mirror of
https://github.com/signalapp/Signal-Server
synced 2026-04-18 04:05:20 +01:00
Don't cache authenticated accounts in memory
This commit is contained in:
Jon Chambers
GitHub
@@ -1,149 +0,0 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package org.whispersystems.websocket;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Optional;
|
||||
import java.util.concurrent.atomic.AtomicBoolean;
|
||||
import org.whispersystems.websocket.auth.PrincipalSupplier;
|
||||
|
||||
/**
|
||||
* This class holds a principal that can be reused across requests on a websocket. Since two requests may operate
|
||||
* concurrently on the same principal, and some principals contain non thread-safe mutable state, appropriate use of
|
||||
* this class ensures that no data races occur. It also ensures that after a principal is modified, a subsequent request
|
||||
* gets the up-to-date principal
|
||||
*
|
||||
* @param <T> The underlying principal type
|
||||
* @see PrincipalSupplier
|
||||
*/
|
||||
public abstract sealed class ReusableAuth<T extends Principal> {
|
||||
|
||||
/**
|
||||
* Get a reference to the underlying principal that callers pledge not to modify.
|
||||
* <p>
|
||||
* The reference returned will potentially be provided to many threads concurrently accessing the principal. Callers
|
||||
* should use this method only if they can ensure that they will not modify the in-memory principal object AND they do
|
||||
* not intend to modify the underlying canonical representation of the principal.
|
||||
* <p>
|
||||
* For example, if a caller retrieves a reference to a principal, does not modify the in memory state, but updates a
|
||||
* field on a database that should be reflected in subsequent retrievals of the principal, they will have met the
|
||||
* first criteria, but not the second. In that case they should instead use {@link #mutableRef()}.
|
||||
* <p>
|
||||
* If other callers have modified the underlying principal by using {@link #mutableRef()}, this method may need to
|
||||
* refresh the principal via {@link PrincipalSupplier#refresh} which could be a blocking operation.
|
||||
*
|
||||
* @return If authenticated, a reference to the underlying principal that should not be modified
|
||||
*/
|
||||
public abstract Optional<T> ref();
|
||||
|
||||
|
||||
public interface MutableRef<T> {
|
||||
|
||||
T ref();
|
||||
|
||||
void close();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get a reference to the underlying principal that may be modified.
|
||||
* <p>
|
||||
* The underlying principal can be safely modified. Multiple threads may operate on the same {@link ReusableAuth} so
|
||||
* long as they each have their own {@link MutableRef}. After any modifications, the caller must call
|
||||
* {@link MutableRef#close} to notify the principal has become dirty. Close should be called after modifications but
|
||||
* before sending a response on the websocket. This ensures that a request that comes in after a modification response
|
||||
* is received is guaranteed to see the modification.
|
||||
*
|
||||
* @return If authenticated, a reference to the underlying principal that may be modified
|
||||
*/
|
||||
public abstract Optional<MutableRef<T>> mutableRef();
|
||||
|
||||
/**
|
||||
* @return A {@link ReusableAuth} indicating no credential were provided
|
||||
*/
|
||||
public static <T extends Principal> ReusableAuth<T> anonymous() {
|
||||
//noinspection unchecked
|
||||
return (ReusableAuth<T>) Anonymous.ANON_RESULT;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a successfully authenticated {@link ReusableAuth}
|
||||
*
|
||||
* @param principal The authenticated principal
|
||||
* @param principalSupplier Instructions for how to refresh or copy this principal
|
||||
* @param <T> The principal type
|
||||
* @return A {@link ReusableAuth} for a successfully authenticated principal
|
||||
*/
|
||||
