导航：首页 > 开发技术 >

Springboot怎么使用filter对request body参数进行校验

发表于：2025-02-03 作者：千家信息网编辑

千家信息网最后更新 2025年02月03日，这篇文章主要为大家展示了"Springboot怎么使用filter对request body参数进行校验"，内容简而易懂，条理清晰，希望能够帮助大家解决疑惑，下面让小编带领大家一起研究并学习一下"Sp

千家信息网最后更新 2025年02月03日Springboot怎么使用filter对request body参数进行校验

这篇文章主要为大家展示了"Springboot怎么使用filter对request body参数进行校验"，内容简而易懂，条理清晰，希望能够帮助大家解决疑惑，下面让小编带领大家一起研究并学习一下"Springboot怎么使用filter对request body参数进行校验"这篇文章吧。

使用filter对request body参数进行校验

@Slf4jpublic class ParameterCheckServletRequestWrapper extends HttpServletRequestWrapper {    private byte[] requestBody;    private Charset charSet;    public ParameterCheckServletRequestWrapper(HttpServletRequest request) {        super(request);        //缓存请求body        try {            String requestBodyStr = getRequestPostStr(request);            if (StringUtils.isNotBlank(requestBodyStr)) {                JSONObject resultJson = JSONObject.fromObject(requestBodyStr.replace("\"", "'"));                Object[] obj = resultJson.keySet().toArray();                for (Object o : obj) {                    resultJson.put(o, StringUtils.trimToNull(resultJson.get(o).toString()));                }                requestBody = resultJson.toString().getBytes(charSet);            } else {                requestBody = new byte[0];            }        } catch (IOException e) {            log.error("", e);        }    }    public String getRequestPostStr(HttpServletRequest request)            throws IOException {        String charSetStr = request.getCharacterEncoding();        if (charSetStr == null) {            charSetStr = "UTF-8";        }        charSet = Charset.forName(charSetStr);        return StreamUtils.copyToString(request.getInputStream(), charSet);    }    /**     * 重写 getInputStream()     */    @Override    public ServletInputStream getInputStream() {        if (requestBody == null) {            requestBody = new byte[0];        }        final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(requestBody);        return new ServletInputStream() {            @Override            public boolean isFinished() {                return false;            }            @Override            public boolean isReady() {                return false;            }            @Override            public void setReadListener(ReadListener readListener) {            }            @Override            public int read() {                return byteArrayInputStream.read();            }        };    }    /**     * 重写 getReader()     */    @Override    public BufferedReader getReader() {        return new BufferedReader(new InputStreamReader(getInputStream()));    }}

public class ParameterCheckFilter implements Filter {    @Override    public void init(FilterConfig filterConfig) throws ServletException {    }    @Override    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {        ParameterCheckServletRequestWrapper myWrapper = new ParameterCheckServletRequestWrapper((HttpServletRequest) servletRequest);        filterChain.doFilter(myWrapper, servletResponse);    }    @Override    public void destroy() {    }}

@Configurationpublic class FilterConfig {    @Bean    public FilterRegistrationBean authFilterRegistrationBean() {        FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();        registrationBean.setName("parameterCheckFilter");        registrationBean.setFilter(new ParameterCheckFilter());        registrationBean.setOrder(1);        registrationBean.addUrlPatterns("/*");        return registrationBean;    }}

通过filter修改body参数的思路

知识点

1、HttpServletRequestWrapper

2、filter

步骤

1、新建MyHttpServletRequestWrapper继承HttpServletRequestWrapper

2、讲传入的body赋值给自己的body（如下）

package com.orisdom.modules.common.filter;import com.alibaba.fastjson.JSON;import com.alibaba.fastjson.JSONObject;import com.orisdom.modules.monitor.dto.input.MonitorPointQueryPara;import javax.servlet.ReadListener;import javax.servlet.ServletInputStream;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletRequestWrapper;import java.io.BufferedReader;import java.io.ByteArrayInputStream;import java.io.IOException;import java.io.InputStreamReader;import java.nio.charset.Charset;/** * @author xiaokang * @description * @date 2021/6/11 10:56 */public class MyHttpServletRequestWrapper extends HttpServletRequestWrapper {    private String tempBody;    public MyHttpServletRequestWrapper(HttpServletRequest request) {        super(request);        this.tempBody = getBody(request);        System.out.println(tempBody);    }    /**     * 获取请求体     * @param request 请求     * @return 请求体     */    private String getBody(HttpServletRequest request) {        try {            ServletInputStream stream = request.getInputStream();            String read = "";            StringBuilder stringBuilder = new StringBuilder();            byte[] b = new byte[1024];            int lens = -1;            while ((lens = stream.read(b)) > 0) {                stringBuilder.append(new String(b, 0, lens));            }            return stringBuilder.toString();        } catch (IOException e) {            throw new RuntimeException(e);        }    }    /**     * 获取请求体     * @return 请求体     */    public String getBody() {        MonitorPointQueryPara para = JSON.parseObject(tempBody, MonitorPointQueryPara.class);        para.setName("1232321321");        tempBody = JSONObject.toJSONString(para);        return tempBody;    }    /**     * 需要重写这个方法     * @return     * @throws IOException     */    @Override    public BufferedReader getReader() throws IOException {        return new BufferedReader(new InputStreamReader(getInputStream()));    }    /**     * 需要重写这个方法     * @return     * @throws IOException     */    @Override    public ServletInputStream getInputStream() throws IOException {        // 创建字节数组输入流        final ByteArrayInputStream bais = new ByteArrayInputStream(tempBody.getBytes(Charset.defaultCharset()));        return new ServletInputStream() {            @Override            public boolean isFinished() {                return false;            }            @Override            public boolean isReady() {                return false;            }            @Override            public void setReadListener(ReadListener readListener) {            }            @Override            public int read() throws IOException {                return bais.read();            }        };    }}

1.新建MyFilter 继承 Filter

2.添加@WebFilter注解

3.启动类添加@ServletComponentScan(如下)

package com.orisdom.modules.common.filter;import org.springframework.core.annotation.Order;import javax.servlet.*;import javax.servlet.annotation.WebFilter;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletRequestWrapper;import java.io.BufferedReader;import java.io.IOException;import java.util.HashMap;import java.util.Map;/** * @author xiaokang * @description * @date 2021/6/11 9:47 */@WebFilterpublic class MyFilter implements Filter {    @Override    public void init(FilterConfig filterConfig) throws ServletException {    }    @Override    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {　　　　        MyHttpServletRequestWrapper myHttpServletRequestWrapper = new MyHttpServletRequestWrapper((HttpServletRequest) servletRequest);　　　　　// 相当于赋值        myHttpServletRequestWrapper.getBody();　　　　　// 自己定义的MyHttpServletRequestWrapper        filterChain.doFilter(myHttpServletRequestWrapper, servletResponse);        System.out.println(11111111);    }    @Override    public void destroy() {    }}