2. 程式人生 > 其它 >springcloud gateway過濾器

springcloud gateway過濾器

阿新 發佈:2021-11-29

一:過濾器

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.roncoo.education.common.core.base.BaseException;
import com.roncoo.education.common.core.enums.ResultEnum;
import com.roncoo.education.common.core.tools.Constants;
import
 
 com.roncoo.education.common.core.tools.JWTUtil;
import com.roncoo.education.common.core.tools.MD5Util;
import com.roncoo.education.util.RequestAddParaUtils;
import com.roncoo.education.util.ServerRequestUtil;
import io.netty.buffer.ByteBufAllocator;
import lombok.extern.slf4j.Slf4j;
import org.bouncycastle.util.Strings;

 
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;

 
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

import java.net.URI;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;

/**
 * 請求開始前執行
 */
@Slf4j
public class FilterPre implements GlobalFilter, Ordered {

    private static final Logger logger = LoggerFactory.getLogger(FilterPre.class);
    private static final String TOKEN = "token";
    private static final String USERNO = "userNo";
    private static final String CACHE_REQUEST_BODY_OBJECT_KEY = "cachedRequestBodyObject";

    @Autowired
    private StringRedisTemplate stringRedisTemplate;

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        String traceId = MD5Util.getTraceID();

        ServerHttpRequest serverHttpRequest = exchange.getRequest();
        HttpMethod method = serverHttpRequest.getMethod();
        HttpHeaders httpHeaders = serverHttpRequest.getHeaders();
        String token = httpHeaders.getFirst(TOKEN);
        String ip = ServerRequestUtil.getIpAddr(serverHttpRequest);
        String url = serverHttpRequest.getURI().toString();
        log.debug("traceId[" + traceId + "]" + "uri=" + url + "  method=" + method + "  token=" + token + "  ip=" + ip);

        //驗證請求地址
        boolean validateResult = false;
        //判斷請求是否過濾介面
        if (url.contains("/callback")) {
            // 回撥使用
            validateResult = false;
        } else if (url.startsWith("/zuul")) {
            // 檔案上傳
            validateResult = false;
        } else if (url.contains("/api")) {
            // 不鑑權
            validateResult = false;
        } else {
            validateResult = true;
        }
        if (!validateResult) {
            log.debug("traceId[" + traceId + "]" + "validateResult=" + validateResult + "  filter=filter");
            return chain.filter(exchange);
        }

        Long userNo = getUserNoByToken(token);
        if (!StringUtils.isEmpty(userNo)) {
            URI uri = serverHttpRequest.getURI();
            if (HttpMethod.POST.equals(method)) {
                String requestBody = getRequestBody(serverHttpRequest.getBody());
                //封裝userNo
                JSONObject jsonObject = JSON.parseObject(requestBody);
                log.info("request body is:{}", jsonObject);
                jsonObject.put(USERNO, userNo);
                requestBody = jsonObject.toJSONString();

                //下面的將請求體再次封裝寫回到request裡,傳到下一級,否則,由於請求體已被消費,後續的服務將取不到值
                ServerHttpRequest request = serverHttpRequest.mutate().uri(uri).build();
                DataBuffer bodyDataBuffer = stringBuffer(requestBody);
                Flux<DataBuffer> bodyFlux = Flux.just(bodyDataBuffer);

                // 定義新的訊息頭
                HttpHeaders headers = new HttpHeaders();
                headers.putAll(exchange.getRequest().getHeaders());

                // 新增訊息頭
//                    headers.set(ServiceConstants.SHIRO_SESSION_PRINCIPALS,GsonUtils.toJson(authenticationVO));

                // 由於修改了傳遞引數,需要重新設定CONTENT_LENGTH,長度是位元組長度,不是字串長度
                int length = requestBody.getBytes().length;
                headers.remove(HttpHeaders.CONTENT_LENGTH);
                headers.setContentLength(length);

