java source code of ValidateCodeFilter

codeway_service-master
- codeway-web-platform
  - src
    - main
      - resources
        application.yml
        logback-spring.xml
        banner.txt
      - java
        gateway
        PlatFormApplication.java
        config
        GateWayConfig.java
        filter
        TokenFilter.java
  - pom.xml
  - README.md
- codeway-server-eureka
  - src
    - main
      - resources
        application.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        eureka
        EurekaApplication.java
  - pom.xml
  - Dockerfile
- codeway-server-config
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        ConfigApplication.java
        config
        JsonRedisSerializable.java
        WebSecurityConfig.java
  - pom.xml
  - README.md
  - Dockerfile
- codeway-service-article
  - src
    - main
      - resources
        application.yml
        publickey.txt
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        article
        dao
        blog
        ApiTagsDao.java
        ApiArticleDao.java
        backstage
        TagsDao.java
        ArticleDao.java
        CommentDao.java
        CategoryDao.java
        ArticleApplication.java
        config
        Swagger2Config.java
        ResourceServerConfig.java
        service
        blog
        ApiTagsService.java
        ApiArticleService.java
        backstage
        ArticleService.java
        CategoryService.java
        TagsService.java
        CommentService.java
        handler
        CustomAccessDeniedHandler.java
        CustomAuthenticationEntryPoint.java
        controller
        blog
        ApiTagsController.java
        ApiCategoryController.java
        ApiArticleController.java
        BaseController.java
        backstage
        ArticleController.java
        TagsController.java
        CommentController.java
        CategoryController.java
    - test
      - java
        com
        codeway
        article
        service
        backstage
        TagsControllerTests.java
        ArticleServiceTest.java
        CategoryServiceTest.java
  - pom.xml
  - log
    - codeif-service-article
  - README.md
  - Dockerfile
- codeway-common
  - src
    - main
      - java
        com
        codeway
        DataDictionary.java
        amqp
        RabbitUtil.java
        utils
        security
        JWTAuthentication.java
        DesensitizedUtil.java
        third
        Smsbao.java
        SmsUtil.java
        README.md
        IdGenerate.java
        LogBack.java
        QuerydslUtil.java
        CodeCommonUtils.java
        JavaUtil.java
        JsonData.java
        BeanUtil.java
        DateUtil.java
        JsonUtil.java
        HttpServletUtil.java
        CaptchaCode.java
        CookieUtil.java
        HttpHelper.java
        OssClientUtil.java
        ParamUtil.java
        properties
        QQProperties.java
        SocialProperties.java
        CaptchaProperties.java
        SmsCodeProperties.java
        ValidateCodeProperties.java
        OAuth2Properties.java
        OAuth2ClientProperties.java
        SecurityProperties.java
        enums
        ValidateCodeType.java
        UserEnum.java
        StatusEnum.java
        AuthorityEnum.java
        constant
        UserConst.java
        ArticleConst.java
        RedisConstant.java
        FeignConst.java
        CommonConst.java
        pojo
        BasePojo.java
        ValidateCode.java
        ErrotResult.java
        user
        Resource.java
        AuthToken.java
        Role.java
        User.java
        base
        LoginLog.java
        Dict.java
        Music.java
        OptLog.java
        Result.java
        QueryVO.java
        JsonException.java
        article
        Tags.java
        Article.java
        Category.java
        Comment.java
        tweets
        Tweets.java
        TweetsComment.java
        config
        CustomPage.java
        JpaConfig.java
        IdGeneratorConfig.java
        CustomPageRequest.java
        JacksonConfig.java
        TransactionConfig.java
        AMQPConverterConfig.java
        CustomQueryResults.java
        exception
        SystemExceptionHandler.java
        custom
        UserException.java
        ParamException.java
        ResourceNotFoundException.java
        ValidFieldError.java
        RemoteRpcException.java
        BusinessExceptionHandle.java
        annotation
        OptLog.java
        model
        dto
        ArticleDto.java
  - pom.xml
  - README.md
- codeway-service-search
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        search
        dao
        ArticleSearchDao.java
        pojo
        Article.java
        service
        ArticleSearchService.java
        ElasticSearchApplication.java
        controller
        ArticleSearchController.java
  - pom.xml
  - README.md
- LICENSE
- codeway-service-tweets
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        tweets
        dao
        TweetsDao.java
        TweetsCommentDao.java
        TweetsApplication.java
        config
        JsonRedisSerializable.java
        service
        TweetsCommentService.java
        TweetsService.java
        interceptor
        UserLoginHandlerInterceptor.java
        WebMvcConfig.java
        filter.java
        controller
        blog
        TweetsCommentController.java
        TweetsController.java
        backstage
        StTweetsController.java
        StTweetsCommentController.java
  - pom.xml
  - README.md
- codeway-web-gateway
  - src
    - main
      - resources
        application.yml
        publickey.txt
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        gateway
        config
        CorsConfig.java
        FeignOkHttpConfig.java
        CustomHttpMessageConverters.java
        GateWayConfig.java
        ErrorHandlerConfiguration.java
        GateWayApplication.java
        service
        AuthService.java
        handle
        CustomAccessDeniedHandler.java
        CustomAuthenticationEntryPoint.java
        PasswordAuthenticationProvider.java
        CustomLogoutSuccessHandler.java
        CustomAuthenticationFailureHandler.java
        CustomAuthenticationManager.java
        CustomAuthenticationSuccessHandler.java
        WebSecurityConfig.java
        filter
        AuthFilter.java
        TokenFilter.java
        execption
        GlobalExceptionHandler.java
  - pom.xml
  - README.md
  - Dockerfile
- codeway-authentication-server
  - src
    - main
      - resources
        application.yml
        JWT.keystore
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        auth
        provider
        SmsCodeAuthenticationProvider.java
        CaptchaAuthenticationProvider.java
        Oauth2AuthenticationApplication.java
        validate
        impl
        ValidateCode.java
        captcha
        Captcha.java
        CaptchaValidateCodeProcessor.java
        CaptchaValidateCodeGenerator.java
        ValidateCodeGenerator.java
        sms
        DefaultSmsCodeSender.java
        SmsValidateCodeProcessor.java
        SmsValidateCodeGenerator.java
        SmsCodeSender.java
        AliSmsCodeSender.java
        ValidateCodeProcessorHolder.java
        ValidateCodeProcessor.java
        ValidateCodeRepository.java
        RedisValidateCodeRepository.java
        AbstractValidateCodeProcessor.java
        ValidateCodeFilter.java
        config
        ValidateCodeSecurityConfig.java
        RewriteAccessDenyFilter.java
        Swagger2Config.java
        CustomUserAuthenticationConverter.java
        social
        GitHubConfiguration.java
        GitHubProperties.java
        CustomSocialAutoConfigurerAdapter.java
        CaptchaAuthenticationConfig.java
        SmsCodeAuthenticationSecurityConfig.java
        HttpServletRequestAuthWrapper.java
        BodyReaderHttpServletRequestWrapper.java
        ValidateCodeBeanConfig.java
        OauthAuthorizationServerConfig.java
        OauthWebServerSecurityConfig.java
        service
        CustomUserDetailsService.java
        AuthorizationService.java
        AuthenticationService.java
        UserJwt.java
        exception
        AuthExceptionHandler.java
        ValidateCodeException.java
        token
        CaptchaAuthenticationToken.java
        SmsCodeAuthenticationToken.java
        handler
        CustomTokenEnhancer.java
        CustomWebResponseExceptionTranslator.java
        CustomAuthenticationFailureHandler.java
        CustomAuthenticationSuccessHandler.java
        filter
        SmsCodeAuthenticationFilter.java
        CaptchaAuthenticationFilter.java
        controller
        AuthenticationController.java
        AuthorizationController.java
  - pom.xml
  - readme.md
  - Dockerfile
- codeway-common-db
  - src
    - main
      - java
        com
        codeway
        db
        redis
        config
        RedisConfig.java
        service
        RedisService.java
        RedisServiceImpl.java
        config
        DruidConfig.java
  - pom.xml
- README.md
- codeway-service-user
  - src
    - main
      - resources
        application.yml
        publickey.txt
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        user
        amqp
        UserServiceMq.java
        dao
        UserDao.java
        ResourceDao.java
        RoleDao.java
        UserApplication.java
        config
        Swagger2Config.java
        ResourceServerConfig.java
        JsonRedisSerializable.java
        service
        UserService.java
        ResourceService.java
        RoleService.java
        handler
        CustomAccessDeniedHandler.java
        CustomAuthenticationEntryPoint.java
        filter
        JwtFilter.java
        listener
        SmsListener.java
        controller
        blog
        AdminController.java
        UserController.java
        ResourceController.java
        SocialController.java
        ProfileController.java
        RoleController.java
    - test
      - java
        com
        codeway
        user
        JacksonTest.java
        SmsTest.java
        DateUtilTest.java
        RedisServiceTest.java
        service
        RoleServiceTest.java
        UserServiceTest.java
        ResourceServiceTest.java
        controller
        UserControllerTest.java
  - pom.xml
  - README.md
  - Dockerfile
- codeway-common-parent
  - oauth.sql
  - pom.xml
  - zoocode.sql
  - image
- .gitignore
- Jenkinsfile
- codeway-service-base
  - src
    - main
      - resources
        application.yml
        publickey.txt
        bootstrap.yml
        logback-spring.xml
        banner.txt
      - java
        com
        codeway
        base
        dao
        DictDao.java
        LoginLogDao.java
        MusicDao.java
        OptLogDao.java
        config
        Swagger2Config.java
        ResourceServerConfig.java
        service
        blog
        ApiMusicService.java
        ApiBaseService.java
        backstage
        OptLogService.java
        LoginLogService.java
        DictService.java
        MusicService.java
        BaseApplication.java
        handler
        CustomAccessDeniedHandler.java
        CustomAuthenticationEntryPoint.java
        controller
        blog
        ApiBaseController.java
        ApiMusicController.java
        backstage
        DictController.java
        LoginLogController.java
        OptLogController.java
    - test
      - java
        com
        codeway
        base
        TestJwt.java
        service
        backstage
        DictServiceTest.java
        OptLogServiceTest.java
        LoginLogServiceTest.java
  - pom.xml
  - Dockerfile
- codeway-server-monitor
  - src
    - main
      - resources
        application.yml
        bootstrap.yml
        banner.txt
      - java
        com
        codeway
        monitor
        MonitorApplication.java
  - pom.xml
- codeway-service-api
  - src
    - main
      - java
        com
        codeway
        FeignConfiguration.java
        api
        user
        UserServiceRpc.java
        ResourceServiceRpc.java
        base
        LoginLogServiceRpc.java
        OptLogServiceRpc.java
        auth
        AuthServiceRpc.java
        fallback
        user
        UserServiceRpcFallbackFactory.java
        ResourceServiceRpcFallbackFactory.java
        base
        OptLogServiceRpcFallbackFactory.java
        LoginLogServiceRpcFallbackFactory.java
        auth
        AuthServiceRpcFallbackFactory.java
        FeignClientConfig.java
        aspect
        OptLogAspect.java
  - pom.xml

