相关文章推荐
侠义非凡的菠菜  ·  Python pandas ...·  4 天前    · 
侠义非凡的菠菜  ·  C++ 单例模式 - 恋恋风辰 ·  3 月前    · 
侠义非凡的菠菜  ·  rc-form源码浅析 - ·  7 月前    · 
侠义非凡的菠菜  ·  python从第2行读取csv文件_mob6 ...·  9 月前    · 
侠义非凡的菠菜  ·  SqlServer数据实时同步到mysql_ ...·  9 月前    · 
侠义非凡的菠菜  ·  性能提升2.5倍!字节开源高性能C++ ...·  10 月前    · 
侠义非凡的菠菜  ·  云访问安全代理 标签管理-操作指南-文档中心·  10 月前    · 
侠义非凡的菠菜  ·  揭秘 WebFlux 中如何修改 ...·  10 月前    · 
侠义非凡的菠菜  ·  从拉普拉斯矩阵说到谱聚类|向量|权值|特征值 ...·  10 月前    · 
侠义非凡的菠菜  ·  Configuring HTTP ...·  10 月前    · 
聪明的作业本  ·  Advanced query ...·  59 分钟前    · 
失望的鸡蛋面  ·  "Microsoft Outlook ...·  1小时前    · 
坚强的柿子  ·  mongodb 多表关联处理 : ...·  1小时前    · 
眼睛小的香烟  ·  mongodb基本使用,DBRef_mong ...·  1小时前    · 
不爱学习的火腿肠  ·  java ...·  2 小时前    · 
旅行中的铁链  ·  错误信息:SSL ShakeHand ...·  3 小时前    · 
憨厚的金鱼  ·  Scanpy数据结构:AnnData - 何帅 ·  3 小时前    · 
阳光的葫芦  ·  李晶团队:神经内分泌前列腺癌的单细胞转录调控 ...·  4 小时前    · 
大力的冰棍  ·  PySCENIC(四)个性化分析:pysce ...·  4 小时前    · 
活泼的金针菇  ·  单细胞 | pySCENIC·转录因子分析(一)·  4 小时前    · 
Code  ›  揭秘 WebFlux 中如何修改 request/response body
string mono exchange
https://juejin.cn/post/7068571259436548104
侠义非凡的菠菜
10 月前

完整的代码请参考 github.com/javahongxi/…

我们的一些企业对于HTTP服务有一些非正常的做法,它们客户端的请求body是加密的,即在服务端需要对请求body进行解密,而服务端响应的body也要求加密。本文就来揭秘这一需求在 WebFlux 中如何实现,我们给 request/response body 均增加一个表示时间戳的字段 start/end 来模拟请求数据解密和响应数据加密,思路如下。

首先我们需要知道,WebFlux 的过滤器/拦截器是统一用 WebFilter 来表示的,与 Spring MVC 类似,对于 application/json 请求,WebFlux 读取 body inputstream 也只能读取一次,对于query params / form-data / form-x-www 请求,可以反复获取。 所以,怎么修改 application/json 请求的 request/response body 是一个难点。网上找遍了例子,大都是错误的例子或是hello demo,完全没法解决本文的需求。经过苦心探索,本人终于找到了解决方案,代码如下。 

import lombok.extern.slf4j.Slf4j;
import org.hongxi.sample.webflux.support.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.http.MediaType;
import org.springframework.http.codec.ServerCodecConfigurer;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;
import java.util.Map;
 * Created by shenhongxi on 2021/4/29.
@Slf4j
@Order(-1)
@Component
public class ModifyBodyFilter implements WebFilter {
    @Autowired
    private ServerCodecConfigurer codecConfigurer;
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
        if (WebUtils.shouldNotFilter(exchange)) {
            return chain.filter(exchange);
        return ParamUtils.from(exchange)
                .map(params -> decorate(exchange, params))
                .flatMap(chain::filter);
    private ServerWebExchange decorate(ServerWebExchange exchange, Map<String, Object> params) {
        if (params.isEmpty()) {
            return exchange;
        ServerHttpResponse serverHttpResponse = new ModifiedServerHttpResponse(exchange, codecConfigurer.getReaders());
        MediaType contentType = exchange.getRequest().getHeaders().getContentType();
        if (contentType != null && contentType.isCompatibleWith(MediaType.APPLICATION_JSON)) {
            Map<String, Object> decrypted = Crypto.decrypt(params);
            exchange.getAttributes().put(WebUtils.REQUEST_PARAMS_ATTR, decrypted);
            byte[] rawBody = JacksonUtils.serialize(decrypted);
            ServerHttpRequest serverHttpRequest = new ModifiedServerHttpRequest(exchange.getRequest(), rawBody);
            return exchange.mutate().request(serverHttpRequest).response(serverHttpResponse).build();
        ServerWebExchange serverWebExchange = new ModifiedServerWebExchange(exchange);
        return serverWebExchange.mutate().response(serverHttpResponse).build();

