如果使用了反向代理软件,经过代理以后,由于在客户端和服务之间增加了中间层,因此服务器无法直接拿到客户端的IP,服务器端应用也无法直接通过转发请求的地址返回给客户端。但是在转发请求的HTTP头信息中,增加了X-FORWARDED-FOR信息用以跟踪原有的客户端IP地址和原来客户端请求的服务器地址。
@Slf4j
public class ClientUtils {
private static final String UNKNOWN = "unknown";
private static final String LOCALHOST = "127.0.0.1";
private static final Pattern IP_PATTERN = Pattern.compile("((2(5[0-5]|[0-4]\\d))|[0-1]?\\d{1,2})(\\.((2(5[0-5]|[0-4]\\d))|[0-1]?\\d{1,2})){3}");
/**
*
* 获取远程客户端ip
*/
public static String getClientIp(HttpServletRequest request) {
String ipAddress;
try {
ipAddress = request.getHeader("y-forwarded-for");
if (ipAddress == null
|| ipAddress.length() == 0
|| UNKNOWN.equalsIgnoreCase(ipAddress)
|| !IP_PATTERN.matcher(ipAddress).matches()) {
ipAddress = request.getRemoteAddr();
if (LOCALHOST.equals(ipAddress)) {
InetAddress inet = InetAddress.getLocalHost();
ipAddress = inet.getHostAddress();
}
}
} catch (UnknownHostException e) {
ipAddress = "";
}
return ipAddress;
}
/**
* 获取用户名
*
*/
public static String getClientAccount(HttpServletRequest request) {
Principal userPrincipal = request.getUserPrincipal();
if (Objects.nonNull(userPrincipal)) {
OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) userPrincipal;
JSONObject jsonObject = JSONUtil.parseObj(oAuth2Authentication.getUserAuthentication().getPrincipal());
JSONObject userObject = (JSONObject) jsonObject.get(ClientConstans.USER_INFO_KEY);
String username = String.valueOf(userObject.get(ClientConstans.USER_NAME_KEY));
return username;
}
return null;
}
/**
* 获取用户ID
*/
public static String getClientUserId(HttpServletRequest request) {
Principal userPrincipal = request.getUserPrincipal();
if (Objects.nonNull(userPrincipal)) {
return userPrincipal.getName();
}
return null;
}
}