ably 1.1.1 → 1.1.5

data/ably.gemspec

@@ -20,9 +20,9 @@ Gem::Specification.new do |spec|
 
   spec.add_runtime_dependency 'eventmachine', '~> 1.2.6'
   spec.add_runtime_dependency 'em-http-request', '~> 1.1'
-  spec.add_runtime_dependency 'statesman', '~> 1.0.0'
-  spec.add_runtime_dependency 'faraday', '~> 0.12'
-  spec.add_runtime_dependency 'excon', '~> 0.55'
+  spec.add_runtime_dependency 'statesman', '~> 7.4'
+  spec.add_runtime_dependency 'faraday', '~> 1.0'
+  spec.add_runtime_dependency 'typhoeus', '~> 1.4'
 
   if RUBY_VERSION.match(/^1\./)
     spec.add_runtime_dependency 'json', '< 2.0'
@@ -30,7 +30,7 @@ Gem::Specification.new do |spec|
     spec.add_runtime_dependency 'json'
   end
   spec.add_runtime_dependency 'websocket-driver', '~> 0.7'
-  spec.add_runtime_dependency 'msgpack', '>= 0.6.2'
+  spec.add_runtime_dependency 'msgpack', '>= 1.3.0'
   spec.add_runtime_dependency 'addressable', '>= 2.0.0'
 
   spec.add_development_dependency 'rake', '~> 11.3'
@@ -46,7 +46,7 @@ Gem::Specification.new do |spec|
     spec.add_development_dependency 'webmock', '2.2'
     spec.add_development_dependency 'parallel_tests', '~> 2.9.0'
   else
-    spec.add_development_dependency 'webmock', '~> 2.2'
+    spec.add_development_dependency 'webmock', '~> 3.11'
     spec.add_development_dependency 'coveralls'
     spec.add_development_dependency 'parallel_tests', '~> 2.22'
     if !RUBY_VERSION.match(/^2\.[0123]/)

data/lib/ably/auth.rb

@@ -103,7 +103,6 @@ module Ably
       end
 
       if has_client_id? && !token_creatable_externally? && !token_option
-        raise ArgumentError, 'client_id cannot be provided without a complete API key or means to authenticate. An API key is needed to automatically authenticate with Ably and obtain a token' unless api_key_present?
         @client_id = ensure_utf_8(:client_id, client_id) if client_id
       end
 
@@ -377,7 +376,7 @@ module Ably
     # True when Token Auth is being used to authenticate with Ably
     def using_token_auth?
       return options[:use_token_auth] if options.has_key?(:use_token_auth)
-      !!(token_option || current_token_details || has_client_id? || token_creatable_externally?)
+      !!(token_option || current_token_details || token_creatable_externally?)
     end
 
     def client_id
@@ -408,6 +407,17 @@ module Ably
       end
     end
 
+    # Extra headers that may be used during authentication
+    #
+    # @return [Hash] headers
+    def extra_auth_headers
+      if client_id && using_basic_auth?
+        { 'X-Ably-ClientId' => Base64.urlsafe_encode64(client_id) }
+      else
+        {}
+      end
+    end
+
     # Auth params used in URI endpoint for Realtime connections
     # Will reauthorize implicitly if required and capable
     #

data/lib/ably/exceptions.rb

@@ -5,7 +5,7 @@ module Ably
     TOKEN_EXPIRED_CODE = 40140..40149
 
     # Base Ably exception class that contains status and code values used by Ably
-    # Refer to https://github.com/ably/ably-common/blob/master/protocol/errors.json
+    # Refer to https://github.com/ably/ably-common/blob/main/protocol/errors.json
     #
     # @!attribute [r] message
     #   @return [String] Error message from Ably
@@ -116,7 +116,7 @@ module Ably
     class InvalidState < BaseAblyException; end
 
     # A generic Ably exception taht supports a status & code.
-    # See https://github.com/ably/ably-common/blob/master/protocol/errors.json for a list of Ably errors
+    # See https://github.com/ably/ably-common/blob/main/protocol/errors.json for a list of Ably errors
     class Standard < BaseAblyException; end
 
