在做RestTemplate调用,springboot2.0 swagger2接口时候,参数通过HandlerInterceptorAdapter 拦截后,在controller里面获取不到 解决办法,如下
swagger示例如图
将请求参数封装成一个实体对象,用@RequestBody接收,就可以接收到了,之前是将多个参数 query的方式传递,接收不到值
controller代码如图
WebMvcconfiger中
拦截器如下:
package smartt.styy.auth.interceptor;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import io.jsonwebtoken.ExpiredJwtException;
import lombok.extern.slf4j.Slf4j;
import smartt.styy.auth.biz.TypeRelationBiz;
import smartt.styy.auth.biz.UserBiz;
import smartt.styy.auth.config.UserConfiguration;
import smartt.styy.auth.constants.ServerConstants;
import smartt.styy.auth.model.entity.TbAuUser;
import smartt.styy.auth.model.entity.TbTypeRelation;
import smartt.styy.auth.model.jwt.IJWTInfo;
import smartt.styy.auth.model.jwt.JWTInfo;
import smartt.styy.auth.model.utils.JwtTokenUtil;
import smartt.styy.auth.util.DESEncrypt;
import smartt.styy.auth.util.HttpHelper;
import smartt.styy.auth.util.JsonUtil;
import smartt.styy.common.constant.CommonConstants;
import smartt.styy.common.constant.RestCodeConstants;
import smartt.styy.common.context.BaseContextHandler;
import smartt.styy.common.exception.auth.UserTokenException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author shangtengfei
*/
@Slf4j
public class UserAuthRestInterceptor extends HandlerInterceptorAdapter {
private Logger logger = LoggerFactory.getLogger(UserAuthRestInterceptor.class);
@Autowired
private JwtTokenUtil jwtTokenUtil;
@Autowired
private UserConfiguration userConfiguration;
@Autowired
private UserBiz userBiz;
@Autowired
private TypeRelationBiz typeRelationBiz;
@Value("${3des.key}")
private String desKey;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
log.info("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>> preHandle方法start ...");
String token = request.getHeader(userConfiguration.getUserTokenHeader());
IJWTInfo infoFromToken =null;
try {
infoFromToken = jwtTokenUtil.getInfoFromToken(token);
} catch (ExpiredJwtException e) {
throw new UserTokenException("请求token错误,请检查稍后重试!",RestCodeConstants.TOKEN_ERROR_CODE);
}
//判断tokenType是否为access_token
if(!infoFromToken.getTokenType().equals(JWTInfo.token_type.accessToken.value)){
log.error("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求token非access_token,请稍后重试!",RestCodeConstants.TOKEN_TIMEOUT_CODE);
throw new UserTokenException("请求token非access_token,请稍后重试!",RestCodeConstants.TOKEN_ERROR_CODE);
}
long effectiveTime = infoFromToken.getEffectiveTime();
String userType = infoFromToken.getUserTypes();
//token过期
if(effectiveTime <1){
log.error("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求token过期,请稍后重试!",RestCodeConstants.TOKEN_TIMEOUT_CODE);
throw new UserTokenException("请求token过期,请稍后重试!",RestCodeConstants.TOKEN_TIMEOUT_CODE);
}
String body = HttpHelper.getBodyString(request);
String paramUserId = request.getParameter("userId");
String userId =new String();
Map<String, Object> bodyMap =new HashMap<String,Object>();
if(!StringUtils.isEmpty(body)){
bodyMap = JsonUtil.asMapWithStringKey(body, Object.class);
log.info("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求body数据:"+bodyMap);
}
if(bodyMap.get("userId") != null ){
String bodyUserId = bodyMap.get("userId").toString();
try {
userId = DESEncrypt.decryptMode(desKey,bodyUserId);
} catch (Exception e) {
log.error("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求body数据,uuserId传入解密错误,请核实!!!");
throw new UserTokenException("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求body数据,userId传入解密错误,错误信息message:"+
e.getMessage(),RestCodeConstants.THROW_ERROR_CODE);
}
if(!userId.equals(infoFromToken.getId())){
logger.error("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息!");
throw new UserTokenException("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息,用户信息不匹配!",RestCodeConstants.TOKEN_ERROR_CODE);
}
}else if(paramUserId != null){
log.info("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求parameter-userId参数数据:"+paramUserId);
try {
userId = DESEncrypt.decryptMode(desKey,paramUserId);
} catch (Exception e) {
log.error("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>请求parameter-解密userId异常,错误message:"+e.getMessage());
throw new UserTokenException("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数信息userId解密错误,错误信息message:"+
e.getMessage(),RestCodeConstants.TOKEN_ERROR_CODE);
}
if(!userId.equals(infoFromToken.getId())){
logger.error("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息!");
throw new UserTokenException("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息,userId与token不匹配!",RestCodeConstants.TOKEN_ERROR_CODE);
}
}else{
logger.error("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息,未检查到userId!");
throw new UserTokenException("[认证服务器][auth-server]用户请求认证服务异常,请检查请求参数和header-token信息,未检查到userId!",RestCodeConstants.TOKEN_ERROR_CODE);
}
/**
* 判断用户和用户类型是否禁用
* 1:先做数据查询操作
* 后期数据量大了,需要做缓冲查询
* */
TbAuUser auUser = userBiz.selectById(Integer.parseInt(userId));
if(auUser.getStatus() == ServerConstants.USER_STATUS_0){
log.warn("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>用户"+auUser.getUsername()+"用户状态不可用!");
throw new UserTokenException(ServerConstants.ERROR_MSG_70010 ,ServerConstants.ERROR_70010);
}
Map<String,Object> reqMap = new HashMap<String,Object>();
reqMap.put("userId", userId);
reqMap.put("userTypeId", userType);
TbTypeRelation typeRel =typeRelationBiz.selectByUserIdAndUserType(reqMap);
if(typeRel.getEnable() !=1){
log.warn("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>用户"+auUser.getUsername()+"用户状态不可用!");
throw new UserTokenException(ServerConstants.ERROR_MSG_70020 ,ServerConstants.ERROR_70020);
}
BaseContextHandler.setUsername(infoFromToken.getUniqueName());
BaseContextHandler.setName(infoFromToken.getNickName());
BaseContextHandler.setUserTypes(infoFromToken.getUserTypes());
BaseContextHandler.setUserID(infoFromToken.getId());
log.info("[认证服务器][auth-server]<<<<<<UserAuthRestInterceptor拦截器>>>>>>验证通过。。。。successful!!!");
return super.preHandle(request, response, handler);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
BaseContextHandler.remove();
super.afterCompletion(request, response, handler, ex);
}
}