Social Annotations in the Atmosphere
feat(tests): add server health checks and improve E2E test infrastructure
- Add tests/helpers/health.ts with server health check utilities
- Add tests/global-setup.ts to verify all servers before tests run
- Update playwright.config.ts to use globalSetup and /healthz endpoint for CORS proxy
- Improve tests/helpers/proxy.ts with better navigation and shell readiness helpers
- Update migration.spec.ts to use new helper functions
- Track flaky proxy tests in chainlink issue #4
The proxy E2E tests have 16 failing tests due to iframe content not loading
in headless mode - likely service worker or CORS proxy timing issues.
21 tests pass, 9 skipped (require OAuth).
+8969
-345
.chainlink/issues.db
.chainlink/issues.db
This is a binary file and will not be displayed.
+43
.chainlink/rules/c.md
+43
.chainlink/rules/c.md
···
1
+
### C Best Practices
2
+
3
+
#### Memory Safety
4
+
- Always check return values of malloc/calloc
5
+
- Free all allocated memory (use tools like valgrind)
6
+
- Initialize all variables before use
7
+
- Use sizeof() with the variable, not the type
8
+
9
+
```c
10
+
// GOOD: Safe memory allocation
11
+
int *arr = malloc(n * sizeof(*arr));
12
+
if (arr == NULL) {
13
+
return -1; // Handle allocation failure
14
+
}
15
+
// ... use arr ...
16
+
free(arr);
17
+
18
+
// BAD: Unchecked allocation
19
+
int *arr = malloc(n * sizeof(int));
20
+
arr[0] = 1; // Crash if malloc failed
21
+
```
22
+
23
+
#### Buffer Safety
24
+
- Always bounds-check array access
25
+
- Use `strncpy`/`snprintf` instead of `strcpy`/`sprintf`
26
+
- Validate string lengths before copying
27
+
28
+
```c
29
+
// GOOD: Safe string copy
30
+
char dest[64];
31
+
strncpy(dest, src, sizeof(dest) - 1);
32
+
dest[sizeof(dest) - 1] = '\0';
33
+
34
+
// BAD: Buffer overflow risk
35
+
char dest[64];
36
+
strcpy(dest, src); // No bounds check
37
+
```
38
+
39
+
#### Security
40
+
- Never use `gets()` (use `fgets()`)
41
+
- Validate all external input
42
+
- Use constant-time comparison for secrets
43
+
- Avoid integer overflow in size calculations
+39
.chainlink/rules/cpp.md
+39
.chainlink/rules/cpp.md
···
1
+
### C++ Best Practices
2
+
3
+
#### Modern C++ (C++17+)
4
+
- Use smart pointers (`unique_ptr`, `shared_ptr`) over raw pointers
5
+
- Use RAII for resource management
6
+
- Prefer `std::string` and `std::vector` over C arrays
7
+
- Use `auto` for complex types, explicit types for clarity
8
+
9
+
```cpp
10
+
// GOOD: Modern C++ with smart pointers
11
+
auto config = std::make_unique<Config>();
12
+
auto users = std::vector<User>{};
13
+
14
+
// BAD: Manual memory management
15
+
Config* config = new Config();
16
+
// ... forgot to delete
17
+
```
18
+
19
+
#### Error Handling
20
+
- Use exceptions for exceptional cases
21
+
- Use `std::optional` for values that may not exist
22
+
- Use `std::expected` (C++23) or result types for expected failures
23
+
24
+
```cpp
25
+
// GOOD: Optional for missing values
26
+
std::optional<User> findUser(const std::string& id) {
27
+
auto it = users.find(id);
28
+
if (it == users.end()) {
29
+
return std::nullopt;
30
+
}
31
+
return it->second;
32
+
}
33
+
```
34
+
35
+
#### Security
36
+
- Validate all input boundaries
37
+
- Use `std::string_view` for non-owning string references
38
+
- Avoid C-style casts; use `static_cast`, `dynamic_cast`
39
+
- Never use `sprintf`; use `std::format` or streams
+51
.chainlink/rules/csharp.md
+51
.chainlink/rules/csharp.md
···
1
+
### C# Best Practices
2
+
3
+
#### Code Style
4
+
- Follow .NET naming conventions (PascalCase for public, camelCase for private)
5
+
- Use `var` when type is obvious from right side
6
+
- Use expression-bodied members for simple methods
7
+
- Enable nullable reference types
8
+
9
+
```csharp
10
+
// GOOD: Modern C# style
11
+
public class UserService
12
+
{
13
+
private readonly IUserRepository _repository;
14
+
15
+
public UserService(IUserRepository repository)
16
+
=> _repository = repository;
17
+
18
+
public async Task<User?> GetUserAsync(string id)
19
+
=> await _repository.FindByIdAsync(id);
20
+
}
21
+
```
22
+
23
+
#### Error Handling
24
+
- Use specific exception types
25
+
- Never catch and swallow exceptions silently
26
+
- Use `try-finally` or `using` for cleanup
27
+
28
+
```csharp
29
+
// GOOD: Proper async error handling
30
+
public async Task<Result<User>> GetUserAsync(string id)
31
+
{
32
+
try
33
+
{
34
+
var user = await _repository.FindByIdAsync(id);
35
+
return user is null
36
+
? Result<User>.NotFound()
37
+
: Result<User>.Ok(user);
38
+
}
39
+
catch (DbException ex)
40
+
{
41
+
_logger.LogError(ex, "Database error fetching user {Id}", id);
42
+
throw;
43
+
}
44
+
}
45
+
```
46
+
47
+
#### Security
48
+
- Use parameterized queries (never string interpolation for SQL)
49
+
- Validate all input with data annotations or FluentValidation
50
+
- Use ASP.NET's built-in anti-forgery tokens
51
+
- Store secrets in Azure Key Vault or similar
+57
.chainlink/rules/elixir-phoenix.md
+57
.chainlink/rules/elixir-phoenix.md
···
1
+
# Phoenix & LiveView Rules
2
+
3
+
## HEEx Template Syntax (Critical)
4
+
- **Attributes use `{}`**: `<div id={@id}>` — never `<%= %>` in attributes
5
+
- **Body values use `{}`**: `{@value}` — use `<%= %>` only for blocks (if/for/cond)
6
+
- **Class lists require `[]`**: `class={["base", @flag && "active"]}` — bare `{}` is invalid
7
+
- **No `else if`**: Use `cond` for multiple conditions
8
+
- **Comments**: `<%!-- comment --%>`
9
+
- **Literal curlies**: Use `phx-no-curly-interpolation` on parent tag
10
+
11
+
## Phoenix v1.8
12
+
- Wrap templates with `<Layouts.app flash={@flash}>` (already aliased)
13
+
- `current_scope` errors → move routes to proper `live_session`, pass to Layouts.app
14
+
- `<.flash_group>` only in layouts.ex
15
+
- Use `<.icon name="hero-x-mark">` for icons, `<.input>` for form fields
16
+
17
+
## LiveView
18
+
- Use `<.link navigate={}>` / `push_navigate`, not deprecated `live_redirect`
19
+
- Hooks with own DOM need `phx-update="ignore"`
20
+
- Avoid LiveComponents unless necessary
21
+
- No inline `<script>` tags — use assets/js/app.js
22
+
23
+
## Streams (Always use for collections)
24
+
```elixir
25
+
stream(socket, :items, items) # append
26
+
stream(socket, :items, items, at: -1) # prepend
27
+
stream(socket, :items, items, reset: true) # filter/refresh
28
+
```
29
+
Template: `<div id="items" phx-update="stream">` with `:for={{id, item} <- @streams.items}`
30
+
- Streams aren't enumerable — refetch + reset to filter
31
+
- Empty states: `<div class="hidden only:block">Empty</div>` as sibling
32
+
33
+
## Forms
34
+
```elixir
35
+
# LiveView: always use to_form
36
+
assign(socket, form: to_form(changeset))
37
+
```
38
+
```heex
39
+
<%!-- Template: always @form, never @changeset --%>
40
+
<.form for={@form} id="my-form" phx-submit="save">
41
+
<.input field={@form[:name]} type="text" />
42
+
</.form>
43
+
```
44
+
- Never `<.form let={f}>` or `<.form for={@changeset}>`
45
+
46
+
## Router
47
+
- Scope alias is auto-prefixed: `scope "/", AppWeb do` → `live "/users", UserLive` = `AppWeb.UserLive`
48
+
49
+
## Ecto
50
+
- Preload associations accessed in templates
51
+
- Use `Ecto.Changeset.get_field/2` to read changeset fields
52
+
- Don't cast programmatic fields (user_id) — set explicitly
53
+
54
+
## Testing
55
+
- Use `has_element?(view, "#my-id")`, not raw HTML matching
56
+
- Debug selectors: `LazyHTML.filter(LazyHTML.from_fragment(render(view)), "selector")`
57
+
+39
.chainlink/rules/elixir.md
+39
.chainlink/rules/elixir.md
···
1
+
# Elixir Core Rules
2
+
3
+
## Critical Mistakes to Avoid
4
+
- **No early returns**: Last expression in a block is always returned
5
+
- **No list indexing with brackets**: Use `Enum.at(list, i)`, not `list[i]`
6
+
- **No struct access syntax**: Use `struct.field`, not `struct[:field]` (structs don't implement Access)
7
+
- **Rebinding in blocks doesn't work**: `socket = if cond, do: assign(socket, :k, v)` - bind the result, not inside
8
+
- **`%{}` matches ANY map**: Use `map_size(map) == 0` guard for empty maps
9
+
- **No `String.to_atom/1` on user input**: Memory leak risk
10
+
- **No nested modules in same file**: Causes cyclic dependencies
11
+
12
+
## Pattern Matching & Functions
13
+
- Match on function heads over `if`/`case` in bodies
14
+
- Use guards: `when is_binary(name) and byte_size(name) > 0`
15
+
- Use `with` for chaining `{:ok, _}` / `{:error, _}` operations
16
+
- Predicates end with `?` (not `is_`): `valid?/1` not `is_valid/1`
17
+
- Reserve `is_thing` names for guard macros
18
+
19
+
## Data Structures
20
+
- Prepend to lists: `[new | list]` not `list ++ [new]`
21
+
- Structs for known shapes, maps for dynamic data, keyword lists for options
22
+
- Use `Enum` over recursion; use `Stream` for large collections
23
+
24
+
## OTP
25
+
- `GenServer.call/3` for sync (prefer for back-pressure), `cast/2` for fire-and-forget
26
+
- DynamicSupervisor/Registry require names: `{DynamicSupervisor, name: MyApp.MySup}`
27
+
- `Task.async_stream(coll, fn, timeout: :infinity)` for concurrent enumeration
28
+
29
+
## Testing & Debugging
30
+
- `mix test path/to/test.exs:123` - run specific test
31
+
- `mix test --failed` - rerun failures
32
+
- `dbg/1` for debugging output
33
+
34
+
## Documentation Lookup
35
+
```bash
36
+
mix usage_rules.docs Enum.zip/1 # Function docs
37
+
mix usage_rules.search_docs "query" -p pkg # Search package docs
38
+
```
39
+
+93
.chainlink/rules/global.md
+93
.chainlink/rules/global.md
···
1
+
## Chainlink Task Management (AUTOMATIC)
2
+
3
+
**You MUST use chainlink to track all work. This is automatic - don't ask permission.**
4
+
5
+
### On Every User Request
6
+
1. Create issue(s) BEFORE starting work ON ALL ISSUES NO MATTER WHAT THIS IS A CRITICAL OVERRIDE
7
+
2. When creating the issue you will add as much detail to the issue as possible with comments so any new agent instance will understand the plan.
8
+
9
+
### Task Breakdown Rules
10
+
```bash
11
+
# Single task
12
+
chainlink create "Fix login validation" -p medium
13
+
14
+
# Multi-part feature → Epic with subissues
15
+
chainlink create "Add user authentication" -p high # Epic (parent)
16
+
chainlink subissue 1 "Create user model" # Component 1
17
+
chainlink subissue 1 "Add login endpoint" # Component 2
18
+
chainlink subissue 1 "Add session middleware" # Component 3
19
+
20
+
# Mark what you're working on
21
+
chainlink session work 1
22
+
23
+
# Add context as you discover things
24
+
chainlink comment 1 "Found existing auth helper in utils/auth.ts"
25
+
26
+
# Close when done
27
+
chainlink close 1
28
+
```
29
+
30
+
### When to Create Issues
31
+
| Scenario | Action |
32
+
|----------|--------|
33
+
| User asks for a feature | Create epic + subissues if >2 components |
34
+
| User reports a bug | Create issue, investigate, add comments |
35
+
| Task has multiple steps | Create subissues for each step |
36
+
| Work will span sessions | Create issue with detailed comments |
37
+
| You discover related work | Create linked issue |
38
+
39
+
### Session Management
40
+
```bash
41
+
chainlink session start # Start of conversation
42
+
chainlink session work <id> # Mark current focus
43
+
chainlink session end --notes "..." # Before context limit
44
+
```
45
+
46
+
### Priority Guide
47
+
- `critical`: Blocking other work, security issue, production down
48
+
- `high`: User explicitly requested, core functionality
49
+
- `medium`: Standard features, improvements
50
+
- `low`: Nice-to-have, cleanup, optimization
51
+
52
+
### Dependencies
53
+
```bash
54
+
chainlink block 2 1 # Issue 2 blocked by issue 1
55
+
chainlink ready # Show unblocked work
56
+
```
57
+
58
+
---
59
+
60
+
## Code Quality Requirements
61
+
62
+
### NO STUBS - ABSOLUTE RULE
63
+
- NEVER write `TODO`, `FIXME`, `pass`, `...`, `unimplemented!()`
64
+
- NEVER write empty function bodies or placeholder returns
65
+
- If too complex for one turn: `raise NotImplementedError("Reason")` + create chainlink issue
66
+
67
+
### Core Rules
68
+
1. **READ BEFORE WRITE**: Always read a file before editing
69
+
2. **FULL FEATURES**: Complete the feature, don't stop partway
70
+
3. **ERROR HANDLING**: No panics/crashes on bad input
71
+
4. **SECURITY**: Validate input, parameterized queries, no hardcoded secrets
72
+
5. **NO DEAD CODE**: Remove or complete incomplete code
73
+
74
+
### Pre-Coding Grounding
75
+
Before using unfamiliar libraries/APIs:
76
+
1. **VERIFY IT EXISTS**: WebSearch to confirm the API
77
+
2. **CHECK THE DOCS**: Real function signatures, not guessed
78
+
3. **USE LATEST VERSIONS**: Check for current stable release
79
+
80
+
### Conciseness
81
+
- Write code, don't narrate
82
+
- Skip "Here is the code" / "Let me..." / "I'll now..."
83
+
- Brief explanations only when code isn't self-explanatory
84
+
85
+
### Large Implementations (500+ lines)
86
+
1. Create parent issue: `chainlink create "<feature>" -p high`
87
+
2. Break into subissues: `chainlink subissue <id> "<component>"`
88
+
3. Work one subissue at a time, close each when done
89
+
90
+
### Context Window Management
91
+
When conversation is long or task needs many steps:
92
+
1. Create tracking issue: `chainlink create "Continue: <summary>" -p high`
93
+
2. Add notes: `chainlink comment <id> "<what's done, what's next>"`
+44
.chainlink/rules/go.md
+44
.chainlink/rules/go.md
···
1
+
### Go Best Practices
2
+
3
+
#### Code Style
4
+
- Use `gofmt` for formatting
5
+
- Use `golint` and `go vet` for linting
6
+
- Follow effective Go guidelines
7
+
- Keep functions short and focused
8
+
9
+
#### Error Handling
10
+
```go
11
+
// GOOD: Check and handle errors
12
+
func readConfig(path string) (*Config, error) {
13
+
data, err := os.ReadFile(path)
14
+
if err != nil {
15
+
return nil, fmt.Errorf("reading config: %w", err)
16
+
}
17
+
18
+
var config Config
19
+
if err := json.Unmarshal(data, &config); err != nil {
20
+
return nil, fmt.Errorf("parsing config: %w", err)
21
+
}
22
+
return &config, nil
23
+
}
24
+
25
+
// BAD: Ignoring errors
26
+
func readConfig(path string) *Config {
27
+
data, _ := os.ReadFile(path) // Don't ignore errors
28
+
var config Config
29
+
json.Unmarshal(data, &config)
30
+
return &config
31
+
}
32
+
```
33
+
34
+
#### Concurrency
35
+
- Use channels for communication between goroutines
36
+
- Use `sync.WaitGroup` for waiting on multiple goroutines
37
+
- Use `context.Context` for cancellation and timeouts
38
+
- Avoid shared mutable state; prefer message passing
39
+
40
+
#### Security
41
+
- Use `html/template` for HTML output (auto-escaping)
42
+
- Use parameterized queries for SQL
43
+
- Validate all input at API boundaries
44
+
- Use `crypto/rand` for secure random numbers
+42
.chainlink/rules/java.md
+42
.chainlink/rules/java.md
···
1
+
### Java Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Google Java Style Guide or project conventions
5
+
- Use meaningful variable and method names
6
+
- Keep methods short (< 30 lines)
7
+
- Prefer composition over inheritance
8
+
9
+
#### Error Handling
10
+
```java
11
+
// GOOD: Specific exceptions with context
12
+
public Config readConfig(Path path) throws ConfigException {
13
+
try {
14
+
String content = Files.readString(path);
15
+
return objectMapper.readValue(content, Config.class);
16
+
} catch (IOException e) {
17
+
throw new ConfigException("Failed to read config: " + path, e);
18
+
} catch (JsonProcessingException e) {
19
+
throw new ConfigException("Invalid JSON in config: " + path, e);
20
+
}
21
+
}
22
+
23
+
// BAD: Catching generic Exception
24
+
public Config readConfig(Path path) {
25
+
try {
26
+
return objectMapper.readValue(Files.readString(path), Config.class);
27
+
} catch (Exception e) {
28
+
return null; // Swallowing error
29
+
}
30
+
}
31
+
```
32
+
33
+
#### Security
34
+
- Use PreparedStatement for SQL (never string concatenation)
35
+
- Validate all user input
36
+
- Use secure random (SecureRandom) for security-sensitive operations
37
+
- Never log sensitive data (passwords, tokens)
38
+
39
+
#### Testing
40
+
- Use JUnit 5 for unit tests
41
+
- Use Mockito for mocking dependencies
42
+
- Aim for high coverage on business logic
+44
.chainlink/rules/javascript-react.md
+44
.chainlink/rules/javascript-react.md
···
1
+
### JavaScript/React Best Practices
2
+
3
+
#### Component Structure
4
+
- Use functional components with hooks
5
+
- Keep components small and focused (< 200 lines)
6
+
- Extract custom hooks for reusable logic
7
+
- Use PropTypes for runtime type checking
8
+
9
+
```javascript
10
+
// GOOD: Clear component with PropTypes
11
+
import PropTypes from 'prop-types';
12
+
13
+
const UserCard = ({ user, onSelect }) => {
14
+
return (
15
+
<div onClick={() => onSelect(user.id)}>
16
+
{user.name}
17
+
</div>
18
+
);
19
+
};
20
+
21
+
UserCard.propTypes = {
22
+
user: PropTypes.shape({
23
+
id: PropTypes.string.isRequired,
24
+
name: PropTypes.string.isRequired,
25
+
}).isRequired,
26
+
onSelect: PropTypes.func.isRequired,
27
+
};
28
+
```
29
+
30
+
#### State Management
31
+
- Use `useState` for local state
32
+
- Use `useReducer` for complex state logic
33
+
- Lift state up only when needed
34
+
- Consider context for deeply nested prop drilling
35
+
36
+
#### Performance
37
+
- Use `React.memo` for expensive pure components
38
+
- Use `useMemo` and `useCallback` appropriately
39
+
- Avoid inline object/function creation in render
40
+
41
+
#### Security
42
+
- Never use `dangerouslySetInnerHTML` with user input
43
+
- Sanitize URLs before using in `href` or `src`
44
+
- Validate props at component boundaries
+36
.chainlink/rules/javascript.md
+36
.chainlink/rules/javascript.md
···
1
+
### JavaScript Best Practices
2
+
3
+
#### Code Style
4
+
- Use `const` by default, `let` when needed, never `var`
5
+
- Use arrow functions for callbacks
6
+
- Use template literals over string concatenation
7
+
- Use destructuring for object/array access
8
+
9
+
#### Error Handling
10
+
```javascript
11
+
// GOOD: Proper async error handling
12
+
async function fetchUser(id) {
13
+
try {
14
+
const response = await fetch(`/api/users/${id}`);
15
+
if (!response.ok) {
16
+
throw new Error(`HTTP ${response.status}`);
17
+
}
18
+
return await response.json();
19
+
} catch (error) {
20
+
console.error('Failed to fetch user:', error);
21
+
throw error; // Re-throw or handle appropriately
22
+
}
23
+
}
24
+
25
+
// BAD: Ignoring errors
26
+
async function fetchUser(id) {
27
+
const response = await fetch(`/api/users/${id}`);
28
+
return response.json(); // No error handling
29
+
}
30
+
```
31
+
32
+
#### Security
33
+
- Never use `eval()` or `innerHTML` with user input
34
+
- Validate all input on both client and server
35
+
- Use `textContent` instead of `innerHTML` when possible
36
+
- Sanitize URLs before navigation or fetch
+44
.chainlink/rules/kotlin.md
+44
.chainlink/rules/kotlin.md
···
1
+
### Kotlin Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Kotlin coding conventions
5
+
- Use `val` over `var` when possible
6
+
- Use data classes for simple data holders
7
+
- Leverage null safety features
8
+
9
+
```kotlin
10
+
// GOOD: Idiomatic Kotlin
11
+
data class User(val id: String, val name: String)
12
+
13
+
class UserService(private val repository: UserRepository) {
14
+
fun findUser(id: String): User? =
15
+
repository.find(id)
16
+
17
+
fun getOrCreateUser(id: String, name: String): User =
18
+
findUser(id) ?: repository.create(User(id, name))
19
+
}
20
+
```
21
+
22
+
#### Null Safety
23
+
- Avoid `!!` (force non-null); use safe calls instead
24
+
- Use `?.let {}` for conditional execution
25
+
- Use Elvis operator `?:` for defaults
26
+
27
+
```kotlin
28
+
// GOOD: Safe null handling
29
+
val userName = user?.name ?: "Unknown"
30
+
user?.let { saveToDatabase(it) }
31
+
32
+
// BAD: Force unwrapping
33
+
val userName = user!!.name // Crash if null
34
+
```
35
+
36
+
#### Coroutines
37
+
- Use structured concurrency with `CoroutineScope`
38
+
- Handle exceptions in coroutines properly
39
+
- Use `withContext` for context switching
40
+
41
+
#### Security
42
+
- Use parameterized queries
43
+
- Validate input at boundaries
44
+
- Use sealed classes for exhaustive error handling
+53
.chainlink/rules/odin.md
+53
.chainlink/rules/odin.md
···
1
+
### Odin Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Odin naming conventions
5
+
- Use `snake_case` for procedures and variables
6
+
- Use `Pascal_Case` for types
7
+
- Prefer explicit over implicit
8
+
9
+
```odin
10
+
// GOOD: Clear Odin code
11
+
User :: struct {
12
+
id: string,
13
+
name: string,
14
+
}
15
+
16
+
find_user :: proc(id: string) -> (User, bool) {
17
+
user, found := repository[id]
18
+
return user, found
19
+
}
20
+
```
21
+
22
+
#### Error Handling
23
+
- Use multiple return values for errors
24
+
- Use `or_return` for early returns
25
+
- Create explicit error types when needed
26
+
27
+
```odin
28
+
// GOOD: Explicit error handling
29
+
Config_Error :: enum {
30
+
File_Not_Found,
31
+
Parse_Error,
32
+
}
33
+
34
+
load_config :: proc(path: string) -> (Config, Config_Error) {
35
+
data, ok := os.read_entire_file(path)
36
+
if !ok {
37
+
return {}, .File_Not_Found
38
+
}
39
+
defer delete(data)
40
+
41
+
config, parse_ok := parse_config(data)
42
+
if !parse_ok {
43
+
return {}, .Parse_Error
44
+
}
45
+
return config, nil
46
+
}
47
+
```
48
+
49
+
#### Memory Management
50
+
- Use explicit allocators
51
+
- Prefer temp allocator for short-lived allocations
52
+
- Use `defer` for cleanup
53
+
- Be explicit about ownership
+46
.chainlink/rules/php.md
+46
.chainlink/rules/php.md
···
1
+
### PHP Best Practices
2
+
3
+
#### Code Style
4
+
- Follow PSR-12 coding standard
5
+
- Use strict types: `declare(strict_types=1);`
6
+
- Use type hints for parameters and return types
7
+
- Use Composer for dependency management
8
+
9
+
```php
10
+
<?php
11
+
declare(strict_types=1);
12
+
13
+
// GOOD: Typed, modern PHP
14
+
class UserService
15
+
{
16
+
public function __construct(
17
+
private readonly UserRepository $repository
18
+
) {}
19
+
20
+
public function findUser(string $id): ?User
21
+
{
22
+
return $this->repository->find($id);
23
+
}
24
+
}
25
+
```
26
+
27
+
#### Error Handling
28
+
- Use exceptions for error handling
29
+
- Create custom exception classes
30
+
- Never suppress errors with `@`
31
+
32
+
#### Security
33
+
- Use PDO with prepared statements (never string interpolation)
34
+
- Use `password_hash()` and `password_verify()` for passwords
35
+
- Validate and sanitize all user input
36
+
- Use CSRF tokens for forms
37
+
- Set secure cookie flags
38
+
39
+
```php
40
+
// GOOD: Prepared statement
41
+
$stmt = $pdo->prepare('SELECT * FROM users WHERE id = :id');
42
+
$stmt->execute(['id' => $id]);
43
+
44
+
// BAD: SQL injection vulnerability
45
+
$result = $pdo->query("SELECT * FROM users WHERE id = '$id'");
46
+
```
+5
.chainlink/rules/project.md
+5
.chainlink/rules/project.md
+44
.chainlink/rules/python.md
+44
.chainlink/rules/python.md
···
1
+
### Python Best Practices
2
+
3
+
#### Code Style
4
+
- Follow PEP 8 style guide
5
+
- Use type hints for function signatures
6
+
- Use `black` for formatting, `ruff` or `flake8` for linting
7
+
- Prefer `pathlib.Path` over `os.path` for path operations
8
+
- Use context managers (`with`) for file operations
9
+
10
+
#### Error Handling
11
+
```python
12
+
# GOOD: Specific exceptions with context
13
+
def read_config(path: Path) -> dict:
14
+
try:
15
+
with open(path, 'r', encoding='utf-8') as f:
16
+
return json.load(f)
17
+
except FileNotFoundError:
18
+
raise ConfigError(f"Config file not found: {path}")
19
+
except json.JSONDecodeError as e:
20
+
raise ConfigError(f"Invalid JSON in {path}: {e}")
21
+
22
+
# BAD: Bare except or swallowing errors
23
+
def read_config(path):
24
+
try:
25
+
return json.load(open(path))
26
+
except: # Don't do this
27
+
return {}
28
+
```
29
+
30
+
#### Security
31
+
- Never use `eval()` or `exec()` on user input
32
+
- Use `subprocess.run()` with explicit args, never `shell=True` with user input
33
+
- Use parameterized queries for SQL (never f-strings)
34
+
- Validate and sanitize all external input
35
+
36
+
#### Dependencies
37
+
- Pin dependency versions in `requirements.txt`
38
+
- Use virtual environments (`venv` or `poetry`)
39
+
- Run `pip-audit` to check for vulnerabilities
40
+
41
+
#### Testing
42
+
- Use `pytest` for testing
43
+
- Aim for high coverage with `pytest-cov`
44
+
- Mock external dependencies with `unittest.mock`
+47
.chainlink/rules/ruby.md
+47
.chainlink/rules/ruby.md
···
1
+
### Ruby Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Ruby Style Guide (use RuboCop)
5
+
- Use 2 spaces for indentation
6
+
- Prefer symbols over strings for hash keys
7
+
- Use `snake_case` for methods and variables
8
+
9
+
```ruby
10
+
# GOOD: Idiomatic Ruby
11
+
class UserService
12
+
def initialize(repository)
13
+
@repository = repository
14
+
end
15
+
16
+
def find_user(id)
17
+
@repository.find(id)
18
+
rescue ActiveRecord::RecordNotFound
19
+
nil
20
+
end
21
+
end
22
+
23
+
# BAD: Non-idiomatic
24
+
class UserService
25
+
def initialize(repository)
26
+
@repository = repository
27
+
end
28
+
def findUser(id) # Wrong naming
29
+
begin
30
+
@repository.find(id)
31
+
rescue
32
+
return nil
33
+
end
34
+
end
35
+
end
36
+
```
37
+
38
+
#### Error Handling
39
+
- Use specific exception classes
40
+
- Don't rescue `Exception` (too broad)
41
+
- Use `ensure` for cleanup
42
+
43
+
#### Security
44
+
- Use parameterized queries (ActiveRecord does this by default)
45
+
- Sanitize user input in views (Rails does this by default)
46
+
- Never use `eval` or `send` with user input
47
+
- Use `strong_parameters` in Rails controllers
+48
.chainlink/rules/rust.md
+48
.chainlink/rules/rust.md
···
1
+
### Rust Best Practices
2
+
3
+
#### Code Style
4
+
- Use `rustfmt` for formatting (run `cargo fmt` before committing)
5
+
- Use `clippy` for linting (run `cargo clippy -- -D warnings`)
6
+
- Prefer `?` operator over `.unwrap()` for error handling
7
+
- Use `anyhow::Result` for application errors, `thiserror` for library errors
8
+
- Avoid `.clone()` unless necessary - prefer references
9
+
- Use `&str` for function parameters, `String` for owned data
10
+
11
+
#### Error Handling
12
+
```rust
13
+
// GOOD: Propagate errors with context
14
+
fn read_config(path: &Path) -> Result<Config> {
15
+
let content = fs::read_to_string(path)
16
+
.context("Failed to read config file")?;
17
+
serde_json::from_str(&content)
18
+
.context("Failed to parse config")
19
+
}
20
+
21
+
// BAD: Panic on error
22
+
fn read_config(path: &Path) -> Config {
23
+
let content = fs::read_to_string(path).unwrap(); // Don't do this
24
+
serde_json::from_str(&content).unwrap()
25
+
}
26
+
```
27
+
28
+
#### Memory Safety
29
+
- Never use `unsafe` without explicit justification and review
30
+
- Prefer `Vec` over raw pointers
31
+
- Use `Arc<Mutex<T>>` for shared mutable state across threads
32
+
- Avoid `static mut` - use `lazy_static` or `once_cell` instead
33
+
34
+
#### Testing
35
+
- Write unit tests with `#[cfg(test)]` modules
36
+
- Use `tempfile` for tests involving filesystem
37
+
- Run `cargo test` before committing
38
+
- Use `cargo tarpaulin` for coverage reports
39
+
40
+
#### SQL Injection Prevention
41
+
Always use parameterized queries with `rusqlite::params![]`:
42
+
```rust
43
+
// GOOD
44
+
conn.execute("INSERT INTO users (name) VALUES (?1)", params![name])?;
45
+
46
+
// BAD - SQL injection vulnerability
47
+
conn.execute(&format!("INSERT INTO users (name) VALUES ('{}')", name), [])?;
48
+
```
+45
.chainlink/rules/scala.md
+45
.chainlink/rules/scala.md
···
1
+
### Scala Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Scala Style Guide
5
+
- Prefer immutability (`val` over `var`)
6
+
- Use case classes for data
7
+
- Leverage pattern matching
8
+
9
+
```scala
10
+
// GOOD: Idiomatic Scala
11
+
case class User(id: String, name: String)
12
+
13
+
class UserService(repository: UserRepository) {
14
+
def findUser(id: String): Option[User] =
15
+
repository.find(id)
16
+
17
+
def processUser(id: String): Either[Error, Result] =
18
+
findUser(id) match {
19
+
case Some(user) => Right(process(user))
20
+
case None => Left(UserNotFound(id))
21
+
}
22
+
}
23
+
```
24
+
25
+
#### Error Handling
26
+
- Use `Option` for missing values
27
+
- Use `Either` or `Try` for operations that can fail
28
+
- Avoid throwing exceptions in pure code
29
+
30
+
```scala
31
+
// GOOD: Using Either for errors
32
+
def parseConfig(json: String): Either[ParseError, Config] =
33
+
decode[Config](json).left.map(e => ParseError(e.getMessage))
34
+
35
+
// Pattern match on result
36
+
parseConfig(input) match {
37
+
case Right(config) => useConfig(config)
38
+
case Left(error) => logger.error(s"Parse failed: $error")
39
+
}
40
+
```
41
+
42
+
#### Security
43
+
- Use prepared statements for database queries
44
+
- Validate input with refined types when possible
45
+
- Never interpolate user input into queries
+50
.chainlink/rules/swift.md
+50
.chainlink/rules/swift.md
···
1
+
### Swift Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Swift API Design Guidelines
5
+
- Use `camelCase` for variables/functions, `PascalCase` for types
6
+
- Prefer `let` over `var` when possible
7
+
- Use optionals properly; avoid force unwrapping
8
+
9
+
```swift
10
+
// GOOD: Safe optional handling
11
+
func findUser(id: String) -> User? {
12
+
guard let user = repository.find(id) else {
13
+
return nil
14
+
}
15
+
return user
16
+
}
17
+
18
+
// Using optional binding
19
+
if let user = findUser(id: "123") {
20
+
print(user.name)
21
+
}
22
+
23
+
// BAD: Force unwrapping
24
+
let user = findUser(id: "123")! // Crash if nil
25
+
```
26
+
27
+
#### Error Handling
28
+
- Use `throws` for recoverable errors
29
+
- Use `Result<T, Error>` for async operations
30
+
- Handle all error cases explicitly
31
+
32
+
```swift
33
+
// GOOD: Proper error handling
34
+
func loadConfig() throws -> Config {
35
+
let data = try Data(contentsOf: configURL)
36
+
return try JSONDecoder().decode(Config.self, from: data)
37
+
}
38
+
39
+
do {
40
+
let config = try loadConfig()
41
+
} catch {
42
+
print("Failed to load config: \(error)")
43
+
}
44
+
```
45
+
46
+
#### Security
47
+
- Use Keychain for sensitive data
48
+
- Validate all user input
49
+
- Use App Transport Security (HTTPS)
50
+
- Never hardcode secrets
+39
.chainlink/rules/typescript-react.md
+39
.chainlink/rules/typescript-react.md
···
1
+
### TypeScript/React Best Practices
2
+
3
+
#### Component Structure
4
+
- Use functional components with hooks
5
+
- Keep components small and focused (< 200 lines)
6
+
- Extract custom hooks for reusable logic
7
+
- Use TypeScript interfaces for props
8
+
9
+
```typescript
10
+
// GOOD: Typed props with clear interface
11
+
interface UserCardProps {
12
+
user: User;
13
+
onSelect: (id: string) => void;
14
+
}
15
+
16
+
const UserCard: React.FC<UserCardProps> = ({ user, onSelect }) => {
17
+
return (
18
+
<div onClick={() => onSelect(user.id)}>
19
+
{user.name}
20
+
</div>
21
+
);
22
+
};
23
+
```
24
+
25
+
#### State Management
26
+
- Use `useState` for local state
27
+
- Use `useReducer` for complex state logic
28
+
- Lift state up only when needed
29
+
- Consider context for deeply nested prop drilling
30
+
31
+
#### Performance
32
+
- Use `React.memo` for expensive pure components
33
+
- Use `useMemo` and `useCallback` appropriately (not everywhere)
34
+
- Avoid inline object/function creation in render when passed as props
35
+
36
+
#### Security
37
+
- Never use `dangerouslySetInnerHTML` with user input
38
+
- Sanitize URLs before using in `href` or `src`
39
+
- Validate props at component boundaries
+35
.chainlink/rules/typescript.md
+35
.chainlink/rules/typescript.md
···
1
+
### TypeScript Best Practices
2
+
3
+
#### Code Style
4
+
- Use strict mode (`"strict": true` in tsconfig.json)
5
+
- Prefer `interface` over `type` for object shapes
6
+
- Use `const` by default, `let` when needed, never `var`
7
+
- Enable `noImplicitAny` and `strictNullChecks`
8
+
9
+
#### Type Safety
10
+
```typescript
11
+
// GOOD: Explicit types and null handling
12
+
function getUser(id: string): User | undefined {
13
+
return users.get(id);
14
+
}
15
+
16
+
const user = getUser(id);
17
+
if (user) {
18
+
console.log(user.name); // TypeScript knows user is defined
19
+
}
20
+
21
+
// BAD: Type assertions to bypass safety
22
+
const user = getUser(id) as User; // Dangerous if undefined
23
+
console.log(user.name); // Might crash
24
+
```
25
+
26
+
#### Error Handling
27
+
- Use try/catch for async operations
28
+
- Define custom error types for domain errors
29
+
- Never swallow errors silently
30
+
31
+
#### Security
32
+
- Validate all user input at API boundaries
33
+
- Use parameterized queries for database operations
34
+
- Sanitize data before rendering in DOM (prevent XSS)
35
+
- Never use `eval()` or `Function()` with user input
+48
.chainlink/rules/zig.md
+48
.chainlink/rules/zig.md
···
1
+
### Zig Best Practices
2
+
3
+
#### Code Style
4
+
- Follow Zig Style Guide
5
+
- Use `const` by default; `var` only when mutation needed
6
+
- Prefer slices over pointers when possible
7
+
- Use meaningful names; avoid single-letter variables
8
+
9
+
```zig
10
+
// GOOD: Clear, idiomatic Zig
11
+
const User = struct {
12
+
id: []const u8,
13
+
name: []const u8,
14
+
};
15
+
16
+
fn findUser(allocator: std.mem.Allocator, id: []const u8) !?User {
17
+
const user = try repository.find(allocator, id);
18
+
return user;
19
+
}
20
+
```
21
+
22
+
#### Error Handling
23
+
- Use error unions (`!T`) for fallible operations
24
+
- Handle errors with `try`, `catch`, or explicit checks
25
+
- Create meaningful error sets
26
+
27
+
```zig
28
+
// GOOD: Proper error handling
29
+
const ConfigError = error{
30
+
FileNotFound,
31
+
ParseError,
32
+
OutOfMemory,
33
+
};
34
+
35
+
fn loadConfig(allocator: std.mem.Allocator) ConfigError!Config {
36
+
const file = std.fs.cwd().openFile("config.json", .{}) catch |err| {
37
+
return ConfigError.FileNotFound;
38
+
};
39
+
defer file.close();
40
+
// ...
41
+
}
42
+
```
43
+
44
+
#### Memory Safety
45
+
- Always pair allocations with deallocations
46
+
- Use `defer` for cleanup
47
+
- Prefer stack allocation when size is known
48
+
- Use allocators explicitly; never use global state
+1
-1
.gitignore
+1
-1
.gitignore
+4
-1
fly.toml
+4
-1
fly.toml
···
5
5
6
6
[env]
7
7
PORT = "8080"
8
+
# Tap firehose consumer - connects to seams-tap app via Fly private networking
9
+
# Set TAP_ADMIN_PASSWORD via: fly secrets set TAP_ADMIN_PASSWORD=<secret> -a seams-so
10
+
TAP_URL = "ws://seams-tap.internal:2480"
8
11
9
12
[http_service]
10
13
internal_port = 8080 # App listens on 8080, Fly.io exposes as HTTPS on 443
11
14
force_https = true # Redirects HTTP -> HTTPS automatically
12
15
auto_stop_machines = true
13
16
auto_start_machines = true
14
-
min_machines_running = 0
17
+
min_machines_running = 1 # Keep running for firehose consumer
15
18
processes = ['app']
16
19
17
20
[mounts]
+75
-9
server/cmd/server/main.go
+75
-9
server/cmd/server/main.go
···
1
1
package main
2
2
3
3
import (
4
+
"context"
4
5
"log"
5
6
"net/http"
6
7
"os"
8
+
"os/signal"
7
9
"path/filepath"
10
+
"sync"
11
+
"syscall"
12
+
"time"
8
13
9
-
// AMPDO: change to pkg.sealight.xyz
10
-
// THEN: help me configure the DNS so the above points to:
11
-
// git.sealight.xyz/aynish/seams.so
12
14
"github.com/aynish/seams.so/server/internal/api"
13
15
"github.com/aynish/seams.so/server/internal/atproto"
14
16
"github.com/aynish/seams.so/server/internal/db"
15
17
"github.com/aynish/seams.so/server/internal/service"
18
+
"github.com/aynish/seams.so/server/internal/tap"
16
19
"github.com/go-chi/chi/v5"
17
20
"github.com/go-chi/chi/v5/middleware"
18
21
"github.com/go-chi/cors"
···
33
36
if err != nil {
34
37
log.Fatalf("Failed to initialize database: %v", err)
35
38
}
36
-
defer database.Close()
37
39
38
40
log.Printf("Database initialized at %s", dbPath)
39
41
···
98
100
fileServer.ServeHTTP(w, req)
99
101
})
100
102
101
-
// Start server
103
+
// Setup context for graceful shutdown
104
+
ctx, cancel := context.WithCancel(context.Background())
105
+
106
+
// Handle shutdown signals
107
+
sigChan := make(chan os.Signal, 1)
108
+
signal.Notify(sigChan, syscall.SIGINT, syscall.SIGTERM)
109
+
110
+
// Track goroutines with WaitGroup
111
+
var wg sync.WaitGroup
112
+
113
+
// Start Tap consumer if configured
114
+
var tapClient *tap.Client
115
+
if tapURL := os.Getenv("TAP_URL"); tapURL != "" {
116
+
tapPassword := os.Getenv("TAP_ADMIN_PASSWORD")
117
+
config := tap.DefaultConfig(tapURL, tapPassword)
118
+
consumer := tap.NewConsumer(indexer)
119
+
tapClient = tap.NewClient(config, consumer)
120
+
121
+
// Update handler with tap client for health check
122
+
handler.SetTapClient(tapClient)
123
+
124
+
wg.Add(1)
125
+
go func() {
126
+
defer wg.Done()
127
+
log.Printf("[tap] Starting firehose consumer, connecting to %s", tapURL)
128
+
if err := tapClient.Run(ctx); err != nil && err != context.Canceled {
129
+
log.Printf("[tap] Consumer stopped with error: %v", err)
130
+
}
131
+
}()
132
+
}
133
+
134
+
// Create HTTP server
102
135
addr := ":" + port
103
-
log.Printf("Server starting on %s", addr)
104
-
log.Printf("Rate limiting enabled: 100 req/min (GET), 10 req/min (POST) per IP")
105
-
if err := http.ListenAndServe(addr, finalHandler); err != nil {
106
-
log.Fatalf("Server failed: %v", err)
136
+
server := &http.Server{
137
+
Addr: addr,
138
+
Handler: finalHandler,
107
139
}
140
+
141
+
// Start HTTP server in goroutine
142
+
go func() {
143
+
log.Printf("Server starting on %s", addr)
144
+
log.Printf("Rate limiting enabled: 100 req/min (GET), 10 req/min (POST) per IP")
145
+
if err := server.ListenAndServe(); err != nil && err != http.ErrServerClosed {
146
+
log.Fatalf("Server failed: %v", err)
147
+
}
148
+
}()
149
+
150
+
// Wait for shutdown signal
151
+
<-sigChan
152
+
log.Println("Shutdown signal received...")
