在我的项目中,我有一组api调用,应通过某些常见验证进行过滤。在这种情况下,我必须在它到达REST控制器之前拦截请求,读取请求主体,进行验证并在请求通过验证时将其传递给控制器。
由于HttpServletRequest无法多次反序列化,因此我使用HttpServletRequestWrapper制作实际请求的副本。使用它制作的副本,我做验证。
以下是拦截请求的配置类。
public class InterceptorConfig extends WebMvcConfigurerAdapter {
@Autowired
CustomInterceptor customInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(customInterceptor).addPathPatterns("/signup/**");
}
}
以下是我在preHandle类中的CustomInterceptor方法,该方法扩展了HandlerInterceptorAdaptor
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
ServletRequest copiedRequest = new HttpRequestWrapper(request);
Map<String, Object> jsonMap = mapper.readValue(copiedRequest.getInputStream(), Map.class);
if(jsonMap.containsKey("userId")){
long userId = jsonMap.get("userId");
MyClass myObject= myAutowiredService.getMyObject(userId);
if(myObject == null){
response.setStatus(HttpStatus.SC_NOT_ACCEPTABLE);
return false;
}
// some more validations which end up returning false if they are met
}
return true;
}
这是我的HttpRequestWrapper
public class HttpRequestWrapper extends HttpServletRequestWrapper {
private byte[] requestBody;
public HttpRequestWrapper(HttpServletRequest request) throws IOException{
super(request);
try {
requestBody = IOUtils.toByteArray(request.getInputStream());
} catch (IOException ex) {
requestBody = new byte[0];
}
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(requestBody);
return new ServletInputStream() {
@Override
public boolean isFinished() {
return byteArrayInputStream.available() == 0;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener listener) {
throw new RuntimeException("Not implemented");
}
public int read () throws IOException {
return byteArrayInputStream.read();
}
};
}
}
现在全部设定。现在,当我向/signup/**模式的任何网址发送请求时,所有验证都正常。但是,一旦请求命中控制器方法,就会弹出错误提示请求正文不可用。
缺少必需的请求正文:public com.mypackage.myResponseObject com.mypackage.myController.myControllerMethod(com.mypackage.myDTO)
我正在努力找到解决这个问题的原因,也是一种克服这个问题的方法。在RequestWrapper类中我有什么问题吗?还是什么遗失?
帮我解决这个问题。
谢谢!
答案 0 :(得分:1)
问题似乎是你正在使用拦截器来读取HttpServletRequest&#39; InputStream并将其包装在HttpRequestWrapper中,但永远不会返回包装器。
我认为你应该使用Filter
public class CustomFilter extends OncePerRequestFilter {
public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
ServletRequest copiedRequest = new HttpRequestWrapper(request);
Map<String, Object> jsonMap = mapper.readValue(copiedRequest.getInputStream(), Map.class);
if(jsonMap.containsKey("userId")){
long userId = jsonMap.get("userId");
MyClass myObject= myAutowiredService.getMyObject(userId);
if(myObject == null){
response.setStatus(HttpStatus.SC_NOT_ACCEPTABLE);
//return false;
}
// some more validations which end up returning false if they are met
}
filterChain.doFilter(copiedRequest, (ServletResponse) response);
}
}
您需要在web.xml或WebApplicationInitializer