//                // 設定CONTENT_TYPE
//                if (StringUtils.isEmpty(contentType)) {
//                    headers.set(HttpHeaders.CONTENT_TYPE, contentType);
//                }

                request = new ServerHttpRequestDecorator(request) {
                    @Override
                    public HttpHeaders getHeaders() {
                        long contentLength = headers.getContentLength();
                        HttpHeaders httpHeaders = new HttpHeaders();
                        httpHeaders.putAll(super.getHeaders());
                        if (contentLength > 0) {
                            httpHeaders.setContentLength(contentLength);
                        } else {
                            // TODO: this causes a 'HTTP/1.1 411 Length Required' on httpbin.org
                            httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
                        }
                        return httpHeaders;
                    }

                    @Override
                    public Flux<DataBuffer> getBody() {
                        return bodyFlux;
                    }
                };
                //封裝request,傳給下一級
                request.mutate().header(HttpHeaders.CONTENT_LENGTH, Integer.toString(requestBody.length()));
                return chain.filter(exchange.mutate().request(request).build());
            } else {
                ServerHttpRequest newRequest = RequestAddParaUtils.addPara(exchange, USERNO, userNo.toString());
                return chain.filter(exchange.mutate().request(newRequest).build());
            }

        }

        ServerHttpResponse response = exchange.getResponse();
        response.setStatusCode(HttpStatus.UNAUTHORIZED);
        response.getHeaders().add("Content-Type", "application/json; charset=utf-8");
        String json = JSONObject.toJSONString("token失效,請重新登入");
        // 解決頁面字符集亂碼
        DataBuffer buffer = response.bufferFactory().wrap(json.getBytes(StandardCharsets.UTF_8));
        return response.writeWith(Flux.just(buffer));
    }

    @Override
    public int getOrder() {
        return 0;
    }

    /**
     * token 攔截功能
     */
    private Long getUserNoByToken(String token) {
        if (StringUtils.isEmpty(token)) { // token不存在,則從報文裡面獲取
            throw new BaseException(ResultEnum.TOKEN_PAST);
        }

        // 解析 token
        DecodedJWT jwt = null;
        try {
            jwt = JWTUtil.verify(token);
        } catch (Exception e) {
            logger.error("token異常,token={}", token.toString());
            throw new BaseException(ResultEnum.TOKEN_ERROR);
        }

        // 校驗token
        if (null == jwt) {
            throw new BaseException(ResultEnum.TOKEN_ERROR);
        }
        Long userNo = JWTUtil.getUserNo(jwt);
        if (userNo <= 0) {
            throw new BaseException(ResultEnum.TOKEN_ERROR);
        }

        // token正常
        String type = JWTUtil.getType(jwt);
        if (Constants.XCX.equals(type)) {
            // 小程式請求
            // 注意,登入的時候必須要放入快取
            if (!stringRedisTemplate.hasKey(Constants.XCX.concat(userNo.toString()))) {
                // 不存在,則登入異常,有效期為1小時
                throw new BaseException(ResultEnum.TOKEN_PAST);
            }
        } else {
            // PC端、安卓端、蘋果端、小程式端
            //  單點登入處理,注意,登入的時候必須要放入快取
            checkToken(userNo.toString(), token, type);
        }

        return userNo;
    }

    /**
     * PC端、安卓端、蘋果端、小程式端
     * 校驗 token
     *
     * @param userNo
     * @param token
     */
    private void checkToken(String userNo, String token, String type) {
        if (!stringRedisTemplate.hasKey(type.concat(userNo))) {
            // 不存在,則登入異常,有效期為1小時
            throw new BaseException(ResultEnum.TOKEN_PAST);
        }
        // 存在,判斷是否token相同
        String tk = stringRedisTemplate.opsForValue().get(type.concat(userNo));
        if (!token.equals(tk)) {
            // 不同則為不同的使用者登入,這時候提示異地登入
            throw new BaseException(ResultEnum.REMOTE_ERROR);
        }
        // 更新時間,使token不過期
        if (!Constants.PC.equals(type)) {
            //移動端設定token為30天有效
            stringRedisTemplate.opsForValue().set(type.concat(userNo), token, 30, TimeUnit.DAYS);
        } else {
            stringRedisTemplate.opsForValue().set(type.concat(userNo), token, 1, TimeUnit.HOURS);
        }
    }

