就是在访问接口前增加一个统一处理器,可以用来过滤拦截非法调用,也可以统一处理请求头中一些数据例如解密、验证签名等操作,以下是代码:
import com.google.gson.Gson; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.OutputStreamWriter; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.util.Enumeration; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @Component public class ApiFilter implements Filter { private Logger LOG = Logger.getLogger(ApiFilter.class.getName()); @Autowired private ApiService ApiService; @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // chain.doFilter(request,response); // ResponseEntity<Map<String,Object>> resr = null; HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponse httpResponse = (HttpServletResponse) response; String uri = httpRequest.getRequestURI(); MyHttpServletRequestWrapper requestWrapper = new MyHttpServletRequestWrapper((HttpServletRequest) request); httpResponse.setCharacterEncoding("UTF-8"); httpResponse.setContentType("application/json; charset=utf-8"); String method = httpRequest.getMethod(); LOG.log(Level.INFO,"================request mathod is "+ method); LOG.log(Level.INFO,"================request mathod is "+ uri); if(method.equals("OPTIONS")){ chain.doFilter(request,response); }else { if(uri.contains("/clpcApi") ){ String responseMsg = ""; String responseCod = "3001"; int statusCode = 403; boolean flag = false; Enumeration<String> headersNames = httpRequest.getHeaderNames(); while(headersNames.hasMoreElements()){ String element = headersNames.nextElement(); LOG.log(Level.INFO,"================request header "+element+" is "+ httpRequest.getHeader(element)); } // LOG.log(Level.INFO,"================request header headersNames is "+ gson.toJson(headersNames)); ResponseEntity responseEntity = new ResponseEntity(); String VendorsID = httpRequest.getHeader("VendorsID"); String EncryptType = httpRequest.getHeader("EncryptType"); String Sign = httpRequest.getHeader("Sign"); String Timestamp = httpRequest.getHeader("Timestamp"); LOG.log(Level.INFO,"================request header VendorsID is "+ VendorsID); LOG.log(Level.INFO,"================request header EncryptType is "+ EncryptType); LOG.log(Level.INFO,"================request header Sign is "+ Sign); LOG.log(Level.INFO,"================request header Timestamp is "+ Timestamp); if(Tools.checkValue(Sign)){ String userStr = ApiService.checkSign(Sign);//验证签名 if(userStr==null){ responseMsg = "无调用权限!"; }else{ if (Tools.checkNullValue(VendorsID)){ // responseMsg = "Request header No VendorsID!"; statusCode = 401; responseMsg = "验签失败!"; }else if(Tools.checkNullValue(EncryptType)){ // responseMsg = "Request header No EncryptType!"; statusCode = 401; responseMsg = "验签失败!"; }else if(Tools.checkNullValue(Timestamp)){ // responseMsg = "Request header No Timestamp!"; responseMsg = "验签失败!"; statusCode = 401; }else{ flag = true; } } } else { responseMsg = "验签失败!"; statusCode = 401; } responseEntity.setRsCode(responseCod); responseEntity.setRsDesc(responseMsg); PrintWriter writer = null; OutputStreamWriter osw = null; if(flag){ chain.doFilter(requestWrapper, response); }else{ try { ((HttpServletResponse) response).setStatus(statusCode); //response.set osw = new OutputStreamWriter(response.getOutputStream(),"UTF-8"); writer = new PrintWriter(osw, true); String jsonStr = new Gson().toJson(responseEntity); writer.write(jsonStr); writer.flush(); writer.close(); osw.close(); } catch (UnsupportedEncodingException e) { LOG.log(Level.INFO,"过滤器返回信息失败:" + e.getMessage(), e); } catch (IOException e) { LOG.log(Level.INFO,"过滤器返回信息失败:" + e.getMessage(), e); } finally { if (null != writer) { writer.close(); } if (null != osw) { osw.close(); } } } }else if(uri.contains("/swagger-ui")){ chain.doFilter(requestWrapper, response); }else { chain.doFilter(requestWrapper, response); } } } @Override public void init(FilterConfig filterConfig) throws ServletException { System.out.println("AllianzAPIFilter init============================================"); } @Override public void destroy() { System.out.println("AllianzAPIFilter destroy============================================"); } public static void main(String[] args) { } }
其中返回报文格式可以自定义也可以用系统格式返回都可以。
标红的是我自己自定义的返回格式,如果想了解可以看下另一篇随笔:https://www.cnblogs.com/yangchengdebokeyuan/p/13684583.html