iodine 0.0.1 → 0.0.2

data/lib/iodine/http/websocket_client.rb

@@ -0,0 +1,224 @@
+
+module Iodine
+	class Http < Iodine::Protocol
+		# Create a simple Websocket Client(!).
+		#
+		# This should be done from within an Iodine task, or the callbacks will not be called.
+		#
+		# Use {Iodine::Http::WebsocketClient.connect} to initialize a client with all the callbacks needed.
+		class WebsocketClient
+		attr_accessor :response, :request
+
+		def initialize request
+			@response = nil
+			@request = request
+			params = request[:ws_client_params]
+			@on_message = params[:on_message]
+			raise "Websocket client must have an #on_message Proc or handler." unless @on_message && @on_message.respond_to?(:call)
+			@on_open = params[:on_open]
+			@on_close = params[:on_close]
+		end
+
+		def on event_name, &block
+			return false unless block
+			case event_name
+			when :message
+				@on_message = block
+			when :close
+				@on_close = block
+			when :open
+				raise 'The on_open even is invalid at this point.'
+			end
+										
+		end
+
+		def on_message(data = nil, &block)
+			unless data
+				@on_message = block if block
+				return @on_message
+			end
+			instance_exec( data, &@on_message) 
+		end
+
+		def on_open(protocol = nil, &block)
+			unless protocol
+				raise 'The on_open even is invalid at this point.' if block
+				# @on_open = block if block
+				return @on_open
+			end
+			@io = protocol
+			Iodine::Http::Request.parse @request
+			instance_exec(&@on_open) if @on_open
+		end
+
+		def on_close(&block)
+			@on_close = block if block
+			instance_exec(&@on_close) if @on_close
+		end
+
+		# Sends data through the socket. a shortcut for ws_client.response <<
+		#
+		# @return [true, false] Returns the true if the data was actually sent or nil if no data was sent.
+		def << data
+			# raise 'Cannot send data when the connection is closed.' if closed?
+			@io << data
+		end
+		alias :write :<<
+
+		# closes the connection, if open
+		def close
+			@io.close if @io
+		end
+
+		# checks if the socket is open (if the websocket was terminated abnormally, this might returs true when it should be false).
+		def closed?
+			@io.io.closed?
+		end
+
+		# checks if this is an SSL websocket connection.
+		def ssl?
+			@request.ssl?
+		end
+
+		# return the HTTP's handshake data, including any cookies sent by the server.
+		def request
+			@request
+		end
+		# return a Hash with the HTTP cookies recieved during the HTTP's handshake.
+		def cookies
+			@request.cookies
+		end
+
+		# Create a simple Websocket Client(!).
+		#
+		# This method accepts two parameters:
+		# url:: a String representing the URL of the websocket. i.e.: 'ws://foo.bar.com:80/ws/path'
+		# options:: a Hash with options to be used. The options will be used to define the connection's details (i.e. ssl etc') and the Websocket callbacks (i.e. on_open(ws), on_close(ws), on_message(ws))
+		# &block:: an optional block that accepts one parameter (data) and will be used as the `#on_message(data)`
+		#
+		# Acceptable options are:
+		# on_open:: the on_open callback. Must be an objects that answers `call(ws)`, usually a Proc.
+		# on_message:: the on_message callback. Must be an objects that answers `call(ws)`, usually a Proc.
+		# on_close:: the on_close callback. Must be an objects that answers `call(ws)`, usually a Proc.
+		# headers:: a Hash of custom HTTP headers to be sent with the request. Header data, including cookie headers, should be correctly encoded.
+		# cookies:: a Hash of cookies to be sent with the request. cookie data will be encoded before being sent.
+		# timeout:: the number of seconds to wait before the connection is established. Defaults to 5 seconds.
+		#
+		# The method will block until the connection is established or until 5 seconds have passed (the timeout). The method will either return a WebsocketClient instance object or raise an exception it the connection was unsuccessful.
+		#
+		# An on_message Proc must be defined, or the method will fail.
