SpringCloudgatewayrequest的body验证或修改⽅式SpringCloud gateway request的body验证或修改
后续版本新增了以下过滤器
org.springframework.cloud.gateway.filter.headers.RemoveHopByHopHeadersFilter
默认会把以下头部移除(暂不了解这做法的⽬的)
- connection
- keep-alive
- te
- transfer-encoding
- trailer
- proxy-authorization
- proxy-authenticate
-
x-application-context
- upgrade
从⽽导致下⾯我们重写getHeaders⽅法时添加的transfer-encoding头部移除,导致⽆法解析body。
解决办法:
在yml⽂件中配置⾃定义的头部移除列表
spring:
cloud:
filter:
remove-hop-by-hop:
headers:
- connection
-
keep-alive
- te
- trailer
- proxy-authorization
- proxy-authenticate
- x-application-context
- upgrade
------------原⽂------------
往往业务中我们需要在⽹关对请求参数作修改操作(注意以下只针对带有body的请求),springcloud gateway中有提供⼀个ModifyRequestBodyGatewayFilterFactory的filter,看了⼀下它的实现,需要指定输⼊类型和输出类型,⽐较局限。
我就参考它⾃⼰实现了⼀个
注意:上传⽂件也带有请求body,需特殊处理。
以下是主要代码
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.cloud.gateway.support.BodyInserterContext;
import io.buffer.DataBuffer;
import org.springframework.http.HttpHeaders;
import org.dec.HttpMessageReader;
import org.springframework.active.ServerHttpRequest;
import org.springframework.active.ServerHttpRequestDecorator;
import org.springframework.stereotype.Component;
import org.active.function.BodyInserter;
import org.active.function.BodyInserters;
import org.active.function.server.HandlerStrategies;
import org.active.function.server.ServerRequest;
import org.springframework.web.server.ServerWebExchange;
publisher.Flux;
publisher.Mono;
import java.util.List;
import urrent.atomic.AtomicReference;
import java.util.function.BiFunction;
/**
* @author chenws
* @date 2019/12/12 09:33:53
*/
@Component
public class CModifyRequestBodyGatewayFilterFactory extends AbstractGatewayFilterFactory {
private final List<HttpMessageReader<?>> messageReaders;
public CModifyRequestBodyGatewayFilterFactory() {
}
@Override
@SuppressWarnings("unchecked")
public GatewayFilter apply(Object config) {
return (exchange, chain) -> {
ServerRequest serverRequest = ate(exchange,
Mono<String> modifiedBody = serverRequest.bodyToMono(String.class)
.flatMap(originalBody -> modifyBody()
.apply(exchange,Mono.just(originalBody)));
BodyInserter bodyInserter = BodyInserters.fromPublisher(modifiedBody,
String.class);
HttpHeaders headers = new HttpHeaders();
headers.Request().getHeaders());
CachedBodyOutputMessage outputMessage = new CachedBodyOutputMessage(exchange,
headers);
return bodyInserter.insert(outputMessage, new BodyInserterContext())
.then(Mono.defer(() -> {
ServerHttpRequest decorator = decorate(exchange, headers,
outputMessage);
return chain.filter(exchange.mutate().request(decorator).build());
}));
};
}
/
**
* 修改body
* @return apply 返回Mono<String>,数据是修改后的body
*/
private BiFunction<ServerWebExchange,Mono<String>,Mono<String>> modifyBody(){
return (exchange,json)-> {
AtomicReference<String> result = new AtomicReference<>();
json.subscribe(
value -> {
//value 即为请求body,在此处修改
result.set(value);
System.out.());
},
Throwable::printStackTrace
);
return Mono.());
};
}
private ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers, CachedBodyOutputMessage outputMessage) {
return new Request()) {
@Override
public HttpHeaders getHeaders() {
long contentLength = ContentLength();
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.Headers());
springcloud和springbootif (contentLength > 0) {
httpHeaders.setContentLength(contentLength);
}
else {
httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
}
return httpHeaders;
}
@Override
public Flux<DataBuffer> getBody() {
Body();
}
};
}
}
SpringCloud Gateway获取post请求体(request body)不完整解决⽅案
Spring Cloud Gateway做为⽹关服务,通过gateway进⾏请求转发,在请求到达后端服务前我们可以通过filter进⾏⼀些预处理如:请求的合法性,商户验证等。
如我们在请求体中添加商户ID(merId)和商户KEY(merkey),通过此来验证请求的合法性。但是如果我们请求内容太长如转为base64的⽂件存储请求。此时我们在filter获取body内容就会被截取(太长的
Body 会被截断)。⽬前⽹上也没有好的解决⽅式。
springboot及Cloud版本如下;
版本
springboot 2.0.8.RELEASE
springcloud Finchley.SR2
这⾥提供⼀种解决⽅式,相关代码如下:
1.Requestfilter
我们采⽤Gateway⽹关的Gobalfilter,建⽴我们的第⼀个过滤器过滤所有请求。
1).通过Spring 5 的我们使⽤bodyToMono⽅法把响应内容转换成类 String的对象,最终得到的结果是 Mono对象
2).bodyToMono⽅法我们可以拿到完整的body内容,并返回String。
3).我们⽣成唯⼀的token(通过UUID),并将token放⼊请求的header中。
4).将获取到的完整body内容,存放到redis中。
@Component
public class RequestFilter implements GlobalFilter, Ordered {
@Autowired
private RedisClientTemplate redisClientTemplate;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
DefaultServerRequest req = new DefaultServerRequest( exchange );
String token = UUID.randomUUID().toString();
//向headers中放⼊token信息
ServerHttpRequest serverHttpRequest =Request().mutate().header("token", token)
.