import org.springframework.core.ResolvableType;
import org.springframework.http.MediaType;
import org.springframework.http.codec.DecoderHttpMessageReader;
import org.springframework.http.codec.HttpMessageReader;
import org.springframework.http.codec.json.Jackson2JsonDecoder;
import org.springframework.web.bind.support.WebExchangeDataBinder;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import java.util.Collections;
import java.util.Map;
 * Created by shenhongxi on 2021/4/29.
public abstract class ParamUtils {
    @SuppressWarnings("rawtypes")
    private static final HttpMessageReader messageReader =
            new DecoderHttpMessageReader<>(new Jackson2JsonDecoder());
    @SuppressWarnings("unchecked")
    public static Mono<Map<String, Object>> from(ServerWebExchange exchange) {
        Map<String, Object> data = exchange.getAttribute(WebUtils.REQUEST_PARAMS_ATTR);
        if (data != null) {
            return Mono.just(data);
        Mono<Map<String, Object>> params;
        MediaType contentType = exchange.getRequest().getHeaders().getContentType();
        if (contentType != null && contentType.isCompatibleWith(MediaType.APPLICATION_JSON)) {
            params = (Mono<Map<String, Object>>) messageReader.readMono(
                    ResolvableType.forType(Map.class), exchange.getRequest(), Collections.emptyMap());
        } else {
            params = WebExchangeDataBinder.extractValuesToBind(exchange);
        return params.doOnNext(e -> exchange.getAttributes().put(WebUtils.REQUEST_PARAMS_ATTR, e));

import io.netty.buffer.ByteBufAllocator;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import reactor.core.publisher.Flux;
import java.nio.charset.StandardCharsets;
 * Created by shenhongxi on 2021/4/29.
public class ModifiedServerHttpRequest extends ServerHttpRequestDecorator {
    private final byte[] rawBody;
    public ModifiedServerHttpRequest(ServerHttpRequest delegate, byte[] rawBody) {
        super(delegate);
        this.rawBody = rawBody;
    @Override
    public Flux<DataBuffer> getBody() {
        NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT);
        DataBuffer buffer = nettyDataBufferFactory.allocateBuffer(this.rawBody.length);
        buffer.write(this.rawBody);
        return Flux.just(buffer);
    @Override
    public HttpHeaders getHeaders() {
        // 必须 new,不能直接操作 super.getHeaders()(readonly)
        HttpHeaders headers = new HttpHeaders();
        headers.addAll(super.getHeaders());
        headers.setContentLength(this.rawBody.length);
        return headers;
     * @return body json string
    public String bodyString() {
        return new String(rawBody, StandardCharsets.UTF_8);

import org.reactivestreams.Publisher;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ReactiveHttpOutputMessage;
import org.springframework.http.codec.HttpMessageReader;
import org.springframework.http.server.reactive.ServerHttpResponseDecorator;
import org.springframework.web.reactive.function.BodyInserter;
import org.springframework.web.reactive.function.BodyInserters;
import org.springframework.web.reactive.function.client.ClientResponse;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import java.util.List;
 * Created by shenhongxi on 2021/4/29.
public class ModifiedServerHttpResponse extends ServerHttpResponseDecorator {
    private final ServerWebExchange exchange;
    private final List<HttpMessageReader<?>> messageReaders;
    public ModifiedServerHttpResponse(ServerWebExchange exchange,
                                      List<HttpMessageReader<?>> messageReaders) {
        super(exchange.getResponse());
        this.exchange = exchange;
        this.messageReaders = messageReaders;
    @Override
    public Mono<Void> writeWith(Publisher<? extends DataBuffer> body) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        // 这里只是借用 ClientResponse 这个类获取修改之前的 body
        // server 端最终返回的是 ServerResponse/ServerHttpResponse
        ClientResponse clientResponse = prepareClientResponse(body, httpHeaders);
        Mono<byte[]> modifiedBody = clientResponse.bodyToMono(byte[].class)
                .flatMap(originalBody -> Mono.just(Crypto.encrypt(originalBody)));
        BodyInserter<Mono<byte[]>, ReactiveHttpOutputMessage> bodyInserter =
                BodyInserters.fromPublisher(modifiedBody, byte[].class);
        CachedBodyOutputMessage outputMessage = new CachedBodyOutputMessage(exchange,
                exchange.getResponse().getHeaders());
        return bodyInserter.insert(outputMessage, new BodyInserterContext()).then(Mono.defer(() -> {
            Mono<DataBuffer> messageBody = DataBufferUtils.join(outputMessage.getBody());
            HttpHeaders headers = getDelegate().getHeaders();
            if (!headers.containsKey(HttpHeaders.TRANSFER_ENCODING)
                    || headers.containsKey(HttpHeaders.CONTENT_LENGTH)) {
                messageBody = messageBody.doOnNext(data -> headers.setContentLength(data.readableByteCount()));
            return getDelegate().writeWith(messageBody);
    @Override
    public Mono<Void> writeAndFlushWith(Publisher<? extends Publisher<? extends DataBuffer>> body) {
        return writeWith(Flux.from(body).flatMapSequential(p -> p));
    private ClientResponse prepareClientResponse(Publisher<? extends DataBuffer> body, HttpHeaders httpHeaders) {
        ClientResponse.Builder builder = ClientResponse.create(HttpStatus.OK, messageReaders);
        return builder.headers(headers -> headers.putAll(httpHeaders)).body(Flux.from(body)).build();

