE_AND_KEY_CANNT_BE_NULL)));
return;
} else if (!APP_SECRET.equals(authUser.getAppSecret())) {
LOGGER.error("非法請求: 沒有APP_KEY, APP_SECRET不匹配. user={}, password={}, name={}", APP_KEY, APP_SECRET, authUser.getName());
OutWriterUtil.outJson(response, gson.toJson(new Response(ErrorCode.AUTH_ERROR_ILLEGAL_KEY)));
return;
}
String SIGNATURE = parameters.get("signature");
// 對參數進行簽名
String md5 = SignatureUtil.decryptSignature(parameters);
if (!md5.equals(SIGNATURE)) {
LOGGER.error("非法請求, signature ={}", SIGNATURE);
OutWriterUtil.outJson(response, gson.toJson(new Response(ErrorCode.AUTH_ERROR_SIGNATURE_ERROR)));
return;
}
threadLocalUser.setAuthUser(authUser);
chain.doFilter(requestWrapper, response);
}
}
chain.doFilter(request, response);
}
因此, 我新創建了一個類. 看代碼: app
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
/**
* Created with antnest-platform
* User: chenyuan
* Date: 12/31/14
* Time: 8:49 PM
*/
public class BodyReaderHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final byte[] body;
public BodyReaderHttpServletRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
body = HttpHelper.getBodyString(request).getBytes(Charset.forName("UTF-8"));
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return bais.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
}
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
/**
* Created with antnest-platform
* User: chenyuan
* Date: 12/24/14
* Time: 10:39 AM
*/
public class HttpHelper {
/**
* 獲取請求Body
*
* @param request
* @return
*/
public static String getBodyString(ServletRequest request) {
StringBuilder sb = new StringBuilder();
InputStream inputStream = null;
BufferedReader reader = null;
try {
inputStream = request.getInputStream();
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
String line = "";
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
e.printStackTrace();
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return sb.toString();
}
}
這樣子就應該差很少了哦~ ide
相關文章
- 1. 解決在Filter中讀取Request中的流後, 而後再Control中讀取不到的作法
- 2. 解決在Filter中讀取Request中的流後,後續controller或restful接口中沒法獲取流的問題
- 3. 解決在Filter中讀取Request中的流後, 而後在Controller中@RequestBody的參數沒法注入而致使 400 錯誤
- 4. http filter裏面請求讀取以後再次讀取讀取不到
- 5. java在filter中獲取POST請求中request參數以及解決ServletInputStream重複讀取的問題
- 6. tomcat先response後不能讀取request body
- 7. struts2讀取request,session,application中的值
- 8. bootstrapTable中queryParams傳值到後臺獲取不到解決辦法
- 9. php讀取csv文件,在linux上出現中文讀取不到的狀況 解決方法
- 10. C#讀取Excel遇到沒法讀取的解決方法
- 更多相關文章...
- • Spring中Bean的作用域 - Spring教程
- • Java 中操作 R - R 語言教程
- • Scala 中文亂碼解決
- • SpringBoot中properties文件不能自動提示解決方法
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 解決在Filter中讀取Request中的流後, 而後再Control中讀取不到的作法
- 2. 解決在Filter中讀取Request中的流後,後續controller或restful接口中沒法獲取流的問題
- 3. 解決在Filter中讀取Request中的流後, 而後在Controller中@RequestBody的參數沒法注入而致使 400 錯誤
- 4. http filter裏面請求讀取以後再次讀取讀取不到
- 5. java在filter中獲取POST請求中request參數以及解決ServletInputStream重複讀取的問題
- 6. tomcat先response後不能讀取request body
- 7. struts2讀取request,session,application中的值
- 8. bootstrapTable中queryParams傳值到後臺獲取不到解決辦法
- 9. php讀取csv文件,在linux上出現中文讀取不到的狀況 解決方法
- 10. C#讀取Excel遇到沒法讀取的解決方法