Ignore request for AuthorizationListener
windery opened this issue · 0 comments
windery commented
Question
I want to pass Authentication http header to my netty-socketio server(2.0.8), and do my auth logic in AuthorizationListener.
However I found an OPTIONS request without the Authentication header but trigger the AuthorizationListener. The OPTIONS request got an 401 error and client connet failed.
Is is possible to add more information of the request to let me know which is the OPTIONS request and I can ignore it manuely.
Environment
test util
Socket.IO Test Client (v0.7.2)
client config
{
"extraHeaders": {
"Authorization": "Bearer test"
}
}
server config
@Bean
public SocketIOServer socketIOServer() {
com.corundumstudio.socketio.Configuration config = new com.corundumstudio.socketio.Configuration();
config.setHostname("0.0.0.0");
config.setPort(port);
config.setOrigin("*");
config.setAllowHeaders("Authorization");
config.setAuthorizationListener(handshakeData -> {
System.out.println(new ObjectMapper().valueToTree(handshakeData));
HttpHeaders headers = handshakeData.getHttpHeaders();
for (Map.Entry<String, String> header : headers) {
System.out.println(header.getKey() + ":" + header.getValue());
}
String authorization = headers.get("Authorization");
if (StringUtils.hasText(authorization)) {
return AuthorizationResult.SUCCESSFUL_AUTHORIZATION;
}
return AuthorizationResult.FAILED_AUTHORIZATION;
});
return new SocketIOServer(config);
}More Info
OPTIONS request
OPTIONS http://127.0.0.1:19999/socket.io/?EIO=4&transport=polling&t=Otfnx02
server console output
{"address":"127.0.0.1:60115","time":1709024082085,"local":"127.0.0.1:19999","url":"/socket.io/?EIO=4&transport=polling&t=OtfnVXX","urlParams":{"EIO":["4"],"transport":["polling"],"t":["OtfnVXX"]},"xdomain":true,"authToken":null,"httpHeaders":{"empty":false}}
Host:127.0.0.1:19999
Connection:keep-alive
Accept:*/*
Access-Control-Request-Method:GET
Access-Control-Request-Headers:authorization
Origin:http://192.168.100.137:5173
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Sec-Fetch-Mode:cors
Sec-Fetch-Site:cross-site
Sec-Fetch-Dest:empty
Referer:http://192.168.100.137:5173/
Accept-Encoding:gzip, deflate, br, zstd
Accept-Language:zh-CN,zh;q=0.9,en;q=0.8
content-length:0
GET
GET http://127.0.0.1:19999/socket.io/?EIO=4&transport=polling&t=Otfnx02
server console output :
{"address":"127.0.0.1:60643","time":1709024194576,"local":"127.0.0.1:19999","url":"/socket.io/?EIO=4&transport=polling&t=Otfnx02","urlParams":{"EIO":["4"],"transport":["polling"],"t":["Otfnx02"]},"xdomain":true,"authToken":null,"httpHeaders":{"empty":false}}
Host:127.0.0.1:19999
Connection:keep-alive
Accept:*/*
Access-Control-Request-Method:GET
Access-Control-Request-Headers:authorization
Origin:http://192.168.100.137:5173
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36
Sec-Fetch-Mode:cors
Sec-Fetch-Site:cross-site
Sec-Fetch-Dest:empty
Referer:http://192.168.100.137:5173/
Accept-Encoding:gzip, deflate, br, zstd
Accept-Language:zh-CN,zh;q=0.9,en;q=0.8
content-length:0