Adapted websocket code to new redux specification

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
+#Sun Apr 12 12:33:03 CEST 2020
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.2.2-all.zip
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.2.2-bin.zip
-zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME

socket_test.html

@@ -9,32 +9,35 @@
     <h1>Waiting for authentication...</h1>
 </div>
 <script>
+
       let malusa = document.getElementById("malusa");
-let connection = new WebSocket("ws://localhost:8080/sensor-socket");
+      let token = localStorage.getItem("token");
+      if (!token) {
+        token = prompt("insert authentication token");
+        localStorage.setItem("token", token);
+      }
+
+let connection = new WebSocket("ws://localhost:8080/sensor-socket?token=" + token);
 console.log("***CREATED WEBSOCKET");
 
+let authentica
 connection.onopen = function(evt) {
-  console.log("***ONOPEN", evt);
-  connection.send(JSON.stringify({token: prompt("insert authentication token")}));
+  malusa.innerHTML = "<h1>Socket is now authenticated!</h1>" +
+    "<img src='https://maggioni.xyz/astley.gif'>";
 };
 
 connection.onmessage = function(evt) {
   console.log("***ONMESSAGE", evt);
   let data = JSON.parse(evt.data);
 
-  if (data.authenticated) {
-    malusa.innerHTML = "<h1>Socket is now authenticated!</h1>" +
-      "<img src='https://maggioni.xyz/astley.gif'>";
-  } else if (data.authenticated === false) {
-    malusa.innerHTML = "<h1>Authentication error</h1>";
-  } else {
   malusa.innerHTML += "<p><pre>" + JSON.stringify(JSON.parse(evt.data), null, 2) + "</pre></p>";
-  }
 };
 
 connection.onerror = function(evt) {
   console.error("***ONERROR", evt);
 };
+
+
 </script>
 </body>
 </html>

src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/socket/AuthenticationMessageListener.java

@@ -1,95 +0,0 @@
-package ch.usi.inf.sa4.sanmarinoes.smarthut.socket;
-
-import ch.usi.inf.sa4.sanmarinoes.smarthut.config.GsonConfig;
-import ch.usi.inf.sa4.sanmarinoes.smarthut.config.JWTTokenUtils;
-import ch.usi.inf.sa4.sanmarinoes.smarthut.models.User;
-import ch.usi.inf.sa4.sanmarinoes.smarthut.models.UserRepository;
-import com.google.gson.Gson;
-import com.google.gson.JsonObject;
-import io.jsonwebtoken.ExpiredJwtException;
-import java.io.IOException;
-import java.util.Map;
-import java.util.function.BiConsumer;
-import javax.websocket.MessageHandler;
-import javax.websocket.Session;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-/** Generates MessageHandlers for unauthenticated socket sessions */
-@Component
-public class AuthenticationMessageListener {
-
-    private Gson gson = GsonConfig.gson();
-
-    private JWTTokenUtils jwtTokenUtils;
-
-    private UserRepository userRepository;
-
-    @Autowired
-    public AuthenticationMessageListener(
-            JWTTokenUtils jwtTokenUtils, UserRepository userRepository) {
-        this.jwtTokenUtils = jwtTokenUtils;
-        this.userRepository = userRepository;
-    }
-
-    /**
-     * Generates a new message handler to handle socket authentication
-     *
-     * @param session the session to which authentication must be checked
-     * @param authorizedSetter function to call once user is authenticated
-     * @return a new message handler to handle socket authentication
-     */
-    MessageHandler.Whole<String> newHandler(
-            final Session session, BiConsumer<User, Session> authorizedSetter) {
-        return new MessageHandler.Whole<>() {
-            @Override
-            public void onMessage(final String message) {
-                if (message == null) {
-                    acknowledge(false);
-                    return;
-                }
-
-                String token;
-                String username;
-
-                try {
-                    token = gson.fromJson(message, JsonObject.class).get("token").getAsString();
-                    username = jwtTokenUtils.getUsernameFromToken(token);
-                } catch (ExpiredJwtException e) {
-                    System.err.println(e.getMessage());
-                    acknowledge(false);
-                    return;
-                } catch (Throwable ignored) {
-                    System.out.println("Token format not valid");
-                    acknowledge(false);
-                    return;
-                }
-
-                final User user = userRepository.findByUsername(username);
-                if (user == null || jwtTokenUtils.isTokenExpired(token)) {
-                    System.out.println("Token not valid");
-                    acknowledge(false);
-                    return;
-                }
-
-                // Here user is authenticated
-                session.removeMessageHandler(this);
-
-                // Add user-session pair in authorized list
-                authorizedSetter.accept(user, session);
-
-                // update client to acknowledge authentication
-                acknowledge(true);
-            }
-
-            private void acknowledge(boolean success) {
-                try {
-                    session.getBasicRemote()
-                            .sendText(gson.toJson(Map.of("authenticated", success)));
-                } catch (IOException e) {
-                    e.printStackTrace();
-                }
-            }
-        };
-    }
-}

src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/socket/SensorSocketEndpoint.java

