mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2025-01-23 00:56:30 +01:00
[feature] support Sec-Websocket-Protocol in streaming API (#1254)
* [feature] support Sec-Websocket-Protocol in streaming API * Fix lint problem * Update based on reviews
This commit is contained in:
parent
69dd5fed2c
commit
d10388cc28
3 changed files with 255 additions and 4 deletions
|
@ -131,7 +131,10 @@ func (m *Module) StreamGETHandler(c *gin.Context) {
|
||||||
|
|
||||||
accessToken := c.Query(AccessTokenQueryKey)
|
accessToken := c.Query(AccessTokenQueryKey)
|
||||||
if accessToken == "" {
|
if accessToken == "" {
|
||||||
err := fmt.Errorf("no access token provided under query key %s", AccessTokenQueryKey)
|
accessToken = c.GetHeader(AccessTokenHeader)
|
||||||
|
}
|
||||||
|
if accessToken == "" {
|
||||||
|
err := fmt.Errorf("no access token provided under query key %s or under header %s", AccessTokenQueryKey, AccessTokenHeader)
|
||||||
api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
api.ErrorHandler(c, gtserror.NewErrorUnauthorized(err, err.Error()), m.processor.InstanceGet)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -171,7 +174,7 @@ func (m *Module) StreamGETHandler(c *gin.Context) {
|
||||||
close(stream.Hangup)
|
close(stream.Hangup)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
streamTicker := time.NewTicker(30 * time.Second)
|
streamTicker := time.NewTicker(m.tickDuration)
|
||||||
|
|
||||||
// We want to stay in the loop as long as possible while the client is connected.
|
// We want to stay in the loop as long as possible while the client is connected.
|
||||||
// The only thing that should break the loop is if the client leaves or the connection becomes unhealthy.
|
// The only thing that should break the loop is if the client leaves or the connection becomes unhealthy.
|
||||||
|
|
|
@ -20,6 +20,7 @@
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/api"
|
"github.com/superseriousbusiness/gotosocial/internal/api"
|
||||||
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||||
|
@ -35,17 +36,29 @@
|
||||||
|
|
||||||
// AccessTokenQueryKey is the query key for an oauth access token that should be passed in streaming requests.
|
// AccessTokenQueryKey is the query key for an oauth access token that should be passed in streaming requests.
|
||||||
AccessTokenQueryKey = "access_token"
|
AccessTokenQueryKey = "access_token"
|
||||||
|
// AccessTokenHeader is the header for an oauth access token that can be passed in streaming requests instead of AccessTokenQueryKey
|
||||||
|
//nolint:gosec
|
||||||
|
AccessTokenHeader = "Sec-Websocket-Protocol"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Module implements the api.ClientModule interface for everything related to streaming
|
// Module implements the api.ClientModule interface for everything related to streaming
|
||||||
type Module struct {
|
type Module struct {
|
||||||
processor processing.Processor
|
processor processing.Processor
|
||||||
|
tickDuration time.Duration
|
||||||
}
|
}
|
||||||
|
|
||||||
// New returns a new streaming module
|
// New returns a new streaming module
|
||||||
func New(processor processing.Processor) api.ClientModule {
|
func New(processor processing.Processor) api.ClientModule {
|
||||||
return &Module{
|
return &Module{
|
||||||
processor: processor,
|
processor: processor,
|
||||||
|
tickDuration: 30 * time.Second,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewWithTickDuration(processor processing.Processor, tickDuration time.Duration) api.ClientModule {
|
||||||
|
return &Module{
|
||||||
|
processor: processor,
|
||||||
|
tickDuration: tickDuration,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
235
internal/api/client/streaming/streaming_test.go
Normal file
235
internal/api/client/streaming/streaming_test.go
Normal file
|
@ -0,0 +1,235 @@
|
||||||
|
/*
|
||||||
|
GoToSocial
|
||||||
|
Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU Affero General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Affero General Public License
|
||||||
|
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*/
|
||||||
|
|
||||||
|
package streaming_test
