Refactor to use SSLParameters and extend DefaultSSLWebSocketServerFactory

matt-willson-clover · matt-willson-clover · commit a3a5a919094a · 2019-01-14T15:13:20.000-07:00
diff --git a/src/main/example/SSLClientExample.java b/src/main/example/SSLClientExample.java
@@ -111,7 +111,9 @@ public static void main( String[] args ) throws Exception {
 		while ( true ) {
 			String line = reader.readLine();
 			if( line.equals( "close" ) ) {
-				chatclient.close();
+				chatclient.closeBlocking();
+			} else if ( line.equals( "open" ) ) {
+				chatclient.reconnect();
 			} else {
 				chatclient.send( line );
 			}
diff --git a/src/main/example/TwoWaySSLServerExample.java b/src/main/example/TwoWaySSLServerExample.java
@@ -25,18 +25,15 @@
  *  OTHER DEALINGS IN THE SOFTWARE.
  */
 
-import org.java_websocket.server.SSLEngineWebSocketServerFactory;
+import org.java_websocket.server.SSLParametersWebSocketServerFactory;
 
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLParameters;
 import javax.net.ssl.TrustManagerFactory;
 import java.io.File;
 import java.io.FileInputStream;
 import java.security.KeyStore;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
 
 /**
  * Copy of SSLServerExample except we use @link SSLEngineWebSocketServerFactory to customize clientMode/ClientAuth to force client to present a cert.
@@ -70,13 +67,10 @@ public static void main( String[] args ) throws Exception {
 		SSLContext sslContext = SSLContext.getInstance( "TLS" );
 		sslContext.init( kmf.getKeyManagers(), tmf.getTrustManagers(), null );
 
-		SSLEngine engine = sslContext.createSSLEngine();
-
-		// Here we force the client to present a certificate
-		engine.setUseClientMode(false);
-		engine.setNeedClientAuth(true);
-
-		chatserver.setWebSocketFactory( new SSLEngineWebSocketServerFactory( engine ) );
+		SSLParameters sslParameters = new SSLParameters();
+		// This is all we need
+		sslParameters.setNeedClientAuth(true);
+		chatserver.setWebSocketFactory( new SSLParametersWebSocketServerFactory(sslContext, sslParameters));
 
 		chatserver.start();
 
diff --git a/src/main/java/org/java_websocket/server/SSLParametersWebSocketServerFactory.java b/src/main/java/org/java_websocket/server/SSLParametersWebSocketServerFactory.java
@@ -26,55 +26,56 @@
 package org.java_websocket.server;
 
 import org.java_websocket.SSLSocketChannel2;
-import org.java_websocket.WebSocketAdapter;
-import org.java_websocket.WebSocketImpl;
-import org.java_websocket.WebSocketServerFactory;
-import org.java_websocket.drafts.Draft;
 
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLParameters;
 import java.io.IOException;
 import java.nio.channels.ByteChannel;
 import java.nio.channels.SelectionKey;
 import java.nio.channels.SocketChannel;
-import java.util.List;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 
 /**
- * WebSocketFactory that take a SSLEngine as a parameter allow for customization of SSLParameters, Cipher Suites, Supported Protocols, ClientMode, ClientAuth ...
- * @link https://docs.oracle.com/javase/7/docs/api/javax/net/ssl/SSLEngine.html
+ * WebSocketFactory that can be configured to only support specific protocols and cipher suites.
  */
-public class SSLEngineWebSocketServerFactory implements WebSocketServerFactory {
+public class SSLParametersWebSocketServerFactory extends DefaultSSLWebSocketServerFactory {
 
-  private final SSLEngine sslEngine;
-  protected ExecutorService exec;
+  private final SSLParameters sslParameters;
 
-  public SSLEngineWebSocketServerFactory(SSLEngine sslEngine) {
-    this(sslEngine, Executors.newSingleThreadScheduledExecutor());
+  /**
+   * New CustomSSLWebSocketServerFactory configured to only support given protocols and given cipher suites.
+   *
+   * @param sslContext          - can not be <code>null</code>
+   * @param sslParameters    - sslParameters
+   */
+  public SSLParametersWebSocketServerFactory(SSLContext sslContext, SSLParameters sslParameters) {
+    this(sslContext, Executors.newSingleThreadScheduledExecutor(), sslParameters);
   }
 
-  private SSLEngineWebSocketServerFactory(SSLEngine sslEngine, ExecutorService exec) {
-    this.sslEngine = sslEngine;
-    this.exec = exec;
-  }
-
-  @Override
-  public WebSocketImpl createWebSocket( WebSocketAdapter a, Draft d) {
-    return new WebSocketImpl( a, d );
-  }
-
-  @Override
-  public WebSocketImpl createWebSocket( WebSocketAdapter a, List<Draft> d) {
-    return new WebSocketImpl( a, d );
+  /**
+   * New CustomSSLWebSocketServerFactory configured to only support given protocols and given cipher suites.
+   *
+   * @param sslContext          - can not be <code>null</code>
+   * @param executerService     - can not be <code>null</code>
+   * @param sslParameters    - sslParameters
+   */
+  public SSLParametersWebSocketServerFactory(SSLContext sslContext, ExecutorService executerService, SSLParameters sslParameters) {
+    super(sslContext, executerService);
+    if (sslParameters == null) {
+      throw new IllegalArgumentException();
+    }
+    this.sslParameters = sslParameters;
   }
 
   @Override
   public ByteChannel wrapChannel(SocketChannel channel, SelectionKey key) throws IOException {
-    return new SSLSocketChannel2(channel, sslEngine, exec, key);
-  }
-
-  @Override
-  public void close() {
-
+    SSLEngine e = sslcontext.createSSLEngine();
+    e.setUseClientMode(false);
+    if (sslParameters != null) {
+      e.setSSLParameters(sslParameters);
+    }
+    return new SSLSocketChannel2(channel, e, exec, key);
   }
 }
diff --git a/src/test/java/org/java_websocket/server/SSLParametersWebSocketServerFactoryTest.java b/src/test/java/org/java_websocket/server/SSLParametersWebSocketServerFactoryTest.java
@@ -0,0 +1,131 @@
+package org.java_websocket.server;
+
+import org.java_websocket.WebSocket;
+import org.java_websocket.WebSocketAdapter;
+import org.java_websocket.WebSocketImpl;
+import org.java_websocket.drafts.Draft;
+import org.java_websocket.drafts.Draft_6455;
+import org.java_websocket.handshake.Handshakedata;
+import org.junit.Test;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLParameters;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.ByteChannel;
+import java.nio.channels.NotYetConnectedException;
+import java.nio.channels.SocketChannel;
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+import java.util.concurrent.Executors;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
+public class SSLParametersWebSocketServerFactoryTest {
+
+    @Test
+    public void testConstructor() throws NoSuchAlgorithmException {
+        try {
+            new SSLParametersWebSocketServerFactory(null, null);
+            fail("IllegalArgumentException should be thrown");
+        } catch (IllegalArgumentException e) {
+            // Good
+        }
+        try {
+            new SSLParametersWebSocketServerFactory(SSLContext.getDefault(), null);
+            fail("IllegalArgumentException should be thrown");
+        } catch (IllegalArgumentException e) {
+        }
+        try {
+            new SSLParametersWebSocketServerFactory(SSLContext.getDefault(), new SSLParameters());
+        } catch (IllegalArgumentException e) {
+            fail("IllegalArgumentException should not be thrown");
+        }
+        try {
+            new SSLParametersWebSocketServerFactory(SSLContext.getDefault(), Executors.newCachedThreadPool(), new SSLParameters());
+        } catch (IllegalArgumentException e) {
+            fail("IllegalArgumentException should not be thrown");
+        }
+    }
+    @Test
+    public void testCreateWebSocket() throws NoSuchAlgorithmException {
+        SSLParametersWebSocketServerFactory webSocketServerFactory = new SSLParametersWebSocketServerFactory(SSLContext.getDefault(), new SSLParameters());
+        CustomWebSocketAdapter webSocketAdapter = new CustomWebSocketAdapter();
+        WebSocketImpl webSocketImpl = webSocketServerFactory.createWebSocket(webSocketAdapter, new Draft_6455());
+        assertNotNull("webSocketImpl != null", webSocketImpl);
+        webSocketImpl = webSocketServerFactory.createWebSocket(webSocketAdapter, Collections.<Draft>singletonList(new Draft_6455()));
+        assertNotNull("webSocketImpl != null", webSocketImpl);
+    }
+
+    @Test
+    public void testWrapChannel() throws IOException, NoSuchAlgorithmException {
+        SSLParametersWebSocketServerFactory webSocketServerFactory = new SSLParametersWebSocketServerFactory(SSLContext.getDefault(), new SSLParameters());
+        SocketChannel channel =  SocketChannel.open();
+        try {
+            ByteChannel result = webSocketServerFactory.wrapChannel(channel, null);
+        } catch (NotYetConnectedException e) {
+            //We do not really connect
+        }
+        channel.close();
+    }
+
+    @Test
+    public void testClose() {
+        DefaultWebSocketServerFactory webSocketServerFactory = new DefaultWebSocketServerFactory();
+        webSocketServerFactory.close();
+    }
+
+    private static class CustomWebSocketAdapter extends WebSocketAdapter {
+        @Override
+        public void onWebsocketMessage(WebSocket conn, String message) {
+
+        }
+
+        @Override
+        public void onWebsocketMessage(WebSocket conn, ByteBuffer blob) {
+
+        }
+
+        @Override
+        public void onWebsocketOpen(WebSocket conn, Handshakedata d) {
+
+        }
+
+        @Override
+        public void onWebsocketClose(WebSocket ws, int code, String reason, boolean remote) {
+
+        }
+
+        @Override
+        public void onWebsocketClosing(WebSocket ws, int code, String reason, boolean remote) {
+
+        }
+
+        @Override
+        public void onWebsocketCloseInitiated(WebSocket ws, int code, String reason) {
+
+        }
+
+        @Override
+        public void onWebsocketError(WebSocket conn, Exception ex) {
+
+        }
+
+        @Override
+        public void onWriteDemand(WebSocket conn) {
+
+        }
+
+        @Override
+        public InetSocketAddress getLocalSocketAddress(WebSocket conn) {
+            return null;
+        }
+
+        @Override
+        public InetSocketAddress getRemoteSocketAddress(WebSocket conn) {
+            return null;
+        }
+    }
+}
