Skip to content

Commit

Permalink
Merge pull request #279 from JiazhenBao/main
Browse files Browse the repository at this point in the history 
防重放防篡改过滤器异常处理修改
  • Loading branch information
@JiazhenBao
JiazhenBao authored Jan 10, 2025
2 parents 0bcbdc4 + 22c5690 commit f2635ce
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 40 deletions.
2 changes: 1 addition & 1 deletion custon-api-filter/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
<groupId>com.netease</groupId>
<artifactId>custon-api-filter</artifactId>
<!--平台上传过的包,在代码修改后版本号必须升级。因为平台中的包无法彻底删除。-->
<version>1.3.18</version>
<version>1.4.0</version>
<name>custon-api-filter</name>

<properties>
Expand Down
69 changes: 30 additions & 39 deletions ...n-api-filter/src/main/java/com/netease/lowcode/custonapifilter/filter/SecurityFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,50 +47,41 @@ private List<String> apiBlackList() {

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {

try {
String requestURI = request.getRequestURI();
String method = request.getMethod();
String logicIdentifier = requestURI + LOGIC_IDENTIFIER_SEPARATOR + method;
//过滤黑名单
boolean isFilter = false;
if ("black".equals(customFilterConfig.getFilterType())) {
for (String api : apiBlackList()) {
if (logicIdentifier.startsWith(api)) {
isFilter = true;
break;
}
}
} else if ("white".equals(customFilterConfig.getFilterType())) {
isFilter = true;
for (String api : apiBlackList()) {
if (logicIdentifier.startsWith(api)) {
isFilter = false;
break;
}
String requestURI = request.getRequestURI();
String method = request.getMethod();
String logicIdentifier = requestURI + LOGIC_IDENTIFIER_SEPARATOR + method;
//过滤黑名单
boolean isFilter = false;
if ("black".equals(customFilterConfig.getFilterType())) {
for (String api : apiBlackList()) {
if (logicIdentifier.startsWith(api)) {
isFilter = true;
break;
}
}
if (!isFilter) {
filterChain.doFilter(request, response);
return;
}
ReReadableHttpServletRequestWrapper requestWrapper = new ReReadableHttpServletRequestWrapper(request);
String body = requestWrapper.getBody();
RequestHeader requestHeader = new RequestHeader(requestWrapper.getHeader(Constants.LIB_SIGN_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_TIMESTAMP_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_NONCE_HEADER_NAME), body);
if (!checkService.check(requestHeader)) {
response.setContentType("application/json");
response.setStatus(HttpStatus.UNAUTHORIZED.value());
response.setCharacterEncoding("UTF-8");
response.getWriter().write(checkService + "校验请求拦截");
return;
} else if ("white".equals(customFilterConfig.getFilterType())) {
isFilter = true;
for (String api : apiBlackList()) {
if (logicIdentifier.startsWith(api)) {
isFilter = false;
break;
}
}
filterChain.doFilter(requestWrapper, response);
} catch (Exception e) {
log.error("SecurityFilter error", e);
}
if (!isFilter) {
filterChain.doFilter(request, response);
return;
}
ReReadableHttpServletRequestWrapper requestWrapper = new ReReadableHttpServletRequestWrapper(request);
String body = requestWrapper.getBody();
RequestHeader requestHeader = new RequestHeader(requestWrapper.getHeader(Constants.LIB_SIGN_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_TIMESTAMP_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_NONCE_HEADER_NAME), body);
if (!checkService.check(requestHeader)) {
response.setContentType("application/json");
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
response.setStatus(HttpStatus.UNAUTHORIZED.value());
response.setCharacterEncoding("UTF-8");
response.getWriter().write("SecurityFilter error. 校验请求拦截");
response.getWriter().write(checkService + "校验请求拦截");
return;
}
filterChain.doFilter(requestWrapper, response);
}
}

0 comments on commit f2635ce

Please sign in to comment.