@ControllerAdvice解密请求,加密响应
作者:互联网
package com.xf.config;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import java.util.List;
import javax.annotation.Priority;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;
import com.xf.common.NoSecret;
import com.xf.service.CacheService;
import com.xf.tools.AesUtils;
import com.xf.tools.HttpServletRequestUtil;
import com.xf.tools.JWTUtils;
import cn.hutool.core.io.IoUtil;
import lombok.val;
@ControllerAdvice("com.xf.controller")
@Priority(1)
public class MyRequestBodyAdvice implements RequestBodyAdvice {
@Autowired
CacheService cacheService;
@Override
public boolean supports(MethodParameter methodParameter, Type targetType,
Class<? extends HttpMessageConverter<?>> converterType) {
return methodParameter.hasParameterAnnotation(RequestBody.class);
}
@Override
public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
Class<? extends HttpMessageConverter<?>> converterType) throws IOException {
val request = HttpServletRequestUtil.getRequest();
if (request.getServletPath().contains("login"))
return inputMessage;
if (!parameter.getMethod().isAnnotationPresent(NoSecret.class)) {
return new HttpInputMessage() {
@Override
public InputStream getBody() throws IOException {
List<String> tokenList = inputMessage.getHeaders().get("token");
if (tokenList.isEmpty()) {
throw new RuntimeException("缺少必要参数");
}
String token = tokenList.get(0);
Integer accid = JWTUtils.getAccid(token);
String bodyStr = IoUtil.read(inputMessage.getBody(), "utf-8");
val req = HttpServletRequestUtil.getRequest();
// Console.log(HttpServletRequestUtil.getAllRequestInfo());
// Console.log(bodyStr);
val loginObj = cacheService.getLogin(accid);
val key = loginObj.getString("key");
val iv = loginObj.getString("iv");
req.setAttribute("key", key);
req.setAttribute("iv", iv);
try {
bodyStr = AesUtils.decrypt(bodyStr, key, iv);
} catch (Exception e) {
throw new RuntimeException("解密失败");
}
return IoUtil.toStream(bodyStr, "utf-8");
}
@Override
public HttpHeaders getHeaders() {
return inputMessage.getHeaders();
}
};
}
return null;
}
@Override
public Object afterBodyRead(Object body, HttpInputMessage inputMessage, MethodParameter parameter, Type targetType,
Class<? extends HttpMessageConverter<?>> converterType) {
return body;
}
@Override
public Object handleEmptyBody(Object body, HttpInputMessage inputMessage, MethodParameter parameter,
Type targetType, Class<? extends HttpMessageConverter<?>> converterType) {
return body;
}
}
package com.xf.config;
import java.util.HashMap;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import com.alibaba.fastjson.JSONObject;
import com.xf.common.R;
import com.xf.tools.AesUtils;
import com.xf.tools.HttpServletRequestUtil;
import lombok.val;
@ControllerAdvice("com.xf.controller")
public class MyResponseBodyAdvice implements ResponseBodyAdvice {
@Override
public boolean supports(MethodParameter returnType, Class converterType) {
return true;
}
@Override
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
Class selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
if (body instanceof R) {
R tem = (R) body;
// 前端非得强行有个data
if (!tem.containsKey("data"))
tem.put("data", new HashMap<String, Object>());
val req = HttpServletRequestUtil.getRequest();
if (req.getServletPath().contains("login"))
return body;
val key = req.getAttribute("key").toString();
val iv = req.getAttribute("iv").toString();
// return tem;
try {
return AesUtils.encrypt(JSONObject.toJSONString(tem), key, iv);
} catch (Exception e) {
return null;
}
}
return body;
}
}
标签:return,org,xf,解密,springframework,import,加密,ControllerAdvice,com 来源: https://www.cnblogs.com/wujf/p/15840558.html