|
@@ -1,12 +1,12 @@
|
1
|
1
|
package com.eitc.common.filter;
|
2
|
2
|
|
3
|
|
-import com.alibaba.fastjson2.JSON;
|
|
3
|
+import com.alibaba.fastjson2.JSONArray;
|
4
|
4
|
import com.alibaba.fastjson2.JSONObject;
|
5
|
|
-import com.alibaba.fastjson2.TypeReference;
|
6
|
5
|
import com.eitc.common.config.ParameterRequestWrapper;
|
7
|
6
|
import com.eitc.common.constant.HttpConst;
|
8
|
7
|
import com.eitc.common.utils.CryptoUtil;
|
9
|
8
|
import com.eitc.common.utils.StringUtils;
|
|
9
|
+import lombok.extern.slf4j.Slf4j;
|
10
|
10
|
import org.springframework.http.MediaType;
|
11
|
11
|
|
12
|
12
|
import javax.servlet.Filter;
|
|
@@ -20,25 +20,15 @@ import javax.servlet.http.HttpServletResponse;
|
20
|
20
|
import java.io.ByteArrayOutputStream;
|
21
|
21
|
import java.io.IOException;
|
22
|
22
|
import java.nio.charset.StandardCharsets;
|
23
|
|
-import java.util.Arrays;
|
24
|
|
-import java.util.HashMap;
|
25
|
|
-import java.util.Map;
|
26
|
23
|
import java.util.stream.Collectors;
|
27
|
24
|
|
28
|
25
|
|
29
|
|
-
|
30
|
|
-
|
31
|
|
-
|
32
|
|
-
|
33
|
|
-
|
34
|
|
-
|
35
|
|
-
|
36
|
|
-
|
37
|
26
|
/**
|
38
|
27
|
* Repeatable 过滤器
|
39
|
28
|
*
|
40
|
29
|
* @author eitc
|
41
|
30
|
*/
|
|
31
|
+@Slf4j
|
42
|
32
|
public class RepeatableFilter implements Filter {
|
43
|
33
|
|
44
|
34
|
private static final String DECRYPT_PARAM_NAME = "decrypt";//请求参数包含的是否加密的字段
|
|
@@ -57,7 +47,7 @@ public class RepeatableFilter implements Filter {
|
57
|
47
|
HttpServletResponse res = (HttpServletResponse) response;
|
58
|
48
|
{
|
59
|
49
|
String contentType = req.getContentType();//获取contentType请求头
|
60
|
|
- if(StringUtils.isNotBlank(contentType)){
|
|
50
|
+ if (StringUtils.isNotBlank(contentType)) {
|
61
|
51
|
String method = req.getMethod();//获取请求方法 post/get
|
62
|
52
|
//2 处理post请求 只处理application/x-www-form-urlencoded application/json,对于multipart/form-data,直接放行
|
63
|
53
|
if (method.trim().equalsIgnoreCase(HttpConst.POST_METHOD) || method.trim().equalsIgnoreCase(HttpConst.PUT_METHOD)) {
|
|
@@ -68,7 +58,7 @@ public class RepeatableFilter implements Filter {
|
68
|
58
|
//处理application/x-www-form-urlencoded
|
69
|
59
|
if (contentType.trim().toLowerCase().contains(HttpConst.FORM_URLENCODED_CONTENT_TYPE)) {
|
70
|
60
|
String decrypt = request.getParameter(DECRYPT_PARAM_NAME);
|
71
|
|
- if(decrypt==null||decrypt.trim().isEmpty()){
|
|
61
|
+ if (decrypt == null || decrypt.trim().isEmpty()) {
|
72
|
62
|
chain.doFilter(request, response);
|
73
|
63
|
return;
|
74
|
64
|
}
|
|
@@ -78,25 +68,36 @@ public class RepeatableFilter implements Filter {
|
78
|
68
|
//处理application/json
|
79
|
69
|
if (contentType.trim().toLowerCase().contains(HttpConst.JSON_CONTENT_TYPE)) {
|
80
|
70
|
ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(req);
|
81
|
|
- // String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
|
82
|
|
- // // 解密
|
83
|
|
- // String decrypt = CryptoUtil.decrypt(collect);
|
84
|
|
- // System.out.println(decrypt);
|
85
|
|
- // byte[] bytes = decrypt.getBytes(StandardCharsets.UTF_8);
|
86
|
|
- // ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
|
87
|
|
- // try {
|
88
|
|
- // binaryStream.write(bytes);
|
89
|
|
- // byte[] byteArray = binaryStream.toByteArray();
|
90
|
|
- // requestWrapper.setInputStream(byteArray);
|
91
|
|
- // } catch (IOException e) {
|
92
|
|
- // e.printStackTrace();
|
93
|
|
- // } finally {
|
94
|
|
- // try {
|
95
|
|
- // binaryStream.close();
|
96
|
|
- // } catch (IOException e) {
|
97
|
|
- // e.printStackTrace();
|
98
|
|
- // }
|
99
|
|
- // }
|
|
71
|
+ try {
|
|
72
|
+ String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
|
|
73
|
+ // 解密
|
|
74
|
+ String decrypt = CryptoUtil.decrypt(collect);
|
|
75
|
+ String jsonString = null;
|
|
76
|
+ try {
|
|
77
|
+ JSONObject parseObject = JSONObject.parseObject(decrypt);
|
|
78
|
+ jsonString = parseObject.toJSONString();
|
|
79
|
+ } catch (Exception e) {
|
|
80
|
+ JSONArray jsonArray = JSONArray.parseArray(decrypt);
|
|
81
|
+ jsonString = jsonArray.toJSONString();
|
|
82
|
+ }
|
|
83
|
+ byte[] bytes = jsonString.getBytes(StandardCharsets.UTF_8);
|
|
84
|
+ ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
|
|
85
|
+ try {
|
|
86
|
+ binaryStream.write(bytes);
|
|
87
|
+ byte[] byteArray = binaryStream.toByteArray();
|
|
88
|
+ requestWrapper.setInputStream(byteArray);
|
|
89
|
+ } catch (IOException e) {
|
|
90
|
+ e.printStackTrace();
|
|
91
|
+ } finally {
|
|
92
|
+ try {
|
|
93
|
+ binaryStream.close();
|
|
94
|
+ } catch (IOException e) {
|
|
95
|
+ e.printStackTrace();
|
|
96
|
+ }
|
|
97
|
+ }
|
|
98
|
+ } catch (Exception e) {
|
|
99
|
+ log.error("解密失败:" + req.getContextPath(), e);
|
|
100
|
+ }
|
100
|
101
|
chain.doFilter(requestWrapper, response);
|
101
|
102
|
return;
|
102
|
103
|
}
|
|
@@ -117,91 +118,6 @@ public class RepeatableFilter implements Filter {
|
117
|
118
|
}
|
118
|
119
|
}
|
119
|
120
|
|
120
|
|
-
|
121
|
|
- /**
|
122
|
|
- * 字符串解密
|
123
|
|
- *
|
124
|
|
- * @param value
|
125
|
|
- * @return
|
126
|
|
- */
|
127
|
|
- public String decryptParam(String value, String decryptType) {
|
128
|
|
- if (decryptType.trim().equalsIgnoreCase(DEFAULT_DECRYPT_TYPE)) {
|
129
|
|
-// return AESCipher.decryptAES(value,AESCipher.KEY);
|
130
|
|
- return "111";
|
131
|
|
- } else {
|
132
|
|
- return value + "+++";
|
133
|
|
- }
|
134
|
|
-
|
135
|
|
- }
|
136
|
|
-
|
137
|
|
- /**
|
138
|
|
- * 普通的post/get请求
|
139
|
|
- *
|
140
|
|
- * @param parameterMap
|
141
|
|
- */
|
142
|
|
- public Map<String, String[]> decryptParamForNormalRequest(Map<String, String[]> parameterMap, String decryptType) {