public static <T extends Principal> ReusableAuth<T> authenticated(T principal,
|
||||
PrincipalSupplier<T> principalSupplier) {
|
||||
return new Authenticated<>(principal, principalSupplier);
|
||||
}
|
||||
|
||||
private static final class Anonymous<T extends Principal> extends ReusableAuth<T> {
|
||||
|
||||
@SuppressWarnings({"rawtypes"})
|
||||
private static final ReusableAuth ANON_RESULT = new Anonymous();
|
||||
|
||||
@Override
|
||||
public Optional<T> ref() {
|
||||
return Optional.empty();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<MutableRef<T>> mutableRef() {
|
||||
return Optional.empty();
|
||||
}
|
||||
}
|
||||
|
||||
private static final class Authenticated<T extends Principal> extends ReusableAuth<T> {
|
||||
|
||||
private T basePrincipal;
|
||||
private final AtomicBoolean needRefresh = new AtomicBoolean(false);
|
||||
private final PrincipalSupplier<T> principalSupplier;
|
||||
|
||||
Authenticated(final T basePrincipal, PrincipalSupplier<T> principalSupplier) {
|
||||
this.basePrincipal = basePrincipal;
|
||||
this.principalSupplier = principalSupplier;
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<T> ref() {
|
||||
maybeRefresh();
|
||||
return Optional.of(basePrincipal);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Optional<MutableRef<T>> mutableRef() {
|
||||
maybeRefresh();
|
||||
return Optional.of(new AuthenticatedMutableRef(principalSupplier.deepCopy(basePrincipal)));
|
||||
}
|
||||
|
||||
private void maybeRefresh() {
|
||||
if (needRefresh.compareAndSet(true, false)) {
|
||||
basePrincipal = principalSupplier.refresh(basePrincipal);
|
||||
}
|
||||
}
|
||||
|
||||
private class AuthenticatedMutableRef implements MutableRef<T> {
|
||||
|
||||
final T ref;
|
||||
|
||||
private AuthenticatedMutableRef(T ref) {
|
||||
this.ref = ref;
|
||||
}
|
||||
|
||||
public T ref() {
|
||||
return ref;
|
||||
}
|
||||
|
||||
public void close() {
|
||||
needRefresh.set(true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private ReusableAuth() {
|
||||
}
|
||||
}
|
||||
@@ -58,7 +58,7 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
|
||||
|
||||
private final Map<Long, CompletableFuture<WebSocketResponseMessage>> requestMap = new ConcurrentHashMap<>();
|
||||
|
||||
private final ReusableAuth<T> reusableAuth;
|
||||
private final Optional<T> reusableAuth;
|
||||
private final WebSocketMessageFactory messageFactory;
|
||||
private final Optional<WebSocketConnectListener> connectListener;
|
||||
private final ApplicationHandler jerseyHandler;
|
||||
@@ -77,7 +77,7 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
|
||||
String remoteAddressPropertyName,
|
||||
ApplicationHandler jerseyHandler,
|
||||
WebsocketRequestLog requestLog,
|
||||
ReusableAuth<T> authenticated,
|
||||
Optional<T> authenticated,
|
||||
WebSocketMessageFactory messageFactory,
|
||||
Optional<WebSocketConnectListener> connectListener,
|
||||
Duration idleTimeout) {
|
||||
@@ -97,7 +97,7 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
|
||||
this.remoteEndpoint = session.getRemote();
|
||||
this.context = new WebSocketSessionContext(
|
||||
new WebSocketClient(session, remoteEndpoint, messageFactory, requestMap));
|
||||
this.context.setAuthenticated(reusableAuth.ref().orElse(null));
|
||||
this.context.setAuthenticated(reusableAuth.orElse(null));
|
||||
this.session.setIdleTimeout(idleTimeout);
|
||||
|
||||
connectListener.ifPresent(listener -> listener.onWebSocketConnect(this.context));
|
||||
@@ -164,16 +164,10 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
|
||||
|
||||
/**
|
||||
* The property name where {@link org.whispersystems.websocket.auth.WebsocketAuthValueFactoryProvider} can find an
|
||||
* {@link ReusableAuth} object that lives for the lifetime of the websocket
|
||||
* authenticated principal that lives for the lifetime of the websocket
|
||||
*/
|
||||
public static final String REUSABLE_AUTH_PROPERTY = WebSocketResourceProvider.class.getName() + ".reusableAuth";
