import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import cn.jr.dubbo.consumer.utils.JsonUtil;
import com.alibaba.fastjson.JSONObject;
public class MAPIHttpServletRequestWrapper extends HttpServletRequestWrapper{
private final byte[] body; // 报文
public MAPIHttpServletRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
InputStream is = request.getInputStream();
ByteArrayOutputStream baos = new ByteArrayOutputStream();
byte buff[] = new byte[ 1024 ];
int read;
while( ( read = is.read( buff ) ) > 0 ) {
baos.write( buff, 0, read );
}
body = baos.toByteArray();
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return bais.read();
}
};
}
//获取request请求body中参数
public static Map<String,Object> getBodyMap(InputStream in) {
String param= null;
BufferedReader streamReader=null;
try {
streamReader = new BufferedReader( new InputStreamReader(in, "UTF-8"));
StringBuilder responseStrBuilder = new StringBuilder();
String inputStr;
while ((inputStr = streamReader.readLine()) != null)
responseStrBuilder.append(inputStr);
if(!JsonUtil.getInstance().validate(responseStrBuilder.toString())){
return new HashMap<String, Object>();
}
JSONObject jsonObject = JSONObject.parseObject(responseStrBuilder.toString());
if(jsonObject==null){
return new HashMap<String, Object>();
}
param= jsonObject.toJSONString();
} catch (Exception e) {
e.printStackTrace();
}finally{
if(streamReader!=null){
try {
streamReader.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
return JSONObject.parseObject(param,Map.class);
}
}
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import cn.jr.dubbo.consumer.utils.JavaWebToken;
import com.alibaba.fastjson.JSONObject;
public class AuthFilter implements Filter {
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req=(HttpServletRequest)request;
HttpServletResponse res=(HttpServletResponse)response;
ServletRequest requestWrapper = null;
requestWrapper = new MAPIHttpServletRequestWrapper(req);
Map<String,Object> resultMap = MAPIHttpServletRequestWrapper.getBodyMap(requestWrapper.getInputStream());
if(resultMap!=null&&!resultMap.isEmpty()&&resultMap.get("token")!=null){
String token=(String)resultMap.get("token");
if(JavaWebToken.parserJavaWebToken(token) != null){
chain.doFilter(requestWrapper, response);
}else{
responseData(response, res);
}
}else{
responseData(response, res);
}
}
private void responseData(ServletResponse response, HttpServletResponse res)
throws IOException {
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
try {
JSONObject obj = new JSONObject();
obj.put("success", "false");
obj.put("msg", "请求不合法");
out = res.getWriter();
out.append(obj.toString());
} catch (Exception e) {
e.printStackTrace();
res.sendError(500);
} finally {
if (out != null) {
out.close();
}
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
// TODO Auto-generated method stub
}
}
import java.text.CharacterIterator;
import java.text.StringCharacterIterator;
import org.apache.commons.lang3.StringUtils;
/**
* 用于校验字符串是否是合法的JSON格式
*/
public class JsonUtil {
private CharacterIterator it;
private char c;
private int col;
private static JsonUtil instance;
/**
* 获取类的实例
*
* @return 类的实例
*/
public static JsonUtil getInstance() {
if (instance == null) {
instance = new JsonUtil();
}
return instance;
}
/**
* 验证一个字符串是否是合法的JSON串
*
* @param input 要验证的字符串
* @return true-合法 ,false-非法
*/
public boolean validate(String input) {
if(StringUtils.isBlank(input)){
return false;
}
input = input.trim();
boolean ret = valid(input);
return ret;
}
private boolean valid(String input) {
if ("".equals(input)) {
return false;
}
boolean ret = true;
it = new StringCharacterIterator(input);
c = it.first();
col = 1;
if (!value()) {
ret = error("value", 1);
} else {
skipWhiteSpace();
if (c != CharacterIterator.DONE) {
ret = error("end", col);
}
}
return ret;
}
private boolean value() {
return literal("true") || literal("false") || literal("null") || string() || number() || object() || array();
}
private boolean literal(String text) {
CharacterIterator ci = new StringCharacterIterator(text);
char t = ci.first();
if (c != t) return false;
int start = col;
boolean ret = true;
for (t = ci.next(); t != CharacterIterator.DONE; t = ci.next()) {
if (t != nextCharacter()) {
ret = false;
break;
}
}
nextCharacter();
if (!ret) error("literal " + text, start);
return ret;
}
private boolean array() {
return aggregate('[', ']', false);
}
private boolean object() {
return aggregate('{', '}', true);
}
private boolean aggregate(char entryCharacter, char exitCharacter, boolean prefix) {
if (c != entryCharacter) return false;
nextCharacter();
skipWhiteSpace();
if (c == exitCharacter) {
nextCharacter();
return true;
}
for (; ; ) {
if (prefix) {
int start = col;
if (!string()) return error("string", start);
skipWhiteSpace();
if (c != ':') return error("colon", col);
nextCharacter();
skipWhiteSpace();
}
if (value()) {
skipWhiteSpace();
if (c == ',') {
nextCharacter();
} else if (c == exitCharacter) {
break;
} else {
return error("comma or " + exitCharacter, col);
}
} else {
return error("value", col);
}
skipWhiteSpace();
}
nextCharacter();
return true;
}
private boolean number() {
if (!Character.isDigit(c) && c != '-') return false;
int start = col;
if (c == '-') nextCharacter();
if (c == '0') {
nextCharacter();
} else if (Character.isDigit(c)) {
while (Character.isDigit(c))
nextCharacter();
} else {
return error("number", start);
}
if (c == '.') {
nextCharacter();
if (Character.isDigit(c)) {
while (Character.isDigit(c))
nextCharacter();
} else {
return error("number", start);
}
}
if (c == 'e' || c == 'E') {
nextCharacter();
if (c == '+' || c == '-') {
nextCharacter();
}
if (Character.isDigit(c)) {
while (Character.isDigit(c))
nextCharacter();
} else {
return error("number", start);
}
}
return true;
}
private boolean string() {
if (c != '"') return false;
int start = col;
boolean escaped = false;
for (nextCharacter(); c != CharacterIterator.DONE; nextCharacter()) {
if (!escaped && c == '\\') {
escaped = true;
} else if (escaped) {
if (!escape()) {
return false;
}
escaped = false;
} else if (c == '"') {
nextCharacter();
return true;
}
}
return error("quoted string", start);
}
private boolean escape() {
int start = col - 1;
if (" \\\"/bfnrtu".indexOf(c) < 0) {
return error("escape sequence \\\",\\\\,\\/,\\b,\\f,\\n,\\r,\\t or \\uxxxx ", start);
}
if (c == 'u') {
if (!ishex(nextCharacter()) || !ishex(nextCharacter()) || !ishex(nextCharacter())
|| !ishex(nextCharacter())) {
return error("unicode escape sequence \\uxxxx ", start);
}
}
return true;
}
private boolean ishex(char d) {
return "0123456789abcdefABCDEF".indexOf(c) >= 0;
}
private char nextCharacter() {
c = it.next();
++col;
return c;
}
private void skipWhiteSpace() {
while (Character.isWhitespace(c)) {
nextCharacter();
}
}
private boolean error(String type, int col) {
return false;
}
}