Compare commits
3 Commits
539a812c12
...
f0710f8a04
| Author | SHA1 | Date | |
|---|---|---|---|
| f0710f8a04 | |||
| 4306a046fe | |||
| 384ad03619 |
@@ -32,6 +32,8 @@ use alknet_core::types::{Connection, HandlerError, ProtocolHandler, StreamError}
|
|||||||
use super::auth::bearer_auth_middleware;
|
use super::auth::bearer_auth_middleware;
|
||||||
use crate::server::decoy::decoy_fallback;
|
use crate::server::decoy::decoy_fallback;
|
||||||
use crate::server::healthz::healthz;
|
use crate::server::healthz::healthz;
|
||||||
|
use crate::websocket::upgrade::ws_upgrade_handler;
|
||||||
|
use crate::websocket::upgrade::WS_UPGRADE_PATH;
|
||||||
|
|
||||||
const ALPN_HTTP1: &[u8] = b"http/1.1";
|
const ALPN_HTTP1: &[u8] = b"http/1.1";
|
||||||
const ALPN_H2: &[u8] = b"h2";
|
const ALPN_H2: &[u8] = b"h2";
|
||||||
@@ -58,6 +60,18 @@ impl axum::extract::FromRef<RouterState> for DecoyConfig {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl axum::extract::FromRef<RouterState> for Arc<OperationRegistry> {
|
||||||
|
fn from_ref(state: &RouterState) -> Self {
|
||||||
|
Arc::clone(&state.registry)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl axum::extract::FromRef<RouterState> for Arc<dyn IdentityProvider> {
|
||||||
|
fn from_ref(state: &RouterState) -> Self {
|
||||||
|
Arc::clone(&state.identity_provider)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub struct HttpAdapter {
|
pub struct HttpAdapter {
|
||||||
identity_provider: Arc<dyn IdentityProvider>,
|
identity_provider: Arc<dyn IdentityProvider>,
|
||||||
registry: Arc<OperationRegistry>,
|
registry: Arc<OperationRegistry>,
|
||||||
@@ -143,6 +157,7 @@ fn build_router(state: RouterState, extra_routes: Option<Router>) -> Router {
|
|||||||
.route("/subscribe", any(not_implemented))
|
.route("/subscribe", any(not_implemented))
|
||||||
.route("/openapi.json", get(not_implemented))
|
.route("/openapi.json", get(not_implemented))
|
||||||
.route("/mcp", post(not_implemented))
|
.route("/mcp", post(not_implemented))
|
||||||
|
.route(WS_UPGRADE_PATH, get(ws_upgrade_handler))
|
||||||
.route_layer(from_fn_with_state(auth_state.clone(), bearer_auth_middleware))
|
.route_layer(from_fn_with_state(auth_state.clone(), bearer_auth_middleware))
|
||||||
.route("/healthz", get(healthz))
|
.route("/healthz", get(healthz))
|
||||||
.fallback(decoy_fallback);
|
.fallback(decoy_fallback);
|
||||||
|
|||||||
@@ -4,6 +4,8 @@
|
|||||||
//! native `EventEnvelope` call-protocol session, not the gateway shape
|
//! native `EventEnvelope` call-protocol session, not the gateway shape
|
||||||
//! (ADR-048). See `docs/architecture/crates/http/websocket.md`.
|
//! (ADR-048). See `docs/architecture/crates/http/websocket.md`.
|
||||||
|
|
||||||
|
pub mod upgrade;
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
|
|||||||
1238
crates/alknet-http/src/websocket/upgrade.rs
Normal file
1238
crates/alknet-http/src/websocket/upgrade.rs
Normal file
File diff suppressed because it is too large
Load Diff
@@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
id: http/websocket/upgrade-handler
|
id: http/websocket/upgrade-handler
|
||||||
name: Implement WebSocket upgrade handler (native EventEnvelope session, no length prefix, bearer auth)
|
name: Implement WebSocket upgrade handler (native EventEnvelope session, no length prefix, bearer auth)
|
||||||
status: pending
|
status: completed
|
||||||
depends_on: [http/server/http-adapter, http/websocket/dispatcher-transport-abstraction, http/server/bearer-auth-middleware]
|
depends_on: [http/server/http-adapter, http/websocket/dispatcher-transport-abstraction, http/server/bearer-auth-middleware]
|
||||||
scope: broad
|
scope: broad
|
||||||
risk: high
|
risk: high
|
||||||
@@ -227,4 +227,13 @@ the in-flight subscription, which cascades to descendants per ADR-016.
|
|||||||
|
|
||||||
## Summary
|
## Summary
|
||||||
|
|
||||||
> To be filled on completion
|
> Implemented src/websocket/upgrade.rs: WS upgrade handler at /alknet/call using axum
|
||||||
|
> WebSocketUpgrade, bearer auth via shared bearer_auth_middleware (no token → 401),
|
||||||
|
> resolved identity stored on CallConnection::new_overlay_only, native EventEnvelope
|
||||||
|
> over binary WS messages (no length prefix, text → protocol close 1002), shared
|
||||||
|
> Dispatcher::dispatch_requested for call.requested (AccessControl::check gates →
|
||||||
|
> FORBIDDEN call.error), Dispatcher::handle_abort for call.aborted, responded/completed/
|
||||||
|
> aborted correlated via PendingRequestMap, fail_all_pending on disconnect (ADR-016
|
||||||
|
> cascade), bidirectionality via connection-local overlay. Wired /alknet/call route
|
||||||
|
> into adapter.rs router. 168 tests pass (incl. round-trip, 401, FORBIDDEN, subscription,
|
||||||
|
> disconnect abort, text-close, bidirectional overlay, no-length-prefix). Clippy clean.
|
||||||
Reference in New Issue
Block a user