| /* |
| * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| * |
| * This code is free software; you can redistribute it and/or modify it |
| * under the terms of the GNU General Public License version 2 only, as |
| * published by the Free Software Foundation. Oracle designates this |
| * particular file as subject to the "Classpath" exception as provided |
| * by Oracle in the LICENSE file that accompanied this code. |
| * |
| * This code is distributed in the hope that it will be useful, but WITHOUT |
| * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| * version 2 for more details (a copy is included in the LICENSE file that |
| * accompanied this code). |
| * |
| * You should have received a copy of the GNU General Public License version |
| * 2 along with this work; if not, write to the Free Software Foundation, |
| * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| * |
| * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
| * or visit www.oracle.com if you need additional information or have any |
| * questions. |
| */ |
| package java.net.http; |
| |
| import java.io.UncheckedIOException; |
| import java.io.IOException; |
| import java.net.URI; |
| import java.net.URISyntaxException; |
| import java.nio.charset.StandardCharsets; |
| import java.security.MessageDigest; |
| import java.security.NoSuchAlgorithmException; |
| import java.security.SecureRandom; |
| import java.time.Duration; |
| import java.time.temporal.ChronoUnit; |
| import java.util.Arrays; |
| import java.util.Base64; |
| import java.util.Collection; |
| import java.util.List; |
| import java.util.concurrent.CompletableFuture; |
| import java.util.concurrent.TimeUnit; |
| import java.util.function.Predicate; |
| import java.util.stream.Collectors; |
| |
| import static java.lang.String.format; |
| import static java.lang.System.Logger.Level.TRACE; |
| import static java.net.http.WSUtils.logger; |
| import static java.net.http.WSUtils.webSocketSpecViolation; |
| |
| final class WSOpeningHandshake { |
| |
| private static final String HEADER_CONNECTION = "Connection"; |
| private static final String HEADER_UPGRADE = "Upgrade"; |
| private static final String HEADER_ACCEPT = "Sec-WebSocket-Accept"; |
| private static final String HEADER_EXTENSIONS = "Sec-WebSocket-Extensions"; |
| private static final String HEADER_KEY = "Sec-WebSocket-Key"; |
| private static final String HEADER_PROTOCOL = "Sec-WebSocket-Protocol"; |
| private static final String HEADER_VERSION = "Sec-WebSocket-Version"; |
| private static final String VALUE_VERSION = "13"; // WebSocket's lucky number |
| |
| private static final SecureRandom srandom = new SecureRandom(); |
| |
| private final MessageDigest sha1; |
| |
| { |
| try { |
| sha1 = MessageDigest.getInstance("SHA-1"); |
| } catch (NoSuchAlgorithmException e) { |
| // Shouldn't happen: |
| // SHA-1 must be available in every Java platform implementation |
| throw new InternalError("Minimum platform requirements are not met", e); |
| } |
| } |
| |
| private final HttpRequest request; |
| private final Collection<String> subprotocols; |
| private final String nonce; |
| |
| WSOpeningHandshake(WSBuilder b) { |
| URI httpURI = createHttpUri(b.getUri()); |
| HttpRequest.Builder requestBuilder = b.getClient().request(httpURI); |
| Duration connectTimeout = b.getConnectTimeout(); |
| if (connectTimeout != null) { |
| requestBuilder.timeout( |
| TimeUnit.of(ChronoUnit.MILLIS), |
| connectTimeout.get(ChronoUnit.MILLIS) |
| ); |
| } |
| Collection<String> s = b.getSubprotocols(); |
| if (!s.isEmpty()) { |
| String p = s.stream().collect(Collectors.joining(", ")); |
| requestBuilder.header(HEADER_PROTOCOL, p); |
| } |
| requestBuilder.header(HEADER_VERSION, VALUE_VERSION); |
| this.nonce = createNonce(); |
| requestBuilder.header(HEADER_KEY, this.nonce); |
| this.request = requestBuilder.GET(); |
| HttpRequestImpl r = (HttpRequestImpl) this.request; |
| r.isWebSocket(true); |
| r.setSystemHeader(HEADER_UPGRADE, "websocket"); |
| r.setSystemHeader(HEADER_CONNECTION, "Upgrade"); |
| this.subprotocols = s; |
| } |
| |
| private URI createHttpUri(URI webSocketUri) { |
| // FIXME: check permission for WebSocket URI and translate it into http/https permission |
| logger.log(TRACE, "->createHttpUri(''{0}'')", webSocketUri); |
| String httpScheme = webSocketUri.getScheme().equalsIgnoreCase("ws") |
| ? "http" |
| : "https"; |
| try { |
| URI uri = new URI(httpScheme, |
| webSocketUri.getUserInfo(), |
| webSocketUri.getHost(), |
| webSocketUri.getPort(), |
| webSocketUri.getPath(), |
| webSocketUri.getQuery(), |
| null); |
| logger.log(TRACE, "<-createHttpUri: ''{0}''", uri); |
| return uri; |
| } catch (URISyntaxException e) { |
| // Shouldn't happen: URI invariant |
| throw new InternalError("Error translating WebSocket URI to HTTP URI", e); |
| } |
| } |
| |
| CompletableFuture<Result> performAsync() { |
| // The whole dancing with thenCompose instead of thenApply is because |
| // WebSocketHandshakeException is a checked exception |
| return request.responseAsync() |
| .thenCompose(response -> { |
| try { |
| Result result = handleResponse(response); |
| return CompletableFuture.completedFuture(result); |
| } catch (WebSocketHandshakeException e) { |
| return CompletableFuture.failedFuture(e); |
| } catch (UncheckedIOException ee) { |
