Skip to content

Commit

Permalink
Created prod version
Browse files Browse the repository at this point in the history
  • Loading branch information
Konstantin Burkalev authored and Konstantin Burkalev committed May 10, 2018
1 parent 514e418 commit 663ebe8
Show file tree
Hide file tree
Showing 4 changed files with 149 additions and 4 deletions.
38 changes: 38 additions & 0 deletions lib/config.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,25 @@ local wiolaConf = {
challengeCallback = nil,
authCallback = nil
},
trustLevels = {
authType = "none", -- none | static | dynamic
defaultTrustLevel = nil,
staticCredentials = {
byAuthid = {
--{ authid = "user1", trustlevel = 1 },
--{ authid = "admin1", trustlevel = 5 }
},
byAuthRole = {
--{ authrole = "user-role", trustlevel = 2 },
--{ authrole = "admin-role", trustlevel = 4 }
},
byClientIp = {
--{ clientip = "127.0.0.1", trustlevel = 10 }
}
},
authCallback = nil -- function that accepts (client ip address, realm,
-- authid, authrole) and returns trust level
},
metaAPI = {
session = false,
subscription = false,
Expand Down Expand Up @@ -123,6 +142,25 @@ function _M.config(config)
end
end

if config.trustLevels then

if config.trustLevels.authType ~= nil then
wiolaConf.trustLevels.authType = config.trustLevels.authType
end

if config.trustLevels.defaultTrustLevel ~= nil then
wiolaConf.trustLevels.defaultTrustLevel = config.trustLevels.defaultTrustLevel
end

if config.trustLevels.staticCredentials ~= nil then
wiolaConf.trustLevels.staticCredentials = config.trustLevels.staticCredentials
end

if config.trustLevels.authCallback ~= nil then
wiolaConf.trustLevels.authCallback = config.trustLevels.authCallback
end
end

if config.metaAPI then

if config.metaAPI.session ~= nil then
Expand Down
2 changes: 1 addition & 1 deletion lib/headers.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
-- Date: 16.03.14
--

ngx.header["Server"] = "wiola/Lua v0.6.0"
ngx.header["Server"] = "wiola/Lua v0.9.0"

local has = function(tab, val)
for _, value in ipairs (tab) do
Expand Down
17 changes: 17 additions & 0 deletions lib/redis.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

local _M = {}

local json = require('wiola.serializers.json_serializer')
local redis
local config

Expand Down Expand Up @@ -195,6 +196,14 @@ function _M:getSession(regId)
local session = redis:array_to_hash(sessArr)
session.isWampEstablished = tonumber(session.isWampEstablished)
session.sessId = tonumber(session.sessId)
if session.wampFeatures then
session.wampFeatures = json.decode(session.wampFeatures)

end
if session.authInfo then
session.authInfo = json.decode(session.authInfo)
end

return session
else
return nil
Expand All @@ -210,6 +219,10 @@ end
function _M:changeSession(regId, session)
session.isWampEstablished = formatNumber(session.isWampEstablished)
session.sessId = formatNumber(session.sessId)
session.wampFeatures = json.encode(session.wampFeatures)
if session.authInfo then
session.authInfo = json.encode(session.authInfo)
end
redis:hmset("wiSes" .. formatNumber(regId), session)
end

Expand Down Expand Up @@ -524,6 +537,10 @@ function _M:getEventRecipients(realm, uri, regId, options)
details.publisher = regId
end

if options.trustlevel ~= nil then
details.trustlevel = options.trustlevel
end

if type(exactSubsId) == "number" and exactSubsId > 0 then

-- we need to find sessions with exact subscription
Expand Down
96 changes: 93 additions & 3 deletions lib/wiola.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@


local _M = {
_VERSION = '0.8.0',
_VERSION = '0.9.0',
}

_M.__index = _M
Expand All @@ -30,6 +30,8 @@ local wamp_features = {
-- meta api are exposing if they are configured (see below)
--session_meta_api = true,
--subscription_meta_api = true
-- trust level feature is exposing if it is configured (see below)
-- publication_trustlevels = true
}
},
dealer = {
Expand All @@ -42,6 +44,8 @@ local wamp_features = {
-- meta api are exposing if they are configured (see below)
--session_meta_api = true,
--registration_meta_api = true
-- trust level feature is exposing if it is configured (see below)
-- call_trustlevels = true
}
}
}
Expand All @@ -66,6 +70,12 @@ if config.metaAPI.registration == true then
wamp_features.roles.dealer.features.registration_meta_api = true
end

-- Add trustLevels features announcements if they are configured
if config.trustLevels.authType ~= "none" then
wamp_features.roles.broker.features.publication_trustlevels = true
wamp_features.roles.dealer.features.call_trustlevels = true
end

local WAMP_MSG_SPEC = {
HELLO = 1,
WELCOME = 2,
Expand Down Expand Up @@ -457,6 +467,71 @@ function _M:_callMetaRPC(part, rpcUri, session, requestId, rpcArgsL, rpcArgsKw)
self:_putData(session, data)
end

---
--- Assing trust level for request
---
--- @param session table WAMP session issuing request data
---
--- @return number Assigned trust level for request
---
function _M:_assignTrustLevel(session)
local trustlevel, wasFound
local clientIp = ngx.var.remote_addr

if config.trustLevels.authType == "static" then

if session.authInfo and session.authInfo.authid then
for _, value in ipairs(config.trustLevels.staticCredentials.byAuthid) do
if session.authInfo.authid == value.authid then
trustlevel = value.trustlevel
wasFound = true
end
end

if wasFound then
return trustlevel
end
end

if session.authInfo and session.authInfo.authrole then
for _, value in ipairs(config.trustLevels.staticCredentials.byAuthRole) do
if session.authInfo.authrole == value.authrole then
trustlevel = value.trustlevel
wasFound = true
end
end

if wasFound then
return trustlevel
end
end
for _, value in ipairs(config.trustLevels.staticCredentials.byClientIp) do
if clientIp == value.clientip then
trustlevel = value.trustlevel
wasFound = true
end
end

if wasFound then
return trustlevel
end
else
-- config.trustLevels.authType == "dynamic"

local authid, authrole
if session.authInfo and session.authInfo.authid then
authid = session.authInfo.authid
end
if session.authInfo and session.authInfo.authrole then
authrole = session.authInfo.authrole
end

return config.trustLevels.authCallback(clientIp, session.realm, authid, authrole)
end

return config.trustLevels.defaultTrustLevel
end

---
--- Receive data from client
---
Expand Down Expand Up @@ -564,7 +639,7 @@ function _M:receiveData(regId, data)

session.isWampEstablished = 1
session.realm = realm
session.wampFeatures = serializers.json.encode(dataObj[3])
session.wampFeatures = dataObj[3]
store:changeSession(regId, session)
store:addSessionToRealm(regId, realm)

Expand Down Expand Up @@ -730,7 +805,15 @@ function _M:receiveData(regId, data)
if session.isWampEstablished == 1 then
if self:_validateURI(dataObj[4], false, false) then
local pubId = store:getRegId()
local recipients = store:getEventRecipients(session.realm, dataObj[4], regId, dataObj[3])

local options = dataObj[3]
if config.trustLevels.authType ~= "none" then
local trustlevel = self:_assignTrustLevel(session)
if trustlevel ~= nil then
options.trustlevel = trustlevel
end
end
local recipients = store:getEventRecipients(session.realm, dataObj[4], regId, options)

for _, v in ipairs(recipients) do
self:_publishEvent(v.sessions, v.subId, pubId, v.details, dataObj[5], dataObj[6])
Expand Down Expand Up @@ -870,6 +953,13 @@ function _M:receiveData(regId, data)
details.procedure = rpcInfo.options.procedure
end

if config.trustLevels.authType ~= "none" then
local trustlevel = self:_assignTrustLevel(session)
if trustlevel ~= nil then
details.trustlevel = trustlevel
end
end

if dataObj[3].timeout ~= nil and
dataObj[3].timeout > 0 and
calleeSess.wampFeatures.callee.features.call_timeout == true and
Expand Down

0 comments on commit 663ebe8

Please sign in to comment.