Subversion Repositories SmartDukaan

Rev

Rev 36510 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
33764 ranu 1 
package com.spice.profitmandi.web.interceptor;
2 
 
36510 amit 3 
import com.spice.profitmandi.web.filter.RequestCachingFilter;
4 
import org.apache.logging.log4j.LogManager;
33764 ranu 5 
import org.apache.logging.log4j.Logger;
6 
import org.springframework.beans.factory.annotation.Autowired;
36510 amit 7 
import org.springframework.data.redis.core.RedisTemplate;
33764 ranu 8 
import org.springframework.stereotype.Component;
9 
import org.springframework.web.servlet.HandlerInterceptor;
10 
import org.springframework.web.servlet.ModelAndView;
11 
 
36510 amit 12 
import javax.servlet.http.HttpServletRequest;
13 
import javax.servlet.http.HttpServletResponse;
14 
import java.security.MessageDigest;
15 
import java.util.concurrent.TimeUnit;
33764 ranu 16 
 
17 
@Component
18 
public class PostInterceptor implements HandlerInterceptor {
19 
 
20 
    private static final Logger LOGGER = LogManager.getLogger(PostInterceptor.class);
36510 amit 21 
    private static final String IDEM_PREFIX = "idem:";
22 
    private static final long IDEM_TTL_SECONDS = 300;
23 
    private static final String REQUEST_ATTR_IDEM_KEY = "postInterceptor.idemKey";
33764 ranu 24 
 
25 
    @Autowired
36510 amit 26 
    private RedisTemplate<String, Object> redisTemplate;
33764 ranu 27 
 
36510 amit 28 
    @Override
29 
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
36517 amit 30 
        if (!"POST".equalsIgnoreCase(request.getMethod())) {
36510 amit 31 
            return true;
32 
        }
35272 amit 33 
 
36517 amit 34 
        String idempotencyHeader = request.getHeader("IdempotencyKey");
36510 amit 35 
        String idemKey = buildIdempotencyKey(request, idempotencyHeader);
36 
        if (idemKey == null) {
37 
            return true;
38 
        }
39 
 
40 
        String redisKey = IDEM_PREFIX + idemKey;
41 
        Boolean claimed = redisTemplate.opsForValue()
42 
                .setIfAbsent(redisKey, "pending", IDEM_TTL_SECONDS, TimeUnit.SECONDS);
43 
 
44 
        if (Boolean.TRUE.equals(claimed)) {
45 
            request.setAttribute(REQUEST_ATTR_IDEM_KEY, idemKey);
46 
            return true;
47 
        }
48 
 
49 
        LOGGER.info("Duplicate request detected: idemKey={}, uri={}", idemKey, request.getRequestURI());
50 
        response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
51 
        response.getWriter().write("Duplicate request.");
52 
        return false;
53 
    }
54 
 
33764 ranu 55 
    @Override
36510 amit 56 
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView)
33764 ranu 57 
            throws Exception {
58 
    }
59 
 
60 
    @Override
36510 amit 61 
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
33764 ranu 62 
            throws Exception {
36510 amit 63 
        String idemKey = (String) request.getAttribute(REQUEST_ATTR_IDEM_KEY);
64 
        if (idemKey == null) {
65 
            return;
66 
        }
67 
        String redisKey = IDEM_PREFIX + idemKey;
68 
        if (ex == null && response.getStatus() >= 200 && response.getStatus() < 300) {
69 
            redisTemplate.opsForValue().set(redisKey, "done", IDEM_TTL_SECONDS, TimeUnit.SECONDS);
70 
        } else {
71 
            redisTemplate.delete(redisKey);
72 
        }
33764 ranu 73 
    }
74 
 
36510 amit 75 
    private String buildIdempotencyKey(HttpServletRequest request, String header) {
76 
        if (header != null && !header.isEmpty()) {
77 
            String uri = request.getRequestURI();
78 
            String query = request.getQueryString();
79 
            String scope = header + "|" + uri + (query != null ? "?" + query : "");
80 
            return sha256(scope.getBytes(java.nio.charset.StandardCharsets.UTF_8));
81 
        }
82 
        if ("POST".equalsIgnoreCase(request.getMethod())
83 
                && request instanceof RequestCachingFilter.CachedBodyRequest) {
84 
            byte[] body = ((RequestCachingFilter.CachedBodyRequest) request).getCachedBody();
85 
            if (body.length > 0) {
86 
                return sha256(body);
33764 ranu 87 
            }
36510 amit 88 
        }
89 
        return null;
90 
    }
33764 ranu 91 
 
36510 amit 92 
    private static String sha256(byte[] data) {
93 
        try {
94 
            MessageDigest digest = MessageDigest.getInstance("SHA-256");
95 
            byte[] hash = digest.digest(data);
96 
            StringBuilder hex = new StringBuilder(64);
97 
            for (byte b : hash) {
98 
                hex.append(String.format("%02x", b));
34824 vikas 99 
            }
36510 amit 100 
            return hex.toString();
101 
        } catch (Exception e) {
102 
            throw new RuntimeException("SHA-256 not available", e);
33764 ranu 103 
        }
104 
    }
105 
}