Server SDK 优化Websocket鉴权机制，在握手之前鉴权。

2025-08-02 12:44:50 +08:00 · 2024-06-05 14:13:56 +08:00 · 2024-06-05 14:13:56 +08:00 · baa536f442
commit baa536f442
parent 62fc15b33b
9 changed files with 12 additions and 236 deletions
--- a/README.md
+++ b/README.md
@ -161,7 +161,7 @@ https://www.yuque.com/yuanfangxiyang/ma4ytb/vvy3iz/edit#nnzKN
 <dependency>
   <groupId>com.farsunset</groupId>
   <artifactId>cim-server-sdk-netty</artifactId>
-   <version>4.2.6</version>
+   <version>4.2.7</version>
 </dependency>
 ```
--- a/cim-boot-server/pom.xml
+++ b/cim-boot-server/pom.xml
@ -67,7 +67,7 @@
        <dependency>
            <groupId>com.farsunset</groupId>
            <artifactId>cim-server-sdk-netty</artifactId>
-            <version>4.2.7-SNAPSHOT</version>
+            <version>4.2.7</version>
        </dependency>
        <dependency>
            <groupId>org.apache.commons</groupId>
--- a/cim-boot-server/src/main/java/com/farsunset/cim/component/predicate/HandshakePredicate.java
+++ b/cim-boot-server/src/main/java/com/farsunset/cim/component/predicate/HandshakePredicate.java
@ -1,54 +0,0 @@
 /*
 * Copyright 2013-2022 Xia Jun(3979434@qq.com).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 ***************************************************************************************
 *                                                                                     *
 *                        Website : http://www.farsunset.com                           *
 *                                                                                     *
 ***************************************************************************************
 */
 package com.farsunset.cim.component.predicate;
 import com.farsunset.cim.handshake.HandshakeEvent;
 import org.springframework.stereotype.Component;
 import java.util.function.Predicate;
 /**
 * WS链接握手鉴权验证
 */
@Deprecated
@Component
 public class HandshakePredicate implements Predicate<HandshakeEvent> {
    /**
     * 验证身份信息，本方法切勿进行耗时操作！！！
     * @param event
     * @return true验证通过 false验证失败
     */
    @Override
    public boolean test(HandshakeEvent event) {
        /*
            可通过header或者uri传递参数
            String token = event.getHeader("token");
            String token = event.getParameter("token");
            do auth....
         */
        return true;
    }
 }
--- a/cim-client-sdk/cim-android-sdk/pom.xml
+++ b/cim-client-sdk/cim-android-sdk/pom.xml
@ -61,7 +61,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-source-plugin</artifactId>
-                        <version>2.2.1</version>
+                        <version>3.3.1</version>
                        <executions>
                            <execution>
                                <phase>package</phase>
@ -98,7 +98,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-gpg-plugin</artifactId>
-                        <version>1.6</version>
+                        <version>3.2.4</version>
                        <executions>
                            <execution>
                                <phase>verify</phase>
@ -112,7 +112,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-compiler-plugin</artifactId>
-                        <version>3.8.1</version>
+                        <version>3.13.0</version>
                        <configuration>
                            <source>1.8</source>
                            <target>1.8</target>
@ -125,7 +125,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-release-plugin</artifactId>
-                        <version>2.5.1</version>
+                        <version>3.0.1</version>
                    </plugin>
                </plugins>
            </build>
--- a/cim-server-sdk/pom.xml
+++ b/cim-server-sdk/pom.xml
@ -6,7 +6,7 @@
    <groupId>com.farsunset</groupId>
    <artifactId>cim-server-sdk-netty</artifactId>
-    <version>4.2.7-SNAPSHOT</version>
+    <version>4.2.7</version>
    <packaging>jar</packaging>
    <name>${project.groupId}:${project.artifactId}</name>
@ -109,7 +109,7 @@
                        <version>2.2.1</version>
                        <executions>
                            <execution>
-                                <phase>package</phase>
+                                <id>attach-sources</id>
                                <goals>
                                    <goal>jar-no-fork</goal>
                                </goals>
@ -143,7 +143,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-gpg-plugin</artifactId>
-                        <version>1.6</version>
+                        <version>3.2.4</version>
                        <executions>
                            <execution>
                                <phase>verify</phase>
@ -157,7 +157,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-compiler-plugin</artifactId>
-                        <version>3.8.1</version>
+                        <version>3.13.0</version>
                        <configuration>
                            <source>1.8</source>
                            <target>1.8</target>
@ -170,7 +170,7 @@
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-release-plugin</artifactId>
-                        <version>2.5.1</version>
+                        <version>3.0.1</version>
                    </plugin>
                </plugins>
            </build>
--- a/cim-server-sdk/release.sh
+++ b/cim-server-sdk/release.sh
@ -1 +1 @@
-mvn clean install deploy -P release
+mvn clean install deploy -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true  -P release
--- a/cim-server-sdk/src/main/java/com/farsunset/cim/acceptor/config/WebsocketConfig.java
+++ b/cim-server-sdk/src/main/java/com/farsunset/cim/acceptor/config/WebsocketConfig.java
@ -23,7 +23,6 @@ package com.farsunset.cim.acceptor.config;
 import com.farsunset.cim.auth.AuthPredicateInfo;
 import com.farsunset.cim.constant.WebsocketProtocol;
 import com.farsunset.cim.handshake.HandshakeEvent;
 import java.util.function.Predicate;
@ -48,12 +47,6 @@ public class WebsocketConfig extends SocketConfig{
     */
    private WebsocketProtocol protocol;
    /**
     * websocket鉴权实现
     */
    @Deprecated
    private Predicate<HandshakeEvent> handshakePredicate;
    /**
     * 鉴权实现
     */
@ -73,10 +66,6 @@ public class WebsocketConfig extends SocketConfig{
        return protocol == null ? DEFAULT_PROTOCOL : protocol;
    }
    public Predicate<HandshakeEvent> getHandshakePredicate() {
        return handshakePredicate;
    }
    public void setPath(String path) {
        this.path = path;
    }
@ -85,11 +74,6 @@ public class WebsocketConfig extends SocketConfig{
        this.protocol = protocol;
    }
    public void setHandshakePredicate(Predicate<HandshakeEvent> handshakePredicate) {
        this.handshakePredicate = handshakePredicate;
    }
    public void setAuthPredicate(Predicate<AuthPredicateInfo> authPredicate) {
        this.authPredicate = authPredicate;
    }
--- a/cim-server-sdk/src/main/java/com/farsunset/cim/handshake/HandshakeEvent.java
+++ b/cim-server-sdk/src/main/java/com/farsunset/cim/handshake/HandshakeEvent.java
@ -1,76 +0,0 @@
 /*
 * Copyright 2013-2022 Xia Jun(3979434@qq.com).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 ***************************************************************************************
 *                                                                                     *
 *                        Website : http://www.farsunset.com                           *
 *                                                                                     *
 ***************************************************************************************
 */
 package com.farsunset.cim.handshake;
 import io.netty.handler.codec.http.HttpHeaders;
 import io.netty.handler.codec.http.QueryStringDecoder;
 import io.netty.handler.codec.http.websocketx.WebSocketServerProtocolHandler;
 import java.util.List;
 /**
 * websocket客户端握手请求信息
 * 用于在握手阶段鉴权
 */
@Deprecated
 public class HandshakeEvent {
    private final String uri;
    private final HttpHeaders header;
    public HandshakeEvent(String uri, HttpHeaders header) {
        this.uri = uri;
        this.header = header;
    }
    public String getHeader(String name){
        return header.get(name);
    }
    public List<String> getHeaders(String name){
        return header.getAll(name);
    }
    public Integer getIntHeader(String name){
        return header.getInt(name);
    }
    public String getParameter(String name){
        QueryStringDecoder decoder = new QueryStringDecoder(uri);
        List<String> valueList = decoder.parameters().get(name);
        return valueList == null || valueList.isEmpty() ? null : valueList.get(0);
    }
    public List<String> getParameters(String name){
        QueryStringDecoder decoder = new QueryStringDecoder(uri);
        return decoder.parameters().get(name);
    }
    public String getUri() {
        return uri;
    }
    public static HandshakeEvent of(WebSocketServerProtocolHandler.HandshakeComplete event){
        return new HandshakeEvent(event.requestUri(),event.requestHeaders());
    }
 }
--- a/cim-server-sdk/src/main/java/com/farsunset/cim/handshake/HandshakeHandler.java
+++ b/cim-server-sdk/src/main/java/com/farsunset/cim/handshake/HandshakeHandler.java
@ -1,78 +0,0 @@
 /*
 * Copyright 2013-2022 Xia Jun(3979434@qq.com).
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 ***************************************************************************************
 *                                                                                     *
 *                        Website : http://www.farsunset.com                           *
 *                                                                                     *
 ***************************************************************************************
 */
 package com.farsunset.cim.handshake;
 import com.farsunset.cim.constant.CIMConstant;
 import com.farsunset.cim.model.ReplyBody;
 import io.netty.channel.ChannelFutureListener;
 import io.netty.channel.ChannelHandler;
 import io.netty.channel.ChannelHandlerContext;
 import io.netty.channel.ChannelInboundHandlerAdapter;
 import io.netty.handler.codec.http.HttpResponseStatus;
 import io.netty.handler.codec.http.websocketx.WebSocketServerProtocolHandler;
 import java.util.function.Predicate;
 /**
 * WS握手时鉴权
 */
@Deprecated
@ChannelHandler.Sharable
 public class HandshakeHandler extends ChannelInboundHandlerAdapter {
    /*
     *认证失败，返回replyBody给客户端
     */
    private final ReplyBody failedBody = ReplyBody.make(CIMConstant.CLIENT_HANDSHAKE,
            HttpResponseStatus.UNAUTHORIZED.code(),
            HttpResponseStatus.UNAUTHORIZED.reasonPhrase());
    private final Predicate<HandshakeEvent> handshakePredicate;
    public HandshakeHandler(Predicate<HandshakeEvent> handshakePredicate) {
        this.handshakePredicate = handshakePredicate;
    }
    @Override
    public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
        super.userEventTriggered(ctx, evt);
        if (evt instanceof WebSocketServerProtocolHandler.HandshakeComplete) {
            doAuthentication(ctx, (WebSocketServerProtocolHandler.HandshakeComplete) evt);
        }
    }
    private void doAuthentication(ChannelHandlerContext context, WebSocketServerProtocolHandler.HandshakeComplete event) {
        if (handshakePredicate == null) {
            return;
        }
        /*
         * 鉴权不通过，发送响应体并关闭链接
         */
        if (!handshakePredicate.test(HandshakeEvent.of(event))) {
            context.channel().writeAndFlush(failedBody).addListener(ChannelFutureListener.CLOSE);
        }
    }
 }
		`@ -1 +1 @@`
			`mvn clean install deploy -P release`				`mvn clean install deploy -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true -P release`