/*
* @(#)CharacterConfig Created on 2022-02-23
* Copyright (c) 2022 ZDSoft Networks, Inc. All rights reserved.
*/
package net.study.Test.config;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.MultipartConfigElement;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.MultipartConfigFactory;
import org.springframework.boot.web.servlet.ServletRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.format.FormatterRegistry;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.util.unit.DataSize;
import org.springframework.web.filter.CharacterEncodingFilter;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import net.study.Test.common.constants.BaseConstant;
import net.study.Test.common.converter.DateConverter;
import net.study.Test.common.filter.IllegalCharacterFilter;
import net.study.Test.common.interceptor.AdminIsLoginInterceptor;
import net.study.Test.common.interceptor.TestCommonInterceptor;
import net.study.Test.common.interceptor.TestSafeCodeInterceptor;
import net.study.Test.common.interceptor.TestInterfaceInterceptor;
import net.study.Test.common.interceptor.MobileCommonInterceptor;
import net.study.Test.common.resource.ResourcesLoad;
import net.study.Test.common.util.StorePathUtil;
import net.study.Test.service.base.wxb.filter.WxbCallBackFilter;
import net.study.Test.servlet.recordtoolupload.RecordToolUploadServlet;
import net.study.Test.servlet.upload.UploadServlet;
/**
* @author huangzy
* @version Revision: 1.0 , 2022-02-23 11:27
* @Configuration
*/
@Configuration
@EnableWebMvc
public class WebConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
registry.addViewController("/").setViewName("/Test/pages/redirect");
}
@Override
public void addFormatters(FormatterRegistry registry) {
registry.addConverter(new DateConverter());
}
/**
* wxb 过滤器
*
* @return
*/
@Bean
public FilterRegistrationBean wxbFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setName("WxbFilter");
filterRegistrationBean.setFilter(new WxbCallBackFilter());
filterRegistrationBean.addUrlPatterns("/wxbCall/*");
filterRegistrationBean.addUrlPatterns("/serverLog.action");
filterRegistrationBean.addUrlPatterns("/courseList.action");
return filterRegistrationBean;
}
/**
* 编码过滤器
*
* @return
*/
@Bean
public FilterRegistrationBean characterEncodingFilter() {
//设置字符编码格式,强制转换,并设置成utf-8
CharacterEncodingFilter characterEncodingFilter = new CharacterEncodingFilter();
characterEncodingFilter.setEncoding("utf-8");
characterEncodingFilter.setForceEncoding(true);
//过滤器注册器注册字符过滤器,并配置使用的范围
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setName("EncodeFilter");
filterRegistrationBean.setFilter(characterEncodingFilter);
filterRegistrationBean.addUrlPatterns("*");
return filterRegistrationBean;
}
@Bean
public HttpMessageConverter<String> responseBodyConverter() {
StringHttpMessageConverter converter = new StringHttpMessageConverter(Charset.forName("UTF-8"));
return converter;
}
@Override
public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
converters.add(responseBodyConverter());
}
/**
* 非法参数过滤器`
*
* @return
*/
@Bean
public FilterRegistrationBean illegalCharacterFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setName("IllegalCharacterFilter");
filterRegistrationBean.setFilter(new IllegalCharacterFilter());
Map<String, String> initParameters = new HashMap<>();
initParameters.put("methodNames",
"userCenterLogin;saveEvaluation;saveCourseJsonP;showSqlResultPage;saveOption;saveRegionOption;"
+ "editWaterMark;saveTeachActivitySummary;saveEvaluation;getMyClassSchedule;getMyListeningList;"
+ "getSendPage;openRtmpStatus;closeRtmpStatus");
filterRegistrationBean.setInitParameters(initParameters);
filterRegistrationBean.addUrlPatterns("*.action");
return filterRegistrationBean;
}
@Bean
public ServletRegistrationBean uploadServlet() {
ServletRegistrationBean servletRegistrationBean = new ServletRegistrationBean();
servletRegistrationBean.setName("UploadServlet");
servletRegistrationBean.setServlet(new UploadServlet());
servletRegistrationBean.addUrlMappings("/upload/upload.htm");
return servletRegistrationBean;
}
@Bean
public ServletRegistrationBean recordToolUploadServlet() {
ServletRegistrationBean servletRegistrationBean = new ServletRegistrationBean();
servletRegistrationBean.setName("RecordToolUploadServlet");
servletRegistrationBean.setServlet(new RecordToolUploadServlet());
servletRegistrationBean.addUrlMappings("/upload/recordToolUpload.htm");
return servletRegistrationBean;
}
/**
* 添加静态资源文件,外部可以直接访问地址
*
* @param registry
*/
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
String storePath = "file:" + StorePathUtil.getStorePath();
if (ResourcesLoad.getDevMode()) {
registry.addResourceHandler("/Test/static/**").addResourceLocations("classpath:/static/Test/static/");
registry.addResourceHandler("/admin/static/**").addResourceLocations("classpath:/static/admin/static/");
registry.addResourceHandler("/mobile/static/**").addResourceLocations("classpath:/static/mobile/static/");
registry.addResourceHandler("/js/**").addResourceLocations("classpath:/static/js/");
}
else {
registry.addResourceHandler("/Test/static/**").addResourceLocations(
storePath + "Test" + BaseConstant.SEPERATOR + "static" + BaseConstant.SEPERATOR);
registry.addResourceHandler("/admin/static/**").addResourceLocations(
storePath + "admin" + BaseConstant.SEPERATOR + "static" + BaseConstant.SEPERATOR);
registry.addResourceHandler("/mobile/static/**").addResourceLocations(
storePath + "mobile" + BaseConstant.SEPERATOR + "static" + BaseConstant.SEPERATOR);
registry.addResourceHandler("/js/**").addResourceLocations(storePath + "js" + BaseConstant.SEPERATOR);
}
registry.addResourceHandler("/sysfile/**").addResourceLocations(storePath + "sysfile" + BaseConstant.SEPERATOR);
registry.addResourceHandler("/upload/**").addResourceLocations(storePath + "upload" + BaseConstant.SEPERATOR);
}
/**
* 拦截器
*/
@Override
public void addInterceptors(InterceptorRegistry registry) {
//后台
List adminExclude = new ArrayList<>();
adminExclude.add("/admin/login.action");
adminExclude.add("/admin/adminlogin.action");
adminExclude.add("/admin/logout.action");
adminExclude.add("/admin/error.action");
adminExclude.add("/admin/exception.action");
adminExclude.add("/admin/noprivacy.action");
adminExclude.add("/admin/notexist.action");
adminExclude.add("/admin/subError.action");
adminExclude.add("/admin/indexLogin.action");
adminExclude.add("/admin/pages/**");
adminExclude.add("/admin/static/**");
registry.addInterceptor(new AdminIsLoginInterceptor()).addPathPatterns("/admin/**")
.excludePathPatterns(adminExclude);
//前台
List homeExclude = new ArrayList<>();
homeExclude.add("/home/login.action");
homeExclude.add("/home/indexPage/logout.action");
homeExclude.add("/home/error.action");
homeExclude.add("/home/notexist.action");
homeExclude.add("/home/nodomain.action");
homeExclude.add("/home/nologin.action");
registry.addInterceptor(new TestCommonInterceptor()).addPathPatterns("/home/**")
.excludePathPatterns(homeExclude);
//h5
registry.addInterceptor(new MobileCommonInterceptor()).addPathPatterns("/mobile/**")
.excludePathPatterns("/mobile/pages/**", "/mobile/static/**");
registry.addInterceptor(new TestInterfaceInterceptor()).addPathPatterns("/itf/mobile/**");
List exclude = new ArrayList<>();
exclude.add("/");
exclude.add("/open/service/**");
exclude.add("/ws/ykMp4Rec/**");
exclude.add("/Test/static/**");
exclude.add("/mobile/**");
exclude.add("/itf/mobile/**");
exclude.add("/clientDown.action");
exclude.add("/js/**");
exclude.add("/sysfile/**");
exclude.add("/upload/**");
exclude.add("/swagger-ui/**");
exclude.addAll(adminExclude);
exclude.addAll(homeExclude);
registry.addInterceptor(new TestSafeCodeInterceptor()).addPathPatterns("/**").excludePathPatterns(exclude);
}
/**
* 文件上传配置
*/
@Bean
public MultipartConfigElement multipartConfigElement() {
MultipartConfigFactory factory = new MultipartConfigFactory();
factory.setMaxFileSize(DataSize.ofMegabytes(10485760));
factory.setMaxRequestSize(DataSize.ofMegabytes(100));
return factory.createMultipartConfig();
}
}
/*
* @(#)DateConverter.java Created on 2018年2月2日
* Copyright (c) 2018 ZDSoft Networks, Inc. All rights reserved.
* ${user}$
*/
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import org.springframework.core.convert.converter.Converter;
public class DateConverter implements Converter<String, Date> {
private static final String[] SUPPORT_FORMAT = new String[] { "yyyy-MM", "yyyy-MM-dd", "yyyy-MM-dd hh:mm",
"yyyy-MM-dd hh:mm:ss" };
@Override
public Date convert(String source) {
String value = source.trim();
if ("".equals(value)) {
return null;
}
if (source.matches("^\\d{4}-\\d{1,2}$")) {
return parseDate(source, SUPPORT_FORMAT[0]);
}
else if (source.matches("^\\d{4}-\\d{1,2}-\\d{1,2}$")) {
return parseDate(source, SUPPORT_FORMAT[1]);
}
else if (source.matches("^\\d{4}-\\d{1,2}-\\d{1,2} {1}\\d{1,2}:\\d{1,2}$")) {
return parseDate(source, SUPPORT_FORMAT[2]);
}
else if (source.matches("^\\d{4}-\\d{1,2}-\\d{1,2} {1}\\d{1,2}:\\d{1,2}:\\d{1,2}$")) {
return parseDate(source, SUPPORT_FORMAT[3]);
}
else {
throw new IllegalArgumentException("不支持的日期格式,dateStr=" + source);
}
}
/**
* 功能描述:格式化日期
*
* @param dateStr String 字符型日期
* @param format String 格式
* @return Date 日期
*/
public Date parseDate(String dateStr, String format) {
Date date;
try {
DateFormat dateFormat = new SimpleDateFormat(format);
date = dateFormat.parse(dateStr);
}
catch (Exception e) {
throw new IllegalArgumentException("不支持的日期格式,dateStr=" + dateStr, e);
}
return date;
}
}
import org.apache.commons.lang.StringUtils;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
/**
* @author huangzy
* @version $Revision: 1.0 $, $Date: 2019年7月23日 下午2:16:07 $
*/
public class IllegalCharacterFilter implements Filter {
private FilterConfig config;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
config=filterConfig;
System.out.println("==============XSS过滤初始化(IllegalCharacterFilter)=====================");
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
String methodNames = config.getInitParameter("methodNames");
if (null != methodNames) {
String[] strArray = methodNames.split(";");
for (int i = 0; i < strArray.length; i++) {
if (StringUtils.isBlank(strArray[i])) {
continue;
}
if (request.getRequestURI().contains(strArray[i])) {
chain.doFilter(req, res);
return;
}
}
}
request = new MHttpServletRequest(request);
chain.doFilter(request, res);
}
@Override
public void destroy() {
}
}
