websocket支持在握手时鉴权

文档地址:https://www.yuque.com/yuanfangxiyang/ma4ytb/vvy3iz#mmdUX

README.md

@@ -137,3 +137,10 @@ CIM采用业内主流开源技术构建，易于扩展和使用，并完美支
 5.文档放到语雀在线文档
 6.其他30多处多处代码优化
 
+-------------------------------------------------------------------------------------------
+版本:4.1.0/时间:2022-02-15
+
+1.websocket支持在握手时鉴权验证
+2.websocketPath 由 "/" 变更为 ""  wss和ws链接地址后面不需要加/
+
+ 

cim-boot-server/pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>com.farsunset</groupId>
     <artifactId>cim-boot-server</artifactId>
-    <version>1.0.0</version>
+    <version>1.1.0</version>
 
     <parent>
         <groupId>org.springframework.boot</groupId>
@@ -17,8 +17,8 @@
 
     <properties>
         <java.version>1.8</java.version>
-        <netty.version>4.1.65.Final</netty.version>
+        <netty.version>4.1.70.Final</netty.version>
-        <protobuf.version>3.17.0</protobuf.version>
+        <protobuf.version>3.19.2</protobuf.version>
         <mysql.jdbc.version>8.0.22</mysql.jdbc.version>
         <common.pool.version>2.8.0</common.pool.version>
         <swagger.version>3.0.0</swagger.version>
@@ -62,10 +62,9 @@
         <dependency>
             <groupId>com.farsunset</groupId>
             <artifactId>cim-server-sdk</artifactId>
-            <version>4.0.0</version>
+            <version>4.1.0</version>
             <scope>system</scope>
-            <!-- mina 、netty版本 sdk任选其一 -->
+            <systemPath>${project.basedir}/libs/cim-server-sdk-netty-4.1.0.jar</systemPath>
-            <systemPath>${project.basedir}/libs/cim-server-sdk-netty-4.0.0.jar</systemPath>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>

cim-boot-server/src/main/java/com/farsunset/cim/component/predicate/HandshakePredicate.java

@@ -0,0 +1,31 @@
+package com.farsunset.cim.component.predicate;
+
+import com.farsunset.cim.sdk.server.handshake.HandshakeEvent;
+import org.springframework.stereotype.Component;
+
+import java.util.function.Predicate;
+
+/**
+ * WS链接握手鉴权验证
+ */
+@Component
+public class HandshakePredicate implements Predicate<HandshakeEvent> {
+
+    /**
+     *
+     * @param event
+     * @return true验证通过 false验证失败
+     */
+    @Override
+    public boolean test(HandshakeEvent event) {
+
+        /*
+            可通过header或者uri传递参数
+            String token = event.getHeader("token");
+            String token = event.getParameter("token");
+            do auth....
+         */
+
+        return true;
+    }
+}

cim-boot-server/src/main/java/com/farsunset/cim/config/CIMConfig.java

@@ -1,6 +1,7 @@
 package com.farsunset.cim.config;
 
 import com.farsunset.cim.component.handler.annotation.CIMHandler;
+import com.farsunset.cim.component.predicate.HandshakePredicate;
 import com.farsunset.cim.config.properties.CIMProperties;
 import com.farsunset.cim.sdk.server.group.SessionGroup;
 import com.farsunset.cim.sdk.server.group.TagSessionGroup;
@@ -43,11 +44,12 @@ public class CIMConfig implements CIMRequestHandler, ApplicationListener<Applica
 
 
 	@Bean(destroyMethod = "destroy")
-	public CIMNioSocketAcceptor getNioSocketAcceptor(CIMProperties properties) {
+	public CIMNioSocketAcceptor getNioSocketAcceptor(CIMProperties properties, HandshakePredicate handshakePredicate) {
 
 		return new CIMNioSocketAcceptor.Builder()
 				.setAppPort(properties.getAppPort())
 				.setWebsocketPort(properties.getWebsocketPort())
+				.setHandshakePredicate(handshakePredicate)
 				.setOuterRequestHandler(this)
 				.build();
 

cim-server-sdk/pom.xml

@@ -6,15 +6,15 @@
 
     <groupId>com.farsunset</groupId>
     <artifactId>cim-server-sdk-netty</artifactId>
-    <version>4.0.0</version>
+    <version>4.1.0</version>
     <packaging>jar</packaging>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
-        <protobuf.java.version>3.11.1</protobuf.java.version>
+        <protobuf.java.version>3.19.3</protobuf.java.version>
-        <netty.version>4.1.60.Final</netty.version>
+        <netty.version>4.1.70.Final</netty.version>
         <slf4j.version>1.7.30</slf4j.version>
     </properties>
 

cim-server-sdk/src/main/java/com/farsunset/cim/sdk/server/handler/CIMNioSocketAcceptor.java

@@ -27,6 +27,8 @@ import com.farsunset.cim.sdk.server.coder.WebMessageDecoder;
 import com.farsunset.cim.sdk.server.coder.WebMessageEncoder;
 import com.farsunset.cim.sdk.server.constant.CIMConstant;
 import com.farsunset.cim.sdk.server.constant.ChannelAttr;
+import com.farsunset.cim.sdk.server.handshake.HandshakeEvent;
+import com.farsunset.cim.sdk.server.handshake.HandshakeHandler;
 import com.farsunset.cim.sdk.server.model.Ping;
 import com.farsunset.cim.sdk.server.model.SentBody;
 import io.netty.bootstrap.ServerBootstrap;
@@ -50,6 +52,7 @@ import org.slf4j.LoggerFactory;
 import java.time.Duration;
 import java.util.concurrent.ThreadFactory;
 import java.util.concurrent.TimeUnit;
+import java.util.function.Predicate;
 
 @Sharable
 public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
@@ -68,6 +71,7 @@ public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
 	private final Integer appPort;
 	private final Integer webPort;
 	private final CIMRequestHandler outerRequestHandler;
+	private final HandshakeHandler handshakeHandler;
 
 	private final ChannelHandler loggingHandler = new LoggingHandler();
 
@@ -85,6 +89,7 @@ public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
 		this.webPort = builder.webPort;
 		this.appPort = builder.appPort;
 		this.outerRequestHandler = builder.outerRequestHandler;
+		this.handshakeHandler = new HandshakeHandler(builder.handshakePredicate);
 
 		bossThreadFactory = r -> {
 			Thread thread = new Thread(r);
@@ -183,8 +188,9 @@ public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
 			public void initChannel(SocketChannel ch){
 				ch.pipeline().addLast(new HttpServerCodec());
 				ch.pipeline().addLast(new ChunkedWriteHandler());
-				ch.pipeline().addLast(new HttpObjectAggregator(65536));
+				ch.pipeline().addLast(new HttpObjectAggregator(4 * 1024));
-				ch.pipeline().addLast(new WebSocketServerProtocolHandler("/",false));
+				ch.pipeline().addLast(new WebSocketServerProtocolHandler("",false));
+				ch.pipeline().addLast(handshakeHandler);
 				ch.pipeline().addLast(new WebMessageDecoder());
 				ch.pipeline().addLast(new WebMessageEncoder());
 				ch.pipeline().addLast(loggingHandler);
@@ -296,6 +302,7 @@ public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
 		private Integer appPort;
 		private Integer webPort;
 		private CIMRequestHandler outerRequestHandler;
+		private Predicate<HandshakeEvent> handshakePredicate;
 
 		public Builder setAppPort(Integer appPort) {
 			this.appPort = appPort;
@@ -315,6 +322,11 @@ public class CIMNioSocketAcceptor extends SimpleChannelInboundHandler<SentBody>{
 			return this;
 		}
 
+		public Builder setHandshakePredicate(Predicate<HandshakeEvent> handshakePredicate) {
+			this.handshakePredicate = handshakePredicate;
+			return this;
+		}
+
 		public CIMNioSocketAcceptor build(){
 			return new CIMNioSocketAcceptor(this);
 		}

cim-server-sdk/src/main/java/com/farsunset/cim/sdk/server/handshake/HandshakeEvent.java

@@ -0,0 +1,75 @@
+/*
+ * Copyright 2013-2019 Xia Jun(3979434@qq.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ ***************************************************************************************
+ *                                                                                     *
+ *                        Website : http://www.farsunset.com                           *
+ *                                                                                     *
+ ***************************************************************************************
+ */
+package com.farsunset.cim.sdk.server.handshake;
+
+import io.netty.handler.codec.http.HttpHeaders;
+import io.netty.handler.codec.http.QueryStringDecoder;
+import io.netty.handler.codec.http.websocketx.WebSocketServerProtocolHandler;
+
+import java.util.List;
+
+/**
+ * websocket客户端握手请求信息
+ * 用于在握手阶段鉴权
+ */
+public class HandshakeEvent {
+
+    private final String uri;
+
+    private final HttpHeaders header;
+
+    public HandshakeEvent(String uri, HttpHeaders header) {
+        this.uri = uri;
+        this.header = header;
+    }
+
+    public String getHeader(String name){
+        return header.get(name);
+    }
+
+    public List<String> getHeaders(String name){
+        return header.getAll(name);
+    }
+
+    public Integer getIntHeader(String name){
+        return header.getInt(name);
+    }
+
+    public String getParameter(String name){
+        QueryStringDecoder decoder = new QueryStringDecoder(uri);
+        List<String> valueList = decoder.parameters().get(name);
+        return valueList == null || valueList.isEmpty() ? null : valueList.get(0);
+    }
+
+    public List<String> getParameters(String name){
+        QueryStringDecoder decoder = new QueryStringDecoder(uri);
+        return decoder.parameters().get(name);
+    }
+
+    public String getUri() {
+        return uri;
+    }
+
+    public static HandshakeEvent of(WebSocketServerProtocolHandler.HandshakeComplete event){
+        return new HandshakeEvent(event.requestUri(),event.requestHeaders());
+    }
+}

cim-server-sdk/src/main/java/com/farsunset/cim/sdk/server/handshake/HandshakeHandler.java

@@ -0,0 +1,73 @@
+/*
+ * Copyright 2013-2019 Xia Jun(3979434@qq.com).
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ ***************************************************************************************
+ *                                                                                     *
+ *                        Website : http://www.farsunset.com                           *
+ *                                                                                     *
+ ***************************************************************************************
+ */
+package com.farsunset.cim.sdk.server.handshake;
+
+import io.netty.channel.ChannelFutureListener;
+import io.netty.channel.ChannelHandler;
+import io.netty.channel.ChannelHandlerContext;
+import io.netty.channel.ChannelInboundHandlerAdapter;
+import io.netty.handler.codec.http.HttpResponseStatus;
+import io.netty.handler.codec.http.websocketx.CloseWebSocketFrame;
+import io.netty.handler.codec.http.websocketx.WebSocketCloseStatus;
+import io.netty.handler.codec.http.websocketx.WebSocketServerProtocolHandler;
+
+import java.util.function.Predicate;
+
+/**
+ * WS握手时鉴权
+ */
+@ChannelHandler.Sharable
+public class HandshakeHandler extends ChannelInboundHandlerAdapter {
+
+    private final Predicate<HandshakeEvent> handshakePredicate;
+
+    private final WebSocketCloseStatus closeStatus = new WebSocketCloseStatus(HttpResponseStatus.UNAUTHORIZED.code(),HttpResponseStatus.UNAUTHORIZED.reasonPhrase());
+
+    public HandshakeHandler(Predicate<HandshakeEvent> handshakePredicate) {
+        this.handshakePredicate = handshakePredicate;
+    }
+
+    @Override
+     public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exception {
+
+        super.userEventTriggered(ctx, evt);
+
+        if (evt instanceof WebSocketServerProtocolHandler.HandshakeComplete) {
+            doAuthentication(ctx, (WebSocketServerProtocolHandler.HandshakeComplete) evt);
+        }
+
+    }
+
+    private void doAuthentication(ChannelHandlerContext context, WebSocketServerProtocolHandler.HandshakeComplete event) {
+
+        if (handshakePredicate == null) {
+            return;
+        }
+
+        /*
+         * 鉴权不通过，关闭链接
+         */
+        if (!handshakePredicate.test(HandshakeEvent.of(event))) {
+            context.channel().writeAndFlush(new CloseWebSocketFrame(closeStatus)).addListener(ChannelFutureListener.CLOSE);
+        }
+    }
+}

cim-server-sdk/src/main/java/com/farsunset/cim/sdk/server/model/ReplyBody.java

@@ -28,7 +28,6 @@ import java.io.Serializable;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
-import java.util.function.BiConsumer;
 
 /**
  * 请求应答对象