    /**
     * 用於獲取請求引數
     *
     * @param body
     * @return
     */
    private static String getRequestBody(Flux<DataBuffer> body) {
        AtomicReference<String> rawRef = new AtomicReference<>();
        body.subscribe(buffer -> {
            byte[] bytes = new byte[buffer.readableByteCount()];
            buffer.read(bytes);
            DataBufferUtils.release(buffer);
            rawRef.set(Strings.fromUTF8ByteArray(bytes));
        });
        return rawRef.get();
    }

    private DataBuffer stringBuffer(String value) {
        byte[] bytes = value.getBytes(StandardCharsets.UTF_8);

        NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT);
        DataBuffer buffer = nettyDataBufferFactory.allocateBuffer(bytes.length);
        buffer.write(bytes);
        return buffer;
    }


    /**
     * 從Flux<DataBuffer>中獲取字串的方法
     */
    private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest) {
        Flux<DataBuffer> body = serverHttpRequest.getBody();
        AtomicReference<String> bodyRef = new AtomicReference<>();
        body.subscribe(buffer -> {
            CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer());
            DataBufferUtils.release(buffer);
            bodyRef.set(charBuffer.toString());
        });
        return bodyRef.get();
    }

二:工具類

import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.util.UriComponentsBuilder;

import java.net.URI;

/**
 * @ClassName RequestAddParaUtils
 * @Author ZhangRF
 * @CreateDate 2021/11/26
 * @Decription 請求新增自定義引數
 */
public class RequestAddParaUtils {
    /**
     * get新增請求引數
     *
     * @param exchange  原有請求
     * @param paraName  引數名稱
     * @param paraValue 引數值
     * @return ServerHttpRequest
     */
    public static ServerHttpRequest addPara(ServerWebExchange exchange, String paraName, String paraValue) {
        URI uri = exchange.getRequest().getURI();
        StringBuilder query = new StringBuilder();
        String originalQuery = uri.getRawQuery();
        if (StringUtils.hasText(originalQuery)) {
            query.append(originalQuery);
            if (originalQuery.charAt(originalQuery.length() - 1) != '&') {
                query.append('&');
            }
        }

        query.append(paraName);
        query.append('=');
        query.append(paraValue);

        URI newUri = UriComponentsBuilder.fromUri(uri).replaceQuery(query.toString()).build(true).toUri();
        return exchange.getRequest().mutate().uri(newUri).build();

    }

三:建立過濾器bean及其解決跨域配置

import com.roncoo.education.gateway.common.FilterPre;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.CorsWebFilter;
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;

/**
 * @ClassName GatewayConfig
 * @Author ZhangRF
 * @CreateDate 2021/11/23
 * @Decription
 */
@Configuration
public class GatewayConfig {
    @Bean
    public FilterPre requestGlobalFilter() {
        return new FilterPre();
    }

    @Bean
    public CorsWebFilter corsWebFilter() {
        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();

        CorsConfiguration corsConfiguration = new CorsConfiguration();
        //1、配置跨域
        //允許哪些頭進行跨域
        corsConfiguration.addAllowedHeader("*");
        //允許哪些請求方式進行跨域
        corsConfiguration.addAllowedMethod("*");
        //允許哪些請求來源進行跨域
        corsConfiguration.addAllowedOrigin("*");
        //是否允許攜帶cookie進行跨域,否則跨域請求會丟失cookie資訊
        corsConfiguration.setAllowCredentials(true);

        source.registerCorsConfiguration("/**", corsConfiguration);

        return new CorsWebFilter(source);
    }

相關推薦

springcloud gateway過濾器

一:過濾器 import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.auth0.jwt.interfaces.DecodedJWT;

SpringCloud Gateway跨域配置程式碼例項

這篇文章主要介紹了SpringCloud Gateway跨域配置程式碼例項,文中通過示例程式碼介紹的非常詳細,對大家的學習或者工作具有一定的參考學習價值,需要的朋友可以參考下

