gateway获取请求体和响应体

益梅珍

已于 2023-05-30 20:37:03 修改

阅读量1.4k

点赞数

文章标签： gateway java spring

于 2023-05-23 17:05:52 首次发布

本文链接：https://blog.csdn.net/weixin_45168162/article/details/130831010

版权

gateway获取请求体和响应体

GateWay 获取响应结果，处理大数据分段传输问题

GlobalCacheRequestFilter

package com.yymt.project.filter;

import cn.hutool.core.convert.Convert;
import cn.hutool.core.lang.Snowflake;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import com.yymt.project.config.SwaggerProvider;
import com.yymt.project.feign.AuthFeignClient;
import io.netty.util.CharsetUtil;
import lombok.extern.slf4j.Slf4j;
import org.reactivestreams.Publisher;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.http.server.reactive.ServerHttpResponseDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

import javax.annotation.Resource;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.stream.Collectors;

/**
 * @calssName AppCacheRequestBodyFilter
 * @Description 将 request 参数 中的内容 copy 一份，记录到 exchange 的一个自定义属性中
 */
@Slf4j
@Component
public class GlobalCacheRequestFilter implements GlobalFilter, Ordered {

    public final static String CACHED_REQUEST_PARAM_KEY = "CACHED_REQUEST_PARAM_KEY";
    public final static String SYS_LOG_ID = "sysLogId";
    public final static Snowflake snowflake = IdUtil.getSnowflake(1, 1);
    private int order;
    @Resource
    AuthFeignClient authFeignClient;

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        // String path = exchange.getRequest().getPath().toString();
        ServerHttpRequest request = exchange.getRequest();
        // String method = request.getMethodValue();
        HttpHeaders headers = request.getHeaders();
        String sysLogId = String.valueOf(snowflake.nextId());

        // 将 request body 中的内容 copy 一份，记录到 exchange 的一个自定义属性中
        Object cachedRequestBodyObject = exchange.getAttributeOrDefault(CACHED_REQUEST_PARAM_KEY,
                null);
        // 如果已经缓存过，或者白名单略过
        if (cachedRequestBodyObject != null) {
            return chain.filter(exchange);
        }

        // 如果没有缓存过，获取字节数组存入 exchange 的自定义属性中
        String contentType = exchange.getRequest().getHeaders().getFirst("Content-Type");
        if (StrUtil.isNotBlank(contentType) && contentType.contains(MediaType.APPLICATION_JSON_VALUE)) {
            return DataBufferUtils.join(exchange.getRequest().getBody()).map(dataBuffer -> {
                        byte[] bytes = new byte[dataBuffer.readableByteCount()];
                        dataBuffer.read(bytes);
                        DataBufferUtils.release(dataBuffer);
                        return bytes;
                    }).defaultIfEmpty(new byte[0])
                    .doOnNext(bytes -> {
                        String param = new String(bytes, StandardCharsets.UTF_8);
                        logtrace(exchange, param);
                        exchange.getAttributes().put(CACHED_REQUEST_PARAM_KEY, param);
                        exchange.getAttributes().put(SYS_LOG_ID, sysLogId);
                        // }).then(chain.filter(exchange));
                    }).then(chain.filter(exchange.mutate().response(recordResponseLog(exchange)).build()));
        }

        Map m = request.getQueryParams();
        String param = Convert.toStr(m);
        logtrace(exchange, param);
        exchange.getAttributes().put(CACHED_REQUEST_PARAM_KEY, param);
        exchange.getAttributes().put(SYS_LOG_ID, sysLogId);

        return chain.filter(exchange.mutate().response(recordResponseLog(exchange)).build());
        // return chain.filter(exchange.mutate().request(recordRequestLog(exchange)).response(recordResponseLog(exchange)).build());
        // return chain.filter(exchange);
    }

