mirror of
https://github.com/uqbar-dao/nectar.git
synced 2024-12-19 06:31:30 +03:00
add WebSocketBind, WebSocketSecureBind
This commit is contained in:
parent
7dbffd80a7
commit
cdb051981c
@ -45,8 +45,9 @@ struct BoundPath {
|
|||||||
|
|
||||||
struct BoundWsPath {
|
struct BoundWsPath {
|
||||||
pub app: ProcessId,
|
pub app: ProcessId,
|
||||||
|
pub secure_subdomain: Option<String>,
|
||||||
pub authenticated: bool,
|
pub authenticated: bool,
|
||||||
pub local_only: bool,
|
pub encrypted: bool, // TODO use
|
||||||
}
|
}
|
||||||
|
|
||||||
/// HTTP server: a runtime module that handles HTTP requests at a given port.
|
/// HTTP server: a runtime module that handles HTTP requests at a given port.
|
||||||
@ -91,10 +92,8 @@ pub async fn http_server(
|
|||||||
bindings_map.add("/rpc:sys:uqbar/message", rpc_bound_path);
|
bindings_map.add("/rpc:sys:uqbar/message", rpc_bound_path);
|
||||||
let path_bindings: PathBindings = Arc::new(RwLock::new(bindings_map));
|
let path_bindings: PathBindings = Arc::new(RwLock::new(bindings_map));
|
||||||
|
|
||||||
|
|
||||||
// ws path bindings
|
// ws path bindings
|
||||||
let mut ws_bindings_map: Router<BoundWsPath> = Router::new();
|
let ws_path_bindings: WsPathBindings = Arc::new(RwLock::new(Router::new()));
|
||||||
let ws_path_bindings: WsPathBindings = Arc::new(RwLock::new(ws_bindings_map));
|
|
||||||
|
|
||||||
tokio::spawn(serve(
|
tokio::spawn(serve(
|
||||||
our_name.clone(),
|
our_name.clone(),
|
||||||
@ -152,6 +151,7 @@ async fn serve(
|
|||||||
let cloned_print_tx = print_tx.clone();
|
let cloned_print_tx = print_tx.clone();
|
||||||
let ws_route = warp::ws()
|
let ws_route = warp::ws()
|
||||||
.and(warp::path::full())
|
.and(warp::path::full())
|
||||||
|
.and(warp::filters::host::optional())
|
||||||
.and(warp::filters::header::headers_cloned())
|
.and(warp::filters::header::headers_cloned())
|
||||||
.and(warp::any().map(move || cloned_our.clone()))
|
.and(warp::any().map(move || cloned_our.clone()))
|
||||||
.and(warp::any().map(move || cloned_jwt_secret_bytes.clone()))
|
.and(warp::any().map(move || cloned_jwt_secret_bytes.clone()))
|
||||||
@ -159,7 +159,7 @@ async fn serve(
|
|||||||
.and(warp::any().map(move || ws_path_bindings.clone()))
|
.and(warp::any().map(move || ws_path_bindings.clone()))
|
||||||
.and(warp::any().map(move || cloned_msg_tx.clone()))
|
.and(warp::any().map(move || cloned_msg_tx.clone()))
|
||||||
.and(warp::any().map(move || cloned_print_tx.clone()))
|
.and(warp::any().map(move || cloned_print_tx.clone()))
|
||||||
.map(ws_handler);
|
.and_then(ws_handler);
|
||||||
|
|
||||||
// filter to receive and handle login requests
|
// filter to receive and handle login requests
|
||||||
let cloned_our = our.clone();
|
let cloned_our = our.clone();
|
||||||
@ -248,6 +248,7 @@ async fn login_handler(
|
|||||||
async fn ws_handler(
|
async fn ws_handler(
|
||||||
ws_connection: Ws,
|
ws_connection: Ws,
|
||||||
path: warp::path::FullPath,
|
path: warp::path::FullPath,
|
||||||
|
host: Option<Authority>,
|
||||||
headers: warp::http::HeaderMap,
|
headers: warp::http::HeaderMap,
|
||||||
our: Arc<String>,
|
our: Arc<String>,
|
||||||
jwt_secret_bytes: Arc<Vec<u8>>,
|
jwt_secret_bytes: Arc<Vec<u8>>,
|
||||||
@ -255,135 +256,67 @@ async fn ws_handler (
|
|||||||
ws_path_bindings: WsPathBindings,
|
ws_path_bindings: WsPathBindings,
|
||||||
send_to_loop: MessageSender,
|
send_to_loop: MessageSender,
|
||||||
print_tx: PrintSender,
|
print_tx: PrintSender,
|
||||||
) {
|
) -> Result<impl warp::Reply, warp::Rejection> {
|
||||||
|
|
||||||
let original_path = normalize_path(path.as_str());
|