+		#
+		# The on_message Proc can be defined using the optional block:
+		#
+		#      Iodine::Http::WebsocketClient.connect("ws://localhost:3000/") {|data| write data} #echo example
+		#
+		# OR, the on_message Proc can be defined using the options Hash: 
+		#
+		#      Iodine::Http::WebsocketClient.connect("ws://localhost:3000/", on_open: -> {}, on_message: -> {|data| write data })
+		#
+		# The #on_message(data), #on_open and #on_close methods will be executed within the context of the WebsocketClient
+		# object, and will have native acess to the Websocket response object.
+		#
+		# After the WebsocketClient had been created, it's possible to update the #on_message and #on_close methods:
+		#
+		#      # updates #on_message
+		#      wsclient.on_message do |data|
+		#           response << "I'll disconnect on the next message!"
+		#           # updates #on_message again.
+		#           on_message {|data| disconnect }
+		#      end
+		#
+		#
+		# !!please be aware that the Websockt Client will not attempt to verify SSL certificates,
+		# so that even SSL connections are vulnerable to a possible man in the middle attack.
+		#
+		# @return [Iodine::Http::WebsocketClient] this method returns the connected {Iodine::Http::WebsocketClient} or raises an exception if something went wrong (such as a connection timeout).
+		def self.connect url, options={}, &block
+			socket = nil
+			options = options.dup
+			options[:on_message] ||= block
+			raise "No #on_message handler defined! please pass a block or define an #on_message handler!" unless options[:on_message]
+			url = URI.parse(url) unless url.is_a?(URI)
+
+			ssl = url.scheme == "https" || url.scheme == "wss"
+
+			url.port ||= ssl ? 443 : 80
+			url.path = '/' if url.path.to_s.empty?
+			socket = TCPSocket.new(url.host, url.port)
+			if ssl
+				context = OpenSSL::SSL::SSLContext.new
+				context.cert_store = OpenSSL::X509::Store.new
+				context.cert_store.set_default_paths
+				context.set_params verify_mode: (options[:verify_mode] || OpenSSL::SSL::VERIFY_NONE) # OpenSSL::SSL::VERIFY_PEER #OpenSSL::SSL::VERIFY_NONE
+				ssl = OpenSSL::SSL::SSLSocket.new(socket, context)
+				ssl.sync_close = true
+				ssl.connect
+			end
+			# prep custom headers
+			custom_headers = ''
+			custom_headers = options[:headers] if options[:headers].is_a?(String)
+			options[:headers].each {|k, v| custom_headers << "#{k.to_s}: #{v.to_s}\r\n"} if options[:headers].is_a?(Hash)
+			options[:cookies].each {|k, v| raise 'Illegal cookie name' if k.to_s.match(/[\x00-\x20\(\)<>@,;:\\\"\/\[\]\?\=\{\}\s]/); custom_headers << "Cookie: #{ k }=#{ Iodine::Http::Request.encode_url v }\r\n"} if options[:cookies].is_a?(Hash)
+
+			# send protocol upgrade request
+			websocket_key = [(Array.new(16) {rand 255} .pack 'c*' )].pack('m0*')
+			(ssl || socket).write "GET #{url.path}#{url.query.to_s.empty? ? '' : ('?' + url.query)} HTTP/1.1\r\nHost: #{url.host}#{url.port ? (':'+url.port.to_s) : ''}\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nOrigin: #{options[:ssl_client] ? 'https' : 'http'}://#{url.host}\r\nSec-WebSocket-Key: #{websocket_key}\r\nSec-WebSocket-Version: 13\r\n#{custom_headers}\r\n"
+			# wait for answer - make sure we don't over-read
+			# (a websocket message might be sent immidiately after connection is established)
+			reply = ''
+			reply.force_encoding(::Encoding::ASCII_8BIT)
+			stop_time = Time.now + (options[:timeout] || 5)
+			stop_reply = "\r\n\r\n"
+			sleep 0.2
+			until reply[-4..-1] == stop_reply
+				begin
+					reply << ( ssl ? ssl.read_nonblock(1) : socket.recv_nonblock(1) )
+				rescue Errno::EWOULDBLOCK => e
+					raise "Websocket client handshake timed out (HTTP reply not recieved)\n\n Got Only: #{reply}" if Time.now >= stop_time
+					IO.select [socket], nil, nil, (options[:timeout] || 5)
+					retry
+				end
+				raise "Connection failed" if socket.closed?
