添加客户端Ip

5 years ago · e0e61800c8
4 changed files with 64 additions and 19 deletions
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/BaseRequestLogAspect.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/aspect/BaseRequestLogAspect.java
@ -12,7 +12,6 @@ import org.springframework.dao.DuplicateKeyException;
 import javax.servlet.http.HttpServletRequest;
 import java.time.Duration;
 import java.time.LocalDateTime;
-import java.util.UUID;

 /**
 * 日志切面
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/IpUtils.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/utils/IpUtils.java
@ -8,12 +8,17 @@

 package com.epmet.commons.tools.utils;

+import com.epmet.commons.tools.constant.StrConstant;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.server.reactive.ServerHttpRequest;

 import javax.servlet.http.HttpServletRequest;
 import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Optional;
 import java.util.regex.Pattern;

 /**
@ -24,43 +29,87 @@ import java.util.regex.Pattern;
 */
 public class IpUtils {
 	private static Logger logger = LoggerFactory.getLogger(IpUtils.class);
-	public static final String LOCALHOST = "127.0.0.1";
+	private static final String LOCALHOST = "127.0.0.1";

-	public static final String ANYHOST = "0.0.0.0";
+	private static final String ANYHOST = "0.0.0.0";
+
+	private static final String IP_UNKNOWN = "unknown";

 	private static final Pattern IP_PATTERN = Pattern.compile("\\d{1,3}(\\.\\d{1,3}){3,5}$");

 	public static String getIpAddr(HttpServletRequest request) {
+
 		String ip = null;
 		try {
 			ip = request.getHeader("x-forwarded-for");
-			logger.debug("x-forwarded-for:"+ip);
-			if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
+			logger.debug("x-forwarded-for:" + ip);
+			if (StringUtils.isEmpty(ip) || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getHeader("Proxy-Client-IP");
 			}
-			if (StringUtils.isEmpty(ip) || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+			if (StringUtils.isEmpty(ip) || ip.length() == 0 || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getHeader("WL-Proxy-Client-IP");
 			}
-			if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
+			if (StringUtils.isEmpty(ip) || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getHeader("HTTP_CLIENT_IP");
 			}
-			if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
+			if (StringUtils.isEmpty(ip) || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getHeader("HTTP_X_FORWARDED_FOR");
 			}
-			if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
+			if (StringUtils.isEmpty(ip) || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getHeader("X-Real-IP");
 			}
-			if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
+			if (StringUtils.isEmpty(ip) || IP_UNKNOWN.equalsIgnoreCase(ip)) {
 				ip = request.getRemoteAddr();
 			}
 			//对于通过多个代理的情况，第一个IP为客户端真实IP,多个IP按照','分割
 			if (ip != null) { //"***.***.***.***".length() = 15
-				if (ip.indexOf(",") > 0) {
-					ip = ip.substring(0, ip.indexOf(","));
+				if (ip.indexOf(StrConstant.COMMA) > 0) {
+					ip = ip.split(StrConstant.COMMA)[0];
+					;
+				}
+			}
+		} catch (Exception e) {
+			logger.error("IpUtils getIpAddr ERROR ", e);
+		}
+
+		return ip;
+	}
+
+	public static String getClientIp(ServerHttpRequest request) {
+		String ip = null;
+		try {
+			HttpHeaders headers = request.getHeaders();
+			String ipAddress = headers.getFirst("x-forwarded-for");
+			if (ipAddress == null || ipAddress.length() == 0 || IP_UNKNOWN.equalsIgnoreCase(ipAddress)) {
+				ipAddress = headers.getFirst("Proxy-Client-IP");
+			}
+			if (ipAddress == null || ipAddress.length() == 0 || IP_UNKNOWN.equalsIgnoreCase(ipAddress)) {
+				ipAddress = headers.getFirst("WL-Proxy-Client-IP");
+			}
+			if (ipAddress == null || ipAddress.length() == 0 || IP_UNKNOWN.equalsIgnoreCase(ipAddress)) {
+				ipAddress = Optional.ofNullable(request.getRemoteAddress())
+						.map(address -> address.getAddress().getHostAddress())
+						.orElse("");
+				if (LOCALHOST.equals(ipAddress)) {
+					// 根据网卡取本机配置的IP
+					try {
+						InetAddress inet = InetAddress.getLocalHost();
+						ipAddress = inet.getHostAddress();
+					} catch (UnknownHostException e) {
+						// ignore
+					}
+				}
+			}
+
+			// 对于通过多个代理的情况，第一个IP为客户端真实IP,多个IP按照','分割
+			if (ip != null) { //"***.***.***.***".length() = 15
+				if (ip.indexOf(StrConstant.COMMA) > 0) {
+					ip = ip.substring(0, ip.indexOf(StrConstant.COMMA));
 				}
 			}
+			return ipAddress;
 		} catch (Exception e) {
-			logger.error("IpUtils ERROR ", e);
+			logger.error("IpUtils getIpAddr ERROR ", e);
 		}

 		return ip;
--- a/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
+++ b/epmet-gateway/src/main/java/com/epmet/auth/InternalAuthProcessor.java
@ -8,7 +8,6 @@ import com.epmet.commons.tools.security.dto.BaseTokenDto;
 import com.epmet.commons.tools.security.dto.GovTokenDto;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
-import com.epmet.commons.tools.utils.Result;
 import com.epmet.filter.CpProperty;
 import com.epmet.jwt.JwtTokenUtils;
 import io.jsonwebtoken.Claims;
@ -22,7 +21,6 @@ import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.stereotype.Component;
 import org.springframework.util.AntPathMatcher;
 import org.springframework.web.server.ServerWebExchange;
-import reactor.core.publisher.Mono;

 /**
 * 内部认证处理器
@ -48,7 +46,6 @@ public class InternalAuthProcessor extends AuthProcessor {
        ServerHttpRequest request = exchange.getRequest();
        String requestUri = request.getPath().pathWithinApplication().value();

-        logger.info("CpAuthGatewayFilterFactory当前requestUri=[" + requestUri + "]CpAuthGatewayFilterFactory拦截成功");
        String token = getTokenFromRequest(request);
        //BaseTokenDto baseTokenDto = StringUtils.isNotBlank(token) ? getBaseTokenDto(token, jwtTokenUtils) : null;
        BaseTokenDto baseTokenDto;
--- a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
@ -5,9 +5,8 @@ import com.alibaba.fastjson.JSON;
 import com.epmet.auth.ExternalAuthProcessor;
 import com.epmet.auth.InternalAuthProcessor;
 import com.epmet.commons.tools.constant.AppClientConstant;
-import com.epmet.commons.tools.constant.Constant;
-import com.epmet.commons.tools.exception.EpmetErrorCode;
 import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.utils.IpUtils;
 import com.epmet.commons.tools.utils.Result;
 import com.epmet.constant.AuthTypeConstant;
 import com.epmet.constant.TokenHeaderKeyConstant;
@ -23,7 +22,6 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.stereotype.Component;
-import org.springframework.util.AntPathMatcher;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
@ -71,7 +69,9 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 			ServerHttpRequest request = exchange.getRequest();

 			String authType = getAuthType(request);
+			String requestUri = request.getPath().pathWithinApplication().value();

+			logger.info("CpAuthGatewayFilterFactory当前requestUri=[" + requestUri + "],CpAuthGatewayFilterFactory拦截成功,客户端Id:{}", IpUtils.getClientIp(request));
 			try {
 				switch (authType) {
 					case AuthTypeConstant.AUTH_TYPE_ALL: