完美解決spring cloud gateway 獲取body內容並修改

完美解決spring cloud gateway 獲取body內容並修改
 

之前寫過一篇文章，如何獲取body的內容。
Spring Cloud Gateway獲取body內容，不影響GET請求
確實能夠獲取所有body的內容了，不過今天終端同學調試接口的時候和我說，遇到了400的問題，報錯是這樣的HTTP method names must be tokens，搜了一下，都是說https引起的。可我的項目還沒用https，排除了。
想到是不是因爲修改了body內容導致的問題，試着不修改body的內容，直接傳給微服務，果然沒有報錯了。
問題找到，那就好辦了，肯定是我新構建的REQUEST對象缺胳膊少腿了，搜索一通之後發現一篇大牛寫的文章：
Spring Cloud Gateway（讀取、修改 Request Body）
這裏要再次表揚一下古哥，同樣是中文文章，度娘卻搜不到
不過文章中的spring cloud版本是
Spring Cloud: Greenwich.RC2
我本地是最新的Release版本RS3，並不能完全照搬過來，不過算是給了很大的啓發（如何獲取body以及重構）
下面給出我的代碼
網關中對body內容進行解密然後驗籤

/**
 * @author tengdj
 * @date 2019/8/13 11:08
 * 設備接口驗籤，解密
 **/
@Slf4j
public class TerminalSignFilter implements GatewayFilter, Ordered {

    private static final String AES_SECURTY = "XXX";
    private static final String MD5_SALT = "XXX";

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        exchange.getAttributes().put("startTime", System.currentTimeMillis());
        if (exchange.getRequest().getMethod().equals(HttpMethod.POST)) {
            //重新構造request，參考ModifyRequestBodyGatewayFilterFactory
            ServerRequest serverRequest = ServerRequest.create(exchange, HandlerStrategies.withDefaults().messageReaders());
            MediaType mediaType = exchange.getRequest().getHeaders().getContentType();
            //重點
            Mono<String> modifiedBody = serverRequest.bodyToMono(String.class).flatMap(body -> {
                //因爲約定了終端傳參的格式，所以只考慮json的情況，如果是表單傳參，請自行發揮
                if (MediaType.APPLICATION_JSON.isCompatibleWith(mediaType) || MediaType.APPLICATION_JSON_UTF8.isCompatibleWith(mediaType)) {
                    JSONObject jsonObject = JSONUtil.toJO(body);
                    String paramStr = jsonObject.getString("param");
                    String newBody;
                    try{
                        newBody = verifySignature(paramStr);
                    }catch (Exception e){
                        return processError(e.getMessage());
                    }
                    return Mono.just(newBody);
                }
                return Mono.empty();
            });
            BodyInserter bodyInserter = BodyInserters.fromPublisher(modifiedBody, String.class);
            HttpHeaders headers = new HttpHeaders();
            headers.putAll(exchange.getRequest().getHeaders());
            //猜測這個就是之前報400錯誤的元兇，之前修改了body但是沒有重新寫content length
            headers.remove("Content-Length");
            //MyCachedBodyOutputMessage 這個類完全就是CachedBodyOutputMessage，只不過CachedBodyOutputMessage不是公共的
            MyCachedBodyOutputMessage outputMessage = new MyCachedBodyOutputMessage(exchange, headers);
            return bodyInserter.insert(outputMessage, new BodyInserterContext()).then(Mono.defer(() -> {
                ServerHttpRequest decorator = this.decorate(exchange, headers, outputMessage);
                return returnMono(chain, exchange.mutate().request(decorator).build());
            }));
        } else {
            //GET 驗籤
            MultiValueMap<String, String> map = exchange.getRequest().getQueryParams();
            if (!CollectionUtils.isEmpty(map)) {
                String paramStr = map.getFirst("param");
                try{
                    verifySignature(paramStr);
                }catch (Exception e){
                    return processError(e.getMessage());
                }
            }
            return returnMono(chain, exchange);
        }
    }

    @Override
    public int getOrder() {
        return 1;
    }


    private Mono<Void> returnMono(GatewayFilterChain chain,ServerWebExchange exchange){
        return chain.filter(exchange).then(Mono.fromRunnable(()->{
            Long startTime = exchange.getAttribute("startTime");
            if (startTime != null){
                long executeTime = (System.currentTimeMillis() - startTime);
                log.info("耗時：{}ms" , executeTime);
                log.info("狀態碼：{}" , Objects.requireNonNull(exchange.getResponse().getStatusCode()).value());
            }
        }));
    }

    private String verifySignature(String paramStr) throws Exception{
        log.info("密文{}", paramStr);
        String dParamStr;
        try{
            dParamStr = AESUtil.decrypt(paramStr, AES_SECURTY);
        }catch (Exception e){
            throw new Exception("解密失敗！");
        }
        log.info("解密得到字符串{}", dParamStr);
        String signature = SignUtil.sign(dParamStr, MD5_SALT);
        log.info("重新加密得到簽名{}", signature);
        JSONObject jsonObject1 = JSONUtil.toJO(dParamStr);
        if (!jsonObject1.getString("signature").equals(signature)) {
            throw new Exception("簽名不匹配！");
        }
        return jsonObject1.toJSONString();
    }


    private Mono processError(String message) {
            /*exchange.getResponse().setStatusCode(HttpStatus.UNAUTHORIZED);
            return exchange.getResponse().setComplete();*/
        log.error(message);
        return Mono.error(new Exception(message));
    }

    ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers, MyCachedBodyOutputMessage outputMessage) {
        return new ServerHttpRequestDecorator(exchange.getRequest()) {
            public HttpHeaders getHeaders() {
                long contentLength = headers.getContentLength();
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.putAll(super.getHeaders());
                if (contentLength > 0L) {
                    httpHeaders.setContentLength(contentLength);
                } else {
                    httpHeaders.set("Transfer-Encoding", "chunked");
                }
                return httpHeaders;
            }
            public Flux<DataBuffer> getBody() {
                return outputMessage.getBody();
            }
        };
    }

}

代碼到這裏就結束了，希望看到的朋友可以少走點彎路，少踩點坑。