Webflux,如何拦截请求并添加新的标头

时间:2019-10-15 14:35:00

标签: java spring spring-webflux

使用Webflux过滤器,我试图拦截请求并检查请求是否来自某些URI,然后添加新的Authorization标头

过滤器代码简单直接

@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class AuthorizationFilter implements WebFilter {

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {

        return chain.filter(Optional.of(exchange)
                .filter(serverWebExchange -> serverWebExchange.getRequest().getURI().getPath().endsWith("/callback"))
                .map(serverWebExchange -> addNewHeader(serverWebExchange))
                .orElse(exchange));
    }

    private ServerWebExchange addNewHeader(ServerWebExchange serverWebExchange) {

        String authHeader=serverWebExchange.getRequest().getQueryParams().get("state").get(0);

        if (authHeader == null) {
            throw new BadRequestException("State not complete (access_token missing) for //callback");
        }

        try {
            serverWebExchange.getRequest().getHeaders().setBearerAuth(authHeader);
        }catch (Throwable t){
            t.printStackTrace();
        }

        return serverWebExchange;
    }
}

但是会引发异常

java.lang.UnsupportedOperationException
    at org.springframework.http.ReadOnlyHttpHeaders.set(ReadOnlyHttpHeaders.java:99)
    at org.springframework.http.HttpHeaders.setBearerAuth(HttpHeaders.java:774)

标题表似乎是只读的。我该如何解决此问题并添加新的标题?

2 个答案:

答案 0 :(得分:1)

您可以使用它们的ServerWebExchange方法来对ServerHttpRequest及其mutate()进行突变,从而为每个变量返回一个“ Builder”。

Java示例:

@Component
public class AuthorizationFilter implements WebFilter {
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
        ServerHttpRequest mutatedRequest = exchange.getRequest().mutate().header(HttpHeaders.AUTHORIZATION, "Bearer " + authHeader).build();
        ServerWebExchange mutatedExchange = exchange.mutate().request(mutatedRequest).build();
        return chain.filter(mutatedExchange);
    }
}

Kotlin示例:

@Component
class AuthorizationFilter : WebFilter {
    override fun filter(exchange: ServerWebExchange, chain: WebFilterChain): Mono<Void> {
        val mutatedRequest = exchange.request.mutate().header(HttpHeaders.AUTHORIZATION, "Bearer $authHeader").build()
        val mutatedExchange = exchange.mutate().request(mutatedRequest).build()
        return chain.filter(mutatedExchange)
    }
}

答案 1 :(得分:1)

由于在链的map运算符中添加了新标头而导致的问题,在这种情况下,webflux已完成serverWebExchange,并且它是不可变的。您只需在调用chain.filter(...)之前添加标题。

相关问题
最新问题