--- a/jdk/src/java.httpclient/share/classes/java/net/http/WSOpeningHandshake.java Thu Dec 08 21:22:02 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,285 +0,0 @@
-/*
- * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package java.net.http;
-
-import java.io.UncheckedIOException;
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.nio.charset.StandardCharsets;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.time.Duration;
-import java.time.temporal.ChronoUnit;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.Collection;
-import java.util.List;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.TimeUnit;
-import java.util.function.Predicate;
-import java.util.stream.Collectors;
-
-import static java.lang.String.format;
-import static java.lang.System.Logger.Level.TRACE;
-import static java.net.http.WSUtils.logger;
-import static java.net.http.WSUtils.webSocketSpecViolation;
-
-final class WSOpeningHandshake {
-
- private static final String HEADER_CONNECTION = "Connection";
- private static final String HEADER_UPGRADE = "Upgrade";
- private static final String HEADER_ACCEPT = "Sec-WebSocket-Accept";
- private static final String HEADER_EXTENSIONS = "Sec-WebSocket-Extensions";
- private static final String HEADER_KEY = "Sec-WebSocket-Key";
- private static final String HEADER_PROTOCOL = "Sec-WebSocket-Protocol";
- private static final String HEADER_VERSION = "Sec-WebSocket-Version";
- private static final String VALUE_VERSION = "13"; // WebSocket's lucky number
-
- private static final SecureRandom srandom = new SecureRandom();
-
- private final MessageDigest sha1;
-
- {
- try {
- sha1 = MessageDigest.getInstance("SHA-1");
- } catch (NoSuchAlgorithmException e) {
- // Shouldn't happen:
- // SHA-1 must be available in every Java platform implementation
- throw new InternalError("Minimum platform requirements are not met", e);
- }
- }
-
- private final HttpRequest request;
- private final Collection<String> subprotocols;
- private final String nonce;
-
- WSOpeningHandshake(WSBuilder b) {
- URI httpURI = createHttpUri(b.getUri());
- HttpRequest.Builder requestBuilder = b.getClient().request(httpURI);
- Duration connectTimeout = b.getConnectTimeout();
- if (connectTimeout != null) {
- requestBuilder.timeout(
- TimeUnit.of(ChronoUnit.MILLIS),
- connectTimeout.get(ChronoUnit.MILLIS)
- );
- }
- Collection<String> s = b.getSubprotocols();
- if (!s.isEmpty()) {
- String p = s.stream().collect(Collectors.joining(", "));
- requestBuilder.header(HEADER_PROTOCOL, p);
- }
- requestBuilder.header(HEADER_VERSION, VALUE_VERSION);
- this.nonce = createNonce();
- requestBuilder.header(HEADER_KEY, this.nonce);
- this.request = requestBuilder.GET();
- HttpRequestImpl r = (HttpRequestImpl) this.request;
- r.isWebSocket(true);
- r.setSystemHeader(HEADER_UPGRADE, "websocket");
- r.setSystemHeader(HEADER_CONNECTION, "Upgrade");
- this.subprotocols = s;
- }
-
- private URI createHttpUri(URI webSocketUri) {
- // FIXME: check permission for WebSocket URI and translate it into http/https permission
- logger.log(TRACE, "->createHttpUri(''{0}'')", webSocketUri);
- String httpScheme = webSocketUri.getScheme().equalsIgnoreCase("ws")
- ? "http"
- : "https";
- try {
- URI uri = new URI(httpScheme,
- webSocketUri.getUserInfo(),
- webSocketUri.getHost(),
- webSocketUri.getPort(),
- webSocketUri.getPath(),
- webSocketUri.getQuery(),
- null);
- logger.log(TRACE, "<-createHttpUri: ''{0}''", uri);
- return uri;
- } catch (URISyntaxException e) {
- // Shouldn't happen: URI invariant
- throw new InternalError("Error translating WebSocket URI to HTTP URI", e);
- }
- }
-
- CompletableFuture<Result> performAsync() {
- // The whole dancing with thenCompose instead of thenApply is because
- // WebSocketHandshakeException is a checked exception
- return request.responseAsync()
- .thenCompose(response -> {
- try {
- Result result = handleResponse(response);
- return CompletableFuture.completedFuture(result);
- } catch (WebSocketHandshakeException e) {
- return CompletableFuture.failedFuture(e);
- } catch (UncheckedIOException ee) {
- return CompletableFuture.failedFuture(ee.getCause());
- }
- });
- }
-
- private Result handleResponse(HttpResponse response) throws WebSocketHandshakeException {
- // By this point all redirects, authentications, etc. (if any) must have
- // been done by the httpClient used by the WebSocket; so only 101 is
- // expected
- int statusCode = response.statusCode();
- if (statusCode != 101) {
- String m = webSocketSpecViolation("1.3.",
- "Unable to complete handshake; HTTP response status code "
- + statusCode
- );
