request参数获取,参数校验,参数处理
需求:
1.post接口,需要在过滤器中进行参数校验,校验通过之后再执行方法
2.原有代码中使用x-www-form-urlencoded传参,新需求要使用json格式
3.原有代码校验过滤器使用ServletRequest.getParameter来获取参数,并将其放入ThreadLocal<OpenapiRequest>常量中进行校验
问题:
1.改用json传参之后,再过滤器中无法通过ServletRequest.getParameter来获取参数,所有参数为null,因此无法通过参数加密校验
'使用流读取参数,可以获取参数' BufferedReader streamReader = new BufferedReader(new InputStreamReader(request.getInputStream(), "UTF-8")); StringBuilder responseStrBuilder = new StringBuilder(); String inputStr; while ((inputStr = streamReader.readLine()) != null) { responseStrBuilder.append(inputStr); } String paramString = responseStrBuilder.toString();
2.参数校验通过,但是方法接收参数出错
Caused by: org.glassfish.hk2.api.MultiException: A MultiException has 7 exceptions. They are: 1. java.lang.IllegalStateException: The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded 2. java.lang.IllegalStateException: The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded 3. java.lang.IllegalStateException: The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded 4. java.lang.IllegalStateException: The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded 5. java.lang.IllegalStateException: The @FormParam is utilized when the content type of the request entity is not application/x-www-form-urlencoded 6. java.lang.IllegalArgumentException: While attempting to resolve the dependencies of com.seari.ztxplatform.openapi.model.OpenapiRequest errors were found 7. java.lang.IllegalStateException: Unable to perform operation: resolve on com.seari.ztxplatform.openapi.model.OpenapiRequest
解决方法:替换原方法的入参注解@BeanParam为@RequestBody
3.入参中普通String字段接收成功,其中一个参数data在类中定义为String,但是传参需要一个json对象,导致报错
本次响应数据:"Can not deserialize instance of java.lang.String out of START_OBJECT token
at [Source: org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$UnCloseableInputStream@c507164;
line: 5, column: 13] (through reference chain: com.seari.ztxplatform.openapi.model.OpenapiRequest[\"data\"])"
此时可以在传参时,将data参数按照字符串格式传,而不是json格式,可以正常调用接口。样式如
4.前端需要统一入参格式,不能单独将data以String类型传参,要求的传参格式为
解决方法增加一个反序列化工具
import com.fasterxml.jackson.core.JsonParser; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.DeserializationContext; import com.fasterxml.jackson.databind.JsonDeserializer; import groovy.util.logging.Slf4j; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; import org.springframework.util.ObjectUtils; import java.io.IOException; /** * 用来自定义openapiRequest中的data在反序列化时的类型 * * @author liming * @since 2021/12/30 17:07 */ @Component @Slf4j public class DataJsonDeserializer extends JsonDeserializer { private final Logger log = LoggerFactory.getLogger(ApiParameterFilter.class); @Override public String deserialize(JsonParser data, DeserializationContext ctxt) throws IOException, JsonProcessingException { if (ObjectUtils.isEmpty(data)) { return null; } String openapiData = data.toString(); log.info((" ====> " + data.getText() + ",转换后的结果 ====> " + openapiData)); return openapiData; } }
然后再接收参数类的data字段的set方法上加上注解
@JsonDeserialize(using = DataJsonDeserializer.class) public void setData(String data) { this.data = data; }
从stackoverflow看到一个类型的问题,当时答题人提到关于这个问题可以去看看jsonDeserializer相关内容,最后试了下确实可以。真的是一句话拯救了我一天的时间,感谢!
For deserializing a node that can be either a String or an Object, you could give a look to @JsonSerialize giving a custom JsonDeserializer
详见
//stackoverflow.com/questions/54062469/cannot-deserialize-instance-of-java-lang-string-out-of-start-object-token
