|
@@ -1,6 +1,14 @@
|
1
|
1
|
package com.eitc.common.filter;
|
2
|
2
|
|
3
|
|
-import java.io.IOException;
|
|
3
|
+import com.alibaba.fastjson2.JSON;
|
|
4
|
+import com.alibaba.fastjson2.JSONObject;
|
|
5
|
+import com.alibaba.fastjson2.TypeReference;
|
|
6
|
+import com.eitc.common.config.ParameterRequestWrapper;
|
|
7
|
+import com.eitc.common.constant.HttpConst;
|
|
8
|
+import com.eitc.common.utils.CryptoUtil;
|
|
9
|
+import com.eitc.common.utils.StringUtils;
|
|
10
|
+import org.springframework.http.MediaType;
|
|
11
|
+
|
4
|
12
|
import javax.servlet.Filter;
|
5
|
13
|
import javax.servlet.FilterChain;
|
6
|
14
|
import javax.servlet.FilterConfig;
|
|
@@ -8,45 +16,195 @@ import javax.servlet.ServletException;
|
8
|
16
|
import javax.servlet.ServletRequest;
|
9
|
17
|
import javax.servlet.ServletResponse;
|
10
|
18
|
import javax.servlet.http.HttpServletRequest;
|
11
|
|
-import org.springframework.http.MediaType;
|
12
|
|
-import com.eitc.common.utils.StringUtils;
|
|
19
|
+import javax.servlet.http.HttpServletResponse;
|
|
20
|
+import java.io.ByteArrayOutputStream;
|
|
21
|
+import java.io.IOException;
|
|
22
|
+import java.nio.charset.StandardCharsets;
|
|
23
|
+import java.util.Arrays;
|
|
24
|
+import java.util.HashMap;
|
|
25
|
+import java.util.Map;
|
|
26
|
+import java.util.stream.Collectors;
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
|
|
35
|
+
|
13
|
36
|
|
14
|
37
|
/**
|
15
|
38
|
* Repeatable 过滤器
|
16
|
39
|
*
|
17
|
40
|
* @author eitc
|
18
|
41
|
*/
|
19
|
|
-public class RepeatableFilter implements Filter
|
20
|
|
-{
|
|
42
|
+public class RepeatableFilter implements Filter {
|
|
43
|
+
|
|
44
|
+ private static final String DECRYPT_PARAM_NAME = "decrypt";//请求参数包含的是否加密的字段
|
|
45
|
+
|
|
46
|
+ private static final String DEFAULT_DECRYPT_TYPE = "AES";//默认加密的类型
|
|
47
|
+
|
21
|
48
|
@Override
|
22
|
|
- public void init(FilterConfig filterConfig) throws ServletException
|
23
|
|
- {
|
|
49
|
+ public void init(FilterConfig filterConfig) throws ServletException {
|
24
|
50
|
|
25
|
51
|
}
|
26
|
52
|
|
27
|
53
|
@Override
|
28
|
54
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
|
29
|
|
- throws IOException, ServletException
|
30
|
|
- {
|
31
|
|
- ServletRequest requestWrapper = null;
|
32
|
|
- if (request instanceof HttpServletRequest
|
33
|
|
- && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE))
|
|
55
|
+ throws IOException, ServletException {
|
|
56
|
+ HttpServletRequest req = (HttpServletRequest) request;
|
|
57
|
+ HttpServletResponse res = (HttpServletResponse) response;
|
34
|
58
|
{
|
|
59
|
+
|
|
60
|
+ String contentType = req.getContentType();//获取contentType请求头
|
|
61
|
+ String method = req.getMethod();//获取请求方法 post/get
|
|
62
|
+ //2 处理post请求 只处理application/x-www-form-urlencoded application/json,对于multipart/form-data,直接放行
|
|
63
|
+ if (!method.trim().equalsIgnoreCase(HttpConst.GET_METHOD)) {
|
|
64
|
+ if (contentType.trim().toLowerCase().contains(HttpConst.MULTIPART_CONTENT_TYPE)) {
