这是我参与更文挑战的第15天,活动详情查看: 更文挑战
背景
如果需要实现一个业务拦截器需要拦截request的所有传入信息。通常情况下,HttpServletRequst中的body内容只会读取一次,但是可能某些情境下可能会读取多次,由于body内容是以流的形式存在,所以第一次读取完成后,第二次就无法读取了,一个典型的场景就是Filter 在校验完成body的内容后,业务方法就无法继续读取流了,导致解析报错。
解决方法1
- 使用
ContentCachingRequestWrapper
我们创建一个filter:
@Component
public class CachingRequestBodyFilter extends GenericFilterBean {
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest currentRequest = (HttpServletRequest) servletRequest;
ContentCachingRequestWrapper wrappedRequest = new ContentCachingRequestWrapper(currentRequest);
chain.doFilter(wrappedRequest, servletResponse);
}
}
在Web filter的doFilter方法里,创建ContentCachingRequestWrapper对request做包装。 接下来我们就可以在Controller里调用ContentCachingRequestWrapper的方法获取request body。示例如下:
@RestController
public class HelloController {
@PostMapping("/hello")
public String hello(@RequestBody String id, HttpServletRequest request) {
ContentCachingRequestWrapper requestWrapper = (ContentCachingRequestWrapper) request;
String requestBody = new String(requestWrapper.getContentAsByteArray());
return "body: " + requestBody;
}
}
解决方法2
我们是否可以用装饰器来修饰一下 request,使其可以包装读取的内容,供多次读取。 这个装饰器要符合httpsevletrequest接口规范,在原有的框架中spring boot提供了一个简单的封装器ContentCachingRequestWrapper,从源码上看这个封装器并不实用,没有封装http的底层流ServletInputStream信息,导致使用@RequestParam,@RequestBody等使用底层流构建的逻辑依然无用,只能硬生生的使用。我们参照ContentCachingRequestWrapper封装了一个更具可靠性,更低侵入性的装饰器:
public class RepeatReadHttpRequest extends HttpServletRequestWrapper {
private static final Logger LOGGER = LoggerFactory.getLogger(RepeatReadHttpRequest.class);
private final ByteArrayOutputStream cachedContent;
private Map<String, String[]> cachedForm;
@Nullable
private ServletInputStream inputStream;
public RepeatReadHttpRequest(HttpServletRequest request) {
super(request);
this.cachedContent = new ByteArrayOutputStream();
this.cachedForm = new HashMap<>();
cacheData();
}
@Override
public ServletInputStream getInputStream() throws IOException {
this.inputStream = new RepeatReadInputStream(cachedContent.toByteArray());
return this.inputStream;
}
@Override
public String getCharacterEncoding() {
String enc = super.getCharacterEncoding();
return (enc != null ? enc : WebUtils.DEFAULT_CHARACTER_ENCODING);
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream(), getCharacterEncoding()));
}
@Override
public String getParameter(String name) {
String value = null;
if (isFormPost()) {
String[] values = cachedForm.get(name);
if (null != values && values.length > 0) {
value = values[0];
}
}
if (StringUtils.isEmpty(value)) {
value = super.getParameter(name);
}
return value;
}
@Override
public Map<String, String[]> getParameterMap() {
if (isFormPost() && !CollectionUtils.sizeIsEmpty(cachedForm)) {
return cachedForm;
}
return super.getParameterMap();
}
@Override
public Enumeration<String> getParameterNames() {
if (isFormPost() && !CollectionUtils.sizeIsEmpty(cachedForm)) {
return Collections.enumeration(cachedForm.keySet());
}
return super.getParameterNames();
}
@Override
public String[] getParameterValues(String name) {
if (isFormPost() && !CollectionUtils.sizeIsEmpty(cachedForm)) {
return cachedForm.get(name);
}
return super.getParameterValues(name);
}
private void cacheData() {
try {
if (isFormPost()) {
this.cachedForm = super.getParameterMap();
} else {
ServletInputStream inputStream = super.getInputStream();
IOUtils.copy(inputStream, this.cachedContent);
}
} catch (IOException e) {
LOGGER.warn("[RepeatReadHttpRequest:cacheData], error: {}", e.getMessage());
}
}
private boolean isFormPost() {
String contentType = getContentType();
return (contentType != null &&
(contentType.contains(MediaType.APPLICATION_FORM_URLENCODED_VALUE) ||
contentType.contains(MediaType.MULTIPART_FORM_DATA_VALUE)) &&
HttpMethod.POST.matches(getMethod()));
}
private static class RepeatReadInputStream extends ServletInputStream {
private final ByteArrayInputStream inputStream;
public RepeatReadInputStream(byte[] bytes) {
this.inputStream = new ByteArrayInputStream(bytes);
}
@Override
public int read() throws IOException {
return this.inputStream.read();
}
@Override
public int readLine(byte[] b, int off, int len) throws IOException {
return this.inputStream.read(b, off, len);
}
@Override
public boolean isFinished() {
return this.inputStream.available() == 0;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener listener) {
}
}
}
使用的时候配合Filter对原有的request进行替换:
/**
* @author Lambert
* 拦截器httprequest替换 可重复获取inputstream
*/
@Configuration
public class FilterConfig {
@Bean
public FilterRegistrationBean requestReplaceFilterRegistration() {
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
registrationBean.setFilter(new RequestReplaceFilter());
registrationBean.addUrlPatterns("/*");
registrationBean.setName("RequestReplaceFilter");
registrationBean.setOrder(1);
return registrationBean;
}
public static class RequestReplaceFilter implements Filter {
@Override
public void init(javax.servlet.FilterConfig filterConfig) throws ServletException {
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
filterChain.doFilter(new RepeatReadHttpRequest((HttpServletRequest) servletRequest), servletResponse);
}
}
}
后续的request就可以使用封装器多次读取body信息。