let original_path = normalize_path(path.as_str());
|
||||||
let _ = print_tx.send(Printout {
|
let _ = print_tx.send(Printout {
|
||||||
verbosity: 1,
|
verbosity: 1,
|
||||||
content: format!("got ws request for {original_path}")
|
content: format!("got ws request for {original_path}"),
|
||||||
});
|
});
|
||||||
|
|
||||||
let serialized_headers = serialize_headers(&headers);
|
let serialized_headers = serialize_headers(&headers);
|
||||||
let ws_path_bindings = ws_path_bindings.read().await;
|
let ws_path_bindings = ws_path_bindings.read().await;
|
||||||
|
|
||||||
if let Ok(route) = ws_path_bindings.recognize(&original_path) {
|
let Ok(route) = ws_path_bindings.recognize(&original_path) else {
|
||||||
|
return Err(warp::reject::not_found());
|
||||||
|
};
|
||||||
|
|
||||||
let bound_path = route.handler();
|
let bound_path = route.handler();
|
||||||
|
if let Some(ref subdomain) = bound_path.secure_subdomain {
|
||||||
if bound_path.authenticated {
|
|
||||||
match serialized_headers.get("cookie") {
|
|
||||||
Some(auth_token) => {
|
|
||||||
if let Ok(our_name) = verify_auth_token(&auth_token, &jwt_secret_bytes) {
|
|
||||||
if our_name != *our {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
None => {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
ws_connection.on_upgrade(move |ws: WebSocket| async move {
|
|
||||||
|
|
||||||
let (mut write_stream, mut read_stream) = ws.split();
|
|
||||||
|
|
||||||
let _ = print_tx.send(Printout{
|
|
||||||
verbosity: 1,
|
|
||||||
content: format!("got new client websocket connection")
|
|
||||||
}).await;
|
|
||||||
|
|
||||||
let ws_channel_id: u32 = rand::random();
|
|
||||||
let (ws_sender, mut ws_receiver) = tokio::sync::mpsc::channel(100);
|
|
||||||
|
|
||||||
ws_senders.insert(ws_channel_id, (bound_path.app.clone(), ws_sender));
|
|
||||||
|
|
||||||
let _ = send_to_loop
|
|
||||||
.send(KernelMessage {
|
|
||||||
id: rand::random(),
|
|
||||||
source: Address {
|
|
||||||
node: our.to_string(),
|
|
||||||
process: HTTP_SERVER_PROCESS_ID.clone(),
|
|
||||||
},
|
|
||||||
target: Address {
|
|
||||||
node: our.clone().to_string(),
|
|
||||||
process: bound_path.app.clone(),
|
|
||||||
},
|
|
||||||
rsvp: None,
|
|
||||||
message: Message::Request(Request {
|
|
||||||
inherit: false,
|
|
||||||
expects_response: None,
|
|
||||||
ipc: serde_json::to_vec(&HttpServerRequest::WebSocketOpen(ws_channel_id)).unwrap(),
|
|
||||||
metadata: Some("ws".into()),
|
|
||||||
}),
|
|
||||||
payload: None,
|
|
||||||
signed_capabilities: None,
|
|
||||||
}).await;
|
|
||||||
|
|
||||||
let _ = print_tx
|
let _ = print_tx
|
||||||
.send(Printout {
|
.send(Printout {
|
||||||
verbosity: 1,
|
verbosity: 1,
|
||||||
content: format!("websocket channel {ws_channel_id} opened"),
|
content: format!(
|
||||||
});
|
"got request for path {original_path} bound by subdomain {subdomain}"
|
||||||
|
),
|
||||||
|
})
|
||||||
|
.await;
|
||||||
|
// assert that host matches what this app wants it to be
|
||||||
|
if host.is_none() {
|
||||||
|
return Err(warp::reject::not_found());
|
||||||
|
}
|
||||||
|
let host = host.as_ref().unwrap();
|
||||||
|
// parse out subdomain from host (there can only be one)
|
||||||
|
let request_subdomain = host.host().split('.').next().unwrap_or("");
|
||||||
|
if request_subdomain != subdomain {
|
||||||
|
return Err(warp::reject::not_found());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
loop {
|
if bound_path.authenticated {
|
||||||
tokio::select! {
|
let Some(auth_token) = serialized_headers.get("cookie") else {
|
||||||
read = read_stream.next() => {
|
return Err(warp::reject::not_found());