|
||||
|
||||
/**
|
||||
* The property name where {@link org.whispersystems.websocket.auth.WebsocketAuthValueFactoryProvider} can install a
|
||||
* {@link org.whispersystems.websocket.ReusableAuth.MutableRef} for us to close when the request is finished
|
||||
*/
|
||||
public static final String RESOLVED_PRINCIPAL_PROPERTY = WebSocketResourceProvider.class.getName() + ".resolvedPrincipal";
|
||||
|
||||
/**
|
||||
* The property name where request byte count is stored for metrics collection
|
||||
*/
|
||||
@@ -205,16 +199,6 @@ public class WebSocketResourceProvider<T extends Principal> implements WebSocket
|
||||
containerRequest, responseBody);
|
||||
|
||||
responseFuture
|
||||
.whenComplete((ignoredResponse, ignoredError) -> {
|
||||
// If the request ended up being one that mutates our principal, we have to close it to indicate we're done
|
||||
// with the mutation operation
|
||||
final Object resolvedPrincipal = containerRequest.getProperty(RESOLVED_PRINCIPAL_PROPERTY);
|
||||
if (resolvedPrincipal instanceof ReusableAuth.MutableRef<?> ref) {
|
||||
ref.close();
|
||||
} else if (resolvedPrincipal != null) {
|
||||
logger.warn("unexpected resolved principal type {} : {}", resolvedPrincipal.getClass(), resolvedPrincipal);
|
||||
}
|
||||
})
|
||||
.thenAccept(response -> {
|
||||
try {
|
||||
final int responseBytes = responseBody.size();
|
||||
|
||||
@@ -64,9 +64,9 @@ public class WebSocketResourceProviderFactory<T extends Principal> extends Jetty
|
||||
try {
|
||||
Optional<WebSocketAuthenticator<T>> authenticator = Optional.ofNullable(environment.getAuthenticator());
|
||||
|
||||
final ReusableAuth<T> authenticated = authenticator.isPresent()
|
||||
final Optional<T> authenticated = authenticator.isPresent()
|
||||
? authenticator.get().authenticate(request)
|
||||
: ReusableAuth.anonymous();
|
||||
: Optional.empty();
|
||||
|
||||
Optional.ofNullable(environment.getAuthenticatedWebSocketUpgradeFilter())
|
||||
.ifPresent(filter -> filter.handleAuthentication(authenticated, request, response));
|
||||
|
||||
@@ -6,13 +6,13 @@
|
||||
package org.whispersystems.websocket.auth;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Optional;
|
||||
import org.eclipse.jetty.websocket.server.JettyServerUpgradeRequest;
|
||||
import org.eclipse.jetty.websocket.server.JettyServerUpgradeResponse;
|
||||
import org.whispersystems.websocket.ReusableAuth;
|
||||
|
||||
public interface AuthenticatedWebSocketUpgradeFilter<T extends Principal> {
|
||||
|
||||
void handleAuthentication(ReusableAuth<T> authenticated,
|
||||
void handleAuthentication(@SuppressWarnings("OptionalUsedAsFieldOrParameterType") Optional<T> authenticated,
|
||||
JettyServerUpgradeRequest request,
|
||||
JettyServerUpgradeResponse response);
|
||||
}
|
||||
|
||||
@@ -1,26 +0,0 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package org.whispersystems.websocket.auth;
|
||||
|
||||
import io.dropwizard.auth.Auth;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* An @{@link Auth} object annotated with {@link Mutable} indicates that the consumer of the object
|
||||
* will modify the object or its underlying canonical source.
|
||||
*
|
||||
* Note: An {@link Auth} object that does not specify @{@link ReadOnly} will be assumed to be @Mutable
|
||||
*
|
||||
* @see org.whispersystems.websocket.ReusableAuth
|
||||
*/
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target({ElementType.FIELD, ElementType.PARAMETER})
|
||||
public @interface Mutable {
|
||||
}
|
||||
|
||||
@@ -1,58 +0,0 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package org.whispersystems.websocket.auth;
|
||||
|
||||
/**
|
||||
* Teach {@link org.whispersystems.websocket.ReusableAuth} how to make a deep copy of a principal (that is safe to
|
||||
* concurrently modify while the original principal is being read), and how to refresh a principal after it has been
|
||||
* potentially modified.