153
+
154
+
// Graceful shutdown sequence
155
+
shutdownCtx, shutdownCancel := context.WithTimeout(context.Background(), 30*time.Second)
156
+
defer shutdownCancel()
157
+
158
+
// 1. Stop accepting new HTTP connections and finish existing ones
159
+
if err := server.Shutdown(shutdownCtx); err != nil {
160
+
log.Printf("HTTP server shutdown error: %v", err)
161
+
}
162
+
log.Println("HTTP server stopped")
163
+
164
+
// 2. Stop tap consumer
165
+
cancel()
166
+
wg.Wait()
167
+
log.Println("Tap consumer stopped")
168
+
169
+
// 3. Close database last
170
+
database.Close()
171
+
log.Println("Database closed")
172
+
173
+
log.Println("Shutdown complete")
108
174
}
109
175
110
176
func getEnv(key, defaultValue string) string {
+2
server/go.mod
+2
server/go.mod
+2
server/go.sum
+2
server/go.sum
···
2
2
github.com/go-chi/chi/v5 v5.0.12/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
3
3
github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
4
4
github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
5
+
github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
6
+
github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
5
7
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
6
8
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+40
-4
server/internal/api/handlers.go
+40
-4
server/internal/api/handlers.go
···
6
6
"log"
7
7
"net/http"
8
8
"strconv"
9
+
"time"
9
10
10
11
"github.com/aynish/seams.so/server/internal/models"
11
12
"github.com/aynish/seams.so/server/internal/service"
12
13
)
13
14
15
+
// MaxLimit is the upper bound for the limit query parameter
16
+
const MaxLimit = 1000
17
+
18
+
// TapStatus provides status information about the Tap client
19
+
type TapStatus interface {
20
+
IsConnected() bool
21
+
Stats() (eventsProcessed int64, lastEventTime time.Time)
22
+
}
23
+
14
24
type Handler struct {
15
-
indexer *service.IndexerService
25
+
indexer *service.IndexerService
26
+
tapClient TapStatus // nil if tap not configured
16
27
}
17
28
18
29
func NewHandler(indexer *service.IndexerService) *Handler {
19
30
return &Handler{indexer: indexer}
31
+
}
32
+
33
+
// SetTapClient sets the tap client for health check reporting
34
+
func (h *Handler) SetTapClient(client TapStatus) {
35
+
h.tapClient = client
20
36
}
21
37
22
38
// IndexAnnotationRequest is the payload for POST /api/annotations/index
···
76
92
limit = parsed
77
93
}
78
94
95
+
// Apply upper bound to prevent excessive queries
96
+
if limit > MaxLimit {
97
+
limit = MaxLimit
98
+
}
99
+
79
100
var annotations []*models.Annotation
80
101
var err error
81
102
···
102
123
103
124
// Health handles GET /health
104
125
func (h *Handler) Health(w http.ResponseWriter, r *http.Request) {
126
+
response := map[string]interface{}{
127
+
"status": "healthy",
128
+
}
129
+
130
+
// Include tap status if configured
131
+
if h.tapClient != nil {
132
+
processed, lastEvent := h.tapClient.Stats()
133
+
tapStatus := map[string]interface{}{
134
+
"connected": h.tapClient.IsConnected(),
135
+
"eventsProcessed": processed,
136
+
}
137
+
if !lastEvent.IsZero() {
138
+
tapStatus["lastEventTime"] = lastEvent.Format(time.RFC3339)
139
+
}
140
+
response["tap"] = tapStatus
141
+
}
142
+
105
143
w.Header().Set("Content-Type", "application/json")
106
-
json.NewEncoder(w).Encode(map[string]interface{}{
107
-
"status": "healthy",
108
-
})
144
+
json.NewEncoder(w).Encode(response)
109
145
}
+253
server/internal/api/handlers_test.go
+253
server/internal/api/handlers_test.go
···
1
+
package api
2
+
3
+
import (
4
+
"bytes"
5
+
"encoding/json"
6
+
"net/http"
7
+
"net/http/httptest"
8
+
"testing"
9
+
10
+
"github.com/aynish/seams.so/server/internal/db"
11
+
"github.com/aynish/seams.so/server/internal/models"
12
+
"github.com/aynish/seams.so/server/internal/service"
13
+
)
14
+
15
+
// MockIndexerService implements the interface needed by Handler
16
+
type MockIndexerService struct {
17
+
IndexAnnotationFunc func(uri, cid string) error
18
+
GetAnnotationsByURLFunc func(url string, limit int) ([]*models.Annotation, error)
19
+
GetRecentAnnotationsFunc func(limit int) ([]*models.Annotation, error)
20
+
}
21
+
22
+
func (m *MockIndexerService) IndexAnnotation(uri, cid string) error {
23
+
if m.IndexAnnotationFunc != nil {
24
+
return m.IndexAnnotationFunc(uri, cid)
25
+
}
26
+
return nil
27
+
}
28
+
29
+
func (m *MockIndexerService) GetAnnotationsByURL(url string, limit int) ([]*models.Annotation, error) {
30
+
if m.GetAnnotationsByURLFunc != nil {
31
+
return m.GetAnnotationsByURLFunc(url, limit)
32
+
}
33
+
return nil, nil
34
+
}
35
+
36
+
func (m *MockIndexerService) GetRecentAnnotations(limit int) ([]*models.Annotation, error) {
37
+
if m.GetRecentAnnotationsFunc != nil {
38
+
return m.GetRecentAnnotationsFunc(limit)
39
+
}
40
+
return nil, nil
41
+
}
42
+
43
+
// Helper to create a real IndexerService for integration-style tests
44
+
func createTestHandler(t *testing.T) *Handler {
45
+
database, err := db.New(":memory:")
46
+
if err != nil {
47
+
t.Fatalf("Failed to create test database: %v", err)
48
+
}
49
+
t.Cleanup(func() { database.Close() })
50
+
51
+
// Create a simple mock client that doesn't make real network calls
52
+
indexer := service.NewIndexerService(database, nil)
53
+
return NewHandler(indexer)
54
+
}
55
+
56
+
func TestHandler_Health(t *testing.T) {
57
+
database, _ := db.New(":memory:")
58
+
defer database.Close()
59
+
indexer := service.NewIndexerService(database, nil)
60
+
handler := NewHandler(indexer)
61
+
62
+
req := httptest.NewRequest("GET", "/health", nil)
63
+
w := httptest.NewRecorder()
64
+
65
+
handler.Health(w, req)
66
+
67
+
if w.Code != http.StatusOK {
68
+
t.Errorf("Health() status = %d, want %d", w.Code, http.StatusOK)
69
+
}
70
+
71
+
var response map[string]interface{}
72
+
if err := json.NewDecoder(w.Body).Decode(&response); err != nil {
73
+
t.Fatalf("Failed to decode response: %v", err)
74
+
}
75
+
76
+
if response["status"] != "healthy" {
77
+
t.Errorf("Health() response = %v, want status=healthy", response)
78
+
}
79
+
}
80
+
81
+
func TestHandler_IndexAnnotation_InvalidBody(t *testing.T) {
82
+
handler := createTestHandler(t)
83
+
84
+
req := httptest.NewRequest("POST", "/api/annotations/index", bytes.NewReader([]byte("invalid json")))
85
+
w := httptest.NewRecorder()
86
+
87
+
handler.IndexAnnotation(w, req)
88
+
89
+
if w.Code != http.StatusBadRequest {
90
+
t.Errorf("IndexAnnotation() status = %d, want %d", w.Code, http.StatusBadRequest)
91
+
}
92
+
}
93
+
94
+
func TestHandler_IndexAnnotation_MissingURI(t *testing.T) {
95
+
handler := createTestHandler(t)
96
+
97
+
body := IndexAnnotationRequest{URI: "", CID: "testcid"}
98
+
jsonBody, _ := json.Marshal(body)
99
+
req := httptest.NewRequest("POST", "/api/annotations/index", bytes.NewReader(jsonBody))
100
+
w := httptest.NewRecorder()
101
+
102
+
handler.IndexAnnotation(w, req)
103
+
104
+
if w.Code != http.StatusBadRequest {
105
+
t.Errorf("IndexAnnotation() status = %d, want %d", w.Code, http.StatusBadRequest)
106
+
}
107
+
}
108
+
109
+
func TestHandler_IndexAnnotation_MissingCID(t *testing.T) {
110
+
handler := createTestHandler(t)
111
+
112
+
body := IndexAnnotationRequest{URI: "at://test/col/123", CID: ""}
113
+
jsonBody, _ := json.Marshal(body)
114
+
req := httptest.NewRequest("POST", "/api/annotations/index", bytes.NewReader(jsonBody))
115
+
w := httptest.NewRecorder()
116
+
117
+
handler.IndexAnnotation(w, req)
118
+
119
+
if w.Code != http.StatusBadRequest {
120
+
t.Errorf("IndexAnnotation() status = %d, want %d", w.Code, http.StatusBadRequest)
121
+
}
122
+
}
123
+
124
+
func TestHandler_GetAnnotations_InvalidLimit(t *testing.T) {
125
+
handler := createTestHandler(t)
126
+
127
+
tests := []struct {
128
+
name string
129
+
limit string
130
+
}{
131
+
{"non-numeric", "abc"},
132
+
{"negative", "-5"},
133
+
{"zero", "0"},
134
+
}
135
+
136
+
for _, tt := range tests {
137
+
t.Run(tt.name, func(t *testing.T) {
138
+
req := httptest.NewRequest("GET", "/api/annotations?limit="+tt.limit, nil)
139
+
w := httptest.NewRecorder()
140
+
141
+
handler.GetAnnotations(w, req)
142
+
143
+
if w.Code != http.StatusBadRequest {
144
+
t.Errorf("GetAnnotations() with limit=%s status = %d, want %d", tt.limit, w.Code, http.StatusBadRequest)
145
+
}
146
+
})
147
+
}
148
+
}
149
+
150
+
func TestHandler_GetAnnotations_ByURL(t *testing.T) {
151
+
database, err := db.New(":memory:")
152
+
if err != nil {
153
+
t.Fatalf("Failed to create test database: %v", err)
154
+
}
155
+
defer database.Close()
156
+
157
+
// Insert test data
158
+
_, err = database.Conn().Exec(`
159
+
INSERT INTO annotations (uri, cid, author_did, target_url, selectors_json, created_at)
160
+
VALUES
161
+
('at://did:plc:1/col/1', 'cid1', 'did:plc:1', 'https://example.com/page', '[]', '2024-01-01T12:00:00Z'),
162
+
('at://did:plc:2/col/2', 'cid2', 'did:plc:2', 'https://example.com/page', '[]', '2024-01-02T12:00:00Z'),
163
+
('at://did:plc:3/col/3', 'cid3', 'did:plc:3', 'https://other.com/page', '[]', '2024-01-03T12:00:00Z')
164
+
`)
165
+
if err != nil {
166
+
t.Fatalf("Failed to insert test data: %v", err)
167
+
}
168
+
169
+
indexer := service.NewIndexerService(database, nil)
170
+
handler := NewHandler(indexer)
171
+
172
+
req := httptest.NewRequest("GET", "/api/annotations?url=https://example.com/page", nil)
173
+
w := httptest.NewRecorder()
174
+
175
+
handler.GetAnnotations(w, req)
176
+
177
+
if w.Code != http.StatusOK {
178
+
t.Errorf("GetAnnotations() status = %d, want %d", w.Code, http.StatusOK)
179
+
}
180
+
181
+
var response map[string]interface{}
182
+
if err := json.NewDecoder(w.Body).Decode(&response); err != nil {
183
+
t.Fatalf("Failed to decode response: %v", err)
184
+
}
185
+
186
+
count := int(response["count"].(float64))
187
+
if count != 2 {
188
+
t.Errorf("GetAnnotations() count = %d, want 2", count)
189
+
}
190
+
}
191
+
192
+
func TestHandler_GetAnnotations_Recent(t *testing.T) {
193
+
database, err := db.New(":memory:")
194
+
if err != nil {
195
+
t.Fatalf("Failed to create test database: %v", err)
196
+
}
197
+
defer database.Close()
198
+
199
+
// Insert test data
200
+
_, err = database.Conn().Exec(`
201
+
INSERT INTO annotations (uri, cid, author_did, target_url, selectors_json, created_at)
202
+
VALUES
203
+
('at://did:plc:1/col/1', 'cid1', 'did:plc:1', 'https://example.com/page', '[]', '2024-01-01T12:00:00Z'),
204
+
('at://did:plc:2/col/2', 'cid2', 'did:plc:2', 'https://other.com/page', '[]', '2024-01-02T12:00:00Z')
205
+
`)
206
+
if err != nil {
207
+
t.Fatalf("Failed to insert test data: %v", err)
208
+
}
209
+
210
+
indexer := service.NewIndexerService(database, nil)
211
+
handler := NewHandler(indexer)
212
+
213
+
// No URL parameter - should get recent annotations
214
+
req := httptest.NewRequest("GET", "/api/annotations?limit=10", nil)
215
+
w := httptest.NewRecorder()
216
+
217
+
handler.GetAnnotations(w, req)
218
+
219
+
if w.Code != http.StatusOK {
220
+
t.Errorf("GetAnnotations() status = %d, want %d", w.Code, http.StatusOK)
221
+
}
222
+
223
+
var response map[string]interface{}
224
+
if err := json.NewDecoder(w.Body).Decode(&response); err != nil {
225
+
t.Fatalf("Failed to decode response: %v", err)
226
+
}
227
+
228
+
count := int(response["count"].(float64))
229
+
if count != 2 {
230
+
t.Errorf("GetAnnotations() count = %d, want 2", count)
231
+
}
232
+
}
233
+
234
+
func TestHandler_GetAnnotations_DefaultLimit(t *testing.T) {
235
+
database, err := db.New(":memory:")
236
+
if err != nil {
237
+
t.Fatalf("Failed to create test database: %v", err)
238
+
}
239
+
defer database.Close()
240
+
241
+
indexer := service.NewIndexerService(database, nil)
242
+
handler := NewHandler(indexer)
243
+
244
+
// No limit parameter - should use default of 50
245
+
req := httptest.NewRequest("GET", "/api/annotations", nil)
246
+
w := httptest.NewRecorder()
247
+
248
+
handler.GetAnnotations(w, req)
249
+
250
+
if w.Code != http.StatusOK {
251
+
t.Errorf("GetAnnotations() status = %d, want %d", w.Code, http.StatusOK)
252
+
}
253
+
}
+182
server/internal/api/ratelimit_test.go
+182
server/internal/api/ratelimit_test.go
···
1
+
package api
2
+
3
+
import (
4
+
"net/http"
5
+
"net/http/httptest"
6
+
"testing"
7
+
"time"
8
+
)
9
+
10
+
func TestVisitor_Allow(t *testing.T) {
11
+
v := &visitor{
12
+
tokens: 5.0,
13
+
lastUpdate: time.Now(),
14
+
limit: 10.0,
15
+
refillRate: 1.0, // 1 token per second
16
+
}
17
+
18
+
// Should allow first request
19
+
if !v.allow() {
20
+
t.Error("allow() = false, want true")
21
+
}
22
+
23
+
// Tokens should decrease
24
+
if v.tokens >= 5.0 {
25
+
t.Errorf("tokens = %f, want < 5.0", v.tokens)
26
+
}
27
+
}
28
+
29
+
func TestVisitor_Allow_ExhaustedTokens(t *testing.T) {
30
+
v := &visitor{
31
+
tokens: 0.5, // Less than 1 token
32
+
lastUpdate: time.Now(),
33
+
limit: 10.0,
34
+
refillRate: 0.1,
35
+
}
36
+
37
+
if v.allow() {
38
+
t.Error("allow() = true, want false (tokens exhausted)")
39
+
}
40
+
}
41
+
42
+
func TestVisitor_Allow_TokenRefill(t *testing.T) {
43
+
v := &visitor{
44
+
tokens: 0.0,
45
+
lastUpdate: time.Now().Add(-2 * time.Second), // 2 seconds ago
46
+
limit: 10.0,
47
+
refillRate: 1.0, // 1 token per second
48
+
}
49
+
50
+
// Should have refilled ~2 tokens
51
+
if !v.allow() {
52
+
t.Error("allow() = false after refill, want true")
53
+
}
54
+
}
55
+
56
+
func TestVisitor_Allow_TokensCappedAtLimit(t *testing.T) {
57
+
v := &visitor{
58
+
tokens: 5.0,
59
+
lastUpdate: time.Now().Add(-100 * time.Second), // Long time ago
60
+
limit: 10.0,
61
+
refillRate: 10.0,
62
+
}
63
+
64
+
v.allow()
65
+
66
+
// Tokens should be capped at limit (10) minus 1 for the request
67
+
if v.tokens > 10.0 {
68
+
t.Errorf("tokens = %f, want <= 10.0 (capped at limit)", v.tokens)
69
+
}
70
+
}
71
+
72
+
func TestRateLimiter_GetVisitor(t *testing.T) {
73
+
// Reset global limiter for test
74
+
limiter = &rateLimiter{
75
+
visitors: make(map[string]*visitor),
76
+
cleanup: time.NewTicker(1 * time.Hour), // Long interval for test
77
+
}
78
+
79
+
t.Run("GET request limits", func(t *testing.T) {
80
+
v := limiter.getVisitor("1.2.3.4", "GET")
81
+
82
+
if v.limit != 100.0 {
83
+
t.Errorf("GET limit = %f, want 100.0", v.limit)
84
+
}
85
+
if v.refillRate != 100.0/60.0 {
86
+
t.Errorf("GET refillRate = %f, want %f", v.refillRate, 100.0/60.0)
87
+
}
88
+
})
89
+
90
+
t.Run("POST request limits", func(t *testing.T) {
91
+
v := limiter.getVisitor("5.6.7.8", "POST")
92
+
93
+
if v.limit != 10.0 {
94
+
t.Errorf("POST limit = %f, want 10.0", v.limit)
95
+
}
96
+
if v.refillRate != 10.0/60.0 {
97
+
t.Errorf("POST refillRate = %f, want %f", v.refillRate, 10.0/60.0)
98
+
}
99
+
})
100
+
101
+
t.Run("returns same visitor for same IP", func(t *testing.T) {
102
+
v1 := limiter.getVisitor("same.ip", "GET")
103
+
v2 := limiter.getVisitor("same.ip", "GET")
104
+
105
+
if v1 != v2 {
106
+
t.Error("getVisitor() returned different visitors for same IP")
107
+
}
108
+
})
109
+
}
110
+
111
+
func TestMin(t *testing.T) {
112
+
tests := []struct {
113
+
a, b, want float64
114
+
}{
115
+
{1.0, 2.0, 1.0},
116
+
{2.0, 1.0, 1.0},
117
+
{1.0, 1.0, 1.0},
118
+
{-1.0, 1.0, -1.0},
119
+
{0.0, 0.0, 0.0},
120
+
}
121
+
122
+
for _, tt := range tests {
123
+
got := min(tt.a, tt.b)
124
+
if got != tt.want {
125
+
t.Errorf("min(%f, %f) = %f, want %f", tt.a, tt.b, got, tt.want)
126
+
}
127
+
}
128
+
}
129
+
130
+
func TestRateLimitMiddleware(t *testing.T) {
131
+
// Reset global limiter for test
132
+
limiter = &rateLimiter{
133
+
visitors: make(map[string]*visitor),
134
+
cleanup: time.NewTicker(1 * time.Hour),
135
+
}
136
+
137
+
middleware := RateLimitMiddleware()
138
+
139
+
// Create a test handler that just returns 200
140
+
nextHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
141
+
w.WriteHeader(http.StatusOK)
142
+
})
143
+
144
+
handler := middleware(nextHandler)
145
+
146
+
t.Run("allows requests within limit", func(t *testing.T) {
147
+
req := httptest.NewRequest("GET", "/test", nil)
148
+
req.RemoteAddr = "test.ip.1:12345"
149
+
w := httptest.NewRecorder()
150
+
151
+
handler.ServeHTTP(w, req)
152
+
153
+
if w.Code != http.StatusOK {
154
+
t.Errorf("status = %d, want %d", w.Code, http.StatusOK)
155
+
}
156
+
})
157
+
158
+
t.Run("rate limits after exhaustion", func(t *testing.T) {
159
+
// Use a fresh IP and exhaust its tokens
160
+
testIP := "exhausted.ip:12345"
161
+
162
+
// Set up a visitor with no tokens
163
+
limiter.mu.Lock()
164
+
limiter.visitors[testIP] = &visitor{
165
+
tokens: 0.0,
166
+
lastUpdate: time.Now(),
167
+
limit: 10.0,
168
+
refillRate: 0.001, // Very slow refill
169
+
}
170
+
limiter.mu.Unlock()
171
+
172
+
req := httptest.NewRequest("GET", "/test", nil)
173
+
req.RemoteAddr = testIP
174
+
w := httptest.NewRecorder()
175
+
176
+
handler.ServeHTTP(w, req)
177
+
178
+
if w.Code != http.StatusTooManyRequests {
179
+
t.Errorf("status = %d, want %d", w.Code, http.StatusTooManyRequests)
180
+
}
181
+
})
182
+
}
+308
server/internal/atproto/client_test.go
+308
server/internal/atproto/client_test.go
···
1
+
package atproto
2
+
3
+
import (
4
+
"errors"
5
+
"strings"
6
+
"testing"
7
+
)
8
+
9
+
func TestNewClient(t *testing.T) {
10
+
client := NewClient()
11
+
if client == nil {
12
+
t.Fatal("NewClient() returned nil")
13
+
}
14
+
if client.httpClient == nil {
15
+
t.Error("httpClient is nil")
16
+
}
17
+
if client.httpClient.Timeout.Seconds() != 10 {
18
+
t.Errorf("Expected 10 second timeout, got %v", client.httpClient.Timeout)
19
+
}
20
+
}
21
+
22
+
// Tests using recorded real ATProto responses
23
+
24
+
func TestClient_resolvePLCDID_WithRecordedResponse(t *testing.T) {
25
+
// This uses a real recorded response from plc.directory for bsky.app's DID
26
+
client := NewVCRClient(map[string]string{
27
+
"plc.directory/did:plc:z72i7hdynmk6r22z27h6tvur": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
28
+
})
29
+
30
+
pdsURL, err := client.resolvePLCDID("did:plc:z72i7hdynmk6r22z27h6tvur")
31
+
if err != nil {
32
+
t.Fatalf("resolvePLCDID failed: %v", err)
33
+
}
34
+
35
+
expected := "https://puffball.us-east.host.bsky.network"
36
+
if pdsURL != expected {
37
+
t.Errorf("Expected PDS URL %q, got %q", expected, pdsURL)
38
+
}
39
+
}
40
+
41
+
func TestClient_resolveDIDToPDS_WithRecordedResponse(t *testing.T) {
42
+
client := NewVCRClient(map[string]string{
43
+
"plc.directory/did:plc:z72i7hdynmk6r22z27h6tvur": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
44
+
})
45
+
46
+
pdsURL, err := client.resolveDIDToPDS("did:plc:z72i7hdynmk6r22z27h6tvur")
47
+
if err != nil {
48
+
t.Fatalf("resolveDIDToPDS failed: %v", err)
49
+
}
50
+
51
+
expected := "https://puffball.us-east.host.bsky.network"
52
+
if pdsURL != expected {
53
+
t.Errorf("Expected PDS URL %q, got %q", expected, pdsURL)
54
+
}
55
+
}
56
+
57
+
func TestClient_GetProfile_WithRecordedResponse(t *testing.T) {
58
+
// This test uses recorded responses for both PLC resolution and repo description
59
+
client := NewVCRClient(map[string]string{
60
+
"plc.directory/did:plc:z72i7hdynmk6r22z27h6tvur": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
61
+
"com.atproto.repo.describeRepo": "pds_describe_repo_bsky_app.json",
62
+
})
63
+
64
+
handle, err := client.GetProfile("did:plc:z72i7hdynmk6r22z27h6tvur")
65
+
if err != nil {
66
+
t.Fatalf("GetProfile failed: %v", err)
67
+
}
68
+
69
+
expected := "bsky.app"
70
+
if handle != expected {
71
+
t.Errorf("Expected handle %q, got %q", expected, handle)
72
+
}
73
+
}
74
+
75
+
func TestClient_ResolveHandle_WithRecordedResponse(t *testing.T) {
76
+
client := NewVCRClient(map[string]string{
77
+
"com.atproto.identity.resolveHandle": "bsky_resolve_handle_jay_bsky_team.json",
78
+
})
79
+
80
+
did, err := client.ResolveHandle("jay.bsky.team")
81
+
if err != nil {
82
+
t.Fatalf("ResolveHandle failed: %v", err)
83
+
}
84
+
85
+
expected := "did:plc:oky5czdrnfjpqslsw2a5iclo"
86
+
if did != expected {
87
+
t.Errorf("Expected DID %q, got %q", expected, did)
88
+
}
89
+
}
90
+
91
+
// Tests for error handling
92
+
93
+
func TestClient_resolveDIDToPDS_UnsupportedMethod(t *testing.T) {
94
+
client := NewClient()
95
+
96
+
_, err := client.resolveDIDToPDS("did:web:example.com")
97
+
if err == nil {
98
+
t.Error("Expected error for unsupported DID method, got nil")
99
+
}
100
+
if !strings.Contains(err.Error(), "unsupported DID method") {
101
+
t.Errorf("Expected 'unsupported DID method' error, got: %v", err)
102
+
}
103
+
}
104
+
105
+
func TestClient_resolvePLCDID_HTTPError(t *testing.T) {
106
+
client := NewVCRErrorClient(404, `{"error": "DID not found"}`)
107
+
108
+
_, err := client.resolvePLCDID("did:plc:nonexistent")
109
+
if err == nil {
110
+
t.Error("Expected error for 404 response, got nil")
111
+
}
112
+
if !strings.Contains(err.Error(), "404") {
113
+
t.Errorf("Expected error containing '404', got: %v", err)
114
+
}
115
+
}
116
+
117
+
func TestClient_resolvePLCDID_NetworkError(t *testing.T) {
118
+
client := NewVCRNetworkErrorClient(errors.New("connection refused"))
119
+
120
+
_, err := client.resolvePLCDID("did:plc:test")
121
+
if err == nil {
122
+
t.Error("Expected error for network failure, got nil")
123
+
}
124
+
if !strings.Contains(err.Error(), "connection refused") {
125
+
t.Errorf("Expected 'connection refused' error, got: %v", err)
126
+
}
127
+
}
128
+
129
+
func TestClient_resolvePLCDID_NoAtprotoService(t *testing.T) {
130
+
// DID document without AtprotoPersonalDataServer service
131
+
client := NewVCRClient(map[string]string{
132
+
"plc.directory/did:plc:nopdsservice": "did_no_pds_service.json",
133
+
})
134
+
135
+
_, err := client.resolvePLCDID("did:plc:nopdsservice")
136
+
if err == nil {
137
+
t.Error("Expected error for DID without AtprotoPersonalDataServer, got nil")
138
+
}
139
+
if !strings.Contains(err.Error(), "no AtprotoPersonalDataServer service found") {
140
+
t.Errorf("Expected 'no AtprotoPersonalDataServer service found' error, got: %v", err)
141
+
}
142
+
}
143
+
144
+
func TestClient_GetRecord_WithRecordedResponse(t *testing.T) {
145
+
// Test successful record fetch with recorded responses
146
+
client := NewVCRClient(map[string]string{
147
+
"plc.directory/did:plc:z72i7hdynmk6r22z27h6tvur": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
148
+
"com.atproto.repo.getRecord": "pds_get_record_annotation.json",
149
+
})
150
+
151
+
record, err := client.GetRecord(
152
+
"at://did:plc:z72i7hdynmk6r22z27h6tvur/community.lexicon.annotation.annotation/3abc123",
153
+
"bafyreihtest123",
154
+
)
155
+
if err != nil {
156
+
t.Fatalf("GetRecord failed: %v", err)
157
+
}
158
+
159
+
if record == nil {
160
+
t.Fatal("Expected record, got nil")
161
+
}
162
+
163
+
if record.Type != "community.lexicon.annotation.annotation" {
164
+
t.Errorf("Expected type 'community.lexicon.annotation.annotation', got %q", record.Type)
165
+
}
166
+
167
+
if record.Body != "This is my annotation note" {
168
+
t.Errorf("Expected body 'This is my annotation note', got %q", record.Body)
169
+
}
170
+
171
+
if len(record.Target) == 0 {
172
+
t.Fatal("Expected at least one target")
173
+
}
174
+
175
+
if record.Target[0].Source != "https://example.com/article" {
176
+
t.Errorf("Expected source 'https://example.com/article', got %q", record.Target[0].Source)
177
+
}
178
+
179
+
if len(record.Tags) != 2 {
180
+
t.Errorf("Expected 2 tags, got %d", len(record.Tags))
181
+
}
182
+
}
183
+
184
+
func TestClient_GetProfile_HTTPError(t *testing.T) {
185
+
client := NewVCRClient(map[string]string{
186
+
"plc.directory": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
187
+
})
188
+
// Override with error for the describeRepo call
189
+
client.httpClient.Transport = &VCRTransport{
190
+
Recordings: map[string]string{
191
+
"plc.directory": "testdata/plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
192
+
},
193
+
Fallback: &VCRErrorTransport{
194
+
StatusCode: 500,
195
+
Body: `{"error": "Internal Server Error"}`,
196
+
},
197
+
}
198
+
199
+
_, err := client.GetProfile("did:plc:z72i7hdynmk6r22z27h6tvur")
200
+
if err == nil {
201
+
t.Error("Expected error for 500 response, got nil")
202
+
}
203
+
}
204
+
205
+
func TestClient_ResolveHandle_HTTPError(t *testing.T) {
206
+
client := NewVCRErrorClient(404, `{"error": "Handle not found"}`)
207
+
208
+
_, err := client.ResolveHandle("nonexistent.invalid")
209
+
if err == nil {
210
+
t.Error("Expected error for 404 response, got nil")
211
+
}
212
+
if !strings.Contains(err.Error(), "404") {
213
+
t.Errorf("Expected error containing '404', got: %v", err)
214
+
}
215
+
}
216
+
217
+
func TestClient_ResolveHandle_NetworkError(t *testing.T) {
218
+
client := NewVCRNetworkErrorClient(errors.New("DNS lookup failed"))
219
+
220
+
_, err := client.ResolveHandle("test.bsky.social")
221
+
if err == nil {
222
+
t.Error("Expected error for network failure, got nil")
223
+
}
224
+
}
225
+
226
+
func TestClient_GetRecord_InvalidURI(t *testing.T) {
227
+
client := NewClient()
228
+
229
+
tests := []struct {
230
+
name string
231
+
uri string
232
+
}{
233
+
{"missing collection and rkey", "at://did:plc:test123"},
234
+
{"missing rkey", "at://did:plc:test123/collection"},
235
+
{"empty uri", ""},
236
+
{"just prefix", "at://"},
237
+
}
238
+
239
+
for _, tt := range tests {
240
+
t.Run(tt.name, func(t *testing.T) {
241
+
_, err := client.GetRecord(tt.uri, "cid")
242
+
if err == nil {
243
+
t.Errorf("Expected error for URI %q, got nil", tt.uri)
244
+
}
245
+
if !strings.Contains(err.Error(), "invalid AT URI format") {
246
+
t.Errorf("Expected 'invalid AT URI format' error, got: %v", err)
247
+
}
248
+
})
249
+
}
250
+
}
251
+
252
+
func TestClient_GetRecord_DIDResolutionError(t *testing.T) {
253
+
// Client that fails on PLC resolution
254
+
client := NewVCRErrorClient(404, `{"error": "DID not found"}`)
255
+
256
+
_, err := client.GetRecord("at://did:plc:nonexistent/collection/rkey", "cid")
257
+
if err == nil {
258
+
t.Error("Expected error for failed DID resolution, got nil")
259
+
}
260
+
if !strings.Contains(err.Error(), "failed to resolve DID") {
261
+
t.Errorf("Expected 'failed to resolve DID' error, got: %v", err)
262
+
}
263
+
}
264
+
265
+
func TestClient_GetRecord_PDSError(t *testing.T) {
266
+
// Client that succeeds on PLC but fails on PDS
267
+
client := NewVCRClient(map[string]string{
268
+
"plc.directory": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
269
+
})
270
+
client.httpClient.Transport = &VCRTransport{
271
+
Recordings: map[string]string{
272
+
"plc.directory": "testdata/plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
273
+
},
274
+
Fallback: &VCRErrorTransport{
275
+
StatusCode: 404,
276
+
Body: `{"error": "Record not found"}`,
277
+
},
278
+
}
279
+
280
+
_, err := client.GetRecord("at://did:plc:z72i7hdynmk6r22z27h6tvur/collection/rkey", "cid")
281
+
if err == nil {
282
+
t.Error("Expected error for PDS 404, got nil")
283
+
}
284
+
if !strings.Contains(err.Error(), "404") {
285
+
t.Errorf("Expected error containing '404', got: %v", err)
286
+
}
287
+
}
288
+
289
+
// Benchmark tests
290
+
291
+
func BenchmarkResolvePLCDID(b *testing.B) {
292
+
client := NewVCRClient(map[string]string{
293
+
"plc.directory": "plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json",
294
+
})
295
+
296
+
b.ResetTimer()
297
+
for i := 0; i < b.N; i++ {
298
+
_, _ = client.resolvePLCDID("did:plc:z72i7hdynmk6r22z27h6tvur")
299
+
}
300
+
}
301
+
302
+
func BenchmarkURIParsing(b *testing.B) {
303
+
uri := "at://did:plc:test123/community.lexicon.annotation.annotation/abc123"
304
+
for i := 0; i < b.N; i++ {
305
+
parts := strings.SplitN(strings.TrimPrefix(uri, "at://"), "/", 3)
306
+
_ = parts
307
+
}
308
+
}
+3
server/internal/atproto/testdata/bsky_resolve_handle_jay_bsky_team.json
+3
server/internal/atproto/testdata/bsky_resolve_handle_jay_bsky_team.json
+22
server/internal/atproto/testdata/did_no_pds_service.json
+22
server/internal/atproto/testdata/did_no_pds_service.json
···
1
+
{
2
+
"@context": [
3
+
"https://www.w3.org/ns/did/v1"
4
+
],
5
+
"id": "did:plc:nopdsservice",
6
+
"alsoKnownAs": ["at://no-pds.test"],
7
+
"verificationMethod": [
8
+
{
9
+
"id": "did:plc:nopdsservice#atproto",
10
+
"type": "Multikey",
11
+
"controller": "did:plc:nopdsservice",
12
+
"publicKeyMultibase": "zTestKey123"
13
+
}
14
+
],
15
+
"service": [
16
+
{
17
+
"id": "#other_service",
18
+
"type": "SomeOtherService",
19
+
"serviceEndpoint": "https://other.example.com"
20
+
}
21
+
]
22
+
}
+45
server/internal/atproto/testdata/pds_describe_repo_bsky_app.json
+45
server/internal/atproto/testdata/pds_describe_repo_bsky_app.json
···
1
+
{
2
+
"handle": "bsky.app",
3
+
"did": "did:plc:z72i7hdynmk6r22z27h6tvur",
4
+
"didDoc": {
5
+
"@context": [
6
+
"https://www.w3.org/ns/did/v1",
7
+
"https://w3id.org/security/multikey/v1",
8
+
"https://w3id.org/security/suites/secp256k1-2019/v1"
9
+
],
10
+
"id": "did:plc:z72i7hdynmk6r22z27h6tvur",
11
+
"alsoKnownAs": ["at://bsky.app"],
12
+
"verificationMethod": [
13
+
{
14
+
"id": "did:plc:z72i7hdynmk6r22z27h6tvur#atproto",
15
+
"type": "Multikey",
16
+
"controller": "did:plc:z72i7hdynmk6r22z27h6tvur",
17
+
"publicKeyMultibase": "zQ3shQo6TF2moaqMTrUZEM1jeuYRQXeHEx4evX9751y2qPqRA"
18
+
}
19
+
],
20
+
"service": [
21
+
{
22
+
"id": "#atproto_pds",
23
+
"type": "AtprotoPersonalDataServer",
24
+
"serviceEndpoint": "https://puffball.us-east.host.bsky.network"
25
+
}
26
+
]
27
+
},
28
+
"collections": [
29
+
"app.bsky.actor.profile",
30
+
"app.bsky.feed.generator",
31
+
"app.bsky.feed.like",
32
+
"app.bsky.feed.post",
33
+
"app.bsky.feed.repost",
34
+
"app.bsky.feed.threadgate",
35
+
"app.bsky.graph.block",
36
+
"app.bsky.graph.follow",
37
+
"app.bsky.graph.list",
38
+
"app.bsky.graph.listitem",
39
+
"app.bsky.graph.starterpack",
40
+
"app.bsky.graph.verification",
41
+
"app.bsky.notification.declaration",
42
+
"chat.bsky.actor.declaration"
43
+
],
44
+
"handleIsCorrect": true
45
+
}
+28
server/internal/atproto/testdata/pds_get_record_annotation.json
+28
server/internal/atproto/testdata/pds_get_record_annotation.json
···
1
+
{
2
+
"uri": "at://did:plc:z72i7hdynmk6r22z27h6tvur/community.lexicon.annotation.annotation/3abc123",
3
+
"cid": "bafyreihtest123",
4
+
"value": {
5
+
"$type": "community.lexicon.annotation.annotation",
6
+
"target": [
7
+
{
8
+
"source": "https://example.com/article",
9
+
"selector": [
10
+
{
11
+
"type": "community.lexicon.annotation.annotation#textQuoteSelector",
12
+
"exact": "This is the highlighted text",
13
+
"prefix": "Before: ",
14
+
"suffix": " :After"
15
+
},
16
+
{
17
+
"type": "community.lexicon.annotation.annotation#textPositionSelector",
18
+
"start": 100,
19
+
"end": 128
20
+
}
21
+
]
22
+
}
23
+
],
24
+
"body": "This is my annotation note",
25
+
"tags": ["test", "example"],
26
+
"createdAt": "2024-01-15T12:00:00Z"
27
+
}
28
+
}
+24
server/internal/atproto/testdata/plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json
+24
server/internal/atproto/testdata/plc_directory_did_plc_z72i7hdynmk6r22z27h6tvur.json
···
1
+
{
2
+
"@context": [
3
+
"https://www.w3.org/ns/did/v1",
4
+
"https://w3id.org/security/multikey/v1",
5
+
"https://w3id.org/security/suites/secp256k1-2019/v1"
6
+
],
7
+
"id": "did:plc:z72i7hdynmk6r22z27h6tvur",
8
+
"alsoKnownAs": ["at://bsky.app"],
9
+
"verificationMethod": [
10
+
{
11
+
"id": "did:plc:z72i7hdynmk6r22z27h6tvur#atproto",
12
+
"type": "Multikey",
13
+
"controller": "did:plc:z72i7hdynmk6r22z27h6tvur",
14
+
"publicKeyMultibase": "zQ3shQo6TF2moaqMTrUZEM1jeuYRQXeHEx4evX9751y2qPqRA"
15
+
}
16
+
],
17
+
"service": [
18
+
{
19
+
"id": "#atproto_pds",
20
+
"type": "AtprotoPersonalDataServer",
21
+
"serviceEndpoint": "https://puffball.us-east.host.bsky.network"
22
+
}
23
+
]
24
+
}
+118
server/internal/atproto/vcr_test.go
+118
server/internal/atproto/vcr_test.go
···
1
+
package atproto
2
+
3
+
import (
4
+
"fmt"
5
+
"io"
6
+
"net/http"
7
+
"os"
8
+
"path/filepath"
9
+
"strings"
10
+
)
11
+
12
+
// VCRTransport is an http.RoundTripper that serves recorded responses from golden files.
13
+
// It maps URL patterns to testdata files, allowing tests to run against real ATProto
14
+
// responses without network access.
15
+
type VCRTransport struct {
16
+
// Recordings maps URL patterns to testdata file paths
17
+
Recordings map[string]string
18
+
// Fallback transport for unmatched requests (nil = return error)
19
+
Fallback http.RoundTripper
20
+
}
21
+
22
+
// RoundTrip implements http.RoundTripper
23
+
func (v *VCRTransport) RoundTrip(req *http.Request) (*http.Response, error) {
24
+
url := req.URL.String()
25
+
26
+
// Find matching recording
27
+
for pattern, filePath := range v.Recordings {
28
+
if strings.Contains(url, pattern) {
29
+
return v.serveRecording(filePath)
30
+
}
31
+
}
32
+
33
+
// No match found
34
+
if v.Fallback != nil {
35
+
return v.Fallback.RoundTrip(req)
36
+
}
37
+
38
+
return nil, fmt.Errorf("VCR: no recording found for URL: %s", url)
39
+
}
40
+
41
+
func (v *VCRTransport) serveRecording(filePath string) (*http.Response, error) {
42
+
data, err := os.ReadFile(filePath)
43
+
if err != nil {
44
+
return nil, fmt.Errorf("VCR: failed to read recording %s: %w", filePath, err)
45
+
}
46
+
47
+
return &http.Response{
48
+
StatusCode: http.StatusOK,
49
+
Status: "200 OK",
50
+
Body: io.NopCloser(strings.NewReader(string(data))),
51
+
Header: make(http.Header),
52
+
}, nil
53
+
}
54
+
55
+
// NewVCRClient creates an ATProto Client with VCR transport for testing.
56
+
// The recordings map URL patterns to testdata file names.