|
|
65
|
+ chain.doFilter(req, response);
|
|
66
|
+ return;
|
|
67
|
+ }
|
|
68
|
+ //处理application/x-www-form-urlencoded
|
|
69
|
+ if (contentType.trim().toLowerCase().contains(HttpConst.FORM_URLENCODED_CONTENT_TYPE)) {
|
|
70
|
+ String decrypt = request.getParameter(DECRYPT_PARAM_NAME);
|
|
71
|
+ if(decrypt==null||decrypt.trim().isEmpty()){
|
|
72
|
+ chain.doFilter(request, response);
|
|
73
|
+ return;
|
|
74
|
+ }
|
|
75
|
+ chain.doFilter(req, response);
|
|
76
|
+ return;
|
|
77
|
+ }
|
|
78
|
+ //处理application/json
|
|
79
|
+ if (contentType.trim().toLowerCase().contains(HttpConst.JSON_CONTENT_TYPE)) {
|
|
80
|
+ ParameterRequestWrapper requestWrapper = new ParameterRequestWrapper(req);
|
|
81
|
+// String collect = requestWrapper.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
|
|
82
|
+// // 解密
|
|
83
|
+// String decrypt = CryptoUtil.decrypt(collect);
|
|
84
|
+// System.out.println(decrypt);
|
|
85
|
+// byte[] bytes = decrypt.getBytes(StandardCharsets.UTF_8);
|
|
86
|
+// ByteArrayOutputStream binaryStream = new ByteArrayOutputStream();
|
|
87
|
+// try {
|
|
88
|
+// binaryStream.write(bytes);
|
|
89
|
+// byte[] byteArray = binaryStream.toByteArray();
|
|
90
|
+// requestWrapper.setInputStream(byteArray);
|
|
91
|
+// } catch (IOException e) {
|
|
92
|
+// e.printStackTrace();
|
|
93
|
+// } finally {
|
|
94
|
+// try {
|
|
95
|
+// binaryStream.close();
|
|
96
|
+// } catch (IOException e) {
|
|
97
|
+// e.printStackTrace();
|
|
98
|
+// }
|
|
99
|
+// }
|
|
100
|
+ chain.doFilter(requestWrapper, response);
|
|
101
|
+ return;
|
|
102
|
+ }
|
|
103
|
+ }
|
|
104
|
+ }
|
|
105
|
+
|
|
106
|
+
|
|
107
|
+ HttpServletRequest requestWrapper = null;
|
|
108
|
+ if (req instanceof HttpServletRequest
|
|
109
|
+ && StringUtils.startsWithIgnoreCase(req.getContentType(), MediaType.APPLICATION_JSON_VALUE)) {
|
35
|
110
|
requestWrapper = new RepeatedlyRequestWrapper((HttpServletRequest) request, response);
|
36
|
111
|
}
|
37
|
|
- if (null == requestWrapper)
|
38
|
|
- {
|
39
|
|
- chain.doFilter(request, response);
|
|
112
|
+ if (null == requestWrapper) {
|
|
113
|
+ chain.doFilter(req, res);
|
|
114
|
+ } else {
|
|
115
|
+ chain.doFilter(requestWrapper, res);
|
40
|
116
|
}
|
41
|
|
- else
|
42
|
|
- {
|
43
|
|
- chain.doFilter(requestWrapper, response);
|
|
117
|
+ }
|
|
118
|
+
|
|
119
|
+
|
|
120
|
+ /**
|
|
121
|
+ * 字符串解密
|
|
122
|
+ *
|
|
123
|
+ * @param value
|
|
124
|
+ * @return
|
|
125
|
+ */
|
|
126
|
+ public String decryptParam(String value, String decryptType) {
|
|
127
|
+ if (decryptType.trim().equalsIgnoreCase(DEFAULT_DECRYPT_TYPE)) {
|
|
128
|
+// return AESCipher.decryptAES(value,AESCipher.KEY);
|
|
129
|
+ return "111";
|
|
130
|
+ } else {
|
|
131
|
+ return value + "+++";
|
|
132
|
+ }
|
|
133
|
+
|
|
134
|
+ }
|
|
135
|
+
|
|
136
|
+ /**
|
|
137
|
+ * 普通的post/get请求
|
|
138
|
+ *
|
|
139
|
+ * @param parameterMap
|
|
140
|
+ */
|
|
141
|
+ public Map<String, String[]> decryptParamForNormalRequest(Map<String, String[]> parameterMap, String decryptType) {
|
|
142
|
+ Map<String, String[]> decryptMap = new HashMap<>();
|
|
143
|
+ if (parameterMap == null || parameterMap.size() == 0) {
|
|
144
|
+ return decryptMap;
|
|
145
|
+ }
|
|
146
|
+ for (Map.Entry<String, String[]> entry : parameterMap.entrySet()) {
|
|
147
|
+ String key = entry.getKey();
|
|
148
|
+ if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
|
|
149
|
+ continue;
|
|
150
|
+ }
|
|
151
|
+ String[] value = entry.getValue();
|
|
152
|
+ //String decryptKey = decodeParam(key,decryptType);
|
|
153
|
+ String[] decryptValue = null;
|
|
154
|
+ if (value != null && value.length > 0) {
|
|
155
|
+ decryptValue = new String[value.length];
|
|
156
|
+ for (int i = 0; i < value.length; i++) {
|
|
157
|
+ decryptValue[i] = decryptParam(value[i], decryptType);
|
|
158
|
+ }
|
|
159
|
+ }
|
|
160
|
+ decryptMap.put(key, decryptValue);
|
|
161
|
+ }
|
|
162
|
+ //打印用
|
|
163
|
+ StringBuffer printStr = new StringBuffer();
|
|
164
|
+ for (Map.Entry<String, String[]> entry1 : decryptMap.entrySet()) {
|
|
165
|
+ printStr.append(entry1.getKey()).append("=").append(Arrays.asList(entry1.getValue())).append("&");
|
|
166
|
+ }
|
|
167
|
+ System.out.println("ParamsFilter:发送的请求参数:" + JSON.toJSONString(printStr));
|
|
168
|
+ return decryptMap;
|
|
169
|
+ }
|
|
170
|
+
|
|
171
|
+ /**
|
|
172
|
+ * post的application/json请求
|
|
173
|
+ *
|
|
174
|
+ * @param body
|
|
175
|
+ */
|
|
176
|
+ public String decryptParamForPostJsonRequest(String body, String decryptType) {
|
|
177
|
+ String decryptBody = "{}";
|
|
178
|
+ if (body == null || body.trim().isEmpty() || body.trim().equalsIgnoreCase("{}") || !body.trim().contains(":")) {
|
|
179
|
+ return decryptBody;
|
|
180
|
+ }
|
|
181
|
+ Map<String, Object> map = JSON.parseObject(body, new TypeReference<Map<String, Object>>() {
|
|
182
|
+ });
|
|
183
|
+ if (map == null || map.size() == 0) {
|
|
184
|
+ return decryptBody;
|
|
185
|
+ }
|
|
186
|
+ Map<String, Object> decryptMap = new HashMap<>();
|
|
187
|
+ for (Map.Entry<String, Object> entry : map.entrySet()) {
|
|
188
|
+ String key = entry.getKey();
|
|
189
|
+ if (key == null || key.trim().equalsIgnoreCase(DECRYPT_PARAM_NAME)) {
|
|
190
|
+ continue;
|
|
191
|
+ }
|
|
192
|
+ Object value = entry.getValue();
|
|
193
|
+ String valueStr = String.valueOf(value);
|
|
194
|
+ if (valueStr == null || valueStr.trim().isEmpty() || valueStr.trim().equalsIgnoreCase("null")) {
|
|
195
|
+ valueStr = null;
|
|
196
|
+ }
|
|
197
|
+ decryptMap.put(key, decryptParam(valueStr, decryptType));
|
44
|
198
|
}
|
|
199
|
+ decryptBody = JSON.toJSONString(decryptMap);
|
|
200
|
+ System.out.println("ParamsFilter:发送的请求参数:" + decryptBody);
|
|
201
|
+ return decryptBody;
|
45
|
202
|
}
|
46
|
203
|
|
47
|
204
|
@Override
|
48
|
|
- public void destroy()
|
49
|
|
- {
|
|
205
|
+ public void destroy() {
|
50
|
206
|
|
51
|
207
|
}
|
|
208
|
+
|
|
209
|
+
|
52
|
210
|
}
|