Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10494 from eclipse/jetty-12.0.x-10490-websocketServerUpgradeRequest 

Issue #10490 - fixes and testing for websocket JakartaServerUpgradeRequest
This commit is contained in:
Lachlan 2023-09-21 11:46:28 +10:00 committed by GitHub
parent aefa331aa4 665cae2ec2
commit 42468ae1bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 820 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
jetty-core/jetty-security/src/main/java/org/eclipse/jetty/security/internal/DeferredAuthenticationState.java
View File

@ -49,7 +49,7 @@ public class DeferredAuthenticationState implements AuthenticationState.Deferred
{
try
{
AuthenticationState authenticationState = _authenticator.validateRequest(request, __deferredResponse, null);
AuthenticationState authenticationState = _authenticator.validateRequest(request, __deferredResponse, Callback.NOOP);
if (authenticationState != null)
{
AuthenticationState.setAuthenticationState(request, authenticationState);

26
jetty-ee10/jetty-ee10-websocket/jetty-ee10-websocket-jakarta-server/src/main/java/org/eclipse/jetty/ee10/websocket/jakarta/server/internal/JakartaServerUpgradeRequest.java
View File

@ -16,35 +16,45 @@ package org.eclipse.jetty.ee10.websocket.jakarta.server.internal;
import java.net.URI;
import java.security.Principal;
import jakarta.servlet.http.HttpServletRequest;
import org.eclipse.jetty.ee10.websocket.jakarta.common.UpgradeRequest;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.http.HttpURI;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.websocket.core.WebSocketConstants;
import org.eclipse.jetty.websocket.core.server.ServerUpgradeRequest;
import static org.eclipse.jetty.util.URIUtil.addEncodedPaths;
import static org.eclipse.jetty.util.URIUtil.encodePath;
public class JakartaServerUpgradeRequest implements UpgradeRequest
{
private final ServerUpgradeRequest servletRequest;
private final HttpServletRequest _servletRequest;
private final Principal _userPrincipal;
public JakartaServerUpgradeRequest(ServerUpgradeRequest servletRequest)
public JakartaServerUpgradeRequest(ServerUpgradeRequest upgradeRequest)
{
this.servletRequest = servletRequest;
_servletRequest = (HttpServletRequest)upgradeRequest.getAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_REQUEST_ATTRIBUTE);
_userPrincipal = _servletRequest.getUserPrincipal();
}
@Override
public Principal getUserPrincipal()
{
// TODO
return null;
return _userPrincipal;
}
@Override
public URI getRequestURI()
{
return servletRequest.getHttpURI().toURI();
return HttpURI.build(_servletRequest.getRequestURI())
.path(addEncodedPaths(_servletRequest.getContextPath(), getPathInContext()))
.query(_servletRequest.getQueryString())
.asImmutable().toURI();
}
@Override
public String getPathInContext()
{
return Request.getPathInContext(servletRequest);
return encodePath(URIUtil.addPaths(_servletRequest.getServletPath(), _servletRequest.getPathInfo()));
}
}

189
jetty-ee10/jetty-ee10-websocket/jetty-ee10-websocket-jakarta-tests/src/test/java/org/eclipse/jetty/ee10/websocket/jakarta/tests/ServerUpgradeRequestTest.java Normal file
View File

