背景
开发中经常需要对接口请求参数进行必填校验或格式校验,使用@Validated注解校验参数可以给出友好且明确的错误提示,避免代码中使用大量判空逻辑和在校验不通过时仅返回统一的“必填参数缺失”,无法明确知道是哪个参数因为什么原因导致校验不通过
反例:
PayLinkData payLinkData = payLinkRequest.getPayLinkData();
if (StringUtils.isBlank(payLinkData.getChannelCode())
|| StringUtils.isBlank(payLinkData.getComboCode())
|| StringUtils.isBlank(payLinkData.getProposalNo())
|| StringUtils.isBlank(payLinkData.getPaywayId())
|| StringUtils.isBlank(payLinkData.getReqIp())
|| StringUtils.isBlank(payLinkData.getBizType())
|| StringUtils.isBlank(payLinkData.getIsCashier())
|| StringUtils.isBlank(payLinkData.getChannelTkLayer())
|| StringUtils.isBlank(payLinkData.getPaySuccessIssue())
|| StringUtils.isBlank(payLinkData.getPlatformId())) {
return Result.error(timestamp, EnumResultCode.ERROR_ADV_REQUEST_FORMAT);
}
方法一:在Controller中校验
指定校验字段
在实体类中需要校验的字段上加对应校验注解,需要校验嵌套对象requestData时加@Valid注解
import lombok.Data;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import java.io.Serializable;
@Data
public class RequestModel<T> implements Serializable {
@NotEmpty(message = "请求id不能为空")
private String requestId;
@NotEmpty(message = "请求时间不能为空")
private String requestTime;
@Valid
@NotNull(message = "请求内容不能为空")
private T requestData;
}
通过分组来区分指定校验规则
定义接口,无需实现。这里创建3个分组,分别用来区分新增、更新、删除时需要校验哪些参数
public interface CreateGroup{
}
public interface UpdateGroup{
}
public interface DeleteGroup{
}
在需要校验的字段上加校验注解,groups表示指定校验规则,不指定groups时代表所有情况都需要校验
如:id在删除和更新时需要校验不可为空,sdkVersion在新增和更新时不能为空且要符合正则校验,projectIds任何情况都不能为空
import com.tk.common.group.CreateGroup;
import com.tk.common.group.DeleteGroup;
import com.tk.common.group.UpdateGroup;
import lombok.Data;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Pattern;
@Data
public class SdkDTO {
/**
* id
*/
@NotNull(message = "id不能为空",groups = {DeleteGroup.class, UpdateGroup.class})
private Long id;
/**
* sdk版本号
*/
@NotEmpty(message = "sdk版本号不能为空",groups = {CreateGroup.class,UpdateGroup.class})
@Pattern(message = "版本号格式不符合标准(x.y.z)",regexp = "^\\d+(\\.\\d+){2}",groups = {CreateGroup.class,UpdateGroup.class})
private String sdkVersion;
/**
* sdk名称
*/
@NotEmpty(message = "sdk名称不能为空",groups = {CreateGroup.class,UpdateGroup.class})
private String sdkName;
/**
* sdk路径
*/
@NotEmpty(message = "sdk路径不能为空",groups = {CreateGroup.class,UpdateGroup.class})
private String sdkPath;
/**
* 项目ID列表
*/
@NotNull(message = "项目ID列表不能为空")
private List<Long> projectIds;
}
接口参数加@Validated 或 @Validated(Xxx.class)
@Validated会校验实体类中不加groups的字段
@Validated(CreateGroup.class)会校验实体类中标注CreateGroup.class的字段和实体类中不加groups的字段
@RestController
@RequestMapping("/api/sdk")
@Slf4j
public class SdkController {
@Resource
private UploadService uploadService;
@Resource
private SdkService sdkService;
/**
* 创建sdk
* @param requestModel
* @return void
*/
@PostMapping("/create")
public Result create(@RequestBody @Validated(CreateGroup.class) RequestModel<SdkDTO> requestModel){
return sdkService.create(requestModel);
}
/**
* 删除sdk
* @param requestModel
* @return void
*/
@PostMapping("/delete")
public Result delete(@RequestBody @Validated(DeleteGroup.class) RequestModel<SdkDTO> requestModel){
