解决HttpServletRequest inputStream只能读取一次的问题

最近打算在之前的项目APP接口里面加入验证签名的功能，实现思路很简单，就是通过添加filter的方式，在filter中读取所有的请求参数，然后验证客户端传过来的SIGN值跟服务端生成的SIGN值是否一致。

目前的接口里面参数有K=V格式的，也有JSON格式的，对于前者在filter中通过HttpServletRequest.getParameterMap就可以直接获取。但是对于JSON参数，我们需要从request的inputStream中读取，当然这也不复杂，几行代码就可以搞定了。

但是当我完成filter中的代码，在进行调试的时候，发现原来controller中通过@RequestBody获取JSON参数的接口抛出Required request body is missing的错误。刚开始还以为参数传的有问题，查阅相关资料才明白inputStream的数据只能读取一次，从inputStream中读取过数据之后，后续再从inputStream中就不能再读取到数据了。

 

@Slf4j
@WebFilter(filterName = "myFilter", urlPatterns = {"/*"}, initParams = {@WebInitParam(name = "author", value = "Jaemon")})
public class MyFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        log.info("过滤器初始化={}", filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        log.info("执行过滤器...");
        // 对 request 和 response 进行一些预处理
        servletRequest.setCharacterEncoding("UTF-8");
        servletResponse.setCharacterEncoding("UTF-8");
        servletResponse.setContentType("text/html;charset=UTF-8");
        // 此处读取了 inputStream
        String body = IOUtils.toString(servletRequest.getInputStream(), servletRequest.getCharacterEncoding());
        log.info("request body={}", body);

        // 做一些业务相关的请求验证处理, 如: 验签

        filterChain.doFilter(servletRequest, servletResponse);
    }

    @Override
    public void destroy() {
        log.info("过滤器销毁");
    }
}

 

@Slf4j
@WebFilter(filterName = "myFilter", urlPatterns = {"/*"}, initParams = {@WebInitParam(name = "author", value = "Jaemon")})
public class MyFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        log.info("过滤器初始化={}", filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    	// 封装类, 将 inputStream 读取到 body 中之后再 写到 inputStream 中
        BodyCachingRequestWrapper requestWrapper = new BodyCachingRequestWrapper((HttpServletRequest) servletRequest);
        log.info("执行过滤器...");
        // 对 request 和 response 进行一些预处理
        servletRequest.setCharacterEncoding("UTF-8");
        servletResponse.setCharacterEncoding("UTF-8");
        servletResponse.setContentType("text/html;charset=UTF-8");
        String body = new String(requestWrapper.getBody(), servletRequest.getCharacterEncoding());
        log.info("request body={}", body);

        // 做一些业务相关的请求验证处理, 如: 验签

        filterChain.doFilter(requestWrapper, servletResponse);
    }

    @Override
    public void destroy() {
        log.info("过滤器销毁");
    }
}

 

public class BodyCachingRequestWrapper extends HttpServletRequestWrapper {
    private byte[] body;
    private BufferedReader reader;
    private ServletInputStream inputStream;

    public BodyCachingRequestWrapper(HttpServletRequest request) throws IOException {
        super(request);
        loadBody(request);
    }

    private void loadBody(HttpServletRequest request) throws IOException {
        // 读取 inputStream 中的内容到 body 之后，再将数据写回 inputStream 中
        body = IOUtils.toByteArray(request.getInputStream());
        inputStream = new RequestCachingInputStream(body);
    }

    public byte[] getBody() {
        return body;
    }

    @Override
    public ServletInputStream getInputStream() throws IOException {
        if (inputStream != null) {
            return inputStream;
        }
        return super.getInputStream();
    }

    @Override
    public BufferedReader getReader() throws IOException {
        if (reader == null) {
            reader = new BufferedReader(new InputStreamReader(inputStream, getCharacterEncoding()));
        }
        return reader;
    }

    private static class RequestCachingInputStream extends ServletInputStream {
        private final ByteArrayInputStream inputStream;

        public RequestCachingInputStream(byte[] bytes) {
            inputStream = new ByteArrayInputStream(bytes);
        }
        @Override
        public int read() throws IOException {
            return inputStream.read();
        }

        @Override
        public boolean isFinished() {
            return inputStream.available() == 0;
        }

        @Override
        public boolean isReady() {
            return true;
        }

        @Override
        public void setReadListener(ReadListener readlistener) {
        }

    }
}

 

在SpringBootApplication上使用@ServletComponentScan注解后，Servlet、Filter、Listener可以直接通过@WebServlet、@WebFilter、@WebListener注解自动注册，无需其他代码。