Skip to content

E
elearn
Commit df1e73e4 by 梅存智
Options

优化

parent ec78bfb7
Showing with 263 additions and 0 deletions
cloud-gateWay/src/main/java/com/yizhi/application/filter/CORSResponseHeaderFilter.java 0 → 100644
package com.yizhi.application.filter;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@Component
@WebFilter
@Order(1)
public class CORSResponseHeaderFilter implements Filter {
private static Logger logger = LoggerFactory.getLogger(CORSResponseHeaderFilter.class);
private String allowOrigins = "https://servicewechat.com,http://10.10.12.94";
@Value("${aliyun.read.file.url:/public/file/read}")
private String readFileUrl;
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
throws IOException, ServletException {
log.info("---------CORSResponseHeaderFilter:run()---------");
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//对读文件的接口进行跨域检查
String url = request.getRequestURL().toString();
if(url.indexOf(readFileUrl) > 0) {
//跨域
String type = "Origin";
String originHeader = request.getHeader("Origin");
if (StringUtils.isEmpty(originHeader)) {
type = "Referer";
originHeader = request.getHeader("Referer");
if (!StringUtils.isEmpty(originHeader)) {
originHeader = originHeader.replaceAll(".com.cn/", ".com.cn");
String u[] = allowOrigins.split(",");
for(int i = 0; i < u.length; i++){
if(originHeader.indexOf(u[i]) >= 0){
originHeader = u[i];
}
}
}
}
log.info("---------CORSResponseHeaderFilter:run type:{},url:{}---------", type, originHeader);
Set<String> allowedOrigins = new HashSet<>(Arrays.asList(allowOrigins.split(",")));
if(!allowedOrigins.contains(originHeader)){
logger.info("---------Origin end---------{}, {}, url:{}", type, originHeader, url);
response.getWriter().print("request fail");
response.setStatus(403);
return;
}
}
log.info("---------CORSResponseHeaderFilter:end()---------");
chain.doFilter(servletRequest, servletResponse);
}
}
cloud-gateWay/src/main/java/com/yizhi/application/filter/FileReadUrlFilter.java 0 → 100644
package com.yizhi.application.filter;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.StreamUtils;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.yizhi.core.application.token.TokenHelper;
import com.yizhi.util.application.constant.GlobalConstant;
import com.yizhi.util.application.constant.ReturnCode;
import com.yizhi.util.application.domain.EncryptParam;
import com.yizhi.util.application.sm2.SM2_NEW;
import io.jsonwebtoken.Claims;
import lombok.extern.slf4j.Slf4j;
/**
* 请求菜单列表后对返回的数据进行加密
*
* @author ys
* @since 2021-11-11
*/
@Slf4j
@Configuration
public class FileReadUrlFilter extends ZuulFilter {
@Autowired
private TokenHelper tokenHelper;
@Value("${aliyun.read.file.url:web-manage/public/file/read}")
private String readFileUrl;
@Value("${aliyun.read.file.fileTypes:" +
"*" +
"}")
private String[] fileTypes;
/**
* post 在路由请求后调用
*/
@Override
public String filterType() {
return FilterConstants.POST_TYPE;
}
/**
* 过滤器顺序
*/
@Override
public int filterOrder() {
return FilterConstants.SEND_RESPONSE_FILTER_ORDER - 9;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
String url = ctx.getRequest().getRequestURL().toString();
if(url.indexOf("public/") > 0 || url.indexOf("/aliyun") > 0 || url.indexOf("manage/") > 0){
return null;
}
log.info("---------FileReadUrlFilter:run{}---------", url);
//获取返回的数据流
try {
//获取请求域名
String requestDomain = null;
Pattern pattern;
String oldHost = "https:.*com/";
pattern = Pattern.compile(oldHost, Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(url);
while (matcher.find()) {
requestDomain = matcher.group();
}
if(StringUtils.isEmpty(requestDomain)){
oldHost = "http:.*:\\d+/";
pattern = Pattern.compile(oldHost, Pattern.CASE_INSENSITIVE);
matcher = pattern.matcher(url);
while (matcher.find()) {
requestDomain = matcher.group();
}
}
//获取TOKEN
Long accountId = null;
String token = ctx.getRequest().getHeader(GlobalConstant.TOKEN_HEADER);
if (!StringUtils.isEmpty(token)) {
Claims claims = tokenHelper.parseToken(token);
if (claims != null) {
//获取用户ID
accountId = Long.valueOf(claims.get(GlobalConstant.ACCOUNT_ID, String.class));
}
}
EncryptParam param = new EncryptParam();
param.setKey(accountId);
//获取响应结果,流数据转字符串
Object response = ctx.getResponseBody();
if(response == null){
InputStream responseDataStream = ctx.getResponseDataStream();
response = StreamUtils.copyToString(responseDataStream, StandardCharsets.UTF_8);
}
//必须先格式化,不然正则替换不好使
String body = (String) response;
log.info("---------FileReadUrlFilter string:{}---------", body);
if(StringUtils.isEmpty(body)){
return null;
}
body = JSON.toJSONString(JSON.parseObject(body), SerializerFeature.PrettyFormat, SerializerFeature.WriteMapNullValue, SerializerFeature.WriteDateUseDateFormat);
if(StringUtils.isEmpty(requestDomain)){
log.info("---------FileReadUrlFilter requestDomain null:{}---------", url);
requestDomain = "https://hqjddj.shanghaiairport.com/";
}
//正则
Boolean isReplace = true;
oldHost = "\"https:.*com/";
for (String imTy : fileTypes) {
//pattern = Pattern.compile(oldHost + ".*\"", Pattern.CASE_INSENSITIVE);
if(isReplace){
body = body.replaceAll("\\?", "zhdjfsl");
isReplace = false;
}
pattern = Pattern.compile(oldHost + ".*\\." + imTy + "\"", Pattern.CASE_INSENSITIVE);
matcher = pattern.matcher(body);
while (matcher.find()) {
String oldStr = matcher.group();
String strUrl = oldStr.replaceAll("https://hqjddj.shanghaiairport.com", "http://10.10.12.91:9090");
strUrl = strUrl.replaceAll("zhdjfsl", "\\?").replaceAll("\"", "");
String name = strUrl.substring(strUrl.lastIndexOf("prefix=") + 7);
param.setData(strUrl);
String newStr = "\"" + requestDomain + readFileUrl + "?filePath=" + SM2_NEW.encrypt(JSON.toJSONString(param)) + "&companyCode=zhdj&siteCode=edu&prefix=" + name + "\"";
body = body.replaceAll(oldStr, newStr);
}
}
if(body != null){
body = body.replaceAll("zhdjfsl", "\\?");
ctx.setResponseBody(body);
}
log.info("---------FileReadUrlFilter:end{}---------", body);
} catch (Exception e) {
e.printStackTrace();
return null;
}
return null;
}
/**
* 设定错误上下文
*
* @param ctx
* @param returnCode
*/
private static void setFailCtx(RequestContext ctx, ReturnCode returnCode) {
ctx.setResponseStatusCode(403);
ctx.setResponseBody(returnCode.toString());
ctx.getResponse().setContentType("application/json;charset=UTF-8");
ctx.setSendZuulResponse(false);
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment