0

我需要通过我自己的 api 调用第三方 api。第三方 api 需要自定义标头进行身份验证,我不希望将其暴露给客户端。所以我所做的是添加自定义标头并在我的 api 中调用第三方 api。但它不起作用。

@GetMapping(value = "/downloadCompletedDocument/{id}", produces = MediaType.APPLICATION_PDF_VALUE)
public ResponseEntity<byte[]> download(@PathVariable("id") String id, @RequestHeader Map header)
{
    HttpHeaders headers = new HttpHeaders();
    headers.set("userloginname", "testUser");
    headers.set("organizationkey", "testOrganization");
    HttpEntity<String> requestEntity = new HttpEntity<>(headers);

    RestTemplate restTemplate = new RestTemplate();
    ResponseEntity<byte[]> responseObj = restTemplate
            .exchange(url + id, HttpMethod.GET, requestEntity,
                    byte[].class);
    return responseObj;
}

但是当我通过传递标头使用该工具时,它可以成功运行。这是我不明白的。

在此处输入图像描述

PS:我试过过滤器,但结果相同。

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
        throws IOException, ServletException
{

    HttpServletRequest req = (HttpServletRequest) request;
    HttpServletResponse res = (HttpServletResponse) response;
    MutableHttpServletRequest mutableRequest = new MutableHttpServletRequest(req);
    Enumeration<String> a = req.getHeaderNames();
    mutableRequest.putHeader("userloginname", "testUser");
    mutableRequest.putHeader("organizationkey", "testOrganization");
    Enumeration<String> b = mutableRequest.getHeaderNames();
    chain.doFilter(mutableRequest, response);
}
4

1 回答 1

0

我通过将第三方 api url 从 http 更改为 https 解决了这个问题。不知道为什么这不会影响其余客户端工具。

于 2020-06-15T03:55:20.050 回答