优化Restful接口校验

2025-08-11 12:56:28 +08:00 · 2025-02-09 17:14:54 +08:00
parent be50186da6
commit 71b064d607
11 changed files with 54 additions and 13 deletions
--- a/sop-example/example-product/product-service/src/main/java/com/gitee/sop/productweb/open/OpenProduct.java
+++ b/sop-example/example-product/product-service/src/main/java/com/gitee/sop/productweb/open/OpenProduct.java
@@ -5,7 +5,6 @@ import com.gitee.sop.productweb.open.resp.ProductResponse;
 import com.gitee.sop.support.annotation.Open;
 import com.gitee.sop.support.context.OpenContext;
 import com.gitee.sop.support.dto.FileData;
-import io.swagger.annotations.ApiOperation;

 import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;
@@ -35,7 +34,6 @@ public interface OpenProduct {
    @Open("product.updateError")
    Integer updateError(Integer id);

-    @ApiOperation(value = "根据id获取故事")
    @Open("product.get")
    ProductResponse getById(@NotNull(message = "id必填") Integer id);

--- a/sop-gateway/src/main/java/com/gitee/sop/gateway/common/ApiInfoDTO.java
+++ b/sop-gateway/src/main/java/com/gitee/sop/gateway/common/ApiInfoDTO.java
@@ -70,6 +70,11 @@ public class ApiInfoDTO implements Serializable {

    private Integer status;

+    /**
+     * 接口模式，1-open接口，2-Restful模式
+     */
+    private Integer apiMode;
+
    public String buildApiNameVersion() {
        return apiName + apiVersion;
    }
--- a/sop-gateway/src/main/java/com/gitee/sop/gateway/dao/entity/ApiInfo.java
+++ b/sop-gateway/src/main/java/com/gitee/sop/gateway/dao/entity/ApiInfo.java
@@ -85,6 +85,11 @@ public class ApiInfo {
     */
    private Integer status;

+    /**
+     * 接口模式，1-open接口，2-Restful模式
+     */
+    private Integer apiMode;
+
    private LocalDateTime addTime;

    private LocalDateTime updateTime;
--- a/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/ApiValidator.java
+++ b/sop-gateway/src/main/java/com/gitee/sop/gateway/service/validate/ApiValidator.java
@@ -15,6 +15,7 @@ import com.gitee.sop.gateway.service.manager.IsvApiPermissionManager;
 import com.gitee.sop.gateway.service.manager.IsvManager;
 import com.gitee.sop.gateway.service.manager.SecretManager;
 import com.gitee.sop.gateway.service.manager.dto.IsvDTO;
+import com.gitee.sop.support.enums.ApiModeEnum;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.BooleanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -31,6 +32,7 @@ import java.time.format.DateTimeFormatter;
 import java.time.format.DateTimeParseException;
 import java.util.List;
 import java.util.Locale;
+import java.util.Objects;

 /**
 * 负责校验,校验工作都在这里
@@ -111,6 +113,11 @@ public class ApiValidator implements Validator {
        ApiInfoDTO apiInfo = apiManager.get(apiRequest.getMethod(), apiRequest.getVersion());
        // 检查接口信息
        checkApiInfo(apiRequestContext, apiInfo);
+
+        if (!Objects.equals(apiInfo.getApiMode(), ApiModeEnum.RESTFUL.getValue())) {
+            log.error("Open模式接口不允许使用Restful进行访问, apiInfo={}", apiInfo);
+            throw new ApiException(ErrorEnum.ISV_INVALID_METHOD, apiRequestContext.getLocale());
+        }
        // IP能否访问
        checkIP(apiRequestContext);
        // 检查上传文件
--- a/sop-support/sop-service-support/pom.xml
+++ b/sop-support/sop-service-support/pom.xml
@@ -20,11 +20,6 @@
            <artifactId>transmittable-thread-local</artifactId>
            <version>2.14.5</version>
        </dependency>
-        <dependency>
-            <groupId>io.swagger</groupId>
-            <artifactId>swagger-annotations</artifactId>
-            <version>1.6.14</version>
-        </dependency>
        <dependency>
            <groupId>org.apache.dubbo</groupId>
            <artifactId>dubbo</artifactId>
--- a/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/annotation/OpenGroup.java
+++ b/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/annotation/OpenGroup.java
@@ -8,7 +8,7 @@ import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;

 /**
- * 分组
+ * Restful分组，加了这个注解才会被认为是Restful接口
 *
 * @author 六如
 */
--- a/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/enums/ApiModeEnum.java
+++ b/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/enums/ApiModeEnum.java
@@ -0,0 +1,19 @@
+package com.gitee.sop.support.enums;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * @author 六如
+ */
+@Getter
+@AllArgsConstructor
+public enum ApiModeEnum {
+
+    OPEN(1, "Open模式"),
+    RESTFUL(2, "Restful模式");
+
+    private final Integer value;
+
+    private final String description;
+}
--- a/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/register/ApiRegister.java
+++ b/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/register/ApiRegister.java
@@ -3,11 +3,11 @@ package com.gitee.sop.support.register;
 import com.alibaba.fastjson2.JSON;
 import com.gitee.sop.support.annotation.Open;
 import com.gitee.sop.support.annotation.OpenGroup;
+import com.gitee.sop.support.enums.ApiModeEnum;
 import com.gitee.sop.support.message.OpenMessageFactory;
 import com.gitee.sop.support.service.ApiRegisterService;
 import com.gitee.sop.support.service.dto.RegisterDTO;
 import com.gitee.sop.support.service.dto.RegisterResult;
-import io.swagger.annotations.ApiOperation;
 import lombok.Data;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -123,10 +123,9 @@ public class ApiRegister {
        registerDTO.setIsPermission(parseBoolean(open.permission()));
        registerDTO.setIsNeedToken(parseBoolean(open.needToken()));
        registerDTO.setHasCommonResponse(parseBoolean(open.hasCommonResponse()));
-        ApiOperation apiOperation = method.getAnnotation(ApiOperation.class);
-        if (apiOperation != null) {
-            registerDTO.setDescription(apiOperation.value());
-        }
+        OpenGroup openGroup = interfaceClass.getAnnotation(OpenGroup.class);
+        ApiModeEnum apiMode = openGroup == null ? ApiModeEnum.OPEN : ApiModeEnum.RESTFUL;
+        registerDTO.setApiMode(apiMode.getValue());
        LOG.info("注册开放接口, apiInfo=" + registerDTO);
        RegisterResult result = apiRegisterService.register(registerDTO);
        if (!result.getSuccess()) {
--- a/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/service/dto/RegisterDTO.java
+++ b/sop-support/sop-service-support/src/main/java/com/gitee/sop/support/service/dto/RegisterDTO.java
@@ -66,5 +66,10 @@ public class RegisterDTO implements Serializable {
     */
    private Integer hasCommonResponse;

+    /**
+     * 接口模式，1-open接口，2-Restful模式
+     */
+    private Integer apiMode;
+

 }
--- a/sop.sql
+++ b/sop.sql
@@ -470,3 +470,7 @@ INSERT INTO `sys_user_role` (`id`, `role_id`, `user_id`, `add_time`, `update_tim
                                                                                                               (4, 1, 1, '2024-12-12 20:32:13', '2024-12-12 20:32:13', 1, 0),
                                                                                                               (5, 2, 2, '2024-12-12 20:32:16', '2024-12-12 20:32:16', 1, 0),
                                                                                                               (6, 3, 3, '2024-12-19 09:56:08', '2024-12-19 09:56:08', 1, 0);
+
+-- ALTER
+ALTER TABLE `api_info`
+ADD COLUMN `api_mode` tinyint(4) NOT NULL DEFAULT '1' COMMENT '接口模式，1-open接口，2-Restful模式' AFTER `reg_source`;
--- a/upgrade/sop-20250209.sql
+++ b/upgrade/sop-20250209.sql
@@ -0,0 +1,4 @@
+-- 2025-02-09更新
+-- api_info表新增api_mode字段
+ALTER TABLE `api_info`
+ADD COLUMN `api_mode` tinyint(4) NOT NULL DEFAULT '1' COMMENT '接口模式，1-open接口，2-Restful模式' AFTER `reg_source`;