一、基本说明
1.请求方式:POST请求。注解@PostMapping
2.入参格式:json串
3.出参格式:json串(整体加密)
4.使用Base64进行加密解密。具体的加密方式,可以根据需求自己进行修改。
二、过滤器
说明:接收数据时:所有的数据是加密的,请求进来后,先在过滤器中进行拦截解密,之后进行后续操作。
响应数据时:所有的数据向客户端或者web响应时,先在过滤器中进行拦截加密,之后再响应。
加密解密的操作在过滤器中执行。
注意:ServletRequest request, ServletResponse response 不能直接修改参数,所以采用包装类进行设置。
具体代码:import java.io.BufferedReader;
import java.io.IOException; import java.io.PrintWriter; import java.util.Base64; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.stereotype.Component; import com.lmbx.conf.WrapperedRequest; import com.lmbx.conf.WrapperedResponse; import lombok.extern.slf4j.Slf4j; @Component @WebFilter(urlPatterns = { "/*" }, filterName = "DataFilter") @Slf4j public class DataFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String requestBody = getRequestBody((HttpServletRequest) request); //解密请求报文 String requestBodyMw = new String(Base64.getDecoder().decode(requestBody), "utf-8"); log.info("解密请求数据:"+requestBodyMw); WrapperedRequest wrapRequest = new WrapperedRequest( (HttpServletRequest) request, requestBodyMw); WrapperedResponse wrapResponse = new WrapperedResponse((HttpServletResponse) response); chain.doFilter(wrapRequest, wrapResponse); byte[] data = wrapResponse.getResponseData(); log.info("原始返回数据: " + new String(data, "utf-8")); // 加密返回报文 String responseBodyMw = Base64.getEncoder().encodeToString(data); log.info("加密返回数据: " + responseBodyMw); writeResponse(response, responseBodyMw); } @Override public void destroy() { // TODO Auto-generated method stub } private String getRequestBody(HttpServletRequest req) { try { BufferedReader reader = req.getReader(); StringBuffer sb = new StringBuffer(); String line = null; while ((line = reader.readLine()) != null) { sb.append(line); } String json = sb.toString(); return json; } catch (IOException e) { log.info("请求体读取失败"+e.getMessage()); } return ""; } private void writeResponse(ServletResponse response, String responseString) throws IOException { PrintWriter out = response.getWriter(); out.print(responseString); out.flush(); out.close(); } }
三、WrapperedRequest包装类
import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.io.StringReader; import javax.servlet.ReadListener; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; public class WrapperedRequest extends HttpServletRequestWrapper { private String requestBody = null; HttpServletRequest req = null; public WrapperedRequest(HttpServletRequest request) { super(request); this.req = request; } public WrapperedRequest(HttpServletRequest request, String requestBody) { super(request); this.requestBody = requestBody; this.req = request; } /** * (non-Javadoc) * * @see javax.servlet.ServletRequestWrapper#getReader() */ @Override public BufferedReader getReader() throws IOException { return new BufferedReader(new StringReader(requestBody)); } /** * (non-Javadoc) * * @see javax.servlet.ServletRequestWrapper#getInputStream() */ @Override public ServletInputStream getInputStream() throws IOException { return new ServletInputStream() { private InputStream in = new ByteArrayInputStream( requestBody.getBytes(req.getCharacterEncoding())); @Override public int read() throws IOException { return in.read(); } @Override public boolean isFinished() { // TODO Auto-generated method stub return false; } @Override public boolean isReady() { // TODO Auto-generated method stub return false; } @Override public void setReadListener(ReadListener readListener) { // TODO Auto-generated method stub } }; } }
四、WrapperedResponse包装类
import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import javax.servlet.ServletOutputStream; import javax.servlet.WriteListener; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; public class WrapperedResponse extends HttpServletResponseWrapper { private ByteArrayOutputStream buffer = null; private ServletOutputStream out = null; private PrintWriter writer = null; public WrapperedResponse(HttpServletResponse resp) throws IOException { super(resp); // 真正存储数据的流 buffer = new ByteArrayOutputStream(); out = new WapperedOutputStream(buffer); writer = new PrintWriter(new OutputStreamWriter(buffer, this.getCharacterEncoding())); } /** 重载父类获取outputstream的方法 */ @Override public ServletOutputStream getOutputStream() throws IOException { return out; } /** 重载父类获取writer的方法 */ @Override public PrintWriter getWriter() throws UnsupportedEncodingException { return writer; } /** 重载父类获取flushBuffer的方法 */ @Override public void flushBuffer() throws IOException { if (out != null) { out.flush(); } if (writer != null) { writer.flush(); } } @Override public void reset() { buffer.reset(); } /** 将out、writer中的数据强制输出到WapperedResponse的buffer里面,否则取不到数据 */ public byte[] getResponseData() throws IOException { flushBuffer(); return buffer.toByteArray(); } /** 内部类,对ServletOutputStream进行包装 */ private class WapperedOutputStream extends ServletOutputStream { private ByteArrayOutputStream bos = null; public WapperedOutputStream(ByteArrayOutputStream stream) throws IOException { bos = stream; } @Override public void write(int b) throws IOException { bos.write(b); } @Override public void write(byte[] b) throws IOException { bos.write(b, 0, b.length); } @Override public boolean isReady() { // TODO Auto-generated method stub return false; } @Override public void setWriteListener(WriteListener writeListener) { // TODO Auto-generated method stub } } }
