1、过滤器HttpRequestFilter
import com.xuanwu.msggate.rest2mtreceiver.rest.wrapper.ModifyRequestBodyWrapper;
import com.xuanwu.msggate.rest2mtreceiver.rest.wrapper.ModifyResponseBodyWrapper;
import com.xuanwu.msggate.rest2mtreceiver.util.ResourceUtil;
import com.xuanwu.msggate.rest2mtreceiver.util.SM2Util;
import com.xuanwu.msggate.rest2mtreceiver.util.Sm4Utils;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
public class HttpRequestFilter extends OncePerRequestFilter {
private static final Logger logger = LoggerFactory.getLogger(HttpRequestFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
ModifyRequestBodyWrapper modifyRequestBodyWrapper = new ModifyRequestBodyWrapper(request);
String oldRequestBody = modifyRequestBodyWrapper.getOldRequestBody();
String sign = request.getHeader("IamSign");
logger.info("path:{}",request.getRequestURI());
logger.info("oldRequestBody:{}",oldRequestBody);
String newRequestBody = changeRequestBody(oldRequestBody);
logger.info("newRequestBody:{}",newRequestBody);
logger.info("pubKey:{}",pubKey);
logger.info("签名sign:{}",sign);
boolean flag = SM2Util.verify(pubKey, Hex.toHexString("nfdw-csg".getBytes()), sign);
if (!flag){
logger.info("验签失败");
return;
}
//构造新请求体
modifyRequestBodyWrapper.setNewRequestBody(newRequestBody);
ModifyResponseBodyWrapper modifyResponseBodyWrapper = new ModifyResponseBodyWrapper(response);
filterChain.doFilter(modifyRequestBodyWrapper,modifyResponseBodyWrapper);
String oldResponseBody = modifyResponseBodyWrapper.getResponseBody();
logger.info("oldResponseBody:{}",oldResponseBody);
String newResponseBody = changeResponseBody(oldResponseBody);
logger.info("newResponseBody:{}",newResponseBody);
response.setContentType(request.getContentType());
byte[] responseBodyData = newResponseBody.getBytes(StandardCharsets.UTF_8);
response.setHeader("Content-Length",String.valueOf(responseBodyData.length));//解决数据过长导致截断问题
ServletOutputStream out = response.getOutputStream();
out.write(responseBodyData);
}
/**
* 修改请求体
* @param oldRequestBody 修改前的请求体
* @return 修改后的请求体
*/
public String changeRequestBody(String oldRequestBody) throws UnsupportedEncodingException {
return Sm4Utils.decryptData_ECB(oldRequestBody,priKey);
}
/**
* 修改响应体
* @param oldResponseBody 修改前的响应体
* @return 修改够的响应体
*/
public String changeResponseBody(String oldResponseBody) throws UnsupportedEncodingException {
return Sm4Utils.encryptData_ECB(oldResponseBody, priKey);
}
2、 自定义HttpServletResponseWrapper 修改响应体
package com.xuanwu.msggate.rest2mtreceiver.rest.wrapper;
import javax.servlet.ServletOutputStream;
import javax.servlet.WriteListener;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
/**
* 自定义HttpServletResponseWrapper 修改响应体
*/
public class ModifyResponseBodyWrapper extends HttpServletResponseWrapper {
private ByteArrayOutputStream bos;
public ModifyResponseBodyWrapper(HttpServletResponse response) {
super(response);
this.bos = new ByteArrayOutputStream();
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
return new ServletOutputStream() {
@Override
public boolean isReady() {
return true;
}
@Override
public void setWriteListener(WriteListener writeListener) {
}
@Override
public void write(int b) throws IOException {
bos.write(b);
}
@Override
public void write(byte[] b) throws IOException {
bos.write(b);
}
};
}
@Override
public PrintWriter getWriter() throws IOException {
return new PrintWriter(new OutputStreamWriter(bos));
}
public String getResponseBody() throws IOException {
ServletOutputStream outputStream = this.getOutputStream();
outputStream.flush();
PrintWriter writer = this.getWriter();
writer.flush();
return bos.toString(this.getCharacterEncoding());
}
}
3、自定义HttpServletRequestWrapper 用于修改请求体
import org.apache.commons.io.IOUtils;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
/**
* 自定义HttpServletRequestWrapper 用于修改请求体
*/
public class ModifyRequestBodyWrapper extends HttpServletRequestWrapper {
private String oldRequestBody;
private String newRequestBody;
public ModifyRequestBodyWrapper(HttpServletRequest request) throws IOException {
super(request);
this.oldRequestBody = IOUtils.toString(request.getInputStream(),request.getCharacterEncoding());
}
@Override
public ServletInputStream getInputStream() throws IOException {
return new ServletInputStream() {
final ByteArrayInputStream bis = new ByteArrayInputStream(newRequestBody.getBytes(StandardCharsets.UTF_8));
@Override
public boolean isFinished() {
return true;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return bis.read();
}
};
}
public String getOldRequestBody() {
return oldRequestBody;
}
public void setOldRequestBody(String oldRequestBody) {
this.oldRequestBody = oldRequestBody;
}
public String getNewRequestBody() {
return newRequestBody;
}
public void setNewRequestBody(String newRequestBody) {
this.newRequestBody = newRequestBody;
}
}