@ -0,0 +1,189 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.ee10.websocket.jakarta.tests;
import java.net.URI;
import java.util.List;
import java.util.concurrent.TimeUnit;
import jakarta.websocket.CloseReason;
import jakarta.websocket.OnOpen;
import jakarta.websocket.Session;
import jakarta.websocket.server.ServerEndpoint;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.security.ConstraintMapping;
import org.eclipse.jetty.ee10.servlet.security.ConstraintSecurityHandler;
import org.eclipse.jetty.ee10.websocket.jakarta.client.JakartaWebSocketClientContainer;
import org.eclipse.jetty.ee10.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.security.AuthenticationState;
import org.eclipse.jetty.security.Constraint;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.RolePrincipal;
import org.eclipse.jetty.security.UserIdentity;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.security.Credential;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class ServerUpgradeRequestTest
{
private Server _server;
private ServerConnector _connector;
private JakartaWebSocketClientContainer _client;
@ServerEndpoint("/ws")
public static class MyEndpoint
{
@OnOpen
public void onOpen(Session session) throws Exception
{
session.getBasicRemote().sendText("userPrincipal=" + session.getUserPrincipal());
session.getBasicRemote().sendText("requestURI=" + session.getRequestURI());
session.close();
}
}
private static class TestLoginService extends AbstractLoginService
{
public TestLoginService(IdentityService identityService)
{
setIdentityService(identityService);
}
@Override
protected List<RolePrincipal> loadRoleInfo(UserPrincipal user)
{
return List.of();
}
@Override
protected UserPrincipal loadUserInfo(String username)
{
return new UserPrincipal(username, null)
{
@Override
public boolean authenticate(Object credentials)
{
return true;
}
@Override
public boolean authenticate(Credential c)
{
return true;
}
@Override
public boolean authenticate(UserPrincipal u)
{
return true;
}
};
}
}
private static class TestAuthenticator extends LoginAuthenticator
{
@Override
public String getAuthenticationType()
{
return "TEST";
}
@Override
public AuthenticationState validateRequest(Request request, Response response, Callback callback)
{
UserIdentity user = login("user123", null, request, response);
if (user != null)
return new UserAuthenticationSucceeded(getAuthenticationType(), user);
Response.writeError(request, response, callback, HttpStatus.FORBIDDEN_403);
return AuthenticationState.SEND_FAILURE;
}
}
@BeforeEach
public void before() throws Exception
{
_server = new Server();
_connector = new ServerConnector(_server);
_server.addConnector(_connector);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setContextPath("/context1");
JakartaWebSocketServletContainerInitializer.configure(contextHandler, ((servletContext, serverContainer) ->
{
serverContainer.addEndpoint(MyEndpoint.class);
}));
_server.setHandler(contextHandler);
DefaultIdentityService identityService = new DefaultIdentityService();
LoginService loginService = new TestLoginService(identityService);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
constraintMapping.setConstraint(Constraint.ANY_USER);
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setConstraintMappings(List.of(constraintMapping));
securityHandler.setLoginService(loginService);
securityHandler.setIdentityService(identityService);
contextHandler.setSecurityHandler(securityHandler);
securityHandler.setAuthenticator(new TestAuthenticator());
_server.start();
_client = new JakartaWebSocketClientContainer();
_client.start();
}
@AfterEach
public void after() throws Exception
{
_client.stop();
_server.stop();
}
@Test
public void test() throws Exception
{
URI uri = URI.create("ws://localhost:" + _connector.getLocalPort() + "/context1/ws");
EventSocket clientEndpoint = new EventSocket();
assertNotNull(_client.connectToServer(clientEndpoint, uri));
String msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("userPrincipal=user123"));
msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("requestURI=ws://localhost:" + _connector.getLocalPort() + "/context1/ws"));
assertTrue(clientEndpoint.closeLatch.await(5, TimeUnit.SECONDS));
assertThat(clientEndpoint.closeReason.getCloseCode(), equalTo(CloseReason.CloseCodes.NORMAL_CLOSURE));
}
}

4
jetty-ee10/jetty-ee10-websocket/jetty-ee10-websocket-jetty-server/src/main/java/org/eclipse/jetty/ee10/websocket/server/internal/DelegatedServerUpgradeRequest.java
View File

@ -46,6 +46,7 @@ public class DelegatedServerUpgradeRequest implements JettyServerUpgradeRequest
private final String queryString;
private final ServerUpgradeRequest upgradeRequest;
private final HttpServletRequest httpServletRequest;
private final Principal userPrincipal;
private List<HttpCookie> cookies;
private Map<String, List<String>> parameterMap;
@ -55,6 +56,7 @@ public class DelegatedServerUpgradeRequest implements JettyServerUpgradeRequest
.getAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_REQUEST_ATTRIBUTE);
this.upgradeRequest = request;
this.queryString = httpServletRequest.getQueryString();
this.userPrincipal = httpServletRequest.getUserPrincipal();
try
{
@ -205,7 +207,7 @@ public class DelegatedServerUpgradeRequest implements JettyServerUpgradeRequest
@Override
public Principal getUserPrincipal()
{
return httpServletRequest.getUserPrincipal();
return userPrincipal;
}
@Override