     # The HTTP request has returned a 500 error

data/lib/ably/logger.rb

@@ -20,6 +20,8 @@ module Ably
       ensure_logger_interface_is_valid
 
       @logger.level = log_level
+
+      @log_mutex = Mutex.new
     end
 
     # The logger used by this class, defaults to {http://www.ruby-doc.org/stdlib-1.9.3/libdoc/logger/rdoc/Logger.html Ruby Logger}
@@ -38,7 +40,9 @@ module Ably
     %w(fatal error warn info debug).each do |method_name|
       define_method(method_name) do |*args, &block|
         begin
-          logger.public_send(method_name, *args, &block)
+          log_mutex.synchronize do
+            logger.public_send(method_name, *args, &block)
+          end
         rescue StandardError => e
           logger.error "Logger: Failed to log #{method_name} block - #{e.class}: #{e.message}\n#{e.backtrace.join("\n")}"
         end
@@ -46,6 +50,8 @@ module Ably
     end
 
     private
+    attr_reader :log_mutex
+
     def client
       @client
     end

data/lib/ably/modules/ably.rb

@@ -6,8 +6,18 @@
 module Ably
   # Fallback hosts to use when a connection to rest/realtime.ably.io is not possible due to
   # network failures either at the client, between the client and Ably, within an Ably data center, or at the IO domain registrar
+  # see https://docs.ably.io/client-lib-development-guide/features/#RSC15a
   #
-  FALLBACK_HOSTS = %w(A.ably-realtime.com B.ably-realtime.com C.ably-realtime.com D.ably-realtime.com E.ably-realtime.com).freeze
+  FALLBACK_DOMAIN = 'ably-realtime.com'.freeze
+  FALLBACK_IDS = %w(a b c d e).freeze
+
+  # Default production fallbacks a.ably-realtime.com ... e.ably-realtime.com
+  FALLBACK_HOSTS = FALLBACK_IDS.map { |host| "#{host}.#{FALLBACK_DOMAIN}".freeze }.freeze
+
+  # Custom environment default fallbacks {ENV}-a-fallback.ably-realtime.com ... {ENV}-a-fallback.ably-realtime.com
+  CUSTOM_ENVIRONMENT_FALLBACKS_SUFFIXES = FALLBACK_IDS.map do |host|
+    "-#{host}-fallback.#{FALLBACK_DOMAIN}".freeze
+  end.freeze
 
   INTERNET_CHECK = {
     url:     '//internet-up.ably-realtime.com/is-the-internet-up.txt',

data/lib/ably/modules/state_machine.rb

@@ -23,7 +23,7 @@ module Ably::Modules
     def transition_state(state, *args)
       unless result = transition_to(state.to_sym, *args)
         exception = exception_for_state_change_to(state)
-        logger.fatal { "#{self.class}: #{exception.message}" }
+        logger.fatal { "#{self.class}: #{exception.message}\n#{caller[0..20].join("\n")}" }
       end
       result
     end

data/lib/ably/realtime/channel.rb

@@ -79,6 +79,10 @@ module Ably
       # @return [Hash]
       attr_reader :options
 
+      # Properties of a channel and its state
+      # @return [{Ably::Realtime::Channel::ChannelProperties}]
+      attr_reader :properties
+
       # When a channel failure occurs this attribute contains the Ably Exception
       # @return [Ably::Models::ErrorInfo,Ably::Exceptions::BaseAblyException]
       attr_reader :error_reason
@@ -88,11 +92,6 @@ module Ably
       # @api private
       attr_reader :manager
 