build();
//将现在的request变成change对象
ServerWebExchange build = exchange.mutate().request( serverHttpRequest ).build();
return req.bodyToMono( String.class ).map( str -> {
redisClientTemplate.setObjex( "microservice:gateway:".concat( token ), 180, str );
return str;
} ).then( chain.filter( build ) );
}
@Override
public int getOrder() {
return 0;
}
}
2.MerchantAuthFilter
建⽴商户认证过滤器,相关代码如下:
1).获取存储在headers中的token。
2).通过token获取我们存储在redis中的body内容(WebFlux 中不能使⽤阻塞的操作,⽬前想到的是通过这种⽅式实现)。
3).获取到完整的body内容后我们就可以进⾏相应的商户认证操作。
4).认证通过,将信息重新写⼊,不通过则返回异常信息。
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
/** 验证商户是否有权限访问 */
ServerHttpRequest serverHttpRequest = Request();
String token = Headers().get( "token" ).get( 0 );
String bodyStr = (String) Obj("microservice:gateway:".concat(token));
BaseReqVo baseReqVo = JsonUtil.fromJson( bodyStr, BaseReqVo.class );
try {
// 商户认证
BaseRespVo<?> baseRespVo = merchantAuthService.checkMerchantAuth( baseReqVo );
if (MicroserviceConstantParamUtils.RESULT_CODE_SUCC.equals( Code() )) {
// 若验证成功,将信息重新写⼊避免request信息消费后后续⽆法从request获取信息的问题
URI uri = URI();
ServerHttpRequest request = serverHttpRequest.mutate().uri(uri).build();
DataBuffer bodyDataBuffer = stringBuffer(bodyStr);
Flux<DataBuffer> bodyFlux = Flux.just(bodyDataBuffer);
request = new ServerHttpRequestDecorator(request) {
@Override
public Flux<DataBuffer> getBody() {
return bodyFlux;
}
};
// 封装request,传给下⼀级
return chain.filter(exchange.mutate().request(request).build());
} else {
// 若验证不成功,返回提⽰信息
return gatewayResponse( Code(), Message(), exchange );
}
} catch (MicroserviceServiceException ex) {
// 若验证不成功,返回提⽰信息
return gatewayResponse( ex.getCode(), ex.getMessage(), exchange );
} catch (Exception ex) {
return gatewayResponse( MicroserviceException.ERR_100000, "系统异常", exchange );
} finally {
redisClientTemplate.del( "microservice:gateway:".concat( token ) );
}
}
/**数据流处理⽅法*/
private DataBuffer stringBuffer(String value) {
byte[] bytes = Bytes( StandardCharsets.UTF_8 );
NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory( ByteBufAllocator.DEFAULT );
DataBuffer buffer = nettyDataBufferFactory.allocateBuffer( bytes.length );
buffer.write( bytes );
return buffer;
}
/**⽹关请求响应*/
private Mono<Void> gatewayResponse(String code, String message, ServerWebExchange exchange) {
// 若验证不成功,返回提⽰信息
ServerHttpResponse response = Response();
BaseRespVo<T> baseRespVo = sponseMsg( code, message, null );
byte[] bits = Json( baseRespVo ).getBytes( StandardCharsets.UTF_8 );
DataBuffer buffer = response.bufferFactory().wrap( bits );
response.setStatusCode( HttpStatus.UNAUTHORIZED );
// 指定编码,否则在浏览器中会中⽂乱码
return response.writeWith( Mono.just( buffer ) );
}
@Override
public int getOrder() {
return 1;
}
另外我们还可以通过GlobalFilter实现请求过滤,OAUTH授权,相关代码如下:
请求⽅式验证过滤器(RequestAuthFilter):
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest serverHttpRequest = Request();
String method = MethodValue();
if (!"POST".equals(method)) {
ServerHttpResponse response = Response();
BaseRespVo<T> baseRespVo = sponseMsg(MicroserviceException.ERR_100008, "⾮法请求", null); byte[] bits = Json(baseRespVo).getBytes(StandardCharsets.UTF_8);
DataBuffer buffer = response.bufferFactory().wrap(bits);
response.setStatusCode(HttpStatus.UNAUTHORIZED);
//指定编码,否则在浏览器中会中⽂乱码
return response.writeWith(Mono.just(buffer));
}
return chain.filter(exchange);
}
OAUTH授权过滤器(OAuthSignatureFilter):
/**授权访问⽤户名*/
@Value("${spring.security.user.name}")
private String securityUserName;
/**授权访问密码*/
@Value("${spring.security.user.password}")
private String securityUserPassword;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
/**oauth授权*/
String auth = at(":").concat(securityUserPassword);
String encodedAuth = new sun.misc.BASE64Encoder().Bytes(Charset.forName("US-ASCII")));
String authHeader = "Basic " + encodedAuth;
//向headers中放授权信息
ServerHttpRequest serverHttpRequest = Request().mutate().header("Authorization", authHeader)
.build();
//将现在的request变成change对象
ServerWebExchange build = exchange.mutate().request(serverHttpRequest).build();
return chain.filter(build);
}
以上为个⼈经验,希望能给⼤家⼀个参考,也希望⼤家多多⽀持。
发表评论