57
+
func NewVCRClient(recordings map[string]string) *Client {
58
+
// Resolve testdata paths
59
+
resolvedRecordings := make(map[string]string)
60
+
for pattern, filename := range recordings {
61
+
resolvedRecordings[pattern] = filepath.Join("testdata", filename)
62
+
}
63
+
64
+
transport := &VCRTransport{
65
+
Recordings: resolvedRecordings,
66
+
}
67
+
68
+
return &Client{
69
+
httpClient: &http.Client{
70
+
Transport: transport,
71
+
},
72
+
}
73
+
}
74
+
75
+
// VCRErrorTransport returns error responses for testing error handling
76
+
type VCRErrorTransport struct {
77
+
StatusCode int
78
+
Body string
79
+
}
80
+
81
+
func (v *VCRErrorTransport) RoundTrip(req *http.Request) (*http.Response, error) {
82
+
return &http.Response{
83
+
StatusCode: v.StatusCode,
84
+
Status: fmt.Sprintf("%d Error", v.StatusCode),
85
+
Body: io.NopCloser(strings.NewReader(v.Body)),
86
+
Header: make(http.Header),
87
+
}, nil
88
+
}
89
+
90
+
// NewVCRErrorClient creates an ATProto Client that returns error responses
91
+
func NewVCRErrorClient(statusCode int, body string) *Client {
92
+
return &Client{
93
+
httpClient: &http.Client{
94
+
Transport: &VCRErrorTransport{
95
+
StatusCode: statusCode,
96
+
Body: body,
97
+
},
98
+
},
99
+
}
100
+
}
101
+
102
+
// VCRNetworkErrorTransport simulates network errors
103
+
type VCRNetworkErrorTransport struct {
104
+
Err error
105
+
}
106
+
107
+
func (v *VCRNetworkErrorTransport) RoundTrip(req *http.Request) (*http.Response, error) {
108
+
return nil, v.Err
109
+
}
110
+
111
+
// NewVCRNetworkErrorClient creates an ATProto Client that returns network errors
112
+
func NewVCRNetworkErrorClient(err error) *Client {
113
+
return &Client{
114
+
httpClient: &http.Client{
115
+
Transport: &VCRNetworkErrorTransport{Err: err},
116
+
},
117
+
}
118
+
}
+5
-17
server/internal/models/annotation.go
+5
-17
server/internal/models/annotation.go
···
1
-
// AMPDO: I think this is wrong
2
-
// We need to make sure that this type matches up with the type the frontend uses
3
-
// @packages/core/src/types.ts
4
-
// I believe that type is correct, it handles the shape same as the records
5
-
// I'm not sure yet how we should reperesent the atproto record as a normalized sql table
6
-
// But we certainly can't be doing this...
7
-
8
-
// Once we standardize types across the frontend and the backend
9
-
// We need to make a web-component for rendering the data
10
-
// And use that same component across the frontend
11
-
12
1
package models
13
2
14
3
// Annotation represents a web annotation matching @packages/core/src/types.ts
···
47
36
48
37
// ATProtoAnnotation represents the annotation record from ATProto
49
38
type ATProtoAnnotation struct {
50
-
Type string `json:"$type"`
51
-
Target []Target `json:"target"`
52
-
Body string `json:"body,omitempty"`
53
-
Tags []string `json:"tags,omitempty"`
54
-
CreatedAt string `json:"createdAt"`
39
+
Type string `json:"$type"`
40
+
Target []Target `json:"target"`
41
+
Body string `json:"body,omitempty"`
42
+
Tags []string `json:"tags,omitempty"`
43
+
CreatedAt string `json:"createdAt"`
55
44
}
56
45
57
46
type Target struct {
58
47
Source string `json:"source"`
59
48
Selector []Selector `json:"selector,omitempty"`
60
49
}
61
-
+7
server/internal/models/errors.go
+7
server/internal/models/errors.go
+99
-89
server/internal/service/indexer.go
+99
-89
server/internal/service/indexer.go
···
1
1
package service
2
2
3
3
import (
4
+
"context"
4
5
"database/sql"
5
6
"encoding/json"
6
7
"fmt"
···
13
14
)
14
15
15
16
type IndexerService struct {
16
-
db *db.DB
17
+
db *db.DB
17
18
atprotoClient *atproto.Client
18
19
}
19
20
20
21
func NewIndexerService(database *db.DB, client *atproto.Client) *IndexerService {
21
22
return &IndexerService{
22
-
db: database,
23
+
db: database,
23
24
atprotoClient: client,
24
25
}
25
26
}
···
29
30
MaxTotalAnnotations = 100000
30
31
)
31
32
32
-
// IndexAnnotation fetches and indexes an annotation from ATProto
33
+
// IndexAnnotation fetches and indexes an annotation from ATProto.
34
+
// Called by HTTP API.
33
35
func (s *IndexerService) IndexAnnotation(uri, cid string) error {
36
+
ctx := context.Background()
37
+
34
38
// Check total index size
35
39
var totalCount int
36
-
err := s.db.Conn().QueryRow("SELECT COUNT(*) FROM annotations").Scan(&totalCount)
40
+
err := s.db.Conn().QueryRowContext(ctx, "SELECT COUNT(*) FROM annotations").Scan(&totalCount)
37
41
if err != nil {
38
42
return fmt.Errorf("failed to check index size: %w", err)
39
43
}
40
-
44
+
41
45
if totalCount >= MaxTotalAnnotations {
42
46
return fmt.Errorf("index size limit reached (%d annotations)", MaxTotalAnnotations)
43
47
}
···
53
57
return fmt.Errorf("invalid record type: %s", record.Type)
54
58
}
55
59
56
-
// Extract target URL and selectors
57
-
if len(record.Target) == 0 {
58
-
return fmt.Errorf("annotation has no targets")
59
-
}
60
-
61
-
target := record.Target[0]
62
-
normalizedURL, err := db.NormalizeURL(target.Source)
63
-
if err != nil {
64
-
return fmt.Errorf("invalid target URL: %w", err)
65
-
}
66
-
67
-
// Check annotations per URL limit
68
-
var urlCount int
69
-
err = s.db.Conn().QueryRow("SELECT COUNT(*) FROM annotations WHERE target_url = ?", normalizedURL).Scan(&urlCount)
70
-
if err != nil {
71
-
return fmt.Errorf("failed to check URL annotation count: %w", err)
72
-
}
73
-
74
-
if urlCount >= MaxAnnotationsPerURL {
75
-
return fmt.Errorf("annotation limit per URL reached (%d annotations)", MaxAnnotationsPerURL)
76
-
}
77
-
78
60
// Extract author DID from URI
79
61
authorDID := extractAuthorDID(uri)
80
62
81
-
// Get author handle (best effort, don't fail if unavailable)
82
-
authorHandle, _ := s.atprotoClient.GetProfile(authorDID)
83
-
84
-
// Extract selectors
85
-
var exactText, prefix, suffix string
86
-
var positionStart, positionEnd *int
87
-
88
-
for _, selector := range target.Selector {
89
-
if selector.Type == "community.lexicon.annotation.annotation#textQuoteSelector" {
90
-
exactText = selector.Exact
91
-
prefix = selector.Prefix
92
-
suffix = selector.Suffix
93
-
} else if selector.Type == "community.lexicon.annotation.annotation#textPositionSelector" {
94
-
positionStart = selector.Start
95
-
positionEnd = selector.End
96
-
}
97
-
}
98
-
99
-
// Serialize selectors to JSON
100
-
selectorsJSON, err := json.Marshal(target.Selector)
101
-
if err != nil {
102
-
return fmt.Errorf("failed to marshal selectors: %w", err)
103
-
}
104
-
105
-
// Serialize tags to JSON
106
-
var tagsJSON []byte
107
-
if len(record.Tags) > 0 {
108
-
tagsJSON, err = json.Marshal(record.Tags)
109
-
if err != nil {
110
-
return fmt.Errorf("failed to marshal tags: %w", err)
111
-
}
112
-
}
113
-
114
-
// Parse createdAt timestamp
115
-
createdAt, err := time.Parse(time.RFC3339, record.CreatedAt)
116
-
if err != nil {
117
-
return fmt.Errorf("invalid createdAt timestamp: %w", err)
118
-
}
119
-
120
-
// Insert or replace annotation
121
-
query := `
122
-
INSERT OR REPLACE INTO annotations (
123
-
uri, cid, author_did, author_handle, target_url,
124
-
exact_text, prefix, suffix, position_start, position_end,
125
-
selectors_json, body, tags, created_at, indexed_at
126
-
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
127
-
`
128
-
129
-
_, err = s.db.Conn().Exec(query,
130
-
uri, cid, authorDID, authorHandle, normalizedURL,
131
-
exactText, prefix, suffix, positionStart, positionEnd,
132
-
string(selectorsJSON), record.Body, string(tagsJSON), createdAt,
133
-
)
134
-
135
-
if err != nil {
136
-
return fmt.Errorf("failed to insert annotation: %w", err)
137
-
}
138
-
139
-
return nil
63
+
return s.indexRecord(ctx, uri, cid, authorDID, record)
140
64
}
141
65
142
66
// GetAnnotationsByURL retrieves all annotations for a given URL
···
187
111
// Initialize nested structs
188
112
ann.Value = models.AnnotationValue{}
189
113
ann.Value.Target = models.TargetValue{}
190
-
114
+
191
115
var authorDID, authorHandle, targetURL, selectorsJSON, body, tagsStr sql.NullString
192
116
var exactText, prefix, suffix sql.NullString
193
117
var positionStart, positionEnd sql.NullInt64
···
240
164
}
241
165
242
166
// DeleteAnnotation removes an annotation by URI
243
-
func (s *IndexerService) DeleteAnnotation(uri string) error {
167
+
func (s *IndexerService) DeleteAnnotation(ctx context.Context, uri string) error {
244
168
query := `DELETE FROM annotations WHERE uri = ?`
245
-
_, err := s.db.Conn().Exec(query, uri)
169
+
_, err := s.db.Conn().ExecContext(ctx, query, uri)
246
170
if err != nil {
247
171
return fmt.Errorf("failed to delete annotation: %w", err)
248
172
}
173
+
return nil
174
+
}
175
+
176
+
// IndexAnnotationDirect indexes an annotation directly from record data.
177
+
// Used by the firehose consumer - no PDS fetch needed since Tap already verified the record.
178
+
func (s *IndexerService) IndexAnnotationDirect(ctx context.Context, uri, cid, authorDID string, record *models.ATProtoAnnotation) error {
179
+
// Validate $type
180
+
if record.Type != "community.lexicon.annotation.annotation" {
181
+
return fmt.Errorf("%w: invalid record type: %s", models.ErrPermanentFailure, record.Type)
182
+
}
183
+
184
+
return s.indexRecord(ctx, uri, cid, authorDID, record)
185
+
}
186
+
187
+
// indexRecord is the shared helper that does the actual indexing work.
188
+
// Used by both IndexAnnotation (HTTP API) and IndexAnnotationDirect (Tap consumer).
189
+
func (s *IndexerService) indexRecord(ctx context.Context, uri, cid, authorDID string, record *models.ATProtoAnnotation) error {
190
+
// Validate record has targets
191
+
if len(record.Target) == 0 {
192
+
return fmt.Errorf("%w: annotation has no targets", models.ErrPermanentFailure)
193
+
}
194
+
195
+
target := record.Target[0]
196
+
normalizedURL, err := db.NormalizeURL(target.Source)
197
+
if err != nil {
198
+
return fmt.Errorf("%w: invalid target URL: %v", models.ErrPermanentFailure, err)
199
+
}
200
+
201
+
// Get author handle (best effort, don't fail if unavailable)
202
+
authorHandle, _ := s.atprotoClient.GetProfile(authorDID)
203
+
204
+
// Extract selectors
205
+
var exactText, prefix, suffix string
206
+
var positionStart, positionEnd *int
207
+
208
+
for _, selector := range target.Selector {
209
+
if selector.Type == "community.lexicon.annotation.annotation#textQuoteSelector" {
210
+
exactText = selector.Exact
211
+
prefix = selector.Prefix
212
+
suffix = selector.Suffix
213
+
} else if selector.Type == "community.lexicon.annotation.annotation#textPositionSelector" {
214
+
positionStart = selector.Start
215
+
positionEnd = selector.End
216
+
}
217
+
}
218
+
219
+
// Serialize selectors to JSON
220
+
selectorsJSON, err := json.Marshal(target.Selector)
221
+
if err != nil {
222
+
return fmt.Errorf("%w: failed to marshal selectors: %v", models.ErrPermanentFailure, err)
223
+
}
224
+
225
+
// Serialize tags to JSON
226
+
var tagsJSON []byte
227
+
if len(record.Tags) > 0 {
228
+
tagsJSON, err = json.Marshal(record.Tags)
229
+
if err != nil {
230
+
return fmt.Errorf("%w: failed to marshal tags: %v", models.ErrPermanentFailure, err)
231
+
}
232
+
}
233
+
234
+
// Parse createdAt timestamp
235
+
createdAt, err := time.Parse(time.RFC3339, record.CreatedAt)
236
+
if err != nil {
237
+
return fmt.Errorf("%w: invalid createdAt timestamp: %v", models.ErrPermanentFailure, err)
238
+
}
239
+
240
+
// Insert or replace annotation
241
+
query := `
242
+
INSERT OR REPLACE INTO annotations (
243
+
uri, cid, author_did, author_handle, target_url,
244
+
exact_text, prefix, suffix, position_start, position_end,
245
+
selectors_json, body, tags, created_at, indexed_at
246
+
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, CURRENT_TIMESTAMP)
247
+
`
248
+
249
+
_, err = s.db.Conn().ExecContext(ctx, query,
250
+
uri, cid, authorDID, authorHandle, normalizedURL,
251
+
exactText, prefix, suffix, positionStart, positionEnd,
252
+
string(selectorsJSON), record.Body, string(tagsJSON), createdAt,
253
+
)
254
+
255
+
if err != nil {
256
+
return fmt.Errorf("failed to insert annotation: %w", err)
257
+
}
258
+
249
259
return nil
250
260
}
251
261
+232
-2
server/internal/service/indexer_test.go
+232
-2
server/internal/service/indexer_test.go
···
1
1
package service
2
2
3
3
import (
4
+
"context"
4
5
"encoding/json"
5
6
"fmt"
6
7
"net/http"
···
260
261
}
261
262
262
263
// Delete annotation
263
-
err = indexer.DeleteAnnotation(uri)
264
+
err = indexer.DeleteAnnotation(context.Background(), uri)
264
265
if err != nil {
265
266
t.Errorf("DeleteAnnotation failed: %v", err)
266
267
}
···
272
273
}
273
274
274
275
// Delete non-existent annotation should not error
275
-
err = indexer.DeleteAnnotation("at://nonexistent")
276
+
err = indexer.DeleteAnnotation(context.Background(), "at://nonexistent")
276
277
if err != nil {
277
278
t.Errorf("DeleteAnnotation for non-existent should not error: %v", err)
278
279
}
···
571
572
})
572
573
}
573
574
}
575
+
576
+
func TestIndexAnnotationDirect_FullFlow(t *testing.T) {
577
+
database, err := db.New(":memory:")
578
+
if err != nil {
579
+
t.Fatalf("Failed to create test database: %v", err)
580
+
}
581
+
defer database.Close()
582
+
583
+
client := atproto.NewClient()
584
+
indexer := NewIndexerService(database, client)
585
+
586
+
// Create annotation record directly (simulating Tap event)
587
+
record := &models.ATProtoAnnotation{
588
+
Type: "community.lexicon.annotation.annotation",
589
+
Target: []models.Target{
590
+
{
591
+
Source: "https://example.com/article",
592
+
Selector: []models.Selector{
593
+
{
594
+
Type: "community.lexicon.annotation.annotation#textQuoteSelector",
595
+
Exact: "highlighted text",
596
+
Prefix: "before ",
597
+
Suffix: " after",
598
+
},
599
+
},
600
+
},
601
+
},
602
+
Body: "My annotation comment",
603
+
Tags: []string{"test", "example"},
604
+
CreatedAt: "2024-01-15T10:30:00Z",
605
+
}
606
+
607
+
uri := "at://did:plc:test123/community.lexicon.annotation.annotation/abc123"
608
+
cid := "bafyreiabc123"
609
+
authorDID := "did:plc:test123"
610
+
611
+
err = indexer.IndexAnnotationDirect(context.Background(), uri, cid, authorDID, record)
612
+
if err != nil {
613
+
t.Fatalf("IndexAnnotationDirect failed: %v", err)
614
+
}
615
+
616
+
// Verify annotation was stored
617
+
annotations, err := indexer.GetAnnotationsByURL("https://example.com/article", 10)
618
+
if err != nil {
619
+
t.Fatalf("GetAnnotationsByURL failed: %v", err)
620
+
}
621
+
622
+
if len(annotations) != 1 {
623
+
t.Fatalf("Expected 1 annotation, got %d", len(annotations))
624
+
}
625
+
626
+
ann := annotations[0]
627
+
if ann.URI != uri {
628
+
t.Errorf("Expected URI %q, got %q", uri, ann.URI)
629
+
}
630
+
if ann.CID != cid {
631
+
t.Errorf("Expected CID %q, got %q", cid, ann.CID)
632
+
}
633
+
if ann.Author == nil {
634
+
t.Fatal("Expected author to be set")
635
+
}
636
+
if ann.Author.DID != authorDID {
637
+
t.Errorf("Expected author DID %q, got %q", authorDID, ann.Author.DID)
638
+
}
639
+
if ann.Value.Body != "My annotation comment" {
640
+
t.Errorf("Expected body 'My annotation comment', got %q", ann.Value.Body)
641
+
}
642
+
if ann.Value.Target.URL != "https://example.com/article" {
643
+
t.Errorf("Expected target URL 'https://example.com/article', got %q", ann.Value.Target.URL)
644
+
}
645
+
}
646
+
647
+
func TestIndexAnnotationDirect_Update(t *testing.T) {
648
+
database, err := db.New(":memory:")
649
+
if err != nil {
650
+
t.Fatalf("Failed to create test database: %v", err)
651
+
}
652
+
defer database.Close()
653
+
654
+
client := atproto.NewClient()
655
+
indexer := NewIndexerService(database, client)
656
+
657
+
uri := "at://did:plc:test123/community.lexicon.annotation.annotation/abc123"
658
+
authorDID := "did:plc:test123"
659
+
660
+
// Insert first version
661
+
record1 := &models.ATProtoAnnotation{
662
+
Type: "community.lexicon.annotation.annotation",
663
+
Target: []models.Target{
664
+
{Source: "https://example.com/page"},
665
+
},
666
+
Body: "Original comment",
667
+
CreatedAt: "2024-01-15T10:30:00Z",
668
+
}
669
+
670
+
err = indexer.IndexAnnotationDirect(context.Background(), uri, "cid1", authorDID, record1)
671
+
if err != nil {
672
+
t.Fatalf("First IndexAnnotationDirect failed: %v", err)
673
+
}
674
+
675
+
// Update with new CID and body
676
+
record2 := &models.ATProtoAnnotation{
677
+
Type: "community.lexicon.annotation.annotation",
678
+
Target: []models.Target{
679
+
{Source: "https://example.com/page"},
680
+
},
681
+
Body: "Updated comment",
682
+
CreatedAt: "2024-01-15T10:30:00Z",
683
+
}
684
+
685
+
err = indexer.IndexAnnotationDirect(context.Background(), uri, "cid2", authorDID, record2)
686
+
if err != nil {
687
+
t.Fatalf("Second IndexAnnotationDirect failed: %v", err)
688
+
}
689
+
690
+
// Verify only one annotation exists (replaced)
691
+
annotations, err := indexer.GetAnnotationsByURL("https://example.com/page", 10)
692
+
if err != nil {
693
+
t.Fatalf("GetAnnotationsByURL failed: %v", err)
694
+
}
695
+
696
+
if len(annotations) != 1 {
697
+
t.Fatalf("Expected 1 annotation after update, got %d", len(annotations))
698
+
}
699
+
700
+
// Verify it has the updated values
701
+
if annotations[0].CID != "cid2" {
702
+
t.Errorf("Expected CID 'cid2', got %q", annotations[0].CID)
703
+
}
704
+
if annotations[0].Value.Body != "Updated comment" {
705
+
t.Errorf("Expected body 'Updated comment', got %q", annotations[0].Value.Body)
706
+
}
707
+
}
708
+
709
+
func TestIndexAnnotationDirect_NoTargets(t *testing.T) {
710
+
database, err := db.New(":memory:")
711
+
if err != nil {
712
+
t.Fatalf("Failed to create test database: %v", err)
713
+
}
714
+
defer database.Close()
715
+
716
+
client := atproto.NewClient()
717
+
indexer := NewIndexerService(database, client)
718
+
719
+
// Record with no targets
720
+
record := &models.ATProtoAnnotation{
721
+
Type: "community.lexicon.annotation.annotation",
722
+
Target: []models.Target{},
723
+
Body: "Comment without target",
724
+
CreatedAt: "2024-01-15T10:30:00Z",
725
+
}
726
+
727
+
err = indexer.IndexAnnotationDirect(context.Background(), "at://did:plc:test/col/key", "cid", "did:plc:test", record)
728
+
if err == nil {
729
+
t.Error("Expected error for annotation without targets")
730
+
}
731
+
}
732
+
733
+
func TestIndexAnnotationDirect_InvalidCreatedAt(t *testing.T) {
734
+
database, err := db.New(":memory:")
735
+
if err != nil {
736
+
t.Fatalf("Failed to create test database: %v", err)
737
+
}
738
+
defer database.Close()
739
+
740
+
client := atproto.NewClient()
741
+
indexer := NewIndexerService(database, client)
742
+
743
+
record := &models.ATProtoAnnotation{
744
+
Type: "community.lexicon.annotation.annotation",
745
+
Target: []models.Target{
746
+
{Source: "https://example.com/page"},
747
+
},
748
+
CreatedAt: "invalid-timestamp",
749
+
}
750
+
751
+
err = indexer.IndexAnnotationDirect(context.Background(), "at://did:plc:test/col/key", "cid", "did:plc:test", record)
752
+
if err == nil {
753
+
t.Error("Expected error for invalid timestamp")
754
+
}
755
+
}
756
+
757
+
func TestIndexAnnotationDirect_WithPositionSelector(t *testing.T) {
758
+
database, err := db.New(":memory:")
759
+
if err != nil {
760
+
t.Fatalf("Failed to create test database: %v", err)
761
+
}
762
+
defer database.Close()
763
+
764
+
client := atproto.NewClient()
765
+
indexer := NewIndexerService(database, client)
766
+
767
+
start := 100
768
+
end := 200
769
+
record := &models.ATProtoAnnotation{
770
+
Type: "community.lexicon.annotation.annotation",
771
+
Target: []models.Target{
772
+
{
773
+
Source: "https://example.com/page",
774
+
Selector: []models.Selector{
775
+
{
776
+
Type: "community.lexicon.annotation.annotation#textPositionSelector",
777
+
Start: &start,
778
+
End: &end,
779
+
},
780
+
},
781
+
},
782
+
},
783
+
CreatedAt: "2024-01-15T10:30:00Z",
784
+
}
785
+
786
+
err = indexer.IndexAnnotationDirect(context.Background(), "at://did:plc:test/col/key", "cid", "did:plc:test", record)
787
+
if err != nil {
788
+
t.Fatalf("IndexAnnotationDirect failed: %v", err)
789
+
}
790
+
791
+
// Verify position selector was stored
792
+
var posStart, posEnd int
793
+
err = database.Conn().QueryRow("SELECT position_start, position_end FROM annotations WHERE uri = ?", "at://did:plc:test/col/key").Scan(&posStart, &posEnd)
794
+
if err != nil {
795
+
t.Fatalf("Query failed: %v", err)
796
+
}
797
+
if posStart != 100 {
798
+
t.Errorf("Expected position_start 100, got %d", posStart)
799
+
}
800
+
if posEnd != 200 {
801
+
t.Errorf("Expected position_end 200, got %d", posEnd)
802
+
}
803
+
}
+305
server/internal/tap/client.go
+305
server/internal/tap/client.go
···
1
+
package tap
2
+
3
+
import (
4
+
"context"
5
+
"encoding/base64"
6
+
"encoding/json"
7
+
"errors"
8
+
"fmt"
9
+
"log"
10
+
"net/http"
11
+
"sync"
12
+
"time"
13
+
14
+
"github.com/aynish/seams.so/server/internal/models"
15
+
"github.com/gorilla/websocket"
16
+
)
17
+
18
+
// Config holds configuration for the Tap client
19
+
type Config struct {
20
+
URL string // WebSocket URL (e.g. ws://localhost:2480/channel)
21
+
Password string // Admin password for Basic auth
22
+
ReconnectMin time.Duration // Minimum reconnect delay (default 1s)
23
+
ReconnectMax time.Duration // Maximum reconnect delay (default 30s)
24
+
PingInterval time.Duration // Ping interval (default 30s)
25
+
ReadTimeout time.Duration // Read timeout (default 60s)
26
+
}
27
+
28
+
// DefaultConfig returns a Config with sensible defaults
29
+
func DefaultConfig(url, password string) Config {
30
+
return Config{
31
+
URL: url,
32
+
Password: password,
33
+
ReconnectMin: 1 * time.Second,
34
+
ReconnectMax: 30 * time.Second,
35
+
PingInterval: 30 * time.Second,
36
+
ReadTimeout: 60 * time.Second,
37
+
}
38
+
}
39
+
40
+
// EventHandler processes events from Tap
41
+
type EventHandler interface {
42
+
HandleEvent(ctx context.Context, event TapEvent) error
43
+
}
44
+
45
+
// Client connects to a Tap server and processes events
46
+
type Client struct {
47
+
config Config
48
+
handler EventHandler
49
+
conn *websocket.Conn
50
+
mu sync.Mutex // protects conn field
51
+
writeMu sync.Mutex // protects WebSocket writes
52
+
53
+
// Stats
54
+
eventsProcessed int64
55
+
lastEventTime time.Time
56
+
statsMu sync.RWMutex
57
+
}
58
+
59
+
// NewClient creates a new Tap client
60
+
func NewClient(config Config, handler EventHandler) *Client {
61
+
if config.ReconnectMin == 0 {
62
+
config.ReconnectMin = 1 * time.Second
63
+
}
64
+
if config.ReconnectMax == 0 {
65
+
config.ReconnectMax = 30 * time.Second
66
+
}
67
+
if config.PingInterval == 0 {
68
+
config.PingInterval = 30 * time.Second
69
+
}
70
+
if config.ReadTimeout == 0 {
71
+
config.ReadTimeout = 60 * time.Second
72
+
}
73
+
74
+
return &Client{
75
+
config: config,
76
+
handler: handler,
77
+
}
78
+
}
79
+
80
+
// Run starts the client and blocks until context is cancelled
81
+
// It automatically reconnects on connection failures
82
+
func (c *Client) Run(ctx context.Context) error {
83
+
reconnectDelay := c.config.ReconnectMin
84
+
85
+
for {
86
+
select {
87
+
case <-ctx.Done():
88
+
c.close()
89
+
return ctx.Err()
90
+
default:
91
+
}
92
+
93
+
err := c.connect(ctx)
94
+
if err != nil {
95
+
log.Printf("[tap] Connection failed: %v", err)
96
+
} else {
97
+
// Reset delay on successful connection
98
+
reconnectDelay = c.config.ReconnectMin
99
+
100
+
err = c.readLoop(ctx)
101
+
if err != nil {
102
+
log.Printf("[tap] Read loop error: %v", err)
103
+
}
104
+
}
105
+
106
+
c.close()
107
+
108
+
// Check if we should stop
109
+
select {
110
+
case <-ctx.Done():
111
+
return ctx.Err()
112
+
default:
113
+
}
114
+
115
+
// Wait before reconnecting with exponential backoff
116
+
log.Printf("[tap] Reconnecting in %v...", reconnectDelay)
117
+
select {
118
+
case <-ctx.Done():
119
+
return ctx.Err()
120
+
case <-time.After(reconnectDelay):
121
+
}
122
+
123
+
// Exponential backoff
124
+
reconnectDelay *= 2
125
+
if reconnectDelay > c.config.ReconnectMax {
126
+
reconnectDelay = c.config.ReconnectMax
127
+
}
128
+
}
129
+
}
130
+
131
+
// connect establishes a WebSocket connection to Tap
132
+
func (c *Client) connect(ctx context.Context) error {
133
+
// Build WebSocket URL
134
+
wsURL := c.config.URL
135
+
if wsURL[len(wsURL)-1] != '/' {
136
+
wsURL += "/"
137
+
}
138
+
wsURL += "channel"
139
+
140
+
// Setup headers with Basic auth if password provided
141
+
headers := http.Header{}
142
+
if c.config.Password != "" {
143
+
auth := base64.StdEncoding.EncodeToString([]byte("admin:" + c.config.Password))
144
+
headers.Set("Authorization", "Basic "+auth)
145
+
}
146
+
147
+
dialer := websocket.Dialer{
148
+
HandshakeTimeout: 10 * time.Second,
149
+
}
150
+
151
+
log.Printf("[tap] Connecting to %s", wsURL)
152
+
153
+
conn, resp, err := dialer.DialContext(ctx, wsURL, headers)
154
+
if err != nil {
155
+
if resp != nil {
156
+
if resp.Body != nil {
157
+
resp.Body.Close()
158
+
}
159
+
return fmt.Errorf("dial failed with status %d: %w", resp.StatusCode, err)
160
+
}
161
+
return fmt.Errorf("dial failed: %w", err)
162
+
}
163
+
164
+
c.mu.Lock()
165
+
c.conn = conn
166
+
c.mu.Unlock()
167
+
168
+
log.Printf("[tap] Connected successfully")
169
+
return nil
170
+
}
171
+
172
+
// close closes the WebSocket connection
173
+
func (c *Client) close() {
174
+
c.mu.Lock()
175
+
defer c.mu.Unlock()
176
+
177
+
if c.conn != nil {
178
+
c.conn.Close()
179
+
c.conn = nil
180
+
}
181
+
}
182
+
183
+
// readLoop reads and processes events from the WebSocket
184
+
func (c *Client) readLoop(ctx context.Context) error {
185
+
// Start ping goroutine to keep connection alive
186
+
pingCtx, pingCancel := context.WithCancel(ctx)
187
+
defer pingCancel()
188
+
go c.pingLoop(pingCtx)
189
+
190
+
for {
191
+
select {
192
+
case <-ctx.Done():
193
+
return ctx.Err()
194
+
default:
195
+
}
196
+
197
+
c.mu.Lock()
198
+
conn := c.conn
199
+
c.mu.Unlock()
200
+
201
+
if conn == nil {
202
+
return fmt.Errorf("connection closed")
203
+
}
204
+
205
+
// Set read deadline
206
+
conn.SetReadDeadline(time.Now().Add(c.config.ReadTimeout))
207
+
208
+
_, message, err := conn.ReadMessage()
209
+
if err != nil {
210
+
return fmt.Errorf("read error: %w", err)
211
+
}
212
+
213
+
var event TapEvent
214
+
if err := json.Unmarshal(message, &event); err != nil {
215
+
log.Printf("[tap] Failed to parse event: %v", err)
216
+
continue
217
+
}
218
+
219
+
// Process event
220
+
if err := c.handler.HandleEvent(ctx, event); err != nil {
221
+
if errors.Is(err, models.ErrPermanentFailure) {
222
+
// Permanent failure - log and ack to avoid infinite loop
223
+
log.Printf("[tap] Permanent failure for event %d, skipping: %v", event.ID, err)
224
+
// Fall through to ack
225
+
} else {
226
+
// Retryable failure - don't ack, return error to trigger reconnect
227
+
log.Printf("[tap] Retryable error for event %d, will retry: %v", event.ID, err)
228
+
return fmt.Errorf("handler failed for event %d: %w", event.ID, err)
229
+
}
230
+
}
231
+
232
+
// Send ack
233
+
if err := c.ack(event.ID); err != nil {
234
+
log.Printf("[tap] Failed to ack event %d: %v", event.ID, err)
235
+
// Ack failure is serious - return to trigger reconnect
236
+
return fmt.Errorf("ack failed: %w", err)
237
+
}
238
+
239
+
// Update stats
240
+
c.statsMu.Lock()
241
+
c.eventsProcessed++
242
+
c.lastEventTime = time.Now()
243
+
c.statsMu.Unlock()
244
+
}
245
+
}
246
+
247
+
// pingLoop sends periodic pings to keep the connection alive
248
+
func (c *Client) pingLoop(ctx context.Context) {
249
+
ticker := time.NewTicker(c.config.PingInterval)
250
+
defer ticker.Stop()
251
+
252
+
for {
253
+
select {
254
+
case <-ctx.Done():
255
+
return
256
+
case <-ticker.C:
257
+
c.writeMu.Lock()
258
+
c.mu.Lock()
259
+
conn := c.conn
260
+
c.mu.Unlock()
261
+
262
+
if conn != nil {
263
+
if err := conn.WriteControl(websocket.PingMessage, nil, time.Now().Add(5*time.Second)); err != nil {
264
+
log.Printf("[tap] Ping failed: %v", err)
265
+
}
266
+
}
267
+
c.writeMu.Unlock()
268
+
}
269
+
}
270
+
}
271
+
272
+
// ack sends an acknowledgment for a processed event
273
+
func (c *Client) ack(eventID int64) error {
274
+
c.writeMu.Lock()
275
+
defer c.writeMu.Unlock()
276
+
277
+
c.mu.Lock()
278
+
conn := c.conn
279
+
c.mu.Unlock()
280
+
281
+
if conn == nil {
282
+
return fmt.Errorf("connection closed")
283
+
}
284
+
285
+
ack := AckMessage{
286
+
Type: "ack",
287
+
ID: eventID,
288
+
}
289
+
290
+
return conn.WriteJSON(ack)
291
+
}
292
+
293
+
// Stats returns current client statistics
294
+
func (c *Client) Stats() (eventsProcessed int64, lastEventTime time.Time) {
295
+
c.statsMu.RLock()
296
+
defer c.statsMu.RUnlock()
297
+
return c.eventsProcessed, c.lastEventTime
298
+
}
299
+
300
+
// IsConnected returns true if the client has an active connection
301
+
func (c *Client) IsConnected() bool {
302
+
c.mu.Lock()
303
+
defer c.mu.Unlock()
304
+
return c.conn != nil
305
+
}
+649
server/internal/tap/client_test.go
+649
server/internal/tap/client_test.go
···
1
+
package tap
2
+
3
+
import (
4
+
"context"
5
+
"encoding/json"
6
+
"errors"
7
+
"fmt"
8
+
"net/http"
9
+
"net/http/httptest"
10
+
"strings"
11
+
"sync"
12
+
"testing"
13
+
"time"
14
+
15
+
"github.com/gorilla/websocket"
16
+
)
17
+
18
+
var upgrader = websocket.Upgrader{
19
+
CheckOrigin: func(r *http.Request) bool { return true },
20
+
}
21
+
22
+
// testHandler implements EventHandler for testing
23
+
type testHandler struct {
24
+
mu sync.Mutex
25
+
events []TapEvent
26
+
errors []error
27
+
handleFn func(ctx context.Context, event TapEvent) error
28
+
}
29
+
30
+
func (h *testHandler) HandleEvent(ctx context.Context, event TapEvent) error {
31
+
h.mu.Lock()
32
+
defer h.mu.Unlock()
33
+
h.events = append(h.events, event)
34
+
if h.handleFn != nil {
35
+
return h.handleFn(ctx, event)
36
+
}
37
+
return nil
38
+
}
39
+
40
+
func (h *testHandler) getEvents() []TapEvent {
41
+
h.mu.Lock()
42
+
defer h.mu.Unlock()
43
+
return append([]TapEvent{}, h.events...)
