Menaka and myself had offline review on PR[1] and now it s merged. [1] https://github.com/wso2/carbon-mediation/pull/1068
Regards Kevin On Fri, Jun 29, 2018 at 11:05 PM, Menaka Jayawardena <[email protected]> wrote: > Hi Harsha, > > We discussed this in the code review as well. But, the issue is, the only > way to pass any additional information in websocket handshake is as > headers. When the request is forwarded to the websocket transport layer, > all these headers are added to the axis2 message context as properties. So > we cannot distinguish the incomming headers with other properties. > > As a solution for this, users can send an additional header which contains > the list of headers that should be preserved or we define a prefix which > users should add to the header where we can filter them from the > properties. > > A per our initial requirement, adding jwt header, I have followed the > second option because it can be used for other headers as well. So that the > websocket transport implementation can be done in a generic way. > > Thanks and Regards, > Menaka > > > > On Fri, Jun 29, 2018 at 9:32 PM Harsha Kumara <[email protected]> wrote: > >> On Fri, Jun 29, 2018 at 8:10 PM Menaka Jayawardena <[email protected]> >> wrote: >> >>> Hi Harsha, Chamin, >>> >>> Please find my answers inline. >>> >>> So this means we are having two ways of handling JWT (normal method and >>>> WS specific method) scenarios? If so, we will need additional methods to >>>> cover this flow. Will there be a code/logic duplication due to this? >>>> >>> >>> No. In this implementation, the same JWT token generation method is >>> used. The default ws token validation method is modified to generate the >>> jwt token. >>> >>> https://github.com/wso2/carbon-apimgt/pull/5519/commits/ >>> decc193eddecbaccc8eccc22075d2d9876821480 >>> >>> In WS APIs, when user send a Header, isn't it going to back-end by >>>> default? Why we need special prefix as we removed it in the outflow? >>>> >>> >>> In Web Socket apis, the headers that we send in the client - gateway >>> handshake are not being sent in the gateway - backend handshake. Only the >>> default headers were set[1] and the incoming headers are set as the >>> properties in axis2 message context. In order to send the header to the >>> backend, we need to get the specific property and attach it as a header to >>> the gateway - backend handshake. >>> >>> As the transport sender implementation should be generic, we send the >>> headers that should be sent to the backend with a prefix and in the >>> WebSocketTransportSender, we get those properties, extract the actual >>> header and set them as handshake headers.[2] So we do not need to alter the >>> transport implementation if we need to send any headers as required. >>> >> Ok. Is there any reason not to send incoming header to the backend? If >> not we ideally should send the headers to the backend. Can't we give a >> option to client to configure the headers that should forward to the >> backend? >> >>> >>> [1] https://github.com/wso2/carbon-mediation/blob/master/ >>> components/carbon-transports/websocket/org.wso2.carbon. >>> websocket.transport/src/main/java/org/wso2/carbon/websocket/transport/ >>> WebsocketConnectionFactory.java#L170 >>> [2] https://github.com/wso2/carbon-mediation/pull/1068/commits/ >>> a3d204dfc53138aab7097d6e168d1c0df7382c01 >>> >>> On Fri, Jun 29, 2018 at 7:55 PM, Harsha Kumara <[email protected]> wrote: >>> >>>> >>>> >>>> On Fri, Jun 29, 2018 at 11:25 AM Menaka Jayawardena <[email protected]> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> >>>>> *With reference to [RRT][APIM] Code Review - Sending Enduser >>>>> information to WS Backends and based on the offline discussion with >>>>> Kevin.* >>>>> >>>>> *Initial Requirement:* When the JWT token generation is enabled in >>>>> API Manager, the jwt token should be sent to the Web socket backend. >>>>> >>>>> *Current Approach:* As the websocket communication happens as frames, >>>>> we could not add the jwt token into the frames. And also it is not a best >>>>> practice as it is a overhead for the message that is being sent. >>>>> So, the token will be attached as a header to the initial web socket >>>>> handshake. >>>>> >>>>> In the current implementation, we generate the jwt token and set as >>>>> an intermediate header from the api gateway. This header is then picked up >>>>> from the axis2 message context in the WebSocketTransportSender and attach >>>>> to the Gateway - WS-BackEnd handshake requst. >>>>> >>>>> But, as per this implementation, if the user needs to send another >>>>> header, the WebSocketTransportSender implementation should be changed to >>>>> support the new header. To avoid this, the implementation will be done in >>>>> a >>>>> generic manner. >>>>> >>>>> *Solution:* >>>>> The headers that should be sent to the websocket backends, have to be >>>>> sent with a prefix. The format of would be <prefix>.<header> >>>>> >>>>> Ex: If we need to send the header X-JWT-Assertion to the backend, it >>>>> should be sent as *websocket.header.**X-JWT-Assertion*. >>>>> >>>>> In WebSocketTransportSender, it will get only the properties with the >>>>> *websocket.header.* prefix, extract the header string and attach them >>>>> as new headers to the Handshake request. >>>>> >>>> In WS APIs, when user send a Header, isn't it going to back-end by >>>> default? Why we need special prefix as we removed it in the outflow? >>>> >>>>> >>>>> Any comments, suggestions are highly appreciated. >>>>> >>>>> Thanks and Regards, >>>>> Menaka >>>>> >>>>> -- >>>>> >>>>> *Menaka Jayawardena* >>>>> Senior Software Engineer >>>>> WSO2 Inc. >>>>> >>>>> Phone : +94 71 350 5470 >>>>> LinkedIn : https://lk.linkedin.com/in/menakajayawardena >>>>> Blog : https://menakamadushanka.wordpress.com/ >>>>> >>>>> >>>> >>>> -- >>>> Harsha Kumara >>>> Associate Technical Lead, WSO2 Inc. >>>> Mobile: +94775505618 >>>> Blog:harshcreationz.blogspot.com >>>> >>> >>> >>> >>> -- >>> >>> *Menaka Jayawardena* >>> Senior Software Engineer >>> WSO2 Inc. >>> >>> Phone : +94 71 350 5470 >>> LinkedIn : https://lk.linkedin.com/in/menakajayawardena >>> Blog : https://menakamadushanka.wordpress.com/ >>> >>> >> >> -- >> Harsha Kumara >> Associate Technical Lead, WSO2 Inc. >> Mobile: +94775505618 >> Blog:harshcreationz.blogspot.com >> > -- > > *Menaka Jayawardena* > Senior Software Engineer > WSO2 Inc. > > Phone : +94 71 350 5470 > LinkedIn : https://lk.linkedin.com/in/menakajayawardena > Blog : https://menakamadushanka.wordpress.com/ > > -- *Kevin Ratnaskera* Software Engineer WSO2 Inc. - http://wso2.com lean . enterprise . middleware Mobile - +94774696950 Linkedin - https://www.linkedin.com/in/djkevincr
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
