Add authentication plugin capabilities to node version of websockify (v2)

[samfrances]

Duplicate of pull request #282 , but without the unwanted merge commits.

---

I have adapted the node.js version of Websockify, to take advantage of the ws library's authorization capabilities. Authorisation plugins can now be specified using the --auth-plugin and --auth-source command line arguments. --auth-plugin specifies the <module>.<member> function to use as an auth plugin. --auth-source provides additional configuration as a string, which is passed as the first argument to the plugin function. This command line interface mirrors that in the Python version of websockify.

Authorisation plugins are functions that take a source argument, and return a function that can be used as the verifyClient option to the ws.WebSocket.Server class from https://github.com/websockets/ws.

The following abridged extract from the ws module documentation at https://github.com/websockets/ws/blob/master/doc/ws.md should clarify:

new WebSocket.Server(options[, callback])

• options {Object}
  ...

  • verifyClient {Function} A function which can be used to validate incoming
    connections. See description below.

  ...

• callback {Function}

Create a new server instance. One of port, server or noServer must be
provided or an error is thrown.

If verifyClient is not set then the handshake is automatically accepted. If
it is is provided with a single argument then that is:

• info {Object}
  • origin {String} The value in the Origin header indicated by the client.
  • req {http.IncomingMessage} The client HTTP GET request.
  • secure {Boolean} true if req.connection.authorized or
    req.connection.encrypted is set.

The return value (Boolean) of the function determines whether or not to accept
the handshake.

if verifyClient is provided with two arguments then those are:

• info {Object} Same as above.
• cb {Function} A callback that must be called by the user upon inspection
  of the info fields. Arguments in this callback are:
  • result {Boolean} Whether or not to accept the handshake.
  • code {Number} When result is false this field determines the HTTP
    error status code to be sent to the client.
  • name {String} When result is false this field determines the HTTP
    reason phrase.

[kanaka]

conforing -> conforming

[samfrances]

Fixed in dc31fab

[samhed]

could you squash dc31fab into 7d6f638 ?

[kanaka]

The "token" query parameter already has a different meaning in the main python implementation which is used for selecting among multiple target hosts: https://github.com/novnc/websockify/wiki/Token-based-target-selection. The python implementation also supports basic authentication via the Authorization header. I think it would be better to have an example of basic auth as that would probably be more generally applicable. But certainly it shouldn't be using "token" for authentication.

[samfrances]

Replaced token based auth examples with origin-based examples (these being easier to test out using NoVNC than basic auth): a543c35

[kanaka]

In node it's not unusual for the module itself to have a single export (exports = myFunc). That case should probably be supported.

[samfrances]

Addressed in ff1897e

[kanaka]

What about the case (that is symmetrical to the python version) where auth_plugin is a class function and not just a plain function returning the auth function?

I think it would actually be more idiomatic JavaScript to have the auth_source bound as the first argument of an authorizer function rather than generating a new function in the auth_plugin itself. For example:

verifyClient: auth_plugin.bind(auth_plugin, auth_source)

Obviously, the structure of your example authentication function would change (one less layer of abstraction).

[samfrances]

Addressed in 5c3ac52. The auth plugin can now either be a class with a authenticate method (similar to the Python version), or a factory function which returns an object with an authenticate method.

[samfrances]

Thanks for the review points, @kanaka . I'll get onto those ASAP.

[CendioOssman]

How are the fixes going?

[samfrances]

Sorry @CendioOssman , this has been on the back burner for me. I'll get on it this weekend. Thanks for the reminder.

[samfrances]

@CendioOssman @kanaka I believe I have addressed all of the review comments now. See what you think.

[CendioOssman]

@kanaka?

[kanaka]

@samfrances I would love to be able to review this in detail, but I just haven't been able to find the time lately. @CendioOssman if you have time to do brief review and maybe test it quickly, I have no objection to merging it.

@samfrances I guess the only other question I have is if we get issues filed about this functionality are you willing to follow them up?

[samfrances]

@kanaka Certainly happy to follow up on any issues.

[CendioOssman]

I can try to review it, but right now I'm a bit swamped with other things.

[samhed]

Hi @samfrances. Thank you for working on this! Apologies for the very long response times.

I would like to get this merged. I had a look at your commits and want to ask you to clean it up a bit. It would be nice if we could avoid "correct typo from previous commit"-types of commits.

Also if you add something in one of the earlier commits only to be removed later, you should consider if that first commit was relevant in the first place.

If you can look over your commits I think we can finish this up soon.

[samhed]

This white space change is not really close to other modified code. I would prefer if you could move it to a separate commit

[samhed]

could you squash dc31fab into 7d6f638 ?

[samhed]

Could you squash the changes from this commit (22ffd2c) into the commit that originally introduced these comments please

[samhed]

Squash this commit (e5e0e5d) with 0e1824c please

[samhed]

You should rebase your changes on master to avoid commits like this one

[samfrances]

Closing, as this was from a while ago and I don't think I'll have time to do the requested changes.