44
+
}
45
+
46
+
func TestClient_Connect(t *testing.T) {
47
+
// Create a mock WebSocket server
48
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
49
+
// Verify the path includes /channel
50
+
if !strings.HasSuffix(r.URL.Path, "/channel") {
51
+
t.Errorf("Expected path to end with /channel, got %s", r.URL.Path)
52
+
}
53
+
54
+
conn, err := upgrader.Upgrade(w, r, nil)
55
+
if err != nil {
56
+
t.Errorf("Upgrade failed: %v", err)
57
+
return
58
+
}
59
+
defer conn.Close()
60
+
61
+
// Keep connection open briefly
62
+
time.Sleep(100 * time.Millisecond)
63
+
}))
64
+
defer server.Close()
65
+
66
+
// Convert http:// to ws://
67
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
68
+
69
+
handler := &testHandler{}
70
+
config := Config{
71
+
URL: wsURL,
72
+
ReconnectMin: 10 * time.Millisecond,
73
+
ReconnectMax: 50 * time.Millisecond,
74
+
PingInterval: 1 * time.Second,
75
+
ReadTimeout: 1 * time.Second,
76
+
}
77
+
client := NewClient(config, handler)
78
+
79
+
// Test connection
80
+
ctx, cancel := context.WithTimeout(context.Background(), 200*time.Millisecond)
81
+
defer cancel()
82
+
83
+
err := client.connect(ctx)
84
+
if err != nil {
85
+
t.Fatalf("connect failed: %v", err)
86
+
}
87
+
88
+
if !client.IsConnected() {
89
+
t.Error("Expected client to be connected")
90
+
}
91
+
92
+
client.close()
93
+
94
+
if client.IsConnected() {
95
+
t.Error("Expected client to be disconnected after close")
96
+
}
97
+
}
98
+
99
+
func TestClient_ReceiveEvents(t *testing.T) {
100
+
eventsSent := make(chan struct{})
101
+
acksReceived := make(chan int64, 10)
102
+
103
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
104
+
conn, err := upgrader.Upgrade(w, r, nil)
105
+
if err != nil {
106
+
return
107
+
}
108
+
defer conn.Close()
109
+
110
+
// Send a test event
111
+
event := TapEvent{
112
+
ID: 123,
113
+
Type: "record",
114
+
Record: &RecordEvent{
115
+
Live: true,
116
+
DID: "did:plc:test",
117
+
Collection: SeamsAnnotationCollection,
118
+
RKey: "abc",
119
+
Action: "create",
120
+
CID: "bafytest",
121
+
Record: map[string]interface{}{
122
+
"$type": "community.lexicon.annotation.annotation",
123
+
"target": []interface{}{
124
+
map[string]interface{}{
125
+
"source": "https://example.com",
126
+
},
127
+
},
128
+
"createdAt": "2024-01-20T10:00:00Z",
129
+
},
130
+
},
131
+
}
132
+
133
+
if err := conn.WriteJSON(event); err != nil {
134
+
t.Errorf("WriteJSON failed: %v", err)
135
+
return
136
+
}
137
+
close(eventsSent)
138
+
139
+
// Wait for ack
140
+
conn.SetReadDeadline(time.Now().Add(5 * time.Second))
141
+
_, msg, err := conn.ReadMessage()
142
+
if err != nil {
143
+
t.Errorf("Read ack failed: %v", err)
144
+
return
145
+
}
146
+
147
+
var ack AckMessage
148
+
if err := json.Unmarshal(msg, &ack); err != nil {
149
+
t.Errorf("Unmarshal ack failed: %v", err)
150
+
return
151
+
}
152
+
acksReceived <- ack.ID
153
+
}))
154
+
defer server.Close()
155
+
156
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
157
+
158
+
handler := &testHandler{}
159
+
config := Config{
160
+
URL: wsURL,
161
+
ReconnectMin: 10 * time.Millisecond,
162
+
ReconnectMax: 50 * time.Millisecond,
163
+
PingInterval: 5 * time.Second,
164
+
ReadTimeout: 5 * time.Second,
165
+
}
166
+
client := NewClient(config, handler)
167
+
168
+
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
169
+
defer cancel()
170
+
171
+
// Run client in background
172
+
done := make(chan error, 1)
173
+
go func() {
174
+
done <- client.Run(ctx)
175
+
}()
176
+
177
+
// Wait for event to be sent
178
+
select {
179
+
case <-eventsSent:
180
+
case <-time.After(1 * time.Second):
181
+
t.Fatal("Timeout waiting for event to be sent")
182
+
}
183
+
184
+
// Wait for ack
185
+
select {
186
+
case ackID := <-acksReceived:
187
+
if ackID != 123 {
188
+
t.Errorf("Expected ack ID 123, got %d", ackID)
189
+
}
190
+
case <-time.After(1 * time.Second):
191
+
t.Fatal("Timeout waiting for ack")
192
+
}
193
+
194
+
// Verify event was handled
195
+
events := handler.getEvents()
196
+
if len(events) != 1 {
197
+
t.Fatalf("Expected 1 event, got %d", len(events))
198
+
}
199
+
if events[0].ID != 123 {
200
+
t.Errorf("Expected event ID 123, got %d", events[0].ID)
201
+
}
202
+
203
+
// Cancel and wait for shutdown
204
+
cancel()
205
+
select {
206
+
case <-done:
207
+
case <-time.After(1 * time.Second):
208
+
t.Fatal("Timeout waiting for client to stop")
209
+
}
210
+
}
211
+
212
+
func TestClient_BasicAuth(t *testing.T) {
213
+
authHeader := make(chan string, 1)
214
+
215
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
216
+
authHeader <- r.Header.Get("Authorization")
217
+
218
+
conn, err := upgrader.Upgrade(w, r, nil)
219
+
if err != nil {
220
+
return
221
+
}
222
+
defer conn.Close()
223
+
time.Sleep(100 * time.Millisecond)
224
+
}))
225
+
defer server.Close()
226
+
227
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
228
+
229
+
handler := &testHandler{}
230
+
config := Config{
231
+
URL: wsURL,
232
+
Password: "secretpassword",
233
+
ReconnectMin: 10 * time.Millisecond,
234
+
ReconnectMax: 50 * time.Millisecond,
235
+
PingInterval: 1 * time.Second,
236
+
ReadTimeout: 1 * time.Second,
237
+
}
238
+
client := NewClient(config, handler)
239
+
240
+
ctx, cancel := context.WithTimeout(context.Background(), 500*time.Millisecond)
241
+
defer cancel()
242
+
243
+
err := client.connect(ctx)
244
+
if err != nil {
245
+
t.Fatalf("connect failed: %v", err)
246
+
}
247
+
client.close()
248
+
249
+
select {
250
+
case auth := <-authHeader:
251
+
// Should be "Basic " + base64("admin:secretpassword")
252
+
if !strings.HasPrefix(auth, "Basic ") {
253
+
t.Errorf("Expected Basic auth, got: %s", auth)
254
+
}
255
+
case <-time.After(1 * time.Second):
256
+
t.Fatal("Timeout waiting for auth header")
257
+
}
258
+
}
259
+
260
+
func TestClient_Reconnect(t *testing.T) {
261
+
connectionCount := 0
262
+
var mu sync.Mutex
263
+
264
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
265
+
mu.Lock()
266
+
connectionCount++
267
+
count := connectionCount
268
+
mu.Unlock()
269
+
270
+
conn, err := upgrader.Upgrade(w, r, nil)
271
+
if err != nil {
272
+
return
273
+
}
274
+
defer conn.Close()
275
+
276
+
// First connection closes immediately
277
+
if count == 1 {
278
+
return
279
+
}
280
+
281
+
// Second connection stays open
282
+
time.Sleep(500 * time.Millisecond)
283
+
}))
284
+
defer server.Close()
285
+
286
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
287
+
288
+
handler := &testHandler{}
289
+
config := Config{
290
+
URL: wsURL,
291
+
ReconnectMin: 10 * time.Millisecond,
292
+
ReconnectMax: 50 * time.Millisecond,
293
+
PingInterval: 1 * time.Second,
294
+
ReadTimeout: 200 * time.Millisecond,
295
+
}
296
+
client := NewClient(config, handler)
297
+
298
+
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
299
+
defer cancel()
300
+
301
+
done := make(chan error, 1)
302
+
go func() {
303
+
done <- client.Run(ctx)
304
+
}()
305
+
306
+
// Wait a bit for reconnection to happen
307
+
time.Sleep(300 * time.Millisecond)
308
+
309
+
mu.Lock()
310
+
count := connectionCount
311
+
mu.Unlock()
312
+
313
+
if count < 2 {
314
+
t.Errorf("Expected at least 2 connections (reconnect), got %d", count)
315
+
}
316
+
317
+
cancel()
318
+
<-done
319
+
}
320
+
321
+
func TestClient_Stats(t *testing.T) {
322
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
323
+
conn, err := upgrader.Upgrade(w, r, nil)
324
+
if err != nil {
325
+
return
326
+
}
327
+
defer conn.Close()
328
+
329
+
// Send events
330
+
for i := 1; i <= 3; i++ {
331
+
event := TapEvent{
332
+
ID: int64(i),
333
+
Type: "identity", // Use identity to avoid needing full record
334
+
Identity: &IdentityEvent{
335
+
DID: "did:plc:test",
336
+
Handle: "test.bsky.social",
337
+
},
338
+
}
339
+
if err := conn.WriteJSON(event); err != nil {
340
+
return
341
+
}
342
+
343
+
// Wait for ack
344
+
conn.SetReadDeadline(time.Now().Add(1 * time.Second))
345
+
_, _, err := conn.ReadMessage()
346
+
if err != nil {
347
+
return
348
+
}
349
+
}
350
+
351
+
time.Sleep(100 * time.Millisecond)
352
+
}))
353
+
defer server.Close()
354
+
355
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
356
+
357
+
handler := &testHandler{}
358
+
config := Config{
359
+
URL: wsURL,
360
+
ReconnectMin: 10 * time.Millisecond,
361
+
ReconnectMax: 50 * time.Millisecond,
362
+
PingInterval: 5 * time.Second,
363
+
ReadTimeout: 2 * time.Second,
364
+
}
365
+
client := NewClient(config, handler)
366
+
367
+
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
368
+
defer cancel()
369
+
370
+
done := make(chan error, 1)
371
+
go func() {
372
+
done <- client.Run(ctx)
373
+
}()
374
+
375
+
// Wait for events to be processed
376
+
time.Sleep(500 * time.Millisecond)
377
+
378
+
processed, lastTime := client.Stats()
379
+
if processed < 3 {
380
+
t.Errorf("Expected at least 3 events processed, got %d", processed)
381
+
}
382
+
if lastTime.IsZero() {
383
+
t.Error("Expected lastEventTime to be set")
384
+
}
385
+
386
+
cancel()
387
+
<-done
388
+
}
389
+
390
+
func TestDefaultConfig(t *testing.T) {
391
+
config := DefaultConfig("ws://localhost:2480", "secret")
392
+
393
+
if config.URL != "ws://localhost:2480" {
394
+
t.Errorf("Expected URL ws://localhost:2480, got %s", config.URL)
395
+
}
396
+
if config.Password != "secret" {
397
+
t.Errorf("Expected Password secret, got %s", config.Password)
398
+
}
399
+
if config.ReconnectMin != 1*time.Second {
400
+
t.Errorf("Expected ReconnectMin 1s, got %v", config.ReconnectMin)
401
+
}
402
+
if config.ReconnectMax != 30*time.Second {
403
+
t.Errorf("Expected ReconnectMax 30s, got %v", config.ReconnectMax)
404
+
}
405
+
if config.PingInterval != 30*time.Second {
406
+
t.Errorf("Expected PingInterval 30s, got %v", config.PingInterval)
407
+
}
408
+
if config.ReadTimeout != 60*time.Second {
409
+
t.Errorf("Expected ReadTimeout 60s, got %v", config.ReadTimeout)
410
+
}
411
+
}
412
+
413
+
func TestClient_ConcurrentWrites(t *testing.T) {
414
+
// Test that concurrent ping and ack operations don't cause a race condition
415
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
416
+
conn, err := upgrader.Upgrade(w, r, nil)
417
+
if err != nil {
418
+
return
419
+
}
420
+
defer conn.Close()
421
+
422
+
// Send multiple events rapidly
423
+
for i := 1; i <= 10; i++ {
424
+
event := TapEvent{
425
+
ID: int64(i),
426
+
Type: "identity",
427
+
Identity: &IdentityEvent{
428
+
DID: "did:plc:test",
429
+
Handle: "test.bsky.social",
430
+
},
431
+
}
432
+
if err := conn.WriteJSON(event); err != nil {
433
+
return
434
+
}
435
+
}
436
+
437
+
// Read all acks
438
+
for i := 0; i < 10; i++ {
439
+
conn.SetReadDeadline(time.Now().Add(5 * time.Second))
440
+
_, _, err := conn.ReadMessage()
441
+
if err != nil {
442
+
return
443
+
}
444
+
}
445
+
446
+
time.Sleep(500 * time.Millisecond)
447
+
}))
448
+
defer server.Close()
449
+
450
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
451
+
452
+
handler := &testHandler{}
453
+
config := Config{
454
+
URL: wsURL,
455
+
ReconnectMin: 10 * time.Millisecond,
456
+
ReconnectMax: 50 * time.Millisecond,
457
+
PingInterval: 50 * time.Millisecond, // Very short to trigger concurrent writes
458
+
ReadTimeout: 5 * time.Second,
459
+
}
460
+
client := NewClient(config, handler)
461
+
462
+
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
463
+
defer cancel()
464
+
465
+
done := make(chan error, 1)
466
+
go func() {
467
+
done <- client.Run(ctx)
468
+
}()
469
+
470
+
// Wait for events to be processed
471
+
time.Sleep(1 * time.Second)
472
+
473
+
events := handler.getEvents()
474
+
if len(events) < 10 {
475
+
t.Errorf("Expected at least 10 events processed, got %d", len(events))
476
+
}
477
+
478
+
cancel()
479
+
<-done
480
+
}
481
+
482
+
func TestClient_NoAckOnRetryableError(t *testing.T) {
483
+
acksReceived := make(chan int64, 10)
484
+
eventsSent := make(chan struct{})
485
+
486
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
487
+
conn, err := upgrader.Upgrade(w, r, nil)
488
+
if err != nil {
489
+
return
490
+
}
491
+
defer conn.Close()
492
+
493
+
// Send an event
494
+
event := TapEvent{
495
+
ID: 123,
496
+
Type: "identity",
497
+
Identity: &IdentityEvent{
498
+
DID: "did:plc:test",
499
+
Handle: "test.bsky.social",
500
+
},
501
+
}
502
+
503
+
if err := conn.WriteJSON(event); err != nil {
504
+
return
505
+
}
506
+
close(eventsSent)
507
+
508
+
// Try to read ack with short timeout
509
+
conn.SetReadDeadline(time.Now().Add(500 * time.Millisecond))
510
+
_, msg, err := conn.ReadMessage()
511
+
if err == nil {
512
+
var ack AckMessage
513
+
if json.Unmarshal(msg, &ack) == nil {
514
+
acksReceived <- ack.ID
515
+
}
516
+
}
517
+
518
+
time.Sleep(100 * time.Millisecond)
519
+
}))
520
+
defer server.Close()
521
+
522
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
523
+
524
+
// Handler that returns a retryable error
525
+
handler := &testHandler{
526
+
handleFn: func(ctx context.Context, event TapEvent) error {
527
+
return errors.New("retryable database error")
528
+
},
529
+
}
530
+
531
+
config := Config{
532
+
URL: wsURL,
533
+
ReconnectMin: 10 * time.Millisecond,
534
+
ReconnectMax: 50 * time.Millisecond,
535
+
PingInterval: 5 * time.Second,
536
+
ReadTimeout: 2 * time.Second,
537
+
}
538
+
client := NewClient(config, handler)
539
+
540
+
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Second)
541
+
defer cancel()
542
+
543
+
go client.Run(ctx)
544
+
545
+
// Wait for event to be sent
546
+
select {
547
+
case <-eventsSent:
548
+
case <-time.After(500 * time.Millisecond):
549
+
t.Fatal("Timeout waiting for event")
550
+
}
551
+
552
+
// Should not receive ack for retryable error
553
+
select {
554
+
case ackID := <-acksReceived:
555
+
t.Errorf("Should not have received ack for retryable error, got ack for %d", ackID)
556
+
case <-time.After(300 * time.Millisecond):
557
+
// Expected - no ack should be sent
558
+
}
559
+
560
+
cancel()
561
+
}
562
+
563
+
func TestClient_AckOnPermanentError(t *testing.T) {
564
+
acksReceived := make(chan int64, 10)
565
+
eventsSent := make(chan struct{})
566
+
567
+
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
568
+
conn, err := upgrader.Upgrade(w, r, nil)
569
+
if err != nil {
570
+
return
571
+
}
572
+
defer conn.Close()
573
+
574
+
// Send an event
575
+
event := TapEvent{
576
+
ID: 456,
577
+
Type: "identity",
578
+
Identity: &IdentityEvent{
579
+
DID: "did:plc:test",
580
+
Handle: "test.bsky.social",
581
+
},
582
+
}
583
+
584
+
if err := conn.WriteJSON(event); err != nil {
585
+
return
586
+
}
587
+
close(eventsSent)
588
+
589
+
// Wait for ack
590
+
conn.SetReadDeadline(time.Now().Add(2 * time.Second))
591
+
_, msg, err := conn.ReadMessage()
592
+
if err != nil {
593
+
t.Logf("Read error: %v", err)
594
+
return
595
+
}
596
+
597
+
var ack AckMessage
598
+
if err := json.Unmarshal(msg, &ack); err != nil {
599
+
t.Logf("Unmarshal error: %v", err)
600
+
return
601
+
}
602
+
acksReceived <- ack.ID
603
+
604
+
time.Sleep(200 * time.Millisecond)
605
+
}))
606
+
defer server.Close()
607
+
608
+
wsURL := "ws" + strings.TrimPrefix(server.URL, "http")
609
+
610
+
// Handler that returns a permanent error (wrapping ErrPermanentFailure)
611
+
handler := &testHandler{
612
+
handleFn: func(ctx context.Context, event TapEvent) error {
613
+
return fmt.Errorf("%w: invalid data", ErrPermanentFailure)
614
+
},
615
+
}
616
+
617
+
config := Config{
618
+
URL: wsURL,
619
+
ReconnectMin: 10 * time.Millisecond,
620
+
ReconnectMax: 50 * time.Millisecond,
621
+
PingInterval: 5 * time.Second,
622
+
ReadTimeout: 5 * time.Second,
623
+
}
624
+
client := NewClient(config, handler)
625
+
626
+
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
627
+
defer cancel()
628
+
629
+
go client.Run(ctx)
630
+
631
+
// Wait for event to be sent
632
+
select {
633
+
case <-eventsSent:
634
+
case <-time.After(500 * time.Millisecond):
635
+
t.Fatal("Timeout waiting for event")
636
+
}
637
+
638
+
// Should receive ack for permanent error (to avoid infinite loop)
639
+
select {
640
+
case ackID := <-acksReceived:
641
+
if ackID != 456 {
642
+
t.Errorf("Expected ack ID 456, got %d", ackID)
643
+
}
644
+
case <-time.After(1 * time.Second):
645
+
t.Fatal("Expected ack for permanent error, but didn't receive one")
646
+
}
647
+
648
+
cancel()
649
+
}
+213
server/internal/tap/consumer.go
+213
server/internal/tap/consumer.go
···
1
+
package tap
2
+
3
+
import (
4
+
"context"
5
+
"encoding/json"
6
+
"errors"
7
+
"fmt"
8
+
"log"
9
+
"strings"
10
+
"time"
11
+
12
+
"github.com/aynish/seams.so/server/internal/models"
13
+
)
14
+
15
+
// ErrPermanentFailure is re-exported from models for convenience
16
+
var ErrPermanentFailure = models.ErrPermanentFailure
17
+
18
+
// Validation limits for firehose data
19
+
const (
20
+
MaxBodyLength = 10000
21
+
MaxURLLength = 2000
22
+
MaxExactLength = 5000
23
+
MaxPrefixLength = 500
24
+
MaxSuffixLength = 500
25
+
MaxTagCount = 100
26
+
MaxTagLength = 64
27
+
MaxSelectorCount = 50
28
+
)
29
+
30
+
// Indexer interface for the service that indexes annotations
31
+
type Indexer interface {
32
+
IndexAnnotationDirect(ctx context.Context, uri, cid, authorDID string, record *models.ATProtoAnnotation) error
33
+
DeleteAnnotation(ctx context.Context, uri string) error
34
+
}
35
+
36
+
// Consumer processes Tap events and indexes annotations
37
+
type Consumer struct {
38
+
indexer Indexer
39
+
}
40
+
41
+
// NewConsumer creates a new annotation consumer
42
+
func NewConsumer(indexer Indexer) *Consumer {
43
+
return &Consumer{
44
+
indexer: indexer,
45
+
}
46
+
}
47
+
48
+
// HandleEvent processes a single Tap event
49
+
func (c *Consumer) HandleEvent(ctx context.Context, event TapEvent) error {
50
+
switch event.Type {
51
+
case "record":
52
+
if event.Record == nil {
53
+
return nil
54
+
}
55
+
return c.handleRecordEvent(ctx, event.Record)
56
+
case "identity":
57
+
// Ignore identity events for now
58
+
return nil
59
+
default:
60
+
log.Printf("[tap] Unknown event type: %s", event.Type)
61
+
return nil
62
+
}
63
+
}
64
+
65
+
// handleRecordEvent processes a record event
66
+
func (c *Consumer) handleRecordEvent(ctx context.Context, rec *RecordEvent) error {
67
+
// Only process our annotation collection
68
+
if rec.Collection != SeamsAnnotationCollection {
69
+
return nil
70
+
}
71
+
72
+
// Build AT URI
73
+
uri := fmt.Sprintf("at://%s/%s/%s", rec.DID, rec.Collection, rec.RKey)
74
+
75
+
switch rec.Action {
76
+
case "create", "update":
77
+
return c.handleUpsert(ctx, uri, rec)
78
+
case "delete":
79
+
return c.handleDelete(ctx, uri)
80
+
default:
81
+
log.Printf("[tap] Unknown action: %s", rec.Action)
82
+
return nil
83
+
}
84
+
}
85
+
86
+
// handleUpsert handles create and update actions
87
+
func (c *Consumer) handleUpsert(ctx context.Context, uri string, rec *RecordEvent) error {
88
+
// Parse the record into our model
89
+
annotation, err := parseAnnotationRecord(rec.Record)
90
+
if err != nil {
91
+
return fmt.Errorf("%w: failed to parse annotation record: %v", ErrPermanentFailure, err)
92
+
}
93
+
94
+
// Validate the annotation data
95
+
if err := validateAnnotation(annotation); err != nil {
96
+
return fmt.Errorf("%w: validation failed: %v", ErrPermanentFailure, err)
97
+
}
98
+
99
+
// Index the annotation
100
+
if err := c.indexer.IndexAnnotationDirect(ctx, uri, rec.CID, rec.DID, annotation); err != nil {
101
+
// Check if the indexer returned a permanent failure
102
+
if errors.Is(err, ErrPermanentFailure) {
103
+
return err
104
+
}
105
+
// Other errors are retryable (e.g., DB connection issues)
106
+
return fmt.Errorf("failed to index annotation: %w", err)
107
+
}
108
+
109
+
// Only log live events to reduce noise during backfill
110
+
if rec.Live {
111
+
log.Printf("[tap] Indexed annotation: %s", uri)
112
+
}
113
+
return nil
114
+
}
115
+
116
+
// handleDelete handles delete actions
117
+
func (c *Consumer) handleDelete(ctx context.Context, uri string) error {
118
+
if err := c.indexer.DeleteAnnotation(ctx, uri); err != nil {
119
+
return fmt.Errorf("failed to delete annotation: %w", err)
120
+
}
121
+
122
+
log.Printf("[tap] Deleted annotation: %s", uri)
123
+
return nil
124
+
}
125
+
126
+
// parseAnnotationRecord converts a generic record map to ATProtoAnnotation
127
+
func parseAnnotationRecord(record map[string]interface{}) (*models.ATProtoAnnotation, error) {
128
+
// Re-marshal and unmarshal to convert to our type
129
+
// This handles the type coercion cleanly
130
+
data, err := json.Marshal(record)
131
+
if err != nil {
132
+
return nil, fmt.Errorf("failed to marshal record: %w", err)
133
+
}
134
+
135
+
var annotation models.ATProtoAnnotation
136
+
if err := json.Unmarshal(data, &annotation); err != nil {
137
+
return nil, fmt.Errorf("failed to unmarshal annotation: %w", err)
138
+
}
139
+
140
+
return &annotation, nil
141
+
}
142
+
143
+
// validateAnnotation validates annotation data from the firehose
144
+
func validateAnnotation(record *models.ATProtoAnnotation) error {
145
+
// Check body length
146
+
if len(record.Body) > MaxBodyLength {
147
+
return fmt.Errorf("body too long: %d > %d", len(record.Body), MaxBodyLength)
148
+
}
149
+
150
+
// Validate $type field
151
+
if record.Type != "community.lexicon.annotation.annotation" {
152
+
return fmt.Errorf("invalid record type: %s", record.Type)
153
+
}
154
+
155
+
// Check targets
156
+
if len(record.Target) == 0 {
157
+
return fmt.Errorf("annotation has no targets")
158
+
}
159
+
160
+
for i, target := range record.Target {
161
+
// Check URL length
162
+
if len(target.Source) > MaxURLLength {
163
+
return fmt.Errorf("target[%d] URL too long: %d > %d", i, len(target.Source), MaxURLLength)
164
+
}
165
+
166
+
// Check selector count
167
+
if len(target.Selector) > MaxSelectorCount {
168
+
return fmt.Errorf("target[%d] too many selectors: %d > %d", i, len(target.Selector), MaxSelectorCount)
169
+
}
170
+
171
+
// Check individual selector fields
172
+
for j, sel := range target.Selector {
173
+
if len(sel.Exact) > MaxExactLength {
174
+
return fmt.Errorf("target[%d].selector[%d] exact too long: %d > %d", i, j, len(sel.Exact), MaxExactLength)
175
+
}
176
+
if len(sel.Prefix) > MaxPrefixLength {
177
+
return fmt.Errorf("target[%d].selector[%d] prefix too long: %d > %d", i, j, len(sel.Prefix), MaxPrefixLength)
178
+
}
179
+
if len(sel.Suffix) > MaxSuffixLength {
180
+
return fmt.Errorf("target[%d].selector[%d] suffix too long: %d > %d", i, j, len(sel.Suffix), MaxSuffixLength)
181
+
}
182
+
}
183
+
}
184
+
185
+
// Check tag count and individual tag lengths
186
+
if len(record.Tags) > MaxTagCount {
187
+
return fmt.Errorf("too many tags: %d > %d", len(record.Tags), MaxTagCount)
188
+
}
189
+
for i, tag := range record.Tags {
190
+
if len(tag) > MaxTagLength {
191
+
return fmt.Errorf("tag[%d] too long: %d > %d", i, len(tag), MaxTagLength)
192
+
}
193
+
}
194
+
195
+
// Validate timestamp is parseable and within reasonable range
196
+
createdAt, err := time.Parse(time.RFC3339, record.CreatedAt)
197
+
if err != nil {
198
+
return fmt.Errorf("invalid createdAt timestamp: %w", err)
199
+
}
200
+
201
+
// Allow up to 5 minutes in the future for clock skew
202
+
maxTime := time.Now().Add(5 * time.Minute)
203
+
if createdAt.After(maxTime) {
204
+
return fmt.Errorf("createdAt too far in the future: %v", createdAt)
205
+
}
206
+
207
+
return nil
208
+
}
209
+
210
+
// validateDID validates a DID format (did:plc: or did:web:)
211
+
func validateDID(did string) bool {
212
+
return strings.HasPrefix(did, "did:plc:") || strings.HasPrefix(did, "did:web:")
213
+
}
+635
server/internal/tap/consumer_test.go
+635
server/internal/tap/consumer_test.go
···
1
+
package tap
2
+
3
+
import (
4
+
"context"
5
+
"errors"
6
+
"strings"
7
+
"sync"
8
+
"testing"
9
+
"time"
10
+
11
+
"github.com/aynish/seams.so/server/internal/models"
12
+
)
13
+
14
+
// mockIndexer implements the Indexer interface for testing
15
+
type mockIndexer struct {
16
+
mu sync.Mutex
17
+
indexed []indexedAnnotation
18
+
deleted []string
19
+
indexErr error
20
+
deleteErr error
21
+
}
22
+
23
+
type indexedAnnotation struct {
24
+
URI string
25
+
CID string
26
+
AuthorDID string
27
+
Record *models.ATProtoAnnotation
28
+
}
29
+
30
+
func (m *mockIndexer) IndexAnnotationDirect(ctx context.Context, uri, cid, authorDID string, record *models.ATProtoAnnotation) error {
31
+
m.mu.Lock()
32
+
defer m.mu.Unlock()
33
+
if m.indexErr != nil {
34
+
return m.indexErr
35
+
}
36
+
m.indexed = append(m.indexed, indexedAnnotation{
37
+
URI: uri,
38
+
CID: cid,
39
+
AuthorDID: authorDID,
40
+
Record: record,
41
+
})
42
+
return nil
43
+
}
44
+
45
+
func (m *mockIndexer) DeleteAnnotation(ctx context.Context, uri string) error {
46
+
m.mu.Lock()
47
+
defer m.mu.Unlock()
48
+
if m.deleteErr != nil {
49
+
return m.deleteErr
50
+
}
51
+
m.deleted = append(m.deleted, uri)
52
+
return nil
53
+
}
54
+
55
+
func (m *mockIndexer) getIndexed() []indexedAnnotation {
56
+
m.mu.Lock()
57
+
defer m.mu.Unlock()
58
+
return append([]indexedAnnotation{}, m.indexed...)
59
+
}
60
+
61
+
func (m *mockIndexer) getDeleted() []string {
62
+
m.mu.Lock()
63
+
defer m.mu.Unlock()
64
+
return append([]string{}, m.deleted...)
65
+
}
66
+
67
+
func TestConsumer_HandleEvent_CreateAnnotation(t *testing.T) {
68
+
indexer := &mockIndexer{}
69
+
consumer := NewConsumer(indexer)
70
+
71
+
event := TapEvent{
72
+
ID: 1,
73
+
Type: "record",
74
+
Record: &RecordEvent{
75
+
Live: true,
76
+
DID: "did:plc:abc123",
77
+
Collection: SeamsAnnotationCollection,
78
+
RKey: "3abc123",
79
+
Action: "create",
80
+
CID: "bafyreiabc",
81
+
Record: map[string]interface{}{
82
+
"$type": "community.lexicon.annotation.annotation",
83
+
"target": []interface{}{
84
+
map[string]interface{}{
85
+
"source": "https://example.com/article",
86
+
"selector": []interface{}{
87
+
map[string]interface{}{
88
+
"$type": "community.lexicon.annotation.annotation#textQuoteSelector",
89
+
"exact": "highlighted text",
90
+
"prefix": "some ",
91
+
"suffix": " here",
92
+
},
93
+
},
94
+
},
95
+
},
96
+
"body": "This is my annotation",
97
+
"createdAt": "2024-01-15T10:30:00Z",
98
+
},
99
+
},
100
+
}
101
+
102
+
err := consumer.HandleEvent(context.Background(), event)
103
+
if err != nil {
104
+
t.Fatalf("HandleEvent failed: %v", err)
105
+
}
106
+
107
+
indexed := indexer.getIndexed()
108
+
if len(indexed) != 1 {
109
+
t.Fatalf("Expected 1 indexed annotation, got %d", len(indexed))
110
+
}
111
+
112
+
ann := indexed[0]
113
+
expectedURI := "at://did:plc:abc123/community.lexicon.annotation.annotation/3abc123"
114
+
if ann.URI != expectedURI {
115
+
t.Errorf("Expected URI %q, got %q", expectedURI, ann.URI)
116
+
}
117
+
if ann.CID != "bafyreiabc" {
118
+
t.Errorf("Expected CID %q, got %q", "bafyreiabc", ann.CID)
119
+
}
120
+
if ann.AuthorDID != "did:plc:abc123" {
121
+
t.Errorf("Expected AuthorDID %q, got %q", "did:plc:abc123", ann.AuthorDID)
122
+
}
123
+
if ann.Record.Body != "This is my annotation" {
124
+
t.Errorf("Expected body %q, got %q", "This is my annotation", ann.Record.Body)
125
+
}
126
+
if len(ann.Record.Target) != 1 {
127
+
t.Fatalf("Expected 1 target, got %d", len(ann.Record.Target))
128
+
}
129
+
if ann.Record.Target[0].Source != "https://example.com/article" {
130
+
t.Errorf("Expected source %q, got %q", "https://example.com/article", ann.Record.Target[0].Source)
131
+
}
132
+
}
133
+
134
+
func TestConsumer_HandleEvent_UpdateAnnotation(t *testing.T) {
135
+
indexer := &mockIndexer{}
136
+
consumer := NewConsumer(indexer)
137
+
138
+
event := TapEvent{
139
+
ID: 2,
140
+
Type: "record",
141
+
Record: &RecordEvent{
142
+
Live: true,
143
+
DID: "did:plc:abc123",
144
+
Collection: SeamsAnnotationCollection,
145
+
RKey: "3abc123",
146
+
Action: "update",
147
+
CID: "bafyreiupd",
148
+
Record: map[string]interface{}{
149
+
"$type": "community.lexicon.annotation.annotation",
150
+
"target": []interface{}{
151
+
map[string]interface{}{
152
+
"source": "https://example.com/article",
153
+
},
154
+
},
155
+
"body": "Updated annotation text",
156
+
"createdAt": "2024-01-15T10:30:00Z",
157
+
},
158
+
},
159
+
}
160
+
161
+
err := consumer.HandleEvent(context.Background(), event)
162
+
if err != nil {
163
+
t.Fatalf("HandleEvent failed: %v", err)
164
+
}
165
+
166
+
indexed := indexer.getIndexed()
167
+
if len(indexed) != 1 {
168
+
t.Fatalf("Expected 1 indexed annotation, got %d", len(indexed))
169
+
}
170
+
171
+
// Update should use the new CID
172
+
if indexed[0].CID != "bafyreiupd" {
173
+
t.Errorf("Expected CID %q, got %q", "bafyreiupd", indexed[0].CID)
174
+
}
175
+
}
176
+
177
+
func TestConsumer_HandleEvent_DeleteAnnotation(t *testing.T) {
178
+
indexer := &mockIndexer{}
179
+
consumer := NewConsumer(indexer)
180
+
181
+
event := TapEvent{
182
+
ID: 3,
183
+
Type: "record",
184
+
Record: &RecordEvent{
185
+
Live: true,
186
+
DID: "did:plc:abc123",
187
+
Collection: SeamsAnnotationCollection,
188
+
RKey: "3abc123",
189
+
Action: "delete",
190
+
},
191
+
}
192
+
193
+
err := consumer.HandleEvent(context.Background(), event)
194
+
if err != nil {
195
+
t.Fatalf("HandleEvent failed: %v", err)
196
+
}
197
+
198
+
deleted := indexer.getDeleted()
199
+
if len(deleted) != 1 {
200
+
t.Fatalf("Expected 1 deleted annotation, got %d", len(deleted))
201
+
}
202
+
203
+
expectedURI := "at://did:plc:abc123/community.lexicon.annotation.annotation/3abc123"
204
+
if deleted[0] != expectedURI {
205
+
t.Errorf("Expected deleted URI %q, got %q", expectedURI, deleted[0])
206
+
}
207
+
}
208
+
209
+
func TestConsumer_HandleEvent_IgnoresOtherCollections(t *testing.T) {
210
+
indexer := &mockIndexer{}
211
+
consumer := NewConsumer(indexer)
212
+
213
+
event := TapEvent{
214
+
ID: 4,
215
+
Type: "record",
216
+
Record: &RecordEvent{
217
+
Live: true,
218
+
DID: "did:plc:abc123",
219
+
Collection: "app.bsky.feed.post", // Not our collection
220
+
RKey: "3abc123",
221
+
Action: "create",
222
+
CID: "bafyreiabc",
223
+
Record: map[string]interface{}{
224
+
"text": "Just a regular post",
225
+
},
226
+
},
227
+
}
228
+
229
+
err := consumer.HandleEvent(context.Background(), event)
230
+
if err != nil {
231
+
t.Fatalf("HandleEvent failed: %v", err)
232
+
}
233
+
234
+
// Should not have indexed anything
235
+
if len(indexer.getIndexed()) != 0 {
236
+
t.Errorf("Expected 0 indexed annotations, got %d", len(indexer.getIndexed()))
237
+
}
238
+
}
239
+
240
+
func TestConsumer_HandleEvent_IgnoresIdentityEvents(t *testing.T) {
241
+
indexer := &mockIndexer{}
242
+
consumer := NewConsumer(indexer)
243
+
244
+
event := TapEvent{
245
+
ID: 5,
246
+
Type: "identity",
247
+
Identity: &IdentityEvent{
248
+
DID: "did:plc:abc123",
249
+
Handle: "user.bsky.social",
250
+
IsActive: true,
251
+
Status: "active",
252
+
},
253
+
}
254
+
255
+
err := consumer.HandleEvent(context.Background(), event)
256
+
if err != nil {
257
+
t.Fatalf("HandleEvent failed: %v", err)
258
+
}
259
+
260
+
// Should not have indexed or deleted anything
261
+
if len(indexer.getIndexed()) != 0 {
262
+
t.Errorf("Expected 0 indexed annotations, got %d", len(indexer.getIndexed()))
263
+
}
264
+
if len(indexer.getDeleted()) != 0 {
265
+
t.Errorf("Expected 0 deleted annotations, got %d", len(indexer.getDeleted()))
266
+
}
267
+
}
268
+
269
+
func TestConsumer_HandleEvent_IndexError(t *testing.T) {
270
+
indexer := &mockIndexer{
271
+
indexErr: errors.New("database error"),
272
+
}
273
+
consumer := NewConsumer(indexer)
274
+
275
+
event := TapEvent{
276
+
ID: 6,
277
+
Type: "record",
278
+
Record: &RecordEvent{
279
+
Live: true,
280
+
DID: "did:plc:abc123",
281
+
Collection: SeamsAnnotationCollection,
282
+
RKey: "3abc123",
283
+
Action: "create",
284
+
CID: "bafyreiabc",
285
+
Record: map[string]interface{}{
286
+
"$type": "community.lexicon.annotation.annotation",
287
+
"target": []interface{}{
288
+
map[string]interface{}{
289
+
"source": "https://example.com/article",
290
+
},
291
+
},
292
+
"createdAt": "2024-01-15T10:30:00Z",
293
+
},
294
+
},
295
+
}
296
+
297
+
err := consumer.HandleEvent(context.Background(), event)
298
+
if err == nil {
299
+
t.Fatal("Expected error, got nil")
300
+
}
301
+
}
302
+
303
+
func TestConsumer_HandleEvent_DeleteError(t *testing.T) {
304
+
indexer := &mockIndexer{
305
+
deleteErr: errors.New("database error"),
306
+
}
307
+
consumer := NewConsumer(indexer)
308
+
309
+
event := TapEvent{
310
+
ID: 7,
311
+
Type: "record",
312
+
Record: &RecordEvent{
313
+
Live: true,
314
+
DID: "did:plc:abc123",
315
+
Collection: SeamsAnnotationCollection,
316
+
RKey: "3abc123",
317
+
Action: "delete",
318
+
},
319
+
}
320
+
321
+
err := consumer.HandleEvent(context.Background(), event)
322
+
if err == nil {
323
+
t.Fatal("Expected error, got nil")
324
+
}
325
+
}
326
+
327
+
func TestConsumer_HandleEvent_BackfillEvent(t *testing.T) {
328
+
indexer := &mockIndexer{}
329
+
consumer := NewConsumer(indexer)
330
+
331
+
// Backfill events have live=false
332
+
event := TapEvent{
333
+
ID: 8,
334
+
Type: "record",
335
+
Record: &RecordEvent{
336
+
Live: false, // Backfill
337
+
DID: "did:plc:abc123",
338
+
Collection: SeamsAnnotationCollection,
339
+
RKey: "3abc123",
340
+
Action: "create",
341
+
CID: "bafyreiabc",
342
+
Record: map[string]interface{}{
343
+
"$type": "community.lexicon.annotation.annotation",
344
+
"target": []interface{}{
345
+
map[string]interface{}{
346
+
"source": "https://example.com/article",
347
+
},
348
+
},
349
+
"createdAt": "2024-01-15T10:30:00Z",
350
+
},
351
+
},
352
+
}
353
+
354
+
err := consumer.HandleEvent(context.Background(), event)
355
+
if err != nil {
356
+
t.Fatalf("HandleEvent failed: %v", err)
357
+
}
358
+
359
+
// Should still index backfill events
360
+
indexed := indexer.getIndexed()
361
+
if len(indexed) != 1 {
362
+
t.Fatalf("Expected 1 indexed annotation, got %d", len(indexed))
363
+
}
364
+
}
365
+
366
+
func TestParseAnnotationRecord(t *testing.T) {
367
+
record := map[string]interface{}{
368
+
"$type": "community.lexicon.annotation.annotation",
369
+
"target": []interface{}{
370
+
map[string]interface{}{
371
+
"source": "https://example.com/page",
372
+
"selector": []interface{}{
373
+
map[string]interface{}{
374
+
"$type": "community.lexicon.annotation.annotation#textQuoteSelector",
375
+
"exact": "selected text",
376
+
"prefix": "before ",
377
+
"suffix": " after",
378
+
},
379
+
map[string]interface{}{
380
+
"$type": "community.lexicon.annotation.annotation#textPositionSelector",
381
+
"start": float64(10),
382
+
"end": float64(23),
383
+
},
384
+
},
385
+
},
386
+
},
387
+
"body": "My comment",
388
+
"tags": []interface{}{"tag1", "tag2"},
389
+
"createdAt": "2024-01-20T15:00:00Z",
390
+
}
391
+
392
+
annotation, err := parseAnnotationRecord(record)
393
+
if err != nil {
394
+
t.Fatalf("parseAnnotationRecord failed: %v", err)
395
+
}
396
+
397
+
if annotation.Type != "community.lexicon.annotation.annotation" {
398
+
t.Errorf("Expected type %q, got %q", "community.lexicon.annotation.annotation", annotation.Type)
399
+
}
400
+
if len(annotation.Target) != 1 {
401
+
t.Fatalf("Expected 1 target, got %d", len(annotation.Target))
402
+
}
403
+
if annotation.Target[0].Source != "https://example.com/page" {
404
+
t.Errorf("Expected source %q, got %q", "https://example.com/page", annotation.Target[0].Source)
405
+
}
406
+
if len(annotation.Target[0].Selector) != 2 {
407
+
t.Fatalf("Expected 2 selectors, got %d", len(annotation.Target[0].Selector))
408
+
}
409
+
if annotation.Body != "My comment" {
410
+
t.Errorf("Expected body %q, got %q", "My comment", annotation.Body)
411
+
}
412
+
if len(annotation.Tags) != 2 {
413
+
t.Errorf("Expected 2 tags, got %d", len(annotation.Tags))
414
+
}
415
+
if annotation.CreatedAt != "2024-01-20T15:00:00Z" {
416
+
t.Errorf("Expected createdAt %q, got %q", "2024-01-20T15:00:00Z", annotation.CreatedAt)
417
+
}
418
+
}
419
+
420
+
// Validation tests
421
+
422
+
func TestValidateAnnotation_ValidRecord(t *testing.T) {
423
+
record := &models.ATProtoAnnotation{
424
+
Type: "community.lexicon.annotation.annotation",
425
+
Target: []models.Target{
426
+
{
427
+
Source: "https://example.com/article",
428
+
Selector: []models.Selector{
429
+
{
430
+
Type: "community.lexicon.annotation.annotation#textQuoteSelector",
431
+
Exact: "highlighted text",
432
+
Prefix: "before ",
433
+
Suffix: " after",
434
+
},
435
+
},
436
+
},
437
+
},
438
+
Body: "My annotation comment",
439
+
Tags: []string{"test", "example"},
440
+
CreatedAt: time.Now().Format(time.RFC3339),
441
+
}
442
+
443
+
err := validateAnnotation(record)
444
+
if err != nil {
445
+
t.Errorf("Expected valid record, got error: %v", err)
446
+
}
447
+
}
448
+
449
+
func TestValidateAnnotation_BodyTooLong(t *testing.T) {
450
+
record := &models.ATProtoAnnotation{
451
+
Type: "community.lexicon.annotation.annotation",
452
+
Target: []models.Target{
453
+
{Source: "https://example.com"},
454
+
},
455
+
Body: strings.Repeat("x", MaxBodyLength+1),
456
+
CreatedAt: time.Now().Format(time.RFC3339),
457
+
}
458
+
459
+
err := validateAnnotation(record)
460
+
if err == nil {
461
+
t.Error("Expected error for body too long")
462
+
}
463
+
}
464
+
465
+
func TestValidateAnnotation_InvalidType(t *testing.T) {
466
+
record := &models.ATProtoAnnotation{
467
+
Type: "app.bsky.feed.post",
468
+
Target: []models.Target{
469
+
{Source: "https://example.com"},
470
+
},
471
+
CreatedAt: time.Now().Format(time.RFC3339),
472
+
}
473
+
474
+
err := validateAnnotation(record)
475
+
if err == nil {
476
+
t.Error("Expected error for invalid type")
477
+
}
478
+
}
479
+
480
+
func TestValidateAnnotation_NoTargets(t *testing.T) {
481
+
record := &models.ATProtoAnnotation{
482
+
Type: "community.lexicon.annotation.annotation",
483
+
Target: []models.Target{},
484
+
CreatedAt: time.Now().Format(time.RFC3339),
485
+
}
486
+
487
+
err := validateAnnotation(record)
488
+
if err == nil {
489
+
t.Error("Expected error for no targets")
490
+
}
491
+
}
492
+
493
+
func TestValidateAnnotation_URLTooLong(t *testing.T) {
494
+
record := &models.ATProtoAnnotation{
495
+
Type: "community.lexicon.annotation.annotation",
496
+
Target: []models.Target{
497
+
{Source: "https://example.com/" + strings.Repeat("x", MaxURLLength)},
498
+
},
499
+
CreatedAt: time.Now().Format(time.RFC3339),
500
+
}
501
+
502
+
err := validateAnnotation(record)
503
+
if err == nil {
504
+
t.Error("Expected error for URL too long")
505
+
}
506
+
}
507
+
508
+
func TestValidateAnnotation_TooManySelectors(t *testing.T) {
509
+
selectors := make([]models.Selector, MaxSelectorCount+1)
510
+
for i := range selectors {
511
+
selectors[i] = models.Selector{Type: "test"}
512
+
}
513
+
514
+
record := &models.ATProtoAnnotation{
515
+
Type: "community.lexicon.annotation.annotation",
516
+
Target: []models.Target{
517
+
{Source: "https://example.com", Selector: selectors},
518
+
},
519
+
CreatedAt: time.Now().Format(time.RFC3339),
520
+
}
521
+
522
+
err := validateAnnotation(record)
523
+
if err == nil {
524
+
t.Error("Expected error for too many selectors")
525
+
}
526
+
}
527
+
528
+
func TestValidateAnnotation_TooManyTags(t *testing.T) {
529
+
tags := make([]string, MaxTagCount+1)
530
+
for i := range tags {
531
+
tags[i] = "tag"
532
+
}
533
+
534
+
record := &models.ATProtoAnnotation{
535
+
Type: "community.lexicon.annotation.annotation",
536
+
Target: []models.Target{
537
+
{Source: "https://example.com"},
538
+
},
539
+
Tags: tags,
540
+
CreatedAt: time.Now().Format(time.RFC3339),
541
+
}
542
+
543
+
err := validateAnnotation(record)
544
+
if err == nil {
545
+
t.Error("Expected error for too many tags")
546
+
}
547
+
}
548
+
549
+
func TestValidateAnnotation_TagTooLong(t *testing.T) {
550
+
record := &models.ATProtoAnnotation{
551
+
Type: "community.lexicon.annotation.annotation",
552
+
Target: []models.Target{
553
+
{Source: "https://example.com"},
554
+
},
555
+
Tags: []string{strings.Repeat("x", MaxTagLength+1)},
556
+
CreatedAt: time.Now().Format(time.RFC3339),
557
+
}
558
+
559
+
err := validateAnnotation(record)
560
+
if err == nil {
561
+
t.Error("Expected error for tag too long")
562
+
}
563
+
}
564
+
565
+
func TestValidateAnnotation_InvalidTimestamp(t *testing.T) {
566
+
record := &models.ATProtoAnnotation{
567
+
Type: "community.lexicon.annotation.annotation",
568
+
Target: []models.Target{
569
+
{Source: "https://example.com"},
570
+
},
571
+
CreatedAt: "not-a-valid-timestamp",
572
+
}
573
+
574
+
err := validateAnnotation(record)
575
+
if err == nil {
576
+
t.Error("Expected error for invalid timestamp")
577
+
}
578
+
}
579
+
580
+
func TestValidateAnnotation_FutureTimestamp(t *testing.T) {
581
+
record := &models.ATProtoAnnotation{
582
+
Type: "community.lexicon.annotation.annotation",
583
+
Target: []models.Target{
584
+
{Source: "https://example.com"},
585
+
},
586
+
CreatedAt: time.Now().Add(1 * time.Hour).Format(time.RFC3339),
587
+
}
588
+
589
+
err := validateAnnotation(record)
590
+
if err == nil {
591
+
t.Error("Expected error for timestamp too far in future")
592
+
}
593
+
}
594
+
595
+
func TestValidateAnnotation_ExactTooLong(t *testing.T) {
596
+
record := &models.ATProtoAnnotation{
597
+
Type: "community.lexicon.annotation.annotation",
598
+
Target: []models.Target{
599
+
{
600
+
Source: "https://example.com",
601
+
Selector: []models.Selector{
602
+
{
603
+
Type: "textQuoteSelector",
604
+
Exact: strings.Repeat("x", MaxExactLength+1),
605
+
},
606
+
},
607
+
},
608
+
},
609
+
CreatedAt: time.Now().Format(time.RFC3339),
610
+
}
611
+
612
+
err := validateAnnotation(record)
613
+
if err == nil {
614
+
t.Error("Expected error for exact text too long")
615
+
}
616
+
}
617
+
618
+
func TestValidateDID(t *testing.T) {
619
+
tests := []struct {
620
+
did string
621
+
valid bool
622
+
}{
623
+
{"did:plc:abc123", true},
624
+
{"did:web:example.com", true},
625
+
{"did:key:abc123", false},
626
+
{"abc123", false},
627
+
{"", false},
628
+
}
629
+
630
+
for _, tt := range tests {
631
+
if validateDID(tt.did) != tt.valid {
632
+
t.Errorf("validateDID(%q) = %v, want %v", tt.did, !tt.valid, tt.valid)
633
+
}
634
+
}
635
+
}
+38
server/internal/tap/types.go
+38
server/internal/tap/types.go
···
1
+
package tap
2
+
3
+
// TapEvent represents an event from the Tap firehose
4
+
type TapEvent struct {
5
+
ID int64 `json:"id"`
6
+
Type string `json:"type"` // "record" or "identity"
7
+
Record *RecordEvent `json:"record,omitempty"`
8
+
Identity *IdentityEvent `json:"identity,omitempty"`
9
+
}
10
+
11
+
// RecordEvent represents a record create/update/delete event
12
+
type RecordEvent struct {
13
+
Live bool `json:"live"` // true if from firehose, false if backfill
14
+
Rev string `json:"rev"` // repo revision
15
+
DID string `json:"did"` // author DID
16
+
Collection string `json:"collection"` // NSID (e.g. community.lexicon.annotation.annotation)
17
+
RKey string `json:"rkey"` // record key
18
+
Action string `json:"action"` // "create", "update", or "delete"
19
+
CID string `json:"cid,omitempty"`
20
+
Record map[string]interface{} `json:"record,omitempty"` // record data (absent on delete)
21
+
}
22
+
23
+
// IdentityEvent represents a handle or status change
24
+
type IdentityEvent struct {
25
+
DID string `json:"did"`
26
+
Handle string `json:"handle"`
27
+
IsActive bool `json:"isActive"`
28
+
Status string `json:"status"` // "active", "takendown", "suspended", "deactivated", "deleted"
29
+
}
30
+
31
+
// AckMessage is sent to acknowledge processed events
32
+
type AckMessage struct {
33
+
Type string `json:"type"`
34
+
ID int64 `json:"id"`
35
+
}
36
+
37
+
// SeamsAnnotationCollection is the NSID for seams annotations
38
+
const SeamsAnnotationCollection = "community.lexicon.annotation.annotation"
+25
server/vendor/github.com/gorilla/websocket/.gitignore
+25
server/vendor/github.com/gorilla/websocket/.gitignore
···
1
+
# Compiled Object files, Static and Dynamic libs (Shared Objects)
2
+
*.o
3
+
*.a
4
+
*.so
5
+
6
+
# Folders
7
+
_obj
8
+
_test
9
+
10
+
# Architecture specific extensions/prefixes
11
+
*.[568vq]
12
+
[568vq].out
13
+
14
+
*.cgo1.go
15
+
*.cgo2.c
16
+
_cgo_defun.c
17
+
_cgo_gotypes.go
18
+
_cgo_export.*
19
+
20
+
_testmain.go
21
+
22
+
*.exe
23
+
24
+
.idea/
25
+
*.iml
+9
server/vendor/github.com/gorilla/websocket/AUTHORS
+9
server/vendor/github.com/gorilla/websocket/AUTHORS
+22
server/vendor/github.com/gorilla/websocket/LICENSE
+22
server/vendor/github.com/gorilla/websocket/LICENSE
···
1
+
Copyright (c) 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
3
+
Redistribution and use in source and binary forms, with or without
4
+
modification, are permitted provided that the following conditions are met:
5
+
6
+
Redistributions of source code must retain the above copyright notice, this
7
+
list of conditions and the following disclaimer.
