From fe282f4a8141d6eb746f6432824492fb45986f7e Mon Sep 17 00:00:00 2001
From: huguanghan <ghhul@isoftstone.com>
Date: Fri, 8 Nov 2024 17:18:41 +0800
Subject: [PATCH] =?UTF-8?q?Post=E8=AF=B7=E6=B1=82=E8=A7=A3=E5=AF=86?=
 =?UTF-8?q?=E4=BF=AE=E6=94=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../DecryptingOncePerRequestFilter.java       |  9 +++
 .../interceptor/DecryptingRequestWrapper.java | 67 +++++++++++++++++++
 .../das/common/interceptor/FilterConfig.java  |  1 -
 3 files changed, 76 insertions(+), 1 deletion(-)
 create mode 100644 das/src/main/java/com/das/common/interceptor/DecryptingRequestWrapper.java

diff --git a/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java b/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java
index 1d94ccb7..8e26c447 100644
--- a/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java
+++ b/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java
@@ -60,6 +60,15 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
             filterChain.doFilter(request, response);
         }
 
+        if (POST.matches(method) && StrUtil.isNotBlank(contentType) && contentType.contains(MediaType.MULTIPART_FORM_DATA_VALUE)){
+
+            String iv = request.getHeader(IV_ATTR_NAME);
+            // 包装请求以修改参数
+            DecryptingRequestWrapper wrappedRequest = new DecryptingRequestWrapper(request,aesKey,iv);
+            filterChain.doFilter(wrappedRequest, response);
+        } else {
+            filterChain.doFilter(request, response);
+        }
     }
 
     private String readRequestBody(HttpServletRequest request) throws IOException {
diff --git a/das/src/main/java/com/das/common/interceptor/DecryptingRequestWrapper.java b/das/src/main/java/com/das/common/interceptor/DecryptingRequestWrapper.java
new file mode 100644
index 00000000..c5288798
--- /dev/null
+++ b/das/src/main/java/com/das/common/interceptor/DecryptingRequestWrapper.java
@@ -0,0 +1,67 @@
+package com.das.common.interceptor;
+
+import com.das.common.utils.AESUtil;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequestWrapper;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class DecryptingRequestWrapper extends HttpServletRequestWrapper {
+    private final Map<String, String[]> decryptedParameters = new HashMap<>();
+
+    public DecryptingRequestWrapper(HttpServletRequest request,String aeskey,String iv) throws IOException {
+        super(request);
+
+        // 提取并解密参数，忽略文件部分
+        request.getParameterMap().forEach((key, values) -> {
+            if (!isFileParameter(key)) {
+                String[] decryptedValues = new String[values.length];
+                for (int i = 0; i < values.length; i++) {
+                    decryptedValues[i] = decrypt(values[i],aeskey,iv);  // 对每个值进行解密
+                }
+                decryptedParameters.put(key, decryptedValues);
+            }
+            else {
+                decryptedParameters.put(key,values);
+            }
+        });
+    }
+
+    @Override
+    public String getParameter(String name) {
+        if (decryptedParameters.containsKey(name)) {
+            return decryptedParameters.get(name)[0];
+        }
+        return super.getParameter(name);
+    }
+
+    @Override
+    public String[] getParameterValues(String name) {
+        if (decryptedParameters.containsKey(name)) {
+            return decryptedParameters.get(name);
+        }
+        return super.getParameterValues(name);
+    }
+
+    @Override
+    public Map<String, String[]> getParameterMap() {
+        Map<String, String[]> parameterMap = new HashMap<>(super.getParameterMap());
+        parameterMap.putAll(decryptedParameters);
+        return parameterMap;
+    }
+
+    // 解密
+    private String decrypt(String value,String aeskey,String iv) {
+        // 解密
+        return AESUtil.decrypt(aeskey, value, iv);
+    }
+
+    //判断是否为文件参数
+    private boolean isFileParameter(String key) {
+        // 实现用于判断 key 是否代表文件参数的逻辑
+        // 比如通过检查命名约定或文件类型
+        return key.equalsIgnoreCase("file");
+    }
+}
diff --git a/das/src/main/java/com/das/common/interceptor/FilterConfig.java b/das/src/main/java/com/das/common/interceptor/FilterConfig.java
index 0a59998f..b3e51d59 100644
--- a/das/src/main/java/com/das/common/interceptor/FilterConfig.java
+++ b/das/src/main/java/com/das/common/interceptor/FilterConfig.java
@@ -23,7 +23,6 @@ public class FilterConfig {
         //注册过滤器
         registrationBean.setFilter(new DecryptingOncePerRequestFilter(aesProperties.getKey()));
         registrationBean.addUrlPatterns("/api/*"); // 设置过滤器应用的URL模式
-//        registrationBean.addUrlPatterns("/a/*"); // 设置过滤器应用的URL模式
         registrationBean.setOrder(2); // 设置过滤器的顺序
         return registrationBean;
     }