-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat : upgrade to springboot 3.4 #1480
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
package com.example.restclient.bootrestclient.config; | ||
|
||
import java.io.ByteArrayInputStream; | ||
import java.io.IOException; | ||
import java.io.InputStream; | ||
import java.nio.charset.StandardCharsets; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.http.HttpHeaders; | ||
import org.springframework.http.HttpRequest; | ||
import org.springframework.http.HttpStatusCode; | ||
import org.springframework.http.client.ClientHttpRequestExecution; | ||
import org.springframework.http.client.ClientHttpRequestInterceptor; | ||
import org.springframework.http.client.ClientHttpResponse; | ||
import org.springframework.stereotype.Component; | ||
|
||
@Component | ||
public class ClientLoggerRequestInterceptor implements ClientHttpRequestInterceptor { | ||
|
||
private static final Logger log = LoggerFactory.getLogger(ClientLoggerRequestInterceptor.class); | ||
|
||
@Override | ||
public ClientHttpResponse intercept( | ||
HttpRequest request, byte[] body, ClientHttpRequestExecution execution) | ||
throws IOException { | ||
logRequest(request, body); | ||
ClientHttpResponse response = execution.execute(request, body); | ||
return logResponse(response); | ||
} | ||
|
||
private BufferingClientHttpResponseWrapper logResponse(ClientHttpResponse response) | ||
throws IOException { | ||
log.info( | ||
"============================response begin=========================================="); | ||
log.info("Status code : {}", response.getStatusCode()); | ||
log.info("Status text : {}", response.getStatusText()); | ||
logHeaders(response.getHeaders()); | ||
byte[] responseBody = response.getBody().readAllBytes(); | ||
if (responseBody.length > 0) { | ||
log.info("Response body: {}", new String(responseBody, StandardCharsets.UTF_8)); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Avoid logging sensitive information in response bodies Logging the response body can expose sensitive data returned by the server. This poses a security risk if the logs are compromised. Apply this diff to remove logging of the response body: - if (responseBody.length > 0) {
- log.info("Response body: {}", new String(responseBody, StandardCharsets.UTF_8));
- }
|
||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Handle potential memory issues with large response bodies Reading the entire response body into memory using Consider limiting the size of the response body that is read and logged, or stream the response body instead of loading it entirely into memory. |
||
log.info( | ||
"=======================response end================================================="); | ||
return new BufferingClientHttpResponseWrapper(response, responseBody); | ||
} | ||
|
||
private void logRequest(HttpRequest request, byte[] body) { | ||
|
||
log.info( | ||
"===========================request begin================================================"); | ||
log.info("URI : {}", request.getURI()); | ||
log.info("Method : {}", request.getMethod()); | ||
logHeaders(request.getHeaders()); | ||
if (body.length > 0) { | ||
log.info("Request body: {}", new String(body, StandardCharsets.UTF_8)); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Avoid logging sensitive information in request bodies Logging the request body may expose sensitive data such as credentials or personal information. It's a security risk to log request bodies without sanitization. Apply this diff to remove logging of the request body: - if (body.length > 0) {
- log.info("Request body: {}", new String(body, StandardCharsets.UTF_8));
- }
|
||
} | ||
log.info( | ||
"==========================request end================================================"); | ||
} | ||
|
||
private void logHeaders(HttpHeaders headers) { | ||
log.info("Headers : "); | ||
headers.forEach((name, values) -> values.forEach(value -> log.info("{}={}", name, value))); | ||
} | ||
|
||
private static class BufferingClientHttpResponseWrapper implements ClientHttpResponse { | ||
private final ClientHttpResponse response; | ||
private final byte[] body; | ||
|
||
public BufferingClientHttpResponseWrapper(ClientHttpResponse response, byte[] body) { | ||
this.response = response; | ||
this.body = body; | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Reuse existing classes for response buffering Spring provides a Consider replacing the custom Apply this diff: - private static class BufferingClientHttpResponseWrapper implements ClientHttpResponse {
- // Custom implementation
- }
+ // Remove custom wrapper and use Spring's BufferingClientHttpResponseWrapper And modify the
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @coderabbitai, Spring's BufferingClientHttpResponseWrapper is not a public class, how to replace custom code with Spring's BufferingClientHttpResponseWrapper? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @rajadilipkolli, thank you for pointing that out. You are correct that Spring's ✏️ Learnings added
|
||
|
||
@Override | ||
public InputStream getBody() throws IOException { | ||
return new ByteArrayInputStream(body); | ||
} | ||
|
||
@Override | ||
public HttpHeaders getHeaders() { | ||
return response.getHeaders(); | ||
} | ||
|
||
@Override | ||
public HttpStatusCode getStatusCode() throws IOException { | ||
return response.getStatusCode(); | ||
} | ||
|
||
@Override | ||
public int getRawStatusCode() throws IOException { | ||
return response.getRawStatusCode(); | ||
} | ||
|
||
@Override | ||
public String getStatusText() throws IOException { | ||
return response.getStatusText(); | ||
} | ||
|
||
@Override | ||
public void close() { | ||
response.close(); | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ensure response body stream is not consumed
Calling
response.getBody().readAllBytes()
consumes the input stream, which may cause issues for downstream processing that expects to read from the response body.To prevent consuming the response body stream, consider wrapping the response without reading and consuming the stream upfront.