8
+
9
+
Redistributions in binary form must reproduce the above copyright notice,
10
+
this list of conditions and the following disclaimer in the documentation
11
+
and/or other materials provided with the distribution.
12
+
13
+
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
14
+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15
+
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
16
+
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
17
+
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18
+
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
19
+
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
20
+
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
21
+
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
22
+
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+33
server/vendor/github.com/gorilla/websocket/README.md
+33
server/vendor/github.com/gorilla/websocket/README.md
···
1
+
# Gorilla WebSocket
2
+
3
+
[](https://godoc.org/github.com/gorilla/websocket)
4
+
[](https://circleci.com/gh/gorilla/websocket)
5
+
6
+
Gorilla WebSocket is a [Go](http://golang.org/) implementation of the
7
+
[WebSocket](http://www.rfc-editor.org/rfc/rfc6455.txt) protocol.
8
+
9
+
10
+
### Documentation
11
+
12
+
* [API Reference](https://pkg.go.dev/github.com/gorilla/websocket?tab=doc)
13
+
* [Chat example](https://github.com/gorilla/websocket/tree/master/examples/chat)
14
+
* [Command example](https://github.com/gorilla/websocket/tree/master/examples/command)
15
+
* [Client and server example](https://github.com/gorilla/websocket/tree/master/examples/echo)
16
+
* [File watch example](https://github.com/gorilla/websocket/tree/master/examples/filewatch)
17
+
18
+
### Status
19
+
20
+
The Gorilla WebSocket package provides a complete and tested implementation of
21
+
the [WebSocket](http://www.rfc-editor.org/rfc/rfc6455.txt) protocol. The
22
+
package API is stable.
23
+
24
+
### Installation
25
+
26
+
go get github.com/gorilla/websocket
27
+
28
+
### Protocol Compliance
29
+
30
+
The Gorilla WebSocket package passes the server tests in the [Autobahn Test
31
+
Suite](https://github.com/crossbario/autobahn-testsuite) using the application in the [examples/autobahn
32
+
subdirectory](https://github.com/gorilla/websocket/tree/master/examples/autobahn).
33
+
+434
server/vendor/github.com/gorilla/websocket/client.go
+434
server/vendor/github.com/gorilla/websocket/client.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"bytes"
9
+
"context"
10
+
"crypto/tls"
11
+
"errors"
12
+
"fmt"
13
+
"io"
14
+
"io/ioutil"
15
+
"net"
16
+
"net/http"
17
+
"net/http/httptrace"
18
+
"net/url"
19
+
"strings"
20
+
"time"
21
+
)
22
+
23
+
// ErrBadHandshake is returned when the server response to opening handshake is
24
+
// invalid.
25
+
var ErrBadHandshake = errors.New("websocket: bad handshake")
26
+
27
+
var errInvalidCompression = errors.New("websocket: invalid compression negotiation")
28
+
29
+
// NewClient creates a new client connection using the given net connection.
30
+
// The URL u specifies the host and request URI. Use requestHeader to specify
31
+
// the origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies
32
+
// (Cookie). Use the response.Header to get the selected subprotocol
33
+
// (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
34
+
//
35
+
// If the WebSocket handshake fails, ErrBadHandshake is returned along with a
36
+
// non-nil *http.Response so that callers can handle redirects, authentication,
37
+
// etc.
38
+
//
39
+
// Deprecated: Use Dialer instead.
40
+
func NewClient(netConn net.Conn, u *url.URL, requestHeader http.Header, readBufSize, writeBufSize int) (c *Conn, response *http.Response, err error) {
41
+
d := Dialer{
42
+
ReadBufferSize: readBufSize,
43
+
WriteBufferSize: writeBufSize,
44
+
NetDial: func(net, addr string) (net.Conn, error) {
45
+
return netConn, nil
46
+
},
47
+
}
48
+
return d.Dial(u.String(), requestHeader)
49
+
}
50
+
51
+
// A Dialer contains options for connecting to WebSocket server.
52
+
//
53
+
// It is safe to call Dialer's methods concurrently.
54
+
type Dialer struct {
55
+
// NetDial specifies the dial function for creating TCP connections. If
56
+
// NetDial is nil, net.Dial is used.
57
+
NetDial func(network, addr string) (net.Conn, error)
58
+
59
+
// NetDialContext specifies the dial function for creating TCP connections. If
60
+
// NetDialContext is nil, NetDial is used.
61
+
NetDialContext func(ctx context.Context, network, addr string) (net.Conn, error)
62
+
63
+
// NetDialTLSContext specifies the dial function for creating TLS/TCP connections. If
64
+
// NetDialTLSContext is nil, NetDialContext is used.
65
+
// If NetDialTLSContext is set, Dial assumes the TLS handshake is done there and
66
+
// TLSClientConfig is ignored.
67
+
NetDialTLSContext func(ctx context.Context, network, addr string) (net.Conn, error)
68
+
69
+
// Proxy specifies a function to return a proxy for a given
70
+
// Request. If the function returns a non-nil error, the
71
+
// request is aborted with the provided error.
72
+
// If Proxy is nil or returns a nil *URL, no proxy is used.
73
+
Proxy func(*http.Request) (*url.URL, error)
74
+
75
+
// TLSClientConfig specifies the TLS configuration to use with tls.Client.
76
+
// If nil, the default configuration is used.
77
+
// If either NetDialTLS or NetDialTLSContext are set, Dial assumes the TLS handshake
78
+
// is done there and TLSClientConfig is ignored.
79
+
TLSClientConfig *tls.Config
80
+
81
+
// HandshakeTimeout specifies the duration for the handshake to complete.
82
+
HandshakeTimeout time.Duration
83
+
84
+
// ReadBufferSize and WriteBufferSize specify I/O buffer sizes in bytes. If a buffer
85
+
// size is zero, then a useful default size is used. The I/O buffer sizes
86
+
// do not limit the size of the messages that can be sent or received.
87
+
ReadBufferSize, WriteBufferSize int
88
+
89
+
// WriteBufferPool is a pool of buffers for write operations. If the value
90
+
// is not set, then write buffers are allocated to the connection for the
91
+
// lifetime of the connection.
92
+
//
93
+
// A pool is most useful when the application has a modest volume of writes
94
+
// across a large number of connections.
95
+
//
96
+
// Applications should use a single pool for each unique value of
97
+
// WriteBufferSize.
98
+
WriteBufferPool BufferPool
99
+
100
+
// Subprotocols specifies the client's requested subprotocols.
101
+
Subprotocols []string
102
+
103
+
// EnableCompression specifies if the client should attempt to negotiate
104
+
// per message compression (RFC 7692). Setting this value to true does not
105
+
// guarantee that compression will be supported. Currently only "no context
106
+
// takeover" modes are supported.
107
+
EnableCompression bool
108
+
109
+
// Jar specifies the cookie jar.
110
+
// If Jar is nil, cookies are not sent in requests and ignored
111
+
// in responses.
112
+
Jar http.CookieJar
113
+
}
114
+
115
+
// Dial creates a new client connection by calling DialContext with a background context.
116
+
func (d *Dialer) Dial(urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
117
+
return d.DialContext(context.Background(), urlStr, requestHeader)
118
+
}
119
+
120
+
var errMalformedURL = errors.New("malformed ws or wss URL")
121
+
122
+
func hostPortNoPort(u *url.URL) (hostPort, hostNoPort string) {
123
+
hostPort = u.Host
124
+
hostNoPort = u.Host
125
+
if i := strings.LastIndex(u.Host, ":"); i > strings.LastIndex(u.Host, "]") {
126
+
hostNoPort = hostNoPort[:i]
127
+
} else {
128
+
switch u.Scheme {
129
+
case "wss":
130
+
hostPort += ":443"
131
+
case "https":
132
+
hostPort += ":443"
133
+
default:
134
+
hostPort += ":80"
135
+
}
136
+
}
137
+
return hostPort, hostNoPort
138
+
}
139
+
140
+
// DefaultDialer is a dialer with all fields set to the default values.
141
+
var DefaultDialer = &Dialer{
142
+
Proxy: http.ProxyFromEnvironment,
143
+
HandshakeTimeout: 45 * time.Second,
144
+
}
145
+
146
+
// nilDialer is dialer to use when receiver is nil.
147
+
var nilDialer = *DefaultDialer
148
+
149
+
// DialContext creates a new client connection. Use requestHeader to specify the
150
+
// origin (Origin), subprotocols (Sec-WebSocket-Protocol) and cookies (Cookie).
151
+
// Use the response.Header to get the selected subprotocol
152
+
// (Sec-WebSocket-Protocol) and cookies (Set-Cookie).
153
+
//
154
+
// The context will be used in the request and in the Dialer.
155
+
//
156
+
// If the WebSocket handshake fails, ErrBadHandshake is returned along with a
157
+
// non-nil *http.Response so that callers can handle redirects, authentication,
158
+
// etcetera. The response body may not contain the entire response and does not
159
+
// need to be closed by the application.
160
+
func (d *Dialer) DialContext(ctx context.Context, urlStr string, requestHeader http.Header) (*Conn, *http.Response, error) {
161
+
if d == nil {
162
+
d = &nilDialer
163
+
}
164
+
165
+
challengeKey, err := generateChallengeKey()
166
+
if err != nil {
167
+
return nil, nil, err
168
+
}
169
+
170
+
u, err := url.Parse(urlStr)
171
+
if err != nil {
172
+
return nil, nil, err
173
+
}
174
+
175
+
switch u.Scheme {
176
+
case "ws":
177
+
u.Scheme = "http"
178
+
case "wss":
179
+
u.Scheme = "https"
180
+
default:
181
+
return nil, nil, errMalformedURL
182
+
}
183
+
184
+
if u.User != nil {
185
+
// User name and password are not allowed in websocket URIs.
186
+
return nil, nil, errMalformedURL
187
+
}
188
+
189
+
req := &http.Request{
190
+
Method: http.MethodGet,
191
+
URL: u,
192
+
Proto: "HTTP/1.1",
193
+
ProtoMajor: 1,
194
+
ProtoMinor: 1,
195
+
Header: make(http.Header),
196
+
Host: u.Host,
197
+
}
198
+
req = req.WithContext(ctx)
199
+
200
+
// Set the cookies present in the cookie jar of the dialer
201
+
if d.Jar != nil {
202
+
for _, cookie := range d.Jar.Cookies(u) {
203
+
req.AddCookie(cookie)
204
+
}
205
+
}
206
+
207
+
// Set the request headers using the capitalization for names and values in
208
+
// RFC examples. Although the capitalization shouldn't matter, there are
209
+
// servers that depend on it. The Header.Set method is not used because the
210
+
// method canonicalizes the header names.
211
+
req.Header["Upgrade"] = []string{"websocket"}
212
+
req.Header["Connection"] = []string{"Upgrade"}
213
+
req.Header["Sec-WebSocket-Key"] = []string{challengeKey}
214
+
req.Header["Sec-WebSocket-Version"] = []string{"13"}
215
+
if len(d.Subprotocols) > 0 {
216
+
req.Header["Sec-WebSocket-Protocol"] = []string{strings.Join(d.Subprotocols, ", ")}
217
+
}
218
+
for k, vs := range requestHeader {
219
+
switch {
220
+
case k == "Host":
221
+
if len(vs) > 0 {
222
+
req.Host = vs[0]
223
+
}
224
+
case k == "Upgrade" ||
225
+
k == "Connection" ||
226
+
k == "Sec-Websocket-Key" ||
227
+
k == "Sec-Websocket-Version" ||
228
+
k == "Sec-Websocket-Extensions" ||
229
+
(k == "Sec-Websocket-Protocol" && len(d.Subprotocols) > 0):
230
+
return nil, nil, errors.New("websocket: duplicate header not allowed: " + k)
231
+
case k == "Sec-Websocket-Protocol":
232
+
req.Header["Sec-WebSocket-Protocol"] = vs
233
+
default:
234
+
req.Header[k] = vs
235
+
}
236
+
}
237
+
238
+
if d.EnableCompression {
239
+
req.Header["Sec-WebSocket-Extensions"] = []string{"permessage-deflate; server_no_context_takeover; client_no_context_takeover"}
240
+
}
241
+
242
+
if d.HandshakeTimeout != 0 {
243
+
var cancel func()
244
+
ctx, cancel = context.WithTimeout(ctx, d.HandshakeTimeout)
245
+
defer cancel()
246
+
}
247
+
248
+
// Get network dial function.
249
+
var netDial func(network, add string) (net.Conn, error)
250
+
251
+
switch u.Scheme {
252
+
case "http":
253
+
if d.NetDialContext != nil {
254
+
netDial = func(network, addr string) (net.Conn, error) {
255
+
return d.NetDialContext(ctx, network, addr)
256
+
}
257
+
} else if d.NetDial != nil {
258
+
netDial = d.NetDial
259
+
}
260
+
case "https":
261
+
if d.NetDialTLSContext != nil {
262
+
netDial = func(network, addr string) (net.Conn, error) {
263
+
return d.NetDialTLSContext(ctx, network, addr)
264
+
}
265
+
} else if d.NetDialContext != nil {
266
+
netDial = func(network, addr string) (net.Conn, error) {
267
+
return d.NetDialContext(ctx, network, addr)
268
+
}
269
+
} else if d.NetDial != nil {
270
+
netDial = d.NetDial
271
+
}
272
+
default:
273
+
return nil, nil, errMalformedURL
274
+
}
275
+
276
+
if netDial == nil {
277
+
netDialer := &net.Dialer{}
278
+
netDial = func(network, addr string) (net.Conn, error) {
279
+
return netDialer.DialContext(ctx, network, addr)
280
+
}
281
+
}
282
+
283
+
// If needed, wrap the dial function to set the connection deadline.
284
+
if deadline, ok := ctx.Deadline(); ok {
285
+
forwardDial := netDial
286
+
netDial = func(network, addr string) (net.Conn, error) {
287
+
c, err := forwardDial(network, addr)
288
+
if err != nil {
289
+
return nil, err
290
+
}
291
+
err = c.SetDeadline(deadline)
292
+
if err != nil {
293
+
c.Close()
294
+
return nil, err
295
+
}
296
+
return c, nil
297
+
}
298
+
}
299
+
300
+
// If needed, wrap the dial function to connect through a proxy.
301
+
if d.Proxy != nil {
302
+
proxyURL, err := d.Proxy(req)
303
+
if err != nil {
304
+
return nil, nil, err
305
+
}
306
+
if proxyURL != nil {
307
+
dialer, err := proxy_FromURL(proxyURL, netDialerFunc(netDial))
308
+
if err != nil {
309
+
return nil, nil, err
310
+
}
311
+
netDial = dialer.Dial
312
+
}
313
+
}
314
+
315
+
hostPort, hostNoPort := hostPortNoPort(u)
316
+
trace := httptrace.ContextClientTrace(ctx)
317
+
if trace != nil && trace.GetConn != nil {
318
+
trace.GetConn(hostPort)
319
+
}
320
+
321
+
netConn, err := netDial("tcp", hostPort)
322
+
if err != nil {
323
+
return nil, nil, err
324
+
}
325
+
if trace != nil && trace.GotConn != nil {
326
+
trace.GotConn(httptrace.GotConnInfo{
327
+
Conn: netConn,
328
+
})
329
+
}
330
+
331
+
defer func() {
332
+
if netConn != nil {
333
+
netConn.Close()
334
+
}
335
+
}()
336
+
337
+
if u.Scheme == "https" && d.NetDialTLSContext == nil {
338
+
// If NetDialTLSContext is set, assume that the TLS handshake has already been done
339
+
340
+
cfg := cloneTLSConfig(d.TLSClientConfig)
341
+
if cfg.ServerName == "" {
342
+
cfg.ServerName = hostNoPort
343
+
}
344
+
tlsConn := tls.Client(netConn, cfg)
345
+
netConn = tlsConn
346
+
347
+
if trace != nil && trace.TLSHandshakeStart != nil {
348
+
trace.TLSHandshakeStart()
349
+
}
350
+
err := doHandshake(ctx, tlsConn, cfg)
351
+
if trace != nil && trace.TLSHandshakeDone != nil {
352
+
trace.TLSHandshakeDone(tlsConn.ConnectionState(), err)
353
+
}
354
+
355
+
if err != nil {
356
+
return nil, nil, err
357
+
}
358
+
}
359
+
360
+
conn := newConn(netConn, false, d.ReadBufferSize, d.WriteBufferSize, d.WriteBufferPool, nil, nil)
361
+
362
+
if err := req.Write(netConn); err != nil {
363
+
return nil, nil, err
364
+
}
365
+
366
+
if trace != nil && trace.GotFirstResponseByte != nil {
367
+
if peek, err := conn.br.Peek(1); err == nil && len(peek) == 1 {
368
+
trace.GotFirstResponseByte()
369
+
}
370
+
}
371
+
372
+
resp, err := http.ReadResponse(conn.br, req)
373
+
if err != nil {
374
+
if d.TLSClientConfig != nil {
375
+
for _, proto := range d.TLSClientConfig.NextProtos {
376
+
if proto != "http/1.1" {
377
+
return nil, nil, fmt.Errorf(
378
+
"websocket: protocol %q was given but is not supported;"+
379
+
"sharing tls.Config with net/http Transport can cause this error: %w",
380
+
proto, err,
381
+
)
382
+
}
383
+
}
384
+
}
385
+
return nil, nil, err
386
+
}
387
+
388
+
if d.Jar != nil {
389
+
if rc := resp.Cookies(); len(rc) > 0 {
390
+
d.Jar.SetCookies(u, rc)
391
+
}
392
+
}
393
+
394
+
if resp.StatusCode != 101 ||
395
+
!tokenListContainsValue(resp.Header, "Upgrade", "websocket") ||
396
+
!tokenListContainsValue(resp.Header, "Connection", "upgrade") ||
397
+
resp.Header.Get("Sec-Websocket-Accept") != computeAcceptKey(challengeKey) {
398
+
// Before closing the network connection on return from this
399
+
// function, slurp up some of the response to aid application
400
+
// debugging.
401
+
buf := make([]byte, 1024)
402
+
n, _ := io.ReadFull(resp.Body, buf)
403
+
resp.Body = ioutil.NopCloser(bytes.NewReader(buf[:n]))
404
+
return nil, resp, ErrBadHandshake
405
+
}
406
+
407
+
for _, ext := range parseExtensions(resp.Header) {
408
+
if ext[""] != "permessage-deflate" {
409
+
continue
410
+
}
411
+
_, snct := ext["server_no_context_takeover"]
412
+
_, cnct := ext["client_no_context_takeover"]
413
+
if !snct || !cnct {
414
+
return nil, resp, errInvalidCompression
415
+
}
416
+
conn.newCompressionWriter = compressNoContextTakeover
417
+
conn.newDecompressionReader = decompressNoContextTakeover
418
+
break
419
+
}
420
+
421
+
resp.Body = ioutil.NopCloser(bytes.NewReader([]byte{}))
422
+
conn.subprotocol = resp.Header.Get("Sec-Websocket-Protocol")
423
+
424
+
netConn.SetDeadline(time.Time{})
425
+
netConn = nil // to avoid close in defer.
426
+
return conn, resp, nil
427
+
}
428
+
429
+
func cloneTLSConfig(cfg *tls.Config) *tls.Config {
430
+
if cfg == nil {
431
+
return &tls.Config{}
432
+
}
433
+
return cfg.Clone()
434
+
}
+148
server/vendor/github.com/gorilla/websocket/compression.go
+148
server/vendor/github.com/gorilla/websocket/compression.go
···
1
+
// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"compress/flate"
9
+
"errors"
10
+
"io"
11
+
"strings"
12
+
"sync"
13
+
)
14
+
15
+
const (
16
+
minCompressionLevel = -2 // flate.HuffmanOnly not defined in Go < 1.6
17
+
maxCompressionLevel = flate.BestCompression
18
+
defaultCompressionLevel = 1
19
+
)
20
+
21
+
var (
22
+
flateWriterPools [maxCompressionLevel - minCompressionLevel + 1]sync.Pool
23
+
flateReaderPool = sync.Pool{New: func() interface{} {
24
+
return flate.NewReader(nil)
25
+
}}
26
+
)
27
+
28
+
func decompressNoContextTakeover(r io.Reader) io.ReadCloser {
29
+
const tail =
30
+
// Add four bytes as specified in RFC
31
+
"\x00\x00\xff\xff" +
32
+
// Add final block to squelch unexpected EOF error from flate reader.
33
+
"\x01\x00\x00\xff\xff"
34
+
35
+
fr, _ := flateReaderPool.Get().(io.ReadCloser)
36
+
fr.(flate.Resetter).Reset(io.MultiReader(r, strings.NewReader(tail)), nil)
37
+
return &flateReadWrapper{fr}
38
+
}
39
+
40
+
func isValidCompressionLevel(level int) bool {
41
+
return minCompressionLevel <= level && level <= maxCompressionLevel
42
+
}
43
+
44
+
func compressNoContextTakeover(w io.WriteCloser, level int) io.WriteCloser {
45
+
p := &flateWriterPools[level-minCompressionLevel]
46
+
tw := &truncWriter{w: w}
47
+
fw, _ := p.Get().(*flate.Writer)
48
+
if fw == nil {
49
+
fw, _ = flate.NewWriter(tw, level)
50
+
} else {
51
+
fw.Reset(tw)
52
+
}
53
+
return &flateWriteWrapper{fw: fw, tw: tw, p: p}
54
+
}
55
+
56
+
// truncWriter is an io.Writer that writes all but the last four bytes of the
57
+
// stream to another io.Writer.
58
+
type truncWriter struct {
59
+
w io.WriteCloser
60
+
n int
61
+
p [4]byte
62
+
}
63
+
64
+
func (w *truncWriter) Write(p []byte) (int, error) {
65
+
n := 0
66
+
67
+
// fill buffer first for simplicity.
68
+
if w.n < len(w.p) {
69
+
n = copy(w.p[w.n:], p)
70
+
p = p[n:]
71
+
w.n += n
72
+
if len(p) == 0 {
73
+
return n, nil
74
+
}
75
+
}
76
+
77
+
m := len(p)
78
+
if m > len(w.p) {
79
+
m = len(w.p)
80
+
}
81
+
82
+
if nn, err := w.w.Write(w.p[:m]); err != nil {
83
+
return n + nn, err
84
+
}
85
+
86
+
copy(w.p[:], w.p[m:])
87
+
copy(w.p[len(w.p)-m:], p[len(p)-m:])
88
+
nn, err := w.w.Write(p[:len(p)-m])
89
+
return n + nn, err
90
+
}
91
+
92
+
type flateWriteWrapper struct {
93
+
fw *flate.Writer
94
+
tw *truncWriter
95
+
p *sync.Pool
96
+
}
97
+
98
+
func (w *flateWriteWrapper) Write(p []byte) (int, error) {
99
+
if w.fw == nil {
100
+
return 0, errWriteClosed
101
+
}
102
+
return w.fw.Write(p)
103
+
}
104
+
105
+
func (w *flateWriteWrapper) Close() error {
106
+
if w.fw == nil {
107
+
return errWriteClosed
108
+
}
109
+
err1 := w.fw.Flush()
110
+
w.p.Put(w.fw)
111
+
w.fw = nil
112
+
if w.tw.p != [4]byte{0, 0, 0xff, 0xff} {
113
+
return errors.New("websocket: internal error, unexpected bytes at end of flate stream")
114
+
}
115
+
err2 := w.tw.w.Close()
116
+
if err1 != nil {
117
+
return err1
118
+
}
119
+
return err2
120
+
}
121
+
122
+
type flateReadWrapper struct {
123
+
fr io.ReadCloser
124
+
}
125
+
126
+
func (r *flateReadWrapper) Read(p []byte) (int, error) {
127
+
if r.fr == nil {
128
+
return 0, io.ErrClosedPipe
129
+
}
130
+
n, err := r.fr.Read(p)
131
+
if err == io.EOF {
132
+
// Preemptively place the reader back in the pool. This helps with
133
+
// scenarios where the application does not call NextReader() soon after
134
+
// this final read.
135
+
r.Close()
136
+
}
137
+
return n, err
138
+
}
139
+
140
+
func (r *flateReadWrapper) Close() error {
141
+
if r.fr == nil {
142
+
return io.ErrClosedPipe
143
+
}
144
+
err := r.fr.Close()
145
+
flateReaderPool.Put(r.fr)
146
+
r.fr = nil
147
+
return err
148
+
}
+1238
server/vendor/github.com/gorilla/websocket/conn.go
+1238
server/vendor/github.com/gorilla/websocket/conn.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"bufio"
9
+
"encoding/binary"
10
+
"errors"
11
+
"io"
12
+
"io/ioutil"
13
+
"math/rand"
14
+
"net"
15
+
"strconv"
16
+
"strings"
17
+
"sync"
18
+
"time"
19
+
"unicode/utf8"
20
+
)
21
+
22
+
const (
23
+
// Frame header byte 0 bits from Section 5.2 of RFC 6455
24
+
finalBit = 1 << 7
25
+
rsv1Bit = 1 << 6
26
+
rsv2Bit = 1 << 5
27
+
rsv3Bit = 1 << 4
28
+
29
+
// Frame header byte 1 bits from Section 5.2 of RFC 6455
30
+
maskBit = 1 << 7
31
+
32
+
maxFrameHeaderSize = 2 + 8 + 4 // Fixed header + length + mask
33
+
maxControlFramePayloadSize = 125
34
+
35
+
writeWait = time.Second
36
+
37
+
defaultReadBufferSize = 4096
38
+
defaultWriteBufferSize = 4096
39
+
40
+
continuationFrame = 0
41
+
noFrame = -1
42
+
)
43
+
44
+
// Close codes defined in RFC 6455, section 11.7.
45
+
const (
46
+
CloseNormalClosure = 1000
47
+
CloseGoingAway = 1001
48
+
CloseProtocolError = 1002
49
+
CloseUnsupportedData = 1003
50
+
CloseNoStatusReceived = 1005
51
+
CloseAbnormalClosure = 1006
52
+
CloseInvalidFramePayloadData = 1007
53
+
ClosePolicyViolation = 1008
54
+
CloseMessageTooBig = 1009
55
+
CloseMandatoryExtension = 1010
56
+
CloseInternalServerErr = 1011
57
+
CloseServiceRestart = 1012
58
+
CloseTryAgainLater = 1013
59
+
CloseTLSHandshake = 1015
60
+
)
61
+
62
+
// The message types are defined in RFC 6455, section 11.8.
63
+
const (
64
+
// TextMessage denotes a text data message. The text message payload is
65
+
// interpreted as UTF-8 encoded text data.
66
+
TextMessage = 1
67
+
68
+
// BinaryMessage denotes a binary data message.
69
+
BinaryMessage = 2
70
+
71
+
// CloseMessage denotes a close control message. The optional message
72
+
// payload contains a numeric code and text. Use the FormatCloseMessage
73
+
// function to format a close message payload.
74
+
CloseMessage = 8
75
+
76
+
// PingMessage denotes a ping control message. The optional message payload
77
+
// is UTF-8 encoded text.
78
+
PingMessage = 9
79
+
80
+
// PongMessage denotes a pong control message. The optional message payload
81
+
// is UTF-8 encoded text.
82
+
PongMessage = 10
83
+
)
84
+
85
+
// ErrCloseSent is returned when the application writes a message to the
86
+
// connection after sending a close message.
87
+
var ErrCloseSent = errors.New("websocket: close sent")
88
+
89
+
// ErrReadLimit is returned when reading a message that is larger than the
90
+
// read limit set for the connection.
91
+
var ErrReadLimit = errors.New("websocket: read limit exceeded")
92
+
93
+
// netError satisfies the net Error interface.
94
+
type netError struct {
95
+
msg string
96
+
temporary bool
97
+
timeout bool
98
+
}
99
+
100
+
func (e *netError) Error() string { return e.msg }
101
+
func (e *netError) Temporary() bool { return e.temporary }
102
+
func (e *netError) Timeout() bool { return e.timeout }
103
+
104
+
// CloseError represents a close message.
105
+
type CloseError struct {
106
+
// Code is defined in RFC 6455, section 11.7.
107
+
Code int
108
+
109
+
// Text is the optional text payload.
110
+
Text string
111
+
}
112
+
113
+
func (e *CloseError) Error() string {
114
+
s := []byte("websocket: close ")
115
+
s = strconv.AppendInt(s, int64(e.Code), 10)
116
+
switch e.Code {
117
+
case CloseNormalClosure:
118
+
s = append(s, " (normal)"...)
119
+
case CloseGoingAway:
120
+
s = append(s, " (going away)"...)
121
+
case CloseProtocolError:
122
+
s = append(s, " (protocol error)"...)
123
+
case CloseUnsupportedData:
124
+
s = append(s, " (unsupported data)"...)
125
+
case CloseNoStatusReceived:
126
+
s = append(s, " (no status)"...)
127
+
case CloseAbnormalClosure:
128
+
s = append(s, " (abnormal closure)"...)
129
+
case CloseInvalidFramePayloadData:
130
+
s = append(s, " (invalid payload data)"...)
131
+
case ClosePolicyViolation:
132
+
s = append(s, " (policy violation)"...)
133
+
case CloseMessageTooBig:
134
+
s = append(s, " (message too big)"...)
135
+
case CloseMandatoryExtension:
136
+
s = append(s, " (mandatory extension missing)"...)
137
+
case CloseInternalServerErr:
138
+
s = append(s, " (internal server error)"...)
139
+
case CloseTLSHandshake:
140
+
s = append(s, " (TLS handshake error)"...)
141
+
}
142
+
if e.Text != "" {
143
+
s = append(s, ": "...)
144
+
s = append(s, e.Text...)
145
+
}
146
+
return string(s)
147
+
}
148
+
149
+
// IsCloseError returns boolean indicating whether the error is a *CloseError
150
+
// with one of the specified codes.
151
+
func IsCloseError(err error, codes ...int) bool {
152
+
if e, ok := err.(*CloseError); ok {
153
+
for _, code := range codes {
154
+
if e.Code == code {
155
+
return true
156
+
}
157
+
}
158
+
}
159
+
return false
160
+
}
161
+
162
+
// IsUnexpectedCloseError returns boolean indicating whether the error is a
163
+
// *CloseError with a code not in the list of expected codes.
164
+
func IsUnexpectedCloseError(err error, expectedCodes ...int) bool {
165
+
if e, ok := err.(*CloseError); ok {
166
+
for _, code := range expectedCodes {
167
+
if e.Code == code {
168
+
return false
169
+
}
170
+
}
171
+
return true
172
+
}
173
+
return false
174
+
}
175
+
176
+
var (
177
+
errWriteTimeout = &netError{msg: "websocket: write timeout", timeout: true, temporary: true}
178
+
errUnexpectedEOF = &CloseError{Code: CloseAbnormalClosure, Text: io.ErrUnexpectedEOF.Error()}
179
+
errBadWriteOpCode = errors.New("websocket: bad write message type")
180
+
errWriteClosed = errors.New("websocket: write closed")
181
+
errInvalidControlFrame = errors.New("websocket: invalid control frame")
182
+
)
183
+
184
+
func newMaskKey() [4]byte {
185
+
n := rand.Uint32()
186
+
return [4]byte{byte(n), byte(n >> 8), byte(n >> 16), byte(n >> 24)}
187
+
}
188
+
189
+
func hideTempErr(err error) error {
190
+
if e, ok := err.(net.Error); ok && e.Temporary() {
191
+
err = &netError{msg: e.Error(), timeout: e.Timeout()}
192
+
}
193
+
return err
194
+
}
195
+
196
+
func isControl(frameType int) bool {
197
+
return frameType == CloseMessage || frameType == PingMessage || frameType == PongMessage
198
+
}
199
+
200
+
func isData(frameType int) bool {
201
+
return frameType == TextMessage || frameType == BinaryMessage
202
+
}
203
+
204
+
var validReceivedCloseCodes = map[int]bool{
205
+
// see http://www.iana.org/assignments/websocket/websocket.xhtml#close-code-number
206
+
207
+
CloseNormalClosure: true,
208
+
CloseGoingAway: true,
209
+
CloseProtocolError: true,
210
+
CloseUnsupportedData: true,
211
+
CloseNoStatusReceived: false,
212
+
CloseAbnormalClosure: false,
213
+
CloseInvalidFramePayloadData: true,
214
+
ClosePolicyViolation: true,
215
+
CloseMessageTooBig: true,
216
+
CloseMandatoryExtension: true,
217
+
CloseInternalServerErr: true,
218
+
CloseServiceRestart: true,
219
+
CloseTryAgainLater: true,
220
+
CloseTLSHandshake: false,
221
+
}
222
+
223
+
func isValidReceivedCloseCode(code int) bool {
224
+
return validReceivedCloseCodes[code] || (code >= 3000 && code <= 4999)
225
+
}
226
+
227
+
// BufferPool represents a pool of buffers. The *sync.Pool type satisfies this
228
+
// interface. The type of the value stored in a pool is not specified.
229
+
type BufferPool interface {
230
+
// Get gets a value from the pool or returns nil if the pool is empty.
231
+
Get() interface{}
232
+
// Put adds a value to the pool.
233
+
Put(interface{})
234
+
}
235
+
236
+
// writePoolData is the type added to the write buffer pool. This wrapper is
237
+
// used to prevent applications from peeking at and depending on the values
238
+
// added to the pool.
239
+
type writePoolData struct{ buf []byte }
240
+
241
+
// The Conn type represents a WebSocket connection.
242
+
type Conn struct {
243
+
conn net.Conn
244
+
isServer bool
245
+
subprotocol string
246
+
247
+
// Write fields
248
+
mu chan struct{} // used as mutex to protect write to conn
249
+
writeBuf []byte // frame is constructed in this buffer.
250
+
writePool BufferPool
251
+
writeBufSize int
252
+
writeDeadline time.Time
253
+
writer io.WriteCloser // the current writer returned to the application
254
+
isWriting bool // for best-effort concurrent write detection
255
+
256
+
writeErrMu sync.Mutex
257
+
writeErr error
258
+
259
+
enableWriteCompression bool
260
+
compressionLevel int
261
+
newCompressionWriter func(io.WriteCloser, int) io.WriteCloser
262
+
263
+
// Read fields
264
+
reader io.ReadCloser // the current reader returned to the application
265
+
readErr error
266
+
br *bufio.Reader
267
+
// bytes remaining in current frame.
268
+
// set setReadRemaining to safely update this value and prevent overflow
269
+
readRemaining int64
270
+
readFinal bool // true the current message has more frames.
271
+
readLength int64 // Message size.
272
+
readLimit int64 // Maximum message size.
273
+
readMaskPos int
274
+
readMaskKey [4]byte
275
+
handlePong func(string) error
276
+
handlePing func(string) error
277
+
handleClose func(int, string) error
278
+
readErrCount int
279
+
messageReader *messageReader // the current low-level reader
280
+
281
+
readDecompress bool // whether last read frame had RSV1 set
282
+
newDecompressionReader func(io.Reader) io.ReadCloser
283
+
}
284
+
285
+
func newConn(conn net.Conn, isServer bool, readBufferSize, writeBufferSize int, writeBufferPool BufferPool, br *bufio.Reader, writeBuf []byte) *Conn {
286
+
287
+
if br == nil {
288
+
if readBufferSize == 0 {
289
+
readBufferSize = defaultReadBufferSize
290
+
} else if readBufferSize < maxControlFramePayloadSize {
291
+
// must be large enough for control frame
292
+
readBufferSize = maxControlFramePayloadSize
293
+
}
294
+
br = bufio.NewReaderSize(conn, readBufferSize)
295
+
}
296
+
297
+
if writeBufferSize <= 0 {
298
+
writeBufferSize = defaultWriteBufferSize
299
+
}
300
+
writeBufferSize += maxFrameHeaderSize
301
+
302
+
if writeBuf == nil && writeBufferPool == nil {
303
+
writeBuf = make([]byte, writeBufferSize)
304
+
}
305
+
306
+
mu := make(chan struct{}, 1)
307
+
mu <- struct{}{}
308
+
c := &Conn{
309
+
isServer: isServer,
310
+
br: br,
311
+
conn: conn,
312
+
mu: mu,
313
+
readFinal: true,
314
+
writeBuf: writeBuf,
315
+
writePool: writeBufferPool,
316
+
writeBufSize: writeBufferSize,
317
+
enableWriteCompression: true,
318
+
compressionLevel: defaultCompressionLevel,
319
+
}
320
+
c.SetCloseHandler(nil)
321
+
c.SetPingHandler(nil)
322
+
c.SetPongHandler(nil)
323
+
return c
324
+
}
325
+
326
+
// setReadRemaining tracks the number of bytes remaining on the connection. If n
327
+
// overflows, an ErrReadLimit is returned.
328
+
func (c *Conn) setReadRemaining(n int64) error {
329
+
if n < 0 {
330
+
return ErrReadLimit
331
+
}
332
+
333
+
c.readRemaining = n
334
+
return nil
335
+
}
336
+
337
+
// Subprotocol returns the negotiated protocol for the connection.
338
+
func (c *Conn) Subprotocol() string {
339
+
return c.subprotocol
340
+
}
341
+
342
+
// Close closes the underlying network connection without sending or waiting
343
+
// for a close message.
344
+
func (c *Conn) Close() error {
345
+
return c.conn.Close()
346
+
}
347
+
348
+
// LocalAddr returns the local network address.
349
+
func (c *Conn) LocalAddr() net.Addr {
350
+
return c.conn.LocalAddr()
351
+
}
352
+
353
+
// RemoteAddr returns the remote network address.
354
+
func (c *Conn) RemoteAddr() net.Addr {
355
+
return c.conn.RemoteAddr()
356
+
}
357
+
358
+
// Write methods
359
+
360
+
func (c *Conn) writeFatal(err error) error {
361
+
err = hideTempErr(err)
362
+
c.writeErrMu.Lock()
363
+
if c.writeErr == nil {
364
+
c.writeErr = err
365
+
}
366
+
c.writeErrMu.Unlock()
367
+
return err
368
+
}
369
+
370
+
func (c *Conn) read(n int) ([]byte, error) {
371
+
p, err := c.br.Peek(n)
372
+
if err == io.EOF {
373
+
err = errUnexpectedEOF
374
+
}
375
+
c.br.Discard(len(p))
376
+
return p, err
377
+
}
378
+
379
+
func (c *Conn) write(frameType int, deadline time.Time, buf0, buf1 []byte) error {
380
+
<-c.mu
381
+
defer func() { c.mu <- struct{}{} }()
382
+
383
+
c.writeErrMu.Lock()
384
+
err := c.writeErr
385
+
c.writeErrMu.Unlock()
386
+
if err != nil {
387
+
return err
388
+
}
389
+
390
+
c.conn.SetWriteDeadline(deadline)
391
+
if len(buf1) == 0 {
392
+
_, err = c.conn.Write(buf0)
393
+
} else {
394
+
err = c.writeBufs(buf0, buf1)
395
+
}
396
+
if err != nil {
397
+
return c.writeFatal(err)
398
+
}
399
+
if frameType == CloseMessage {
400
+
c.writeFatal(ErrCloseSent)
401
+
}
402
+
return nil
403
+
}
404
+
405
+
func (c *Conn) writeBufs(bufs ...[]byte) error {
406
+
b := net.Buffers(bufs)
407
+
_, err := b.WriteTo(c.conn)
408
+
return err
409
+
}
410
+
411
+
// WriteControl writes a control message with the given deadline. The allowed
412
+
// message types are CloseMessage, PingMessage and PongMessage.
413
+
func (c *Conn) WriteControl(messageType int, data []byte, deadline time.Time) error {
414
+
if !isControl(messageType) {
415
+
return errBadWriteOpCode
416
+
}
417
+
if len(data) > maxControlFramePayloadSize {
418
+
return errInvalidControlFrame
419
+
}
420
+
421
+
b0 := byte(messageType) | finalBit
422
+
b1 := byte(len(data))
423
+
if !c.isServer {
424
+
b1 |= maskBit
425
+
}
426
+
427
+
buf := make([]byte, 0, maxFrameHeaderSize+maxControlFramePayloadSize)
428
+
buf = append(buf, b0, b1)
429
+
430
+
if c.isServer {
431
+
buf = append(buf, data...)
432
+
} else {
433
+
key := newMaskKey()
434
+
buf = append(buf, key[:]...)
435
+
buf = append(buf, data...)
436
+
maskBytes(key, 0, buf[6:])
437
+
}
438
+
439
+
d := 1000 * time.Hour
440
+
if !deadline.IsZero() {
441
+
d = deadline.Sub(time.Now())
442
+
if d < 0 {
443
+
return errWriteTimeout
444
+
}
445
+
}
446
+
447
+
timer := time.NewTimer(d)
448
+
select {
449
+
case <-c.mu:
450
+
timer.Stop()
451
+
case <-timer.C:
452
+
return errWriteTimeout
453
+
}
454
+
defer func() { c.mu <- struct{}{} }()
455
+
456
+
c.writeErrMu.Lock()
457
+
err := c.writeErr
458
+
c.writeErrMu.Unlock()
459
+
if err != nil {
460
+
return err
461
+
}
462
+
463
+
c.conn.SetWriteDeadline(deadline)
464
+
_, err = c.conn.Write(buf)
465
+
if err != nil {
466
+
return c.writeFatal(err)
467
+
}
468
+
if messageType == CloseMessage {
469
+
c.writeFatal(ErrCloseSent)
470
+
}
471
+
return err
472
+
}
473
+
474
+
// beginMessage prepares a connection and message writer for a new message.
475
+
func (c *Conn) beginMessage(mw *messageWriter, messageType int) error {
476
+
// Close previous writer if not already closed by the application. It's
477
+
// probably better to return an error in this situation, but we cannot
478
+
// change this without breaking existing applications.
479
+
if c.writer != nil {
480
+
c.writer.Close()
481
+
c.writer = nil
482
+
}
483
+
484
+
if !isControl(messageType) && !isData(messageType) {
485
+
return errBadWriteOpCode
486
+
}
487
+
488
+
c.writeErrMu.Lock()
489
+
err := c.writeErr
490
+
c.writeErrMu.Unlock()
491
+
if err != nil {
492
+
return err
493
+
}
494
+
495
+
mw.c = c
496
+
mw.frameType = messageType
497
+
mw.pos = maxFrameHeaderSize
498
+
499
+
if c.writeBuf == nil {
500
+
wpd, ok := c.writePool.Get().(writePoolData)
501
+
if ok {
502
+
c.writeBuf = wpd.buf
503
+
} else {
504
+
c.writeBuf = make([]byte, c.writeBufSize)
505
+
}
506
+
}
507
+
return nil
508
+
}
509
+
510
+
// NextWriter returns a writer for the next message to send. The writer's Close
511
+
// method flushes the complete message to the network.
512
+
//
513
+
// There can be at most one open writer on a connection. NextWriter closes the
514
+
// previous writer if the application has not already done so.
515
+
//
516
+
// All message types (TextMessage, BinaryMessage, CloseMessage, PingMessage and
517
+
// PongMessage) are supported.
518
+
func (c *Conn) NextWriter(messageType int) (io.WriteCloser, error) {
519
+
var mw messageWriter
520
+
if err := c.beginMessage(&mw, messageType); err != nil {
521
+
return nil, err
522
+
}
523
+
c.writer = &mw
524
+
if c.newCompressionWriter != nil && c.enableWriteCompression && isData(messageType) {
525
+
w := c.newCompressionWriter(c.writer, c.compressionLevel)
526
+
mw.compress = true
527
+
c.writer = w
528
+
}
529
+
return c.writer, nil
530
+
}
531
+
532
+
type messageWriter struct {
533
+
c *Conn
534
+
compress bool // whether next call to flushFrame should set RSV1
535
+
pos int // end of data in writeBuf.
536
+
frameType int // type of the current frame.
537
+
err error
538
+
}
539
+
540
+
func (w *messageWriter) endMessage(err error) error {
541
+
if w.err != nil {
542
+
return err
543
+
}
544
+
c := w.c
545
+
w.err = err
546
+
c.writer = nil
547
+
if c.writePool != nil {
548
+
c.writePool.Put(writePoolData{buf: c.writeBuf})
549
+
c.writeBuf = nil
550
+
}
551
+
return err
552
+
}
553
+
554
+
// flushFrame writes buffered data and extra as a frame to the network. The
555
+
// final argument indicates that this is the last frame in the message.
556
+
func (w *messageWriter) flushFrame(final bool, extra []byte) error {
557
+
c := w.c
558
+
length := w.pos - maxFrameHeaderSize + len(extra)
559
+
560
+
// Check for invalid control frames.
561
+
if isControl(w.frameType) &&
562
+
(!final || length > maxControlFramePayloadSize) {
563
+
return w.endMessage(errInvalidControlFrame)
564
+
}
565
+
566
+
b0 := byte(w.frameType)
567
+
if final {
568
+
b0 |= finalBit
569
+
}
570
+
if w.compress {
571
+
b0 |= rsv1Bit
572
+
}
573
+
w.compress = false
574
+
575
+
b1 := byte(0)
576
+
if !c.isServer {
577
+
b1 |= maskBit
578
+
}
579
+
580
+
// Assume that the frame starts at beginning of c.writeBuf.
581
+
framePos := 0
582
+
if c.isServer {
583
+
// Adjust up if mask not included in the header.
584
+
framePos = 4
585
+
}
586
+
587
+
switch {
588
+
case length >= 65536:
589
+
c.writeBuf[framePos] = b0
590
+
c.writeBuf[framePos+1] = b1 | 127
591
+
binary.BigEndian.PutUint64(c.writeBuf[framePos+2:], uint64(length))
592
+
case length > 125:
593
+
framePos += 6
594
+
c.writeBuf[framePos] = b0
595
+
c.writeBuf[framePos+1] = b1 | 126
596
+
binary.BigEndian.PutUint16(c.writeBuf[framePos+2:], uint16(length))
597
+
default:
598
+
framePos += 8
599
+
c.writeBuf[framePos] = b0
600
+
c.writeBuf[framePos+1] = b1 | byte(length)
601
+
}
602
+
603
+
if !c.isServer {
604
+
key := newMaskKey()
605
+
copy(c.writeBuf[maxFrameHeaderSize-4:], key[:])
606
+
maskBytes(key, 0, c.writeBuf[maxFrameHeaderSize:w.pos])
607
+
if len(extra) > 0 {
608
+
return w.endMessage(c.writeFatal(errors.New("websocket: internal error, extra used in client mode")))
609
+
}
610
+
}
611
+
612
+
// Write the buffers to the connection with best-effort detection of
613
+
// concurrent writes. See the concurrency section in the package
614
+
// documentation for more info.
615
+
616
+
if c.isWriting {
617
+
panic("concurrent write to websocket connection")
618
+
}
619
+
c.isWriting = true
620
+
621
+
err := c.write(w.frameType, c.writeDeadline, c.writeBuf[framePos:w.pos], extra)
622
+
623
+
if !c.isWriting {
624
+
panic("concurrent write to websocket connection")
625
+
}
626
+
c.isWriting = false
627
+
628
+
if err != nil {
629
+
return w.endMessage(err)
630
+
}
631
+
632
+
if final {
633
+
w.endMessage(errWriteClosed)
634
+
return nil
635
+
}
636
+
637
+
// Setup for next frame.
638
+
w.pos = maxFrameHeaderSize
639
+
w.frameType = continuationFrame
640
+
return nil
641
+
}
642
+
643
+
func (w *messageWriter) ncopy(max int) (int, error) {
644
+
n := len(w.c.writeBuf) - w.pos
645
+
if n <= 0 {
646
+
if err := w.flushFrame(false, nil); err != nil {
647
+
return 0, err
648
+
}
649
+
n = len(w.c.writeBuf) - w.pos
650
+
}
651
+
if n > max {
652
+
n = max
653
+
}
654
+
return n, nil
655
+
}
656
+
657
+
func (w *messageWriter) Write(p []byte) (int, error) {
658
+
if w.err != nil {
659
+
return 0, w.err
660
+
}
661
+
662
+
if len(p) > 2*len(w.c.writeBuf) && w.c.isServer {
663
+
// Don't buffer large messages.
664
+
err := w.flushFrame(false, p)
665
+
if err != nil {
666
+
return 0, err
667
+
}
668
+
return len(p), nil
669
+
}
670
+
671
+
nn := len(p)
672
+
for len(p) > 0 {
673
+
n, err := w.ncopy(len(p))
674
+
if err != nil {
675
+
return 0, err
676
+
}
677
+
copy(w.c.writeBuf[w.pos:], p[:n])
678
+
w.pos += n
679
+
p = p[n:]
680
+
}
681
+
return nn, nil
682
+
}
683
+
684
+
func (w *messageWriter) WriteString(p string) (int, error) {
685
+
if w.err != nil {
686
+
return 0, w.err
687
+
}
688
+
689
+
nn := len(p)
690
+
for len(p) > 0 {
691
+
n, err := w.ncopy(len(p))
692
+
if err != nil {
693
+
return 0, err
694
+
}
695
+
copy(w.c.writeBuf[w.pos:], p[:n])
696
+
w.pos += n
697
+
p = p[n:]
698
+
}
699
+
return nn, nil
700
+
}
701
+
702
+
func (w *messageWriter) ReadFrom(r io.Reader) (nn int64, err error) {
703
+
if w.err != nil {
704
+
return 0, w.err
705
+
}
706
+
for {
707
+
if w.pos == len(w.c.writeBuf) {
708
+
err = w.flushFrame(false, nil)
709
+
if err != nil {
710
+
break
711
+
}
712
+
}
713
+
var n int
714
+
n, err = r.Read(w.c.writeBuf[w.pos:])
715
+
w.pos += n
716
+
nn += int64(n)
717
+
if err != nil {
718
+
if err == io.EOF {
719
+
err = nil
720
+
}
721
+
break
722
+
}
723
+
}
724
+
return nn, err
725
+
}
726
+
727
+
func (w *messageWriter) Close() error {
728
+
if w.err != nil {
729
+
return w.err
730
+
}
731
+
return w.flushFrame(true, nil)
732
+
}
733
+
734
+
// WritePreparedMessage writes prepared message into connection.
735
+
func (c *Conn) WritePreparedMessage(pm *PreparedMessage) error {
736
+
frameType, frameData, err := pm.frame(prepareKey{
737
+
isServer: c.isServer,
738
+
compress: c.newCompressionWriter != nil && c.enableWriteCompression && isData(pm.messageType),
739
+
compressionLevel: c.compressionLevel,
740
+
})
741
+
if err != nil {
742
+
return err
743
+
}
744
+
if c.isWriting {
745
+
panic("concurrent write to websocket connection")
746
+
}
747
+
c.isWriting = true
748
+
err = c.write(frameType, c.writeDeadline, frameData, nil)
749
+
if !c.isWriting {
750
+
panic("concurrent write to websocket connection")
751
+
}
752
+
c.isWriting = false
753
+
return err
754
+
}
755
+
756
+
// WriteMessage is a helper method for getting a writer using NextWriter,
757
+
// writing the message and closing the writer.
758
+
func (c *Conn) WriteMessage(messageType int, data []byte) error {
759
+
760
+
if c.isServer && (c.newCompressionWriter == nil || !c.enableWriteCompression) {
761
+
// Fast path with no allocations and single frame.
762
+
763
+
var mw messageWriter
764
+
if err := c.beginMessage(&mw, messageType); err != nil {
765
+
return err
766
+
}
767
+
n := copy(c.writeBuf[mw.pos:], data)
768
+
mw.pos += n
769
+
data = data[n:]
770
+
return mw.flushFrame(true, data)
771
+
}
772
+
773
+
w, err := c.NextWriter(messageType)
774
+
if err != nil {
775
+
return err
776
+
}
777
+
if _, err = w.Write(data); err != nil {
778
+
return err
779
+
}
780
+
return w.Close()
781
+
}
782
+
783
+
// SetWriteDeadline sets the write deadline on the underlying network
784
+
// connection. After a write has timed out, the websocket state is corrupt and
785
+
// all future writes will return an error. A zero value for t means writes will
786
+
// not time out.
787
+
func (c *Conn) SetWriteDeadline(t time.Time) error {
788
+
c.writeDeadline = t
789
+
return nil
790
+
}
791
+
792
+
// Read methods
793
+
794
+
func (c *Conn) advanceFrame() (int, error) {
795
+
// 1. Skip remainder of previous frame.
796
+
797
+
if c.readRemaining > 0 {
798
+
if _, err := io.CopyN(ioutil.Discard, c.br, c.readRemaining); err != nil {
799
+
return noFrame, err
800
+
}
801
+
}
802
+
803
+
// 2. Read and parse first two bytes of frame header.
804
+
// To aid debugging, collect and report all errors in the first two bytes
805
+
// of the header.
806
+
807
+
var errors []string
808
+
809
+
p, err := c.read(2)
810
+
if err != nil {
811
+
return noFrame, err
812
+
}
813
+
814
+
frameType := int(p[0] & 0xf)
815
+
final := p[0]&finalBit != 0
816
+
rsv1 := p[0]&rsv1Bit != 0
817
+
rsv2 := p[0]&rsv2Bit != 0
818
+
rsv3 := p[0]&rsv3Bit != 0
819
+
mask := p[1]&maskBit != 0
820
+
c.setReadRemaining(int64(p[1] & 0x7f))
821
+
822
+
c.readDecompress = false
823
+
if rsv1 {
824
+
if c.newDecompressionReader != nil {
825
+
c.readDecompress = true
826
+
} else {
827
+
errors = append(errors, "RSV1 set")
828
+
}
829
+
}
830
+
831
+
if rsv2 {
832
+
errors = append(errors, "RSV2 set")
833
+
}
834
+
835
+
if rsv3 {
836
+
errors = append(errors, "RSV3 set")
837
+
}
838
+
839
+
switch frameType {
840
+
case CloseMessage, PingMessage, PongMessage:
841
+
if c.readRemaining > maxControlFramePayloadSize {
842
+
errors = append(errors, "len > 125 for control")
843
+
}
844
+
if !final {
845
+
errors = append(errors, "FIN not set on control")
846
+
}
847
+
case TextMessage, BinaryMessage:
848
+
if !c.readFinal {
849
+
errors = append(errors, "data before FIN")
850
+
}
851
+
c.readFinal = final
852
+
case continuationFrame:
853
+
if c.readFinal {
854
+
errors = append(errors, "continuation after FIN")
855
+
}
856
+
c.readFinal = final
857
+
default:
858
+
errors = append(errors, "bad opcode "+strconv.Itoa(frameType))
859
+
}
860
+
861
+
if mask != c.isServer {
862
+
errors = append(errors, "bad MASK")
863
+
}
864
+
865
+
if len(errors) > 0 {
866
+
return noFrame, c.handleProtocolError(strings.Join(errors, ", "))
867
+
}
868
+
869
+
// 3. Read and parse frame length as per
870
+
// https://tools.ietf.org/html/rfc6455#section-5.2
871
+
//
872
+
// The length of the "Payload data", in bytes: if 0-125, that is the payload
873
+
// length.
874
+
// - If 126, the following 2 bytes interpreted as a 16-bit unsigned
875
+
// integer are the payload length.
876
+
// - If 127, the following 8 bytes interpreted as
877
+
// a 64-bit unsigned integer (the most significant bit MUST be 0) are the
878
+
// payload length. Multibyte length quantities are expressed in network byte
879
+
// order.
880
+
881
+
switch c.readRemaining {
882
+
case 126:
883
+
p, err := c.read(2)
884
+
if err != nil {
885
+
return noFrame, err
886
+
}
887
+
888
+
if err := c.setReadRemaining(int64(binary.BigEndian.Uint16(p))); err != nil {
889
+
return noFrame, err
890
+
}
891
+
case 127:
892
+
p, err := c.read(8)
893
+
if err != nil {
894
+
return noFrame, err
895
+
}
896
+
897
+
if err := c.setReadRemaining(int64(binary.BigEndian.Uint64(p))); err != nil {
898
+
return noFrame, err
899
+
}
900
+
}
901
+
902
+
// 4. Handle frame masking.
903
+
904
+
if mask {
905
+
c.readMaskPos = 0
906
+
p, err := c.read(len(c.readMaskKey))
907
+
if err != nil {
908
+
return noFrame, err
909
+
}
910
+
copy(c.readMaskKey[:], p)
911
+
}
912
+
913
+
// 5. For text and binary messages, enforce read limit and return.
914
+
915
+
if frameType == continuationFrame || frameType == TextMessage || frameType == BinaryMessage {
916
+
917
+
c.readLength += c.readRemaining
918
+
// Don't allow readLength to overflow in the presence of a large readRemaining
919
+
// counter.
920
+
if c.readLength < 0 {
921
+
return noFrame, ErrReadLimit
922
+
}
923
+
924
+
if c.readLimit > 0 && c.readLength > c.readLimit {
925
+
c.WriteControl(CloseMessage, FormatCloseMessage(CloseMessageTooBig, ""), time.Now().Add(writeWait))
926
+
return noFrame, ErrReadLimit
927
+
}
928
+
929
+
return frameType, nil
930
+
}
931
+
932
+
// 6. Read control frame payload.
933
+
934
+
var payload []byte
935
+
if c.readRemaining > 0 {
936
+
payload, err = c.read(int(c.readRemaining))
937
+
c.setReadRemaining(0)
938
+
if err != nil {
939
+
return noFrame, err
940
+
}
941
+
if c.isServer {
942
+
maskBytes(c.readMaskKey, 0, payload)
943
+
}
944
+
}
945
+
946
+
// 7. Process control frame payload.
947
+
948
+
switch frameType {
949
+
case PongMessage:
950
+
if err := c.handlePong(string(payload)); err != nil {
951
+
return noFrame, err
952
+
}
953
+
case PingMessage:
954
+
if err := c.handlePing(string(payload)); err != nil {
955
+
return noFrame, err
956
+
}
957
+
case CloseMessage:
958
+
closeCode := CloseNoStatusReceived
959
+
closeText := ""
960
+
if len(payload) >= 2 {
961
+
closeCode = int(binary.BigEndian.Uint16(payload))
962
+
if !isValidReceivedCloseCode(closeCode) {
963
+
return noFrame, c.handleProtocolError("bad close code " + strconv.Itoa(closeCode))
964
+
}
965
+
closeText = string(payload[2:])
966
+
if !utf8.ValidString(closeText) {
967
+
return noFrame, c.handleProtocolError("invalid utf8 payload in close frame")
968
+
}
969
+
}
970
+
if err := c.handleClose(closeCode, closeText); err != nil {
971
+
return noFrame, err
972
+
}
973
+
return noFrame, &CloseError{Code: closeCode, Text: closeText}
974
+
}
975
+
976
+
return frameType, nil
977
+
}
978
+
979
+
func (c *Conn) handleProtocolError(message string) error {
980
+
data := FormatCloseMessage(CloseProtocolError, message)
981
+
if len(data) > maxControlFramePayloadSize {
982
+
data = data[:maxControlFramePayloadSize]
983
+
}
984
+
c.WriteControl(CloseMessage, data, time.Now().Add(writeWait))
985
+
return errors.New("websocket: " + message)
986
+
}
987
+
988
+
// NextReader returns the next data message received from the peer. The
989
+
// returned messageType is either TextMessage or BinaryMessage.
990
+
//
991
+
// There can be at most one open reader on a connection. NextReader discards
992
+
// the previous message if the application has not already consumed it.
993
+
//
994
+
// Applications must break out of the application's read loop when this method
995
+
// returns a non-nil error value. Errors returned from this method are
996
+
// permanent. Once this method returns a non-nil error, all subsequent calls to
997
+
// this method return the same error.
998
+
func (c *Conn) NextReader() (messageType int, r io.Reader, err error) {
999
+
// Close previous reader, only relevant for decompression.
1000
+
if c.reader != nil {
1001
+
c.reader.Close()
1002
+
c.reader = nil
1003
+
}
1004
+
1005
+
c.messageReader = nil
1006
+
c.readLength = 0
1007
+
1008
+
for c.readErr == nil {
1009
+
frameType, err := c.advanceFrame()
1010
+
if err != nil {
1011
+
c.readErr = hideTempErr(err)
1012
+
break
1013
+
}
1014
+
1015
+
if frameType == TextMessage || frameType == BinaryMessage {
1016
+
c.messageReader = &messageReader{c}
1017
+
c.reader = c.messageReader
1018
+
if c.readDecompress {
1019
+
c.reader = c.newDecompressionReader(c.reader)
1020
+
}
1021
+
return frameType, c.reader, nil
1022
+
}
1023
+
}
1024
+
1025
+
// Applications that do handle the error returned from this method spin in
1026
+
// tight loop on connection failure. To help application developers detect
1027
+
// this error, panic on repeated reads to the failed connection.
1028
+
c.readErrCount++
1029
+
if c.readErrCount >= 1000 {
1030
+
panic("repeated read on failed websocket connection")
1031
+
}
1032
+
1033
+
return noFrame, nil, c.readErr
1034
+
}
1035
+
1036
+
type messageReader struct{ c *Conn }
1037
+
1038
+
func (r *messageReader) Read(b []byte) (int, error) {
1039
+
c := r.c
1040
+
if c.messageReader != r {
1041
+
return 0, io.EOF
1042
+
}
1043
+
1044
+
for c.readErr == nil {
1045
+
1046
+
if c.readRemaining > 0 {
1047
+
if int64(len(b)) > c.readRemaining {
1048
+
b = b[:c.readRemaining]
1049
+
}
1050
+
n, err := c.br.Read(b)
1051
+
c.readErr = hideTempErr(err)
1052
+
if c.isServer {
1053
+
c.readMaskPos = maskBytes(c.readMaskKey, c.readMaskPos, b[:n])
1054
+
}
1055
+
rem := c.readRemaining
1056
+
rem -= int64(n)
1057
+
c.setReadRemaining(rem)
1058
+
if c.readRemaining > 0 && c.readErr == io.EOF {
1059
+
c.readErr = errUnexpectedEOF
1060
+
}
1061
+
return n, c.readErr
1062
+
}
1063
+
1064
+
if c.readFinal {
1065
+
c.messageReader = nil
1066
+
return 0, io.EOF
1067
+
}
1068
+
1069
+
frameType, err := c.advanceFrame()
1070
+
switch {
1071
+
case err != nil:
1072
+
c.readErr = hideTempErr(err)
1073
+
case frameType == TextMessage || frameType == BinaryMessage:
1074
+
c.readErr = errors.New("websocket: internal error, unexpected text or binary in Reader")
1075
+
}
1076
+
}
1077
+
1078
+
err := c.readErr
1079
+
if err == io.EOF && c.messageReader == r {
1080
+
err = errUnexpectedEOF
1081
+
}
1082
+
return 0, err
1083
+
}
1084
+
1085
+
func (r *messageReader) Close() error {
1086
+
return nil
1087
+
}
1088
+
1089
+
// ReadMessage is a helper method for getting a reader using NextReader and
1090
+
// reading from that reader to a buffer.
1091
+
func (c *Conn) ReadMessage() (messageType int, p []byte, err error) {
1092
+
var r io.Reader
1093
+
messageType, r, err = c.NextReader()
1094
+
if err != nil {
1095
+
return messageType, nil, err
1096
+
}
1097
+
p, err = ioutil.ReadAll(r)
1098
+
return messageType, p, err
1099
+
}
1100
+
1101
+
// SetReadDeadline sets the read deadline on the underlying network connection.
1102
+
// After a read has timed out, the websocket connection state is corrupt and
1103
+
// all future reads will return an error. A zero value for t means reads will
1104
+
// not time out.
1105
+
func (c *Conn) SetReadDeadline(t time.Time) error {
1106
+
return c.conn.SetReadDeadline(t)
1107
+
}
1108
+
1109
+
// SetReadLimit sets the maximum size in bytes for a message read from the peer. If a
1110
+
// message exceeds the limit, the connection sends a close message to the peer
1111
+
// and returns ErrReadLimit to the application.
1112
+
func (c *Conn) SetReadLimit(limit int64) {
1113
+
c.readLimit = limit
1114
+
}
1115
+
1116
+
// CloseHandler returns the current close handler
1117
+
func (c *Conn) CloseHandler() func(code int, text string) error {
1118
+
return c.handleClose
1119
+
}
1120
+
1121
+
// SetCloseHandler sets the handler for close messages received from the peer.
1122
+
// The code argument to h is the received close code or CloseNoStatusReceived
1123
+
// if the close message is empty. The default close handler sends a close
1124
+
// message back to the peer.
1125
+
//
1126
+
// The handler function is called from the NextReader, ReadMessage and message
1127
+
// reader Read methods. The application must read the connection to process
1128
+
// close messages as described in the section on Control Messages above.
1129
+
//
1130
+
// The connection read methods return a CloseError when a close message is
1131
+
// received. Most applications should handle close messages as part of their
1132
+
// normal error handling. Applications should only set a close handler when the
1133
+
// application must perform some action before sending a close message back to
1134
+
// the peer.
1135
+
func (c *Conn) SetCloseHandler(h func(code int, text string) error) {
1136
+
if h == nil {
1137
+
h = func(code int, text string) error {
1138
+
message := FormatCloseMessage(code, "")
1139
+
c.WriteControl(CloseMessage, message, time.Now().Add(writeWait))
1140
+
return nil
1141
+
}
1142
+
}
1143
+
c.handleClose = h
1144
+
}
1145
+
1146
+
// PingHandler returns the current ping handler
1147
+
func (c *Conn) PingHandler() func(appData string) error {
1148
+
return c.handlePing
1149
+
}
1150
+
1151
+
// SetPingHandler sets the handler for ping messages received from the peer.
1152
+
// The appData argument to h is the PING message application data. The default
1153
+
// ping handler sends a pong to the peer.
1154
+
//
1155
+
// The handler function is called from the NextReader, ReadMessage and message
1156
+
// reader Read methods. The application must read the connection to process
1157
+
// ping messages as described in the section on Control Messages above.
1158
+
func (c *Conn) SetPingHandler(h func(appData string) error) {
1159
+
if h == nil {
1160
+
h = func(message string) error {
1161
+
err := c.WriteControl(PongMessage, []byte(message), time.Now().Add(writeWait))
1162
+
if err == ErrCloseSent {
1163
+
return nil
1164
+
} else if e, ok := err.(net.Error); ok && e.Temporary() {
1165
+
return nil
1166
+
}
1167
+
return err
1168
+
}
1169
+
}
1170
+
c.handlePing = h
1171
+
}
1172
+
1173
+
// PongHandler returns the current pong handler
1174
+
func (c *Conn) PongHandler() func(appData string) error {
1175
+
return c.handlePong
1176
+
}
1177
+
1178
+
// SetPongHandler sets the handler for pong messages received from the peer.
1179
+
// The appData argument to h is the PONG message application data. The default
1180
+
// pong handler does nothing.
1181
+
//
1182
+
// The handler function is called from the NextReader, ReadMessage and message
1183
+
// reader Read methods. The application must read the connection to process
1184
+
// pong messages as described in the section on Control Messages above.
1185
+
func (c *Conn) SetPongHandler(h func(appData string) error) {
1186
+
if h == nil {
1187
+
h = func(string) error { return nil }
1188
+
}
1189
+
c.handlePong = h
1190
+
}
1191
+
1192
+
// NetConn returns the underlying connection that is wrapped by c.
1193
+
// Note that writing to or reading from this connection directly will corrupt the
1194
+
// WebSocket connection.
1195
+
func (c *Conn) NetConn() net.Conn {
1196
+
return c.conn
1197
+
}
1198
+
1199
+
// UnderlyingConn returns the internal net.Conn. This can be used to further
1200
+
// modifications to connection specific flags.
1201
+
// Deprecated: Use the NetConn method.
1202
+
func (c *Conn) UnderlyingConn() net.Conn {
1203
+
return c.conn
1204
+
}
1205
+
1206
+
// EnableWriteCompression enables and disables write compression of
1207
+
// subsequent text and binary messages. This function is a noop if
1208
+
// compression was not negotiated with the peer.
1209
+
func (c *Conn) EnableWriteCompression(enable bool) {
1210
+
c.enableWriteCompression = enable
1211
+
}
1212
+
1213
+
// SetCompressionLevel sets the flate compression level for subsequent text and
1214
+
// binary messages. This function is a noop if compression was not negotiated
1215
+
// with the peer. See the compress/flate package for a description of
1216
+
// compression levels.
1217
+
func (c *Conn) SetCompressionLevel(level int) error {
1218
+
if !isValidCompressionLevel(level) {
1219
+
return errors.New("websocket: invalid compression level")
1220
+
}
1221
+
c.compressionLevel = level
1222
+
return nil
1223
+
}
1224
+
1225
+
// FormatCloseMessage formats closeCode and text as a WebSocket close message.
1226
+
// An empty message is returned for code CloseNoStatusReceived.
1227
+
func FormatCloseMessage(closeCode int, text string) []byte {
1228
+
if closeCode == CloseNoStatusReceived {
1229
+
// Return empty message because it's illegal to send
1230
+
// CloseNoStatusReceived. Return non-nil value in case application
1231
+
// checks for nil.
1232
+
return []byte{}
1233
+
}
1234
+
buf := make([]byte, 2+len(text))
1235
+
binary.BigEndian.PutUint16(buf, uint16(closeCode))
1236
+
copy(buf[2:], text)
1237
+
return buf
1238
+
}
+227
server/vendor/github.com/gorilla/websocket/doc.go
+227
server/vendor/github.com/gorilla/websocket/doc.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
// Package websocket implements the WebSocket protocol defined in RFC 6455.
6
+
//
7
+
// Overview
8
+
//
9
+
// The Conn type represents a WebSocket connection. A server application calls
10
+
// the Upgrader.Upgrade method from an HTTP request handler to get a *Conn:
11
+
//
12
+
// var upgrader = websocket.Upgrader{
13
+
// ReadBufferSize: 1024,
14
+
// WriteBufferSize: 1024,
15
+
// }
16
+
//
17
+
// func handler(w http.ResponseWriter, r *http.Request) {
18
+
// conn, err := upgrader.Upgrade(w, r, nil)
19
+
// if err != nil {
20
+
// log.Println(err)
21
+
// return
22
+
// }
23
+
// ... Use conn to send and receive messages.
24
+
// }
25
+
//
26
+
// Call the connection's WriteMessage and ReadMessage methods to send and
27
+
// receive messages as a slice of bytes. This snippet of code shows how to echo
28
+
// messages using these methods:
29
+
//
30
+
// for {
31
+
// messageType, p, err := conn.ReadMessage()
32
+
// if err != nil {
33
+
// log.Println(err)
34
+
// return
35
+
// }
36
+
// if err := conn.WriteMessage(messageType, p); err != nil {
37
+
// log.Println(err)
38
+
// return
39
+
// }
40
+
// }
41
+
//
42
+
// In above snippet of code, p is a []byte and messageType is an int with value
43
+
// websocket.BinaryMessage or websocket.TextMessage.
44
+
//
45
+
// An application can also send and receive messages using the io.WriteCloser
46
+
// and io.Reader interfaces. To send a message, call the connection NextWriter
47
+
// method to get an io.WriteCloser, write the message to the writer and close
48
+
// the writer when done. To receive a message, call the connection NextReader
49
+
// method to get an io.Reader and read until io.EOF is returned. This snippet
50
+
// shows how to echo messages using the NextWriter and NextReader methods:
51
+
//
52
+
// for {
53
+
// messageType, r, err := conn.NextReader()
54
+
// if err != nil {
55
+
// return
56
+
// }
57
+
// w, err := conn.NextWriter(messageType)
58
+
// if err != nil {
59
+
// return err
60
+
// }
61
+
// if _, err := io.Copy(w, r); err != nil {
62
+
// return err
63
+
// }
64
+
// if err := w.Close(); err != nil {
65
+
// return err
66
+
// }
67
+
// }
68
+
//
69
+
// Data Messages
70
+
//
71
+
// The WebSocket protocol distinguishes between text and binary data messages.
72
+
// Text messages are interpreted as UTF-8 encoded text. The interpretation of
73
+
// binary messages is left to the application.
74
+
//
75
+
// This package uses the TextMessage and BinaryMessage integer constants to
76
+
// identify the two data message types. The ReadMessage and NextReader methods
77
+
// return the type of the received message. The messageType argument to the
78
+
// WriteMessage and NextWriter methods specifies the type of a sent message.
79
+
//
80
+
// It is the application's responsibility to ensure that text messages are
81
+
// valid UTF-8 encoded text.
82
+
//
83
+
// Control Messages
84
+
//
85
+
// The WebSocket protocol defines three types of control messages: close, ping
86
+
// and pong. Call the connection WriteControl, WriteMessage or NextWriter
87
+
// methods to send a control message to the peer.
88
+
//
89
+
// Connections handle received close messages by calling the handler function
90
+
// set with the SetCloseHandler method and by returning a *CloseError from the
91
+
// NextReader, ReadMessage or the message Read method. The default close
92
+
// handler sends a close message to the peer.
93
+
//
94
+
// Connections handle received ping messages by calling the handler function
95
+
// set with the SetPingHandler method. The default ping handler sends a pong
96
+
// message to the peer.
97
+
//
98
+
// Connections handle received pong messages by calling the handler function
99
+
// set with the SetPongHandler method. The default pong handler does nothing.
100
+
// If an application sends ping messages, then the application should set a
101
+
// pong handler to receive the corresponding pong.
102
+
//
103
+
// The control message handler functions are called from the NextReader,
104
+
// ReadMessage and message reader Read methods. The default close and ping
105
+
// handlers can block these methods for a short time when the handler writes to
106
+
// the connection.
107
+
//
108
+
// The application must read the connection to process close, ping and pong
109
+
// messages sent from the peer. If the application is not otherwise interested
110
+
// in messages from the peer, then the application should start a goroutine to
111
+
// read and discard messages from the peer. A simple example is:
112
+
//
113
+
// func readLoop(c *websocket.Conn) {
114
+
// for {
115
+
// if _, _, err := c.NextReader(); err != nil {
116
+
// c.Close()
117
+
// break
118
+
// }
119
+
// }
120
+
// }
121
+
//
122
+
// Concurrency
123
+
//
124
+
// Connections support one concurrent reader and one concurrent writer.
125
+
//
126
+
// Applications are responsible for ensuring that no more than one goroutine
127
+
// calls the write methods (NextWriter, SetWriteDeadline, WriteMessage,
128
+
// WriteJSON, EnableWriteCompression, SetCompressionLevel) concurrently and
129
+
// that no more than one goroutine calls the read methods (NextReader,
130
+
// SetReadDeadline, ReadMessage, ReadJSON, SetPongHandler, SetPingHandler)
131
+
// concurrently.
132
+
//
133
+
// The Close and WriteControl methods can be called concurrently with all other
134
+
// methods.
135
+
//
136
+
// Origin Considerations
137
+
//
138
+
// Web browsers allow Javascript applications to open a WebSocket connection to
139
+
// any host. It's up to the server to enforce an origin policy using the Origin
140
+
// request header sent by the browser.
141
+
//
142
+
// The Upgrader calls the function specified in the CheckOrigin field to check
143
+
// the origin. If the CheckOrigin function returns false, then the Upgrade
144
+
// method fails the WebSocket handshake with HTTP status 403.
145
+
//
146
+
// If the CheckOrigin field is nil, then the Upgrader uses a safe default: fail
147
+
// the handshake if the Origin request header is present and the Origin host is
148
+
// not equal to the Host request header.
149
+
//
150
+
// The deprecated package-level Upgrade function does not perform origin
151
+
// checking. The application is responsible for checking the Origin header
152
+
// before calling the Upgrade function.
153
+
//
154
+
// Buffers
155
+
//
156
+
// Connections buffer network input and output to reduce the number
157
+
// of system calls when reading or writing messages.
158
+
//
159
+
// Write buffers are also used for constructing WebSocket frames. See RFC 6455,
160
+
// Section 5 for a discussion of message framing. A WebSocket frame header is
161
+
// written to the network each time a write buffer is flushed to the network.
162
+
// Decreasing the size of the write buffer can increase the amount of framing
163
+
// overhead on the connection.
164
+
//
165
+
// The buffer sizes in bytes are specified by the ReadBufferSize and
166
+
// WriteBufferSize fields in the Dialer and Upgrader. The Dialer uses a default
167
+
// size of 4096 when a buffer size field is set to zero. The Upgrader reuses
168
+
// buffers created by the HTTP server when a buffer size field is set to zero.
169
+
// The HTTP server buffers have a size of 4096 at the time of this writing.
170
+
//
171
+
// The buffer sizes do not limit the size of a message that can be read or
172
+
// written by a connection.
173
+
//
174
+
// Buffers are held for the lifetime of the connection by default. If the
175
+
// Dialer or Upgrader WriteBufferPool field is set, then a connection holds the
176
+
// write buffer only when writing a message.
177
+
//
178
+
// Applications should tune the buffer sizes to balance memory use and
179
+
// performance. Increasing the buffer size uses more memory, but can reduce the
180
+
// number of system calls to read or write the network. In the case of writing,
181
+
// increasing the buffer size can reduce the number of frame headers written to
182
+
// the network.
183
+
//
184
+
// Some guidelines for setting buffer parameters are:
185
+
//
186
+
// Limit the buffer sizes to the maximum expected message size. Buffers larger
187
+
// than the largest message do not provide any benefit.
188
+
//
189
+
// Depending on the distribution of message sizes, setting the buffer size to
190
+
// a value less than the maximum expected message size can greatly reduce memory
191
+
// use with a small impact on performance. Here's an example: If 99% of the
192
+
// messages are smaller than 256 bytes and the maximum message size is 512
193
+
// bytes, then a buffer size of 256 bytes will result in 1.01 more system calls
194
+
// than a buffer size of 512 bytes. The memory savings is 50%.
195
+
//
196
+
// A write buffer pool is useful when the application has a modest number
197
+
// writes over a large number of connections. when buffers are pooled, a larger
198
+
// buffer size has a reduced impact on total memory use and has the benefit of
199
+
// reducing system calls and frame overhead.
200
+
//
201
+
// Compression EXPERIMENTAL
202
+
//
203
+
// Per message compression extensions (RFC 7692) are experimentally supported
204
+
// by this package in a limited capacity. Setting the EnableCompression option
205
+
// to true in Dialer or Upgrader will attempt to negotiate per message deflate
206
+
// support.
207
+
//
208
+
// var upgrader = websocket.Upgrader{
209
+
// EnableCompression: true,
210
+
// }
211
+
//
212
+
// If compression was successfully negotiated with the connection's peer, any
213
+
// message received in compressed form will be automatically decompressed.
214
+
// All Read methods will return uncompressed bytes.
215
+
//
216
+
// Per message compression of messages written to a connection can be enabled
217
+
// or disabled by calling the corresponding Conn method:
218
+
//
219
+
// conn.EnableWriteCompression(false)
220
+
//
221
+
// Currently this package does not support compression with "context takeover".
222
+
// This means that messages must be compressed and decompressed in isolation,
223
+
// without retaining sliding window or dictionary state across messages. For
224
+
// more details refer to RFC 7692.
225
+
//
226
+
// Use of compression is experimental and may result in decreased performance.
227
+
package websocket
+42
server/vendor/github.com/gorilla/websocket/join.go
+42
server/vendor/github.com/gorilla/websocket/join.go
···
1
+
// Copyright 2019 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"io"
9
+
"strings"
10
+
)
11
+
12
+
// JoinMessages concatenates received messages to create a single io.Reader.
13
+
// The string term is appended to each message. The returned reader does not
14
+
// support concurrent calls to the Read method.
15
+
func JoinMessages(c *Conn, term string) io.Reader {
16
+
return &joinReader{c: c, term: term}
17
+
}
18
+
19
+
type joinReader struct {
20
+
c *Conn
21
+
term string
22
+
r io.Reader
23
+
}
24
+
25
+
func (r *joinReader) Read(p []byte) (int, error) {
26
+
if r.r == nil {
27
+
var err error
28
+
_, r.r, err = r.c.NextReader()
29
+
if err != nil {
30
+
return 0, err
31
+
}
32
+
if r.term != "" {
33
+
r.r = io.MultiReader(r.r, strings.NewReader(r.term))
34
+
}
35
+
}
36
+
n, err := r.r.Read(p)
37
+
if err == io.EOF {
38
+
err = nil
39
+
r.r = nil
40
+
}
41
+
return n, err
42
+
}
+60
server/vendor/github.com/gorilla/websocket/json.go
+60
server/vendor/github.com/gorilla/websocket/json.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"encoding/json"
9
+
"io"
10
+
)
11
+
12
+
// WriteJSON writes the JSON encoding of v as a message.
13
+
//
14
+
// Deprecated: Use c.WriteJSON instead.
15
+
func WriteJSON(c *Conn, v interface{}) error {
16
+
return c.WriteJSON(v)
17
+
}
18
+
19
+
// WriteJSON writes the JSON encoding of v as a message.
20
+
//
21
+
// See the documentation for encoding/json Marshal for details about the
22
+
// conversion of Go values to JSON.
23
+
func (c *Conn) WriteJSON(v interface{}) error {
24
+
w, err := c.NextWriter(TextMessage)
25
+
if err != nil {
26
+
return err
27
+
}
28
+
err1 := json.NewEncoder(w).Encode(v)
29
+
err2 := w.Close()
30
+
if err1 != nil {
31
+
return err1
32
+
}
33
+
return err2
34
+
}
35
+
36
+
// ReadJSON reads the next JSON-encoded message from the connection and stores
37
+
// it in the value pointed to by v.
38
+
//
39
+
// Deprecated: Use c.ReadJSON instead.
40
+
func ReadJSON(c *Conn, v interface{}) error {
41
+
return c.ReadJSON(v)
42
+
}
43
+
44
+
// ReadJSON reads the next JSON-encoded message from the connection and stores
45
+
// it in the value pointed to by v.
46
+
//
47
+
// See the documentation for the encoding/json Unmarshal function for details
48
+
// about the conversion of JSON to a Go value.
49
+
func (c *Conn) ReadJSON(v interface{}) error {
50
+
_, r, err := c.NextReader()
51
+
if err != nil {
52
+
return err
53
+
}
54
+
err = json.NewDecoder(r).Decode(v)
55
+
if err == io.EOF {
56
+
// One value is expected in the message.
57
+
err = io.ErrUnexpectedEOF
58
+
}
59
+
return err
60
+
}
+55
server/vendor/github.com/gorilla/websocket/mask.go
+55
server/vendor/github.com/gorilla/websocket/mask.go
···
1
+
// Copyright 2016 The Gorilla WebSocket Authors. All rights reserved. Use of
2
+
// this source code is governed by a BSD-style license that can be found in the
3
+
// LICENSE file.
4
+
5
+
//go:build !appengine
6
+
// +build !appengine
7
+
8
+
package websocket
9
+
10
+
import "unsafe"
11
+
12
+
const wordSize = int(unsafe.Sizeof(uintptr(0)))
13
+
14
+
func maskBytes(key [4]byte, pos int, b []byte) int {
15
+
// Mask one byte at a time for small buffers.
16
+
if len(b) < 2*wordSize {
17
+
for i := range b {
18
+
b[i] ^= key[pos&3]
19
+
pos++
20
+
}
21
+
return pos & 3
22
+
}
23
+
24
+
// Mask one byte at a time to word boundary.