return sdkService.delete(requestModel);
}
/**
* 更新sdk
* @param requestModel
* @return void
*/
@PostMapping("/update")
public Result update(@RequestBody @Validated(UpdateGroup.class) RequestModel<SdkDTO> requestModel){
return sdkService.update(requestModel);
}
/**
* 查询sdk列表
* @param requestModel 请求报文
* @return void
*/
@PostMapping("/list")
public Result getList(@RequestBody @Validated RequestModel<SdkDTO> requestModel){
return sdkService.getList(requestModel);
}
}
全局统一异常处理
将校验异常转为项目公共响应报文格式
默认是有一个校验失败就返回,想一次返回所有错误信息要修改配置 failFast=false
@Configuration
public class ValidatorConfig {
@Bean
public Validator validator(){
ValidatorFactory validatorFactory= Validation.byProvider(HibernateValidator.class)
.configure()
.failFast(false)
.buildValidatorFactory();
return validatorFactory.getValidator();
}
}
@ExceptionHandler(MethodArgumentNotValidException.class)
public Object constraintViolationExceptionHandler(MethodArgumentNotValidException ex) {
StringBuilder sb = new StringBuilder();
List<ObjectError> allErrors = ex.getBindingResult().getAllErrors();
for (ObjectError allError : allErrors) {
sb.append(allError.getDefaultMessage()).append(";");
}
return Result.error(sb.toString());
}
验证效果
方法二:在Service方法中校验
1、接口参数加@Valid:
Result<BasePolicyInfo> queryAndCheckPolicyInfo(@Valid PayLinkRequest payLinkRequest);
2、实现类上加@Validated
3、实现类方法:
@Override
@Validated(AgainContractGroup.class)
public Result<BasePolicyInfo> queryAndCheckPolicyInfo(@Valid PayLinkRequest payLinkRequest) {}
4、在Service中通过@Validated校验不通过时会抛ValidationException异常
@ExceptionHandler(ValidationException.class)
public Object badArgumentHandler(ValidationException e) {
log.error("异常信息:", e);
if (e instanceof ConstraintViolationException) {
ConstraintViolationException exs = (ConstraintViolationException) e;
Set<ConstraintViolation<?>> violations = exs.getConstraintViolations();
StringBuilder sb = new StringBuilder();
for (ConstraintViolation<?> item : violations) {
String message = ((PathImpl) item.getPropertyPath()).getLeafNode().getName() + item.getMessage();
sb.append(message).append(";");
}
return Result.error(EnumResultCode.ERROR_REQUEST_PARAM.getCode(), sb.toString());
}
return Result.error(EnumResultCode.ERROR_REQUEST_PARAM);
}
方法三:封装工具类方式校验
import javax.validation.ConstraintViolation;
import javax.validation.Validation;
import javax.validation.Validator;
import javax.validation.ValidatorFactory;
import java.util.Set;
public class ValidationUtil {
private static final Validator validator;
static {
ValidatorFactory validatorFactory = Validation.buildDefaultValidatorFactory();
validator = validatorFactory.getValidator();
}
/**
* 校验实体类参数并返回错误信息
*
* @param obj 实体对象
* @param <T> 对象类型
* @return 错误信息
*/
public static <T> String validate(T obj) {
Set<ConstraintViolation<T>> violations = validator.validate(obj);
if (!violations.isEmpty()) {
StringBuilder sb = new StringBuilder();
for (ConstraintViolation<T> e : violations) {
sb.append(e.getMessageTemplate()).append(";");
}
return sb.toString();
}
return null;
}
}