lib: emit events about connection messages #252
Conversation
lib/connection.js
Outdated
| @@ -384,6 +384,8 @@ class Connection extends EventEmitter { | |||
|
|
|||
| this.server.startSession(this, application, authStrategy, credentials, | |||
| this._onSessionCreated.bind(this)); | |||
|
|
|||
| this.emit('handshakeRequest', applicationName, authStrategy, credentials); | |||
There was a problem hiding this comment.
I don't think we should emit credentials here.
There was a problem hiding this comment.
@belochub also not sure about that, but I thought that users may decide for themselves whether they need to log them or just ignore this parameter. @metarhia/jstp-core?
There was a problem hiding this comment.
@lundibundi, it won't be secure that way.
There was a problem hiding this comment.
@belochub It won't be secure it user decides to log them, but they may have different trade-offs there.
There was a problem hiding this comment.
@lundibundi, I meant providing the user an ability to log them isn't secure.
There was a problem hiding this comment.
@lundibundi, ping. You haven't changed it.
There was a problem hiding this comment.
Yes because I see no need to, we are not responsible for users breaking their security by themselves.
|
@lundibundi, we also discussed the possibility to log all of the incoming/outgoing messages in debug mode, and I haven't found the implementation of corresponding events here. Will you add it later? |
|
@belochub yeah, but should we just emit them as well when node is in debug mode? |
test/node/connection-call.js
Outdated
| @@ -13,6 +13,17 @@ const serverConfig = | |||
| let server; | |||
| let connection; | |||
|
|
|||
| function addCallEventCheck(test, connection, iface, calledName, providedArgs) { | |||
There was a problem hiding this comment.
I'd prefer to add one test that will check that event is emited with the right payload, there is no need to test this every time. If you insist on doing so, I'd prefer the function to be at the end of file.
|
@lundibundi, we discussed that there will be different modes and in "debug" or "verbose" mode all of the messages will be emitted. |
test/node/connection-emit-actions.js
Outdated
|
|
||
| const application = new jstp.Application(app.name, app.interfaces); | ||
| const serverConfig = | ||
| { applications: [application], authPolicy: app.authCallback }; |
There was a problem hiding this comment.
Style nit: maybe split this object over several lines? It's a bit long.
There was a problem hiding this comment.
Sure. Btw we've got the same code in connection-call.js, We should probably also change it there.
test/node/connection-emit-actions.js
Outdated
| const port = server.address().port; | ||
| const socket = net.connect(port); | ||
| socket.on('error', | ||
| () => test.fail('must create socket and connect to server')); |
There was a problem hiding this comment.
Nit: can you please use braces here?
test/node/connection-emit-actions.js
Outdated
| () => test.fail('must create socket and connect to server')); | ||
| socket.on('connect', () => { | ||
| serverConnection.on('handshakeRequest', | ||
| (applicationName, authStrategy, credentials) => { |
There was a problem hiding this comment.
There's a missing indentation level. It's strange that ESLint does not complain, it's exactly the bug that was fixed in the UPD: nope, it does. The CI has failed because of it.indent rule in eslint@4, AFAIU.
There was a problem hiding this comment.
Yeah, I forgot to update local eslint.
test/node/connection-emit-actions.js
Outdated
| const port = server.address().port; | ||
| const socket = net.connect(port); | ||
| socket.on('error', | ||
| () => test.fail('must create socket and connect to server')); |
There was a problem hiding this comment.
Could you please add braces here too?
test/node/connection-emit-actions.js
Outdated
| () => test.fail('must create socket and connect to server')); | ||
| socket.on('connect', () => { | ||
| serverConnection.on('handshakeRequest', | ||
| (applicationName, authStrategy, credentials) => { |
test/node/connection-emit-actions.js
Outdated
| test.equal(connection.sessionId, app.sessionId, | ||
| 'session id must be equal to the one provided by authCallback'); | ||
| connection.close(); | ||
| test.end(); |
There was a problem hiding this comment.
Missed this bit, is it absolute that this callback will be called after both handshake event handlers? If not - test will fail because of assertions after end, in that case the right way to do it is using test.plan(). Same applies to every test here.
There was a problem hiding this comment.
Yes, that's why I made them like this. Though that's implementation specific to be precise, so maybe it'll be better to use plan? @metarhia/jstp-core should we switch to plan here?
