投稿
  1. 首页
  2. 随笔

AOP实现API调用简单验证、日志记录、异常处理

边坡稳定2022-12-17随笔阅读23

AOP实现API调用简单验证、日志记录、异常处理,第1张

AOP实现API调用简单验证、日志记录、异常处理 AOP实现API调用简单验证、日志记录、异常处理 1.添加maven依赖 
		
			org.springframework.boot
			spring-boot-starter-aop
2.创建切面类 
@Aspect
@Component
public class SjztDynamicApiAspect {


    @Resource
    private SjztDynamicApiLogService sjztDynamicApiLogService;

    @Resource
    private SjztDynamicApiUserService sjztDynamicApiUserService;

    @Resource
    private SjztDynamicApiWhitelistService sjztDynamicApiWhitelistService;
}
3.实现简单API调用认证 
 
	
    @Pointcut("execution(* com.yeyoo.sjzt.platform.controller.rest.SjztUserServiceRestController.exec(..))")
    public void apiUserFilter() {

    }
    
     
    @Before(value = "apiUserFilter()")
    public void userFilter(JoinPoint joinPoint) {
        // 获取当前请求对象
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = attributes.getRequest();
        // 获取请求参数ak、sn
        String ak = request.getParameter("ak");
        String sn = request.getParameter("sn");


        if(ak==null||ak.equals("")||sn==null||sn.equals("")){
            throw new DynamicApiException(ResultCode.BAD_REQUEST,"缺少请求参数");
        }

        String userName = "";
        String sk = "";

        // 判断服务平台用户是否已创建
        SjztDynamicApiUser user = sjztDynamicApiUserService.selectApiUser(ak);
        if(user==null){
            throw new DynamicApiException(ResultCode.UNAUTHORIZED,"用户未授权,请联系服务平台管理员");
        }else {
            userName = user.getUserName();
            sk = user.getSeckey();
        }

        // 获取被调用的签名
        Signature signature = joinPoint.getSignature();
        // 转换为方法签名
        MethodSignature methodSignature = (MethodSignature) signature;
        // 获取 controller 的方法
        Method method = methodSignature.getMethod();
        // 获取serviceApi
        com.yeyoo.dynamic.api.beans.DynamicApiExecRequest reqMap = (DynamicApiExecRequest) getParameter(method, joinPoint.getArgs());
        String serviceApi = reqMap.getServiceApi();

        // 判断用户是否在接口白名单中
        SjztDynamicApiWhitelist whitelist = sjztDynamicApiWhitelistService.selectApiWhitelist(serviceApi,userName);
        if(whitelist==null){
            throw new DynamicApiException(ResultCode.FORBIDDEN,"接口未授权,请联系服务平台管理员");
        }

        // 拼接未加密字符串
        String str = ********;

        // 加密字符串获得本地sn
        String localSn = ************;

        // 对比参数sn和localSn
        if(!localSn.equals(sn)){
            throw new DynamicApiException(ResultCode.VALIDATE_FAILED,"sn校验失败");
        }

    }
4.调用日志记录 
	
    @Pointcut("execution(* com.yeyoo.sjzt.platform.controller.rest.SjztUserServiceRestController.exec(..))")
    public void apiLog() {

    }

	
    @AfterReturning(value = "apiLog()", returning = "responseBody")
    public void saveApiLog(JoinPoint joinPoint, Object responseBody) {

        // 获取当前请求对象
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = attributes.getRequest();

        SjztDynamicApiLog sjztDynamicApiLog = new SjztDynamicApiLog();

        // 获取被调用的签名
        Signature signature = joinPoint.getSignature();
        // 转换为方法签名
        MethodSignature methodSignature = (MethodSignature) signature;
        // 获取 controller 的方法
        Method method = methodSignature.getMethod();

        // 获取Status Code
        com.yeyoo.sjzt.beans.ResultData resMap = (ResultData) responseBody;
        Integer code = resMap.getCode();

