-
-
Notifications
You must be signed in to change notification settings - Fork 429
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[websocket] Allow registering websocket adapters #3622
Conversation
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Seems like these changes break the core karaf feature, I'm trying to understand why, I don't have experience with these definitions. If someone can give me some some help will be appreciated. |
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Luckily i was able to fix it :) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have some remarks on direction in which use of security goes. Please consider them. Driving further adoption of rest filter as a main access control mechanism will make it difficult to adopt different authentication mechanisms requested in #3305.
...e.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/AnonymousUserSecurityContext.java
Show resolved
Hide resolved
...es/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/AuthFilter.java
Show resolved
Hide resolved
...es/org.openhab.core.io.rest.auth/src/main/java/org/openhab/core/io/rest/auth/AuthFilter.java
Outdated
Show resolved
Hide resolved
...ab.core.io.websocket/src/main/java/org/openhab/core/io/websocket/CommonWebSocketServlet.java
Show resolved
Hide resolved
...ab.core.io.websocket/src/main/java/org/openhab/core/io/websocket/CommonWebSocketServlet.java
Outdated
Show resolved
Hide resolved
...hab.core.io.websocket/src/main/java/org/openhab/core/io/websocket/EventWebSocketHandler.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
Tests failure seems unrelated to the PR. |
...rg.openhab.core.io.websocket/src/main/java/org/openhab/core/io/websocket/EventWebSocket.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
I have an idea, I'm not sure if it's the best way to do it, but I'll leave it here in case you think it's a good idea or it might inspire something better. That will be:
|
I think that's the idea of the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Otherwise LGTM
....openhab.core.io.websocket/src/main/java/org/openhab/core/io/websocket/WebSocketHandler.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
This pull request has been mentioned on openHAB Community. There might be relevant details there: https://community.openhab.org/t/oh4-sign-in-fails-repeteadly-on-snapshot/147207/3 |
@GiviMAD - do you think this could be related? |
Seems like @J-N-K just found the problem, thank you for handled it and sorry. |
* [WebSocket] Allow register websocket handlers Signed-off-by: Miguel Álvarez <miguelwork92@gmail.com> GitOrigin-RevId: e3396c9
Hi openHAB community, I would like to merge this PR which allows to register multiple WebSocket handlers in to a common servlet which handles the authentication.
I have refactored the already present implementation into a separate handler (EventWebSocketHandler) that is served in the root path '/ws' so I think this is not a breaking change.
Also I have made some methods in the AuthFilter (package org.openhab.core.io.rest.auth) public so they can be reused here, so the "Trusted Network" and "Allow Basic Auth" rest api options apply also to the WebSocket and this can be accessed with the same credentials than the rest api (before the commit it allowed user tokens and basic auth but no JWT tokens).
Hope everything is in place. Best regards!