1 /*
2 * Copyright 2019 The Netty Project
3 *
4 * The Netty Project licenses this file to you under the Apache License,
5 * version 2.0 (the "License"); you may not use this file except in compliance
6 * with the License. You may obtain a copy of the License at:
7 *
8 * https://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 * License for the specific language governing permissions and limitations
14 * under the License.
15 */
16 package io.netty.handler.codec.http.websocketx;
17
18 import io.netty.handler.codec.http.DefaultFullHttpResponse;
19 import io.netty.handler.codec.http.FullHttpRequest;
20 import io.netty.handler.codec.http.FullHttpResponse;
21 import io.netty.handler.codec.http.HttpHeaderNames;
22 import io.netty.handler.codec.http.HttpHeaderValues;
23 import io.netty.handler.codec.http.HttpHeaders;
24 import io.netty.handler.codec.http.HttpMethod;
25 import io.netty.handler.codec.http.HttpResponseStatus;
26 import io.netty.util.CharsetUtil;
27
28 import static io.netty.handler.codec.http.HttpMethod.GET;
29 import static io.netty.handler.codec.http.HttpVersion.*;
30
31 /**
32 * <p>
33 * Performs server side opening and closing handshakes for <a href="https://netty.io/s/rfc6455">RFC 6455</a>
34 * (originally web socket specification <a href="https://netty.io/s/ws-17">draft-ietf-hybi-thewebsocketprotocol-17</a>).
35 * </p>
36 */
37 public class WebSocketServerHandshaker13 extends WebSocketServerHandshaker {
38
39 public static final String WEBSOCKET_13_ACCEPT_GUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
40
41 /**
42 * Constructor specifying the destination web socket location
43 *
44 * @param webSocketURL
45 * URL for web socket communications. e.g "ws://myhost.com/mypath". Subsequent web
46 * socket frames will be sent to this URL.
47 * @param subprotocols
48 * CSV of supported protocols
49 * @param allowExtensions
50 * Allow extensions to be used in the reserved bits of the web socket frame
51 * @param maxFramePayloadLength
52 * Maximum allowable frame payload length. Setting this value to your application's
53 * requirement may reduce denial of service attacks using long data frames.
54 */
55 public WebSocketServerHandshaker13(
56 String webSocketURL, String subprotocols, boolean allowExtensions, int maxFramePayloadLength) {
57 this(webSocketURL, subprotocols, allowExtensions, maxFramePayloadLength, false);
58 }
59
60 /**
61 * Constructor specifying the destination web socket location
62 *
63 * @param webSocketURL
64 * URL for web socket communications. e.g "ws://myhost.com/mypath". Subsequent web
65 * socket frames will be sent to this URL.
66 * @param subprotocols
67 * CSV of supported protocols
68 * @param allowExtensions
69 * Allow extensions to be used in the reserved bits of the web socket frame
70 * @param maxFramePayloadLength
71 * Maximum allowable frame payload length. Setting this value to your application's
72 * requirement may reduce denial of service attacks using long data frames.
73 * @param allowMaskMismatch
74 * When set to true, frames which are not masked properly according to the standard will still be
75 * accepted.
76 */
77 public WebSocketServerHandshaker13(
78 String webSocketURL, String subprotocols, boolean allowExtensions, int maxFramePayloadLength,
79 boolean allowMaskMismatch) {
80 this(webSocketURL, subprotocols, WebSocketDecoderConfig.newBuilder()
81 .allowExtensions(allowExtensions)
82 .maxFramePayloadLength(maxFramePayloadLength)
83 .allowMaskMismatch(allowMaskMismatch)
84 .build());
85 }
86
87 /**
88 * Constructor specifying the destination web socket location
89 *
90 * @param webSocketURL
91 * URL for web socket communications. e.g "ws://myhost.com/mypath". Subsequent web
92 * socket frames will be sent to this URL.
93 * @param subprotocols
94 * CSV of supported protocols
95 * @param decoderConfig
96 * Frames decoder configuration.
97 */
98 public WebSocketServerHandshaker13(
99 String webSocketURL, String subprotocols, WebSocketDecoderConfig decoderConfig) {
100 super(WebSocketVersion.V13, webSocketURL, subprotocols, decoderConfig);
101 }
102
103 /**
104 * <p>
105 * Handle the web socket handshake for the web socket specification <a href=
106 * "https://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17">HyBi versions 13-17</a>. Versions 13-17
107 * share the same wire protocol.
108 * </p>
109 *
110 * <p>
111 * Browser request to the server:
112 * </p>
113 *
114 * <pre>
115 * GET /chat HTTP/1.1
116 * Host: server.example.com
117 * Upgrade: websocket
118 * Connection: Upgrade
119 * Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
120 * Origin: http://example.com
121 * Sec-WebSocket-Protocol: chat, superchat
122 * Sec-WebSocket-Version: 13
123 * </pre>
124 *
125 * <p>
126 * Server response:
127 * </p>
128 *
129 * <pre>
130 * HTTP/1.1 101 Switching Protocols
131 * Upgrade: websocket
132 * Connection: Upgrade
133 * Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
134 * Sec-WebSocket-Protocol: chat
135 * </pre>
136 */
137 @Override
138 protected FullHttpResponse newHandshakeResponse(FullHttpRequest req, HttpHeaders headers) {
139 HttpMethod method = req.method();
140 if (!GET.equals(method)) {
141 throw new WebSocketServerHandshakeException("Invalid WebSocket handshake method: " + method, req);
142 }
143
144 HttpHeaders reqHeaders = req.headers();
145 if (!reqHeaders.contains(HttpHeaderNames.CONNECTION) ||
146 !reqHeaders.containsValue(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE, true)) {
147 throw new WebSocketServerHandshakeException(
148 "not a WebSocket request: a |Connection| header must includes a token 'Upgrade'", req);
149 }
150
151 if (!reqHeaders.contains(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET, true)) {
152 throw new WebSocketServerHandshakeException(
153 "not a WebSocket request: a |Upgrade| header must containing the value 'websocket'", req);
154 }
155
156 CharSequence key = reqHeaders.get(HttpHeaderNames.SEC_WEBSOCKET_KEY);
157 if (key == null) {
158 throw new WebSocketServerHandshakeException("not a WebSocket request: missing key", req);
159 }
160
161 FullHttpResponse res = new DefaultFullHttpResponse(HTTP_1_1, HttpResponseStatus.SWITCHING_PROTOCOLS,
162 req.content().alloc().buffer(0));
163 if (headers != null) {
164 res.headers().add(headers);
165 }
166
167 String acceptSeed = key + WEBSOCKET_13_ACCEPT_GUID;
168 byte[] sha1 = WebSocketUtil.sha1(acceptSeed.getBytes(CharsetUtil.US_ASCII));
169 String accept = WebSocketUtil.base64(sha1);
170
171 if (logger.isDebugEnabled()) {
172 logger.debug("WebSocket version 13 server handshake key: {}, response: {}", key, accept);
173 }
174
175 res.headers().set(HttpHeaderNames.UPGRADE, HttpHeaderValues.WEBSOCKET)
176 .set(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
177 .set(HttpHeaderNames.SEC_WEBSOCKET_ACCEPT, accept);
178
179 String subprotocols = reqHeaders.get(HttpHeaderNames.SEC_WEBSOCKET_PROTOCOL);
180 if (subprotocols != null) {
181 String selectedSubprotocol = selectSubprotocol(subprotocols);
182 if (selectedSubprotocol == null) {
183 if (logger.isDebugEnabled()) {
184 logger.debug("Requested subprotocol(s) not supported: {}", subprotocols);
185 }
186 } else {
187 res.headers().set(HttpHeaderNames.SEC_WEBSOCKET_PROTOCOL, selectedSubprotocol);
188 }
189 }
190 return res;
191 }
192
193 @Override
194 protected WebSocketFrameDecoder newWebsocketDecoder() {
195 return new WebSocket13FrameDecoder(decoderConfig());
196 }
197
198 @Override
199 protected WebSocketFrameEncoder newWebSocketEncoder() {
200 return new WebSocket13FrameEncoder(false);
201 }
202 }
以上源码来自: 即时通讯网 - 即时通讯开发者社区!