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bufio"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
|
"net/http/httptest"
|
||||||
|
"testing"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/gin-gonic/gin"
|
||||||
|
"github.com/stretchr/testify/suite"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/api/client/streaming"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/concurrency"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/db"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/email"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/federation"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/media"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/messages"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/oauth"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/processing"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/storage"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/internal/typeutils"
|
||||||
|
"github.com/superseriousbusiness/gotosocial/testrig"
|
||||||
|
)
|
||||||
|
|
||||||
|
type StreamingTestSuite struct {
|
||||||
|
// standard suite interfaces
|
||||||
|
suite.Suite
|
||||||
|
db db.DB
|
||||||
|
tc typeutils.TypeConverter
|
||||||
|
mediaManager media.Manager
|
||||||
|
federator federation.Federator
|
||||||
|
emailSender email.Sender
|
||||||
|
processor processing.Processor
|
||||||
|
storage *storage.Driver
|
||||||
|
|
||||||
|
// standard suite models
|
||||||
|
testTokens map[string]*gtsmodel.Token
|
||||||
|
testClients map[string]*gtsmodel.Client
|
||||||
|
testApplications map[string]*gtsmodel.Application
|
||||||
|
testUsers map[string]*gtsmodel.User
|
||||||
|
testAccounts map[string]*gtsmodel.Account
|
||||||
|
testAttachments map[string]*gtsmodel.MediaAttachment
|
||||||
|
testStatuses map[string]*gtsmodel.Status
|
||||||
|
testFollows map[string]*gtsmodel.Follow
|
||||||
|
|
||||||
|
// module being tested
|
||||||
|
streamingModule *streaming.Module
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *StreamingTestSuite) SetupSuite() {
|
||||||
|
suite.testTokens = testrig.NewTestTokens()
|
||||||
|
suite.testClients = testrig.NewTestClients()
|
||||||
|
suite.testApplications = testrig.NewTestApplications()
|
||||||
|
suite.testUsers = testrig.NewTestUsers()
|
||||||
|
suite.testAccounts = testrig.NewTestAccounts()
|
||||||
|
suite.testAttachments = testrig.NewTestAttachments()
|
||||||
|
suite.testStatuses = testrig.NewTestStatuses()
|
||||||
|
suite.testFollows = testrig.NewTestFollows()
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *StreamingTestSuite) SetupTest() {
|
||||||
|
testrig.InitTestConfig()
|
||||||
|
testrig.InitTestLog()
|
||||||
|
|
||||||
|
suite.db = testrig.NewTestDB()
|
||||||
|
suite.tc = testrig.NewTestTypeConverter(suite.db)
|
||||||
|
suite.storage = testrig.NewInMemoryStorage()
|
||||||
|
testrig.StandardDBSetup(suite.db, nil)
|
||||||
|
testrig.StandardStorageSetup(suite.storage, "../../../../testrig/media")
|
||||||
|
|
||||||
|
fedWorker := concurrency.NewWorkerPool[messages.FromFederator](-1, -1)
|
||||||
|
clientWorker := concurrency.NewWorkerPool[messages.FromClientAPI](-1, -1)
|
||||||
|
|
||||||
|
suite.mediaManager = testrig.NewTestMediaManager(suite.db, suite.storage)
|
||||||
|
suite.federator = testrig.NewTestFederator(suite.db, testrig.NewTestTransportController(testrig.NewMockHTTPClient(nil, "../../../../testrig/media"), suite.db, fedWorker), suite.storage, suite.mediaManager, fedWorker)
|
||||||
|
suite.emailSender = testrig.NewEmailSender("../../../../web/template/", nil)
|
||||||
|
suite.processor = testrig.NewTestProcessor(suite.db, suite.storage, suite.federator, suite.emailSender, suite.mediaManager, clientWorker, fedWorker)
|
||||||
|
suite.streamingModule = streaming.NewWithTickDuration(suite.processor, 1).(*streaming.Module)
|
||||||
|
suite.NoError(suite.processor.Start())
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *StreamingTestSuite) TearDownTest() {
|
||||||
|
testrig.StandardDBTeardown(suite.db)
|
||||||
|
testrig.StandardStorageTeardown(suite.storage)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Addr is a fake network interface which implements the net.Addr interface
|
||||||
|
type Addr struct {
|
||||||
|
NetworkString string
|
||||||
|
AddrString string
|
||||||
|
}
|
||||||
|
|
||||||
|
func (a Addr) Network() string {
|
||||||
|
return a.NetworkString
|
||||||
|
}
|
||||||
|
|
||||||
|
func (a Addr) String() string {
|
||||||
|
return a.AddrString
|
||||||
|
}
|
||||||
|
|
||||||
|
type connTester struct {
|
||||||
|
deadline time.Time
|
||||||
|
writes int
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) Read(b []byte) (n int, err error) {
|
||||||
|
return 0, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) SetDeadline(t time.Time) error {
|
||||||
|
c.deadline = t
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) SetReadDeadline(t time.Time) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) SetWriteDeadline(t time.Time) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) Write(p []byte) (int, error) {
|
||||||
|
c.writes++
|
||||||
|
if c.writes > 1 {
|
||||||
|
return 0, errors.New("timeout")
|
||||||
|
}
|
||||||
|
return 0, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) Close() error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) LocalAddr() net.Addr {
|
||||||
|
return Addr{
|
||||||
|
NetworkString: "tcp",
|
||||||
|
AddrString: "127.0.0.1",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (c *connTester) RemoteAddr() net.Addr {
|
||||||
|
return Addr{
|
||||||
|
NetworkString: "tcp",
|
||||||
|
AddrString: "127.0.0.1",
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
type TestResponseRecorder struct {
|
||||||
|
*httptest.ResponseRecorder
|
||||||
|
w gin.ResponseWriter
|
||||||
|
closeChannel chan bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *TestResponseRecorder) CloseNotify() <-chan bool {
|
||||||
|
return r.closeChannel
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *TestResponseRecorder) closeClient() {
|
||||||
|
r.closeChannel <- true
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *TestResponseRecorder) Hijack() (net.Conn, *bufio.ReadWriter, error) {
|
||||||
|
conn := &connTester{
|
||||||
|
writes: 0,
|
||||||
|
}
|
||||||
|
brw := bufio.NewReadWriter(bufio.NewReader(conn), bufio.NewWriter(conn))
|
||||||
|
return conn, brw, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func CreateTestResponseRecorder() *TestResponseRecorder {
|
||||||
|
w := new(gin.ResponseWriter)
|
||||||
|
return &TestResponseRecorder{
|
||||||
|
httptest.NewRecorder(),
|
||||||
|
*w,
|
||||||
|
make(chan bool, 1),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (suite *StreamingTestSuite) TestSecurityHeader() {
|
||||||
|
// set up the context for the request
|
||||||
|
t := suite.testTokens["local_account_1"]
|
||||||
|
oauthToken := oauth.DBTokenToToken(t)
|
||||||
|
recorder := CreateTestResponseRecorder()
|
||||||
|
ctx, _ := testrig.CreateGinTestContext(recorder, nil)
|
||||||
|
ctx.Set(oauth.SessionAuthorizedApplication, suite.testApplications["application_1"])
|
||||||
|
ctx.Set(oauth.SessionAuthorizedToken, oauthToken)
|
||||||
|
ctx.Set(oauth.SessionAuthorizedUser, suite.testUsers["local_account_1"])
|
||||||
|
ctx.Set(oauth.SessionAuthorizedAccount, suite.testAccounts["local_account_1"])
|
||||||
|
ctx.Request = httptest.NewRequest(http.MethodGet, fmt.Sprintf("http://localhost:8080/%s?stream=user", streaming.BasePath), nil) // the endpoint we're hitting
|
||||||
|
ctx.Request.Header.Set("accept", "application/json")
|
||||||
|
ctx.Request.Header.Set(streaming.AccessTokenHeader, oauthToken.Access)
|
||||||
|
ctx.Request.Header.Set("Connection", "upgrade")
|
||||||
|
ctx.Request.Header.Set("Upgrade", "websocket")
|
||||||
|
ctx.Request.Header.Set("Sec-Websocket-Version", "13")
|
||||||
|
ctx.Request.Header.Set("Sec-Websocket-Key", "abcd")
|
||||||
|
|
||||||
|
suite.streamingModule.StreamGETHandler(ctx)
|
||||||
|
|
||||||
|
// check response
|
||||||
|
suite.EqualValues(http.StatusOK, recorder.Code)
|
||||||
|
|
||||||
|
result := recorder.Result()
|
||||||
|
defer result.Body.Close()
|
||||||
|
_, err := ioutil.ReadAll(result.Body)
|
||||||
|
suite.NoError(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestStreamingTestSuite(t *testing.T) {
|
||||||
|
suite.Run(t, new(StreamingTestSuite))
|
||||||
|
}
|
Loading…
Reference in a new issue