import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.ServerWebExchangeDecorator;
import reactor.core.publisher.Mono;
 * Created by shenhongxi on 2021/4/29.
public class ModifiedServerWebExchange extends ServerWebExchangeDecorator {
    public ModifiedServerWebExchange(ServerWebExchange delegate) {
        super(delegate);
    @Override
    public Mono<MultiValueMap<String, String>> getFormData() {
        return super.getFormData()
                .map(Crypto::decrypt)
                .doOnNext(decrypted -> getDelegate().getAttributes()
                        .put(WebUtils.REQUEST_PARAMS_ATTR, decrypted)

import org.springframework.util.MultiValueMap;
import org.springframework.util.MultiValueMapAdapter;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
 * Created by shenhongxi on 2021/4/29.
public class Crypto {
     * 模拟解密逻辑:添加一个请求参数 start
     * @param requestBody
     * @return
    public static Map<String, Object> decrypt(Map<String, Object> requestBody) {
        Map<String, Object> decrypted = new HashMap<>(requestBody);
        decrypted.put("start", System.currentTimeMillis());
        return decrypted;
     * 模拟解密逻辑:添加一个请求参数 start
     * @param formData
     * @return
    public static MultiValueMap<String, String> decrypt(MultiValueMap<String, String> formData) {
        MultiValueMap<String, String> decrypted = new MultiValueMapAdapter<>(formData);
        decrypted.put("start", Collections.singletonList(String.valueOf(System.currentTimeMillis())));
        return decrypted;
     * 模拟加密逻辑:添加一个响应参数 end
     * @param responseBody
     * @return
    public static byte[] encrypt(byte[] responseBody) {
        Map<String, Object> result = JacksonUtils.deserialize(responseBody, Map.class);
        result.put("end", System.currentTimeMillis());
        return JacksonUtils.serialize(result);

import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.springframework.http.codec.HttpMessageWriter;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.web.reactive.function.BodyInserter;
import org.springframework.web.reactive.function.client.ExchangeStrategies;
 * Created by shenhongxi on 2021/5/3.
public class BodyInserterContext implements BodyInserter.Context {
	private final ExchangeStrategies exchangeStrategies;
	public BodyInserterContext() {
		this.exchangeStrategies = ExchangeStrategies.withDefaults();
	public BodyInserterContext(ExchangeStrategies exchangeStrategies) {
		this.exchangeStrategies = exchangeStrategies;
	@Override
	public List<HttpMessageWriter<?>> messageWriters() {
		return exchangeStrategies.messageWriters();
	@Override
	public Optional<ServerHttpRequest> serverRequest() {
		return Optional.empty();
	@Override
	public Map<String, Object> hints() {
		return Collections.emptyMap();

