SpringBoot切⾯拦截@PathVariable参数及抛出异常的全局
处理⽅式
⽬录
SpringBoot切⾯拦截@PathVariable参数及抛出异常的全局处理
例如:
为了⽅便统⼀验证,基于切⾯来实现数据的验证
全局异常处理
异常原因:
flect.UndeclaredThrowableException的解决
问题
原因
解决
教训
SpringBoot切⾯拦截@PathVariable参数及抛出异常的全局处理
⼩程序的接⼝验证防⽌⾮法请求,登录的时候获取openId⽣成⼀个七天有效期token存⼊redis中。
后续每次请求都需要把token作为参数传给后台接⼝进⾏验证,为了⽅便使⽤@PathVariable 直接将参数做为路径传过来不⽤每⼀次都添加param参数也⽅便前端接⼝的请求。
例如:
@ApiOperation(value = "⼩程序登录")
@PostMapping("/login")
public AntdResponse login(@RequestParam String username, @RequestParam String password, @RequestParam String openId) throws Exception {
String st = wxTokenService.passport(username, password);
//省略。。。。。
String wxToken = IdUtil.simpleUUID();
data.put("wxToken", wxToken);
wxTokenService.saveWxTokenToRedis(wxToken, openId);
return new AntdResponse().success("登录成功,登录有效期七天").data(data);
}
@ApiOperation(value = "预约订单")
@PostMapping("/{wxToken}/addOrder")
public AntdResponse addOrder(@PathVariable String wxToken, @RequestBody ProductOrderDto productOrderDto){
String openId = OpenIdByWxToken(wxToken);
orderService.addOrder(openId, productOrderDto);
return new AntdResponse().success("预约订单成功");
}
为了⽅便统⼀验证,基于切⾯来实现数据的验证
package cn.pconline.antd.smallshop.interceptor;
import cn.ption.WxTokenException;
import cn.pconline.antd.smallshop.service.IWxTokenService;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.t.request.RequestContextHolder;
import org.t.request.ServletRequestAttributes;
import org.springframework.web.servlet.HandlerMapping;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
/**
* @Description ⼩程序登录拦截
* @Author jie.zhao
* @Date 2020/10/26 18:08
*/
@Component
@Aspect
public class WxMiniInterceptor {
@Autowired
private IWxTokenService wxTokenService;
//这⾥需要把登录的请求控制器排除出去
@Pointcut("within (cn.pconline.antd.smallshop.wxmini..*) && !within(cn.pconline.antd.smallshop.wxmini.WxMiniLoginController)")
public void pointCut() {
}
@Around("pointCut()")
public Object trackInfo(ProceedingJoinPoint joinPoint) throws Throwable {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestAttributes();
HttpServletRequest request = Request();
Map pathVariables = (Map) Attribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE);
String wxToken = (String) ("wxToken");
if (wxToken == null) {
throw new WxTokenException("⼩程序令牌参数缺失!");
}
String openId = OpenIdByWxToken(wxToken);
if (openId == null || "".equals(openId)) {
throw new WxTokenException("登录失效,请重新登录!");
}
return joinPoint.proceed();
}
}
全局异常处理
@RestControllerAdvice
@Order(value = Ordered.HIGHEST_PRECEDENCE)
public class GlobalExceptionHandler {
@ExceptionHandler(value = WxTokenException.class)
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
public AntdResponse handleWxTokenException(WxTokenException e) {
<("Token拦截异常信息:", e);
return new AntdResponse().Message()).code(Code().toString()).status(Text());
}
}
package cn.ption;
/**
* 授权token异常
*/
public class WxTokenException extends RuntimeException {
private static final long serialVersionUID = -3608667856397125671L;
public WxTokenException(String message) {
super(message);
}
}
这⾥需要注意的是 WxTokenException 要继承RuntimeException⽽不是Exception,否则的话会报UndeclaredThrowableException。
flect.UndeclaredThrowableException
at com.ller.UserController$$EnhancerBySpringCGLIB$$e4eb8ece.profile(<generated>)
异常原因:
我们的异常处理类,实际是动态代理的⼀个实现。
如果⼀个异常是检查型异常并且没有在动态代理的接⼝处声明,那么它将会被包装成UndeclaredThrowableException.
⽽我们定义的⾃定义异常,被定义成了检查型异常,导致被包装成了UndeclaredThrowableException
flect.UndeclaredThrowableException的解决
这2天开始写web接⼝,由于项⽬后端就我⼀个⼈,写起来⽐较慢。,遇到好多奇怪的问题,也基本只能⼀个⼈去解决。今天下午给这个问题坑了半天。现在脑壳⼦还疼。
问题
业务上需要实现⼀个功能,拦截请求的参数。检查是否包含token。项⽬是基于springmvc来实现的,这⾥很⾃然使⽤ spring 切⾯技术。拦截所有controller的请求,然后检查是否携带了token参数。如果没携带,则抛⼀个⾃定义异常。再调⽤统⼀异常处理类来处理。
涉及的类如下:
package com.insigmaunited.lightai.base;
import com.ption.TokenEmptyException;
import com.sult.Response;
import com.insigmaunited.lightai.util.StringUtil;
import org.aspectj.lang.annotation.Before;
import org.springframework.stereotype.Component;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.t.request.RequestAttributes;
import org.t.request.RequestContextHolder;
import org.t.request.ServletRequestAttributes; import javax.servlet.http.HttpServletRequest;
/**
* 权限拦截AOP
* @author Administrator
*
*/
@Component
@Aspect
public class PermissionAop {
private final Logger logger = Logger(PermissionAop.class);
// 定义切点Pointcut
@Pointcut("execution(* com.ller.*Controller.*(..))")
public void pointCut(){}
@Before("pointCut()")
public void before() throws Throwable {
RequestAttributes ra = RequestAttributes();
ServletRequestAttributes sra = (ServletRequestAttributes) ra;
HttpServletRequest request = Request();
String url = RequestURL().toString();
String method = Method();
String uri = RequestURI();
String queryString = QueryString();
System.out.println(url);
System.out.println(method);
System.out.println(uri);
System.out.println(queryString);
if (StringUtil.isNotEmpty(queryString) && queryString.indexOf("token") != -1 ){ }else{
throw new TokenEmptyException("token缺失");
}
}
}
⾃定义异常类
package com.ption;
public class TokenEmptyException extends Exception {
public TokenEmptyException(String message) {
super(message);
}
}
异常统⼀处理类
package com.ption;
import com.insigmaunited.lightai.base.BaseException;
import com.sult.Response;
import org.springframework.http.HttpStatus;
import org.springframework.web.HttpMediaTypeNotSupportedException;
springboot aopimport org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import com.ption.TokenEmptyException;
l.bind.ValidationException;
@ControllerAdvice
@ResponseBody
public class ExceptionAdvice extends BaseException {
/**
* 400 - Bad Request
*/
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(ValidationException.class)
public Response handleValidationException(ValidationException e) {
<("参数验证失败", e);
return new Response().failure("validation_exception");
}
/**
* 405 - Method Not Allowed
*/
@ResponseStatus(HttpStatus.METHOD_NOT_ALLOWED)
@ExceptionHandler(HttpRequestMethodNotSupportedException.class)
public Response handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException e) {
<("不⽀持当前请求⽅法", e);
return new Response().failure("request_method_not_supported");
}
/**
* 415 - Unsupported Media Type
*/
@ResponseStatus(HttpStatus.UNSUPPORTED_MEDIA_TYPE)
@ExceptionHandler(HttpMediaTypeNotSupportedException.class)
public Response handleHttpMediaTypeNotSupportedException(Exception e) {
<("不⽀持当前媒体类型", e);
return new Response().failure("content_type_not_supported");
}
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@ExceptionHandler(TokenEmptyException.class)
public Response handleTokenEmptyException(Exception e) {
<("token参数缺少", e);
return new Response().failure("token参数缺少");
}
/**
* 500 - Internal Server Error
*/
@ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
@ExceptionHandler(Exception.class)
public Response handleException(Exception e) {
<("服务运⾏异常", e);
return new Response().failure("服务运⾏异常");
}
}
此时调⽤接⼝,期望返回的是应该
{
"success": false,
"message": "token参数缺少",
"data": null
}
实际返回的是
{
"success": false,
