Java 在ServerAuthenticationConverter中读取请求正文后如何保存?
伙计们!也许有人遇到了获取请求主体的问题 我正在尝试使用Spring WebFlux+安全: 我使用SecurityConfigJava 在ServerAuthenticationConverter中读取请求正文后如何保存?,java,http,spring-security,controller,spring-webflux,Java,Http,Spring Security,Controller,Spring Webflux,伙计们!也许有人遇到了获取请求主体的问题 我正在尝试使用Spring WebFlux+安全: 我使用SecurityConfig @EnableWebFluxSecurity @EnableReactiveMethodSecurity public class SecurityConfig { ... 我的位置 .addFilterAt(authenticationWebFilter(), SecurityWebFiltersOrder.AUTHENTICATION) 用于检查身份验证
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class SecurityConfig {
...
我的位置
.addFilterAt(authenticationWebFilter(), SecurityWebFiltersOrder.AUTHENTICATION)
用于检查身份验证
private AuthenticationWebFilter authenticationWebFilter() {
AuthenticationWebFilter authenticationWebFilter = new AuthenticationWebFilter(new AuthManager());
authenticationWebFilter.setServerAuthenticationConverter(new AuthDataConverter());
return authenticationWebFilter;
}
我有一个自定义转换器(AuthDataConverter)和一个自定义管理器(AuthManager)。
当我发布http请求时,我陷入了转换器中:
在转换器内部-我获得请求的标题和正文:
import org.springframework.security.core.Authentication;
import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
import org.springframework.web.server.ServerWebExchange;
public class AuthDataConverter implements ServerAuthenticationConverter {
...
@Override
public Mono<Authentication> convert(ServerWebExchange exchange) {
HttpHeaders headers = exchange.getRequest().getHeaders();
Flux<DataBuffer> body = exchange.getRequest().getBody();
...
Mono<String> m = decodeToString(body);
return m.map(jsonBody -> {
Authentication auth = new MyAuthData(headers, jsonBody);
return auth;
});
}
导入org.springframework.security.core.Authentication;
导入org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
导入org.springframework.web.server.ServerWebExchange;
公共类AuthDataConverter实现ServerAuthenticationConverter{
...
@凌驾
公共Mono转换(服务器WebExchange){
HttpHeaders=exchange.getRequest().getHeaders();
Flux body=exchange.getRequest().getBody();
...
单声道m=解码串(主体);
返回m.map(jsonBody->{
Authentication auth=new MyAuthData(头,jsonBody);
返回auth;
});
}
所有良好的-AuthDataConverter都会获取请求参数并发送到AuthManager:
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.core.Authentication;
public class AuthManager implements ReactiveAuthenticationManager {
...
@Override
public Mono<Authentication> authenticate(Authentication auth) {
//check auth object
}
}
导入org.springframework.security.authentication.ReactiveAuthenticationManager;
导入org.springframework.security.core.Authentication;
公共类AuthManager实现ReactiveAuthenticationManager{
...
@凌驾
公共Mono身份验证(Authentication auth){
//检查身份验证对象
}
}
但是!问题是:在下一步中,我在控制器中的位置:
@RestController
@RequestMapping("/test")
public class TestController {
@PostMapping("/addParam")
public Response<MyParam> addParam(@RequestBody Mono<MyParam> param) {
//I can't go inside because the request body has already been read in AuthDataConverter
//How can save body of request?
}
@RestController
@请求映射(“/test”)
公共类测试控制器{
@后映射(“/addParam”)
公共响应addParam(@RequestBody Mono-param){
//我无法进入内部,因为已在AuthDataConverter中读取请求正文
//如何保存请求正文?
}
在Reactor HTTP请求正文被订阅一次后,next subscribe的结果为空。这是因为Reactor将HTTP请求正文的源设置为FluxRecive,FluxRecive是一个将消息正文发布为HTTP请求的动态发布器。因此,当HTTP请求消息正文被订阅一次时,所有后续订阅均为空因为HTTP请求的主体只发送一次
对我来说,这篇文章: