From 5d7011ea48b1ef5d4e0dcf1480bf2dd709f01313 Mon Sep 17 00:00:00 2001 From: baojz Date: Tue, 7 Jan 2025 11:37:11 +0800 Subject: [PATCH 1/3] =?UTF-8?q?SecurityFilter=E5=90=8E=E7=BB=AD=E8=AF=B7?= =?UTF-8?q?=E6=B1=82=E9=93=BE=E4=B8=8D=E9=9C=80=E8=A6=81=E5=9C=A8=E8=BF=99?= =?UTF-8?q?=E6=8D=95=E6=8D=89=E5=BC=82=E5=B8=B8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- custon-api-filter/pom.xml | 2 +- .../filter/SecurityFilter.java | 69 ++++++++----------- 2 files changed, 31 insertions(+), 40 deletions(-) diff --git a/custon-api-filter/pom.xml b/custon-api-filter/pom.xml index 4b46cce7..b59b0173 100644 --- a/custon-api-filter/pom.xml +++ b/custon-api-filter/pom.xml @@ -11,7 +11,7 @@ com.netease custon-api-filter - 1.3.18 + 1.4.0 custon-api-filter diff --git a/custon-api-filter/src/main/java/com/netease/lowcode/custonapifilter/filter/SecurityFilter.java b/custon-api-filter/src/main/java/com/netease/lowcode/custonapifilter/filter/SecurityFilter.java index a7a79a38..14d1f340 100644 --- a/custon-api-filter/src/main/java/com/netease/lowcode/custonapifilter/filter/SecurityFilter.java +++ b/custon-api-filter/src/main/java/com/netease/lowcode/custonapifilter/filter/SecurityFilter.java @@ -47,50 +47,41 @@ private List apiBlackList() { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { - - try { - String requestURI = request.getRequestURI(); - String method = request.getMethod(); - String logicIdentifier = requestURI + LOGIC_IDENTIFIER_SEPARATOR + method; - //过滤黑名单 - boolean isFilter = false; - if ("black".equals(customFilterConfig.getFilterType())) { - for (String api : apiBlackList()) { - if (logicIdentifier.startsWith(api)) { - isFilter = true; - break; - } - } - } else if ("white".equals(customFilterConfig.getFilterType())) { - isFilter = true; - for (String api : apiBlackList()) { - if (logicIdentifier.startsWith(api)) { - isFilter = false; - break; - } + String requestURI = request.getRequestURI(); + String method = request.getMethod(); + String logicIdentifier = requestURI + LOGIC_IDENTIFIER_SEPARATOR + method; + //过滤黑名单 + boolean isFilter = false; + if ("black".equals(customFilterConfig.getFilterType())) { + for (String api : apiBlackList()) { + if (logicIdentifier.startsWith(api)) { + isFilter = true; + break; } } - if (!isFilter) { - filterChain.doFilter(request, response); - return; - } - ReReadableHttpServletRequestWrapper requestWrapper = new ReReadableHttpServletRequestWrapper(request); - String body = requestWrapper.getBody(); - RequestHeader requestHeader = new RequestHeader(requestWrapper.getHeader(Constants.LIB_SIGN_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_TIMESTAMP_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_NONCE_HEADER_NAME), body); - if (!checkService.check(requestHeader)) { - response.setContentType("application/json"); - response.setStatus(HttpStatus.UNAUTHORIZED.value()); - response.setCharacterEncoding("UTF-8"); - response.getWriter().write(checkService + "校验请求拦截"); - return; + } else if ("white".equals(customFilterConfig.getFilterType())) { + isFilter = true; + for (String api : apiBlackList()) { + if (logicIdentifier.startsWith(api)) { + isFilter = false; + break; + } } - filterChain.doFilter(requestWrapper, response); - } catch (Exception e) { - log.error("SecurityFilter error", e); + } + if (!isFilter) { + filterChain.doFilter(request, response); + return; + } + ReReadableHttpServletRequestWrapper requestWrapper = new ReReadableHttpServletRequestWrapper(request); + String body = requestWrapper.getBody(); + RequestHeader requestHeader = new RequestHeader(requestWrapper.getHeader(Constants.LIB_SIGN_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_TIMESTAMP_HEADER_NAME), requestWrapper.getHeader(Constants.LIB_NONCE_HEADER_NAME), body); + if (!checkService.check(requestHeader)) { response.setContentType("application/json"); - response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); + response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setCharacterEncoding("UTF-8"); - response.getWriter().write("SecurityFilter error. 校验请求拦截"); + response.getWriter().write(checkService + "校验请求拦截"); + return; } + filterChain.doFilter(requestWrapper, response); } } From 97cac6b3603a4944c3db06e4eb34e13b45d2c208 Mon Sep 17 00:00:00 2001 From: baojz Date: Fri, 10 Jan 2025 10:55:57 +0800 Subject: [PATCH 2/3] =?UTF-8?q?downloadfile=E6=8E=A5=E5=8F=A3=E9=99=90?= =?UTF-8?q?=E5=88=B6files=E5=8D=8F=E8=AE=AE=E6=96=87=E4=BB=B6=E4=B8=8B?= =?UTF-8?q?=E8=BD=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- downloadfilefilter | 1 + 1 file changed, 1 insertion(+) create mode 160000 downloadfilefilter diff --git a/downloadfilefilter b/downloadfilefilter new file mode 160000 index 00000000..4763afd3 --- /dev/null +++ b/downloadfilefilter @@ -0,0 +1 @@ +Subproject commit 4763afd3df11b7a3913038a729e4996cfc2e609b From 22c56909f3fe4f0fee1714062d7e867062216ff2 Mon Sep 17 00:00:00 2001 From: baojz Date: Fri, 10 Jan 2025 10:59:49 +0800 Subject: [PATCH 3/3] =?UTF-8?q?downloadfile=E6=8E=A5=E5=8F=A3=E9=99=90?= =?UTF-8?q?=E5=88=B6files=E5=8D=8F=E8=AE=AE=E6=96=87=E4=BB=B6=E4=B8=8B?= =?UTF-8?q?=E8=BD=BD-=E5=88=A0=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- downloadfilefilter | 1 - 1 file changed, 1 deletion(-) delete mode 160000 downloadfilefilter diff --git a/downloadfilefilter b/downloadfilefilter deleted file mode 160000 index 4763afd3..00000000 --- a/downloadfilefilter +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 4763afd3df11b7a3913038a729e4996cfc2e609b