完美解決spring cloud gateway 獲取body內容並修改
之前寫過一篇文章,如何獲取body的內容。
Spring Cloud Gateway獲取body內容,不影響GET請求
確實能夠獲取所有body的內容了,不過今天終端同學調試接口的時候和我說,遇到了400的問題,報錯是這樣的HTTP method names must be tokens,搜了一下,都是說https引起的。可我的項目還沒用https,排除了。
想到是不是因爲修改了body內容導致的問題,試着不修改body的內容,直接傳給微服務,果然沒有報錯了。
問題找到,那就好辦了,肯定是我新構建的REQUEST對象缺胳膊少腿了,搜索一通之後發現一篇大牛寫的文章:
Spring Cloud Gateway(讀取、修改 Request Body)
這裏要再次表揚一下古哥,同樣是中文文章,度娘卻搜不到
不過文章中的spring cloud版本是
Spring Cloud: Greenwich.RC2
我本地是最新的Release版本RS3,並不能完全照搬過來,不過算是給了很大的啓發(如何獲取body以及重構)
下面給出我的代碼
網關中對body內容進行解密然後驗籤
/**
* @author tengdj
* @date 2019/8/13 11:08
* 設備接口驗籤,解密
**/
@Slf4j
public class TerminalSignFilter implements GatewayFilter, Ordered {
private static final String AES_SECURTY = "XXX";
private static final String MD5_SALT = "XXX";
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
exchange.getAttributes().put("startTime", System.currentTimeMillis());
if (exchange.getRequest().getMethod().equals(HttpMethod.POST)) {
//重新構造request,參考ModifyRequestBodyGatewayFilterFactory
ServerRequest serverRequest = ServerRequest.create(exchange, HandlerStrategies.withDefaults().messageReaders());
MediaType mediaType = exchange.getRequest().getHeaders().getContentType();
//重點
Mono<String> modifiedBody = serverRequest.bodyToMono(String.class).flatMap(body -> {
//因爲約定了終端傳參的格式,所以只考慮json的情況,如果是表單傳參,請自行發揮
if (MediaType.APPLICATION_JSON.isCompatibleWith(mediaType) || MediaType.APPLICATION_JSON_UTF8.isCompatibleWith(mediaType)) {
JSONObject jsonObject = JSONUtil.toJO(body);
String paramStr = jsonObject.getString("param");
String newBody;
try{
newBody = verifySignature(paramStr);
}catch (Exception e){
return processError(e.getMessage());
}
return Mono.just(newBody);
}
return Mono.empty();
});
BodyInserter bodyInserter = BodyInserters.fromPublisher(modifiedBody, String.class);
HttpHeaders headers = new HttpHeaders();
headers.putAll(exchange.getRequest().getHeaders());
//猜測這個就是之前報400錯誤的元兇,之前修改了body但是沒有重新寫content length
headers.remove("Content-Length");
//MyCachedBodyOutputMessage 這個類完全就是CachedBodyOutputMessage,只不過CachedBodyOutputMessage不是公共的
MyCachedBodyOutputMessage outputMessage = new MyCachedBodyOutputMessage(exchange, headers);
return bodyInserter.insert(outputMessage, new BodyInserterContext()).then(Mono.defer(() -> {
ServerHttpRequest decorator = this.decorate(exchange, headers, outputMessage);
return returnMono(chain, exchange.mutate().request(decorator).build());
}));
} else {
//GET 驗籤
MultiValueMap<String, String> map = exchange.getRequest().getQueryParams();
if (!CollectionUtils.isEmpty(map)) {
String paramStr = map.getFirst("param");
try{
verifySignature(paramStr);
}catch (Exception e){
return processError(e.getMessage());
}
}
return returnMono(chain, exchange);
}
}
@Override
public int getOrder() {
return 1;
}
private Mono<Void> returnMono(GatewayFilterChain chain,ServerWebExchange exchange){
return chain.filter(exchange).then(Mono.fromRunnable(()->{
Long startTime = exchange.getAttribute("startTime");
if (startTime != null){
long executeTime = (System.currentTimeMillis() - startTime);
log.info("耗時:{}ms" , executeTime);
log.info("狀態碼:{}" , Objects.requireNonNull(exchange.getResponse().getStatusCode()).value());
}
}));
}
private String verifySignature(String paramStr) throws Exception{
log.info("密文{}", paramStr);
String dParamStr;
try{
dParamStr = AESUtil.decrypt(paramStr, AES_SECURTY);
}catch (Exception e){
throw new Exception("解密失敗!");
}
log.info("解密得到字符串{}", dParamStr);
String signature = SignUtil.sign(dParamStr, MD5_SALT);
log.info("重新加密得到簽名{}", signature);
JSONObject jsonObject1 = JSONUtil.toJO(dParamStr);
if (!jsonObject1.getString("signature").equals(signature)) {
throw new Exception("簽名不匹配!");
}
return jsonObject1.toJSONString();
}
private Mono processError(String message) {
/*exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();*/
log.error(message);
return Mono.error(new Exception(message));
}
ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers, MyCachedBodyOutputMessage outputMessage) {
return new ServerHttpRequestDecorator(exchange.getRequest()) {
public HttpHeaders getHeaders() {
long contentLength = headers.getContentLength();
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.putAll(super.getHeaders());
if (contentLength > 0L) {
httpHeaders.setContentLength(contentLength);
} else {
httpHeaders.set("Transfer-Encoding", "chunked");
}
return httpHeaders;
}
public Flux<DataBuffer> getBody() {
return outputMessage.getBody();
}
};
}
}
代碼到這裏就結束了,希望看到的朋友可以少走點彎路,少踩點坑。