|
||||||
match read {
|
};
|
||||||
_ => {
|
let Ok(our_name) = verify_auth_token(&auth_token, &jwt_secret_bytes) else {
|
||||||
websocket_close(ws_channel_id, bound_path.app.clone(), &ws_senders, &send_to_loop).await;
|
return Err(warp::reject::not_found());
|
||||||
}
|
};
|
||||||
Some(Ok(msg)) => {
|
if our_name != *our {
|
||||||
let _ = send_to_loop.send(KernelMessage {
|
return Err(warp::reject::not_found());
|
||||||
id: rand::random(),
|
|
||||||
source: Address {
|
|
||||||
node: our.to_string(),
|
|
||||||
process: HTTP_SERVER_PROCESS_ID.clone(),
|
|
||||||
},
|
|
||||||
target: Address {
|
|
||||||
node: our.to_string(),
|
|
||||||
process: bound_path.app.clone(),
|
|
||||||
},
|
|
||||||
rsvp: None,
|
|
||||||
message: Message::Request(Request {
|
|
||||||
inherit: false,
|
|
||||||
expects_response: None,
|
|
||||||
ipc: serde_json::to_vec(&HttpServerRequest::WebSocketPush {
|
|
||||||
channel_id: ws_channel_id,
|
|
||||||
message_type: WsMessageType::Binary,
|
|
||||||
}).unwrap(),
|
|
||||||
metadata: Some("ws".into()),
|
|
||||||
}),
|
|
||||||
payload: Some(Payload {
|
|
||||||
mime: None,
|
|
||||||
bytes: msg.into_bytes(),
|
|
||||||
}),
|
|
||||||
signed_capabilities: None,
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
Some(outgoing) = ws_receiver.recv() => {
|
|
||||||
match write_stream.send(outgoing).await {
|
|
||||||
Ok(()) => continue,
|
|
||||||
Err(_) => {
|
|
||||||
websocket_close(ws_channel_id, bound_path.app.clone(), &ws_senders, &send_to_loop).await;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
});
|
|
||||||
|
|
||||||
} else {
|
let app = bound_path.app.clone();
|
||||||
|
Ok(ws_connection.on_upgrade(move |ws: WebSocket| async move {
|
||||||
return;
|
maintain_websocket(
|
||||||
|
ws,
|
||||||
}
|
our.clone(),
|
||||||
|
app,
|
||||||
|
jwt_secret_bytes.clone(),
|
||||||
|
ws_senders.clone(),
|
||||||
|
send_to_loop.clone(),
|
||||||
|
print_tx.clone(),
|
||||||
|
)
|
||||||
|
.await;
|
||||||
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn http_handler(
|
async fn http_handler(
|
||||||
@ -658,17 +591,13 @@ async fn handle_rpc_message(
|
|||||||
async fn maintain_websocket(
|
async fn maintain_websocket(
|
||||||
ws: WebSocket,
|
ws: WebSocket,
|
||||||
our: Arc<String>,
|
our: Arc<String>,
|
||||||
jwt_secret_bytes: Arc<Vec<u8>>,
|
app: ProcessId,
|
||||||
|
_jwt_secret_bytes: Arc<Vec<u8>>, // TODO use for encrypted channels
|
||||||
ws_senders: WebSocketSenders,
|
ws_senders: WebSocketSenders,
|
||||||
path_bindings: PathBindings,
|
|
||||||
send_to_loop: MessageSender,
|
send_to_loop: MessageSender,
|
||||||
print_tx: PrintSender,
|
print_tx: PrintSender,
|
||||||
) {
|
) {
|
||||||
let (mut write_stream, mut read_stream) = ws.split();
|
let (mut write_stream, mut read_stream) = ws.split();
|
||||||
|
|
||||||
// first, receive a message from client that contains the target process
|
|
||||||
// and the auth token
|
|
||||||
|
|
||||||
let _ = print_tx
|
let _ = print_tx
|
||||||
.send(Printout {
|
.send(Printout {
|
||||||
verbosity: 1,
|
verbosity: 1,
|
||||||
@ -676,72 +605,10 @@ async fn maintain_websocket(
|
|||||||
})
|
})
|
||||||
.await;
|
.await;
|
||||||
|
|
||||||
let Some(Ok(register_msg)) = read_stream.next().await else {
|
|
||||||
// stream closed, exit
|
|
||||||
let _ = print_tx
|
|
||||||
.send(Printout {
|
|
||||||
verbosity: 1,
|
|
||||||
content: format!("client failed to send registration message"),
|
|
||||||
})
|
|
||||||
.await;
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
};
|
|
||||||
|
|
||||||
let Ok(ws_register) = serde_json::from_slice::<WsRegister>(register_msg.as_bytes()) else {
