com.flyfish.oauth.entry.auditing.AuditingRequest Maven / Gradle / Ivy
package com.flyfish.oauth.entry.auditing;
import com.flyfish.oauth.common.AuditingContext;
import com.flyfish.oauth.domain.auditing.AuditingStrategy;
import com.flyfish.oauth.utils.OAuthRequestParser;
import com.flyfish.oauth.wrapper.AuditingResponseWrapper;
import lombok.Getter;
import lombok.Setter;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 审计请求
*
* @author wangyu
*/
@Getter
@Setter
public class AuditingRequest {
private String accessToken;
private byte[] content;
private boolean success;
private String address;
private AuditingStrategy strategy;
private Boolean available;
/**
* 对请求进行审计,判断是否需要审计
*
* @param request 请求
* @param response 响应
* @return 结果
*/
public static AuditingRequest accept(HttpServletRequest request,
AuditingResponseWrapper response) throws IOException {
AuditingRequest instance = new AuditingRequest();
instance.setAvailable(false);
List strategies = AuditingContext.sharedContext().get();
// 没有token,不予审计,因为没有鉴权
String accessToken = OAuthRequestParser.parse(request).getAccessToken();
if (StringUtils.isNotBlank(accessToken)) {
// 查找审计请求
for (AuditingStrategy strategy : strategies) {
if (request.getRequestURI().equalsIgnoreCase(strategy.getUri()) &&
request.getMethod().equalsIgnoreCase(strategy.getMethod()) &&
containsParameters(strategy, request)) {
instance.setAvailable(true);
instance.setStrategy(strategy);
instance.setSuccess(response.getStatus() >= 200 && response.getStatus() < 400);
instance.setContent(response.getContent());
instance.setAddress(request.getRemoteAddr());
instance.setAccessToken(accessToken);
return instance;
}
}
}
return instance;
}
/**
* 判断请求中是否包含审计参数
*
* @param strategy 策略
* @param request 请求
* @return 结果
*/
private static boolean containsParameters(AuditingStrategy strategy, HttpServletRequest request) {
if (CollectionUtils.isEmpty(strategy.getParameters())) {
return true;
}
// 参数和类型的map
Map parameterMap = new HashMap<>();
// 请求的参数们
Map requestParamMap = request.getParameterMap();
for (AuditingStrategy.InterfaceParameter parameter : strategy.getParameters()) {
if (BooleanUtils.isTrue(parameter.getRequired())) {
parameterMap.put(parameter.getName(), parameter);
}
}
if (MapUtils.isEmpty(parameterMap)) {
return true;
}
// 包含全部必须的参数且请求类型符合
if (CollectionUtils.containsAll(parameterMap.keySet(), requestParamMap.keySet())) {
// 遍历匹配,一个不匹配就返回false
for (Map.Entry entry : parameterMap.entrySet()) {
String key = entry.getKey();
AuditingStrategy.InterfaceParameter parameter = entry.getValue();
String[] values = requestParamMap.get(key);
switch (parameter.getType()) {
case ENUM: {
// 枚举有规约,通过逗号分隔值
String[] collections = StringUtils.splitPreserveAllTokens(parameter.getDescription(), ",");
List enums = Arrays.asList(collections);
for (String value : values) {
if (!enums.contains(value)) {
return false;
}
}
break;
}
case NUMBER:
for (String value : values) {
if (!NumberUtils.isDigits(value)) {
return false;
}
}
break;
default:
break;
}
}
return true;
}
return false;
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy