diff --git a/internal/msg_gateway/gate/logic.go b/internal/msg_gateway/gate/logic.go index 2ece3bd94..60ba0ab2c 100644 --- a/internal/msg_gateway/gate/logic.go +++ b/internal/msg_gateway/gate/logic.go @@ -3,6 +3,7 @@ package gate import ( "Open_IM/pkg/common/config" "Open_IM/pkg/common/constant" + "Open_IM/pkg/common/db" "Open_IM/pkg/common/log" "Open_IM/pkg/grpc-etcdv3/getcdv3" pbChat "Open_IM/pkg/proto/chat" @@ -170,7 +171,7 @@ func (ws *WServer) sendMsgReq(conn *UserConn, m *Req) { sendMsgAllCountLock.Lock() sendMsgAllCount++ sendMsgAllCountLock.Unlock() - log.NewInfo(m.OperationID, "Ws call success to sendMsgReq start", m.MsgIncr, m.ReqIdentifier, m.SendID, m.Data) + log.NewInfo(m.OperationID, "Ws call success to sendMsgReq start", m.MsgIncr, m.ReqIdentifier, m.SendID) nReply := new(pbChat.SendMsgResp) isPass, errCode, errMsg, pData := ws.argsValidate(m, constant.WSSendMsg, m.OperationID) @@ -181,7 +182,7 @@ func (ws *WServer) sendMsgReq(conn *UserConn, m *Req) { OperationID: m.OperationID, MsgData: &data, } - log.NewInfo(m.OperationID, "Ws call success to sendMsgReq middle", m.ReqIdentifier, m.SendID, m.MsgIncr, data) + log.NewInfo(m.OperationID, "Ws call success to sendMsgReq middle", m.ReqIdentifier, m.SendID, m.MsgIncr, data.String()) etcdConn := getcdv3.GetConn(config.Config.Etcd.EtcdSchema, strings.Join(config.Config.Etcd.EtcdAddr, ","), config.Config.RpcRegisterName.OpenImOfflineMessageName, m.OperationID) if etcdConn == nil { errMsg := m.OperationID + "getcdv3.GetConn == nil" @@ -331,3 +332,19 @@ func (ws *WServer) sendErrMsg(conn *UserConn, errCode int32, errMsg string, reqI } ws.sendMsg(conn, mReply) } + +func SetTokenKicked(userID string, platformID int, operationID string) { + m, err := db.DB.GetTokenMapByUidPid(userID, constant.PlatformIDToName(platformID)) + if err != nil { + log.Error(operationID, "GetTokenMapByUidPid failed ", err.Error(), userID, constant.PlatformIDToName(platformID)) + return + } + for k, _ := range m { + m[k] = constant.KickedToken + } + err = db.DB.SetTokenMapByUidPid(userID, platformID, m) + if err != nil { + log.Error(operationID, "SetTokenMapByUidPid failed ", err.Error(), userID, constant.PlatformIDToName(platformID)) + return + } +} diff --git a/internal/msg_gateway/gate/rpc_server.go b/internal/msg_gateway/gate/rpc_server.go index 6b851b8f0..6c7ec7809 100644 --- a/internal/msg_gateway/gate/rpc_server.go +++ b/internal/msg_gateway/gate/rpc_server.go @@ -292,11 +292,13 @@ func (r *RPCServer) KickUserOffline(_ context.Context, req *pbRelay.KickUserOffl oldConnMap := ws.getUserAllCons(v) if conn, ok := oldConnMap[int(req.PlatformID)]; ok { // user->map[platform->conn] ws.sendKickMsg(conn, &UserConn{}) + conn.Close() } + SetTokenKicked(v, int(req.PlatformID), req.OperationID) } return &pbRelay.KickUserOfflineResp{}, nil - } + func sendMsgToUser(conn *UserConn, bMsg []byte, in *pbRelay.OnlinePushMsgReq, RecvPlatForm int, RecvID string) (ResultCode int64) { err := ws.writeMsg(conn, websocket.BinaryMessage, bMsg) if err != nil { diff --git