最近的程序都是部署在linux系统,原来需求是通过前端拼接地址,可以经过nginx的转发,请求到图片文件,但被客户提出这样不安全,需要加拦截判断,就改成文件由后台获取判断,符合了,就转成base64格式,返给前端。
有两种写法:
1:HTTP网络图片:
package com.xxxxx.xxxxx.xxxxx.controller;
import com.xxxxx.micro.common.util.ResultUtil;
import com.xxxxx.micro.common.web.BaseController;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.rmi.server.UID;
import java.util.Map;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import sun.misc.BASE64Encoder;
/**
* @ClassName: pictureController
* @Description:
* @author: xxxxx
* @create: 2021/12/3 14:28
*/
@RestController
@Api(tags = "接口改造-图片拦截")
@Slf4j
@RequestMapping("/weblogic")
public class PictureController extends BaseController {
@GetMapping("/app/eomdoc/{url}")
@ApiOperation(value = "查询图片,根据uid是否有效进行拦截", notes = "查询图片,根据uid是否有效进行拦截")
@ApiImplicitParams({
@ApiImplicitParam(name = "UID", value = "用户UID", required = true, paramType = "query"),
@ApiImplicitParam(name = "type", value = "文件格式类型", required = true, paramType = "query"),
@ApiImplicitParam(name="url", value="文件名称", required=true, paramType="query")
})
public String weblogic(@PathVariable String url,@RequestParam String type, String UID){
Map<String, Object> params = this.getParams();
if (StringUtils.isBlank(url) || StringUtils.isBlank(type) ){
return this.responseJson(ResultUtil.error("参数缺失不完整"),null,null);
}
URL httUrl = null;
InputStream is = null;
ByteArrayOutputStream outStream = null;
HttpURLConnection httpUrl = null;
try {
String path = "http://192.168.xxx.xx:xxxx/xxx/xxx/xxx/" + url + "." + type;
//判断文件类型(jpg,jpeg,bmp,png,gif,tiff)
log.info("******查询的文件类型是:" + type + "*********************");
//判断文件类型,如果是图片类型--进行拦截,校验UID
if(StringUtils.equalsIgnoreCase("jpg",type) || StringUtils.equalsIgnoreCase("jpeg",type) || StringUtils.equalsIgnoreCase("bmp",type) || StringUtils.equalsIgnoreCase("png",type) || StringUtils.equalsIgnoreCase("gif",type) || StringUtils.equalsIgnoreCase("tiff",type)){
//参数-UID判空
if (StringUtils.isBlank(UID)){
return this.responseJson(ResultUtil.error("参数UID缺失"),null,null);
}
//查询当前登录人
Map<String, Object> loginUser = this.getLoginUser();
if (loginUser == null){
return this.responseJson(ResultUtil.error("查询当前登录人失败"),null,null);
}
}
httUrl = new URL(path);
httpUrl = (HttpURLConnection) httUrl.openConnection();
httpUrl.connect();
httpUrl.getInputStream();
is = httpUrl.getInputStream();
outStream = new ByteArrayOutputStream();
//每次读取的字符串长度,如果为-1,代表全部读取完毕
int len = 0;
//创建一个Buffer字符串
byte[] buffer = new byte[1024];
//使用一个输入流从buffer里把数据读取出来
while( (len=is.read(buffer)) != -1 ){
//用输出流往buffer里写入数据,中间参数代表从哪个位置开始读,len代表读取的长度
outStream.write(buffer, 0, len);
}
// 对字节数组Base64编码
System.out.print(new BASE64Encoder().encode(buffer));
System.out.print(new BASE64Encoder().encode(outStream.toByteArray()));
log.info("*****转base64:",new BASE64Encoder().encode(outStream.toByteArray()));
String base64 = "data:image/jpg;base64,"+ new BASE64Encoder().encode(outStream.toByteArray());
return base64;
} catch (Exception e) {
log.error("转base64失败",e);
return "转base64失败";
}
//关闭,避免产生太多垃圾
finally{
if(is != null)
{
try {
is.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if(outStream != null)
{
try {
outStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if(httpUrl != null)
{
httpUrl.disconnect();
}
}
}
}