Authentication Metadata Extension support #731
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OlegDokuka
force-pushed
the
feature/auth-metadata
branch
2 times, most recently
from
1979b63 to
8e6b560
Compare
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
right now it supports encoding only Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
OlegDokuka
force-pushed
the
feature/auth-metadata
branch
from
8e6b560 to
df5bb22
Compare
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
yschimke
reviewed
Dec 29, 2019
yschimke
reviewed
Dec 29, 2019
| /** | ||
| * Encode a Authentication CompositeMetadata payload using custom authentication type | ||
| * | ||
| * @throws IllegalArgumentException if customAuthType is non US_ASCII string if customAuthType is |
Member
There was a problem hiding this comment.
nit, the sentence is awkward with ifs.
yschimke
reviewed
Dec 29, 2019
| metadata.release(); | ||
| throw new IllegalArgumentException("custom auth type must be US_ASCII characters only"); | ||
| } | ||
| if (actualASCIILength < 1 || actualASCIILength > 128) { |
Member
There was a problem hiding this comment.
should this be 127?
n.m. see code below.
yschimke
reviewed
Dec 29, 2019
|
|
||
| int capacity = 1 + actualASCIILength; | ||
| ByteBuf headerBuffer = allocator.buffer(capacity, capacity); | ||
| // encoded length is one less than actual length, since 0 is never a valid length, which gives |
Member
There was a problem hiding this comment.
Is this worthwhile doing? Complexity+Debuggability vs one extra value?
Member
Author
There was a problem hiding this comment.
Kind of pattern used in composite metadata impl. Since spec mentions that max length is 128 then it is the only way to make it. If we are not going to encode it in such a way it will not be possible to distinguish size from encoded wellknownauth type. (0-127 for auth types masked with 0x80 1000 0000 which means that value overflows) so if one is going to use 128 length for encoded custom auth type then it will be identified as -1&0x7F == 0 well-known mime type
yschimke
reviewed
Dec 29, 2019
rsocket-core/src/main/java/io/rsocket/metadata/security/AuthMetadataFlyweight.java
Outdated
Show resolved
Hide resolved
yschimke
reviewed
Dec 29, 2019
| ByteBufAllocator allocator, char[] username, char[] password) { | ||
|
|
||
| int usernameLength = CharByteBufUtil.utf8Bytes(username); | ||
| if (usernameLength > 256) { |
Member
There was a problem hiding this comment.
Isn't 256 an overflow in the writeByte below?
yschimke
reviewed
Dec 29, 2019
| TYPES_BY_AUTH_ID = new WellKnownAuthType[128]; // 0-127 inclusive | ||
| Arrays.fill(TYPES_BY_AUTH_ID, UNKNOWN_RESERVED_AUTH_TYPE); | ||
| // also prepare a Map of the types by auth string | ||
| TYPES_BY_AUTH_STRING = new HashMap<>(128); |
Member
There was a problem hiding this comment.
TIOLI: favour LinkedHashMap for predictability and debuggability.
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
OlegDokuka
added a commit
that referenced
this pull request
Mar 2, 2020
* fixes tuples bytebufs Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * provides first draft implementation of AuthMetadataFlyweight right now it supports encoding only Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * provides full implementation of AuthMetadataFlyweight Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * provides draft of AuthMetadata Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * fixes allowed username max length Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * removes eager release Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * fixes formating Signed-off-by: Oleh Dokuka <shadowgun@i.ua> * provides minor fixes Signed-off-by: Oleh Dokuka <shadowgun@i.ua>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR provides the implementation of the Authentication CompositeMetadata. For more information see - > https://github.com/rsocket/rsocket/blob/master/Extensions/Security/Authentication.md