五、Controller
import java.io.BufferedReader; import java.io.InputStreamReader; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; @RestController @RequestMapping("/v1/api/") @Slf4j public class UserInfoController { //测试 @PostMapping(value = "test",produces = "application/json;charset=UTF-8") public String test(HttpServletRequest request,HttpServletResponse response) { JSONObject jsonObject = new JSONObject(); JSONObject clientJson = getClientJson(request, response); log.info("【客户端收集到的数据为】clientJson={}",clientJson); return clientJson.toString(); } public JSONObject getClientJson(HttpServletRequest request,HttpServletResponse response) { JSONObject json = null; try { //提取json //response.setContentType("application/json; charset=utf-8"); response.setContentType("text/json"); response.setContentType("application/json"); response.setCharacterEncoding("utf-8"); BufferedReader br = null; if (request.getContentType().contains("text") || request.getContentType().contains("json")) { br = new BufferedReader(new InputStreamReader((ServletInputStream) request.getInputStream(), "UTF-8")); StringBuilder sb = new StringBuilder(); String temp; while ((temp = br.readLine()) != null) { sb.append(temp); } json = JSONObject.parseObject(sb.toString()); } } catch (Exception e) { e.printStackTrace(); log.error("客户端请求数据异常->" + e.getMessage()); } log.info(json.toString()); return json; } }
六、测试
说明:可以直接使用postman进行测试。
这里使用httpclient进行测试。
import java.io.BufferedReader; import java.io.IOException; import java.io.InputStreamReader; import java.nio.charset.Charset; import java.util.Base64; import org.apache.http.HttpEntity; import org.apache.http.HttpResponse; import org.apache.http.HttpStatus; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.StringEntity; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.util.EntityUtils; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit4.SpringRunner; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.lmbx.util.DES; import com.lmbx.util.DESCoderUtil; import lombok.extern.slf4j.Slf4j; @RunWith(SpringRunner.class) @SpringBootTest @Slf4j public class test2 { @Test public void test() throws Exception { String url="http://localhost:8080/v1/api/test"; String json="{"placeId":"2","mediaCode":"ottauto","cId":"1"}"; String responseBodyMw =new String(Base64.getDecoder().decode(json), "utf-8"); String doPost = doPost(url,responseBodyMw,null); System.out.println(doPost); } public synchronized static JSONObject doGet(String url) { JSONObject jsonObject=null; try { HttpClient client = new DefaultHttpClient(); HttpGet request = new HttpGet(url); System.out.println(request); HttpResponse response = client.execute(request); if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK) { String strResult = EntityUtils.toString(response.getEntity()); System.out.println("请求结果为——》"+strResult); jsonObject=JSON.parseObject(strResult); return jsonObject; } } catch (IOException e) { e.printStackTrace(); } return jsonObject; } public static String doPost(String url,String json,String token){ DefaultHttpClient client = new DefaultHttpClient(); HttpPost post = new HttpPost(url); String response = null; try { StringEntity s = new StringEntity(json,Charset.forName("UTF-8")); s.setContentEncoding("UTF-8"); s.setContentType("application/json");//发送json数据需要设置contentType post.setEntity(s); post.setHeader("token", token); post.setHeader("Content-Type", "application/json; charset=UTF-8"); HttpResponse res = client.execute(post); if(res.getStatusLine().getStatusCode() == HttpStatus.SC_OK){ HttpEntity httpEntity = res.getEntity(); BufferedReader reader = null; reader = new BufferedReader(new InputStreamReader(httpEntity.getContent(), "UTF-8"), 10 * 1024); StringBuilder strBuilder = new StringBuilder(); String line = null; while ((line = reader.readLine()) != null) { strBuilder.append(line); } response = strBuilder.toString(); } } catch (Exception e) { throw new RuntimeException(e); } return response; } }