+			end
+			# review reply
+			raise "Connection Refused. Reply was:\r\n #{reply}" unless reply.lines[0].match(/^HTTP\/[\d\.]+ 101/i)
+			raise 'Websocket Key Authentication failed.' unless reply.match(/^Sec-WebSocket-Accept:[\s]*([^\s]*)/i) && reply.match(/^Sec-WebSocket-Accept:[\s]*([^\s]*)/i)[1] == Digest::SHA1.base64digest(websocket_key + '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')
+			# read the body's data and parse any incoming data.
+			request = Iodine::Http::Request.new
+			request[:method] = 'GET'
+			request['host'] = "#{url.host}:#{url.port}"
+			request[:query] = url.path
+			request[:version] = '1.1'
+			reply = StringIO.new reply
+			reply.gets
+
+			until reply.eof?
+				until request[:headers_complete] || (l = reply.gets).nil?
+					if l.include? ':'
+						l = l.strip.split(/:[\s]?/, 2)
+						l[0].strip! ; l[0].downcase!;
+						request[l[0]] ? (request[l[0]].is_a?(Array) ? (request[l[0]] << l[1]) : request[l[0]] = [request[l[0]], l[1] ]) : (request[l[0]] = l[1])
+					elsif l =~ /^[\r]?\n/
+						request[:headers_complete] = true
+					else
+						#protocol error
+						raise 'Protocol Error, closing connection.'
+						return close
+					end
+				end
+			end
+			reply.string.clear
+
+			request[:ws_client_params] = options
+
+			Iodine::Http::Websockets.new( ( ssl || socket), self.new(request), request )
+			
+			rescue => e
+				(ssl || socket).tap {|io| next if io.nil?; io.close unless io.closed?}
+				raise e
+		end
+		end
+	end
+end
+
+

data/lib/iodine/http/websocket_handler.rb

@@ -0,0 +1,40 @@
+require 'iodine'
+require 'stringio'
+require 'time'
+require 'json'
+require 'yaml'
+require 'uri'
+require 'tmpdir'
+require 'zlib'
+
+# require 'securerandom'
+
+module Iodine
+	class Http < Iodine::Protocol
+		class WebsocketEchoDemo
+			def initialize request, response
+				@request = request
+				@response = response
+				on_open
+			end
+			def on_open
+			end
+			def on_message data
+				@response << "You >> #{data}"
+			end
+			def on_close
+			end
+
+			# This method allows the class itself to act as the Websocket handler, usable with:
+			#        Iodine::Http.on_websocket Iodine::Http::WebsocketEchoDemo
+			def self.call request, response
+				return false if request[:path] =~ /refuse/i
+				self.new request, response
+			end
+			
+			protected
+		end
+	end
+end
+
+

data/lib/iodine/http/websockets.rb

@@ -0,0 +1,319 @@
+module Iodine
+	class Http < Iodine::Protocol
+		class Websockets < ::Iodine::Protocol
+			def initialize io, handler, request, ws_extentions = nil
+				@handler = handler
+				@ws_extentions = ws_extentions
+				request[:io] = self
+				super(io)
+			end
+			def on_open
+				set_timeout 45
+				@parser = {body: '', stage: 0, step: 0, mask_key: [], len_bytes: []}
+				set_timeout = self.class.default_timeout
+				@handler.on_open self if @handler.respond_to? :on_open
+			end
+			def on_message data
+				extract_message StringIO.new(data)
+			end
+			def on_broadcast data
+				@handler.on_broadcast(data) if @handler.respond_to? :on_broadcast
+			end
+			def on_close
+				@handler.on_close if @handler.respond_to? :on_close
+				if @ws_extentions
+					@ws_extentions.each { |ex| ex.close }
+					@ws_extentions.clear
+				end
+			end
+
+			def send_response response, finish = false
+				body = response.extract_body
+				send_data body
+			end
+			alias :stream_response :send_response
+
+			# sends the data as one (or more) Websocket frames
+			def send_data data, op_code = nil, fin = true, ext = 0
+				return false if !data || data.empty?
