基於Ant路徑匹配規則AntPathMatcher的註意事項
AntPathMatcher前言
(1)SpringMVC的路徑匹配規則是依照Ant的來的,實際上不隻是SpringMVC,整個Spring框架的路徑解析都是按照Ant的風格來的;
(2)AntPathMatcher不僅可以匹配Spring的@RequestMapping路徑,也可以用來匹配各種字符串,包括文件路徑等。
基本規則
(1)? 匹配一個字符(除過操作系統默認的文件分隔符)
(2)* 匹配0個或多個字符
(3)**匹配0個或多個目錄
(4){spring:[a-z]+} 將正則表達式[a-z]+匹配到的值,賦值給名為 spring 的路徑變量.
(PS:必須是完全匹配才行,在SpringMVC中隻有完全匹配才會進入controller層的方法)
註意事項
(1)匹配文件路徑,需要匹配某目錄下及其各級子目錄下所有的文件,使用/**/*而非*.*,因為有的文件不一定含有文件後綴;
(2)匹配文件路徑,使用AntPathMatcher創建一個對象時,需要註意AntPathMatcher也有有參構造,傳遞路徑分隔符參數pathSeparator,對於文件路徑的匹配來說,則需要根據不同的操作系統來傳遞各自的文件分隔符,以此防止匹配文件路徑錯誤。源碼截圖如下:
可以看到,AntPathMatcher默認路徑分隔符為“/”,而在匹配文件路徑時,需要註意Windows下路徑分隔符為“\”,Linux下為“/”,寫法即為:
AntPathMatcher matcher = new AntPathMatcher(File.separator);
AntPathMatcher matcher = new AntPathMatcher(System.getProperty("file.separator"));
(3)最長匹配規則(has more characters),即越精確的模式越會被優先匹配到。例如,URL請求/app/dir/file.jsp,現在存在兩個路徑匹配模式/**/*.jsp和/app/dir/*.jsp,那麼會根據模式/app/dir/*.jsp來匹配。
測試用例
// test exact matching
assertTrue(pathMatcher.match("test", "test"));
assertTrue(pathMatcher.match("/test", "/test"));
assertTrue(pathMatcher.match("http://example.org", "http://example.org")); // SPR-14141
assertFalse(pathMatcher.match("/test.jpg", "test.jpg"));
assertFalse(pathMatcher.match("test", "/test"));
assertFalse(pathMatcher.match("/test", "test"));
// test matching with ?'s
assertTrue(pathMatcher.match("t?st", "test"));
assertTrue(pathMatcher.match("??st", "test"));
assertTrue(pathMatcher.match("tes?", "test"));
assertTrue(pathMatcher.match("te??", "test"));
assertTrue(pathMatcher.match("?es?", "test"));
assertFalse(pathMatcher.match("tes?", "tes"));
assertFalse(pathMatcher.match("tes?", "testt"));
assertFalse(pathMatcher.match("tes?", "tsst"));
// test matching with *'s
assertTrue(pathMatcher.match("*", "test"));
assertTrue(pathMatcher.match("test*", "test"));
assertTrue(pathMatcher.match("test*", "testTest"));
assertTrue(pathMatcher.match("test/*", "test/Test"));
assertTrue(pathMatcher.match("test/*", "test/t"));
assertTrue(pathMatcher.match("test/*", "test/"));
assertTrue(pathMatcher.match("*test*", "AnothertestTest"));
assertTrue(pathMatcher.match("*test", "Anothertest"));
assertTrue(pathMatcher.match("*.*", "test."));
assertTrue(pathMatcher.match("*.*", "test.test"));
assertTrue(pathMatcher.match("*.*", "test.test.test"));
assertTrue(pathMatcher.match("test*aaa", "testblaaaa"));
assertFalse(pathMatcher.match("test*", "tst"));
assertFalse(pathMatcher.match("test*", "tsttest"));
assertFalse(pathMatcher.match("test*", "test/"));
assertFalse(pathMatcher.match("test*", "test/t"));
assertFalse(pathMatcher.match("test/*", "test"));
assertFalse(pathMatcher.match("*test*", "tsttst"));
assertFalse(pathMatcher.match("*test", "tsttst"));
assertFalse(pathMatcher.match("*.*", "tsttst"));
assertFalse(pathMatcher.match("test*aaa", "test"));
assertFalse(pathMatcher.match("test*aaa", "testblaaab"));
// test matching with ?'s and /'s
assertTrue(pathMatcher.match("/?", "/a"));
assertTrue(pathMatcher.match("/?/a", "/a/a"));
assertTrue(pathMatcher.match("/a/?", "/a/b"));
assertTrue(pathMatcher.match("/??/a", "/aa/a"));
assertTrue(pathMatcher.match("/a/??", "/a/bb"));
assertTrue(pathMatcher.match("/?", "/a"));
// test matching with **'s
assertTrue(pathMatcher.match("/**", "/testing/testing"));
assertTrue(pathMatcher.match("/*/**", "/testing/testing"));
assertTrue(pathMatcher.match("/**/*", "/testing/testing"));
assertTrue(pathMatcher.match("/bla/**/bla", "/bla/testing/testing/bla"));
assertTrue(pathMatcher.match("/bla/**/bla", "/bla/testing/testing/bla/bla"));
assertTrue(pathMatcher.match("/**/test", "/bla/bla/test"));
assertTrue(pathMatcher.match("/bla/**/**/bla", "/bla/bla/bla/bla/bla/bla"));
assertTrue(pathMatcher.match("/bla*bla/test", "/blaXXXbla/test"));
assertTrue(pathMatcher.match("/*bla/test", "/XXXbla/test"));
assertFalse(pathMatcher.match("/bla*bla/test", "/blaXXXbl/test"));
assertFalse(pathMatcher.match("/*bla/test", "XXXblab/test"));
assertFalse(pathMatcher.match("/*bla/test", "XXXbl/test"));
assertFalse(pathMatcher.match("/????", "/bala/bla"));
assertFalse(pathMatcher.match("/**/*bla", "/bla/bla/bla/bbb"));