|
||||
*
|
||||
* @param <T> The underlying principal type
|
||||
*/
|
||||
public interface PrincipalSupplier<T> {
|
||||
|
||||
/**
|
||||
* Re-fresh the principal after it has been modified.
|
||||
* <p>
|
||||
* If the principal is populated from a backing store, refresh should re-read it.
|
||||
*
|
||||
* @param t the potentially stale principal to refresh
|
||||
* @return The up-to-date principal
|
||||
*/
|
||||
T refresh(T t);
|
||||
|
||||
/**
|
||||
* Create a deep, in-memory copy of the principal. This should be identical to the original principal, but should
|
||||
* share no mutable state with the original. It should be safe for two threads to independently write and read from
|
||||
* two independent deep copies.
|
||||
*
|
||||
* @param t the principal to copy
|
||||
* @return An in-memory copy of the principal
|
||||
*/
|
||||
T deepCopy(T t);
|
||||
|
||||
class ImmutablePrincipalSupplier<T> implements PrincipalSupplier<T> {
|
||||
@SuppressWarnings({"rawtypes"})
|
||||
private static final PrincipalSupplier INSTANCE = new ImmutablePrincipalSupplier();
|
||||
|
||||
@Override
|
||||
public T refresh(final T t) {
|
||||
return t;
|
||||
}
|
||||
|
||||
@Override
|
||||
public T deepCopy(final T t) {
|
||||
return t;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return A principal supplier that can be used if the principal type does not support modification.
|
||||
*/
|
||||
static <T> PrincipalSupplier<T> forImmutablePrincipal() {
|
||||
//noinspection unchecked
|
||||
return (PrincipalSupplier<T>) ImmutablePrincipalSupplier.INSTANCE;
|
||||
}
|
||||
}
|
||||
@@ -1,25 +0,0 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
package org.whispersystems.websocket.auth;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* An @{@link io.dropwizard.auth.Auth} object annotated with {@link ReadOnly} indicates that the consumer of the object
|
||||
* will never modify the object, nor its underlying canonical source.
|
||||
* <p>
|
||||
* For example, a consumer of a @ReadOnly AuthenticatedAccount promises to never modify the in-memory
|
||||
* AuthenticatedAccount and to never modify the underlying Account database for the account.
|
||||
*
|
||||
* @see org.whispersystems.websocket.ReusableAuth
|
||||
*/
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target({ElementType.FIELD, ElementType.PARAMETER})
|
||||
public @interface ReadOnly {
|
||||
}
|
||||
|
||||
@@ -5,9 +5,20 @@
|
||||
package org.whispersystems.websocket.auth;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.Optional;
|
||||
import org.eclipse.jetty.websocket.api.UpgradeRequest;
|
||||
import org.whispersystems.websocket.ReusableAuth;
|
||||
|
||||
public interface WebSocketAuthenticator<T extends Principal> {
|
||||
ReusableAuth<T> authenticate(UpgradeRequest request) throws InvalidCredentialsException;
|
||||
|
||||
/**
|
||||
* Authenticates an account from credential headers provided in a WebSocket upgrade request.