import java.util.function.Supplier;
import org.reactivestreams.Publisher;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ReactiveHttpOutputMessage;
import org.springframework.web.server.ServerWebExchange;
 * Created by shenhongxi on 2021/5/3.
public class CachedBodyOutputMessage implements ReactiveHttpOutputMessage {
	private final DataBufferFactory bufferFactory;
	private final HttpHeaders httpHeaders;
	private boolean cached = false;
	private Flux<DataBuffer> body = Flux
			.error(new IllegalStateException("The body is not set. " + "Did handling complete with success?"));
	public CachedBodyOutputMessage(ServerWebExchange exchange, HttpHeaders httpHeaders) {
		this.bufferFactory = exchange.getResponse().bufferFactory();
		this.httpHeaders = httpHeaders;
	@Override
	public void beforeCommit(Supplier<? extends Mono<Void>> action) {
	@Override
	public boolean isCommitted() {
		return false;
	boolean isCached() {
		return this.cached;
	@Override
	public HttpHeaders getHeaders() {
		return this.httpHeaders;
	@Override
	public DataBufferFactory bufferFactory() {
		return this.bufferFactory;
	 * Return the request body, or an error stream if the body was never set or when.
	 * @return body as {@link Flux}
	public Flux<DataBuffer> getBody() {
		return this.body;
	public Mono<Void> writeWith(Publisher<? extends DataBuffer> body) {
		this.body = Flux.from(body);
		this.cached = true;
		return Mono.empty();
	@Override
	public Mono<Void> writeAndFlushWith(Publisher<? extends Publisher<? extends DataBuffer>> body) {
		return writeWith(Flux.from(body).flatMap(p -> p));
	@Override
	public Mono<Void> setComplete() {
		return writeWith(Flux.empty());

完整的代码请参考 github.com/javahongxi/…
avatar
javahongxi 基础架构专家 @ 奇虎360 33.3k
粉丝
相关推荐
详细分析ResponseBodyAdvice的使用与原理
1.5k阅读
·
15点赞
小坑,大跟头。如何正确在 Golang 中在处理 Http Request 之前修改 Host 字段内容
19.7k阅读
·
16点赞
response body 加密了怎么办? 来 破解它
3.0k阅读
·
27点赞
如何让 gin 正确读取 http response body 内容,并多次使用
14.7k阅读
·
17点赞
如何让 gin 正确多次读取 http request body 内容
15.8k阅读
·
11点赞

友情链接:

 
推荐文章
侠义非凡的菠菜  ·  Python pandas 缺失/空值判断与处理_pandas判断是否有空值
4 天前
侠义非凡的菠菜  ·  C++ 单例模式 - 恋恋风辰
3 月前
侠义非凡的菠菜  ·  rc-form源码浅析 -
7 月前
侠义非凡的菠菜  ·  python从第2行读取csv文件_mob649e815574e6的技术博客_
9 月前
侠义非凡的菠菜  ·  SqlServer数据实时同步到mysql_sqlserver 实时同步到mysql_JudeDong的博客
9 月前
侠义非凡的菠菜  ·  性能提升2.5倍!字节开源高性能C++ JSON库sonic-cpp_技术杂谈_IT加油站
10 月前
侠义非凡的菠菜  ·  云访问安全代理 标签管理-操作指南-文档中心
10 月前
侠义非凡的菠菜  ·  揭秘 WebFlux 中如何修改 request/response body
10 月前
侠义非凡的菠菜  ·  从拉普拉斯矩阵说到谱聚类|向量|权值|特征值|算法_网易订阅
10 月前
侠义非凡的菠菜  ·  Configuring HTTP Secure Headers
10 月前
聪明的作业本  ·  Advanced query capabilities on Microsoft Entra ID objects - Microsoft Graph | Microsoft Learn
59 分钟前
失望的鸡蛋面  ·  "Microsoft Outlook had problems encrypting this message..." - Microsoft Community
1小时前
坚强的柿子  ·  mongodb 多表关联处理 : 内嵌以及连接(手动引用、DBref) 、aggregate中$lookup - 蜡笔小新萌萌哒
1小时前
眼睛小的香烟  ·  mongodb基本使用,DBRef_mongodb dbref
1小时前
不爱学习的火腿肠  ·  java 调用打印机_printservicelookup
2 小时前
旅行中的铁链  ·  错误信息:SSL ShakeHand :服务器不支持ssl,请检查服务器配置, errorCode: 1 - Microsoft Community
3 小时前
憨厚的金鱼  ·  Scanpy数据结构:AnnData - 何帅
3 小时前
阳光的葫芦  ·  李晶团队:神经内分泌前列腺癌的单细胞转录调控和遗传进化
4 小时前
大力的冰棍  ·  PySCENIC(四)个性化分析:pyscenic结果之差异转录因子分析及其他可视化_pyscenic分析中怎么查看tf的靶基因
4 小时前
活泼的金针菇  ·  单细胞 | pySCENIC·转录因子分析(一)
4 小时前
Code - 代码工具平台
删除内容请联系邮箱 2879853325@qq.com
© 2024 ~ 沪ICP备11025650号