199
jetty-ee10/jetty-ee10-websocket/jetty-ee10-websocket-jetty-tests/src/test/java/org/eclipse/jetty/ee10/websocket/tests/ServerUpgradeRequestTest.java Normal file
View File

@ -0,0 +1,199 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.ee10.websocket.tests;
import java.net.URI;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.eclipse.jetty.ee10.servlet.ServletContextHandler;
import org.eclipse.jetty.ee10.servlet.security.ConstraintMapping;
import org.eclipse.jetty.ee10.servlet.security.ConstraintSecurityHandler;
import org.eclipse.jetty.ee10.websocket.server.config.JettyWebSocketServletContainerInitializer;
import org.eclipse.jetty.http.HttpStatus;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.security.AuthenticationState;
import org.eclipse.jetty.security.Constraint;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.RolePrincipal;
import org.eclipse.jetty.security.UserIdentity;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.Callback;
import org.eclipse.jetty.util.security.Credential;
import org.eclipse.jetty.websocket.api.Session;
import org.eclipse.jetty.websocket.api.StatusCode;
import org.eclipse.jetty.websocket.api.UpgradeRequest;
import org.eclipse.jetty.websocket.api.annotations.OnWebSocketError;
import org.eclipse.jetty.websocket.api.annotations.OnWebSocketOpen;
import org.eclipse.jetty.websocket.api.annotations.WebSocket;
import org.eclipse.jetty.websocket.client.WebSocketClient;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.eclipse.jetty.websocket.api.Callback.NOOP;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class ServerUpgradeRequestTest
{
private Server _server;
private ServerConnector _connector;
private WebSocketClient _client;
@WebSocket
public static class MyEndpoint
{
@OnWebSocketOpen
public void onOpen(Session session) throws Exception
{
UpgradeRequest upgradeRequest = session.getUpgradeRequest();
session.sendText("userPrincipal=" + upgradeRequest.getUserPrincipal(), NOOP);
session.sendText("requestURI=" + upgradeRequest.getRequestURI(), NOOP);
session.close();
}
@OnWebSocketError
public void onError(Throwable t)
{
t.printStackTrace();
}
}
private static class TestLoginService extends AbstractLoginService
{
public TestLoginService(IdentityService identityService)
{
setIdentityService(identityService);
}
@Override
protected List<RolePrincipal> loadRoleInfo(UserPrincipal user)
{
return List.of();
}
@Override
protected UserPrincipal loadUserInfo(String username)
{
return new UserPrincipal(username, null)
{
@Override
public boolean authenticate(Object credentials)
{
return true;
}
@Override
public boolean authenticate(Credential c)
{
return true;
}
@Override
public boolean authenticate(UserPrincipal u)
{
return true;
}
};
}
}
private static class TestAuthenticator extends LoginAuthenticator
{
@Override
public String getAuthenticationType()
{
return "TEST";
}
@Override
public AuthenticationState validateRequest(Request request, Response response, Callback callback)
{
UserIdentity user = login("user123", null, request, response);
if (user != null)
return new UserAuthenticationSucceeded(getAuthenticationType(), user);
Response.writeError(request, response, callback, HttpStatus.FORBIDDEN_403);
return AuthenticationState.SEND_FAILURE;
}
}
@BeforeEach
public void before() throws Exception
{
_server = new Server();
_connector = new ServerConnector(_server);
_server.addConnector(_connector);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setContextPath("/context1");
JettyWebSocketServletContainerInitializer.configure(contextHandler, ((servletContext, serverContainer) ->
{
serverContainer.addMapping("/ws", MyEndpoint.class);
}));
_server.setHandler(contextHandler);
DefaultIdentityService identityService = new DefaultIdentityService();
LoginService loginService = new TestLoginService(identityService);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
constraintMapping.setConstraint(Constraint.ANY_USER);
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setConstraintMappings(List.of(constraintMapping));
securityHandler.setLoginService(loginService);
securityHandler.setIdentityService(identityService);
contextHandler.setSecurityHandler(securityHandler);
securityHandler.setAuthenticator(new TestAuthenticator());
_server.start();
_client = new WebSocketClient();
_client.start();
}
@AfterEach
public void after() throws Exception
{
_client.stop();
_server.stop();
}
@Test
public void test() throws Exception
{
URI uri = URI.create("ws://localhost:" + _connector.getLocalPort() + "/context1/ws");
EventSocket clientEndpoint = new EventSocket();
assertNotNull(_client.connect(clientEndpoint, uri));
String msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("userPrincipal=user123"));
msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("requestURI=ws://localhost:" + _connector.getLocalPort() + "/context1/ws"));
assertTrue(clientEndpoint.closeLatch.await(5, TimeUnit.SECONDS));
assertThat(clientEndpoint.closeCode, equalTo(StatusCode.NORMAL));
}
}

27
jetty-ee9/jetty-ee9-websocket/jetty-ee9-websocket-jakarta-server/src/main/java/org/eclipse/jetty/ee9/websocket/jakarta/server/internal/JakartaServerUpgradeRequest.java
View File

@ -16,36 +16,45 @@ package org.eclipse.jetty.ee9.websocket.jakarta.server.internal;
import java.net.URI;
import java.security.Principal;
import jakarta.servlet.http.HttpServletRequest;
import org.eclipse.jetty.ee9.websocket.jakarta.common.UpgradeRequest;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.http.HttpURI;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.websocket.core.WebSocketConstants;
import org.eclipse.jetty.websocket.core.server.ServerUpgradeRequest;
import static org.eclipse.jetty.util.URIUtil.addEncodedPaths;
import static org.eclipse.jetty.util.URIUtil.encodePath;
public class JakartaServerUpgradeRequest implements UpgradeRequest
{
private final ServerUpgradeRequest servletRequest;
private final HttpServletRequest _servletRequest;
private final Principal _userPrincipal;
public JakartaServerUpgradeRequest(ServerUpgradeRequest servletRequest)
public JakartaServerUpgradeRequest(ServerUpgradeRequest upgradeRequest)
{
this.servletRequest = servletRequest;
_servletRequest = (HttpServletRequest)upgradeRequest.getAttribute(WebSocketConstants.WEBSOCKET_WRAPPED_REQUEST_ATTRIBUTE);
_userPrincipal = _servletRequest.getUserPrincipal();
}
@Override
public Principal getUserPrincipal()
{
// TODO: keep the wrapped request and ask it for user principal.
return null;
return _userPrincipal;
}
@Override
public URI getRequestURI()
{
// TODO: keep the wrapped request and ask it for request URI.
return null;
return HttpURI.build(_servletRequest.getRequestURI())
.path(addEncodedPaths(_servletRequest.getContextPath(), getPathInContext()))
.query(_servletRequest.getQueryString())
.asImmutable().toURI();
}
@Override
public String getPathInContext()
{
return Request.getPathInContext(servletRequest);
return encodePath(URIUtil.addPaths(_servletRequest.getServletPath(), _servletRequest.getPathInfo()));
}
}

195
jetty-ee9/jetty-ee9-websocket/jetty-ee9-websocket-jakarta-tests/src/test/java/org/eclipse/jetty/ee9/websocket/jakarta/tests/ServerUpgradeRequestTest.java Normal file
View File

@ -0,0 +1,195 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.ee9.websocket.jakarta.tests;
import java.net.URI;
import java.util.List;
import java.util.concurrent.TimeUnit;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.websocket.CloseReason;
import jakarta.websocket.OnOpen;
import jakarta.websocket.Session;
import jakarta.websocket.server.ServerEndpoint;
import org.eclipse.jetty.ee9.nested.Authentication;
import org.eclipse.jetty.ee9.nested.ServletConstraint;
import org.eclipse.jetty.ee9.security.ConstraintMapping;
import org.eclipse.jetty.ee9.security.ConstraintSecurityHandler;
import org.eclipse.jetty.ee9.security.ServerAuthException;
import org.eclipse.jetty.ee9.security.UserAuthentication;
import org.eclipse.jetty.ee9.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.ee9.servlet.ServletContextHandler;
import org.eclipse.jetty.ee9.websocket.jakarta.client.JakartaWebSocketClientContainer;
import org.eclipse.jetty.ee9.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.RolePrincipal;
import org.eclipse.jetty.security.UserIdentity;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.security.Credential;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.eclipse.jetty.ee9.nested.ServletConstraint.ANY_AUTH;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class ServerUpgradeRequestTest
{
private Server _server;
private ServerConnector _connector;
private JakartaWebSocketClientContainer _client;
@ServerEndpoint("/ws")
public static class MyEndpoint
{
@OnOpen
public void onOpen(Session session) throws Exception
{
session.getBasicRemote().sendText("userPrincipal=" + session.getUserPrincipal());
session.getBasicRemote().sendText("requestURI=" + session.getRequestURI());
session.close();
}
}
private static class TestLoginService extends AbstractLoginService
{
public TestLoginService(IdentityService identityService)
{
setIdentityService(identityService);
}
@Override
protected List<RolePrincipal> loadRoleInfo(UserPrincipal user)
{
return List.of();
}
@Override
protected UserPrincipal loadUserInfo(String username)
{
return new UserPrincipal(username, null)
{
@Override
public boolean authenticate(Object credentials)
{
return true;
}
@Override
public boolean authenticate(Credential c)
{
return true;
}
@Override
public boolean authenticate(UserPrincipal u)
{
return true;
}
};
}
}
private static class TestAuthenticator extends LoginAuthenticator
{
@Override
public String getAuthMethod()
{
return "TEST";
}
@Override
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
{
UserIdentity user = login("user123", null, request);
if (user != null)
return new UserAuthentication("TEST", user);
return Authentication.UNAUTHENTICATED;
}
@Override
public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
{
return request.isSecure();
}
}
@BeforeEach
public void before() throws Exception
{
_server = new Server();
_connector = new ServerConnector(_server);
_server.addConnector(_connector);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setContextPath("/context1");
JakartaWebSocketServletContainerInitializer.configure(contextHandler, ((servletContext, serverContainer) ->
{
serverContainer.addEndpoint(MyEndpoint.class);
}));
_server.setHandler(contextHandler);
DefaultIdentityService identityService = new DefaultIdentityService();
LoginService loginService = new TestLoginService(identityService);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
constraintMapping.setConstraint(new ServletConstraint("constraint1", ANY_AUTH));
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setConstraintMappings(List.of(constraintMapping));
securityHandler.setLoginService(loginService);
securityHandler.setIdentityService(identityService);
contextHandler.setSecurityHandler(securityHandler);
securityHandler.setAuthenticator(new TestAuthenticator());
_server.start();
_client = new JakartaWebSocketClientContainer();
_client.start();
}
@AfterEach
public void after() throws Exception
{
_client.stop();
_server.stop();
}
@Test
public void test() throws Exception
{
URI uri = URI.create("ws://localhost:" + _connector.getLocalPort() + "/context1/ws");
EventSocket clientEndpoint = new EventSocket();
assertNotNull(_client.connectToServer(clientEndpoint, uri));
String msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("userPrincipal=user123"));
msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("requestURI=ws://localhost:" + _connector.getLocalPort() + "/context1/ws"));
assertTrue(clientEndpoint.closeLatch.await(5, TimeUnit.SECONDS));
assertThat(clientEndpoint.closeReason.getCloseCode(), equalTo(CloseReason.CloseCodes.NORMAL_CLOSURE));
}
}

197
jetty-ee9/jetty-ee9-websocket/jetty-ee9-websocket-jetty-tests/src/test/java/org/eclipse/jetty/ee9/websocket/tests/ServerUpgradeRequestTest.java Normal file
View File