assertTrue(pathMatcher.match("/*bla*/**/bla/**", "/XXXblaXXXX/testing/testing/bla/testing/testing/"));
assertTrue(pathMatcher.match("/*bla*/**/bla/*", "/XXXblaXXXX/testing/testing/bla/testing"));
assertTrue(pathMatcher.match("/*bla*/**/bla/**", "/XXXblaXXXX/testing/testing/bla/testing/testing"));
assertTrue(pathMatcher.match("/*bla*/**/bla/**", "/XXXblaXXXX/testing/testing/bla/testing/testing.jpg"));
assertTrue(pathMatcher.match("*bla*/**/bla/**", "XXXblaXXXX/testing/testing/bla/testing/testing/"));
assertTrue(pathMatcher.match("*bla*/**/bla/*", "XXXblaXXXX/testing/testing/bla/testing"));
assertTrue(pathMatcher.match("*bla*/**/bla/**", "XXXblaXXXX/testing/testing/bla/testing/testing"));
assertFalse(pathMatcher.match("*bla*/**/bla/*", "XXXblaXXXX/testing/testing/bla/testing/testing"));
assertFalse(pathMatcher.match("/x/x/**/bla", "/x/x/x/"));
assertTrue(pathMatcher.match("/foo/bar/**", "/foo/bar")) ;
assertTrue(pathMatcher.match("", ""));
assertTrue(pathMatcher.match("/{bla}.*", "/testing.html"));
spring url匹配工具類—-AntPathMatcher
在gateway進行授權認證時,有些請求url需要過濾掉,針對帶/service/{id}/user-info這種帶操作符的請求,需要特殊處理—-AntPathMatcher就上場啦
具體使用場景
1.登錄授權驗證:過濾掉登錄請求,一些資源獲取請求
2.請求接口日志打印:過濾掉文件上傳和下載的一些請求,requestBody裡的文件流會被異常修改
具體代碼:
請求body的二次寫入
@Component
public class CachePostBodyFilter implements GlobalFilter, Ordered {
private final List<HttpMessageReader<?>> messageReaders;
public CachePostBodyFilter() {
this.messageReaders = HandlerStrategies.withDefaults().messageReaders();
}
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
ServerHttpRequest request = exchange.getRequest();
if (FilterUrl.excludeUrls(new FilterUrl(request.getPath().toString(), request.getMethod()))) {
return chain.filter(exchange);
}
if (Objects.equals(request.getMethod(), HttpMethod.POST)) {
ServerRequest serverRequest = ServerRequest.create(exchange,
messageReaders);
Mono<String> modifiedBody = serverRequest.bodyToMono(String.class)
.flatMap(body -> {
exchange.getAttributes().put(RequestConstants.REQUEST_BODY, body);
return Mono.just(body);
});
BodyInserter bodyInserter = BodyInserters.fromPublisher(modifiedBody, String.class);
HttpHeaders headers = new HttpHeaders();
headers.putAll(exchange.getRequest().getHeaders());
// the new content type will be computed by bodyInserter
// and then set in the request decorator
headers.remove(HttpHeaders.CONTENT_LENGTH);
CachedBodyOutputMessage outputMessage = new CachedBodyOutputMessage(exchange, headers);
return bodyInserter.insert(outputMessage, new BodyInserterContext()).
then(Mono.defer(() -> {
ServerHttpRequest decorator = decorate(exchange, headers,
outputMessage);
return chain.filter(exchange.mutate().request(decorator).build());
}));
}
return chain.filter(exchange);
}
ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers,
CachedBodyOutputMessage outputMessage) {
return new ServerHttpRequestDecorator(exchange.getRequest()) {
@Override
public HttpHeaders getHeaders() {
long contentLength = headers.getContentLength();
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.putAll(headers);
if (contentLength > 0) {
httpHeaders.setContentLength(contentLength);
} else {
httpHeaders.set(HttpHeaders.TRANSFER_ENCODING, "chunked");
}
return httpHeaders;
}
@Override
public Flux<DataBuffer> getBody() {
return outputMessage.getBody();
}
};
}
@Override
public int getOrder() {
return -8;
}
}
@Data
@NoArgsConstructor
@AllArgsConstructor
public class FilterUrl {
private String url;
private HttpMethod method;
public static boolean excludeUrls(FilterUrl targetUrl) {
List<FilterUrl> excludeUrls = Lists.newArrayList();
excludeUrls.add(new FilterUrl("/api/v1/service/users", HttpMethod.POST));
excludeUrls.add(new FilterUrl("/api/v1/service/terms/{termId}/export", HttpMethod.GET));
AntPathMatcher antPathMatcher = new AntPathMatcher();
return excludeUrls.stream()
.anyMatch(url -> antPathMatcher.match(url.getUrl(), targetUrl.getUrl()) && url.getMethod().equals(targetUrl.getMethod()));
}
}
以上為個人經驗,希望能給大傢一個參考,也希望大傢多多支持WalkonNet。
推薦閱讀:
- Spring5路徑匹配器PathPattern解析
- Spring Cloud Gateway 獲取請求體(Request Body)的多種方法
- SpringCloud gateway request的body驗證或修改方式
- Java正則表達式API邊界匹配
- spring boot RestTemplate 發送get請求的踩坑及解決