Springboot如何使用filter对request body参数进行校验
作者:Jordan 时间:2023-09-14 05:28:46
使用filter对request body参数进行校验
@Slf4j
public class ParameterCheckServletRequestWrapper extends HttpServletRequestWrapper {
private byte[] requestBody;
private Charset charSet;
public ParameterCheckServletRequestWrapper(HttpServletRequest request) {
super(request);
//缓存请求body
try {
String requestBodyStr = getRequestPostStr(request);
if (StringUtils.isNotBlank(requestBodyStr)) {
JSONObject resultJson = JSONObject.fromObject(requestBodyStr.replace("\"", "'"));
Object[] obj = resultJson.keySet().toArray();
for (Object o : obj) {
resultJson.put(o, StringUtils.trimToNull(resultJson.get(o).toString()));
}
requestBody = resultJson.toString().getBytes(charSet);
} else {
requestBody = new byte[0];
}
} catch (IOException e) {
log.error("", e);
}
}
public String getRequestPostStr(HttpServletRequest request)
throws IOException {
String charSetStr = request.getCharacterEncoding();
if (charSetStr == null) {
charSetStr = "UTF-8";
}
charSet = Charset.forName(charSetStr);
return StreamUtils.copyToString(request.getInputStream(), charSet);
}
/**
* 重写 getInputStream()
*/
@Override
public ServletInputStream getInputStream() {
if (requestBody == null) {
requestBody = new byte[0];
}
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(requestBody);
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return byteArrayInputStream.read();
}
};
}
/**
* 重写 getReader()
*/
@Override
public BufferedReader getReader() {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
}
public class ParameterCheckFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
ParameterCheckServletRequestWrapper myWrapper = new ParameterCheckServletRequestWrapper((HttpServletRequest) servletRequest);
filterChain.doFilter(myWrapper, servletResponse);
}
@Override
public void destroy() {
}
}
@Configuration
public class FilterConfig {
@Bean
public FilterRegistrationBean authFilterRegistrationBean() {
FilterRegistrationBean<Filter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setName("parameterCheckFilter");
registrationBean.setFilter(new ParameterCheckFilter());
registrationBean.setOrder(1);
registrationBean.addUrlPatterns("/*");
return registrationBean;
}
}
通过filter修改body参数的思路
知识点
1、HttpServletRequestWrapper
2、filter
步骤
1、新建MyHttpServletRequestWrapper继承HttpServletRequestWrapper
2、讲传入的body赋值给自己的body(如下)
package com.orisdom.modules.common.filter;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.orisdom.modules.monitor.dto.input.MonitorPointQueryPara;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
/**
* @author xiaokang
* @description
* @date 2021/6/11 10:56
*/
public class MyHttpServletRequestWrapper extends HttpServletRequestWrapper {
private String tempBody;
public MyHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
this.tempBody = getBody(request);
System.out.println(tempBody);
}
/**
* 获取请求体
* @param request 请求
* @return 请求体
*/
private String getBody(HttpServletRequest request) {
try {
ServletInputStream stream = request.getInputStream();
String read = "";
StringBuilder stringBuilder = new StringBuilder();
byte[] b = new byte[1024];
int lens = -1;
while ((lens = stream.read(b)) > 0) {
stringBuilder.append(new String(b, 0, lens));
}
return stringBuilder.toString();