|
|
||||||
// stream error, exit
|
|
||||||
let _ = print_tx
|
|
||||||
.send(Printout {
|
|
||||||
verbosity: 1,
|
|
||||||
content: format!("couldn't parse registration message from client"),
|
|
||||||
})
|
|
||||||
.await;
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
};
|
|
||||||
|
|
||||||
let Ok(owner_process) = ProcessId::from_str(&ws_register.target_process) else {
|
|
||||||
// invalid process id, exit
|
|
||||||
let _ = print_tx
|
|
||||||
.send(Printout {
|
|
||||||
verbosity: 1,
|
|
||||||
content: format!("client sent malformed process ID"),
|
|
||||||
})
|
|
||||||
.await;
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
};
|
|
||||||
|
|
||||||
let _ = print_tx
|
|
||||||
.send(Printout {
|
|
||||||
verbosity: 1,
|
|
||||||
content: format!("channel is intended for {owner_process}"),
|
|
||||||
})
|
|
||||||
.await;
|
|
||||||
|
|
||||||
let Ok(our_name) = verify_auth_token(&ws_register.auth_token, &jwt_secret_bytes) else {
|
|
||||||
// invalid auth token, exit
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
};
|
|
||||||
|
|
||||||
if our_name != *our {
|
|
||||||
// invalid auth token, exit
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
let ws_channel_id: u32 = rand::random();
|
let ws_channel_id: u32 = rand::random();
|
||||||
let (ws_sender, mut ws_receiver) = tokio::sync::mpsc::channel(100);
|
let (ws_sender, mut ws_receiver) = tokio::sync::mpsc::channel(100);
|
||||||
ws_senders.insert(ws_channel_id, (owner_process.clone(), ws_sender));
|
ws_senders.insert(ws_channel_id, (app.clone(), ws_sender));
|
||||||
|
|
||||||
// send a message to the process associated with this channel
|
|
||||||
// notifying them that the channel is now open
|
|
||||||
let _ = send_to_loop
|
let _ = send_to_loop
|
||||||
.send(KernelMessage {
|
.send(KernelMessage {
|
||||||
id: rand::random(),
|
id: rand::random(),
|
||||||
@ -750,8 +617,8 @@ async fn maintain_websocket(
|
|||||||
process: HTTP_SERVER_PROCESS_ID.clone(),
|
process: HTTP_SERVER_PROCESS_ID.clone(),
|
||||||
},
|
},
|
||||||
target: Address {
|
target: Address {
|
||||||
node: our.to_string(),
|
node: our.clone().to_string(),
|
||||||
process: owner_process.clone(),
|
process: app.clone(),
|
||||||
},
|
},
|
||||||
rsvp: None,
|
rsvp: None,
|
||||||
message: Message::Request(Request {
|
message: Message::Request(Request {
|
||||||
@ -765,47 +632,16 @@ async fn maintain_websocket(
|
|||||||
})
|
})
|
||||||
.await;
|
.await;
|
||||||
|
|
||||||
// respond to the client notifying them that the channel is now open
|
let _ = print_tx.send(Printout {
|
||||||
let Ok(()) = write_stream
|
|
||||||
.send(warp::ws::Message::text(
|
|
||||||
serde_json::to_string(&WsRegisterResponse {
|
|
||||||
channel_id: ws_channel_id,
|
|
||||||
})
|
|
||||||
.unwrap(),
|
|
||||||
))
|
|
||||||
.await
|
|
||||||
else {
|
|
||||||
// stream error, exit
|
|
||||||
let stream = write_stream.reunite(read_stream).unwrap();
|
|
||||||
let _ = stream.close().await;
|
|
||||||
return;
|
|
||||||
};
|
|
||||||
|
|
||||||
let _ = print_tx
|
|
||||||
.send(Printout {
|
|
||||||
verbosity: 1,
|
verbosity: 1,
|
||||||
content: format!("websocket channel {ws_channel_id} opened"),
|
content: format!("websocket channel {ws_channel_id} opened"),
|
||||||
})
|
});
|
||||||
.await;
|
|
||||||
|
|
||||||
loop {
|
loop {
|
||||||
tokio::select! {
|
tokio::select! {
|
||||||
read = read_stream.next() => {
|
read = read_stream.next() => {
|
||||||
match read {
|
match read {
|
||||||
None => {
|
|
||||||
// stream closed, remove and exit
|
|
||||||