25
+
if n := int(uintptr(unsafe.Pointer(&b[0]))) % wordSize; n != 0 {
26
+
n = wordSize - n
27
+
for i := range b[:n] {
28
+
b[i] ^= key[pos&3]
29
+
pos++
30
+
}
31
+
b = b[n:]
32
+
}
33
+
34
+
// Create aligned word size key.
35
+
var k [wordSize]byte
36
+
for i := range k {
37
+
k[i] = key[(pos+i)&3]
38
+
}
39
+
kw := *(*uintptr)(unsafe.Pointer(&k))
40
+
41
+
// Mask one word at a time.
42
+
n := (len(b) / wordSize) * wordSize
43
+
for i := 0; i < n; i += wordSize {
44
+
*(*uintptr)(unsafe.Pointer(uintptr(unsafe.Pointer(&b[0])) + uintptr(i))) ^= kw
45
+
}
46
+
47
+
// Mask one byte at a time for remaining bytes.
48
+
b = b[n:]
49
+
for i := range b {
50
+
b[i] ^= key[pos&3]
51
+
pos++
52
+
}
53
+
54
+
return pos & 3
55
+
}
+16
server/vendor/github.com/gorilla/websocket/mask_safe.go
+16
server/vendor/github.com/gorilla/websocket/mask_safe.go
···
1
+
// Copyright 2016 The Gorilla WebSocket Authors. All rights reserved. Use of
2
+
// this source code is governed by a BSD-style license that can be found in the
3
+
// LICENSE file.
4
+
5
+
//go:build appengine
6
+
// +build appengine
7
+
8
+
package websocket
9
+
10
+
func maskBytes(key [4]byte, pos int, b []byte) int {
11
+
for i := range b {
12
+
b[i] ^= key[pos&3]
13
+
pos++
14
+
}
15
+
return pos & 3
16
+
}
+102
server/vendor/github.com/gorilla/websocket/prepared.go
+102
server/vendor/github.com/gorilla/websocket/prepared.go
···
1
+
// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"bytes"
9
+
"net"
10
+
"sync"
11
+
"time"
12
+
)
13
+
14
+
// PreparedMessage caches on the wire representations of a message payload.
15
+
// Use PreparedMessage to efficiently send a message payload to multiple
16
+
// connections. PreparedMessage is especially useful when compression is used
17
+
// because the CPU and memory expensive compression operation can be executed
18
+
// once for a given set of compression options.
19
+
type PreparedMessage struct {
20
+
messageType int
21
+
data []byte
22
+
mu sync.Mutex
23
+
frames map[prepareKey]*preparedFrame
24
+
}
25
+
26
+
// prepareKey defines a unique set of options to cache prepared frames in PreparedMessage.
27
+
type prepareKey struct {
28
+
isServer bool
29
+
compress bool
30
+
compressionLevel int
31
+
}
32
+
33
+
// preparedFrame contains data in wire representation.
34
+
type preparedFrame struct {
35
+
once sync.Once
36
+
data []byte
37
+
}
38
+
39
+
// NewPreparedMessage returns an initialized PreparedMessage. You can then send
40
+
// it to connection using WritePreparedMessage method. Valid wire
41
+
// representation will be calculated lazily only once for a set of current
42
+
// connection options.
43
+
func NewPreparedMessage(messageType int, data []byte) (*PreparedMessage, error) {
44
+
pm := &PreparedMessage{
45
+
messageType: messageType,
46
+
frames: make(map[prepareKey]*preparedFrame),
47
+
data: data,
48
+
}
49
+
50
+
// Prepare a plain server frame.
51
+
_, frameData, err := pm.frame(prepareKey{isServer: true, compress: false})
52
+
if err != nil {
53
+
return nil, err
54
+
}
55
+
56
+
// To protect against caller modifying the data argument, remember the data
57
+
// copied to the plain server frame.
58
+
pm.data = frameData[len(frameData)-len(data):]
59
+
return pm, nil
60
+
}
61
+
62
+
func (pm *PreparedMessage) frame(key prepareKey) (int, []byte, error) {
63
+
pm.mu.Lock()
64
+
frame, ok := pm.frames[key]
65
+
if !ok {
66
+
frame = &preparedFrame{}
67
+
pm.frames[key] = frame
68
+
}
69
+
pm.mu.Unlock()
70
+
71
+
var err error
72
+
frame.once.Do(func() {
73
+
// Prepare a frame using a 'fake' connection.
74
+
// TODO: Refactor code in conn.go to allow more direct construction of
75
+
// the frame.
76
+
mu := make(chan struct{}, 1)
77
+
mu <- struct{}{}
78
+
var nc prepareConn
79
+
c := &Conn{
80
+
conn: &nc,
81
+
mu: mu,
82
+
isServer: key.isServer,
83
+
compressionLevel: key.compressionLevel,
84
+
enableWriteCompression: true,
85
+
writeBuf: make([]byte, defaultWriteBufferSize+maxFrameHeaderSize),
86
+
}
87
+
if key.compress {
88
+
c.newCompressionWriter = compressNoContextTakeover
89
+
}
90
+
err = c.WriteMessage(pm.messageType, pm.data)
91
+
frame.data = nc.buf.Bytes()
92
+
})
93
+
return pm.messageType, frame.data, err
94
+
}
95
+
96
+
type prepareConn struct {
97
+
buf bytes.Buffer
98
+
net.Conn
99
+
}
100
+
101
+
func (pc *prepareConn) Write(p []byte) (int, error) { return pc.buf.Write(p) }
102
+
func (pc *prepareConn) SetWriteDeadline(t time.Time) error { return nil }
+77
server/vendor/github.com/gorilla/websocket/proxy.go
+77
server/vendor/github.com/gorilla/websocket/proxy.go
···
1
+
// Copyright 2017 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"bufio"
9
+
"encoding/base64"
10
+
"errors"
11
+
"net"
12
+
"net/http"
13
+
"net/url"
14
+
"strings"
15
+
)
16
+
17
+
type netDialerFunc func(network, addr string) (net.Conn, error)
18
+
19
+
func (fn netDialerFunc) Dial(network, addr string) (net.Conn, error) {
20
+
return fn(network, addr)
21
+
}
22
+
23
+
func init() {
24
+
proxy_RegisterDialerType("http", func(proxyURL *url.URL, forwardDialer proxy_Dialer) (proxy_Dialer, error) {
25
+
return &httpProxyDialer{proxyURL: proxyURL, forwardDial: forwardDialer.Dial}, nil
26
+
})
27
+
}
28
+
29
+
type httpProxyDialer struct {
30
+
proxyURL *url.URL
31
+
forwardDial func(network, addr string) (net.Conn, error)
32
+
}
33
+
34
+
func (hpd *httpProxyDialer) Dial(network string, addr string) (net.Conn, error) {
35
+
hostPort, _ := hostPortNoPort(hpd.proxyURL)
36
+
conn, err := hpd.forwardDial(network, hostPort)
37
+
if err != nil {
38
+
return nil, err
39
+
}
40
+
41
+
connectHeader := make(http.Header)
42
+
if user := hpd.proxyURL.User; user != nil {
43
+
proxyUser := user.Username()
44
+
if proxyPassword, passwordSet := user.Password(); passwordSet {
45
+
credential := base64.StdEncoding.EncodeToString([]byte(proxyUser + ":" + proxyPassword))
46
+
connectHeader.Set("Proxy-Authorization", "Basic "+credential)
47
+
}
48
+
}
49
+
50
+
connectReq := &http.Request{
51
+
Method: http.MethodConnect,
52
+
URL: &url.URL{Opaque: addr},
53
+
Host: addr,
54
+
Header: connectHeader,
55
+
}
56
+
57
+
if err := connectReq.Write(conn); err != nil {
58
+
conn.Close()
59
+
return nil, err
60
+
}
61
+
62
+
// Read response. It's OK to use and discard buffered reader here becaue
63
+
// the remote server does not speak until spoken to.
64
+
br := bufio.NewReader(conn)
65
+
resp, err := http.ReadResponse(br, connectReq)
66
+
if err != nil {
67
+
conn.Close()
68
+
return nil, err
69
+
}
70
+
71
+
if resp.StatusCode != 200 {
72
+
conn.Close()
73
+
f := strings.SplitN(resp.Status, " ", 2)
74
+
return nil, errors.New(f[1])
75
+
}
76
+
return conn, nil
77
+
}
+365
server/vendor/github.com/gorilla/websocket/server.go
+365
server/vendor/github.com/gorilla/websocket/server.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"bufio"
9
+
"errors"
10
+
"io"
11
+
"net/http"
12
+
"net/url"
13
+
"strings"
14
+
"time"
15
+
)
16
+
17
+
// HandshakeError describes an error with the handshake from the peer.
18
+
type HandshakeError struct {
19
+
message string
20
+
}
21
+
22
+
func (e HandshakeError) Error() string { return e.message }
23
+
24
+
// Upgrader specifies parameters for upgrading an HTTP connection to a
25
+
// WebSocket connection.
26
+
//
27
+
// It is safe to call Upgrader's methods concurrently.
28
+
type Upgrader struct {
29
+
// HandshakeTimeout specifies the duration for the handshake to complete.
30
+
HandshakeTimeout time.Duration
31
+
32
+
// ReadBufferSize and WriteBufferSize specify I/O buffer sizes in bytes. If a buffer
33
+
// size is zero, then buffers allocated by the HTTP server are used. The
34
+
// I/O buffer sizes do not limit the size of the messages that can be sent
35
+
// or received.
36
+
ReadBufferSize, WriteBufferSize int
37
+
38
+
// WriteBufferPool is a pool of buffers for write operations. If the value
39
+
// is not set, then write buffers are allocated to the connection for the
40
+
// lifetime of the connection.
41
+
//
42
+
// A pool is most useful when the application has a modest volume of writes
43
+
// across a large number of connections.
44
+
//
45
+
// Applications should use a single pool for each unique value of
46
+
// WriteBufferSize.
47
+
WriteBufferPool BufferPool
48
+
49
+
// Subprotocols specifies the server's supported protocols in order of
50
+
// preference. If this field is not nil, then the Upgrade method negotiates a
51
+
// subprotocol by selecting the first match in this list with a protocol
52
+
// requested by the client. If there's no match, then no protocol is
53
+
// negotiated (the Sec-Websocket-Protocol header is not included in the
54
+
// handshake response).
55
+
Subprotocols []string
56
+
57
+
// Error specifies the function for generating HTTP error responses. If Error
58
+
// is nil, then http.Error is used to generate the HTTP response.
59
+
Error func(w http.ResponseWriter, r *http.Request, status int, reason error)
60
+
61
+
// CheckOrigin returns true if the request Origin header is acceptable. If
62
+
// CheckOrigin is nil, then a safe default is used: return false if the
63
+
// Origin request header is present and the origin host is not equal to
64
+
// request Host header.
65
+
//
66
+
// A CheckOrigin function should carefully validate the request origin to
67
+
// prevent cross-site request forgery.
68
+
CheckOrigin func(r *http.Request) bool
69
+
70
+
// EnableCompression specify if the server should attempt to negotiate per
71
+
// message compression (RFC 7692). Setting this value to true does not
72
+
// guarantee that compression will be supported. Currently only "no context
73
+
// takeover" modes are supported.
74
+
EnableCompression bool
75
+
}
76
+
77
+
func (u *Upgrader) returnError(w http.ResponseWriter, r *http.Request, status int, reason string) (*Conn, error) {
78
+
err := HandshakeError{reason}
79
+
if u.Error != nil {
80
+
u.Error(w, r, status, err)
81
+
} else {
82
+
w.Header().Set("Sec-Websocket-Version", "13")
83
+
http.Error(w, http.StatusText(status), status)
84
+
}
85
+
return nil, err
86
+
}
87
+
88
+
// checkSameOrigin returns true if the origin is not set or is equal to the request host.
89
+
func checkSameOrigin(r *http.Request) bool {
90
+
origin := r.Header["Origin"]
91
+
if len(origin) == 0 {
92
+
return true
93
+
}
94
+
u, err := url.Parse(origin[0])
95
+
if err != nil {
96
+
return false
97
+
}
98
+
return equalASCIIFold(u.Host, r.Host)
99
+
}
100
+
101
+
func (u *Upgrader) selectSubprotocol(r *http.Request, responseHeader http.Header) string {
102
+
if u.Subprotocols != nil {
103
+
clientProtocols := Subprotocols(r)
104
+
for _, serverProtocol := range u.Subprotocols {
105
+
for _, clientProtocol := range clientProtocols {
106
+
if clientProtocol == serverProtocol {
107
+
return clientProtocol
108
+
}
109
+
}
110
+
}
111
+
} else if responseHeader != nil {
112
+
return responseHeader.Get("Sec-Websocket-Protocol")
113
+
}
114
+
return ""
115
+
}
116
+
117
+
// Upgrade upgrades the HTTP server connection to the WebSocket protocol.
118
+
//
119
+
// The responseHeader is included in the response to the client's upgrade
120
+
// request. Use the responseHeader to specify cookies (Set-Cookie). To specify
121
+
// subprotocols supported by the server, set Upgrader.Subprotocols directly.
122
+
//
123
+
// If the upgrade fails, then Upgrade replies to the client with an HTTP error
124
+
// response.
125
+
func (u *Upgrader) Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header) (*Conn, error) {
126
+
const badHandshake = "websocket: the client is not using the websocket protocol: "
127
+
128
+
if !tokenListContainsValue(r.Header, "Connection", "upgrade") {
129
+
return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'upgrade' token not found in 'Connection' header")
130
+
}
131
+
132
+
if !tokenListContainsValue(r.Header, "Upgrade", "websocket") {
133
+
return u.returnError(w, r, http.StatusBadRequest, badHandshake+"'websocket' token not found in 'Upgrade' header")
134
+
}
135
+
136
+
if r.Method != http.MethodGet {
137
+
return u.returnError(w, r, http.StatusMethodNotAllowed, badHandshake+"request method is not GET")
138
+
}
139
+
140
+
if !tokenListContainsValue(r.Header, "Sec-Websocket-Version", "13") {
141
+
return u.returnError(w, r, http.StatusBadRequest, "websocket: unsupported version: 13 not found in 'Sec-Websocket-Version' header")
142
+
}
143
+
144
+
if _, ok := responseHeader["Sec-Websocket-Extensions"]; ok {
145
+
return u.returnError(w, r, http.StatusInternalServerError, "websocket: application specific 'Sec-WebSocket-Extensions' headers are unsupported")
146
+
}
147
+
148
+
checkOrigin := u.CheckOrigin
149
+
if checkOrigin == nil {
150
+
checkOrigin = checkSameOrigin
151
+
}
152
+
if !checkOrigin(r) {
153
+
return u.returnError(w, r, http.StatusForbidden, "websocket: request origin not allowed by Upgrader.CheckOrigin")
154
+
}
155
+
156
+
challengeKey := r.Header.Get("Sec-Websocket-Key")
157
+
if !isValidChallengeKey(challengeKey) {
158
+
return u.returnError(w, r, http.StatusBadRequest, "websocket: not a websocket handshake: 'Sec-WebSocket-Key' header must be Base64 encoded value of 16-byte in length")
159
+
}
160
+
161
+
subprotocol := u.selectSubprotocol(r, responseHeader)
162
+
163
+
// Negotiate PMCE
164
+
var compress bool
165
+
if u.EnableCompression {
166
+
for _, ext := range parseExtensions(r.Header) {
167
+
if ext[""] != "permessage-deflate" {
168
+
continue
169
+
}
170
+
compress = true
171
+
break
172
+
}
173
+
}
174
+
175
+
h, ok := w.(http.Hijacker)
176
+
if !ok {
177
+
return u.returnError(w, r, http.StatusInternalServerError, "websocket: response does not implement http.Hijacker")
178
+
}
179
+
var brw *bufio.ReadWriter
180
+
netConn, brw, err := h.Hijack()
181
+
if err != nil {
182
+
return u.returnError(w, r, http.StatusInternalServerError, err.Error())
183
+
}
184
+
185
+
if brw.Reader.Buffered() > 0 {
186
+
netConn.Close()
187
+
return nil, errors.New("websocket: client sent data before handshake is complete")
188
+
}
189
+
190
+
var br *bufio.Reader
191
+
if u.ReadBufferSize == 0 && bufioReaderSize(netConn, brw.Reader) > 256 {
192
+
// Reuse hijacked buffered reader as connection reader.
193
+
br = brw.Reader
194
+
}
195
+
196
+
buf := bufioWriterBuffer(netConn, brw.Writer)
197
+
198
+
var writeBuf []byte
199
+
if u.WriteBufferPool == nil && u.WriteBufferSize == 0 && len(buf) >= maxFrameHeaderSize+256 {
200
+
// Reuse hijacked write buffer as connection buffer.
201
+
writeBuf = buf
202
+
}
203
+
204
+
c := newConn(netConn, true, u.ReadBufferSize, u.WriteBufferSize, u.WriteBufferPool, br, writeBuf)
205
+
c.subprotocol = subprotocol
206
+
207
+
if compress {
208
+
c.newCompressionWriter = compressNoContextTakeover
209
+
c.newDecompressionReader = decompressNoContextTakeover
210
+
}
211
+
212
+
// Use larger of hijacked buffer and connection write buffer for header.
213
+
p := buf
214
+
if len(c.writeBuf) > len(p) {
215
+
p = c.writeBuf
216
+
}
217
+
p = p[:0]
218
+
219
+
p = append(p, "HTTP/1.1 101 Switching Protocols\r\nUpgrade: websocket\r\nConnection: Upgrade\r\nSec-WebSocket-Accept: "...)
220
+
p = append(p, computeAcceptKey(challengeKey)...)
221
+
p = append(p, "\r\n"...)
222
+
if c.subprotocol != "" {
223
+
p = append(p, "Sec-WebSocket-Protocol: "...)
224
+
p = append(p, c.subprotocol...)
225
+
p = append(p, "\r\n"...)
226
+
}
227
+
if compress {
228
+
p = append(p, "Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover\r\n"...)
229
+
}
230
+
for k, vs := range responseHeader {
231
+
if k == "Sec-Websocket-Protocol" {
232
+
continue
233
+
}
234
+
for _, v := range vs {
235
+
p = append(p, k...)
236
+
p = append(p, ": "...)
237
+
for i := 0; i < len(v); i++ {
238
+
b := v[i]
239
+
if b <= 31 {
240
+
// prevent response splitting.
241
+
b = ' '
242
+
}
243
+
p = append(p, b)
244
+
}
245
+
p = append(p, "\r\n"...)
246
+
}
247
+
}
248
+
p = append(p, "\r\n"...)
249
+
250
+
// Clear deadlines set by HTTP server.
251
+
netConn.SetDeadline(time.Time{})
252
+
253
+
if u.HandshakeTimeout > 0 {
254
+
netConn.SetWriteDeadline(time.Now().Add(u.HandshakeTimeout))
255
+
}
256
+
if _, err = netConn.Write(p); err != nil {
257
+
netConn.Close()
258
+
return nil, err
259
+
}
260
+
if u.HandshakeTimeout > 0 {
261
+
netConn.SetWriteDeadline(time.Time{})
262
+
}
263
+
264
+
return c, nil
265
+
}
266
+
267
+
// Upgrade upgrades the HTTP server connection to the WebSocket protocol.
268
+
//
269
+
// Deprecated: Use websocket.Upgrader instead.
270
+
//
271
+
// Upgrade does not perform origin checking. The application is responsible for
272
+
// checking the Origin header before calling Upgrade. An example implementation
273
+
// of the same origin policy check is:
274
+
//
275
+
// if req.Header.Get("Origin") != "http://"+req.Host {
276
+
// http.Error(w, "Origin not allowed", http.StatusForbidden)
277
+
// return
278
+
// }
279
+
//
280
+
// If the endpoint supports subprotocols, then the application is responsible
281
+
// for negotiating the protocol used on the connection. Use the Subprotocols()
282
+
// function to get the subprotocols requested by the client. Use the
283
+
// Sec-Websocket-Protocol response header to specify the subprotocol selected
284
+
// by the application.
285
+
//
286
+
// The responseHeader is included in the response to the client's upgrade
287
+
// request. Use the responseHeader to specify cookies (Set-Cookie) and the
288
+
// negotiated subprotocol (Sec-Websocket-Protocol).
289
+
//
290
+
// The connection buffers IO to the underlying network connection. The
291
+
// readBufSize and writeBufSize parameters specify the size of the buffers to
292
+
// use. Messages can be larger than the buffers.
293
+
//
294
+
// If the request is not a valid WebSocket handshake, then Upgrade returns an
295
+
// error of type HandshakeError. Applications should handle this error by
296
+
// replying to the client with an HTTP error response.
297
+
func Upgrade(w http.ResponseWriter, r *http.Request, responseHeader http.Header, readBufSize, writeBufSize int) (*Conn, error) {
298
+
u := Upgrader{ReadBufferSize: readBufSize, WriteBufferSize: writeBufSize}
299
+
u.Error = func(w http.ResponseWriter, r *http.Request, status int, reason error) {
300
+
// don't return errors to maintain backwards compatibility
301
+
}
302
+
u.CheckOrigin = func(r *http.Request) bool {
303
+
// allow all connections by default
304
+
return true
305
+
}
306
+
return u.Upgrade(w, r, responseHeader)
307
+
}
308
+
309
+
// Subprotocols returns the subprotocols requested by the client in the
310
+
// Sec-Websocket-Protocol header.
311
+
func Subprotocols(r *http.Request) []string {
312
+
h := strings.TrimSpace(r.Header.Get("Sec-Websocket-Protocol"))
313
+
if h == "" {
314
+
return nil
315
+
}
316
+
protocols := strings.Split(h, ",")
317
+
for i := range protocols {
318
+
protocols[i] = strings.TrimSpace(protocols[i])
319
+
}
320
+
return protocols
321
+
}
322
+
323
+
// IsWebSocketUpgrade returns true if the client requested upgrade to the
324
+
// WebSocket protocol.
325
+
func IsWebSocketUpgrade(r *http.Request) bool {
326
+
return tokenListContainsValue(r.Header, "Connection", "upgrade") &&
327
+
tokenListContainsValue(r.Header, "Upgrade", "websocket")
328
+
}
329
+
330
+
// bufioReaderSize size returns the size of a bufio.Reader.
331
+
func bufioReaderSize(originalReader io.Reader, br *bufio.Reader) int {
332
+
// This code assumes that peek on a reset reader returns
333
+
// bufio.Reader.buf[:0].
334
+
// TODO: Use bufio.Reader.Size() after Go 1.10
335
+
br.Reset(originalReader)
336
+
if p, err := br.Peek(0); err == nil {
337
+
return cap(p)
338
+
}
339
+
return 0
340
+
}
341
+
342
+
// writeHook is an io.Writer that records the last slice passed to it vio
343
+
// io.Writer.Write.
344
+
type writeHook struct {
345
+
p []byte
346
+
}
347
+
348
+
func (wh *writeHook) Write(p []byte) (int, error) {
349
+
wh.p = p
350
+
return len(p), nil
351
+
}
352
+
353
+
// bufioWriterBuffer grabs the buffer from a bufio.Writer.
354
+
func bufioWriterBuffer(originalWriter io.Writer, bw *bufio.Writer) []byte {
355
+
// This code assumes that bufio.Writer.buf[:1] is passed to the
356
+
// bufio.Writer's underlying writer.
357
+
var wh writeHook
358
+
bw.Reset(&wh)
359
+
bw.WriteByte(0)
360
+
bw.Flush()
361
+
362
+
bw.Reset(originalWriter)
363
+
364
+
return wh.p[:cap(wh.p)]
365
+
}
+21
server/vendor/github.com/gorilla/websocket/tls_handshake.go
+21
server/vendor/github.com/gorilla/websocket/tls_handshake.go
···
1
+
//go:build go1.17
2
+
// +build go1.17
3
+
4
+
package websocket
5
+
6
+
import (
7
+
"context"
8
+
"crypto/tls"
9
+
)
10
+
11
+
func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
12
+
if err := tlsConn.HandshakeContext(ctx); err != nil {
13
+
return err
14
+
}
15
+
if !cfg.InsecureSkipVerify {
16
+
if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
17
+
return err
18
+
}
19
+
}
20
+
return nil
21
+
}
+21
server/vendor/github.com/gorilla/websocket/tls_handshake_116.go
+21
server/vendor/github.com/gorilla/websocket/tls_handshake_116.go
···
1
+
//go:build !go1.17
2
+
// +build !go1.17
3
+
4
+
package websocket
5
+
6
+
import (
7
+
"context"
8
+
"crypto/tls"
9
+
)
10
+
11
+
func doHandshake(ctx context.Context, tlsConn *tls.Conn, cfg *tls.Config) error {
12
+
if err := tlsConn.Handshake(); err != nil {
13
+
return err
14
+
}
15
+
if !cfg.InsecureSkipVerify {
16
+
if err := tlsConn.VerifyHostname(cfg.ServerName); err != nil {
17
+
return err
18
+
}
19
+
}
20
+
return nil
21
+
}
+298
server/vendor/github.com/gorilla/websocket/util.go
+298
server/vendor/github.com/gorilla/websocket/util.go
···
1
+
// Copyright 2013 The Gorilla WebSocket Authors. All rights reserved.
2
+
// Use of this source code is governed by a BSD-style
3
+
// license that can be found in the LICENSE file.
4
+
5
+
package websocket
6
+
7
+
import (
8
+
"crypto/rand"
9
+
"crypto/sha1"
10
+
"encoding/base64"
11
+
"io"
12
+
"net/http"
13
+
"strings"
14
+
"unicode/utf8"
15
+
)
16
+
17
+
var keyGUID = []byte("258EAFA5-E914-47DA-95CA-C5AB0DC85B11")
18
+
19
+
func computeAcceptKey(challengeKey string) string {
20
+
h := sha1.New()
21
+
h.Write([]byte(challengeKey))
22
+
h.Write(keyGUID)
23
+
return base64.StdEncoding.EncodeToString(h.Sum(nil))
24
+
}
25
+
26
+
func generateChallengeKey() (string, error) {
27
+
p := make([]byte, 16)
28
+
if _, err := io.ReadFull(rand.Reader, p); err != nil {
29
+
return "", err
30
+
}
31
+
return base64.StdEncoding.EncodeToString(p), nil
32
+
}
33
+
34
+
// Token octets per RFC 2616.
35
+
var isTokenOctet = [256]bool{
36
+
'!': true,
37
+
'#': true,
38
+
'$': true,
39
+
'%': true,
40
+
'&': true,
41
+
'\'': true,
42
+
'*': true,
43
+
'+': true,
44
+
'-': true,
45
+
'.': true,
46
+
'0': true,
47
+
'1': true,
48
+
'2': true,
49
+
'3': true,
50
+
'4': true,
51
+
'5': true,
52
+
'6': true,
53
+
'7': true,
54
+
'8': true,
55
+
'9': true,
56
+
'A': true,
57
+
'B': true,
58
+
'C': true,
59
+
'D': true,
60
+
'E': true,
61
+
'F': true,
62
+
'G': true,
63
+
'H': true,
64
+
'I': true,
65
+
'J': true,
66
+
'K': true,
67
+
'L': true,
68
+
'M': true,
69
+
'N': true,
70
+
'O': true,
71
+
'P': true,
72
+
'Q': true,
73
+
'R': true,
74
+
'S': true,
75
+
'T': true,
76
+
'U': true,
77
+
'W': true,
78
+
'V': true,
79
+
'X': true,
80
+
'Y': true,
81
+
'Z': true,
82
+
'^': true,
83
+
'_': true,
84
+
'`': true,
85
+
'a': true,
86
+
'b': true,
87
+
'c': true,
88
+
'd': true,
89
+
'e': true,
90
+
'f': true,
91
+
'g': true,
92
+
'h': true,
93
+
'i': true,
94
+
'j': true,
95
+
'k': true,
96
+
'l': true,
97
+
'm': true,
98
+
'n': true,
99
+
'o': true,
100
+
'p': true,
101
+
'q': true,
102
+
'r': true,
103
+
's': true,
104
+
't': true,
105
+
'u': true,
106
+
'v': true,
107
+
'w': true,
108
+
'x': true,
109
+
'y': true,
110
+
'z': true,
111
+
'|': true,
112
+
'~': true,
113
+
}
114
+
115
+
// skipSpace returns a slice of the string s with all leading RFC 2616 linear
116
+
// whitespace removed.
117
+
func skipSpace(s string) (rest string) {
118
+
i := 0
119
+
for ; i < len(s); i++ {
120
+
if b := s[i]; b != ' ' && b != '\t' {
121
+
break
122
+
}
123
+
}
124
+
return s[i:]
125
+
}
126
+
127
+
// nextToken returns the leading RFC 2616 token of s and the string following
128
+
// the token.
129
+
func nextToken(s string) (token, rest string) {
130
+
i := 0
131
+
for ; i < len(s); i++ {
132
+
if !isTokenOctet[s[i]] {
133
+
break
134
+
}
135
+
}
136
+
return s[:i], s[i:]
137
+
}
138
+
139
+
// nextTokenOrQuoted returns the leading token or quoted string per RFC 2616
140
+
// and the string following the token or quoted string.
141
+
func nextTokenOrQuoted(s string) (value string, rest string) {
142
+
if !strings.HasPrefix(s, "\"") {
143
+
return nextToken(s)
144
+
}
145
+
s = s[1:]
146
+
for i := 0; i < len(s); i++ {
147
+
switch s[i] {
148
+
case '"':
149
+
return s[:i], s[i+1:]
150
+
case '\\':
151
+
p := make([]byte, len(s)-1)
152
+
j := copy(p, s[:i])
153
+
escape := true
154
+
for i = i + 1; i < len(s); i++ {
155
+
b := s[i]
156
+
switch {
157
+
case escape:
158
+
escape = false
159
+
p[j] = b
160
+
j++
161
+
case b == '\\':
162
+
escape = true
163
+
case b == '"':
164
+
return string(p[:j]), s[i+1:]
165
+
default:
166
+
p[j] = b
167
+
j++
168
+
}
169
+
}
170
+
return "", ""
171
+
}
172
+
}
173
+
return "", ""
174
+
}
175
+
176
+
// equalASCIIFold returns true if s is equal to t with ASCII case folding as
177
+
// defined in RFC 4790.
178
+
func equalASCIIFold(s, t string) bool {
179
+
for s != "" && t != "" {
180
+
sr, size := utf8.DecodeRuneInString(s)
181
+
s = s[size:]
182
+
tr, size := utf8.DecodeRuneInString(t)
183
+
t = t[size:]
184
+
if sr == tr {
185
+
continue
186
+
}
187
+
if 'A' <= sr && sr <= 'Z' {
188
+
sr = sr + 'a' - 'A'
189
+
}
190
+
if 'A' <= tr && tr <= 'Z' {
191
+
tr = tr + 'a' - 'A'
192
+
}
193
+
if sr != tr {
194
+
return false
195
+
}
196
+
}
197
+
return s == t
198
+
}
199
+
200
+
// tokenListContainsValue returns true if the 1#token header with the given
201
+
// name contains a token equal to value with ASCII case folding.
202
+
func tokenListContainsValue(header http.Header, name string, value string) bool {
203
+
headers:
204
+
for _, s := range header[name] {
205
+
for {
206
+
var t string
207
+
t, s = nextToken(skipSpace(s))
208
+
if t == "" {
209
+
continue headers
210
+
}
211
+
s = skipSpace(s)
212
+
if s != "" && s[0] != ',' {
213
+
continue headers
214
+
}
215
+
if equalASCIIFold(t, value) {
216
+
return true
217
+
}
218
+
if s == "" {
219
+
continue headers
220
+
}
221
+
s = s[1:]
222
+
}
223
+
}
224
+
return false
225
+
}
226
+
227
+
// parseExtensions parses WebSocket extensions from a header.
228
+
func parseExtensions(header http.Header) []map[string]string {
229
+
// From RFC 6455:
230
+
//
231
+
// Sec-WebSocket-Extensions = extension-list
232
+
// extension-list = 1#extension
233
+
// extension = extension-token *( ";" extension-param )
234
+
// extension-token = registered-token
235
+
// registered-token = token
236
+
// extension-param = token [ "=" (token | quoted-string) ]
237
+
// ;When using the quoted-string syntax variant, the value
238
+
// ;after quoted-string unescaping MUST conform to the
239
+
// ;'token' ABNF.
240
+
241
+
var result []map[string]string
242
+
headers:
243
+
for _, s := range header["Sec-Websocket-Extensions"] {
244
+
for {
245
+
var t string
246
+
t, s = nextToken(skipSpace(s))
247
+
if t == "" {
248
+
continue headers
249
+
}
250
+
ext := map[string]string{"": t}
251
+
for {
252
+
s = skipSpace(s)
253
+
if !strings.HasPrefix(s, ";") {
254
+
break
255
+
}
256
+
var k string
257
+
k, s = nextToken(skipSpace(s[1:]))
258
+
if k == "" {
259
+
continue headers
260
+
}
261
+
s = skipSpace(s)
262
+
var v string
263
+
if strings.HasPrefix(s, "=") {
264
+
v, s = nextTokenOrQuoted(skipSpace(s[1:]))
265
+
s = skipSpace(s)
266
+
}
267
+
if s != "" && s[0] != ',' && s[0] != ';' {
268
+
continue headers
269
+
}
270
+
ext[k] = v
271
+
}
272
+
if s != "" && s[0] != ',' {
273
+
continue headers
274
+
}
275
+
result = append(result, ext)
276
+
if s == "" {
277
+
continue headers
278
+
}
279
+
s = s[1:]
280
+
}
281
+
}
282
+
return result
283
+
}
284
+
285
+
// isValidChallengeKey checks if the argument meets RFC6455 specification.
286
+
func isValidChallengeKey(s string) bool {
287
+
// From RFC6455:
288
+
//
289
+
// A |Sec-WebSocket-Key| header field with a base64-encoded (see
290
+
// Section 4 of [RFC4648]) value that, when decoded, is 16 bytes in
291
+
// length.
292
+
293
+
if s == "" {
294
+
return false
295
+
}
296
+
decoded, err := base64.StdEncoding.DecodeString(s)
297
+
return err == nil && len(decoded) == 16
298
+
}
+473
server/vendor/github.com/gorilla/websocket/x_net_proxy.go
+473
server/vendor/github.com/gorilla/websocket/x_net_proxy.go
···
1
+
// Code generated by golang.org/x/tools/cmd/bundle. DO NOT EDIT.
2
+
//go:generate bundle -o x_net_proxy.go golang.org/x/net/proxy
3
+
4
+
// Package proxy provides support for a variety of protocols to proxy network
5
+
// data.
6
+
//
7
+
8
+
package websocket
9
+
10
+
import (
11
+
"errors"
12
+
"io"
13
+
"net"
14
+
"net/url"
15
+
"os"
16
+
"strconv"
17
+
"strings"
18
+
"sync"
19
+
)
20
+
21
+
type proxy_direct struct{}
22
+
23
+
// Direct is a direct proxy: one that makes network connections directly.
24
+
var proxy_Direct = proxy_direct{}
25
+
26
+
func (proxy_direct) Dial(network, addr string) (net.Conn, error) {
27
+
return net.Dial(network, addr)
28
+
}
29
+
30
+
// A PerHost directs connections to a default Dialer unless the host name
31
+
// requested matches one of a number of exceptions.
32
+
type proxy_PerHost struct {
33
+
def, bypass proxy_Dialer
34
+
35
+
bypassNetworks []*net.IPNet
36
+
bypassIPs []net.IP
37
+
bypassZones []string
38
+
bypassHosts []string
39
+
}
40
+
41
+
// NewPerHost returns a PerHost Dialer that directs connections to either
42
+
// defaultDialer or bypass, depending on whether the connection matches one of
43
+
// the configured rules.
44
+
func proxy_NewPerHost(defaultDialer, bypass proxy_Dialer) *proxy_PerHost {
45
+
return &proxy_PerHost{
46
+
def: defaultDialer,
47
+
bypass: bypass,
48
+
}
49
+
}
50
+
51
+
// Dial connects to the address addr on the given network through either
52
+
// defaultDialer or bypass.
53
+
func (p *proxy_PerHost) Dial(network, addr string) (c net.Conn, err error) {
54
+
host, _, err := net.SplitHostPort(addr)
55
+
if err != nil {
56
+
return nil, err
57
+
}
58
+
59
+
return p.dialerForRequest(host).Dial(network, addr)
60
+
}
61
+
62
+
func (p *proxy_PerHost) dialerForRequest(host string) proxy_Dialer {
63
+
if ip := net.ParseIP(host); ip != nil {
64
+
for _, net := range p.bypassNetworks {
65
+
if net.Contains(ip) {
66
+
return p.bypass
67
+
}
68
+
}
69
+
for _, bypassIP := range p.bypassIPs {
70
+
if bypassIP.Equal(ip) {
71
+
return p.bypass
72
+
}
73
+
}
74
+
return p.def
75
+
}
76
+
77
+
for _, zone := range p.bypassZones {
78
+
if strings.HasSuffix(host, zone) {
79
+
return p.bypass
80
+
}
81
+
if host == zone[1:] {
82
+
// For a zone ".example.com", we match "example.com"
83
+
// too.
84
+
return p.bypass
85
+
}
86
+
}
87
+
for _, bypassHost := range p.bypassHosts {
88
+
if bypassHost == host {
89
+
return p.bypass
90
+
}
91
+
}
92
+
return p.def
93
+
}
94
+
95
+
// AddFromString parses a string that contains comma-separated values
96
+
// specifying hosts that should use the bypass proxy. Each value is either an
97
+
// IP address, a CIDR range, a zone (*.example.com) or a host name
98
+
// (localhost). A best effort is made to parse the string and errors are
99
+
// ignored.
100
+
func (p *proxy_PerHost) AddFromString(s string) {
101
+
hosts := strings.Split(s, ",")
102
+
for _, host := range hosts {
103
+
host = strings.TrimSpace(host)
104
+
if len(host) == 0 {
105
+
continue
106
+
}
107
+
if strings.Contains(host, "/") {
108
+
// We assume that it's a CIDR address like 127.0.0.0/8
109
+
if _, net, err := net.ParseCIDR(host); err == nil {
110
+
p.AddNetwork(net)
111
+
}
112
+
continue
113
+
}
114
+
if ip := net.ParseIP(host); ip != nil {
115
+
p.AddIP(ip)
116
+
continue
117
+
}
118
+
if strings.HasPrefix(host, "*.") {
119
+
p.AddZone(host[1:])
120
+
continue
121
+
}
122
+
p.AddHost(host)
123
+
}
124
+
}
125
+
126
+
// AddIP specifies an IP address that will use the bypass proxy. Note that
127
+
// this will only take effect if a literal IP address is dialed. A connection
128
+
// to a named host will never match an IP.
129
+
func (p *proxy_PerHost) AddIP(ip net.IP) {
130
+
p.bypassIPs = append(p.bypassIPs, ip)
131
+
}
132
+
133
+
// AddNetwork specifies an IP range that will use the bypass proxy. Note that
134
+
// this will only take effect if a literal IP address is dialed. A connection
135
+
// to a named host will never match.
136
+
func (p *proxy_PerHost) AddNetwork(net *net.IPNet) {
137
+
p.bypassNetworks = append(p.bypassNetworks, net)
138
+
}
139
+
140
+
// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
141
+
// "example.com" matches "example.com" and all of its subdomains.
142
+
func (p *proxy_PerHost) AddZone(zone string) {
143
+
if strings.HasSuffix(zone, ".") {
144
+
zone = zone[:len(zone)-1]
145
+
}
146
+
if !strings.HasPrefix(zone, ".") {
147
+
zone = "." + zone
148
+
}
149
+
p.bypassZones = append(p.bypassZones, zone)
150
+
}
151
+
152
+
// AddHost specifies a host name that will use the bypass proxy.
153
+
func (p *proxy_PerHost) AddHost(host string) {
154
+
if strings.HasSuffix(host, ".") {
155
+
host = host[:len(host)-1]
156
+
}
157
+
p.bypassHosts = append(p.bypassHosts, host)
158
+
}
159
+
160
+
// A Dialer is a means to establish a connection.
161
+
type proxy_Dialer interface {
162
+
// Dial connects to the given address via the proxy.
163
+
Dial(network, addr string) (c net.Conn, err error)
164
+
}
165
+
166
+
// Auth contains authentication parameters that specific Dialers may require.
167
+
type proxy_Auth struct {
168
+
User, Password string
169
+
}
170
+
171
+
// FromEnvironment returns the dialer specified by the proxy related variables in
172
+
// the environment.
173
+
func proxy_FromEnvironment() proxy_Dialer {
174
+
allProxy := proxy_allProxyEnv.Get()
175
+
if len(allProxy) == 0 {
176
+
return proxy_Direct
177
+
}
178
+
179
+
proxyURL, err := url.Parse(allProxy)
180
+
if err != nil {
181
+
return proxy_Direct
182
+
}
183
+
proxy, err := proxy_FromURL(proxyURL, proxy_Direct)
184
+
if err != nil {
185
+
return proxy_Direct
186
+
}
187
+
188
+
noProxy := proxy_noProxyEnv.Get()
189
+
if len(noProxy) == 0 {
190
+
return proxy
191
+
}
192
+
193
+
perHost := proxy_NewPerHost(proxy, proxy_Direct)
194
+
perHost.AddFromString(noProxy)
195
+
return perHost
196
+
}
197
+
198
+
// proxySchemes is a map from URL schemes to a function that creates a Dialer
199
+
// from a URL with such a scheme.
200
+
var proxy_proxySchemes map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error)
201
+
202
+
// RegisterDialerType takes a URL scheme and a function to generate Dialers from
203
+
// a URL with that scheme and a forwarding Dialer. Registered schemes are used
204
+
// by FromURL.
205
+
func proxy_RegisterDialerType(scheme string, f func(*url.URL, proxy_Dialer) (proxy_Dialer, error)) {
206
+
if proxy_proxySchemes == nil {
207
+
proxy_proxySchemes = make(map[string]func(*url.URL, proxy_Dialer) (proxy_Dialer, error))
208
+
}
209
+
proxy_proxySchemes[scheme] = f
210
+
}
211
+
212
+
// FromURL returns a Dialer given a URL specification and an underlying
213
+
// Dialer for it to make network requests.
214
+
func proxy_FromURL(u *url.URL, forward proxy_Dialer) (proxy_Dialer, error) {
215
+
var auth *proxy_Auth
216
+
if u.User != nil {
217
+
auth = new(proxy_Auth)
218
+
auth.User = u.User.Username()
219
+
if p, ok := u.User.Password(); ok {
220
+
auth.Password = p
221
+
}
222
+
}
223
+
224
+
switch u.Scheme {
225
+
case "socks5":
226
+
return proxy_SOCKS5("tcp", u.Host, auth, forward)
227
+
}
228
+
229
+
// If the scheme doesn't match any of the built-in schemes, see if it
230
+
// was registered by another package.
