有时需要对请求或返回的数据进行加密,那么SpringBoot就提供了支持,可对请求体进行处理,也可对响应体进行处理。
1.对请求体处理
对响应体进行处理,需要实现RequestBodyAdvice接口,重写方法。
package com.zys.example.config; import lombok.extern.slf4j.Slf4j; import org.springframework.core.MethodParameter; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpInputMessage; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.lang.reflect.Type; import java.nio.charset.StandardCharsets; @Component @ControllerAdvice @Slf4j public class DecodeRequestBodyAdvice implements RequestBodyAdvice { @Override public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) { return true; } @Override public HttpInputMessage beforeBodyRead(HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) { //获取请求头信息 String header = httpInputMessage.getHeaders().getFirst("header"); log.info("获取的请求头header:{}", header); String body = null; try { // 从流中提取数据 InputStream is = httpInputMessage.getBody(); byte[] data = new byte[is.available()]; is.read(data); body = new String(data, StandardCharsets.UTF_8); log.info("请求的数据,{}", body); //对数据进行处理 } catch (IOException e) { e.printStackTrace(); } return new DecodedHttpInputMessage(httpInputMessage.getHeaders(), new ByteArrayInputStream(body.getBytes(StandardCharsets.UTF_8))); } @Override public Object afterBodyRead(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) { return body; } @Override public Object handleEmptyBody(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) { return body; } static class DecodedHttpInputMessage implements HttpInputMessage { HttpHeaders headers; InputStream body; public DecodedHttpInputMessage(HttpHeaders headers, InputStream body) { this.headers = headers; this.body = body; } @Override public InputStream getBody() { return body; } @Override public HttpHeaders getHeaders() { return headers; } } }
需要注意是,其仅针对@RequestBody注解生效,也就是说要必须是POST请求,使用@RequestBody注解接收,才能执行上述的操作。否则不生效,如下:
@RestController public class TestController { @PostMapping("/test") public JSONObject get(@RequestBody JSONObject json) { return json; } }
2.对响应体处理
对响应体进行处理,需要新建类,实现ResponseBodyAdvice接口,重写方法。
package com.zys.example.config; import lombok.extern.slf4j.Slf4j; import org.springframework.core.MethodParameter; import org.springframework.http.MediaType; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.server.ServerHttpRequest; import org.springframework.http.server.ServerHttpResponse; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice; @Component @ControllerAdvice @Slf4j public class EncodeResponseBodyAdvice implements ResponseBodyAdvice<Object> { @Override public boolean supports(MethodParameter methodParameter, Class<? extends HttpMessageConverter<?>> aClass) { //若返回false则下面的配置不生效 return true; } @Override public Object beforeBodyWrite(Object body, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> aClass, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) { //获取请求头信息,需要时获取 String header = serverHttpRequest.getHeaders().getFirst("header"); log.info("获取的请求头header:{}",header); //body即是返回的数据,可对其进行处理后返回,如加密 return body; } }