@@ -2,51 +2,43 @@ package ch.usi.inf.sa4.sanmarinoes.smarthut.socket;
 
 
 import ch.usi.inf.sa4.sanmarinoes.smarthut.config.GsonConfig;
+import ch.usi.inf.sa4.sanmarinoes.smarthut.config.JWTTokenUtils;
 import ch.usi.inf.sa4.sanmarinoes.smarthut.models.User;
+import ch.usi.inf.sa4.sanmarinoes.smarthut.models.UserRepository;
 import com.google.common.collect.HashMultimap;
 import com.google.common.collect.Multimap;
 import com.google.common.collect.Multimaps;
 import com.google.gson.Gson;
+
 import java.io.IOException;
 import java.util.*;
 import javax.websocket.*;
+
+import com.google.gson.JsonObject;
+import io.jsonwebtoken.ExpiredJwtException;
+import org.hibernate.annotations.common.reflection.XProperty;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-/** Endpoint of socket at URL /sensor-socket used to update the client with sensor information */
+/**
+ * Endpoint of socket at URL /sensor-socket used to update the client with sensor information
+ */
 @Component
 public class SensorSocketEndpoint extends Endpoint {
 
     private Gson gson = GsonConfig.gson();
 
-    private AuthenticationMessageListener authenticationMessageListener;
+    private UserRepository userRepository;
 
-    private Set<Session> unauthorizedClients = Collections.synchronizedSet(new HashSet<>());
+    private JWTTokenUtils jwtTokenUtils;
 
     private Multimap<User, Session> authorizedClients =
             Multimaps.synchronizedMultimap(HashMultimap.create());
 
     @Autowired
-    public SensorSocketEndpoint(AuthenticationMessageListener authenticationMessageListener) {
-        this.authenticationMessageListener = authenticationMessageListener;
-    }
-
-    /**
-     * Returns a synchronized set of socket sessions not yet authorized with a token
-     *
-     * @return a synchronized set of socket sessions not yet authorized with a token
-     */
-    public Set<Session> getUnauthorizedClients() {
-        return unauthorizedClients;
-    }
-
-    /**
-     * Returns a synchronized User to Session multimap with authorized sessions
-     *
-     * @return a synchronized User to Session multimap with authorized sessions
-     */
-    public Multimap<User, Session> getAuthorizedClients() {
-        return authorizedClients;
+    public SensorSocketEndpoint(UserRepository userRepository, JWTTokenUtils jwtTokenUtils) {
+        this.jwtTokenUtils = jwtTokenUtils;
+        this.userRepository = userRepository;
     }
 
     /**
@@ -55,7 +47,6 @@ public class SensorSocketEndpoint extends Endpoint {
      *
      * @param message the message to send
      * @param u       the user to which to send the message
-     * @return number of successful transfer
      */
     public void broadcast(Object message, User u) {
         final HashSet<Session> sessions = new HashSet<>(authorizedClients.get(u));
@@ -80,13 +71,33 @@ public class SensorSocketEndpoint extends Endpoint {
      */
     @Override
     public void onOpen(Session session, EndpointConfig config) {
-        unauthorizedClients.add(session);
-        session.addMessageHandler(
-                authenticationMessageListener.newHandler(
-                        session,
-                        (u, s) -> {
-                            unauthorizedClients.remove(s);
-                            authorizedClients.put(u, s);
-                        }));
+        final List<String> tokenQuery = session.getRequestParameterMap().get("token");
+        User u;
+        if (!tokenQuery.isEmpty() && (u = checkToken(tokenQuery.get(0))) != null) {
+            authorizedClients.put(u, session);
+        } else {
+            try {
+                session.close();
+            } catch (IOException ignored) {
+            }
+        }
+    }
+
+    private User checkToken(String protocolString) {
+        String username;
+
+        try {
+            username = jwtTokenUtils.getUsernameFromToken(protocolString);
+        } catch (Throwable ignored) {
+            System.out.println("Token format not valid");
+            return null;
+        }
+
+        final User user = userRepository.findByUsername(username);
+        if (user != null && !jwtTokenUtils.isTokenExpired(protocolString)) {
+            return user;
+        } else {
+            return null;
+        }
     }
 }