From 200519712c520b4daa23a3216f2cb74814aa50ee Mon Sep 17 00:00:00 2001
From: "housewu@aslcn.com.cn" <housewu@aslcn.com.cn>
Date: Sat, 8 Mar 2025 21:53:52 +0800
Subject: [PATCH] =?UTF-8?q?=20=E5=BD=93=20exception=20=E5=8F=91=E7=94=9F?=
 =?UTF-8?q?=E5=9C=A8Servlet(eg:=20TokenAuthenticationFilter,=20xxxFilter),?=
 =?UTF-8?q?=20=E5=B9=B6=E4=B8=94=E8=AF=A5=E8=AF=B7=E6=B1=82=E6=98=AF?=
 =?UTF-8?q?=E8=A2=ABspringSecurity=E8=BF=87=E6=BB=A4=E7=9A=84=E8=AF=B7?=
 =?UTF-8?q?=E6=B1=82=EF=BC=88=E6=AF=94=E5=A6=82=E9=85=8D=E7=BD=AE=E4=BA=86?=
 =?UTF-8?q?permit-all=5Furls=E7=9A=84=E8=AF=B7=E6=B1=82=EF=BC=89=EF=BC=8C?=
 =?UTF-8?q?=20=E4=BB=A3=E7=A0=81=E8=BF=9B=E5=85=A5=E5=88=B0=20ApiAccessLog?=
 =?UTF-8?q?Interceptor=20=E7=9A=84=E6=97=B6=E5=80=99=EF=BC=8C=E6=8B=BF?=
 =?UTF-8?q?=E5=88=B0=E7=9A=84=E6=98=AF=E5=8E=9F=E5=A7=8B=E7=9A=84request?=
 =?UTF-8?q?=E8=80=8C=E4=B8=8D=E6=98=AFCacheRequestBodyWrapper=EF=BC=8C?=
 =?UTF-8?q?=E8=BF=99=E6=97=B6=E5=80=99=E4=B8=8D=E8=83=BD=20getBody=20from?=
 =?UTF-8?q?=20request=EF=BC=8C=20=E5=90=A6=E5=88=99=E4=BC=9A=E6=8A=9B?=
 =?UTF-8?q?=E5=BC=82=E5=B8=B8=20request=20=E5=B7=B2=E7=BB=8F=E8=A2=AB?=
 =?UTF-8?q?=E6=B6=88=E8=B4=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../apilog/core/interceptor/ApiAccessLogInterceptor.java   | 7 ++++++-
 .../framework/web/core/filter/CacheRequestBodyFilter.java  | 7 +++++++
 .../framework/web/core/filter/CacheRequestBodyWrapper.java | 5 +++++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/apilog/core/interceptor/ApiAccessLogInterceptor.java b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/apilog/core/interceptor/ApiAccessLogInterceptor.java
index 3629fc4044..5fa448351c 100644
--- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/apilog/core/interceptor/ApiAccessLogInterceptor.java
+++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/apilog/core/interceptor/ApiAccessLogInterceptor.java
@@ -6,6 +6,7 @@ import cn.hutool.core.io.resource.ResourceUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.iocoder.yudao.framework.common.util.servlet.ServletUtils;
 import cn.iocoder.yudao.framework.common.util.spring.SpringUtils;
+import cn.iocoder.yudao.framework.web.core.filter.CacheRequestBodyWrapper;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.util.StopWatch;
 import org.springframework.web.method.HandlerMethod;
@@ -44,7 +45,11 @@ public class ApiAccessLogInterceptor implements HandlerInterceptor {
         // 打印 request 日志
         if (!SpringUtils.isProd()) {
             Map<String, String> queryString = ServletUtils.getParamMap(request);
-            String requestBody = ServletUtils.isJsonRequest(request) ? ServletUtils.getBody(request) : null;
+            String requestBody = null;
+            if(ServletUtils.isJsonRequest(request)){
+                requestBody = (String) request.getAttribute(CacheRequestBodyWrapper.CACHE_BODY);
+            }
+
             if (CollUtil.isEmpty(queryString) && StrUtil.isEmpty(requestBody)) {
                 log.info("[preHandle][开始请求 URL({}) 无参数]", request.getRequestURI());
             } else {
diff --git a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyFilter.java b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyFilter.java
index 7051fc8835..d4b97d15c3 100644
--- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyFilter.java
+++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyFilter.java
@@ -19,6 +19,13 @@ public class CacheRequestBodyFilter extends OncePerRequestFilter {
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
             throws IOException, ServletException {
+        //      当 exception 发生在Servlet(eg: TokenAuthenticationFilter, xxxFilter),
+        // 并且该请求是被springSecurity过滤的请求（比如配置了permit-all_urls的请求），
+        // 代码进入到 ApiAccessLogInterceptor 的时候，拿到的是原始的request而不是CacheRequestBodyWrapper，
+        // 这时候不能 getBody from request，否则会抛异常 request 已经被消费
+        CacheRequestBodyWrapper cacheRequestBodyWrapper = new CacheRequestBodyWrapper(request);
+        String body = ServletUtils.getBody(cacheRequestBodyWrapper);
+        request.setAttribute(CacheRequestBodyWrapper.CACHE_BODY, body);
         filterChain.doFilter(new CacheRequestBodyWrapper(request), response);
     }
 
diff --git a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyWrapper.java b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyWrapper.java
index 616a340184..1c10e71b90 100644
--- a/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyWrapper.java
+++ b/yudao-framework/yudao-spring-boot-starter-web/src/main/java/cn/iocoder/yudao/framework/web/core/filter/CacheRequestBodyWrapper.java
@@ -18,6 +18,11 @@ import java.io.InputStreamReader;
  */
 public class CacheRequestBodyWrapper extends HttpServletRequestWrapper {
 
+    /**
+     * 缓存在request的body
+     */
+    public static final String CACHE_BODY = "cache_body";
+
     /**
      * 缓存的内容
      */