From 316b155a42a4d00fb835438ce7e0401a64e59add Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Mon, 31 Oct 2016 08:59:23 -0400
Subject: PLT-3562 Switch websocket over to post-connect authentication (#4327)

* Switch websocket over to post-connect authentication

* Add ability to specify token in websocket js driver, add unit tests

* Temporarily disable client websocket tests until issues are resolved

* Minor refactoring and fix status test

* Add isAuthenticated method to WebConn and minor status updates
---
 model/websocket_client.go  | 24 ++++++++++++++----------
 model/websocket_message.go |  1 +
 2 files changed, 15 insertions(+), 10 deletions(-)

(limited to 'model')

diff --git a/model/websocket_client.go b/model/websocket_client.go
index a4983e385..453ae49b7 100644
--- a/model/websocket_client.go
+++ b/model/websocket_client.go
@@ -6,7 +6,6 @@ package model
 import (
 	"encoding/json"
 	"github.com/gorilla/websocket"
-	"net/http"
 )
 
 type WebSocketClient struct {
@@ -23,14 +22,12 @@ type WebSocketClient struct {
 // NewWebSocketClient constructs a new WebSocket client with convienence
 // methods for talking to the server.
 func NewWebSocketClient(url, authToken string) (*WebSocketClient, *AppError) {
-	header := http.Header{}
-	header.Set(HEADER_AUTH, "BEARER "+authToken)
-	conn, _, err := websocket.DefaultDialer.Dial(url+API_URL_SUFFIX+"/users/websocket", header)
+	conn, _, err := websocket.DefaultDialer.Dial(url+API_URL_SUFFIX+"/users/websocket", nil)
 	if err != nil {
 		return nil, NewLocAppError("NewWebSocketClient", "model.websocket_client.connect_fail.app_error", nil, err.Error())
 	}
 
-	return &WebSocketClient{
+	client := &WebSocketClient{
 		url,
 		url + API_URL_SUFFIX,
 		conn,
@@ -39,19 +36,25 @@ func NewWebSocketClient(url, authToken string) (*WebSocketClient, *AppError) {
 		make(chan *WebSocketEvent, 100),
 		make(chan *WebSocketResponse, 100),
 		nil,
-	}, nil
+	}
+
+	client.SendMessage(WEBSOCKET_AUTHENTICATION_CHALLENGE, map[string]interface{}{"token": authToken})
+
+	return client, nil
 }
 
 func (wsc *WebSocketClient) Connect() *AppError {
-	header := http.Header{}
-	header.Set(HEADER_AUTH, "BEARER "+wsc.AuthToken)
-
 	var err error
-	wsc.Conn, _, err = websocket.DefaultDialer.Dial(wsc.ApiUrl+"/users/websocket", header)
+	wsc.Conn, _, err = websocket.DefaultDialer.Dial(wsc.ApiUrl+"/users/websocket", nil)
 	if err != nil {
 		return NewLocAppError("NewWebSocketClient", "model.websocket_client.connect_fail.app_error", nil, err.Error())
 	}
 
+	wsc.EventChannel = make(chan *WebSocketEvent, 100)
+	wsc.ResponseChannel = make(chan *WebSocketResponse, 100)
+
+	wsc.SendMessage(WEBSOCKET_AUTHENTICATION_CHALLENGE, map[string]interface{}{"token": wsc.AuthToken})
+
 	return nil
 }
 
@@ -89,6 +92,7 @@ func (wsc *WebSocketClient) Listen() {
 				wsc.ResponseChannel <- &response
 				continue
 			}
+
 		}
 	}()
 }
diff --git a/model/websocket_message.go b/model/websocket_message.go
index df5cf3b81..5eb02642e 100644
--- a/model/websocket_message.go
+++ b/model/websocket_message.go
@@ -26,6 +26,7 @@ const (
 	WEBSOCKET_EVENT_STATUS_CHANGE      = "status_change"
 	WEBSOCKET_EVENT_HELLO              = "hello"
 	WEBSOCKET_EVENT_WEBRTC             = "webrtc"
+	WEBSOCKET_AUTHENTICATION_CHALLENGE = "authentication_challenge"
 )
 
 type WebSocketMessage interface {
-- 
cgit v1.2.3-1-g7c22