There was a problem hiding this comment.
IMHO, if we multiple callbacks\handlers must be called, it is better to use test.plan().
There was a problem hiding this comment.
Oh well, nobody seems to bother, but I guess the less implementation specific test are the better so I'll change it.
lundibundi
force-pushed
the
add-conn-events
branch
from
ad6d3cf
to
2438231
Compare
|
@metarhia/jstp-core ping. |
lib/connection.js
Outdated
| @@ -377,6 +397,8 @@ class Connection extends EventEmitter { | |||
| this, application, authStrategy, credentials, | |||
| this._onSessionCreated.bind(this) | |||
| ); | |||
|
|
|||
| this.emit('handshakeRequest', applicationName, authStrategy, credentials); | |||
There was a problem hiding this comment.
@lundibundi, I am still against emitting credentials here.
There was a problem hiding this comment.
@belochub And I still see no harm in doing that. Let's wait what others have to say on this matter.
There was a problem hiding this comment.
@belochub @lundibundi what if we emit them only in debug mode, but in release mode we omit them?
There was a problem hiding this comment.
It makes no difference, in debug mode you have whole packets emitted, so there is no reason to make such a switch. Either we emit them or we don't, as I see it.
There was a problem hiding this comment.
@lundibundi if you put it this way, I agree with @belochub because I see no use in emiting credential in release mode.
There was a problem hiding this comment.
@lundibundi, that's why I'm opting for not emitting them here: if a user will need to debug application including authentication he/she can easily do that by getting complete messages.
And outside of the debug mode emitting credentials makes no sense, no one should use them in that case, because logging them will lead to security problems (and you agree on this).
There was a problem hiding this comment.
@belochub Okay, I'll remove it soon.
|
@tshemsedinov ping. |
test/node/connection-emit-actions.js
Outdated
| addCallEventCheck(test, server.getClients()[0], iface, methodName, args); | ||
| connection.on('callback', (error, ok) => { | ||
| test.assertNot(error, 'callMethod must not return an error'); | ||
| test.strictSame(ok, [42], 'Ok contents must match'); |
test/node/connection-emit-actions.js
Outdated
| } | ||
| ); | ||
|
|
||
| test.test('must emit event on call with no arguments and return value', |
There was a problem hiding this comment.
"with no arguments and return value" is a bit misleading: it is not clear if "no" does also relate to "return value".
There was a problem hiding this comment.
Also we should change this in the connection tests, as it's the same there.
test/node/connection-emit-actions.js
Outdated
| }); | ||
| }); | ||
|
|
||
| test.test('must emit packets in not "production" mode', (test) => { |
There was a problem hiding this comment.
It's either "development" or "production" mode, you can replace "not production" with "development".
test/node/connection-emit-actions.js
Outdated
| test.fail('must create socket and connect to server'); | ||
| }); | ||
| socket.on('connect', () => { | ||
| serverConnection.on('handshakeRequest', |
There was a problem hiding this comment.
What is the reason of adding listeners here but not on line 53?
There was a problem hiding this comment.
I just wanted to put them in one place, also this callback should always be called after the one above, but it's okay to put them there too.
test/node/connection-emit-actions.js
Outdated
| test.fail('must create socket and connect to server'); | ||
| }); | ||
| socket.on('connect', () => { | ||
| serverConnection.on('handshakeRequest', |
There was a problem hiding this comment.
IMHO this test is also redundant.
There was a problem hiding this comment.
I'd test both as I see no harm in doing so.
test/node/connection-emit-actions.js
Outdated
| } | ||
| ); | ||
|
|
||
| test.test('must emit event on call with no arguments and return value', |
There was a problem hiding this comment.
This tests is redundant. Bacause of this addCallEventCheck() should be inlined in a previous test.
test/node/connection-emit-actions.js
Outdated
| // 4 packets from call below and 4 from 1 heartbeat | ||
| test.plan(8); | ||
|
|
||
| const clientSentPackets = [{}, { call: [1, 'calculator'], answer: [] }]; |
There was a problem hiding this comment.
I'd prefer this test not to start handshake. this way there will be no need for tap-oneOf.
There was a problem hiding this comment.
@nechaido You meant heartbeat? I don't really care, I thought that we should test that it emits heartbeat packets as it's easy to miss them especially with our current implementation that writes them directly to transport.
There was a problem hiding this comment.
@lundibundi I mean that we should test them separately.
lib/connection.js
Outdated
| @@ -193,6 +197,10 @@ class Connection extends EventEmitter { | |||
| _heartbeatCallback(interval) { | |||
| this.transport.send('{}'); | |||
| this.setTimeout(interval, this._heartbeatCallbackInstance); | |||
|
|
|||
| if (process.env.NODE_ENV !== 'production') { | |||
| this.emit('sentPacket', this._heartbeatMessage); | |||
There was a problem hiding this comment.
Heartbeat should have it's own heartbeat event.
lundibundi
force-pushed
the
add-conn-events
branch
from
bee03c5
to
900917b
Compare
lundibundi
force-pushed
the
add-conn-events
branch
from
900917b
to
4a255a7
Compare
test/node/connection-emit-actions.js
Outdated
| test.plan(2); | ||
|
|
||
| server.getClients()[0].on('heartbeat', (message) => { | ||
| test.strictSame(message, {}, 'Heartbeat message must match on server side'); |
There was a problem hiding this comment.
You should decapitalize "Heartbeat" here.
test/node/connection-emit-actions.js
Outdated
| test.strictSame(message, {}, 'Heartbeat message must match on server side'); | ||
| }); | ||
| connection.on('heartbeat', (message) => { | ||
| test.strictSame(message, {}, 'Heartbeat message must match on client side'); |
|
Landed in 04ed72e. |
This is a new and shiny first major release for `metarhia-jstp`.
Changes include API refactoring and improvements, implementations of
CLI, sessions, and application versions, native addon build optimizations,
lots of bug fixes, test coverage increase, and other, less notable changes.
This release also denotes the bump of the protocol version to v1.0.
The only difference from the previous version of the protocol is that
"old" heartbeat messages (`{}`) are now deprecated and `ping`/`pong`
messages must be used for this purpose instead.
Notable changes:
* **src,build:** improve the native module subsystem
*(Alexey Orlenko)*
[#36](#36)
**\[semver-minor\]**
* **build:** compile in ISO C++11 mode
*(Alexey Orlenko)*
[#37](#37)
**\[semver-minor\]**
* **build:** improve error handling
*(Alexey Orlenko)*
[#40](#40)
**\[semver-minor\]**
* **lib:** refactor record-serialization.js
*(Alexey Orlenko)*
[#41](#41)
**\[semver-minor\]**
* **protocol:** change the format of handshake packets
*(Alexey Orlenko)*
[#54](#54)
**\[semver-major\]**
* **parser:** remove special case for '\0' literal
*(Mykola Bilochub)*
[#68](#68)
**\[semver-major\]**
* **client:** drop redundant callback argument
*(Alexey Orlenko)*
[#104](#104)
**\[semver-major\]**
* **client:** handle errors in connectAndInspect
*(Alexey Orlenko)*
[#105](#105)
**\[semver-major\]**
* **socket,ws:** use socket.destroy() properly
*(Alexey Orlenko)*
[#84](#84)
**\[semver-major\]**
* **cli:** add basic implementation
*(Mykola Bilochub)*
[#107](#107)
**\[semver-minor\]**
* **connection:** fix error handling in optional cbs
*(Alexey Orlenko)*
[#147](#147)
**\[semver-major\]**
* **lib:** change event signature
*(Denys Otrishko)*
[#187](#187)
**\[semver-major\]**
* **lib:** add address method to Server
*(Denys Otrishko)*
[#190](#190)
**\[semver-minor\]**
* **lib:** optimize connection events
*(Denys Otrishko)*
[#222](#222)
**\[semver-major\]**
* **lib:** refactor server and client API
*(Denys Otrishko)*
[#209](#209)
**\[semver-major\]**
* **lib,src:** rename term packet usages to message
*(Denys Otrishko)*
[#270](#270)
**\[semver-major\]**
* **lib:** emit events about connection messages
*(Denys Otrishko)*
[#252](#252)
**\[semver-minor\]**
* **connection:** make callback method private
*(Alexey Orlenko)*
[#306](#306)
**\[semver-major\]**
* **lib:** implement sessions
*(Mykola Bilochub)*
[#289](#289)
**\[semver-major\]**
* **connection:** use ping-pong instead of heartbeat
*(Dmytro Nechai)*
[#303](#303)
**\[semver-major\]**
This is a new and shiny first major release for `metarhia-jstp`.
Changes include API refactoring and improvements, implementations of
CLI, sessions, and application versions, native addon build optimizations,
lots of bug fixes, test coverage increase, and other, less notable changes.
This release also denotes the bump of the protocol version to v1.0.
The only difference from the previous version of the protocol is that
"old" heartbeat messages (`{}`) are now deprecated and `ping`/`pong`
messages must be used for this purpose instead.
Notable changes:
* **src,build:** improve the native module subsystem
*(Alexey Orlenko)*
[#36](#36)
**\[semver-minor\]**
* **build:** compile in ISO C++11 mode
*(Alexey Orlenko)*
[#37](#37)
**\[semver-minor\]**
* **build:** improve error handling
*(Alexey Orlenko)*
[#40](#40)
**\[semver-minor\]**
* **lib:** refactor record-serialization.js
*(Alexey Orlenko)*
[#41](#41)
* **parser:** fix a possible memory leak
*(Alexey Orlenko)*
[#44](#44)
**\[semver-minor\]**
* **protocol:** change the format of handshake packets
*(Alexey Orlenko)*
[#54](#54)
**\[semver-major\]**
* **parser:** make parser single-pass
*(Mykola Bilochub)*
[#61](#61)
* **parser:** remove special case for '\0' literal
*(Mykola Bilochub)*
[#68](#68)
**\[semver-major\]**
* **parser:** fix bug causing node to crash
*(Mykola Bilochub)*
[#75](#75)
* **client:** drop redundant callback argument
*(Alexey Orlenko)*
[#104](#104)
**\[semver-major\]**
* **client:** handle errors in connectAndInspect
*(Alexey Orlenko)*
[#105](#105)
**\[semver-major\]**
* **socket,ws:** use socket.destroy() properly
*(Alexey Orlenko)*
[#84](#84)
**\[semver-major\]**
* **cli:** add basic implementation
*(Mykola Bilochub)*
[#107](#107)
**\[semver-minor\]**
* **connection:** fix error handling in optional cbs
*(Alexey Orlenko)*
[#147](#147)
**\[semver-major\]**
* **test:** add JSON5 specs test suite
*(Alexey Orlenko)*
[#158](#158)
* **lib:** change event signature
*(Denys Otrishko)*
[#187](#187)
**\[semver-major\]**
* **lib:** add address method to Server
*(Denys Otrishko)*
[#190](#190)
**\[semver-minor\]**
* **parser:** implement NaN and Infinity parsing
*(Mykola Bilochub)*
[#201](#201)
* **parser:** improve string parsing performance
*(Mykola Bilochub)*
[#220](#220)
* **lib:** optimize connection events
*(Denys Otrishko)*
[#222](#222)
**\[semver-major\]**
* **lib:** refactor server and client API
*(Denys Otrishko)*
[#209](#209)
**\[semver-major\]**
* **lib,src:** rename term packet usages to message
*(Denys Otrishko)*
[#270](#270)
**\[semver-major\]**
* **lib:** emit events about connection messages
*(Denys Otrishko)*
[#252](#252)
**\[semver-minor\]**
* **lib:** implement API versioning
*(Denys Otrishko)*
[#231](#231)
**\[semver-minor\]**
* **lib:** allow to set event handlers in application
*(Denys Otrishko)*
[#286](#286)
**\[semver-minor\]**
* **lib:** allow to broadcast events from server
*(Denys Otrishko)*
[#287](#287)
**\[semver-minor\]**
* **connection:** make callback method private
*(Alexey Orlenko)*
[#306](#306)
**\[semver-major\]**
* **lib:** implement sessions
*(Mykola Bilochub)*
[#289](#289)
**\[semver-major\]**
* **connection:** use ping-pong instead of heartbeat
*(Dmytro Nechai)*
[#303](#303)
**\[semver-major\]**
As discussed I add events to the connection, also events about connection establishment and destruction already exist on server ('connect', 'disconnect').
Also I did not forward connection events through a server as this will most likely have a significant performance cost, especially during highload. And it's easy to implement if user ever needs it:
Fixes: #250