-      # Serial number assigned to this channel when it was attached
-      # @return [Integer]
-      # @api private
-      attr_reader :attached_serial
-
       # Initialize a new Channel object
       #
       # @param  client [Ably::Rest::Client]
@@ -112,6 +111,7 @@ module Ably
         @state         = STATE(state_machine.current_state)
         @manager       = ChannelManager.new(self, client.connection)
         @push          = PushChannel.new(self)
+        @properties    = ChannelProperties.new(self)
 
         setup_event_handlers
         setup_presence
@@ -292,7 +292,7 @@ module Ably
             error = Ably::Exceptions::InvalidRequest.new('option :until_attach is invalid as the channel is not attached' )
             return Ably::Util::SafeDeferrable.new_and_fail_immediately(logger, error)
           end
-          options[:from_serial] = attached_serial
+          options[:from_serial] = properties.attach_serial
         end
 
         async_wrap(callback) do
@@ -319,11 +319,6 @@ module Ably
         @error_reason = nil
       end
 
-      # @api private
-      def set_attached_serial(serial)
-        @attached_serial = serial
-      end
-
       # @api private
       def update_options(channel_options)
         @options = channel_options.clone.freeze
@@ -372,3 +367,4 @@ end
 require 'ably/realtime/channel/channel_manager'
 require 'ably/realtime/channel/channel_state_machine'
 require 'ably/realtime/channel/push_channel'
+require 'ably/realtime/channel/channel_properties'

data/lib/ably/realtime/channel/channel_manager.rb

@@ -37,7 +37,7 @@ module Ably::Realtime
         # library, such as returning to attached whne detach has failed
         if attached_protocol_message
           update_presence_sync_state_following_attached attached_protocol_message
-          channel.set_attached_serial attached_protocol_message.channel_serial
+          channel.properties.set_attach_serial(attached_protocol_message.channel_serial)
         end
       end
 
@@ -76,7 +76,7 @@ module Ably::Realtime
           update_presence_sync_state_following_attached protocol_message
         end
 
-        channel.set_attached_serial protocol_message.channel_serial
+        channel.properties.set_attach_serial(protocol_message.channel_serial)
       end
 
       # Handle DETACED messages, see #RTL13 for server-initated detaches

data/lib/ably/realtime/channel/channel_properties.rb

@@ -0,0 +1,24 @@
+module Ably::Realtime
+  class Channel
+    # Represents properties of a channel and its state
+    class ChannelProperties
+      # {Ably::Realtime::Channel} this object associated with
+      # @return [Ably::Realtime::Channel]
+      attr_reader :channel
+
+      # Contains the last channelSerial received in an ATTACHED ProtocolMesage for the channel, see RTL15a
+      #
+      # @return [String]
+      attr_reader :attach_serial
+
+      def initialize(channel)
+        @channel = channel
+      end
+
+      # @api private
+      def set_attach_serial(attach_serial)
+        @attach_serial = attach_serial
+      end
+    end
+  end
+end

data/lib/ably/realtime/client.rb

@@ -65,11 +65,16 @@ module Ably
       # @return [String,Nil]
       attr_reader :recover
 
+      # Additional parameters to be sent in the querystring when initiating a realtime connection
+      # @return [Hash]
+      attr_reader :transport_params
+
       def_delegators :auth, :client_id, :auth_options
       def_delegators :@rest_client, :encoders
       def_delegators :@rest_client, :use_tls?, :protocol, :protocol_binary?
       def_delegators :@rest_client, :environment, :custom_host, :custom_port, :custom_tls_port
       def_delegators :@rest_client, :log_level
+      def_delegators :@rest_client, :options
 
       # Creates a {Ably::Realtime::Client Realtime Client} and configures the {Ably::Auth} object for the connection.
       #
@@ -82,6 +87,7 @@ module Ably
       # @option options [Boolean] :echo_messages  If false, prevents messages originating from this connection being echoed back on the same connection
       # @option options [String]  :recover        When a recover option is specified a connection inherits the state of a previous connection that may have existed under a different instance of the Realtime library, please refer to the API documentation for further information on connection state recovery
       # @option options [Boolean] :auto_connect   By default as soon as the client library is instantiated it will connect to Ably. You can optionally set this to false and explicitly connect.
+      # @option options [Hash]    :transport_params   Additional parameters to be sent in the querystring when initiating a realtime connection. Keys are Strings, values are Stringifiable(a value must respond to #to_s)
       #
       # @option options [Integer] :channel_retry_timeout       (15 seconds). When a channel becomes SUSPENDED, after this delay in seconds, the channel will automatically attempt to reattach if the connection is CONNECTED
       # @option options [Integer] :disconnected_retry_timeout  (15 seconds). When the connection enters the DISCONNECTED state, after this delay in seconds, if the state is still DISCONNECTED, the client library will attempt to reconnect automatically
@@ -109,6 +115,9 @@ module Ably
           end
         end
 
+        @transport_params      = options.delete(:transport_params).to_h.each_with_object({}) do |(key, value), acc|
+          acc[key.to_s] = value.to_s
+        end
         @rest_client           = Ably::Rest::Client.new(options.merge(realtime_client: self))
         @echo_messages         = rest_client.options.fetch(:echo_messages, true) == false ? false : true
         @queue_messages        = rest_client.options.fetch(:queue_messages, true) == false ? false : true

data/lib/ably/realtime/connection.rb

@@ -161,6 +161,8 @@ module Ably
         @state_machine = ConnectionStateMachine.new(self)
         @state         = STATE(state_machine.current_state)
         @manager       = ConnectionManager.new(self)
+
+        @current_host = client.endpoint.host
       end
 
       # Causes the connection to close, entering the closed state, from any state except
@@ -429,10 +431,10 @@ module Ably
           client.auth.auth_params.tap do |auth_deferrable|
             auth_deferrable.callback do |auth_params|
               url_params = auth_params.merge(
-                format:     client.protocol,
-                echo:       client.echo_messages,
-                v:          Ably::PROTOCOL_VERSION,
-                lib:        client.rest_client.lib_version_id,
+                'format' =>     client.protocol,
+                'echo' =>       client.echo_messages,
+                'v' =>          Ably::PROTOCOL_VERSION,
+                'lib' =>        client.rest_client.lib_version_id,
               )
 
               # Use native websocket heartbeats if possible, but allow Ably protocol heartbeats
@@ -443,6 +445,7 @@ module Ably
               end
 
               url_params['clientId'] = client.auth.client_id if client.auth.has_client_id?
+              url_params.merge!(client.transport_params)
 
               if connection_resumable?
                 url_params.merge! resume: key, connection_serial: serial

data/lib/ably/realtime/connection/connection_manager.rb

@@ -49,18 +49,31 @@ module Ably::Realtime
 
         logger.debug { 'ConnectionManager: Opening a websocket transport connection' }
 
+        # The socket attempt can fail at the same time as a timer firing so ensure
+        #   only one outcome is processed from this setup attempt
+        setup_attempt_status = {}
+        setup_failed = lambda do
+          return true if setup_attempt_status[:failed]
+          setup_attempt_status[:failed] = true
+          false
+        end
+
         connection.create_websocket_transport.tap do |socket_deferrable|
           socket_deferrable.callback do |websocket_transport|
             subscribe_to_transport_events websocket_transport
             yield websocket_transport if block_given?
           end
           socket_deferrable.errback do |error|
+            next if setup_failed.call
             connection_opening_failed error
           end
         end
 
+        # The connection request timeout must be marginally higher than the REST request timeout to ensure
+        #   any HTTP auth request failure due to timeout triggers before the connection timer kicks in
         logger.debug { "ConnectionManager: Setting up automatic connection timeout timer for #{realtime_request_timeout}s" }
         create_timeout_timer_whilst_in_state(:connecting, realtime_request_timeout) do
+          next if setup_failed.call
           connection_opening_failed Ably::Exceptions::ConnectionTimeout.new("Connection to Ably timed out after #{realtime_request_timeout}s", nil, Ably::Exceptions::Codes::CONNECTION_TIMED_OUT)
         end
       end
@@ -80,7 +93,12 @@ module Ably::Realtime
 
         logger.warn { "ConnectionManager: Connection to #{connection.current_host}:#{connection.port} failed; #{error.message}" }
         next_state = get_next_retry_state_info
-        connection.transition_state_machine next_state.fetch(:state), retry_in: next_state.fetch(:pause), reason: Ably::Exceptions::ConnectionError.new("Connection failed: #{error.message}", nil, Ably::Exceptions::Codes::CONNECTION_FAILED, error)
+
+        if connection.state == next_state.fetch(:state)
+          logger.error { "ConnectionManager: Skipping next retry state after connection opening failed as already in state #{next_state}\n#{caller[0..20].join("\n")}" }
+        else
+          connection.transition_state_machine next_state.fetch(:state), retry_in: next_state.fetch(:pause), reason: Ably::Exceptions::ConnectionError.new("Connection failed: #{error.message}", nil, Ably::Exceptions::Codes::CONNECTION_FAILED, error)
+        end
       end
 
       # Called whenever a new connection is made

data/lib/ably/realtime/connection/websocket_transport.rb

@@ -1,3 +1,5 @@
+require 'openssl'
+
 module Ably::Realtime
   class Connection
     # EventMachine WebSocket transport
@@ -16,10 +18,13 @@ module Ably::Realtime
       )
       include Ably::Modules::StateEmitter
 
+      attr_reader :host
+
       def initialize(connection, url)
         @connection = connection
         @state      = STATE.Initialized
         @url        = url
+        @host       = URI.parse(url).hostname
 
         setup_event_handlers
       end
@@ -49,7 +54,7 @@ module Ably::Realtime
       # Required {http://www.rubydoc.info/github/eventmachine/eventmachine/EventMachine/Connection EventMachine::Connection} interface
       def connection_completed
         change_state STATE.Connected
-        start_tls if client.use_tls?
+        start_tls(tls_opts) if client.use_tls?
         driver.start
       end
 
@@ -77,6 +82,51 @@ module Ably::Realtime
         send_data(data)
       end
 
+      # TLS verification support, original implementation by Mislav Marohnić:
+      #
+      # https://github.com/lostisland/faraday/commit/63cf47c95b573539f047c729bd9ad67560bc83ff
+      def ssl_verify_peer(cert_string)
+        cert = nil
+        begin
+          cert = OpenSSL::X509::Certificate.new(cert_string)
+        rescue OpenSSL::X509::CertificateError => e
+          disconnect_with_reason "Websocket host '#{host}' returned an invalid TLS certificate: #{e.message}"
+          return false
+        end
+
+        @last_seen_cert = cert
+
+        if certificate_store.verify(@last_seen_cert)
+          begin
+            certificate_store.add_cert(@last_seen_cert)
+          rescue OpenSSL::X509::StoreError => e
+            unless e.message == 'cert already in hash table'
+              disconnect_with_reason "Websocket host '#{host}' returned an invalid TLS certificate: #{e.message}"
+              return false
+            end
+          end
+          true
+        else
+          disconnect_with_reason "Websocket host '#{host}' returned an invalid TLS certificate"
+          false
+        end
+      end
+
+      def ssl_handshake_completed
+        unless OpenSSL::SSL.verify_certificate_identity(@last_seen_cert, host)
+          disconnect_with_reason "Websocket host '#{host}' returned an invalid TLS certificate"
+          false
+        else
+          true
+        end
+      end
+
+      def certificate_store
+        @certificate_store ||= OpenSSL::X509::Store.new.tap do |store|
+          store.set_default_paths
+        end
+      end
+
       # True if socket connection is ready to be released
       # i.e. it is not currently connecting or connected
       def ready_for_release?
@@ -106,6 +156,12 @@ module Ably::Realtime
         @connection
       end
 
+      def disconnect_with_reason(reason)
+        client.logger.error { "WebsocketTransport: Disconnecting due to error: #{reason}" }
+        @reason_closed = reason
+        disconnect
+      end
+
       def reason_closed
         @reason_closed
       end
@@ -214,6 +270,16 @@ module Ably::Realtime
           end
         )
       end
+
+      # TLS options to pass to EventMachine::Connection#start_tls
+      #
+      # See https://www.rubydoc.info/github/eventmachine/eventmachine/EventMachine/Connection#start_tls-instance_method
+      def tls_opts
+        {
+          sni_hostname: host,
+          verify_peer:  true,
+        }
+      end
     end
   end
 end