|
||||
*
|
||||
* @param request the request from which to extract credentials
|
||||
*
|
||||
* @return the authenticated principal if credentials were provided and authenticated or empty if the caller is
|
||||
* anonymous
|
||||
*
|
||||
* @throws InvalidCredentialsException if credentials were provided, but could not be authenticated
|
||||
*/
|
||||
Optional<T> authenticate(UpgradeRequest request) throws InvalidCredentialsException;
|
||||
}
|
||||
|
||||
@@ -21,7 +21,6 @@ import org.glassfish.jersey.server.model.Parameter;
|
||||
import org.glassfish.jersey.server.spi.internal.ValueParamProvider;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.whispersystems.websocket.ReusableAuth;
|
||||
import org.whispersystems.websocket.WebSocketResourceProvider;
|
||||
|
||||
@Singleton
|
||||
@@ -43,36 +42,30 @@ public class WebsocketAuthValueFactoryProvider<T extends Principal> extends Abst
|
||||
return null;
|
||||
}
|
||||
|
||||
final boolean readOnly = parameter.isAnnotationPresent(ReadOnly.class);
|
||||
final boolean readOnly = true;
|
||||
|
||||
if (parameter.getRawType() == Optional.class
|
||||
&& ParameterizedType.class.isAssignableFrom(parameter.getType().getClass())
|
||||
&& principalClass == ((ParameterizedType) parameter.getType()).getActualTypeArguments()[0]) {
|
||||
return containerRequest -> createPrincipal(containerRequest, readOnly);
|
||||
return this::createPrincipal;
|
||||
} else if (principalClass.equals(parameter.getRawType())) {
|
||||
return containerRequest ->
|
||||
createPrincipal(containerRequest, readOnly)
|
||||
createPrincipal(containerRequest)
|
||||
.orElseThrow(() -> new WebApplicationException("Authenticated resource", 401));
|
||||
} else {
|
||||
throw new IllegalStateException("Can't inject unassignable principal: " + principalClass + " for parameter: " + parameter);
|
||||
}
|
||||
}
|
||||
|
||||
private Optional<? extends Principal> createPrincipal(final ContainerRequest request, final boolean readOnly) {
|
||||
private Optional<? extends Principal> createPrincipal(final ContainerRequest request) {
|
||||
final Object obj = request.getProperty(WebSocketResourceProvider.REUSABLE_AUTH_PROPERTY);
|
||||
if (!(obj instanceof ReusableAuth<?>)) {
|
||||
if (!(obj instanceof Optional<?>)) {
|
||||
logger.warn("Unexpected reusable auth property type {} : {}", obj.getClass(), obj);
|
||||
return Optional.empty();
|
||||
}
|
||||
@SuppressWarnings("unchecked") final ReusableAuth<T> reusableAuth = (ReusableAuth<T>) obj;
|
||||
if (readOnly) {
|
||||
return reusableAuth.ref();
|
||||
} else {
|
||||
return reusableAuth.mutableRef().map(writeRef -> {
|
||||
request.setProperty(WebSocketResourceProvider.RESOLVED_PRINCIPAL_PROPERTY, writeRef);
|
||||
return writeRef.ref();
|
||||
});
|
||||
}
|
||||
|
||||
//noinspection unchecked
|
||||
return (Optional<T>) obj;
|
||||
}
|
||||
|
||||
@Singleton
|
||||
|
||||
@@ -17,6 +17,7 @@ import io.dropwizard.jersey.DropwizardResourceConfig;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import java.io.IOException;
|
||||
import java.security.Principal;
|
||||
import java.util.Optional;
|
||||
import javax.security.auth.Subject;
|
||||
import org.eclipse.jetty.websocket.api.Session;
|
||||
import org.eclipse.jetty.websocket.server.JettyServerUpgradeRequest;
|
||||
@@ -26,7 +27,6 @@ import org.glassfish.jersey.server.ResourceConfig;
|
||||
import org.junit.jupiter.api.BeforeEach;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.whispersystems.websocket.auth.InvalidCredentialsException;
|
||||
import org.whispersystems.websocket.auth.PrincipalSupplier;
|
||||
import org.whispersystems.websocket.auth.AuthenticatedWebSocketUpgradeFilter;
|
||||
import org.whispersystems.websocket.auth.WebSocketAuthenticator;
|
||||
import org.whispersystems.websocket.configuration.WebSocketConfiguration;
|
||||
@@ -75,7 +75,7 @@ public class WebSocketResourceProviderFactoryTest {
|
||||
|
||||
when(environment.getAuthenticator()).thenReturn(authenticator);
|
||||
when(authenticator.authenticate(eq(request)))
|
||||
.thenReturn(ReusableAuth.authenticated(account, PrincipalSupplier.forImmutablePrincipal()));
|
||||
.thenReturn(Optional.of(account));
|
||||
when(environment.jersey()).thenReturn(jerseyEnvironment);
|
||||
final HttpServletRequest httpServletRequest = mock(HttpServletRequest.class);
|
||||
when(httpServletRequest.getAttribute(REMOTE_ADDRESS_PROPERTY_NAME)).thenReturn("127.0.0.1");
|
||||
@@ -129,8 +129,7 @@ public class WebSocketResourceProviderFactoryTest {
|
||||
@Test
|
||||
void testAuthenticatedWebSocketUpgradeFilter() throws InvalidCredentialsException {
|
||||
final Account account = new Account();
|
||||
