Since after 2 days I still cannot figure how to perform a print of a HttpServletResponse
body in HandlerInterceptorAdapter
, I'll ask another time :)
With HttpServletRequest
I can easily do something like request.getReader().lines().collect(Collectors.joining(System.lineSeparator()));
and I have the full body but how to make the same with HttpServletResponse
?
I Had found lots of question on StackOverflow about that but none of them seems to work.
This is the handler:
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
//how to print here the "response" by using the "response" parameter
super.afterCompletion(request, response, handler, ex);
}
this answer is quite the same and links to this but they use ServletResponse
and NOT HttpServletResponse
and something with FilterChain
which I have not in my afterCompletion
handler. Even this that seems the most complete one is not suitable (I think) in my case.
Do someone can provide me a simple serialization example with HttpServletResponse
?
It's been hard on searching deeply into it but found that ResponseBodyAdvice
could be suitable for my purposes. So looking for some example on StackOverflow found this guy which had quite same issue having to manipulate the Object body
.
That's my final working solution in order to implement what I wrote here
@ControllerAdvice
public class CSRFHandler implements ResponseBodyAdvice<Object> {
@Value("${security.csrf.enabled}")
private String csrfEnabled;
@Value("${security.csrf.headerName}")
private String csrfHeaderName;
@Value("${security.csrf.salt}")
private String salt;
@Override
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
return true;
}
@Override
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType,
Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request,
ServerHttpResponse response) {
if (new Boolean(csrfEnabled).booleanValue()) {
String csrfValue = SecureUtil.buildCsrfValue(salt, StringUtil.toJson(body));
response.getHeaders().add(csrfHeaderName, csrfValue);
}
return body;
}
}