+				return false if @io.closed?
+				data = data.dup # needed?
+				unless op_code # apply extenetions to the message as a whole
+					op_code = (data.encoding == ::Encoding::UTF_8 ? 1 : 2) 
+					@ws_extentions.each { |ex| ext |= ex.edit_message data } if @ws_extentions
+				end
+				byte_size = data.bytesize
+				if byte_size > (FRAME_SIZE_LIMIT+2)
+					sections = byte_size/FRAME_SIZE_LIMIT + (byte_size%FRAME_SIZE_LIMIT ? 1 : 0)
+					send_data( data.slice!( 0...FRAME_SIZE_LIMIT ), op_code, data.empty?, ext) && (ext = op_code = 0) until data.empty?
+					return true # avoid sending an empty frame.
+				end
+				@ws_extentions.each { |ex| ext |= ex.edit_frame data } if @ws_extentions
+				header = ( (fin ? 0b10000000 : 0) | (op_code & 0b00001111) | ext).chr.force_encoding(::Encoding::ASCII_8BIT)
+
+				if byte_size < 125
+					header << byte_size.chr
+				elsif byte_size.bit_length <= 16					
+					header << 126.chr
+					header << [byte_size].pack('S>'.freeze)
+				else
+					header << 127.chr
+					header << [byte_size].pack('Q>'.freeze)
+				end
+				write header
+				write(data) && true
+			end
+			alias :<< :send_data
+
+			# Sends a ping.
+			def ping
+				write PING_FRAME
+			end
+			# Sends an empty pong.
+			def pong
+				write PONG_FRAME
+			end
+
+			# Broadcasts data to ALL the websocket connections EXCEPT the once specified (if specified).
+			#
+			# Data broadcasted will be recived by the websocket handler it's #on_broadcast(ws) method (if exists).
+			#
+			# Accepts:
+			#
+			# data:: One object of data. Usually a Hash, Array, String or a JSON formatted object.
+			# ignore_io (optional):: The IO to be ignored by the broadcast. Usually the broadcaster's IO.
+			# 
+			def self.broadcast data, ignore_io = nil
+				if ignore_io
+					ig_id = ignore_io.object_id
+					each {|io| Iodine.run io, data, &broadcast_proc unless io.object_id == ig_id}
+				else
+					each {|io| Iodine.run io, data, &broadcast_proc }
+				end
+				true
+			end
+
+			# Broadcasts the data to all the listening websockets, except self. See {::Iodine::Http::Websockets.broadcast}
+			def broadcast data
+				self.class.broadcast data, self
+			end
+
+			# Unicast data to a specific websocket connection (ONLY the connection specified).
+			#
+			# Data broadcasted will be recived by the websocket handler it's #on_broadcast(ws) method (if exists).
+			# Accepts:
+			# uuid:: the UUID of the websocket connection recipient.
+			# data:: the data to be sent.
+			#
+			# @return [true, false] Returns true if the object was found and the unicast was sent (the task will be executed asynchronously once the unicast was sent).
+			def self.unicast id, data
+				return false unless id && data
+				each {|io| next unless io.id == id; Iodine.run io, data, &broadcast_proc; return true}
+				false
+			end
+			# @return [true, false] Unicasts the data to the requested connection. returns `true` if the requested connection id was found on this server. See {::Iodine::Http::Websockets.unicast}
+			def unicast id, data
+				self.class.unicast id, data
+			end
+
+			def self.handshake request, response, handler
+				# review handshake (version, extentions)
+				# should consider adopting the websocket gem for handshake and framing:
+				# https://github.com/imanel/websocket-ruby
+				# http://www.rubydoc.info/github/imanel/websocket-ruby
+				return refuse response unless handler || handler == true
+				io = request[:io]
+				response.keep_alive = true
+				response.status = 101
+				response['upgrade'.freeze] = 'websocket'.freeze
+				response['content-length'.freeze] = '0'.freeze
+				response['connection'.freeze] = 'Upgrade'.freeze
+				response['sec-websocket-version'.freeze] = '13'.freeze
+				# Note that the client is only offering to use any advertised extensions
+				# and MUST NOT use them unless the server indicates that it wishes to use the extension.