        // 获取动态接口名称
        com.yeyoo.dynamic.api.beans.DynamicApiExecRequest reqMap = (DynamicApiExecRequest) getParameter(method, joinPoint.getArgs());
        String apiName = reqMap.getServiceApi();

        // 动态接口调用日志组装入库
        sjztDynamicApiLog.setCode(code);
        sjztDynamicApiLog.setApiName(apiName);
        sjztDynamicApiLog.setMethod(request.getMethod());
        sjztDynamicApiLog.setRequestBody(JSON.toJSONString(getParameter(method, joinPoint.getArgs())));
        sjztDynamicApiLog.setResponseBody(JSON.toJSONString(responseBody));

        sjztDynamicApiLogService.addApiLog(sjztDynamicApiLog);
    }


	
    private Object getParameter(Method method, Object[] args) {
        List argList = new ArrayList<>();
        //获取方法的参数
        Parameter[] parameters = method.getParameters();
        for (int i = 0; i < parameters.length; i++) {
            //将 RequestBody 注解修饰的参数作为请求参数
            RequestBody requestBody = parameters[i].getAnnotation(RequestBody.class);
            if(requestBody != null){
                argList.add(args[i]);
            }
            //将 RequestParam 注解修饰的参数作为请求参数
            RequestParam requestParam = parameters[i].getAnnotation(RequestParam.class);
            if (requestParam != null) {
                Map map = new HashMap<>();
                String key = parameters[i].getName();
                if (!StringUtils.isEmpty(requestParam.value())) {
                    key = requestParam.value();
                }
                map.put(key, args[i]);
                argList.add(map);
            }

        }
        if (argList.size() == 0) {
            return null;
        } else if (argList.size() == 1) {
            return argList.get(0);
        } else {
            return argList;
        }
    }
 
5.异常日志记录 

	
    @AfterThrowing(value = "apiLog()", throwing = "exception")
    public void saveExceptionLog(JoinPoint joinPoint, DynamicApiException exception) {

        // 获取当前请求对象
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = attributes.getRequest();

        SjztDynamicApiLog sjztDynamicApiLog = new SjztDynamicApiLog();

        // 获取被调用的签名
        Signature signature = joinPoint.getSignature();
        // 转换为方法签名
        MethodSignature methodSignature = (MethodSignature) signature;
        // 获取 controller 的方法
        Method method = methodSignature.getMethod();

        Integer code = exception.getErrorCode().getCode();

        // 获取动态接口名称
        com.yeyoo.dynamic.api.beans.DynamicApiExecRequest reqMap = (DynamicApiExecRequest) getParameter(method, joinPoint.getArgs());
        String apiName = reqMap.getServiceApi();

        // 动态接口调用日志组装入库
        sjztDynamicApiLog.setCode(code);
        sjztDynamicApiLog.setApiName(apiName);
        sjztDynamicApiLog.setMethod(request.getMethod());
        sjztDynamicApiLog.setRequestBody(JSON.toJSONString(getParameter(method, joinPoint.getArgs())));
        sjztDynamicApiLog.setResponseBody(JSON.toJSONString(exception.getMessage()));

        sjztDynamicApiLogService.addApiLog(sjztDynamicApiLog);
    }

欢迎分享,转载请注明来源:内存溢出
原文地址:https://54852.com/zaji/5709973.html
(0)
打赏
微信扫一扫微信扫一扫
支付宝扫一扫支付宝扫一扫

边坡稳定边坡稳定一级用户组
00
上一篇
2022-12-17

下一篇2022-12-17

发表评论

登录后才能评论

评论列表(0条)
    
	

    
	
    
		
    
			

			
    
				
				
    
					
    
						Copyright © 2022 内存溢出 版权所有
						
							蜀ICP备2023005044号						
						Powered by
						
							outofmemory.cn
						
					
					
    
				
    
			
    
			
    
				
    
					
					
						
						
					
					
						
					
				
    
			
    
		
    
	
    

    



















    保存