Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Read & use client-provided session GUID for concurrency control #238

Merged
merged 5 commits into from
Jul 18, 2024
Merged

Read & use client-provided session GUID for concurrency control #238

merged 5 commits into from
Jul 18, 2024

Conversation

bdach
Copy link
Collaborator

@bdach bdach commented Jul 17, 2024
edited by peppy
Loading

Read description of aforementioned PR for explanation what is going on here.

This change is designed to be backwards-compatible, in the sense that old client will continue to use the jti cialm (with all of the deficiencies which that incurs), and new clients with the aforementioned change will use the new one which is hopefully rid of the deficiencies in question. We can probably shutter the old path in a few months - or I can just delete it now if that is considered acceptable.

bdach
bdach commented Jul 17, 2024
View reviewed changes
osu.Server.Spectator/Entities/ConnectionState.cs Outdated
Comment on lines 77 to 91
public bool IsInvocationPermitted(HubInvocationContext context)
{
bool hubRegistered = ConnectionIds.TryGetValue(context.Hub.GetType(), out string? registeredConnectionId);
bool connectionIdMatches = registeredConnectionId == context.Context.ConnectionId;

return hubRegistered && connectionIdMatches;
}

public bool CanCleanUpConnection(HubLifetimeContext context)
{
bool hubRegistered = ConnectionIds.TryGetValue(context.Hub.GetType(), out string? registeredConnectionId);
bool connectionIdMatches = registeredConnectionId == context.Context.ConnectionId;

return hubRegistered && connectionIdMatches;
}
Copy link
Collaborator Author

@bdach bdach Jul 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Readers will note that the content of this method is mostly moved from ConcurrentConnectionLimiter, except for the fact that the tokenIdMatches check is gone.

As far as I can tell that check was mostly dead / bogus anyway; the signalr communication protocol is such that the JWT is only sent at the start of a connection, after which a protocol switch to webscokets happens, and headers are not sent anymore. Which, in turn, means that the JWT is not being sent over the wire on remote procedure calls, and the previous check would just keep checking the same stored JWT from the initial connection, probably fetching it from a dictionary keyed by connection ID or something. Thus, the connection ID should be more than enough to enforce concurrency at this point.

@bdach bdach mentioned this pull request Jul 17, 2024
Closed
@peppy
Copy link
Sponsor Member

peppy commented Jul 18, 2024

We can probably shutter the old path in a few months - or I can just delete it now if that is considered acceptable.

I'd keep it available until next release at least (as in the one that doesn't happen this week).

@peppy peppy self-requested a review July 18, 2024 04:26
@peppy peppy enabled auto-merge July 18, 2024 06:40
@peppy peppy merged commit 70ad0aa into ppy:master Jul 18, 2024
2 checks passed
@bdach bdach deleted the better-client-identifier branch July 18, 2024 12:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@peppy peppy peppy approved these changes

@smoogipoo smoogipoo smoogipoo approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bdach @peppy @smoogipoo