    @Override
    public int getOrder() {
        return this.order;
    }

    public GlobalCacheRequestFilter() {
        this.order = -30;
    }

    public GlobalCacheRequestFilter(int order) {
        this.order = order;
    }

    /**
     * 日志信息
     *
     * @param exchange
     * @param param    请求参数
     */
    private void logtrace(ServerWebExchange exchange, String param) {
        ServerHttpRequest serverHttpRequest = exchange.getRequest();
        String path = serverHttpRequest.getURI().getPath();
        String method = serverHttpRequest.getMethodValue();
        String headers = serverHttpRequest.getHeaders().entrySet()
                .stream()
                .map(entry -> "            " + entry.getKey() + ": [" + String.join(";", entry.getValue()) + "]")
                .collect(Collectors.joining("\n"));
        log.debug("\n" + "------------------------------------------------>>\n" +
                        "HttpMethod : {}\n" +
                        "Uri        : {}\n" +
                        "Param      : {}\n" +
                        "Headers    : \n" +
                        "{}\n" +
                        "\"<<------------------------------------------------"
                , method, path, param, headers);
    }

    /**
     * 记录响应日志
     */
    private ServerHttpResponseDecorator recordResponseLog(ServerWebExchange exchange) {
        ServerHttpResponse response = exchange.getResponse();
        HttpHeaders headers = exchange.getRequest().getHeaders();
        MediaType mediaType = headers.getContentType();
        String url = exchange.getRequest().getURI().getPath();
        DataBufferFactory bufferFactory = response.bufferFactory();

        ServerHttpResponseDecorator decoratorResponse = new ServerHttpResponseDecorator(response) {
            @Override
            public Mono<Void> writeWith(Publisher<? extends DataBuffer> body) {
                if (body instanceof Flux) {
                    // 没有token的不会记录日志，所以不记录响应
                    if (StrUtil.isBlank(headers.getFirst("Authorization"))) {
                        return super.writeWith(body);
                    }
                    // 过滤上传附件请求
                    if ((mediaType != null && mediaType.equals(MediaType.MULTIPART_FORM_DATA))
                            || (mediaType != null && mediaType.equals(MediaType.APPLICATION_FORM_URLENCODED))) {
                        return super.writeWith(body);
                    }
                    if (url.contains(SwaggerProvider.API_URI)) {
                        return super.writeWith(body);
                    }

                    Flux<? extends DataBuffer> fluxBody = Flux.from(body);
                    return super.writeWith(fluxBody.buffer().map(dataBuffers -> {// 解决返回体分段传输获取完整响应数据问题
                        StringBuilder bodyString = new StringBuilder();
                        dataBuffers.forEach(dataBuffer -> {
                            byte[] content = new byte[dataBuffer.readableByteCount()];
                            dataBuffer.read(content);
                            DataBufferUtils.release(dataBuffer);
                            bodyString.append(new String(content, CharsetUtil.UTF_8));
                        });

                        // 拿到返回数据，可以进行做一些修改
                        String result = bodyString.toString();
                        byte[] uppedContent = new String(result.getBytes(), CharsetUtil.UTF_8).getBytes();
                        // 保存响应日志
                        sysLogResAdd(exchange, result);
                        response.getHeaders().setContentLength(uppedContent.length);
                        return bufferFactory.wrap(uppedContent);
                    }));
                }
                return super.writeWith(body);
            }
        };

        return decoratorResponse;
    }

    /**
     * 保存响应日志
     *
     * @param exchange
     * @param result
     */
    private void sysLogResAdd(ServerWebExchange exchange, String result) {
        // 根据结果处理自己的逻辑
        String sysLogId = exchange.getAttributeOrDefault(GlobalCacheRequestFilter.SYS_LOG_ID, "");
        log.info("===============sysLogId：{}，responseResult：{}", sysLogId, result);
        Map<String, Object> sysLogResMap = new HashMap<>();
        sysLogResMap.put("id", sysLogId);
        sysLogResMap.put("result", result);
        authFeignClient.sysLogResAdd(sysLogResMap);
    }