SpringCloud Zuul過濾器實現登陸鑑權程式碼例項

1.新建一個filter‘包 2.新建一個類,實現ZuulFilter,重寫裡面的方法 3.在頂部類添加註解,@Component,讓Spring掃描

SpringCloud Zuul過濾器和谷歌Gauva實現限流

前提: 已經配置Zuul閘道器 參考: https://www.jb51.net/article/182894.htm 限流方式: 1)nginx層限流

基於SpringCloud Gateway的自定義限流

目前,市面上越來越多的公司選擇使用RESTful介面作為資料交換介面,通常通過閘道器對外暴露這些RESTful介面,為了避免有意或者無意的高併發訪問,拖垮這些RESTful介面所在的業務系統,需要對這些介面進行限流,熔斷,

springcloud-gateway閘道器(動態路由以及負載均衡轉發配置)

1.依賴 <!--引入gateway閘道器依賴--> <dependency> <groupId>org.springframework.cloud</groupId>

【轉載】Spring Cloud Gateway-過濾器工廠詳解(GatewayFilter Factories)

http://www.imooc.com/article/290816 TIPS 本文基於Spring Cloud Greenwich SR2,理論支援Spring Cloud Greenwich SR1,其中的新特性標註出來了。

SpringCloud Gateway自定義filter獲取body中的資料為空的問題

最近在使用SpringCloud Gateway進行閘道器的開發,我使用的版本是:SpringBoot的2.3.4.RELEASE+SpringCloud的Hoxton.SR8,在自定義過濾器時需要獲取ServerHttpRequest中body的資料,發現一直無法獲取到資料,經過各種

springcloud gateway 採用 netty作為服務容器中的bug

一、背景 可能大家在使用Spring Cloud Gateway構建微服務閘道器的時候,過五關斬六將,Reactor沒能難倒我們,鏈路追蹤沒能難倒我們,最後在上線之後發現許多奇妙的問題,這些奇妙的問題還無從下手,比如這個堆疊,深

Springcloud GateWay閘道器配置過程圖解

一般為了不暴露自己的埠資訊等,會選擇架構一個閘道器在前面進行阻擋,起到保護的作用。附上一張工作示列圖。

SpringCloud——GateWay入門

技術標籤:gatewayspring cloudgateway 客戶由傳送請求由Nginx伺服器已經將請求轉發到一個伺服器上,但是服務之前我們還需要一個閘道器將這些請求進一步加工處理到服務上,這一步就是GateWay.

2 -【 Gateway 】- 1 SpringCloud Gateway 詳解

技術標籤:

SpringCloud-Gateway元件使用

1.什麼是服務閘道器 1.說明 閘道器統一服務入口,可方便實現對平臺眾多服務介面進行管控,對訪問服務的身份認證、防報文重放與防資料篡改、功能呼叫的業務鑑權、響應資料的脫敏、流量與併發控制,甚至基於API呼叫的

springcloud gateway讀取請求body中的內容

request body中的內容只允許讀取一次,若是多次讀取會報錯,本章中簡單介紹瞭如何在springcloud gateway中讀取body中的內容。

08.SpringCloud Gateway (新一代閘道器)

1.概述基本說明官網上一代閘道器 zuulhttps://github.com/Netflix/zuul/wiki 當前gatewayhttps://cloud.spring.io/spring-cloud-static/spring-cloud-gateway/2.2.1.RELEASE/reference/html/ 是什麼一句話Spring Clo

SpringCloud Gateway 解析獲取請求引數並封裝傳遞到Controller

技術標籤:Spring CloudSpringCloudAlibaba微服務實踐筆記Gateway引數封裝SpringCloud 目錄

SpringCloud Gateway使用redis實現動態路由的方法

1. 將 actuator 端點暴露出來 management: endpoints: web: exposure: include: \"*\" 2. redis 配置 https://www.jb51.net/article/203766.htm

SpringCloud Gateway 路由配置定位原理分析

環境:springcloud Hoxton.SR11 本節主要了解系統中的謂詞與配置的路由資訊是如何進行初始化關聯生成路由物件的。每個謂詞工廠中的Config物件又是如何被解析配置的。

SpringCloud GateWay使用

GateWay之路由轉發和過濾 在一個Gateway專案(配置了eureka等元件)中進行配置 server:

SpringCloud GateWay 使用 閘道器路由

GateWay之路由轉發和過濾 在一個Gateway專案(配置了eureka等元件)中進行配置 server: