| | |
|---|
| | | package com.vincent.rsf.httpaudit.web; |
|---|
| | | |
|---|
| | | import com.vincent.rsf.httpaudit.entity.HttpAuditLog; |
|---|
| | | import com.vincent.rsf.httpaudit.model.HttpAuditDecision; |
|---|
| | | import com.vincent.rsf.httpaudit.props.HttpAuditProperties; |
|---|
| | | import com.vincent.rsf.httpaudit.service.HttpAuditAsyncRecorder; |
|---|
| | | import com.vincent.rsf.httpaudit.service.HttpAuditRuleService; |
|---|
| | | import com.vincent.rsf.httpaudit.support.HttpAuditSupport; |
|---|
| | | import lombok.RequiredArgsConstructor; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | |
|---|
| | | private final HttpAuditAsyncRecorder recorder; |
|---|
| | | private final HttpAuditProperties props; |
|---|
| | | private final Environment environment; |
|---|
| | | private final HttpAuditRuleService httpAuditRuleService; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected boolean shouldNotFilter(HttpServletRequest request) { |
|---|
| | |
|---|
| | | reqBody = HttpAuditSupport.bytesToString(req.getContentAsByteArray(), charset); |
|---|
| | | } |
|---|
| | | |
|---|
| | | HttpAuditDecision dec = httpAuditRuleService.decideInbound(req, reqBody); |
|---|
| | | if (!dec.isAudit()) { |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | |
|---|
| | | int reqMax = dec.getRequestMaxChars() != null ? dec.getRequestMaxChars() : props.getDefaultRequestStoreChars(); |
|---|
| | | String reqStored = HttpAuditSupport.storeWithCharLimit(reqBody, reqMax); |
|---|
| | | |
|---|
| | | String respCt = res.getContentType(); |
|---|
| | | String resBodyRaw = HttpAuditSupport.bytesToString(res.getContentAsByteArray(), charset); |
|---|
| | | int resMax; |
|---|
| | | if (dec.getResponseMaxChars() != null) { |
|---|
| | | resMax = dec.getResponseMaxChars(); |
|---|
| | | } else if (HttpAuditSupport.isQueryLike(req)) { |
|---|
| | | resMax = props.getQueryResponseMaxChars(); |
|---|
| | | } else { |
|---|
| | | resMax = props.getMaxResponseStoreChars(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | String resBodyToStore; |
|---|
| | | int truncated = 0; |
|---|
| | | if (respCt != null && (respCt.contains("octet-stream") || respCt.contains("application/pdf"))) { |
|---|
| | | resBodyToStore = "[binary response omitted]"; |
|---|
| | | truncated = 1; |
|---|
| | | } else if (HttpAuditSupport.isQueryLike(req)) { |
|---|
| | | resBodyToStore = HttpAuditSupport.truncateForStore(resBodyRaw, props.getQueryResponseMaxChars()); |
|---|
| | | if (resBodyRaw != null && resBodyRaw.length() > props.getQueryResponseMaxChars()) { |
|---|
| | | truncated = 1; |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | resBodyToStore = HttpAuditSupport.truncateForStore(resBodyRaw, props.getMaxResponseStoreChars()); |
|---|
| | | if (resBodyRaw != null && resBodyRaw.length() > props.getMaxResponseStoreChars()) { |
|---|
| | | resBodyToStore = HttpAuditSupport.storeWithCharLimit(resBodyRaw, resMax); |
|---|
| | | if (HttpAuditSupport.overCharLimit(resBodyRaw, resMax)) { |
|---|
| | | truncated = 1; |
|---|
| | | } |
|---|
| | | } |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | String appName = environment.getProperty("spring.application.name", "unknown"); |
|---|
| | | String path = HttpAuditSupport.safePath(req); |
|---|
| | | |
|---|
| | | HttpAuditLog logEntity = new HttpAuditLog() |
|---|
| | | .setServiceName(appName) |
|---|
| | | .setScopeType(HttpAuditSupport.resolveScope(req, props)) |
|---|
| | | .setUri(HttpAuditSupport.safePath(req)) |
|---|
| | | .setUri(path) |
|---|
| | | .setIoDirection("IN") |
|---|
| | | .setMethod(req.getMethod()) |
|---|
| | | .setFunctionDesc(HttpAuditSupport.resolveFunctionDesc(req, props)) |
|---|
| | | .setQueryString(req.getQueryString()) |
|---|
| | | .setRequestBody(reqBody) |
|---|
| | | .setRequestBody(reqStored) |
|---|
| | | .setResponseBody(resBodyToStore) |
|---|
| | | .setResponseTruncated(truncated) |
|---|
| | | .setHttpStatus(status) |
|---|