}

AuthorityFilter

package com.yymt.project.filter;

import cn.hutool.core.convert.Convert;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.yymt.project.dto.HasPermissionReqDTO;
import com.yymt.project.entity.User;
import com.yymt.project.entity.common.CodeEnum;
import com.yymt.project.entity.common.Result;
import com.yymt.project.feign.AuthFeignClient;
import com.yymt.project.filter.util.ModifiedRequestDecorator;
import com.yymt.project.filter.util.RecorderServerHttpRequestDecorator;
import com.yymt.project.filter.util.RewriteConfig;
import com.yymt.project.filter.util.SensitiveWordUtils;
import com.yymt.project.util.IpUtil;
import com.yymt.project.util.JwtUtil;
import com.yymt.project.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

import javax.annotation.Resource;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.atomic.AtomicReference;

/**
 * 自定义网关权限全局过滤器
 *
 * @author: hubin
 * @date: 2020/12/17 16:21
 */
@Slf4j
@Component
public class AuthorityFilter implements GlobalFilter, Ordered {

    /**
     * 注入权限远程用
     */
    @Resource
    AuthFeignClient authFeignClient;

    /**
     * 注入权限远程用
     */
    @Resource
    SensitiveWordUtils sensitiveWordUtils;

    /**
     * 访问白名单
     */
    @Value("${access.whitelist}")
    private String whitelist;

    /**
     * 敏感词过滤url
     */
    @Value("${access.sensitiveWordFilterUrl:}")
    private String sensitiveWordFilterUrl;

    private static final String OPTIONS = "OPTIONS";

    /**
     * 注入redis工具类
     */
    @Resource
    RedisUtils redisUtils;

    /**
     * ip名单列表
     */
    public static String REDIS_IP_LIST_KEY = "ip_list_key:";
    /**
     * ip名单类型
     */
    public static String REDIS_IP_LIST_TYPE_KEY = "ip_list_type_key:";

    /**
     * 重写过滤器
     *
     * @param exchange
     * @param chain
     * @return
     */
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        // 放行不需要鉴权请求
        String path = exchange.getRequest().getPath().toString();

        ServerHttpRequest request = exchange.getRequest();
        ServerHttpResponse response = exchange.getResponse();
        HttpHeaders headers = exchange.getRequest().getHeaders();

        // 获取token
        String token = headers.getFirst("Authorization");
        String requestHeaderVersion = headers.getFirst("version");
        String contentType = headers.getFirst("Content-Type");

        Integer version = null;
        // 请求体对象
        JSONObject bodyObject = null;
        if ((request.getMethod() == HttpMethod.POST || request.getMethod() == HttpMethod.PUT) && "application/json".equals(contentType)) {
            AtomicReference<String> requestBody = new AtomicReference<>("");
            RecorderServerHttpRequestDecorator requestDecorator = new RecorderServerHttpRequestDecorator(request);
            Flux<DataBuffer> body = requestDecorator.getBody();
            body.subscribe(buffer -> {
                CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer());
                requestBody.set(charBuffer.toString());
            });
            //获取body参数
            String bodyString = requestBody.get();
            if (StringUtils.isNotBlank(bodyString) && bodyString.startsWith("{")) {
                bodyObject = JSONObject.parseObject(bodyString);
            }
        }

        if (StringUtils.isNotBlank(requestHeaderVersion)) {
            // 如果请求头设置了版本号，优先设置请求头版本号
            version = Integer.valueOf(requestHeaderVersion);
        } else if (bodyObject != null) {
            // 请求头未设置版本号，从请求体获取版本号参数
            if (bodyObject.getInteger("version") != null) {
                version = bodyObject.getInteger("version");
            }
        }
        if (StringUtils.isNotBlank(token)) {
            // 请求头和请求体都没有版本号参数,从token获取版本号
            version = JwtUtil.getVersion(token);
        }
        if (version == null) {
            // 无版本参数数据，设置为默认1
            version = 1;
        }