- throw new WebSocketHandshakeException(m, response);
- }
- HttpHeaders h = response.headers();
- checkHeader(h, response, HEADER_UPGRADE, v -> v.equalsIgnoreCase("websocket"));
- checkHeader(h, response, HEADER_CONNECTION, v -> v.equalsIgnoreCase("Upgrade"));
- checkVersion(response, h);
- checkAccept(response, h);
- checkExtensions(response, h);
- String subprotocol = checkAndReturnSubprotocol(response, h);
- RawChannel channel = null;
- try {
- channel = ((HttpResponseImpl) response).rawChannel();
- } catch (IOException e) {
- throw new UncheckedIOException(e);
- }
- return new Result(subprotocol, channel);
- }
-
- private void checkExtensions(HttpResponse response, HttpHeaders headers)
- throws WebSocketHandshakeException {
- List<String> ext = headers.allValues(HEADER_EXTENSIONS);
- if (!ext.isEmpty()) {
- String m = webSocketSpecViolation("4.1.",
- "Server responded with extension(s) though none were requested "
- + Arrays.toString(ext.toArray())
- );
- throw new WebSocketHandshakeException(m, response);
- }
- }
-
- private String checkAndReturnSubprotocol(HttpResponse response, HttpHeaders headers)
- throws WebSocketHandshakeException {
- assert response.statusCode() == 101 : response.statusCode();
- List<String> sp = headers.allValues(HEADER_PROTOCOL);
- int size = sp.size();
- if (size == 0) {
- // In this case the subprotocol requested (if any) by the client
- // doesn't matter. If there is no such header in the response, then
- // the server doesn't want to use any subprotocol
- return null;
- } else if (size > 1) {
- // We don't know anything about toString implementation of this
- // list, so let's create an array
- String m = webSocketSpecViolation("4.1.",
- "Server responded with multiple subprotocols: "
- + Arrays.toString(sp.toArray())
- );
- throw new WebSocketHandshakeException(m, response);
- } else {
- String selectedSubprotocol = sp.get(0);
- if (this.subprotocols.contains(selectedSubprotocol)) {
- return selectedSubprotocol;
- } else {
- String m = webSocketSpecViolation("4.1.",
- format("Server responded with a subprotocol " +
- "not among those requested: '%s'",
- selectedSubprotocol));
- throw new WebSocketHandshakeException(m, response);
- }
- }
- }
-
- private void checkAccept(HttpResponse response, HttpHeaders headers)
- throws WebSocketHandshakeException {
- assert response.statusCode() == 101 : response.statusCode();
- String x = nonce + "258EAFA5-E914-47DA-95CA-C5AB0DC85B11";
- sha1.update(x.getBytes(StandardCharsets.ISO_8859_1));
- String expected = Base64.getEncoder().encodeToString(sha1.digest());
- checkHeader(headers, response, HEADER_ACCEPT, actual -> actual.trim().equals(expected));
- }
-
- private void checkVersion(HttpResponse response, HttpHeaders headers)
- throws WebSocketHandshakeException {
- assert response.statusCode() == 101 : response.statusCode();
- List<String> versions = headers.allValues(HEADER_VERSION);
- if (versions.isEmpty()) { // That's normal and expected
- return;
- }
- String m = webSocketSpecViolation("4.4.",
- "Server responded with version(s) "
- + Arrays.toString(versions.toArray()));
- throw new WebSocketHandshakeException(m, response);
- }
-
- //
- // Checks whether there's only one value for the header with the given name
- // and the value satisfies the predicate.
- //
- private static void checkHeader(HttpHeaders headers,
- HttpResponse response,
- String headerName,
- Predicate<? super String> valuePredicate)
- throws WebSocketHandshakeException {
- assert response.statusCode() == 101 : response.statusCode();
- List<String> values = headers.allValues(headerName);
- if (values.isEmpty()) {
- String m = webSocketSpecViolation("4.1.",
- format("Server response field '%s' is missing", headerName)
- );
- throw new WebSocketHandshakeException(m, response);
- } else if (values.size() > 1) {
- String m = webSocketSpecViolation("4.1.",
- format("Server response field '%s' has multiple values", headerName)
- );
- throw new WebSocketHandshakeException(m, response);
- }
- if (!valuePredicate.test(values.get(0))) {
- String m = webSocketSpecViolation("4.1.",
- format("Server response field '%s' is incorrect", headerName)
- );
- throw new WebSocketHandshakeException(m, response);
- }
- }
-
- private static String createNonce() {
- byte[] bytes = new byte[16];
- srandom.nextBytes(bytes);
- return Base64.getEncoder().encodeToString(bytes);
- }
-
- static final class Result {
-
- final String subprotocol;
- final RawChannel channel;
-
- private Result(String subprotocol, RawChannel channel) {
- this.subprotocol = subprotocol;
- this.channel = channel;
- }
- }
-}