package com.codeway.auth.validate;

import com.codeway.auth.config.BodyReaderHttpServletRequestWrapper;
import com.codeway.auth.exception.ValidateCodeException;
import com.codeway.enums.ValidateCodeType;
import com.codeway.properties.SecurityProperties;
import com.codeway.utils.HttpHelper;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.context.request.ServletWebRequest;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;

/**
 * 校验验证码的过滤器
 */
@Component("validateCodeFilter")
public class ValidateCodeFilter extends OncePerRequestFilter implements InitializingBean {

	/**
	 * 验证码校验失败处理器
	 */
	@Autowired
	private AuthenticationFailureHandler authenticationFailureHandler;
	/**
	 * 系统配置信息
	 */
	@Autowired
	private SecurityProperties securityProperties;
	/**
	 * 系统中的校验码处理器
	 */
	@Autowired
	private ValidateCodeProcessorHolder validateCodeProcessorHolder;
	/**
	 * 存放所有需要校验验证码的url
	 */
	private Map<String, ValidateCodeType> urlMap = new HashMap<>();
	/**
	 * 验证请求url与配置的url是否匹配的工具类
	 */
	private AntPathMatcher pathMatcher = new AntPathMatcher();

	/**
	 * 初始化要拦截的url配置信息
	 */
	@Override
	public void afterPropertiesSet() throws ServletException {
		super.afterPropertiesSet();
		urlMap.put("/oauth/token", ValidateCodeType.CAPTCHA);
		addUrlToMap(securityProperties.getCode().getImage().getUrl(), ValidateCodeType.CAPTCHA);

		urlMap.put("/oauth/phone", ValidateCodeType.SMS);
		addUrlToMap(securityProperties.getCode().getSms().getUrl(), ValidateCodeType.SMS);
	}

	/**
	 * 将系统中配置的需要校验验证码的URL根据校验的类型放入map
	 * @param urlString
	 * @param type
	 */
	protected void addUrlToMap(String urlString, ValidateCodeType type) {
		if (StringUtils.isNotBlank(urlString)) {
			String[] urls = StringUtils.splitByWholeSeparatorPreserveAllTokens(urlString, ",");
			for (String url : urls) {
				urlMap.put(url, type);
			}
		}
	}

	@Override
	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
			throws ServletException, IOException {
		// 获取requestbody的json值，解决controller中获取不到的问题
		ServletRequest requestWrapper = new BodyReaderHttpServletRequestWrapper(request);
		String bodyString = HttpHelper.getBodyString(requestWrapper);

		ValidateCodeType type = getValidateCodeType(request);
		if (type != null) {
			logger.info("校验请求(" + request.getRequestURI() + ")中的验证码,验证码类型" + type);
			try {
				validateCodeProcessorHolder.findValidateCodeProcessor(type)
						.validate(new ServletWebRequest(request, response),bodyString);
				logger.info("验证码校验通过");
			} catch (ValidateCodeException exception) {
				authenticationFailureHandler.onAuthenticationFailure(request, response, exception);
				return;
			}
		}

		chain.doFilter(requestWrapper, response);

	}

	/**
	 * 获取校验码的类型，如果当前请求不需要校验，则返回null
	 * @param request
	 * @return
	 */
	private ValidateCodeType getValidateCodeType(HttpServletRequest request) {
		ValidateCodeType result = null;
		if (!StringUtils.equalsIgnoreCase(request.getMethod(), "get")) {
			Set<String> urls = urlMap.keySet();
			for (String url : urls) {
				if (pathMatcher.match(url, request.getRequestURI())) {
					result = urlMap.get(url);
				}
			}
		}
		return result;
	}

}