Spring 启动休息 API - 未知字段 - 错误消息自定义
Spring Boot Rest API - Unknown Field - Error Message Customization
我们有一个 spring 基于引导的 rest api 接受来自 json 中多个消费者的 http post 请求。它不能接受带有未知字段的请求,需要给出一个响应,表明这是一个错误的请求,并有意义地描述错误。但是,出于安全原因,我们只需要给他们足够的错误信息。
这是我们目前所拥有的:
为了实现它,这是我们目前所做的:
应用程序属性文件包含:
spring.jackson.deserialization.fail-on-unknown-properties=true
异常处理已像这样自定义(为简洁起见,省略了其他功能):
@ControllerAdvice
@Order(Ordered.HIGHEST_PRECEDENCE)
public class RestExceptionHandler extends ResponseEntityExceptionHandler {
Logger logger = LoggerFactory.getLogger(RestExceptionHandler.class);
@Override
public ResponseEntity<Object> handleHttpMessageNotReadable(
HttpMessageNotReadableException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
//this message can't give them info about known properties
exceptionMessage = ex.getLocalizedMessage();
logger.debug("exceptionMessage: " + ex.getLocalizedMessage());
//ApiError is a custom object to encapsulate the information to be sent in the api response.
ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, "HTTP message not readable", exceptionMessage);
apiError.setHttpStatus(HttpStatus.BAD_REQUEST);
apiError.setErrorMessage(errorMessage);
return new ResponseEntity<Object>(apiError, new HttpHeaders(), apiError.getHttpStatus());
}
}
包含 unknown-field 的 json 请求将导致以下异常:
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "unknown-field" (class mypackage.MyDomain), not marked as ignorable (2 known properties: "known-field-1", "known-field-2"])
出于安全原因,我们不想透露有关已知属性的详细信息(2 known properties: "known-field-1", "known-field-2"])。
请求正文:
{"known-field-1": 1, "unknown-field": 2}
实际响应正文:
{"status":"BAD_REQUEST","message":"HTTP message not readable","errors":[Unrecognized field "unknown-field" (class mypackage.MyDomain), not marked as ignorable (2 known properties: "known-field-1", "known-field-2"]}
所需的响应正文:
{"status":"BAD_REQUEST","message":"HTTP message not readable","errors":["Unknown field: unknown-field"]}
如何轻松地进一步定制这个?
这解决了它:
@Override
public ResponseEntity<Object> handleHttpMessageNotReadable(
HttpMessageNotReadableException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
String exceptionMessage = null;
Throwable rootCause = ex.getRootCause();
if(rootCause instanceof UnrecognizedPropertyException)
{
exceptionMessage = "Unknown field: " + ((UnrecognizedPropertyException) rootCause).getPropertyName();
logger.debug("exceptionMessage: " + exceptionMessage);
}
ApiError apiError =
new ApiError(HttpStatus.BAD_REQUEST, "HTTP message not readable", exceptionMessage);
return new ResponseEntity<Object>(apiError, new HttpHeaders(), apiError.getStatus());
}
我们有一个 spring 基于引导的 rest api 接受来自 json 中多个消费者的 http post 请求。它不能接受带有未知字段的请求,需要给出一个响应,表明这是一个错误的请求,并有意义地描述错误。但是,出于安全原因,我们只需要给他们足够的错误信息。
这是我们目前所拥有的:
为了实现它,这是我们目前所做的:
应用程序属性文件包含:
spring.jackson.deserialization.fail-on-unknown-properties=true
异常处理已像这样自定义(为简洁起见,省略了其他功能):
@ControllerAdvice
@Order(Ordered.HIGHEST_PRECEDENCE)
public class RestExceptionHandler extends ResponseEntityExceptionHandler {
Logger logger = LoggerFactory.getLogger(RestExceptionHandler.class);
@Override
public ResponseEntity<Object> handleHttpMessageNotReadable(
HttpMessageNotReadableException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
//this message can't give them info about known properties
exceptionMessage = ex.getLocalizedMessage();
logger.debug("exceptionMessage: " + ex.getLocalizedMessage());
//ApiError is a custom object to encapsulate the information to be sent in the api response.
ApiError apiError = new ApiError(HttpStatus.BAD_REQUEST, "HTTP message not readable", exceptionMessage);
apiError.setHttpStatus(HttpStatus.BAD_REQUEST);
apiError.setErrorMessage(errorMessage);
return new ResponseEntity<Object>(apiError, new HttpHeaders(), apiError.getHttpStatus());
}
}
包含 unknown-field 的 json 请求将导致以下异常:
com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "unknown-field" (class mypackage.MyDomain), not marked as ignorable (2 known properties: "known-field-1", "known-field-2"])
出于安全原因,我们不想透露有关已知属性的详细信息(2 known properties: "known-field-1", "known-field-2"])。
请求正文:
{"known-field-1": 1, "unknown-field": 2}
实际响应正文:
{"status":"BAD_REQUEST","message":"HTTP message not readable","errors":[Unrecognized field "unknown-field" (class mypackage.MyDomain), not marked as ignorable (2 known properties: "known-field-1", "known-field-2"]}
所需的响应正文:
{"status":"BAD_REQUEST","message":"HTTP message not readable","errors":["Unknown field: unknown-field"]}
如何轻松地进一步定制这个?
这解决了它:
@Override
public ResponseEntity<Object> handleHttpMessageNotReadable(
HttpMessageNotReadableException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
String exceptionMessage = null;
Throwable rootCause = ex.getRootCause();
if(rootCause instanceof UnrecognizedPropertyException)
{
exceptionMessage = "Unknown field: " + ((UnrecognizedPropertyException) rootCause).getPropertyName();
logger.debug("exceptionMessage: " + exceptionMessage);
}
ApiError apiError =
new ApiError(HttpStatus.BAD_REQUEST, "HTTP message not readable", exceptionMessage);
return new ResponseEntity<Object>(apiError, new HttpHeaders(), apiError.getStatus());
}