websocket_close(ws_channel_id, owner_process, &ws_senders, &send_to_loop).await;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
Some(Err(_e)) => {
|
|
||||||
// stream error, remove and exit
|
|
||||||
websocket_close(ws_channel_id, owner_process, &ws_senders, &send_to_loop).await;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
Some(Ok(msg)) => {
|
Some(Ok(msg)) => {
|
||||||
// forward message to process associated with this channel
|
let _ = send_to_loop.send(KernelMessage {
|
||||||
let _ = send_to_loop
|
|
||||||
.send(KernelMessage {
|
|
||||||
id: rand::random(),
|
id: rand::random(),
|
||||||
source: Address {
|
source: Address {
|
||||||
node: our.to_string(),
|
node: our.to_string(),
|
||||||
@ -813,7 +649,7 @@ async fn maintain_websocket(
|
|||||||
},
|
},
|
||||||
target: Address {
|
target: Address {
|
||||||
node: our.to_string(),
|
node: our.to_string(),
|
||||||
process: owner_process.clone(),
|
process: app.clone(),
|
||||||
},
|
},
|
||||||
rsvp: None,
|
rsvp: None,
|
||||||
message: Message::Request(Request {
|
message: Message::Request(Request {
|
||||||
@ -830,18 +666,19 @@ async fn maintain_websocket(
|
|||||||
bytes: msg.into_bytes(),
|
bytes: msg.into_bytes(),
|
||||||
}),
|
}),
|
||||||
signed_capabilities: None,
|
signed_capabilities: None,
|
||||||
})
|
});
|
||||||
.await;
|
}
|
||||||
|
_ => {
|
||||||
|
websocket_close(ws_channel_id, app.clone(), &ws_senders, &send_to_loop).await;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Some(outgoing) = ws_receiver.recv() => {
|
Some(outgoing) = ws_receiver.recv() => {
|
||||||
// forward message to websocket
|
|
||||||
match write_stream.send(outgoing).await {
|
match write_stream.send(outgoing).await {
|
||||||
Ok(()) => continue,
|
Ok(()) => continue,
|
||||||
Err(_e) => {
|
Err(_) => {
|
||||||
// stream error, remove and exit
|
websocket_close(ws_channel_id, app.clone(), &ws_senders, &send_to_loop).await;
|
||||||
websocket_close(ws_channel_id, owner_process, &ws_senders, &send_to_loop).await;
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -962,21 +799,6 @@ async fn handle_app_message(
|
|||||||
return;
|
return;
|
||||||
};
|
};
|
||||||
match message {
|
match message {
|
||||||
HttpServerAction::BindWs {
|
|
||||||
mut path,
|
|
||||||
authenticated,
|
|
||||||
local_only,
|
|
||||||
} => {
|
|
||||||
let mut ws_path_bindings = ws_path_bindings.write().await;
|
|
||||||
ws_path_bindings.add(
|
|
||||||
&normalize_path(&path),
|
|
||||||
BoundWsPath {
|
|
||||||
app: km.source.process.clone(),
|
|
||||||
authenticated,
|
|
||||||
local_only,
|
|
||||||
}
|
|
||||||
);
|
|
||||||
}
|
|
||||||
HttpServerAction::Bind {
|
HttpServerAction::Bind {
|
||||||
mut path,
|
mut path,
|
||||||
authenticated,
|
authenticated,
|
||||||
@ -1074,7 +896,38 @@ async fn handle_app_message(
|
|||||||
}
|
}
|
||||||
send_action_response(km.id, km.source, &send_to_loop, Ok(())).await;
|
send_action_response(km.id, km.source, &send_to_loop, Ok(())).await;
|
||||||
}
|
}
|
||||||
HttpServerAction::WebSocketOpen(_) => {
|
HttpServerAction::WebSocketBind {
|
||||||
|
path,
|
||||||
|
authenticated,
|
||||||
|
encrypted,
|
||||||
|
} => {
|
||||||
|
let mut ws_path_bindings = ws_path_bindings.write().await;
|
||||||
|
ws_path_bindings.add(
|
||||||
|
&normalize_path(&path),
|
||||||
|
BoundWsPath {
|
||||||
|
app: km.source.process.clone(),
|
||||||
|
secure_subdomain: None,
|
||||||
|
authenticated,
|
||||||
|
encrypted,
|
||||||
|
},
|
||||||
|
);
|
||||||
|
}
|
||||||
|
HttpServerAction::WebSocketSecureBind { path, encrypted } => {
|
||||||
|
let process_id_hash =
|
||||||
|
format!("{:x}", Sha256::digest(km.source.process.to_string()));
