package com.vincent.rsf.httpaudit.props;
|
|
import lombok.Data;
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
|
import java.util.ArrayList;
|
import java.util.LinkedHashMap;
|
import java.util.List;
|
import java.util.Map;
|
|
/**
|
* HTTP 审计配置
|
*/
|
@Data
|
@ConfigurationProperties(prefix = "http-audit")
|
public class HttpAuditProperties {
|
|
private boolean enabled = true;
|
|
/**
|
* true:入站/出站是否落库由 {@code sys_http_audit_rule} 决定(含 record_all=1 全量、方向 IN/OUT/BOTH、截断长度);false:排除路径外入站与全部出站均记录,截断用本配置 + 规则中「全量」行的 request/response_max_chars(若有)
|
*/
|
private boolean whitelistOnly = true;
|
|
/** 规则缓存定时刷新间隔(毫秒) */
|
private long ruleCacheRefreshMs = 60_000L;
|
|
/** 定时清理开关 */
|
private boolean cleanupEnabled = true;
|
/** 保留天数 */
|
private int cleanupRetentionDays = 180;
|
|
/** 查询类响应最多保留字符数 */
|
private int queryResponseMaxChars = 500;
|
|
/** 非查询类响应最多入库字节(超出截断并标记) */
|
private int maxResponseStoreChars = 65535;
|
|
/**
|
* 规则未指定 request_max_chars 时的默认:字符数;-1 表示入库不截断请求体
|
*/
|
private int defaultRequestStoreChars = 65535;
|
|
/** 请求体缓存上限(字节) */
|
private int maxRequestCacheBytes = 2 * 1024 * 1024;
|
|
/** 响应体缓存上限(字节) */
|
private int maxResponseCacheBytes = 2 * 1024 * 1024;
|
|
/** 不落库的路径前缀 */
|
private List<String> excludePathPrefixes = defaultExcludes();
|
|
/**
|
* true:默认排除中的 /httpAuditLog、/httpAuditRule 仍生效;false:不再排除这两项(便于调试;record_all 也无法绕过 true 时的排除)
|
*/
|
private boolean excludeAuditSelfPaths = true;
|
|
/** Filter 实际使用的前缀(受 excludeAuditSelfPaths 影响) */
|
public List<String> getEffectiveExcludePrefixes() {
|
List<String> list = excludePathPrefixes == null ? new ArrayList<>() : new ArrayList<>(excludePathPrefixes);
|
if (!isExcludeAuditSelfPaths()) {
|
list.removeIf(p -> "/httpAuditLog".equals(p) || "/httpAuditRule".equals(p));
|
}
|
return list;
|
}
|
|
/** 视为外部调用的路径前缀(其余为内部) */
|
private List<String> externalPathPrefixes = defaultExternal();
|
|
/** 路径 -> 功能描述(按最长路径前缀匹配) */
|
private Map<String, String> pathDescriptions = new LinkedHashMap<>();
|
|
public boolean isWhitelistOnly() {
|
return HttpAuditDbConfigHolder.getBoolean(HttpAuditDbConfigHolder.KEY_WHITELIST_ONLY, whitelistOnly);
|
}
|
|
public boolean isExcludeAuditSelfPaths() {
|
return HttpAuditDbConfigHolder.getBoolean(HttpAuditDbConfigHolder.KEY_EXCLUDE_AUDIT_SELF_PATHS, excludeAuditSelfPaths);
|
}
|
|
public long getRuleCacheRefreshMs() {
|
return HttpAuditDbConfigHolder.getLong(HttpAuditDbConfigHolder.KEY_RULE_CACHE_REFRESH_MS, ruleCacheRefreshMs);
|
}
|
|
public int getQueryResponseMaxChars() {
|
return HttpAuditDbConfigHolder.getInt(HttpAuditDbConfigHolder.KEY_QUERY_RESPONSE_MAX_CHARS, queryResponseMaxChars);
|
}
|
|
public int getMaxResponseStoreChars() {
|
return HttpAuditDbConfigHolder.getInt(HttpAuditDbConfigHolder.KEY_MAX_RESPONSE_STORE_CHARS, maxResponseStoreChars);
|
}
|
|
public int getDefaultRequestStoreChars() {
|
return HttpAuditDbConfigHolder.getInt(HttpAuditDbConfigHolder.KEY_DEFAULT_REQUEST_STORE_CHARS, defaultRequestStoreChars);
|
}
|
|
public boolean isCleanupEnabled() {
|
return HttpAuditDbConfigHolder.getBoolean(HttpAuditDbConfigHolder.KEY_CLEANUP_ENABLED, cleanupEnabled);
|
}
|
|
public int getCleanupRetentionDays() {
|
return HttpAuditDbConfigHolder.getInt(HttpAuditDbConfigHolder.KEY_CLEANUP_RETENTION_DAYS, cleanupRetentionDays);
|
}
|
|
public Map<String, String> getPathDescriptions() {
|
return HttpAuditDbConfigHolder.getPathDescriptions(pathDescriptions);
|
}
|
|
private static List<String> defaultExcludes() {
|
List<String> list = new ArrayList<>();
|
list.add("/actuator");
|
list.add("/swagger");
|
list.add("/webjars");
|
list.add("/v2/api-docs");
|
list.add("/v3/api-docs");
|
list.add("/doc.html");
|
list.add("/druid");
|
list.add("/error");
|
list.add("/favicon.ico");
|
list.add("/static/");
|
list.add("/httpAuditLog");
|
list.add("/httpAuditRule");
|
return list;
|
}
|
|
private static List<String> defaultExternal() {
|
List<String> list = new ArrayList<>();
|
list.add("/erp");
|
list.add("/cloudwms");
|
return list;
|
}
|
}
|