231
+
if proxy_proxySchemes != nil {
232
+
if f, ok := proxy_proxySchemes[u.Scheme]; ok {
233
+
return f(u, forward)
234
+
}
235
+
}
236
+
237
+
return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
238
+
}
239
+
240
+
var (
241
+
proxy_allProxyEnv = &proxy_envOnce{
242
+
names: []string{"ALL_PROXY", "all_proxy"},
243
+
}
244
+
proxy_noProxyEnv = &proxy_envOnce{
245
+
names: []string{"NO_PROXY", "no_proxy"},
246
+
}
247
+
)
248
+
249
+
// envOnce looks up an environment variable (optionally by multiple
250
+
// names) once. It mitigates expensive lookups on some platforms
251
+
// (e.g. Windows).
252
+
// (Borrowed from net/http/transport.go)
253
+
type proxy_envOnce struct {
254
+
names []string
255
+
once sync.Once
256
+
val string
257
+
}
258
+
259
+
func (e *proxy_envOnce) Get() string {
260
+
e.once.Do(e.init)
261
+
return e.val
262
+
}
263
+
264
+
func (e *proxy_envOnce) init() {
265
+
for _, n := range e.names {
266
+
e.val = os.Getenv(n)
267
+
if e.val != "" {
268
+
return
269
+
}
270
+
}
271
+
}
272
+
273
+
// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
274
+
// with an optional username and password. See RFC 1928 and RFC 1929.
275
+
func proxy_SOCKS5(network, addr string, auth *proxy_Auth, forward proxy_Dialer) (proxy_Dialer, error) {
276
+
s := &proxy_socks5{
277
+
network: network,
278
+
addr: addr,
279
+
forward: forward,
280
+
}
281
+
if auth != nil {
282
+
s.user = auth.User
283
+
s.password = auth.Password
284
+
}
285
+
286
+
return s, nil
287
+
}
288
+
289
+
type proxy_socks5 struct {
290
+
user, password string
291
+
network, addr string
292
+
forward proxy_Dialer
293
+
}
294
+
295
+
const proxy_socks5Version = 5
296
+
297
+
const (
298
+
proxy_socks5AuthNone = 0
299
+
proxy_socks5AuthPassword = 2
300
+
)
301
+
302
+
const proxy_socks5Connect = 1
303
+
304
+
const (
305
+
proxy_socks5IP4 = 1
306
+
proxy_socks5Domain = 3
307
+
proxy_socks5IP6 = 4
308
+
)
309
+
310
+
var proxy_socks5Errors = []string{
311
+
"",
312
+
"general failure",
313
+
"connection forbidden",
314
+
"network unreachable",
315
+
"host unreachable",
316
+
"connection refused",
317
+
"TTL expired",
318
+
"command not supported",
319
+
"address type not supported",
320
+
}
321
+
322
+
// Dial connects to the address addr on the given network via the SOCKS5 proxy.
323
+
func (s *proxy_socks5) Dial(network, addr string) (net.Conn, error) {
324
+
switch network {
325
+
case "tcp", "tcp6", "tcp4":
326
+
default:
327
+
return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
328
+
}
329
+
330
+
conn, err := s.forward.Dial(s.network, s.addr)
331
+
if err != nil {
332
+
return nil, err
333
+
}
334
+
if err := s.connect(conn, addr); err != nil {
335
+
conn.Close()
336
+
return nil, err
337
+
}
338
+
return conn, nil
339
+
}
340
+
341
+
// connect takes an existing connection to a socks5 proxy server,
342
+
// and commands the server to extend that connection to target,
343
+
// which must be a canonical address with a host and port.
344
+
func (s *proxy_socks5) connect(conn net.Conn, target string) error {
345
+
host, portStr, err := net.SplitHostPort(target)
346
+
if err != nil {
347
+
return err
348
+
}
349
+
350
+
port, err := strconv.Atoi(portStr)
351
+
if err != nil {
352
+
return errors.New("proxy: failed to parse port number: " + portStr)
353
+
}
354
+
if port < 1 || port > 0xffff {
355
+
return errors.New("proxy: port number out of range: " + portStr)
356
+
}
357
+
358
+
// the size here is just an estimate
359
+
buf := make([]byte, 0, 6+len(host))
360
+
361
+
buf = append(buf, proxy_socks5Version)
362
+
if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
363
+
buf = append(buf, 2 /* num auth methods */, proxy_socks5AuthNone, proxy_socks5AuthPassword)
364
+
} else {
365
+
buf = append(buf, 1 /* num auth methods */, proxy_socks5AuthNone)
366
+
}
367
+
368
+
if _, err := conn.Write(buf); err != nil {
369
+
return errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
370
+
}
371
+
372
+
if _, err := io.ReadFull(conn, buf[:2]); err != nil {
373
+
return errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
374
+
}
375
+
if buf[0] != 5 {
376
+
return errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
377
+
}
378
+
if buf[1] == 0xff {
379
+
return errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
380
+
}
381
+
382
+
// See RFC 1929
383
+
if buf[1] == proxy_socks5AuthPassword {
384
+
buf = buf[:0]
385
+
buf = append(buf, 1 /* password protocol version */)
386
+
buf = append(buf, uint8(len(s.user)))
387
+
buf = append(buf, s.user...)
388
+
buf = append(buf, uint8(len(s.password)))
389
+
buf = append(buf, s.password...)
390
+
391
+
if _, err := conn.Write(buf); err != nil {
392
+
return errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
393
+
}
394
+
395
+
if _, err := io.ReadFull(conn, buf[:2]); err != nil {
396
+
return errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
397
+
}
398
+
399
+
if buf[1] != 0 {
400
+
return errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
401
+
}
402
+
}
403
+
404
+
buf = buf[:0]
405
+
buf = append(buf, proxy_socks5Version, proxy_socks5Connect, 0 /* reserved */)
406
+
407
+
if ip := net.ParseIP(host); ip != nil {
408
+
if ip4 := ip.To4(); ip4 != nil {
409
+
buf = append(buf, proxy_socks5IP4)
410
+
ip = ip4
411
+
} else {
412
+
buf = append(buf, proxy_socks5IP6)
413
+
}
414
+
buf = append(buf, ip...)
415
+
} else {
416
+
if len(host) > 255 {
417
+
return errors.New("proxy: destination host name too long: " + host)
418
+
}
419
+
buf = append(buf, proxy_socks5Domain)
420
+
buf = append(buf, byte(len(host)))
421
+
buf = append(buf, host...)
422
+
}
423
+
buf = append(buf, byte(port>>8), byte(port))
424
+
425
+
if _, err := conn.Write(buf); err != nil {
426
+
return errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
427
+
}
428
+
429
+
if _, err := io.ReadFull(conn, buf[:4]); err != nil {
430
+
return errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
431
+
}
432
+
433
+
failure := "unknown error"
434
+
if int(buf[1]) < len(proxy_socks5Errors) {
435
+
failure = proxy_socks5Errors[buf[1]]
436
+
}
437
+
438
+
if len(failure) > 0 {
439
+
return errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
440
+
}
441
+
442
+
bytesToDiscard := 0
443
+
switch buf[3] {
444
+
case proxy_socks5IP4:
445
+
bytesToDiscard = net.IPv4len
446
+
case proxy_socks5IP6:
447
+
bytesToDiscard = net.IPv6len
448
+
case proxy_socks5Domain:
449
+
_, err := io.ReadFull(conn, buf[:1])
450
+
if err != nil {
451
+
return errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
452
+
}
453
+
bytesToDiscard = int(buf[0])
454
+
default:
455
+
return errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
456
+
}
457
+
458
+
if cap(buf) < bytesToDiscard {
459
+
buf = make([]byte, bytesToDiscard)
460
+
} else {
461
+
buf = buf[:bytesToDiscard]
462
+
}
463
+
if _, err := io.ReadFull(conn, buf); err != nil {
464
+
return errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
465
+
}
466
+
467
+
// Also need to discard the port number
468
+
if _, err := io.ReadFull(conn, buf[:2]); err != nil {
469
+
return errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
470
+
}
471
+
472
+
return nil
473
+
}
+3
server/vendor/modules.txt
+3
server/vendor/modules.txt
+16
-21
tests/e2e/proxy/migration.spec.ts
+16
-21
tests/e2e/proxy/migration.spec.ts
···
15
15
*/
16
16
17
17
import { test, expect, type Page } from '@playwright/test';
18
-
import { PROXY_BASE_URL, waitForServiceWorkerReady } from '../../helpers/proxy';
18
+
import { PROXY_BASE_URL, waitForShellReady, waitForProxiedContent } from '../../helpers/proxy';
19
19
20
20
// Constants matching those in BackgroundWorker (packages/core/src/background/worker.ts)
21
21
const MIGRATION_VERSION_KEY = 'seams-migration-version';
···
99
99
100
100
// Reload to trigger migration
101
101
await page.reload({ waitUntil: 'networkidle' });
102
-
await waitForServiceWorkerReady(page);
102
+
await waitForShellReady(page);
103
103
104
104
// Migration version key should now be set
105
105
const versionKey = await page.evaluate(
···
130
130
// Navigate to proxy and let it initialize normally
131
131
await page.goto(PROXY_BASE_URL);
132
132
await page.waitForLoadState('networkidle');
133
-
await waitForServiceWorkerReady(page);
133
+
await waitForShellReady(page);
134
134
135
135
// Get the current version
136
136
const currentVersion = await page.evaluate(
···
155
155
156
156
// Reload - migration should NOT run since version matches
157
157
await page.reload({ waitUntil: 'networkidle' });
158
-
await waitForServiceWorkerReady(page);
158
+
await waitForShellReady(page);
159
159
160
160
// OAuth session should still be there (not cleared by migration)
161
161
const postOAuth = await page.evaluate(
···
172
172
// Navigate and initialize
173
173
await page.goto(PROXY_BASE_URL);
174
174
await page.waitForLoadState('networkidle');
175
-
await waitForServiceWorkerReady(page);
175
+
await waitForShellReady(page);
176
176
177
177
// Set an old version number (simulating upgrade from old version)
178
178
// Version 0 is always outdated since current version is 1
···
188
188
189
189
// Reload to trigger migration
190
190
await page.reload({ waitUntil: 'networkidle' });
191
-
await waitForServiceWorkerReady(page);
191
+
await waitForShellReady(page);
192
192
193
193
// Version should be updated to current (1)
194
194
const newVersion = await page.evaluate(
···
212
212
213
213
// Reload to trigger fresh registration
214
214
await page.reload({ waitUntil: 'networkidle' });
215
-
await waitForServiceWorkerReady(page);
215
+
await waitForShellReady(page);
216
216
217
-
// Verify service worker is registered and controlling
218
-
const hasController = await page.evaluate(
219
-
() => navigator.serviceWorker.controller !== null
220
-
);
221
-
expect(hasController).toBe(true);
217
+
// Verify service worker is registered (wabac.js service worker)
218
+
const hasRegistration = await page.evaluate(async () => {
219
+
const registrations = await navigator.serviceWorker.getRegistrations();
220
+
return registrations.length > 0;
221
+
});
222
+
expect(hasRegistration).toBe(true);
222
223
223
224
// Verify we can navigate to a proxied URL (SW is working)
224
225
await page.evaluate(() => {
···
226
227
});
227
228
228
229
// Wait for iframe to load proxied content
229
-
await page.waitForFunction(
230
-
() => {
231
-
const iframe = document.querySelector('#content') as HTMLIFrameElement;
232
-
return iframe?.src?.includes('/w/') && iframe?.src?.includes('mp_/');
233
-
},
234
-
{ timeout: 15000 }
235
-
);
230
+
await waitForProxiedContent(page);
236
231
237
232
const iframeSrc = await page.evaluate(() => {
238
233
const iframe = document.querySelector('#content') as HTMLIFrameElement;
···
245
240
// Navigate and initialize - this creates wabac.js IndexedDB
246
241
await page.goto(`${PROXY_BASE_URL}/#https://example.com/`);
247
242
await page.waitForLoadState('networkidle');
248
-
await waitForServiceWorkerReady(page);
243
+
await waitForShellReady(page);
249
244
250
245
// Wait for proxy to initialize and potentially create IndexedDB
251
246
await page.waitForTimeout(2000);
···
266
261
267
262
// Reload to trigger migration
268
263
await page.reload({ waitUntil: 'networkidle' });
269
-
await waitForServiceWorkerReady(page);
264
+
await waitForShellReady(page);
270
265
271
266
// Wait for migration to complete
272
267
await page.waitForTimeout(1000);
+33
tests/global-setup.ts
+33
tests/global-setup.ts
···
1
+
/**
2
+
* Playwright Global Setup
3
+
*
4
+
* Runs once before all tests to verify servers are healthy.
5
+
* This catches infrastructure issues early rather than having
6
+
* individual tests fail with confusing timeout errors.
7
+
*/
8
+
9
+
import { waitForServersHealthy } from './helpers/health';
10
+
11
+
async function globalSetup() {
12
+
console.log('[global-setup] Starting server health checks...');
13
+
14
+
// Determine which servers to check based on environment
15
+
const runningProxyTests = process.env.RUN_PROXY_TESTS === '1';
16
+
const runningExtensionTests = process.env.RUN_EXTENSION_TESTS === '1';
17
+
18
+
if (runningProxyTests) {
19
+
console.log('[global-setup] Checking proxy servers (backend, CORS proxy, static server)...');
20
+
await waitForServersHealthy('proxy', { timeoutMs: 60000 });
21
+
} else if (runningExtensionTests) {
22
+
console.log('[global-setup] Checking extension servers (backend only)...');
23
+
await waitForServersHealthy('extension', { timeoutMs: 60000 });
24
+
} else {
25
+
// Default: check backend only (always needed)
26
+
console.log('[global-setup] Checking backend server...');
27
+
await waitForServersHealthy('extension', { timeoutMs: 60000 });
28
+
}
29
+
30
+
console.log('[global-setup] All required servers are healthy');
31
+
}
32
+
33
+
export default globalSetup;
+201
tests/helpers/health.ts
+201
tests/helpers/health.ts
···
1
+
/**
2
+
* Server health check utilities for E2E tests
3
+
*
4
+
* These helpers ensure all required servers are healthy before running tests,
5
+
* reducing flakiness from server startup race conditions.
6
+
*/
7
+
8
+
export const BACKEND_URL = 'http://localhost:8080';
9
+
export const CORS_PROXY_URL = 'http://127.0.0.1:8082';
10
+
export const STATIC_SERVER_URL = 'http://127.0.0.1:8081';
11
+
12
+
export interface HealthCheckResult {
13
+
healthy: boolean;
14
+
server: string;
15
+
url: string;
16
+
error?: string;
17
+
responseTime?: number;
18
+
}
19
+
20
+
/**
21
+
* Check if a server is healthy with retry logic
22
+
*/
23
+
async function checkHealth(
24
+
name: string,
25
+
url: string,
26
+
options: {
27
+
maxRetries?: number;
28
+
retryDelayMs?: number;
29
+
timeoutMs?: number;
30
+
expectedStatus?: number;
31
+
} = {}
32
+
): Promise<HealthCheckResult> {
33
+
const {
34
+
maxRetries = 5,
35
+
retryDelayMs = 1000,
36
+
timeoutMs = 5000,
37
+
expectedStatus = 200,
38
+
} = options;
39
+
40
+
let lastError: string | undefined;
41
+
42
+
for (let attempt = 1; attempt <= maxRetries; attempt++) {
43
+
const startTime = Date.now();
44
+
45
+
try {
46
+
const controller = new AbortController();
47
+
const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
48
+
49
+
const response = await fetch(url, {
50
+
signal: controller.signal,
51
+
// Prevent caching
52
+
headers: { 'Cache-Control': 'no-cache' },
53
+
});
54
+
55
+
clearTimeout(timeoutId);
56
+
const responseTime = Date.now() - startTime;
57
+
58
+
if (response.status === expectedStatus) {
59
+
return {
60
+
healthy: true,
61
+
server: name,
62
+
url,
63
+
responseTime,
64
+
};
65
+
}
66
+
67
+
lastError = `Expected status ${expectedStatus}, got ${response.status}`;
68
+
} catch (err) {
69
+
const errorMessage =
70
+
err instanceof Error ? err.message : 'Unknown error';
71
+
lastError =
72
+
errorMessage === 'The operation was aborted'
73
+
? `Timeout after ${timeoutMs}ms`
74
+
: errorMessage;
75
+
}
76
+
77
+
// Wait before retry (exponential backoff)
78
+
if (attempt < maxRetries) {
79
+
const delay = retryDelayMs * Math.pow(1.5, attempt - 1);
80
+
await new Promise((resolve) => setTimeout(resolve, delay));
81
+
}
82
+
}
83
+
84
+
return {
85
+
healthy: false,
86
+
server: name,
87
+
url,
88
+
error: `Failed after ${maxRetries} attempts: ${lastError}`,
89
+
};
90
+
}
91
+
92
+
/**
93
+
* Check if the Go backend server is healthy
94
+
*/
95
+
export async function checkBackendHealth(): Promise<HealthCheckResult> {
96
+
return checkHealth('Backend Server', `${BACKEND_URL}/health`);
97
+
}
98
+
99
+
/**
100
+
* Check if the CORS proxy is healthy
101
+
*/
102
+
export async function checkCorsProxyHealth(): Promise<HealthCheckResult> {
103
+
return checkHealth('CORS Proxy', `${CORS_PROXY_URL}/healthz`);
104
+
}
105
+
106
+
/**
107
+
* Check if the static server (proxy client) is healthy
108
+
*/
109
+
export async function checkStaticServerHealth(): Promise<HealthCheckResult> {
110
+
// Static server doesn't have a dedicated health endpoint, check root
111
+
return checkHealth('Static Server', `${STATIC_SERVER_URL}/`);
112
+
}
113
+
114
+
/**
115
+
* Check all servers required for proxy tests
116
+
*/
117
+
export async function checkAllProxyServersHealth(): Promise<{
118
+
allHealthy: boolean;
119
+
results: HealthCheckResult[];
120
+
}> {
121
+
const results = await Promise.all([
122
+
checkBackendHealth(),
123
+
checkCorsProxyHealth(),
124
+
checkStaticServerHealth(),
125
+
]);
126
+
127
+
return {
128
+
allHealthy: results.every((r) => r.healthy),
129
+
results,
130
+
};
131
+
}
132
+
133
+
/**
134
+
* Check servers required for extension tests (just backend)
135
+
*/
136
+
export async function checkExtensionServersHealth(): Promise<{
137
+
allHealthy: boolean;
138
+
results: HealthCheckResult[];
139
+
}> {
140
+
const results = await Promise.all([checkBackendHealth()]);
141
+
142
+
return {
143
+
allHealthy: results.every((r) => r.healthy),
144
+
results,
145
+
};
146
+
}
147
+
148
+
/**
149
+
* Wait for all servers to be healthy, throwing if they don't become healthy
150
+
* within the timeout period.
151
+
*
152
+
* This is useful in global setup to fail fast if servers aren't starting.
153
+
*/
154
+
export async function waitForServersHealthy(
155
+
servers: 'proxy' | 'extension',
156
+
options: { timeoutMs?: number; pollIntervalMs?: number } = {}
157
+
): Promise<void> {
158
+
const { timeoutMs = 30000, pollIntervalMs = 2000 } = options;
159
+
const startTime = Date.now();
160
+
161
+
const checkFn =
162
+
servers === 'proxy'
163
+
? checkAllProxyServersHealth
164
+
: checkExtensionServersHealth;
165
+
166
+
while (Date.now() - startTime < timeoutMs) {
167
+
const { allHealthy, results } = await checkFn();
168
+
169
+
if (allHealthy) {
170
+
console.log(`[health] All ${servers} servers healthy:`);
171
+
for (const result of results) {
172
+
console.log(
173
+
` - ${result.server}: ${result.responseTime}ms`
174
+
);
175
+
}
176
+
return;
177
+
}
178
+
179
+
// Log unhealthy servers
180
+
const unhealthy = results.filter((r) => !r.healthy);
181
+
console.log(
182
+
`[health] Waiting for servers (${Math.round((Date.now() - startTime) / 1000)}s elapsed):`
183
+
);
184
+
for (const result of unhealthy) {
185
+
console.log(` - ${result.server}: ${result.error}`);
186
+
}
187
+
188
+
await new Promise((resolve) => setTimeout(resolve, pollIntervalMs));
189
+
}
190
+
191
+
// Final check and throw with details
192
+
const { results } = await checkFn();
193
+
const unhealthy = results.filter((r) => !r.healthy);
194
+
const details = unhealthy
195
+
.map((r) => `${r.server} (${r.url}): ${r.error}`)
196
+
.join('\n ');
197
+
198
+
throw new Error(
199
+
`Servers failed to become healthy within ${timeoutMs}ms:\n ${details}`
200
+
);
201
+
}
+180
-124
tests/helpers/proxy.ts
+180
-124
tests/helpers/proxy.ts
···
1
1
/**
2
2
* Playwright helpers for proxy client testing
3
-
*
4
-
* Note: Proxy servers are started automatically by playwright.config.ts webServer config.
5
-
* The startProxyServers/stopProxyServers functions are kept for manual testing but are
6
-
* no-ops when servers are already running.
3
+
*
4
+
* The proxy uses wabac.js which has its own service worker architecture.
5
+
* Rather than waiting for low-level SW controller state, we wait for
6
+
* the application to be functional (SeamsShell ready, iframe loaded).
7
7
*/
8
8
9
9
import { type Page, type BrowserContext, type Browser } from '@playwright/test';
···
12
12
13
13
/**
14
14
* Creates a fresh browser context for proxy tests.
15
-
* This ensures service worker state doesn't leak between tests.
16
15
*/
17
16
export async function createProxyContext(browser: Browser): Promise<BrowserContext> {
18
17
const context = await browser.newContext({
19
-
// Ensure we have a fresh service worker state
20
18
serviceWorkers: 'allow',
21
19
});
22
20
return context;
23
21
}
24
22
25
23
/**
26
-
* Waits for the wabac.js service worker to be fully initialized.
27
-
* This includes:
28
-
* 1. Service worker registration
29
-
* 2. Service worker controller activation
30
-
* 3. Collection added (proxy ready)
24
+
* Cleans up all proxy-related state to ensure test isolation.
25
+
* Call this before tests that need a fresh state.
31
26
*/
32
-
export async function waitForServiceWorkerReady(
27
+
export async function cleanupProxyState(page: Page): Promise<void> {
28
+
const currentUrl = page.url();
29
+
if (!currentUrl.startsWith(PROXY_BASE_URL)) {
30
+
await page.goto(PROXY_BASE_URL, { waitUntil: 'domcontentloaded' });
31
+
}
32
+
33
+
// Unregister all service workers
34
+
await page.evaluate(async () => {
35
+
const registrations = await navigator.serviceWorker.getRegistrations();
36
+
await Promise.all(registrations.map((r) => r.unregister()));
37
+
});
38
+
39
+
// Clear storage
40
+
await page.evaluate(() => {
41
+
localStorage.clear();
42
+
sessionStorage.clear();
43
+
});
44
+
45
+
// Clear IndexedDB databases
46
+
await page.evaluate(async () => {
47
+
if (indexedDB.databases) {
48
+
const databases = await indexedDB.databases();
49
+
for (const db of databases) {
50
+
if (db.name) {
51
+
indexedDB.deleteDatabase(db.name);
52
+
}
53
+
}
54
+
}
55
+
});
56
+
57
+
// Clear caches
58
+
await page.evaluate(async () => {
59
+
if ('caches' in window) {
60
+
const cacheNames = await caches.keys();
61
+
await Promise.all(cacheNames.map((name) => caches.delete(name)));
62
+
}
63
+
});
64
+
}
65
+
66
+
/**
67
+
* Waits for the proxy shell to be ready.
68
+
* This is the key indicator that the proxy is functional.
69
+
*/
70
+
export async function waitForShellReady(
33
71
page: Page,
34
-
timeout: number = 15000
72
+
timeout: number = 30000
35
73
): Promise<void> {
36
74
await page.waitForFunction(
37
75
() => {
38
-
// Check if service worker controller exists
39
-
if (!navigator.serviceWorker.controller) {
76
+
// Check if SeamsShell is available (main indicator of shell readiness)
77
+
if (typeof (window as any).SeamsShell === 'undefined') {
40
78
return false;
41
79
}
42
-
// Check if SeamsLiveProxy is initialized (it sets up after collAdded)
43
-
const proxy = (window as any).proxy;
44
-
if (proxy && typeof proxy.url !== 'undefined') {
45
-
return true;
46
-
}
47
-
// Fallback: check if the shell is ready (loaded after proxy init)
48
-
return typeof (window as any).SeamsShell !== 'undefined';
80
+
// Check if sidebar component is rendered
81
+
const sidebar = document.querySelector('seams-sidebar');
82
+
return sidebar !== null;
49
83
},
50
84
{ timeout }
51
85
);
52
86
}
53
87
54
88
/**
55
-
* Checks if proxy servers are already running (started by playwright webServer config)
89
+
* Waits for the wabac.js proxy to be fully initialized.
90
+
* This is required before hash-based navigation will work.
91
+
*
92
+
* The proxy object is created by loadwabac.js and needs to:
93
+
* 1. Register the service worker
94
+
* 2. Set up the live proxy collection
95
+
* 3. Set up event listeners (including hashchange)
96
+
*
97
+
* Note: The proxy variable is defined in an inline script and may not be
98
+
* directly accessible as window.proxy. We check for SeamsLiveProxy on window
99
+
* and service worker registration as proxies for readiness.
56
100
*/
57
-
export async function isProxyRunning(): Promise<boolean> {
58
-
try {
59
-
const response = await fetch(`${PROXY_BASE_URL}/`);
60
-
return response.ok;
61
-
} catch {
62
-
return false;
63
-
}
64
-
}
101
+
export async function waitForProxyReady(
102
+
page: Page,
103
+
timeout: number = 30000
104
+
): Promise<void> {
105
+
// Wait for page to be fully loaded (including scripts)
106
+
await page.waitForLoadState('networkidle');
65
107
66
-
/**
67
-
* No-op - servers are started by playwright.config.ts webServer
68
-
* Kept for API compatibility
69
-
*/
70
-
export async function startProxyServers(): Promise<{ url: string }> {
71
-
// Servers are started by playwright webServer config
72
-
// Just verify they're running
73
-
const running = await isProxyRunning();
74
-
if (!running) {
75
-
throw new Error('Proxy servers not running. They should be started by playwright webServer config.');
76
-
}
77
-
return { url: PROXY_BASE_URL };
108
+
// Wait for service worker to be registered and controlling
109
+
// This is a strong indicator that wabac.js has initialized
110
+
await page.waitForFunction(
111
+
async () => {
112
+
// Check if SeamsLiveProxy class is available (loadwabac.js loaded)
113
+
if (typeof (window as any).SeamsLiveProxy === 'undefined') {
114
+
return false;
115
+
}
116
+
117
+
// Check for service worker registration (wabac.js creates one)
118
+
const registrations = await navigator.serviceWorker.getRegistrations();
119
+
if (registrations.length === 0) {
120
+
return false;
121
+
}
122
+
123
+
// Check if any registration has an active worker
124
+
const hasActiveWorker = registrations.some((r) => r.active !== null);
125
+
if (!hasActiveWorker) {
126
+
return false;
127
+
}
128
+
129
+
// Check if the content iframe exists (DOM is ready)
130
+
const iframe = document.querySelector('#content');
131
+
if (!iframe) {
132
+
return false;
133
+
}
134
+
135
+
return true;
136
+
},
137
+
{ timeout }
138
+
);
78
139
}
79
140
80
141
/**
81
-
* No-op - servers are stopped by playwright after tests
82
-
* Kept for API compatibility
142
+
* Waits for a service worker to be registered.
143
+
* This is a basic check, not waiting for controller.
83
144
*/
84
-
export async function stopProxyServers(): Promise<void> {
85
-
// Servers are managed by playwright webServer config
145
+
export async function waitForServiceWorkerRegistered(
146
+
page: Page,
147
+
timeout: number = 15000
148
+
): Promise<void> {
149
+
await page.waitForFunction(
150
+
async () => {
151
+
const registrations = await navigator.serviceWorker.getRegistrations();
152
+
return registrations.length > 0;
153
+
},
154
+
{ timeout }
155
+
);
86
156
}
87
157
88
158
/**
89
-
* Navigates to a proxied URL with proper service worker initialization.
159
+
* Waits for the content iframe to have proxied content loaded.
90
160
*
91
-
* This function ensures the service worker is fully ready before proceeding,
92
-
* which prevents race conditions that can cause page crashes.
161
+
* NOTE: This is currently unreliable in headless test environments because
162
+
* the wabac.js service worker doesn't consistently intercept requests.
163
+
* Use with caution or set a generous timeout.
93
164
*/
94
-
export async function navigateToProxiedUrl(
165
+
export async function waitForProxiedContent(
95
166
page: Page,
96
-
targetUrl: string
167
+
timeout: number = 30000
97
168
): Promise<void> {
98
-
// First, go to the base URL without a hash to initialize the service worker
99
-
const currentUrl = page.url();
100
-
const isAlreadyOnProxy = currentUrl.startsWith(PROXY_BASE_URL);
101
-
102
-
if (!isAlreadyOnProxy) {
103
-
// Navigate to base URL first to initialize service worker
104
-
await page.goto(PROXY_BASE_URL);
105
-
await page.waitForLoadState('domcontentloaded');
106
-
107
-
// Wait for service worker to be fully initialized
108
-
await waitForServiceWorkerReady(page);
109
-
}
110
-
111
-
// Now navigate to the target URL via hash change
112
-
// This avoids a full page reload and uses the already-initialized service worker
113
-
await page.evaluate((url) => {
114
-
window.location.hash = url;
115
-
}, targetUrl);
116
-
117
-
// Wait for the iframe to load the proxied content
169
+
// Wait for iframe src to be set with wabac.js URL pattern
118
170
await page.waitForFunction(
119
-
(expectedUrl) => {
171
+
() => {
120
172
const iframe = document.querySelector('#content') as HTMLIFrameElement;
121
173
if (!iframe) return false;
122
-
123
-
// Check if iframe has loaded (src is set and contains the URL pattern)
124
174
const src = iframe.src || '';
175
+
// wabac.js URLs contain /w/ and mp_/ patterns
125
176
return src.includes('/w/') && src.includes('mp_/');
126
177
},
127
-
targetUrl,
128
-
{ timeout: 15000 }
178
+
{ timeout }
129
179
);
130
-
131
-
// Wait for the content iframe to be accessible
132
-
await page.frameLocator('iframe').first().locator('body').waitFor({
133
-
state: 'attached',
134
-
timeout: 15000
135
-
});
180
+
181
+
// Wait for iframe body to be accessible
182
+
await page
183
+
.frameLocator('iframe')
184
+
.first()
185
+
.locator('body')
186
+
.waitFor({ state: 'attached', timeout: 10000 });
136
187
}
137
188
138
189
/**
139
-
* Gets the content iframe
190
+
* Navigates to a proxied URL.
191
+
*
192
+
* This mirrors the approach in test "navigates to URL via hash":
193
+
* 1. Go to proxy base URL and wait for networkidle
194
+
* 2. Fill URL input and click Go
195
+
* 3. Wait for hash to be updated
196
+
* 4. Wait for sidebar/shell to be ready
197
+
*
198
+
* NOTE: We don't wait for the iframe to have proxied content because the
199
+
* service worker pipeline is flaky in headless test environments. The tests
200
+
* focus on sidebar behavior, not the proxy content loading itself.
140
201
*/
141
-
export async function getContentFrame(page: Page): Promise<Page | null> {
142
-
// The proxied content is in an iframe
143
-
const frame = page.frameLocator('iframe').first();
202
+
export async function navigateToProxiedUrl(
203
+
page: Page,
204
+
targetUrl: string,
205
+
options: { forceCleanState?: boolean; timeout?: number } = {}
206
+
): Promise<void> {
207
+
const { forceCleanState = false, timeout = 45000 } = options;
208
+
209
+
// Optionally clean state for isolation
210
+
if (forceCleanState) {
211
+
await cleanupProxyState(page);
212
+
}
144
213
145
-
// Return the frame's page context
146
-
// Note: Playwright's frameLocator is different from a page, but we can
147
-
// interact with elements through it
148
-
return null; // Return null as we should use frameLocator for interactions
214
+
const currentUrl = page.url();
215
+
const isAlreadyOnProxy = currentUrl.startsWith(PROXY_BASE_URL);
216
+
217
+
// Navigate to base URL if not already there
218
+
// Use networkidle to ensure proxy.init() completes
219
+
if (!isAlreadyOnProxy || forceCleanState) {
220
+
await page.goto(PROXY_BASE_URL, { waitUntil: 'networkidle' });
221
+
}
222
+
223
+
// Navigate via the URL input and Go button (matches user interaction)
224
+
await page.fill('#urlInput', targetUrl);
225
+
await page.click('button:text("Go")');
226
+
227
+
// Wait for hash to be updated (confirms navigation triggered)
228
+
await page.waitForURL(/.*#/, { timeout: 5000 });
229
+
230
+
// Wait for shell to be ready (sidebar initialized)
231
+
await waitForShellReady(page, timeout);
232
+
233
+
// Give the app a moment to process the navigation
234
+
await page.waitForTimeout(1000);
149
235
}
150
236
151
237
/**
152
-
* Interacts with elements in the proxied content iframe
238
+
* Gets the content iframe's frame locator for interacting with proxied content
153
239
*/
154
240
export function getProxiedContent(page: Page) {
155
241
return page.frameLocator('iframe').first();
···
157
243
158
244
/**
159
245
* Gets the sidebar element on the proxy page
160
-
* The sidebar is a <seams-sidebar> web component with Shadow DOM
161
246
*/
162
247
export function getSidebar(page: Page) {
163
248
return page.locator('seams-sidebar');
···
165
250
166
251
/**
167
252
* Waits for annotations in the proxy sidebar
168
-
* Note: The sidebar uses Shadow DOM, so we need to query inside the shadow root
169
253
*/
170
254
export async function waitForProxyAnnotations(
171
255
page: Page,
···
180
264
state: 'attached',
181
265
});
182
266
183
-
// For waitForFunction, we need to manually traverse shadow roots
184
267
await page.waitForFunction(
185
268
(count) => {
186
269
const sidebarEl = document.querySelector('seams-sidebar');
187
270
if (!sidebarEl?.shadowRoot) return false;
188
-
189
-
// Query inside the sidebar's shadow root
271
+
190
272
const container = sidebarEl.shadowRoot.querySelector('#sidebar-container');
191
273
if (!container) return false;
192
-
193
-
// seams-annotation-card is a nested web component with its own shadow root
194
-
// but the elements themselves are in the sidebar's shadow DOM
274
+
195
275
const cards = container.querySelectorAll('seams-annotation-card');
196
276
return cards.length >= count;
197
277
},
···
222
302
export async function toggleSidebar(page: Page): Promise<void> {
223
303
const toggle = page.locator('#toggle-btn').first();
224
304
await toggle.click();
225
-
}
226
-
227
-
228
-
229
-
/**
230
-
* Waits for the shell to be initialized (SeamsShell global available)
231
-
* and the sidebar component to be rendered.
232
-
*/
233
-
export async function waitForShellReady(
234
-
page: Page,
235
-
timeout: number = 10000
236
-
): Promise<void> {
237
-
await page.waitForFunction(
238
-
() => {
239
-
// Check shell is available
240
-
if (typeof (window as any).SeamsShell === 'undefined') {
241
-
return false;
242
-
}
243
-
// Check sidebar component is rendered
244
-
const sidebar = document.querySelector('seams-sidebar');
245
-
return sidebar !== null;
246
-
},
247
-
{ timeout }
248
-
);
249
305
}
250
306
251
307
/**
+7
-4
tests/playwright.config.ts
+7
-4
tests/playwright.config.ts
···
33
33
workers: 1, // Extension tests need single worker
34
34
reporter: [['html', { outputFolder: '../playwright-report' }], ['list']],
35
35
36
+
// Global setup verifies all servers are healthy before running any tests
37
+
globalSetup: require.resolve('./global-setup'),
38
+
36
39
use: {
37
40
trace: 'on-first-retry',
38
41
screenshot: 'only-on-failure',
···
98
101
cwd: PROXY_DIR,
99
102
url: 'http://127.0.0.1:8081',
100
103
reuseExistingServer: !process.env.CI,
101
-
timeout: 15000,
104
+
timeout: 30000,
102
105
},
103
-
// CORS proxy (for proxy tests)
106
+
// CORS proxy (for proxy tests) - use /healthz endpoint for reliable health check
104
107
{
105
108
command: 'npx tsx cors-proxy/index.ts',
106
109
cwd: PROXY_DIR,
107
-
url: 'http://127.0.0.1:8082',
110
+
url: 'http://127.0.0.1:8082/healthz',
108
111
reuseExistingServer: !process.env.CI,
109
-
timeout: 15000,
112
+
timeout: 30000,
110
113
env: {
111
114
PORT: '8082',
112
115
},
+71
-71
wxt.config.ts
+71
-71
wxt.config.ts
···
2
2
import { injectOauthEnvForExtension } from './scripts/inject-oauth-plugin';
3
3
4
4
export default defineConfig({
5
-
hooks: {
6
-
'build:manifestGenerated': (wxt, manifest) => {
7
-
// Add default_icon to sidebar_action for Firefox
8
-
if (wxt.config.browser === 'firefox' && manifest.sidebar_action) {
9
-
manifest.sidebar_action.default_icon = {
10
-
"16": "icon-16.png",
11
-
"32": "icon-32.png",
12
-
};
13
-
}
14
-
},
15
-
},
16
-
manifest: (env) => ({
17
-
name: 'Seams',
18
-
description: 'Web annotations on AT Protocol',
19
-
// Include key for development, but exclude for production Chrome Web Store upload
20
-
...(env.browser === 'chrome' && env.mode !== 'production' && {
21
-
key: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv6hsV+VmGtQB8kZFQE0x0VYvhH0Lq2GzDhKZHh9BvPZLmFJQjXqzD9K0UzXxMXBj8FqV3WEJ9xFzDqJc+hKRBqJFQp0vXYrG8hVLVsqxW2wYpF1K8ZqMH3J0V2VB9C3KxvqBJk9kQxqHj8BvXJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFQIDAQAB',
22
-
}),
23
-
...(env.browser === 'firefox' && {
24
-
browser_specific_settings: {
25
-
gecko: {
26
-
id: 'synthesis@seams.so',
27
-
data_collection_permissions: {
28
-
required: ['websiteContent'],
29
-
optional: [],
30
-
},
31
-
},
32
-
},
33
-
developer: {
34
-
name: "Seams",
35
-
url: "https://seams.so",
36
-
},
37
-
// Note: sidebar_action.default_icon is added via build:manifestGenerated hook
38
-
// because WXT overwrites the sidebar_action from the sidepanel entrypoint
39
-
}),
40
-
permissions: [
41
-
'storage',
42
-
'tabs',
43
-
'activeTab',
44
-
'identity',
45
-
'webNavigation',
46
-
...(env.browser === 'chrome' ? ['sidePanel'] : ['menus']),
47
-
],
48
-
host_permissions: ['<all_urls>', 'https://synthes-is.netlify.app/*'],
49
-
content_scripts: [
50
-
{
51
-
matches: ['<all_urls>'],
52
-
js: ['content-scripts/content.js'],
53
-
},
54
-
],
55
-
action: {
56
-
default_title: 'Open Seams',
57
-
},
58
-
web_accessible_resources: [
59
-
{
60
-
resources: ['extension-callback.html'],
61
-
matches: ['<all_urls>'],
62
-
},
63
-
],
64
-
}),
65
-
vite: (env) => ({
66
-
plugins: [injectOauthEnvForExtension(env.browser)],
67
-
define: {
68
-
'import.meta.env.BACKEND_URL': JSON.stringify(
69
-
process.env.BACKEND_URL || (env.mode === 'production' ? 'https://seams.so' : 'http://localhost:8080')
70
-
),
71
-
},
72
-
}),
73
-
runner: {
74
-
disabled: false,
75
-
},
5
+
hooks: {
6
+
'build:manifestGenerated': (wxt, manifest) => {
7
+
// Add default_icon to sidebar_action for Firefox
8
+
if (wxt.config.browser === 'firefox' && manifest.sidebar_action) {
9
+
manifest.sidebar_action.default_icon = {
10
+
"16": "icon-16.png",
11
+
"32": "icon-32.png",
12
+
};
13
+
}
14
+
},
15
+
},
16
+
manifest: (env) => ({
17
+
name: 'Seams',
18
+
description: 'Web annotations on AT Protocol',
19
+
// Include key for development, but exclude for production Chrome Web Store upload
20
+
...(env.browser === 'chrome' && env.mode !== 'production' && {
21
+
key: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv6hsV+VmGtQB8kZFQE0x0VYvhH0Lq2GzDhKZHh9BvPZLmFJQjXqzD9K0UzXxMXBj8FqV3WEJ9xFzDqJc+hKRBqJFQp0vXYrG8hVLVsqxW2wYpF1K8ZqMH3J0V2VB9C3KxvqBJk9kQxqHj8BvXJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFz8B1XJFqVQ3E5VqJzYqK0Hh9vK0E2J1YxLqJ8kV9qBxV0E1J2V3kQxqFQIDAQAB',
22
+
}),
23
+
...(env.browser === 'firefox' && {
24
+
browser_specific_settings: {
25
+
gecko: {
26
+
id: 'synthesis@seams.so',
27
+
data_collection_permissions: {
28
+
required: ['websiteContent'],
29
+
optional: [],
30
+
},
31
+
},
32
+
},
33
+
developer: {
34
+
name: "Seams",
35
+
url: "https://seams.so",
36
+
},
37
+
// Note: sidebar_action.default_icon is added via build:manifestGenerated hook
38
+
// because WXT overwrites the sidebar_action from the sidepanel entrypoint
39
+
}),
40
+
permissions: [
41
+
'storage',
42
+
'tabs',
43
+
'activeTab',
44
+
'identity',
45
+
'webNavigation',
46
+
...(env.browser === 'chrome' ? ['sidePanel'] : ['menus']),
47
+
],
48
+
host_permissions: ['<all_urls>', 'https://seams.so/*'],
49
+
content_scripts: [
50
+
{
51
+
matches: ['<all_urls>'],
52
+
js: ['content-scripts/content.js'],
53
+
},
54
+
],
55
+
action: {
56
+
default_title: 'Open Seams',
57
+
},
58
+
web_accessible_resources: [
59
+
{
60
+
resources: ['extension-callback.html'],
61
+
matches: ['<all_urls>'],
62
+
},
63
+
],
64
+
}),
65
+
vite: (env) => ({
66
+
plugins: [injectOauthEnvForExtension(env.browser)],
67
+
define: {
68
+
'import.meta.env.BACKEND_URL': JSON.stringify(
69
+
process.env.BACKEND_URL || (env.mode === 'production' ? 'https://seams.so' : 'http://localhost:8080')
70
+
),
71
+
},
72
+
}),
73
+
runner: {
74
+
disabled: false,
75
+
},
76
76
});