在弹簧安全性过滤器之后多次读取请求正文

Question

我正在尝试多次读取请求正文。我正在使用弹簧安全过滤器。 但是，在成功进行身份验证并返回到控制器之后，请求正文将变为空。

我尝试使用ContentCachingRequestWrapper避免原始请求中的getInputStream。

如何获取控制器中的原始请求正文？

这是我的控制器

@PostMapping(value = "/auth")
public ResponseEntity<String> login(@Valid @RequestBody(required = false) MyRequest request, @AuthenticationPrincipal Principal user,
                                    HttpServletRequest servletRequest) {

    if (servletRequest instanceof ContentCachingRequestWrapper) {
        String req = new String(((ContentCachingRequestWrapper) servletRequest).getContentAsByteArray());
    }
    if (servletRequest instanceof HttpServletRequestWrapper
        && ((HttpServletRequestWrapper) servletRequest).getRequest() instanceof ContentCachingRequestWrapper) {
        String req =  new String(((ContentCachingRequestWrapper) ((HttpServletRequestWrapper) servletRequest)
                .getRequest()).getContentAsByteArray());
    }
    return ResponseEntity.ok().build();

}

这是我的过滤器

public class MyFilter extends AbstractAuthenticationProcessingFilter {

public MyFilter((final RequestMatcher requestMatcher) {
    super(requestMatcher);
}

@Override
public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse) throws
                                                                                                                                    AuthenticationException,
                                                                                                                                      IOException,
                                                                                                                                        ServletException {
    try {
        ContentCachingRequestWrapper wrappedRequest = new ContentCachingRequestWrapper(httpServletRequest);
        ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(httpServletResponse);
        responseWrapper.copyBodyToResponse();

        final MyRequest myRequest = IOUtils.toString(wrappedRequest.getInputStream());

        log.debug(myRequest.getRequestId);
        final User user = new User();
        user.employeeId = "abc123";
        String token = "abc"
        final GrantedAuthority grantedAuthority = (GrantedAuthority) () -> "USER";
        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(user, token, Collections.singletonList(grantedAuthority));

        return authRequest;
    } catch (final DownstreamUnauthorisedException exception) {

        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
    } catch (final Exception exception) { 
        httpServletResponse.setStatus(HttpStatus.SERVICE_UNAVAILABLE.value());
    }

    return null;
}

@Override
protected void successfulAuthentication(final HttpServletRequest request, final HttpServletResponse response, final FilterChain chain,
                                        final Authentication authResult) throws IOException, ServletException {

    SecurityContextHolder.getContext().setAuthentication(authResult);

    ContentCachingRequestWrapper requestWrapper = new ContentCachingRequestWrapper(request);
    ContentCachingResponseWrapper responseWrapper = new ContentCachingResponseWrapper(response);

    chain.doFilter(requestWrapper, responseWrapper);
    responseWrapper.copyBodyToResponse();
}
}