I have push my code into github, and the eureka and mysql is mine, you can clone it and run it directly:
auth-service websocket-service vue-websocket-demo
1. scenes to be used
- When connect WebSocket is permitAll
- Then Subscribe /user/queue/userInfo need user authenticated
- After subscribe success, send to /app/user/info need authenticated(Because I need get userInfo ), and push message to current user subscribe queue /user/queue/userInfo
2. What problem I encountered
- Connect WebSocket success
- Subscribe /user/queue/userInfo success
- Send to /app/user/info success
- At last I cannot receive the message return from server.
2.1 Details description after I trace the source code
1) when subscribe /user/queue/userInfo with the jwtToken in header, I get the jwtToken, then get Principle user object from auth server with jwtToken, then set user in StompHeaderAccessor. At last, the user subscribe lookupDestination is /queue/userInfo/user{sessionId} 2) Then send /app/user/userInfo with jwtToken in header, after handle the return value, the final send destination is /user/{Principle.getName()}/queue/userInfo.
the user never subscribe this queue: /user/{Principle.getName()}/queue/userInfo, and the message cannot send to user
3. What I do
3.1 WebSocketConfig
@Configuration
@Order(Ordered.HIGHEST_PRECEDENCE + 99)
@EnableWebSocketMessageBroker
public class WebSocketConfig implements WebSocketMessageBrokerConfigurer {
@Autowired
private CustomClientInboundChannelInterceptor customClientInboundChannelInterceptor;
@Override
public void configureClientInboundChannel(ChannelRegistration registration) {
registration.interceptors(customClientInboundChannelInterceptor);
}
@Override
public void registerStompEndpoints(StompEndpointRegistry registry) {
registry.addEndpoint("/sockJs").setAllowedOrigins("*").withSockJS();
}
@Override
public void configureMessageBroker(MessageBrokerRegistry config) {
config.enableSimpleBroker("/topic", "/queue");
config.setApplicationDestinationPrefixes("/app","/user");
}
}
3.2 WebSocketSecurityConfig
@Configuration
public class WebSocketSecurityConfig extends AbstractSecurityWebSocketMessageBrokerConfigurer {
@Override
protected void configureInbound(MessageSecurityMetadataSourceRegistry messages) {
messages
.simpTypeMatchers(SimpMessageType.CONNECT, SimpMessageType.HEARTBEAT, SimpMessageType.UNSUBSCRIBE, SimpMessageType.DISCONNECT).permitAll()
.simpDestMatchers("/user/**").authenticated()
.simpSubscribeDestMatchers("/user/**").authenticated();
}
@Override
protected boolean sameOriginDisabled() {
return true;
}
}
3.3 CustomClientInboundChannelInterceptor
This Interceptor is according to the spring reference documentation:websocket-stomp-authentication
@Component
public class CustomClientInboundChannelInterceptor implements ChannelInterceptor {
private final AuthServiceClient authServiceClient;
@Autowired
public CustomClientInboundChannelInterceptor(AuthServiceClient authServiceClient) {
this.authServiceClient = authServiceClient;
}
@Override
public Message<?> preSend(Message<?> message, MessageChannel channel) {
StompHeaderAccessor accessor = MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
if (StompCommand.SUBSCRIBE.equals(accessor.getCommand()) ||
StompCommand.SEND.equals(accessor.getCommand())
) {
String jwtToken = accessor.getFirstNativeHeader("Authorization");
log.debug("webSocket token is {}", jwtToken);
if (!StringUtils.isEmpty(jwtToken)) {
PassUser passUser = authServiceClient.userInfo(jwtToken);
SecurityContextHolder.getContext().setAuthentication(passUser);
accessor.setUser(passUser);
// I try to remove above code : accessor.setUser(passUser);
// Then SecurityContextChannelInterceptor line 123,
// it will take user from message header with key "simpUser"
// so if I remove , the user will change to anonymous, and request will be AccessDeniedException
}
}
return message;
}
}
3.3 Subscribe and Send from front-end js
connectWebSocket() {
let socket = new SockJS(this.baseUrl+'/sockJs');
this.stompClient = Stomp.over(socket);
this.stompClient.connect({}, function (frame) {
console.log('Connected: ' + frame)
});
}
subscribeLoginUserMessage(){
var headers = {
'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTA2OTk0MTYsInVzZXJfbmFtZSI6IjEiLCJqdGkiOiI0NzNjOTVlYy1iNjUwLTQ2OTUtOTVhMy00ODYzZjRjOWZjOGQiLCJjbGllbnRfaWQiOiJ0ZXN0LWNsaWVudC1pZCIsInNjb3BlIjpbImFsbCJdfQ.YH6yChvdATn1vMonbc0OhSgI_kTi3KeIzgCldypInLg'
};
this.stompClient.subscribe("/user/queue/userInfo", function (e) {
let data = JSON.parse(e.body)
console.log('login user p2p message response', data)
}, headers);
}
userInfo(){
let data = {}
var headers = {
'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1OTA2OTk0MTYsInVzZXJfbmFtZSI6IjEiLCJqdGkiOiI0NzNjOTVlYy1iNjUwLTQ2OTUtOTVhMy00ODYzZjRjOWZjOGQiLCJjbGllbnRfaWQiOiJ0ZXN0LWNsaWVudC1pZCIsInNjb3BlIjpbImFsbCJdfQ.YH6yChvdATn1vMonbc0OhSgI_kTi3KeIzgCldypInLg'
}
this.stompClient.send("/app/user/info", headers, JSON.stringify(data));
}
3.4 Controller method which handle the send request
@MessageMapping("/user/info")
@SendToUser(value = "/queue/userInfo", broadcast = false)
public String userInfo(@AuthenticationPrincipal PassUser passUser) {
log.info("push user info":passUser={}", JsonUtil.toJsonString(passUser));
return JsonUtil.toJsonString(passUser);
}
Comment From: rstoyanchev
I've edited your comment to improve the formatting. You might want to check out this Mastering Markdown guide for future reference.
Also if you can please avoid excessive use of images. It is preferable to provide code snippets which are better to read and search, and links to framework source code if necessary.
Comment From: rstoyanchev
Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use the issue tracker only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add some more details if you feel this is a genuine bug.
Comment From: uyoaix
I've edited your comment to improve the formatting. You might want to check out this Mastering Markdown guide for future reference.
Also if you can please avoid excessive use of images. It is preferable to provide code snippets which are better to read and search, and links to framework source code if necessary.
Oh! Thanks very much to help me for formatting the code, I will have a look about the mastering-markdown document.
Comment From: uyoaix
Thanks for getting in touch, but it feels like this is a question that would be better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use the issue tracker only for bugs and enhancements. Feel free to update this issue with a link to the re-posted question (so that other people can find it) or add some more details if you feel this is a genuine bug.
Why I post the question here is I find related question on Stack Overflow, but they all can't resolve what problems I encountered. Hmm, I will post this question on Stack Overflow and search goole for the question. If I still can't resolve it ,I hope some one in yours can help me. Thanks very much for responding to my question.
Comment From: uyoaix
I've edited your comment to improve the formatting. You might want to check out this Mastering Markdown guide for future reference.
Also if you can please avoid excessive use of images. It is preferable to provide code snippets which are better to read and search, and links to framework source code if necessary.
I will re-edit the content and remove images, replace them with code snippets. If I cannot resolve it in some days, I will reopen this issue and hope to get help. Thanks.