final ReusableAuth<Account> reusableAuth =
|
||||
ReusableAuth.authenticated(account, PrincipalSupplier.forImmutablePrincipal());
|
||||
final Optional<Account> reusableAuth = Optional.of(account);
|
||||
|
||||
when(environment.getAuthenticator()).thenReturn(authenticator);
|
||||
when(authenticator.authenticate(eq(request))).thenReturn(reusableAuth);
|
||||
|
||||
@@ -59,7 +59,6 @@ import org.glassfish.jersey.server.ResourceConfig;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.mockito.ArgumentCaptor;
|
||||
import org.mockito.stubbing.Answer;
|
||||
import org.whispersystems.websocket.auth.PrincipalSupplier;
|
||||
import org.whispersystems.websocket.auth.WebsocketAuthValueFactoryProvider;
|
||||
import org.whispersystems.websocket.logging.WebsocketRequestLog;
|
||||
import org.whispersystems.websocket.messages.protobuf.ProtobufWebSocketMessageFactory;
|
||||
@@ -81,7 +80,7 @@ class WebSocketResourceProviderTest {
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME,
|
||||
applicationHandler, requestLog,
|
||||
immutableTestPrincipal("fooz"),
|
||||
Optional.of(new TestPrincipal("fooz")),
|
||||
new ProtobufWebSocketMessageFactory(),
|
||||
Optional.of(connectListener),
|
||||
Duration.ofMillis(30000));
|
||||
@@ -109,7 +108,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = mock(ApplicationHandler.class);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("foo"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("foo")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -186,7 +185,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = mock(ApplicationHandler.class);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("foo"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("foo")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -242,7 +241,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("foo"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("foo")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -282,7 +281,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("foo"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("foo")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -322,7 +321,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("authorizedUserName"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("authorizedUserName")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -362,7 +361,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, ReusableAuth.anonymous(),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.empty(),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -401,7 +400,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("something"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("something")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -441,7 +440,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, ReusableAuth.anonymous(),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.empty(),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -481,7 +480,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("gooduser"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("gooduser")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -522,7 +521,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("gooduser"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("gooduser")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -564,7 +563,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("gooduser"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("gooduser")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -604,7 +603,7 @@ class WebSocketResourceProviderTest {
|
||||
ApplicationHandler applicationHandler = new ApplicationHandler(resourceConfig);
|
||||
WebsocketRequestLog requestLog = mock(WebsocketRequestLog.class);
|
||||
WebSocketResourceProvider<TestPrincipal> provider = new WebSocketResourceProvider<>("127.0.0.1",
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, immutableTestPrincipal("gooduser"),
|
||||
REMOTE_ADDRESS_PROPERTY_NAME, applicationHandler, requestLog, Optional.of(new TestPrincipal("gooduser")),
|
||||
new ProtobufWebSocketMessageFactory(), Optional.empty(), Duration.ofMillis(30000));
|
||||
|
||||
Session session = mock(Session.class);
|
||||
@@ -729,10 +728,6 @@ class WebSocketResourceProviderTest {
|
||||
}
|
||||
}
|
||||
|
||||
public static ReusableAuth<TestPrincipal> immutableTestPrincipal(final String name) {
|
||||
return ReusableAuth.authenticated(new TestPrincipal(name), PrincipalSupplier.forImmutablePrincipal());
|
||||
}
|
||||
|
||||
public static class TestException extends Exception {
|
||||
|
||||
public TestException(String message) {
|
||||
|
||||
Reference in New Issue
Block a user