| return CompletableFuture.failedFuture(ee.getCause()); |
| } |
| }); |
| } |
| |
| private Result handleResponse(HttpResponse response) throws WebSocketHandshakeException { |
| // By this point all redirects, authentications, etc. (if any) must have |
| // been done by the httpClient used by the WebSocket; so only 101 is |
| // expected |
| int statusCode = response.statusCode(); |
| if (statusCode != 101) { |
| String m = webSocketSpecViolation("1.3.", |
| "Unable to complete handshake; HTTP response status code " |
| + statusCode |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| HttpHeaders h = response.headers(); |
| checkHeader(h, response, HEADER_UPGRADE, v -> v.equalsIgnoreCase("websocket")); |
| checkHeader(h, response, HEADER_CONNECTION, v -> v.equalsIgnoreCase("Upgrade")); |
| checkVersion(response, h); |
| checkAccept(response, h); |
| checkExtensions(response, h); |
| String subprotocol = checkAndReturnSubprotocol(response, h); |
| RawChannel channel = null; |
| try { |
| channel = ((HttpResponseImpl) response).rawChannel(); |
| } catch (IOException e) { |
| throw new UncheckedIOException(e); |
| } |
| return new Result(subprotocol, channel); |
| } |
| |
| private void checkExtensions(HttpResponse response, HttpHeaders headers) |
| throws WebSocketHandshakeException { |
| List<String> ext = headers.allValues(HEADER_EXTENSIONS); |
| if (!ext.isEmpty()) { |
| String m = webSocketSpecViolation("4.1.", |
| "Server responded with extension(s) though none were requested " |
| + Arrays.toString(ext.toArray()) |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| } |
| |
| private String checkAndReturnSubprotocol(HttpResponse response, HttpHeaders headers) |
| throws WebSocketHandshakeException { |
| assert response.statusCode() == 101 : response.statusCode(); |
| List<String> sp = headers.allValues(HEADER_PROTOCOL); |
| int size = sp.size(); |
| if (size == 0) { |
| // In this case the subprotocol requested (if any) by the client |
| // doesn't matter. If there is no such header in the response, then |
| // the server doesn't want to use any subprotocol |
| return null; |
| } else if (size > 1) { |
| // We don't know anything about toString implementation of this |
| // list, so let's create an array |
| String m = webSocketSpecViolation("4.1.", |
| "Server responded with multiple subprotocols: " |
| + Arrays.toString(sp.toArray()) |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } else { |
| String selectedSubprotocol = sp.get(0); |
| if (this.subprotocols.contains(selectedSubprotocol)) { |
| return selectedSubprotocol; |
| } else { |
| String m = webSocketSpecViolation("4.1.", |
| format("Server responded with a subprotocol " + |
| "not among those requested: '%s'", |
| selectedSubprotocol)); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| } |
| } |
| |
| private void checkAccept(HttpResponse response, HttpHeaders headers) |
| throws WebSocketHandshakeException { |
| assert response.statusCode() == 101 : response.statusCode(); |
| String x = nonce + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"; |
| sha1.update(x.getBytes(StandardCharsets.ISO_8859_1)); |
| String expected = Base64.getEncoder().encodeToString(sha1.digest()); |
| checkHeader(headers, response, HEADER_ACCEPT, actual -> actual.trim().equals(expected)); |
| } |
| |
| private void checkVersion(HttpResponse response, HttpHeaders headers) |
| throws WebSocketHandshakeException { |
| assert response.statusCode() == 101 : response.statusCode(); |
| List<String> versions = headers.allValues(HEADER_VERSION); |
| if (versions.isEmpty()) { // That's normal and expected |
| return; |
| } |
| String m = webSocketSpecViolation("4.4.", |
| "Server responded with version(s) " |
| + Arrays.toString(versions.toArray())); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| |
| // |
| // Checks whether there's only one value for the header with the given name |
| // and the value satisfies the predicate. |
| // |
| private static void checkHeader(HttpHeaders headers, |
| HttpResponse response, |
| String headerName, |
| Predicate<? super String> valuePredicate) |
| throws WebSocketHandshakeException { |
| assert response.statusCode() == 101 : response.statusCode(); |
| List<String> values = headers.allValues(headerName); |
| if (values.isEmpty()) { |
| String m = webSocketSpecViolation("4.1.", |
| format("Server response field '%s' is missing", headerName) |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } else if (values.size() > 1) { |
| String m = webSocketSpecViolation("4.1.", |
| format("Server response field '%s' has multiple values", headerName) |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| if (!valuePredicate.test(values.get(0))) { |
| String m = webSocketSpecViolation("4.1.", |
| format("Server response field '%s' is incorrect", headerName) |
| ); |
| throw new WebSocketHandshakeException(m, response); |
| } |
| } |
| |
| private static String createNonce() { |
| byte[] bytes = new byte[16]; |
| srandom.nextBytes(bytes); |
| return Base64.getEncoder().encodeToString(bytes); |
| } |
| |
| static final class Result { |
| |
| final String subprotocol; |
| final RawChannel channel; |
| |
| private Result(String subprotocol, RawChannel channel) { |
| this.subprotocol = subprotocol; |
| this.channel = channel; |
| } |
| } |
| } |