Examples with BearerTokenMetadata - com.alibaba.rsocket.metadata.BearerTokenMetadata

Example 1 with BearerTokenMetadata

use of com.alibaba.rsocket.metadata.BearerTokenMetadata in project alibaba-rsocket-broker by alibaba.

the class RSocketBrokerHandlerRegistryImpl method accept.

@Override
@NotNull
public Mono<RSocket> accept(@NotNull final ConnectionSetupPayload setupPayload, @NotNull final RSocket requesterSocket) {
    // parse setup payload
    RSocketCompositeMetadata compositeMetadata = null;
    AppMetadata appMetadata = null;
    String credentials = "";
    RSocketAppPrincipal principal = null;
    String errorMsg = null;
    try {
        compositeMetadata = RSocketCompositeMetadata.from(setupPayload.metadata());
        if (!authRequired) {
            // authentication not required
            principal = appNameBasedPrincipal("MockApp");
            credentials = UUID.randomUUID().toString();
        } else if (compositeMetadata.contains(RSocketMimeType.BearerToken)) {
            BearerTokenMetadata bearerTokenMetadata = BearerTokenMetadata.from(compositeMetadata.getMetadata(RSocketMimeType.BearerToken));
            credentials = new String(bearerTokenMetadata.getBearerToken());
            principal = authenticationService.auth("JWT", credentials);
        } else {
            // no jwt token supplied
            errorMsg = RsocketErrorCode.message("RST-500405");
        }
        // validate application information
        if (principal != null && compositeMetadata.contains(RSocketMimeType.Application)) {
            AppMetadata temp = AppMetadata.from(compositeMetadata.getMetadata(RSocketMimeType.Application));
            // App registration validation: app id: UUID and unique in server
            if (temp.getUuid() == null || temp.getUuid().isEmpty()) {
                temp.setUuid(UUID.randomUUID().toString());
            }
            String appId = temp.getUuid();
            // validate appId data format
            if (appId != null && appId.length() >= 32) {
                Integer instanceId = MurmurHash3.hash32(credentials + ":" + temp.getUuid());
                temp.setId(instanceId);
                // application instance not connected
                if (!routingSelector.containInstance(instanceId)) {
                    appMetadata = temp;
                    appMetadata.setConnectedAt(new Date());
                } else {
                    // application connected already
                    errorMsg = RsocketErrorCode.message("RST-500409");
                }
            } else {
                // illegal application id, appID should be UUID
                errorMsg = RsocketErrorCode.message("RST-500410", appId == null ? "" : appId);
            }
        }
        if (errorMsg == null) {
            // Security authentication
            if (appMetadata != null) {
                appMetadata.addMetadata("_orgs", String.join(",", principal.getOrganizations()));
                appMetadata.addMetadata("_roles", String.join(",", principal.getRoles()));
                appMetadata.addMetadata("_serviceAccounts", String.join(",", principal.getServiceAccounts()));
            } else {
                errorMsg = RsocketErrorCode.message("RST-500411");
            }
        }
    } catch (Exception e) {
        log.error(RsocketErrorCode.message("RST-500402"), e);
        errorMsg = RsocketErrorCode.message("RST-600500", e.getMessage());
    }
    // validate connection legal or not
    if (principal == null) {
        errorMsg = RsocketErrorCode.message("RST-500405");
    }
    if (errorMsg != null) {
        return returnRejectedRSocket(errorMsg, requesterSocket);
    }
    // create handler
    try {
        RSocketBrokerResponderHandler brokerResponderHandler = new RSocketBrokerResponderHandler(setupPayload, compositeMetadata, appMetadata, principal, requesterSocket, routingSelector, eventProcessor, this, serviceMeshInspector, getUpstreamRSocket());
        brokerResponderHandler.setFilterChain(rsocketFilterChain);
        brokerResponderHandler.setLocalReactiveServiceCaller(localReactiveServiceCaller);
        brokerResponderHandler.onClose().doOnTerminate(() -> onHandlerDisposed(brokerResponderHandler)).subscribeOn(Schedulers.parallel()).subscribe();
        // handler registration notify
        onHandlerRegistered(brokerResponderHandler);
        log.info(RsocketErrorCode.message("RST-500200", appMetadata.getName()));
        return Mono.just(brokerResponderHandler);
    } catch (Exception e) {
        log.error(RsocketErrorCode.message("RST-500406", e.getMessage()), e);
        return returnRejectedRSocket(RsocketErrorCode.message("RST-500406", e.getMessage()), requesterSocket);
    }
}

Also used : RSocketCompositeMetadata(com.alibaba.rsocket.metadata.RSocketCompositeMetadata) BearerTokenMetadata(com.alibaba.rsocket.metadata.BearerTokenMetadata) AppMetadata(com.alibaba.rsocket.metadata.AppMetadata) RSocketAppPrincipal(com.alibaba.spring.boot.rsocket.broker.security.RSocketAppPrincipal) RejectedSetupException(io.rsocket.exceptions.RejectedSetupException) ApplicationErrorException(io.rsocket.exceptions.ApplicationErrorException) NotNull(org.jetbrains.annotations.NotNull)

Aggregations

AppMetadata (com.alibaba.rsocket.metadata.AppMetadata)1 BearerTokenMetadata (com.alibaba.rsocket.metadata.BearerTokenMetadata)1 RSocketCompositeMetadata (com.alibaba.rsocket.metadata.RSocketCompositeMetadata)1 RSocketAppPrincipal (com.alibaba.spring.boot.rsocket.broker.security.RSocketAppPrincipal)1 ApplicationErrorException (io.rsocket.exceptions.ApplicationErrorException)1 RejectedSetupException (io.rsocket.exceptions.RejectedSetupException)1 NotNull (org.jetbrains.annotations.NotNull)1