package com.tencentcloudapi.gateway.filter;
import com.tencentcloudapi.common.Sign;
import com.tencentcloudapi.gateway.api.dto.BaseResponse;
import com.tencentcloudapi.gateway.api.dto.UserInfo;
import com.tencentcloudapi.gateway.api.service.UserManageService;
import com.tencentcloudapi.gateway.api.utils.FilterUtil;
import io.micrometer.common.util.StringUtils;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import javax.xml.bind.DatatypeConverter;
import java.nio.charset.StandardCharsets;
import java.sql.Date;
import java.text.SimpleDateFormat;
import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
/**
* @Description 限流过滤器
* @Author miller.Lai
* @Date 2023-11-06 10:23
*/
@Component
@Slf4j
public class RequestLimitFilter implements GlobalFilter, Ordered {
@Resource
private UserManageService userManageService;
private final ConcurrentHashMap<String, AtomicInteger> requestLimitMap =new ConcurrentHashMap();
@Value("${tencentcloud.api.request.maxQps:60}")
private int maxQPS;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
// 接口请求所在秒钟
String currentTime = String.valueOf(System.currentTimeMillis() / 1000L);
// 每秒并发数限制
synchronized(this){
AtomicInteger currentQPS = requestLimitMap.get(currentTime);
if(currentQPS != null ){
if(currentQPS.get() >= maxQPS){
log.error("当前请求达到QPS上线,请求被拒绝处理");
return FilterUtil.getVoidMono(exchange,new BaseResponse("500","系统繁忙,请稍后重试",null));
}else{
currentQPS.getAndIncrement();
}
}else{
requestLimitMap.clear();
requestLimitMap.put(currentTime,new AtomicInteger(1));
}
}
ServerHttpRequest request = exchange.getRequest();
List<String> authorizationList = request.getHeaders().get("authorization");
List<String> actionList = request.getHeaders().get("X-TC-Action");
// 如果请求头中存在 authorization 信息,则要进行替换,以适应现有的接口TPS限制策略
if (!CollectionUtils.isEmpty(authorizationList) && StringUtils.isNotEmpty(authorizationList.get(0))&&
!CollectionUtils.isEmpty(actionList) && StringUtils.isNotEmpty(actionList.get(0))) {
UserInfo userInfo = new UserInfo();
// 接口名称
String action = null;
try {
action = actionList.get(0);
// 获取可用的腾讯秘钥,这是一个阻塞方法
userInfo = userManageService.getAvailableUserInfo(action,exchange);
String secretId = userInfo.getSecretInfo().getSecretId();
String secretKey = userInfo.getSecretInfo().getSecretKey();
// 根据可用的秘钥对请求头中的认证信息做重新生成
String signedHeaders = "content-type;host";
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd");
sdf.setTimeZone(TimeZone.getTimeZone("UTC"));
// 接口请求所在秒钟
String timestamp = String.valueOf(System.currentTimeMillis() / 1000L);
String date = sdf.format(new Date(Long.parseLong(timestamp + "000")));
String service = request.getHeaders().get("service") != null ? request.getHeaders().get("service").get(0) : "";
String credentialScope = date + "/" + service + "/tc3_request";
String stringToSign = request.getHeaders().get("stringToSign") != null ? new String(Base64.getDecoder().decode(Objects.requireNonNull(request.getHeaders().get("stringToSign")).get(0).getBytes())) : "";
try {
byte[] secretDate = Sign.hmac256(("TC3" + secretKey).getBytes(StandardCharsets.UTF_8), date);
byte[] secretService = Sign.hmac256(secretDate, service);
byte[] secretSigning = Sign.hmac256(secretService, "tc3_request");
String signature = DatatypeConverter.printHexBinary(Sign.hmac256(secretSigning, stringToSign)).toLowerCase();
String authorization = "TC3-HMAC-SHA256 Credential=" + secretId + "/" + credentialScope + ", SignedHeaders=" + signedHeaders + ", Signature=" + signature;
exchange.getRequest().mutate().headers(httpHeaders -> {
// 去除自定义的请求头
httpHeaders.remove("service");
httpHeaders.remove("stringToSign");
// 去除不合法的认证信息
httpHeaders.remove("authorization");
// 塞入有效的认证信息
httpHeaders.add("authorization", authorization);
});
} catch (Exception e) {
log.error(e.getMessage());
return FilterUtil.getVoidMono(exchange,new BaseResponse("500",e.getMessage(),null));
}
UserInfo finalUserInfo = userInfo;
String finalAction = action;
// 获取是否正常获取信号量许可的标志
String hasAcquired =(String) exchange.getAttributes().get("hasAcquired");
log.info("{} ************* 请求头修饰完毕,开始进行转发,修饰后的请求头信息: *************",exchange.getAttributes().get("requestId"));
// 打印请求头信息
exchange.getRequest().getHeaders().forEach((header, values) -> {
log.info( exchange.getAttributes().get("requestId")+" " +header + " : " + values);
});
log.info("{} ************* 秘钥信息: *************",exchange.getAttributes().get("requestId"));
log.info("{} secretId:{}",exchange.getAttributes().get("requestId"),secretId);
log.info("{} secretKey:{}",exchange.getAttributes().get("requestId"),secretKey);
return chain.filter(exchange).then( Mono.fromRunnable(() -> {
// 接口逻辑执行完毕后释放信号量锁
if("1".equals(hasAcquired)) {
finalUserInfo.getInterfaceInfo(finalAction).getSemaphore().release();
log.info("{} ************* 已释放请求通行许可 *************",exchange.getAttributes().get("requestId"));
}
}));
} catch (Exception e) {
// 在发生错误时释放信号量锁
// 将当前线程标记为已获取许可
// 获取是否正常获取信号量许可的标志
String hasAcquired =(String) exchange.getAttributes().get("hasAcquired");
if("1".equals(hasAcquired)){
userInfo.getInterfaceInfo(action).getSemaphore().release();
log.info("{} ************* 已释放请求通行许可 *************",exchange.getAttributes().get("requestId"));
}
tencentcloudapi-gateway-server.rar (43个子文件) 
tencentcloudapi-gateway-server 
pom.xml 3KB src main resources authorization.json 1KB application-dev.yml 1KB application.yml 43B logback-spring.xml 7KB java com tencentcloudapi gateway api utils FilterUtil.java 1KB UuidUtil.java 2KB service UserManageService.java 462B UserManageServiceImpl.java 7KB dto UserInfo.java 1KB BaseResponse.java 825B Error.java 560B InterfaceInfo.java 1KB Response.java 994B SecretInfo.java 657B filter RequestLimitFilter.java 8KB WrapperResponseGlobalFilter.java 4KB WrapperRequestGlobalFilter.java 4KB GatewayApplication.java 1KB target classes authorization.json 1KB application-dev.yml 1KB application.yml 43B logback-spring.xml 7KB com tencentcloudapi gateway api utils UuidUtil.class 2KB FilterUtil.class 2KB service UserManageServiceImpl$1.class 871B UserManageService.class 305B UserManageServiceImpl.class 6KB dto BaseResponse.class 1KB Error.class 1KB UserInfo.class 2KB SecretInfo.class 786B Response.class 1KB InterfaceInfo.class 1KB filter RequestLimitFilter.class 11KB WrapperRequestGlobalFilter.class 9KB WrapperResponseGlobalFilter$1.class 6KB WrapperResponseGlobalFilter.class 4KB WrapperRequestGlobalFilter$1.class 1KB GatewayApplication.class 3KB maven-status maven-compiler-plugin compile default-compile createdFiles.lst 1015B inputFiles.lst 2KB maven-archiver pom.properties 81B generated-sources annotations 资源评论
季风泯灭的季节
- 粉丝: 2003
- 资源: 3370
最新资源
- 交互可视化期末大作业基于ipynb实现的气候变化和世界森林面积的变化可视化分析项目源代码+数据
- 通过注册表解决Windows中ctrl+空格切换中英文的问题
- xss-labs通关手册
- python-微信小程序-美容预约.zip
- 货币识别检测6-YOLO(v5至v9)、COCO、CreateML、Darknet、TFRecord、VOC数据集合集.rar
- ANSI-ISA-95.00.01-2010企业控制系统集成第一部分:模型与术语解析 中文译文
- java项目,课程设计-Javaweb仓库管理系统项目源码.zip
- CONTEXT-AWARE META-LEARNING(上下文感知元学习-原版论文
- jdk8安装包包含linux和windows
- 亚控SCADA&MES产品在新能源造车新势力的生产过程管控案例分享
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
