var validateSignature = function (request, userDN) { if (configuration.server.ezSecurityOpts.validate !== true) { return true; } var result = undefined; try { var EzSecurityClient = require("ezbakesecurityclient"); var client = new EzSecurityClient.Client(); result = client.validateCurrentRequest(request); } catch (e) { console.log(e); } return result; };
ws.on('close', function() { console.log((new Date()) + " Received close"); ezbakeSecurityClient.fetchTokenForProxiedUser(this.upgradeReq, function(err, token) { if (err) { console.error((new Date()) + " EzSecuruity returned an error: \n\t" + err + "\n" + (new Date()) + " Throwing EzSecuruity error."); throw err; } var userInfo = token.tokenPrincipal; var master = "globalsearch" + "_" + getUserSpecificString(userInfo) + "_" + "master"; var subscriber = redisSubscribers.get(ws.id); if (subscriber) { redisSubscribers.unsubscribe(channels[ws.id], subscriber, userInfo, redisClient, function(userHash) { console.log((new Date()) + " " + ws.id + ' disconnected from channel ' + channels[ws.id]); // Send a message over the master channel letting the Chloe client know which channel was closed if (channels[ws.id] !== master) { var channel = channels[ws.id]; sendUpdate(userHash, channel, master); } }); } }); });
ws.on('message', function(message) { ezbakeSecurityClient.fetchTokenForProxiedUser(this.upgradeReq, function(err, token) { if (err) { console.error((new Date()) + " EzSecuruity returned an error: \n\t" + err + "\n" + (new Date()) + " Throwing EzSecuruity error."); throw err; } var userInfo = token.tokenPrincipal; message = JSON.parse(message); var master = "globalsearch" + "_" + getUserSpecificString(userInfo) + "_" + "master"; var channel = message.app + "_" + getUserSpecificString(userInfo) + "_" + message.channel; if (typeof ws.id === "undefined") { ws.id = connectionID; connectionID++; channels[ws.id] = channel; } if (message.status === "keep-alive") { // This is a ping to keep the web socket alive, no action needed } else if (message.SSRs) { if (message.user) { redisSubscribers.getUserInfoForUser(message.user, redisClient, function(userInfo) { channel = message.app + "_" + getUserSpecificString(userInfo) + "_" + message.channel; sendSSRs(channel, message.SSRs); }); } else { sendSSRs(channel, message.SSRs); } } else { // Subscribe to the redis queue console.log((new Date()) + ' %s subscribed to channel %s', ws.id, channel); var redisSubscriber = redis.createClient(ezConfig.properties["redis.port"], ezConfig.properties["redis.host"]); var appInfo = { appName: message.app, channel: message.channel }; redisSubscribers.subscribe(channel, redisSubscriber, userInfo, appInfo, redisClient); // When a redis queue message is received, pass the message along via websocket (function (websocket) { redisSubscriber.on("message", function(channel, message) { try { var decryptedText = Cryptography.decrypt(JSON.parse(message), privateKey); console.log((new Date()) + " Attempting to forward message to WebSocket. \n\t" + "Message body: " + decryptedText); websocket.send(decryptedText); } catch (err) { console.error((new Date()) + " Error forwarding message to WebSocket. \n\t" + err); } }); })(ws); (function (websocketId, redisSubscriber, master, channel, userHash) { redisSubscriber.on("ready", function() { redisSubscribers.add(websocketId, redisSubscriber, channel, redisClient); sendUpdate(userHash, channel, master); }); })(ws.id, redisSubscriber, master, channel, md5(JSON.stringify(userInfo.principal))); } }); });
getAuthToken: function (request, callback) { var EzSecurityClient = require("ezbakesecurityclient"); var client = new EzSecurityClient.Client(); client.fetchTokenForProxiedUser(request, callback); }