@ -0,0 +1,197 @@
//
// ========================================================================
// Copyright (c) 1995 Mort Bay Consulting Pty Ltd and others.
//
// This program and the accompanying materials are made available under the
// terms of the Eclipse Public License v. 2.0 which is available at
// https://www.eclipse.org/legal/epl-2.0, or the Apache License, Version 2.0
// which is available at https://www.apache.org/licenses/LICENSE-2.0.
//
// SPDX-License-Identifier: EPL-2.0 OR Apache-2.0
// ========================================================================
//
package org.eclipse.jetty.ee9.websocket.tests;
import java.net.URI;
import java.util.List;
import java.util.concurrent.TimeUnit;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import org.eclipse.jetty.ee9.nested.Authentication;
import org.eclipse.jetty.ee9.nested.ServletConstraint;
import org.eclipse.jetty.ee9.security.ConstraintMapping;
import org.eclipse.jetty.ee9.security.ConstraintSecurityHandler;
import org.eclipse.jetty.ee9.security.ServerAuthException;
import org.eclipse.jetty.ee9.security.UserAuthentication;
import org.eclipse.jetty.ee9.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.ee9.servlet.ServletContextHandler;
import org.eclipse.jetty.ee9.websocket.api.Session;
import org.eclipse.jetty.ee9.websocket.api.StatusCode;
import org.eclipse.jetty.ee9.websocket.api.UpgradeRequest;
import org.eclipse.jetty.ee9.websocket.api.annotations.OnWebSocketConnect;
import org.eclipse.jetty.ee9.websocket.api.annotations.WebSocket;
import org.eclipse.jetty.ee9.websocket.client.WebSocketClient;
import org.eclipse.jetty.ee9.websocket.server.config.JettyWebSocketServletContainerInitializer;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.security.DefaultIdentityService;
import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.RolePrincipal;
import org.eclipse.jetty.security.UserIdentity;
import org.eclipse.jetty.security.UserPrincipal;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.util.security.Credential;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.equalTo;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
public class ServerUpgradeRequestTest
{
private Server _server;
private ServerConnector _connector;
private WebSocketClient _client;
@WebSocket
public static class MyEndpoint
{
@OnWebSocketConnect
public void onOpen(Session session) throws Exception
{
UpgradeRequest upgradeRequest = session.getUpgradeRequest();
session.getRemote().sendString("userPrincipal=" + upgradeRequest.getUserPrincipal());
session.getRemote().sendString("requestURI=" + upgradeRequest.getRequestURI());
session.close();
}
}
private static class TestLoginService extends AbstractLoginService
{
public TestLoginService(IdentityService identityService)
{
setIdentityService(identityService);
}
@Override
protected List<RolePrincipal> loadRoleInfo(UserPrincipal user)
{
return List.of();
}
@Override
protected UserPrincipal loadUserInfo(String username)
{
return new UserPrincipal(username, null)
{
@Override
public boolean authenticate(Object credentials)
{
return true;
}
@Override
public boolean authenticate(Credential c)
{
return true;
}
@Override
public boolean authenticate(UserPrincipal u)
{
return true;
}
};
}
}
private static class TestAuthenticator extends LoginAuthenticator
{
@Override
public String getAuthMethod()
{
return "TEST";
}
@Override
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
{
UserIdentity user = login("user123", null, request);
if (user != null)
return new UserAuthentication("TEST", user);
return Authentication.UNAUTHENTICATED;
}
@Override
public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException
{
return request.isSecure();
}
}
@BeforeEach
public void before() throws Exception
{
_server = new Server();
_connector = new ServerConnector(_server);
_server.addConnector(_connector);
ServletContextHandler contextHandler = new ServletContextHandler();
contextHandler.setContextPath("/context1");
JettyWebSocketServletContainerInitializer.configure(contextHandler, ((servletContext, serverContainer) ->
{
serverContainer.addMapping("/ws", MyEndpoint.class);
}));
_server.setHandler(contextHandler);
DefaultIdentityService identityService = new DefaultIdentityService();
LoginService loginService = new TestLoginService(identityService);
ConstraintMapping constraintMapping = new ConstraintMapping();
constraintMapping.setPathSpec("/*");
constraintMapping.setConstraint(new ServletConstraint("any_user", "**"));
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
securityHandler.setConstraintMappings(List.of(constraintMapping));
securityHandler.setLoginService(loginService);
securityHandler.setIdentityService(identityService);
contextHandler.setSecurityHandler(securityHandler);
securityHandler.setAuthenticator(new TestAuthenticator());
_server.start();
_client = new WebSocketClient();
_client.start();
}
@AfterEach
public void after() throws Exception
{
_client.stop();
_server.stop();
}
@Test
public void test() throws Exception
{
URI uri = URI.create("ws://localhost:" + _connector.getLocalPort() + "/context1/ws");
EventSocket clientEndpoint = new EventSocket();
assertNotNull(_client.connect(clientEndpoint, uri));
String msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("userPrincipal=user123"));
msg = clientEndpoint.textMessages.poll(5, TimeUnit.SECONDS);
assertThat(msg, equalTo("requestURI=ws://localhost:" + _connector.getLocalPort() + "/context1/ws"));
assertTrue(clientEndpoint.closeLatch.await(5, TimeUnit.SECONDS));
assertThat(clientEndpoint.closeCode, equalTo(StatusCode.NORMAL));
}
}