@Slf4j
@Component
@WebFilter(filterName = "parameterFilter", urlPatterns = "/api/**")
public class ParameterFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
String uri = request.getRequestURI();
//判断是否文件上传
if (uri.contains("api/system/addFeedback")) {
chain.doFilter(request, response);
return;
}
String secretKeyPassword = "gingerso";
String filePath = getEnvironment().getProperty("configbean.filePath");
String fileUrl = getEnvironment().getProperty("configbean.fileUrl");
if (getEnvironment().getProperty("configbean.secretKeyPassword") != null) {
secretKeyPassword = getEnvironment().getProperty("configbean.secretKeyPassword");
}
Lock lock=new ReentrantLock();
lock.lock();
try {
//原始参数
Map<String, String[]> sourceMap = request.getParameterMap();
//解密后的参数
Map<String, Object> params = CommonsUtil.getParamsMap(request, secretKeyPassword);
StringBuffer sb = new StringBuffer();
sb.append("\nsecretKeyPassword=" + secretKeyPassword);
sb.append("\nfilePath=" + filePath);
sb.append("\nfileUrl=" + fileUrl);
sb.append("\n参数过滤器:URI=" + uri);
sb.append("\n参数拦截器:加密参数=" + JSONObject.fromObject(sourceMap));
sb.append("\n参数过滤器:解密参数=" + params);
sb.append("\n参数过滤器:开始重新设置参数...");
log.info(sb.toString());
ParameterRequestWrapper wrapper = new ParameterRequestWrapper(request, params);
chain.doFilter(wrapper, response);
}finally {
lock.unlock();
}
}}
//--------------------------------------------------------------------------------------------------------------------------------------------
class ParameterRequestWrapper extends HttpServletRequestWrapper {
Map<String, String[]> params = new HashMap<>();
public ParameterRequestWrapper(HttpServletRequest request, Map<String, Object> map) {
super(request);
for (Map.Entry<String, Object> entry : map.entrySet()) {
String key = entry.getKey();
Object obj = entry.getValue();
if (obj == "\"\"") {
obj = null;
}
if ("".equals(obj)) {
obj = null;
}
if (obj != null) {
params.put(key, new String[]{obj.toString()});
}
}
}
@Override
public String getParameter(String name) {
Object v = params.get(name);
if (v == null) {
return null;
} else if (v instanceof String[]) {
String[] strArr = (String[]) v;
if (strArr.length > 0) {
return strArr[0];
} else {
return null;
}
} else {
return v.toString();
}
}
@Override
public Map<String, String[]> getParameterMap() {
return params;
}
@Override
public Enumeration<String> getParameterNames() {
Vector<String> vector = new Vector<String>(params.keySet());
return vector.elements();
}
@Override
public String[] getParameterValues(String name) {
return params.get(name);
}
}
版权声明:本文为tangshiweibbs原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。