use of com.alibaba.rsocket.metadata.BearerTokenMetadata in project alibaba-rsocket-broker by alibaba.
the class RSocketBrokerHandlerRegistryImpl method accept.
@Override
@NotNull
public Mono<RSocket> accept(@NotNull final ConnectionSetupPayload setupPayload, @NotNull final RSocket requesterSocket) {
// parse setup payload
RSocketCompositeMetadata compositeMetadata = null;
AppMetadata appMetadata = null;
String credentials = "";
RSocketAppPrincipal principal = null;
String errorMsg = null;
try {
compositeMetadata = RSocketCompositeMetadata.from(setupPayload.metadata());
if (!authRequired) {
// authentication not required
principal = appNameBasedPrincipal("MockApp");
credentials = UUID.randomUUID().toString();
} else if (compositeMetadata.contains(RSocketMimeType.BearerToken)) {
BearerTokenMetadata bearerTokenMetadata = BearerTokenMetadata.from(compositeMetadata.getMetadata(RSocketMimeType.BearerToken));
credentials = new String(bearerTokenMetadata.getBearerToken());
principal = authenticationService.auth("JWT", credentials);
} else {
// no jwt token supplied
errorMsg = RsocketErrorCode.message("RST-500405");
}
// validate application information
if (principal != null && compositeMetadata.contains(RSocketMimeType.Application)) {
AppMetadata temp = AppMetadata.from(compositeMetadata.getMetadata(RSocketMimeType.Application));
// App registration validation: app id: UUID and unique in server
if (temp.getUuid() == null || temp.getUuid().isEmpty()) {
temp.setUuid(UUID.randomUUID().toString());
}
String appId = temp.getUuid();
// validate appId data format
if (appId != null && appId.length() >= 32) {
Integer instanceId = MurmurHash3.hash32(credentials + ":" + temp.getUuid());
temp.setId(instanceId);
// application instance not connected
if (!routingSelector.containInstance(instanceId)) {
appMetadata = temp;
appMetadata.setConnectedAt(new Date());
} else {
// application connected already
errorMsg = RsocketErrorCode.message("RST-500409");
}
} else {
// illegal application id, appID should be UUID
errorMsg = RsocketErrorCode.message("RST-500410", appId == null ? "" : appId);
}
}
if (errorMsg == null) {
// Security authentication
if (appMetadata != null) {
appMetadata.addMetadata("_orgs", String.join(",", principal.getOrganizations()));
appMetadata.addMetadata("_roles", String.join(",", principal.getRoles()));
appMetadata.addMetadata("_serviceAccounts", String.join(",", principal.getServiceAccounts()));
} else {
errorMsg = RsocketErrorCode.message("RST-500411");
}
}
} catch (Exception e) {
log.error(RsocketErrorCode.message("RST-500402"), e);
errorMsg = RsocketErrorCode.message("RST-600500", e.getMessage());
}
// validate connection legal or not
if (principal == null) {
errorMsg = RsocketErrorCode.message("RST-500405");
}
if (errorMsg != null) {
return returnRejectedRSocket(errorMsg, requesterSocket);
}
// create handler
try {
RSocketBrokerResponderHandler brokerResponderHandler = new RSocketBrokerResponderHandler(setupPayload, compositeMetadata, appMetadata, principal, requesterSocket, routingSelector, eventProcessor, this, serviceMeshInspector, getUpstreamRSocket());
brokerResponderHandler.setFilterChain(rsocketFilterChain);
brokerResponderHandler.setLocalReactiveServiceCaller(localReactiveServiceCaller);
brokerResponderHandler.onClose().doOnTerminate(() -> onHandlerDisposed(brokerResponderHandler)).subscribeOn(Schedulers.parallel()).subscribe();
// handler registration notify
onHandlerRegistered(brokerResponderHandler);
log.info(RsocketErrorCode.message("RST-500200", appMetadata.getName()));
return Mono.just(brokerResponderHandler);
} catch (Exception e) {
log.error(RsocketErrorCode.message("RST-500406", e.getMessage()), e);
return returnRejectedRSocket(RsocketErrorCode.message("RST-500406", e.getMessage()), requesterSocket);
}
}
Aggregations