} catch (IOException e) {
throw new RuntimeException(e);
}
}
/**
* 获取请求体
* @return 请求体
*/
public String getBody() {
MonitorPointQueryPara para = JSON.parseObject(tempBody, MonitorPointQueryPara.class);
para.setName("1232321321");
tempBody = JSONObject.toJSONString(para);
return tempBody;
}
/**
* 需要重写这个方法
* @return
* @throws IOException
*/
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
/**
* 需要重写这个方法
* @return
* @throws IOException
*/
@Override
public ServletInputStream getInputStream() throws IOException {
// 创建字节数组输入流
final ByteArrayInputStream bais = new ByteArrayInputStream(tempBody.getBytes(Charset.defaultCharset()));
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return bais.read();
}
};
}
}
1.新建MyFilter 继承 Filter
2.添加@WebFilter注解
3.启动类添加@ServletComponentScan(如下)
package com.orisdom.modules.common.filter;
import org.springframework.core.annotation.Order;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.BufferedReader;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
/**
* @author xiaokang
* @description
* @date 2021/6/11 9:47
*/
@WebFilter
public class MyFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
MyHttpServletRequestWrapper myHttpServletRequestWrapper = new MyHttpServletRequestWrapper((HttpServletRequest) servletRequest);
// 相当于赋值
myHttpServletRequestWrapper.getBody();
// 自己定义的MyHttpServletRequestWrapper
filterChain.doFilter(myHttpServletRequestWrapper, servletResponse);
System.out.println(11111111);
}
@Override
public void destroy() {
}
}
没加之前
加了之后
来源:https://blog.csdn.net/u012661496/article/details/83653206
标签:Springboot,filter,request,body,校验
![](/images/zang.png)
![](/images/jiucuo.png)
猜你喜欢
Android保存联系人到通讯录的方法
2023-01-28 16:44:40
如何使用Spring工具类动态匹配url
2021-06-16 05:09:08
详解Java内存泄露的示例代码
2023-06-08 03:34:51
C# WebService发布以及IIS发布
2023-01-16 17:34:57
![](https://img.aspxhome.com/file/2023/1/98191_0s.png)
Android网格布局GridView实现漂亮的多选效果
2023-10-20 08:52:38
![](https://img.aspxhome.com/file/2023/8/106028_0s.png)
一文彻底搞懂Kotlin中的协程
2021-09-19 19:16:01
![](https://img.aspxhome.com/file/2023/3/123333_0s.png)
SpringBoot 整合 ElasticSearch操作各种高级查询搜索
2023-03-25 17:12:40
Java基于rest assured实现接口测试过程解析
2022-07-25 09:30:25
基于ReentrantLock的实现原理讲解
2023-11-23 22:43:23
![](https://img.aspxhome.com/file/2023/9/59849_0s.jpg)
Android 滑动Scrollview标题栏渐变效果(仿京东toolbar)
2023-11-21 23:56:29
![](https://img.aspxhome.com/file/2023/8/103918_0s.gif)
SpringBoot集成POI导出Execl表格之统一工具类
2023-06-12 09:55:51
![](https://img.aspxhome.com/file/2023/1/99751_0s.jpg)
桌面浮动窗口(类似恶意广告)的实现详解
2023-04-28 06:02:27
Java基于zxing生成二维码矩阵过程解析
2023-11-23 06:04:06
![](https://img.aspxhome.com/file/2023/5/59845_0s.png)
SpringBoot整合TKMyBatis实现单表增删改查操作
2022-01-30 19:52:28
![](https://img.aspxhome.com/file/2023/2/82042_0s.png)
Android编程实现任务管理器的方法
2022-11-30 00:32:15
![](https://img.aspxhome.com/file/2023/5/122105_0s.png)
springboot异常处理的基本规范
2023-11-23 15:48:19
![](https://img.aspxhome.com/file/2023/8/59488_0s.png)
Java ArrayList深入源码层分析
2021-10-18 04:12:31
![](https://img.aspxhome.com/file/2023/9/60919_0s.png)
WPF实现雷达图(仿英雄联盟)的示例代码
2023-07-13 18:46:53
![](https://img.aspxhome.com/file/2023/2/119472_0s.png)
IDEA部署JavaWeb项目到Tomcat服务器的方法
2023-11-02 23:21:22
基于C#实现图片合成功能
2022-08-23 07:21:13
![](https://img.aspxhome.com/file/2023/8/89808_0s.png)