+				ws_extentions = []
+				ext = []
+				request['sec-websocket-extensions'.freeze].to_s.split(/[\s]*[,][\s]*/).each {|ex| ex = ex.split(/[\s]*;[\s]*/); ( ( tmp = SUPPORTED_EXTENTIONS[ ex[0] ].call(ex[1..-1]) ) && (ws_extentions << tmp) && (ext << tmp.name) ) if SUPPORTED_EXTENTIONS[ ex[0] ] }
+				ext.compact!
+				if ext.any?
+					response['sec-websocket-extensions'.freeze] = ext.join(', ')
+				else
+					ws_extentions = nil
+				end
+				response['Sec-WebSocket-Accept'.freeze] = Digest::SHA1.base64digest(request['sec-websocket-key'.freeze] + '258EAFA5-E914-47DA-95CA-C5AB0DC85B11'.freeze)
+				response.session
+				# Iodine.logger << "#{@request[:client_ip]} [#{Time.now.utc}] - #{@connection.object_id} Upgraded HTTP to WebSockets.\n"
+				# request.io.handler.send_response response 
+				response.finish
+				self.new(io.io, handler, request, ws_extentions)
+				return true
+			end
+
+			# Gets the new connection timeout in seconds. Whenever this timeout is reached, a ping will be sent. Defaults to 40 (seconds).
+			def self.default_timeout
+				@default_timeout
+			end
+			# Sets the new connection timeout in seconds. Whenever this timeout is reached, a ping will be sent. Defaults to 40 (seconds).
+			def self.default_timeout= val
+				@default_timeout = val
+			end
+			# Sets the message byte size limit for a Websocket message. Defaults to 0 (no limit)
+			#
+			# Although memory will be allocated for the latest TCP/IP frame,
+			# this allows the websocket to disconnect if the incoming expected message size exceeds the allowed maximum size.
+			#
+			# If the sessage size limit is exceeded, the disconnection will be immidiate as an attack will be assumed. The protocol's normal disconnect sequesnce will be discarded.
+			def self.message_size_limit=val
+				@message_size_limit = val
+			end
+			# Gets the message byte size limit for a Websocket message. Defaults to 0 (no limit)
+			def self.message_size_limit
+				@message_size_limit ||= 0
+			end
+
+			protected
+			FRAME_SIZE_LIMIT = 17_895_697
+			SUPPORTED_EXTENTIONS = {}
+			CLOSE_FRAME = "\x88\x00".freeze
+			PONG_FRAME = "\x8A\x00".freeze
+			PING_FRAME = "\x89\x00".freeze
+			@default_timeout = 40
+
+			def self.broadcast_proc
+				@broadcast_proc ||= Proc.new {|io, data| io.on_broadcast data }
+			end
+
+			def self.refuse response
+				response.status = 400
+				response['sec-websocket-extensions'.freeze] = SUPPORTED_EXTENTIONS.keys.join(', ')
+				response['sec-websocket-version'.freeze] = '13'.freeze
+				false
+			end
+
+			# parse the message and send it to the handler
+			#
+			# test: frame = ["819249fcd3810b93b2fb69afb6e62c8af3e83adc94ee2ddd"].pack("H*").bytes; parser[:stage] = 0; parser = {}
+			# accepts:
+			# data:: an IO object (usually a StringIO object)
+			def extract_message data
+				parser = @parser
+				until data.eof?
