View Javadoc
1   /*
2    * Copyright 2012 The Netty Project
3    *
4    * The Netty Project licenses this file to you under the Apache License,
5    * version 2.0 (the "License"); you may not use this file except in compliance
6    * with the License. You may obtain a copy of the License at:
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12   * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13   * License for the specific language governing permissions and limitations
14   * under the License.
15   */
16  package io.netty.handler.codec.http.websocketx;
17  
18  import io.netty.buffer.ByteBuf;
19  import io.netty.buffer.Unpooled;
20  import io.netty.handler.codec.AsciiString;
21  import io.netty.handler.codec.http.DefaultFullHttpRequest;
22  import io.netty.handler.codec.http.FullHttpRequest;
23  import io.netty.handler.codec.http.FullHttpResponse;
24  import io.netty.handler.codec.http.HttpHeaderNames;
25  import io.netty.handler.codec.http.HttpHeaderValues;
26  import io.netty.handler.codec.http.HttpHeaders;
27  import io.netty.handler.codec.http.HttpMethod;
28  import io.netty.handler.codec.http.HttpResponseStatus;
29  import io.netty.handler.codec.http.HttpVersion;
30  
31  import java.net.URI;
32  import java.nio.ByteBuffer;
33  
34  /**
35   * <p>
36   * Performs client side opening and closing handshakes for web socket specification version <a
37   * href="http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-00" >draft-ietf-hybi-thewebsocketprotocol-
38   * 00</a>
39   * </p>
40   * <p>
41   * A very large portion of this code was taken from the Netty 3.2 HTTP example.
42   * </p>
43   */
44  public class WebSocketClientHandshaker00 extends WebSocketClientHandshaker {
45  
46      private static final AsciiString WEBSOCKET = new AsciiString("WebSocket");
47  
48      private ByteBuf expectedChallengeResponseBytes;
49  
50      /**
51       * Constructor specifying the destination web socket location and version to initiate
52       *
53       * @param webSocketURL
54       *            URL for web socket communications. e.g "ws://myhost.com/mypath". Subsequent web socket frames will be
55       *            sent to this URL.
56       * @param version
57       *            Version of web socket specification to use to connect to the server
58       * @param subprotocol
59       *            Sub protocol request sent to the server.
60       * @param customHeaders
61       *            Map of custom headers to add to the client request
62       * @param maxFramePayloadLength
63       *            Maximum length of a frame's payload
64       */
65      public WebSocketClientHandshaker00(URI webSocketURL, WebSocketVersion version, String subprotocol,
66              HttpHeaders customHeaders, int maxFramePayloadLength) {
67          super(webSocketURL, version, subprotocol, customHeaders, maxFramePayloadLength);
68      }
69  
70      /**
71       * <p>
72       * Sends the opening request to the server:
73       * </p>
74       *
75       * <pre>
76       * GET /demo HTTP/1.1
77       * Upgrade: WebSocket
78       * Connection: Upgrade
79       * Host: example.com
80       * Origin: http://example.com
81       * Sec-WebSocket-Key1: 4 @1  46546xW%0l 1 5
82       * Sec-WebSocket-Key2: 12998 5 Y3 1  .P00
83       *
84       * ^n:ds[4U
85       * </pre>
86       *
87       */
88      @Override
89      protected FullHttpRequest newHandshakeRequest() {
90          // Make keys
91          int spaces1 = WebSocketUtil.randomNumber(1, 12);
92          int spaces2 = WebSocketUtil.randomNumber(1, 12);
93  
94          int max1 = Integer.MAX_VALUE / spaces1;
95          int max2 = Integer.MAX_VALUE / spaces2;
96  
97          int number1 = WebSocketUtil.randomNumber(0, max1);
98          int number2 = WebSocketUtil.randomNumber(0, max2);
99  
100         int product1 = number1 * spaces1;
101         int product2 = number2 * spaces2;
102 
103         String key1 = Integer.toString(product1);
104         String key2 = Integer.toString(product2);
105 
106         key1 = insertRandomCharacters(key1);
107         key2 = insertRandomCharacters(key2);
108 
109         key1 = insertSpaces(key1, spaces1);
110         key2 = insertSpaces(key2, spaces2);
111 
112         byte[] key3 = WebSocketUtil.randomBytes(8);
113 
114         ByteBuffer buffer = ByteBuffer.allocate(4);
115         buffer.putInt(number1);
116         byte[] number1Array = buffer.array();
117         buffer = ByteBuffer.allocate(4);
118         buffer.putInt(number2);
119         byte[] number2Array = buffer.array();
120 
121         byte[] challenge = new byte[16];
122         System.arraycopy(number1Array, 0, challenge, 0, 4);
123         System.arraycopy(number2Array, 0, challenge, 4, 4);
124         System.arraycopy(key3, 0, challenge, 8, 8);
125         expectedChallengeResponseBytes = Unpooled.wrappedBuffer(WebSocketUtil.md5(challenge));
126 
127         // Get path
128         URI wsURL = uri();
129         String path = wsURL.getPath();
130         if (wsURL.getQuery() != null && !wsURL.getQuery().isEmpty()) {
131             path = wsURL.getPath() + '?' + wsURL.getQuery();
132         }
133 
134         if (path == null || path.isEmpty()) {
135             path = "/";
136         }
137 
138         // Format request
139         FullHttpRequest request = new DefaultFullHttpRequest(HttpVersion.HTTP_1_1, HttpMethod.GET, path);
140         HttpHeaders headers = request.headers();
141         headers.add(HttpHeaderNames.UPGRADE, WEBSOCKET)
142                .add(HttpHeaderNames.CONNECTION, HttpHeaderValues.UPGRADE)
143                .add(HttpHeaderNames.HOST, wsURL.getHost());
144 
145         int wsPort = wsURL.getPort();
146         String originValue = "http://" + wsURL.getHost();
147         if (wsPort != 80 && wsPort != 443) {
148             // if the port is not standard (80/443) its needed to add the port to the header.
149             // See http://tools.ietf.org/html/rfc6454#section-6.2
150             originValue = originValue + ':' + wsPort;
151         }
152 
153         headers.add(HttpHeaderNames.ORIGIN, originValue)
154                .add(HttpHeaderNames.SEC_WEBSOCKET_KEY1, key1)
155                .add(HttpHeaderNames.SEC_WEBSOCKET_KEY2, key2);
156 
157         String expectedSubprotocol = expectedSubprotocol();
158         if (expectedSubprotocol != null && !expectedSubprotocol.isEmpty()) {
159             headers.add(HttpHeaderNames.SEC_WEBSOCKET_PROTOCOL, expectedSubprotocol);
160         }
161 
162         if (customHeaders != null) {
163             headers.add(customHeaders);
164         }
165 
166         // Set Content-Length to workaround some known defect.
167         // See also: http://www.ietf.org/mail-archive/web/hybi/current/msg02149.html
168         headers.setInt(HttpHeaderNames.CONTENT_LENGTH, key3.length);
169         request.content().writeBytes(key3);
170         return request;
171     }
172 
173     /**
174      * <p>
175      * Process server response:
176      * </p>
177      *
178      * <pre>
179      * HTTP/1.1 101 WebSocket Protocol Handshake
180      * Upgrade: WebSocket
181      * Connection: Upgrade
182      * Sec-WebSocket-Origin: http://example.com
183      * Sec-WebSocket-Location: ws://example.com/demo
184      * Sec-WebSocket-Protocol: sample
185      *
186      * 8jKS'y:G*Co,Wxa-
187      * </pre>
188      *
189      * @param response
190      *            HTTP response returned from the server for the request sent by beginOpeningHandshake00().
191      * @throws WebSocketHandshakeException
192      */
193     @Override
194     protected void verify(FullHttpResponse response) {
195         final HttpResponseStatus status = new HttpResponseStatus(101, "WebSocket Protocol Handshake");
196 
197         if (!response.status().equals(status)) {
198             throw new WebSocketHandshakeException("Invalid handshake response getStatus: " + response.status());
199         }
200 
201         HttpHeaders headers = response.headers();
202 
203         CharSequence upgrade = headers.get(HttpHeaderNames.UPGRADE);
204         if (!WEBSOCKET.equalsIgnoreCase(upgrade)) {
205             throw new WebSocketHandshakeException("Invalid handshake response upgrade: "
206                     + upgrade);
207         }
208 
209         CharSequence connection = headers.get(HttpHeaderNames.CONNECTION);
210         if (!HttpHeaderValues.UPGRADE.equalsIgnoreCase(connection)) {
211             throw new WebSocketHandshakeException("Invalid handshake response connection: "
212                     + connection);
213         }
214 
215         ByteBuf challenge = response.content();
216         if (!challenge.equals(expectedChallengeResponseBytes)) {
217             throw new WebSocketHandshakeException("Invalid challenge");
218         }
219     }
220 
221     private static String insertRandomCharacters(String key) {
222         int count = WebSocketUtil.randomNumber(1, 12);
223 
224         char[] randomChars = new char[count];
225         int randCount = 0;
226         while (randCount < count) {
227             int rand = (int) (Math.random() * 0x7e + 0x21);
228             if (0x21 < rand && rand < 0x2f || 0x3a < rand && rand < 0x7e) {
229                 randomChars[randCount] = (char) rand;
230                 randCount += 1;
231             }
232         }
233 
234         for (int i = 0; i < count; i++) {
235             int split = WebSocketUtil.randomNumber(0, key.length());
236             String part1 = key.substring(0, split);
237             String part2 = key.substring(split);
238             key = part1 + randomChars[i] + part2;
239         }
240 
241         return key;
242     }
243 
244     private static String insertSpaces(String key, int spaces) {
245         for (int i = 0; i < spaces; i++) {
246             int split = WebSocketUtil.randomNumber(1, key.length() - 1);
247             String part1 = key.substring(0, split);
248             String part2 = key.substring(split);
249             key = part1 + ' ' + part2;
250         }
251 
252         return key;
253     }
254 
255     @Override
256     protected WebSocketFrameDecoder newWebsocketDecoder() {
257         return new WebSocket00FrameDecoder(maxFramePayloadLength());
258     }
259 
260     @Override
261     protected WebSocketFrameEncoder newWebSocketEncoder() {
262         return new WebSocket00FrameEncoder();
263     }
264 }