Authentication Metadata Extension support #731
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OlegDokuka
force-pushed
the
feature/auth-metadata
branch
2 times, most recently
from
1979b63 to
8e6b560
Compare
Signed-off-by: Oleh Dokuka <[email protected]>
right now it supports encoding only Signed-off-by: Oleh Dokuka <[email protected]>
Signed-off-by: Oleh Dokuka <[email protected]>
OlegDokuka
force-pushed
the
feature/auth-metadata
branch
from
8e6b560 to
df5bb22
Compare
Signed-off-by: Oleh Dokuka <[email protected]>
yschimke
reviewed
Dec 29, 2019
yschimke
reviewed
Dec 29, 2019
| /** | ||
| * Encode a Authentication CompositeMetadata payload using custom authentication type | ||
| * | ||
| * @throws IllegalArgumentException if customAuthType is non US_ASCII string if customAuthType is |
There was a problem hiding this comment.
nit, the sentence is awkward with ifs.
yschimke
reviewed
Dec 29, 2019
| metadata.release(); | ||
| throw new IllegalArgumentException("custom auth type must be US_ASCII characters only"); | ||
| } | ||
| if (actualASCIILength < 1 || actualASCIILength > 128) { |
There was a problem hiding this comment.
should this be 127?
n.m. see code below.
yschimke
reviewed
Dec 29, 2019
|
|
||
| int capacity = 1 + actualASCIILength; | ||
| ByteBuf headerBuffer = allocator.buffer(capacity, capacity); | ||
| // encoded length is one less than actual length, since 0 is never a valid length, which gives |
There was a problem hiding this comment.
Is this worthwhile doing? Complexity+Debuggability vs one extra value?
There was a problem hiding this comment.
Kind of pattern used in composite metadata impl. Since spec mentions that max length is 128 then it is the only way to make it. If we are not going to encode it in such a way it will not be possible to distinguish size from encoded wellknownauth type. (0-127 for auth types masked with 0x80 1000 0000 which means that value overflows) so if one is going to use 128 length for encoded custom auth type then it will be identified as -1&0x7F == 0 well-known mime type
yschimke
reviewed
Dec 29, 2019
rsocket-core/src/main/java/io/rsocket/metadata/security/AuthMetadataFlyweight.java
Outdated
Show resolved
Hide resolved
yschimke
reviewed
Dec 29, 2019
| ByteBufAllocator allocator, char[] username, char[] password) { | ||
|
|
||
| int usernameLength = CharByteBufUtil.utf8Bytes(username); | ||
| if (usernameLength > 256) { |
There was a problem hiding this comment.
Isn't 256 an overflow in the writeByte below?
yschimke
reviewed
Dec 29, 2019
| TYPES_BY_AUTH_ID = new WellKnownAuthType[128]; // 0-127 inclusive | ||
| Arrays.fill(TYPES_BY_AUTH_ID, UNKNOWN_RESERVED_AUTH_TYPE); | ||
| // also prepare a Map of the types by auth string | ||
| TYPES_BY_AUTH_STRING = new HashMap<>(128); |
There was a problem hiding this comment.
TIOLI: favour LinkedHashMap for predictability and debuggability.
Signed-off-by: Oleh Dokuka <[email protected]>
Signed-off-by: Oleh Dokuka <[email protected]>
Signed-off-by: Oleh Dokuka <[email protected]>
Signed-off-by: Oleh Dokuka <[email protected]>
OlegDokuka
added a commit
that referenced
this pull request
Mar 2, 2020
* fixes tuples bytebufs Signed-off-by: Oleh Dokuka <[email protected]> * provides first draft implementation of AuthMetadataFlyweight right now it supports encoding only Signed-off-by: Oleh Dokuka <[email protected]> * provides full implementation of AuthMetadataFlyweight Signed-off-by: Oleh Dokuka <[email protected]> * provides draft of AuthMetadata Signed-off-by: Oleh Dokuka <[email protected]> * fixes allowed username max length Signed-off-by: Oleh Dokuka <[email protected]> * removes eager release Signed-off-by: Oleh Dokuka <[email protected]> * fixes formating Signed-off-by: Oleh Dokuka <[email protected]> * provides minor fixes Signed-off-by: Oleh Dokuka <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR provides the implementation of the Authentication CompositeMetadata. For more information see - > https://github.com/rsocket/rsocket/blob/master/Extensions/Security/Authentication.md