        // 获取ip
        String ip = IpUtil.getIpAddress(exchange.getRequest());
        // 如果是web端使用，则需要处理ip禁用逻辑
        boolean needCheckIp = false;
        //  loginMode 登录方式：1表示Web端登录，2表示移动端登录，3表示3D客户端登录，4客户端登录
        if (StringUtils.isNotBlank(token)) {
            if (JwtUtil.getUserId(token).longValue() != 1 && JwtUtil.getLoginMode(token) == 1) {
                // 非admin账号又是web端接口需要校验ip
                needCheckIp = true;
            }
        } else if (bodyObject != null) {
            // 判断body数据是否携带loginMode参数
            if (bodyObject.getInteger("loginMode") != null) {
                if (bodyObject.getInteger("loginMode") == 1) {
                    needCheckIp = true;
                }
            }
        }
        if (needCheckIp) {
            // 判断黑白名单
            String ipListType = redisUtils.get(REDIS_IP_LIST_TYPE_KEY + version);
            String ipList = redisUtils.get(REDIS_IP_LIST_KEY + version);
            if (StringUtils.isNotBlank(ipListType) && StringUtils.isNotBlank(ipList)) {
                String[] ipRuleArr = ipList.split(",");
                if ("1".equals(ipListType)) {
                    // 判断黑名单
                    for (String ipRule : ipRuleArr) {
                        if (IpUtil.checkIpByRule(ip, ipRule)) {
                            // 属于黑名单ip
                            response.setStatusCode(HttpStatus.LOCKED);
                            Result result = new Result().setCode(HttpStatus.LOCKED.value()).setMsg("ip已被禁用");
                            DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                            return response.writeWith(Mono.just(buffer));
                        }
                    }
                }
                if ("0".equals(ipListType)) {
                    // 是否属于白名单
                    boolean isAllow = false;
                    for (String ipRule : ipRuleArr) {
                        if (IpUtil.checkIpByRule(ip, ipRule)) {
                            // 属于白名单ip
                            isAllow = true;
                            break;
                        }
                    }
                    if (!isAllow) {
                        // 不属于白名单
                        response.setStatusCode(HttpStatus.LOCKED);
                        Result result = new Result().setCode(HttpStatus.LOCKED.value()).setMsg("ip已被禁用");
                        DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                        return response.writeWith(Mono.just(buffer));
                    }
                }
            }
        }

        // 获取参数
        String params = "none";
        String sysLogId = "";
        try {
            // 从 exchange 的自定义属性中取出缓存到的 body
            params = exchange.getAttributeOrDefault(GlobalCacheRequestFilter.CACHED_REQUEST_PARAM_KEY, "none");
            sysLogId = exchange.getAttributeOrDefault(GlobalCacheRequestFilter.SYS_LOG_ID, "");
            if (params != null) {
                // 取完数据清空缓存
                exchange.getAttributes().remove(params);
            }
        } catch (Exception e) {
            log.error("get params error!");
        }
        // log.info("====>request path:{} ,\n params:{}", path, params);

        String[] whites = whitelist.split(",");
        boolean flag = false;
        for (String white : whites) {
            if (path.indexOf(white) != -1) {
                flag = true;
                break;
            }
        }
        List<String> filterUrlList = Arrays.asList(sensitiveWordFilterUrl.split(","));
        if (flag) {
            // 判断是否敏感词过滤url
            if (filterUrlList.contains(path)) {
                if (request.getMethod() == HttpMethod.POST || request.getMethod() == HttpMethod.PUT) {
                    return new ModifiedRequestDecorator(exchange, new RewriteConfig()
                            .setRewriteFunction(String.class, String.class, (ex, requestData)
                                    -> Mono.just(sensitiveWordUtils.replaceWord(requestData))
                            )).filter(exchange, chain);
                } else {
                    return chain.filter(exchange);
                }
            } else {
                return chain.filter(exchange);
            }
        }