|
143
|
|
- Map<String, String[]> decryptMap = new HashMap<>();
|
144
|
|
- if (parameterMap == null || parameterMap.size() == 0) {
|
145
|
|
- return decryptMap;
|
146
|
|
- }
|
147
|
|
- for (Map.Entry<String, String[]> entry : parameterMap.entrySet()) {
|
148
|
|
- String key = entry.getKey();
|
149
|
|
- if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
|
150
|
|
- continue;
|
151
|
|
- }
|
152
|
|
- String[] value = entry.getValue();
|
153
|
|
- //String decryptKey = decodeParam(key,decryptType);
|
154
|
|
- String[] decryptValue = null;
|
155
|
|
- if (value != null && value.length > 0) {
|
156
|
|
- decryptValue = new String[value.length];
|
157
|
|
- for (int i = 0; i < value.length; i++) {
|
158
|
|
- decryptValue[i] = decryptParam(value[i], decryptType);
|
159
|
|
- }
|
160
|
|
- }
|
161
|
|
- decryptMap.put(key, decryptValue);
|
162
|
|
- }
|
163
|
|
- //打印用
|
164
|
|
- StringBuffer printStr = new StringBuffer();
|
165
|
|
- for (Map.Entry<String, String[]> entry1 : decryptMap.entrySet()) {
|
166
|
|
- printStr.append(entry1.getKey()).append("=").append(Arrays.asList(entry1.getValue())).append("&");
|
167
|
|
- }
|
168
|
|
- System.out.println("ParamsFilter:发送的请求参数:" + JSON.toJSONString(printStr));
|
169
|
|
- return decryptMap;
|
170
|
|
- }
|
171
|
|
-
|
172
|
|
- /**
|
173
|
|
- * post的application/json请求
|
174
|
|
- *
|
175
|
|
- * @param body
|
176
|
|
- */
|
177
|
|
- public String decryptParamForPostJsonRequest(String body, String decryptType) {
|
178
|
|
- String decryptBody = "{}";
|
179
|
|
- if (body == null || body.trim().isEmpty() || body.trim().equalsIgnoreCase("{}") || !body.trim().contains(":")) {
|
180
|
|
- return decryptBody;
|
181
|
|
- }
|
182
|
|
- Map<String, Object> map = JSON.parseObject(body, new TypeReference<Map<String, Object>>() {
|
183
|
|
- });
|
184
|
|
- if (map == null || map.size() == 0) {
|
185
|
|
- return decryptBody;
|
186
|
|
- }
|
187
|
|
- Map<String, Object> decryptMap = new HashMap<>();
|
188
|
|
- for (Map.Entry<String, Object> entry : map.entrySet()) {
|
189
|
|
- String key = entry.getKey();
|
190
|
|
- if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
|
191
|
|
- continue;
|
192
|
|
- }
|
193
|
|
- Object value = entry.getValue();
|
194
|
|
- String valueStr = String.valueOf(value);
|
195
|
|
- if (valueStr == null || valueStr.trim().isEmpty() || valueStr.trim().equalsIgnoreCase("null")) {
|
196
|
|
- valueStr = null;
|
197
|
|
- }
|
198
|
|
- decryptMap.put(key, decryptParam(valueStr, decryptType));
|
199
|
|
- }
|
200
|
|
- decryptBody = JSON.toJSONString(decryptMap);
|
201
|
|
- System.out.println("ParamsFilter:发送的请求参数:" + decryptBody);
|
202
|
|
- return decryptBody;
|
203
|
|
- }
|
204
|
|
-
|
205
|
121
|
@Override
|
206
|
122
|
public void destroy() {
|
207
|
123
|
|