"message": "服务运⾏异常",
"data": null
}
控制台的错误如下:
localhost:8080/user/3/profile
GET
/user/3/profile
null
[ ERROR ] 2017-12-08 18:29:19 - com.ption.ExceptionAdvice - ExceptionAdvice.java(63) - 服务运⾏异常
flect.UndeclaredThrowableException
at com.ller.UserController$$EnhancerBySpringCGLIB$$e4eb8ece.profile(<generated>)
flect.NativeMethodAccessorImpl.invoke0(Native Method)
flect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
flect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at flect.Method.invoke(Method.java:498)
at org.hod.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:221)
at org.hod.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:136)
at org.springframework.web.hod.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:110)
at org.springframework.web.hod.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:832) at org.springframework.web.hod.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:743)
at org.springframework.web.hod.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:961)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:895)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:967)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:858)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:843)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at at.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:475)
at org.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:651)
at org.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.tor.CoyoteAdapter.service(CoyoteAdapter.java:342)
at http11.Http11Processor.service(Http11Processor.java:498)
at AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:796)
at at.util.Nio2Endpoint$SocketProcessor.doRun(Nio2Endpoint.java:1688)
at at.util.SocketProcessorBase.run(SocketProcessorBase.java:49)
at at.util.AbstractEndpoint.processSocket(AbstractEndpoint.java:914)
at at.util.Nio2Endpoint$Nio2SocketWrapper$4pleted(Nio2Endpoint.java:536)
at at.util.Nio2Endpoint$Nio2SocketWrapper$4pleted(Nio2Endpoint.java:514)
at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
at sun.nio.ch.Invoker$2.run(Invoker.java:218)
at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at urrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at urrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.ption.TokenEmptyException: token缺失
at com.insigmaunited.lightai.base.PermissionAop.before(PermissionAop.java:53)
flect.NativeMethodAccessorImpl.invoke0(Native Method)
flect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
flect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at flect.Method.invoke(Method.java:498)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:620)
at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:602)
at org.springframework.aop.aspectj.AspectJMethodBeforeAdvice.before(AspectJMethodBeforeAdvice.java:41)
at org.springframework.aop.framework.adapter.MethodBeforeAdviceInterceptor.invoke(MethodBeforeAdviceInterceptor.java:51)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:655)
... 45 more
这很奇怪了。为何我抛的⾃定义异常变成了 UndeclaredThrowableException,导致不能被统⼀异常处理器正常处理。原因
通过搜索引擎,最终到的原因:
我们的异常处理类,实际是动态代理的⼀个实现。
如果⼀个异常是检查型异常并且没有在动态代理的接⼝处声明,那么它将会被包装成UndeclaredThrowableException.⽽我们定义的⾃定义异常,被定义成了检查型异常,导致被包装成了UndeclaredThrowableException
解决
知道原因就很简单了。要么抛 java.lang.RuntimeException or java.lang.Error ⾮检查性异常, 要么接⼝要声明异常。这⾥选择修改⾃定义异常为运⾏时异常即可。
package com.ption;
public class TokenEmptyException extends RuntimeException {
public TokenEmptyException(String message) {
super(message);
}
}
教训
1、⾃定义异常尽可能定义成运⾏时异常。
2、对异常的概念不清晰。基础不扎实。
以上为个⼈经验,希望能给⼤家⼀个参考,也希望⼤家多多⽀持。
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论