zxc5659151
/
wlyy2.0
atdalīts no Amoy2/wlyy2.0


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182
							package com.yihu.iot.aop;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.google.common.collect.Lists;
import com.yihu.iot.dao.gateway.GcTokenDao;
import com.yihu.iot.service.platform.IotInterfaceLogService;
import com.yihu.iot.service.useragent.UserAgent;
import com.yihu.jw.entity.iot.gateway.GcToken;
import org.apache.commons.lang.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.multipart.MultipartFile;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * 接口调用日志记录
 * Created by yeshijie on 2020/06/09.
 */
@Aspect
@Component
public class IntefaceLogRequiredAOP {

    private Logger logger = LoggerFactory.getLogger(IntefaceLogRequiredAOP.class);

    @Autowired
    private UserAgent userAgent;
    @Autowired
    private IotInterfaceLogService iotInterfaceLogService;
    @Autowired
    private GcTokenDao gcTokenDaoDao;

    //Controller层切点路径
    @Pointcut("execution(* com.yihu.iot..*.*(..))")
    public void controllerAspect() {
    }
    public IntefaceLogRequiredAOP() {
        //System.out.println("Observer---------------------------------------");
    }


    @Around("controllerAspect() && @annotation(com.yihu.iot.aop.IntefaceLogRequired)")
    public Object addIntefaceLog(ProceedingJoinPoint point) throws Throwable {
        Object o = null;
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
        String error = "";
        try {
            MethodSignature signature = (MethodSignature) point.getSignature();
            Method method = signature.getMethod();
            String params = getMethodParams(point);
            long start = System.currentTimeMillis();
            Object result = point.proceed();
            long end = System.currentTimeMillis();
            String deleteSensitiveContent =  deleteSensitiveContent(result);
            JSONObject responseJson = JSONObject.parseObject(deleteSensitiveContent);
            Integer state = responseJson.getInteger("status")==200?1:0;
            Map<String,String> paramsMap = getMehtodParam(request);
            try {
                String appid = paramsMap.get("appId");
                if(StringUtils.isEmpty(appid)){
                    //如果没有传appid，则从token中取
                    String accesstoken = request.getHeader("accesstoken");
                    GcToken gcToken = gcTokenDaoDao.findByToken(accesstoken);
                    appid = gcToken.getAppid();
                }
                iotInterfaceLogService.saveLog(appid,params,deleteSensitiveContent, request,state,method.getName());
            }catch (Exception e){
                e.printStackTrace();
            }
            logger.info("结束请求方法:[{}] 参数:[{}] 返回结果[{}] 耗时:[{}]毫秒 ",
                    method.getName(), params, deleteSensitiveContent, end - start);
            return result;
        }catch (Exception e){
            e.printStackTrace();
            //return o;
        }
         o = point.proceed();
        return o;
    }

    private String getMethodName(ProceedingJoinPoint joinPoint) {
        String methodName = joinPoint.getSignature().toShortString();
        String shortMethodNameSuffix = "(..)";
        if (methodName.endsWith(shortMethodNameSuffix)) {
            methodName = methodName.substring(0, methodName.length() - shortMethodNameSuffix.length());
        }
        return methodName;
    }

    private Map<String,String> getMehtodParam(HttpServletRequest request){
        Map<String,String> params = new HashMap<String,String>();
        Enumeration<String> e = request.getParameterNames();
        while(e.hasMoreElements()){
            String p = e.nextElement();
            if("logData".equals(p)){
                continue;
            }
            if("base64".equals(p)){
                continue;
            }
            params.put(p, request.getParameter(p));
        }
        return params;
    }

    private String getMethodParams(ProceedingJoinPoint joinPoint){
        Object[] arguments = joinPoint.getArgs();
        StringBuilder sb = new StringBuilder();
        if(arguments ==null || arguments.length <= 0){
            return sb.toString();
        }
        for (Object arg : arguments) {
            //移除敏感内容
            String paramStr;
            if (arg instanceof HttpServletResponse) {
                paramStr = HttpServletResponse.class.getSimpleName();
            } else if (arg instanceof HttpServletRequest) {
                paramStr = HttpServletRequest.class.getSimpleName();
            } else if (arg instanceof MultipartFile) {
                long size = ((MultipartFile) arg).getSize();
                paramStr = MultipartFile.class.getSimpleName() + " size:" + size;
            } else {
                paramStr = deleteSensitiveContent(arg);
            }
            sb.append(paramStr).append(",");
        }
        return sb.deleteCharAt(sb.length() - 1).toString();
    }

    /**
     * 删除参数中的敏感内容
     * @param obj 参数对象
     * @return 去除敏感内容后的参数对象
     */
    public static String deleteSensitiveContent(Object obj) {
        JSONObject jsonObject = new JSONObject();
        if (obj == null || obj instanceof Exception) {
            return jsonObject.toJSONString();
        }
        String param = JSON.toJSONString(obj);
        try {
            jsonObject = JSONObject.parseObject(param);
        }catch (Exception e) {
            return String.valueOf(obj);
        }
        List<String> sensitiveFieldList = getSensitiveFieldList();
        for (String sensitiveField : sensitiveFieldList) {
            if (jsonObject.containsKey(sensitiveField)) {
                jsonObject.put(sensitiveField, "******");
            }
        }
        return jsonObject.toJSONString();
    }

    /**
     * 敏感字段列表（当然这里你可以更改为可配置的）
     */
    private static List<String> getSensitiveFieldList() {
        List<String> sensitiveFieldList = Lists.newArrayList();
        sensitiveFieldList.add("pwd");
        sensitiveFieldList.add("password");
        return sensitiveFieldList;
    }

}