+					if parser[:stage] == 0
+						tmp = data.getbyte
+						return unless tmp
+						parser[:fin] = tmp[7] == 1
+						parser[:rsv1] = tmp[6] == 1
+						parser[:rsv2] = tmp[5] == 1
+						parser[:rsv3] = tmp[4] == 1
+						parser[:op_code] = tmp & 0b00001111
+						parser[:p_op_code] ||= tmp & 0b00001111
+						parser[:stage] += 1
+					end
+					if parser[:stage] == 1
+						tmp = data.getbyte
+						return unless tmp
+						parser[:mask] = tmp[7]
+						parser[:mask_key].clear
+						parser[:len] = tmp & 0b01111111
+						parser[:len_bytes].clear
+						parser[:stage] += 1
+					end
+					if parser[:stage] == 2
+						tmp = 0
+						tmp = 2 if parser[:len] == 126
+						tmp = 8 if parser[:len] == 127
+						while parser[:len_bytes].length < tmp
+							parser[:len_bytes] << data.getbyte
+							return parser[:len_bytes].pop unless parser[:len_bytes].last
+						end
+						parser[:len] = merge_bytes( parser[:len_bytes] ) if tmp > 0
+						parser[:step] = 0
+						parser[:stage] += 1
+						return false unless review_message_size
+					end
+					if parser[:stage] == 3 && parser[:mask] == 1
+						until parser[:mask_key].length == 4
+							parser[:mask_key] << data.getbyte
+							return parser[:mask_key].pop unless parser[:mask_key].last
+						end
+						parser[:stage] += 1
+					elsif  parser[:stage] == 3 && parser[:mask] != 1
+						parser[:stage] += 1
+					end
+					if parser[:stage] == 4
+						if parser[:body].bytesize < parser[:len]
+							tmp = data.read(parser[:len] - parser[:body].bytesize)
+							return unless tmp
+							parser[:body] << tmp
+						end
+						if parser[:body].bytesize >= parser[:len]
+							parser[:body].bytesize.times {|i| parser[:body][i] = (parser[:body][i].ord ^ parser[:mask_key][i % 4]).chr} if parser[:mask] == 1
+							parser[:stage] = 99
+						end
+					end
+					complete_frame if parser[:stage] == 99
+				end
+			end
+
+			# takes and Array of bytes and combines them to an int(16 Bit), 32Bit or 64Bit number
+			def merge_bytes bytes
+				return 0 unless bytes.any?
+				return bytes.pop if bytes.length == 1
+				bytes.pop ^ (merge_bytes(bytes) << 8)
+			end
+
+			# handles the completed frame and sends a message to the handler once all the data has arrived.
+			def complete_frame
+				parser = @parser
+				@ws_extentions.each {|ex| ex.parse_frame(parser) } if @ws_extentions
+
+				case parser[:op_code]
+				when 9 # ping
+					# handle parser[:op_code] == 9 (ping)
+					::Iodine.run { send_data parser[:body], 10 }
+					parser[:p_op_code] = nil if parser[:p_op_code] == 9
+				when 10 #pong
+					# handle parser[:op_code] == 10 (pong)
+					parser[:p_op_code] = nil if parser[:p_op_code] == 10
+				when 8 # close
+					# handle parser[:op_code] == 8 (close)
+					write( CLOSE_FRAME )
+					close
+					parser[:p_op_code] = nil if parser[:p_op_code] == 8
+				else
+					parser[:message] ? ((parser[:message] << parser[:body]) && parser[:body].clear) : ((parser[:message] = parser[:body]) && parser[:body] = '')
+					# handle parser[:op_code] == 0 / fin == false (continue a frame that hasn't ended yet)
+					if parser[:fin]
+						@ws_extentions.each {|ex| ex.parse_message(parser) } if @ws_extentions
+						Iodine::Http::Request.make_utf8! parser[:message] if parser[:p_op_code] == 1
+						@handler.on_message parser[:message]
+						parser[:message] = nil
+						parser[:p_op_code] = nil
+					end
+				end
+				parser[:stage] = 0
+				parser[:body].clear
+				parser[:step] = 0
+				parser[:mask_key].clear
+				parser[:p_op_code] = nil
+			end
+			#reviews the message size and closes the connection if expected message size is over the allowed limit.
+			def review_message_size
+				if ( self.class.message_size_limit.to_i > 0 ) && ( ( @parser[:len] + (@parser[:message] ? @parser[:message].bytesize : 0) ) > self.class.message_size_limit.to_i )
+					close
+					@parser.delete :message
+					@parser[:step] = 0
+					@parser[:body].clear
+					@parser[:mask_key].clear
+					Iodine.warn "Websocket message above limit's set - closing connection."
+					return false
+				end
+				true
+			end
+
+
+		end
+	end
+end
+
+