        // 响应类型
        // response.getHeaders().add("Content-Type", "application/json; charset=utf-8");
        if (StringUtils.isNotBlank(token)) {
            // 远程调用鉴权服务
            Result successResult = null;
            try {
                HasPermissionReqDTO reqDTO = new HasPermissionReqDTO().setToken(token).setUrl(path)
                        .setServiceName(path.split("/")[1]).setIp(ip).setParams(params)
                        .setSysLogId(Convert.toLong(sysLogId));
                successResult = authFeignClient.hasPermission(reqDTO);
            } catch (Exception e) {
                log.error("鉴权服务异常!", e);
                // 其他异常
                response.setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR);
                // 响应内容
                Result result = new Result().setCode(HttpStatus.INTERNAL_SERVER_ERROR.value()).setMsg("鉴权服务异常");
                DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                return response.writeWith(Mono.just(buffer));
            }
            // 鉴权不通过
            if (ObjectUtils.isEmpty(successResult) || CodeEnum.TOKEN_EXPIRE.getCode().equals(successResult.getCode())) {
                // 响应状态码，HTTP 401 错误代表用户没有访问权限
                response.setStatusCode(HttpStatus.UNAUTHORIZED);
                // 响应内容
                Result result = new Result().setCode(HttpStatus.UNAUTHORIZED.value()).setMsg("登录已过期，请重新登录");
                DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                return response.writeWith(Mono.just(buffer));
            } else if (CodeEnum.SUCCESS.getCode().equals(successResult.getCode())) {
                User data = JSON.parseObject(JSON.toJSONString(successResult.getData()), User.class);
                // 向headers中放文件，记得build
                ServerHttpRequest host = exchange.getRequest().mutate().header("x-user-id", data.getUserId().toString())
                        .header("x-user-mobile", data.getMobile()).header("Authorization", token)
                        .header("admin", data.getAdmin().toString())
                        .header("user-type", data.getUserType() == null ? "" : data.getUserType().toString())
                        .header("system-version", String.valueOf(version))
                        .header("communityId", data.getCommunityId() == null ? "" : data.getCommunityId().toString())
                        // .header("secondCall","true")
                        .header("communityIds", StringUtils.join(data.getCommunityIds().toArray(), ",")).build();
                // 将现在的request 变成 change对象
                ServerWebExchange build = exchange.mutate().request(host).build();
                // 判断是否敏感词过滤url
//                AuthFeignClient feignClient = SpringUtil.getBean(AuthFeignClient.class);

                if (filterUrlList.contains(path)) {
                    if (request.getMethod() == HttpMethod.POST || request.getMethod() == HttpMethod.PUT) {

                        return new ModifiedRequestDecorator(build, new RewriteConfig()
                                .setRewriteFunction(String.class, String.class, (ex, requestData)
                                        -> Mono.just(requestData == null ? "" : sensitiveWordUtils.replaceWord(requestData))
                                )).filter(build, chain);
                    } else {
                        return chain.filter(build);
                    }
                } else {
                    return chain.filter(build);
                }
            } else if (CodeEnum.FORBIDDEN.getCode().equals(successResult.getCode())) {
                // 响应状态码，HTTP 401 错误代表用户没有访问权限
                response.setStatusCode(HttpStatus.FORBIDDEN);
                // 响应内容
                Result result = new Result().setCode(HttpStatus.FORBIDDEN.value()).setMsg("无权限,请联系管理员!");
                DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                return response.writeWith(Mono.just(buffer));
            } else if (CodeEnum.REMOTE_LOGIN.getCode().equals(successResult.getCode())) {
                // 响应状态码，HTTP 401 错误代表用户异地登录
                response.setStatusCode(HttpStatus.UNAUTHORIZED);
                // 响应内容
                Result result = new Result().setCode(HttpStatus.UNAUTHORIZED.value())
                        .setMsg(CodeEnum.REMOTE_LOGIN.getMsg());
                DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                return response.writeWith(Mono.just(buffer));
            } else {
                // 其他异常
                response.setStatusCode(HttpStatus.INTERNAL_SERVER_ERROR);
                // 响应内容
                Result result = new Result().setCode(HttpStatus.INTERNAL_SERVER_ERROR.value())
                        .setMsg(CodeEnum.COMMON_ERROR.getMsg());
                DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
                return response.writeWith(Mono.just(buffer));
            }
        }
        // 响应状态码，HTTP 401 错误代表用户没有访问权限
        response.setStatusCode(HttpStatus.UNAUTHORIZED);
        // 响应内容
        Result result = new Result().setCode(HttpStatus.UNAUTHORIZED.value())
                .setMsg("登录已过期，请重新登录");
        DataBuffer buffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
        return response.writeWith(Mono.just(buffer));
    }

    /**
     * 过滤器执行顺序，数值越小，优先级越高
     *
     * @return
     */
    @Override
    public int getOrder() {
        return 0;
    }
}