|
||||||
|
let subdomain = process_id_hash.split_at(32).0.to_owned();
|
||||||
|
let mut ws_path_bindings = ws_path_bindings.write().await;
|
||||||
|
ws_path_bindings.add(
|
||||||
|
&normalize_path(&path),
|
||||||
|
BoundWsPath {
|
||||||
|
app: km.source.process.clone(),
|
||||||
|
secure_subdomain: Some(subdomain),
|
||||||
|
authenticated: true,
|
||||||
|
encrypted,
|
||||||
|
},
|
||||||
|
);
|
||||||
|
}
|
||||||
|
HttpServerAction::WebSocketOpen { .. } => {
|
||||||
// we cannot receive these, only send them to processes
|
// we cannot receive these, only send them to processes
|
||||||
send_action_response(
|
send_action_response(
|
||||||
km.id,
|
km.id,
|
||||||
|
@ -83,13 +83,6 @@ pub enum HttpClientError {
|
|||||||
/// with the shape Result<(), HttpServerActionError> serialized to JSON.
|
/// with the shape Result<(), HttpServerActionError> serialized to JSON.
|
||||||
#[derive(Debug, Serialize, Deserialize)]
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
pub enum HttpServerAction {
|
pub enum HttpServerAction {
|
||||||
// Binding an address for websockets. Doesn't need a cache since does not serve assets
|
|
||||||
// and might not need local_only.
|
|
||||||
BindWs {
|
|
||||||
path: String,
|
|
||||||
authenticated: bool,
|
|
||||||
local_only: bool,
|
|
||||||
},
|
|
||||||
/// Bind expects a payload if and only if `cache` is TRUE. The payload should
|
/// Bind expects a payload if and only if `cache` is TRUE. The payload should
|
||||||
/// be the static file to serve at this path.
|
/// be the static file to serve at this path.
|
||||||
Bind {
|
Bind {
|
||||||
@ -118,10 +111,30 @@ pub enum HttpServerAction {
|
|||||||
/// payload bytes and serve them as the response to any request to this path.
|
/// payload bytes and serve them as the response to any request to this path.
|
||||||
cache: bool,
|
cache: bool,
|
||||||
},
|
},
|
||||||
|
/// Bind a path to receive incoming WebSocket connections.
|
||||||
|
/// Doesn't need a cache since does not serve assets.
|
||||||
|
WebSocketBind {
|
||||||
|
path: String,
|
||||||
|
authenticated: bool,
|
||||||
|
encrypted: bool,
|
||||||
|
},
|
||||||
|
/// SecureBind is the same as Bind, except that it forces new connections to be made
|
||||||
|
/// from the unique subdomain of the process that bound the path. These are *always*
|
||||||
|
/// authenticated. Since the subdomain is unique, it will require the user to be
|
||||||
|
/// logged in separately to the general domain authentication.
|
||||||
|
WebSocketSecureBind {
|
||||||
|
path: String,
|
||||||
|
encrypted: bool,
|
||||||
|
},
|
||||||
/// Processes will RECEIVE this kind of request when a client connects to them.
|
/// Processes will RECEIVE this kind of request when a client connects to them.
|
||||||
/// If a process does not want this websocket open, they should issue a *request*
|
/// If a process does not want this websocket open, they should issue a *request*
|
||||||
/// containing a [`type@HttpServerAction::WebSocketClose`] message and this channel ID.
|
/// containing a [`type@HttpServerAction::WebSocketClose`] message and this channel ID.
|
||||||
WebSocketOpen(u32),
|
WebSocketOpen {
|
||||||
|
path: String,
|
||||||
|
channel_id: u32,
|
||||||
|
authenticated: bool,
|
||||||
|
encrypted: bool,
|
||||||
|
},
|
||||||
/// When sent, expects a payload containing the WebSocket message bytes to send.
|
/// When sent, expects a payload containing the WebSocket message bytes to send.
|
||||||
WebSocketPush {
|
WebSocketPush {
|
||||||
channel_id: u32,
|
channel_id: u32,
|
||||||
|
Loading…
Reference in New Issue
Block a user