a/internal/msg_gateway/gate/ws_server.go b/internal/msg_gateway/gate/ws_server.go index 223270197..aaffb68d6 100644 --- a/internal/msg_gateway/gate/ws_server.go +++ b/internal/msg_gateway/gate/ws_server.go @@ -289,6 +289,24 @@ func (ws *WServer) headerCheck(w http.ResponseWriter, r *http.Request, operation query := r.URL.Query() if len(query["token"]) != 0 && len(query["sendID"]) != 0 && len(query["platformID"]) != 0 { if ok, err, msg := token_verify.WsVerifyToken(query["token"][0], query["sendID"][0], query["platformID"][0], operationID); !ok { + switch err { + case constant.ErrTokenExpired: + status = int(constant.ErrTokenExpired.ErrCode) + case constant.ErrTokenInvalid: + status = int(constant.ErrTokenInvalid.ErrCode) + case constant.ErrTokenMalformed: + status = int(constant.ErrTokenMalformed.ErrCode) + case constant.ErrTokenNotValidYet: + status = int(constant.ErrTokenNotValidYet.ErrCode) + case constant.ErrTokenUnknown: + status = int(constant.ErrTokenUnknown.ErrCode) + case constant.ErrTokenKicked: + status = int(constant.ErrTokenKicked.ErrCode) + case constant.ErrTokenDifferentPlatformID: + status = int(constant.ErrTokenDifferentPlatformID.ErrCode) + case constant.ErrTokenDifferentUserID: + status = int(constant.ErrTokenDifferentUserID.ErrCode) + } log.Error(operationID, "Token verify failed ", "query ", query, msg, err.Error()) w.Header().Set("Sec-Websocket-Version", "13") w.Header().Set("ws_err_msg", err.Error()) @@ -299,6 +317,7 @@ func (ws *WServer) headerCheck(w http.ResponseWriter, r *http.Request, operation return true } } else { + status = int(constant.ErrArgs.ErrCode) log.Error(operationID, "Args err ", "query ", query) w.Header().Set("Sec-Websocket-Version", "13") errMsg := "args err, need token, sendID, platformID" diff --git a/internal/utils/jwt_token_test.go b/internal/utils/jwt_token_test.go index da53a2a36..fe7a6b320 100644 --- a/internal/utils/jwt_token_test.go +++ b/internal/utils/jwt_token_test.go @@ -38,7 +38,7 @@ func Test_CreateToken(t *testing.T) { platform := int32(1) now := time.Now().Unix() - tokenString, expiresAt, err := token_verify.CreateToken(uid, platform) + tokenString, expiresAt, err := token_verify.CreateToken(uid, int(platform)) assert.NotEmpty(t, tokenString) assert.Equal(t, expiresAt, 604800+now) @@ -48,7 +48,7 @@ func Test_CreateToken(t *testing.T) { func Test_VerifyToken(t *testing.T) { uid := "1" platform := int32(1) - tokenString, _, _ := token_verify.CreateToken(uid, platform) + tokenString, _, _ := token_verify.CreateToken(uid, int(platform)) result, _ := token_verify.VerifyToken(tokenString, uid) assert.True(t, result) result, _ = token_verify.VerifyToken(tokenString, "2") @@ -58,7 +58,7 @@ func Test_VerifyToken(t *testing.T) { func Test_ParseRedisInterfaceToken(t *testing.T) { uid := "1" platform := int32(1) - tokenString, _, _ := token_verify.CreateToken(uid, platform) + tokenString, _, _ := token_verify.CreateToken(uid, int(platform)) claims, err := token_verify.ParseRedisInterfaceToken([]uint8(tokenString)) assert.Nil(t, err) @@ -66,7 +66,7 @@ func Test_ParseRedisInterfaceToken(t *testing.T) { // timeout config.Config.TokenPolicy.AccessExpire = -80 - tokenString, _, _ = token_verify.CreateToken(uid, platform) + tokenString, _, _ = token_verify.CreateToken(uid, int(platform)) claims, err = token_verify.ParseRedisInterfaceToken([]uint8(tokenString)) assert.Equal(t, err, constant.ExpiredToken) assert.Nil(t, claims) @@ -75,7 +75,7 @@ func Test_ParseRedisInterfaceToken(t *testing.T) { func Test_ParseToken(t *testing.T) { uid := "1" platform := int32(1) - tokenString, _, _ := token_verify.CreateToken(uid, platform) + tokenString, _, _ := token_verify.CreateToken(uid, int(platform)) claims, err := token_verify.ParseToken(tokenString, "") if err == nil { assert.Equal(t, claims.UID, uid) diff --git a/pkg/common/constant/constant.go b/pkg/common/constant/constant.go index 324e4e8bc..5f95063a9 100644 --- a/pkg/common/constant/constant.go +++ b/pkg/common/constant/constant.go @@ -283,6 +283,10 @@ func GroupIsBanPrivateChat(status int32) bool { return true } +const ( + TokenKicked = 1001 +) + const BigVersion = "v2" const LogFileName = "OpenIM.log" diff --git a/pkg/common/constant/error.go b/pkg/common/constant/error.go index 08a3c23f8..fa5f3c68b 100644 --- a/pkg/common/constant/error.go +++ b/pkg/common/constant/error.go @@ -42,12 +42,14 @@ var ( // ErrQuitGroup = ErrInfo{621, "Failed to quit the group"} // ErrSetGroupInfo = ErrInfo{622, "Failed to set group info"} // ErrParam = ErrInfo{700, "param failed"} - ErrTokenExpired = ErrInfo{701, TokenExpiredMsg.Error()} - ErrTokenInvalid = ErrInfo{702, TokenInvalidMsg.Error()} - ErrTokenMalformed = ErrInfo{703, TokenMalformedMsg.Error()} - ErrTokenNotValidYet = ErrInfo{704, TokenNotValidYetMsg.Error()} - ErrTokenUnknown = ErrInfo{705, TokenUnknownMsg.Error()} - ErrTokenKicked = ErrInfo{706, TokenUserKickedMsg.Error()} + ErrTokenExpired = ErrInfo{701, TokenExpiredMsg.Error()} + ErrTokenInvalid = ErrInfo{702, TokenInvalidMsg.Error()} + ErrTokenMalformed = ErrInfo{703, TokenMalformedMsg.Error()} + ErrTokenNotValidYet = ErrInfo{704, TokenNotValidYetMsg.Error()} + ErrTokenUnknown = ErrInfo{705, TokenUnknownMsg.Error()} + ErrTokenKicked = ErrInfo{706, TokenUserKickedMsg.Error()} + ErrTokenDifferentPlatformID = ErrInfo{707, TokenDifferentPlatformIDMsg.Error()} + ErrTokenDifferentUserID = ErrInfo{708, TokenDifferentUserIDMsg.Error()} ErrAccess = ErrInfo{ErrCode: 801, ErrMsg: AccessMsg.Error()} ErrDB = ErrInfo{ErrCode: 802, ErrMsg: DBMsg.Error()} @@ -60,18 +62,20 @@ var ( ) var ( - ParseTokenMsg = errors.New("parse token failed") - TokenExpiredMsg = errors.New("token is timed out, please log in again") - TokenInvalidMsg = errors.New("token has been invalidated") - TokenNotValidYetMsg = errors.New("token not active yet") - TokenMalformedMsg = errors.New("that's not even a token") - TokenUnknownMsg = errors.New("couldn't handle this token") - TokenUserKickedMsg = errors.New("user has been kicked") - AccessMsg = errors.New("no permission") - StatusMsg = errors.New("status is abnormal") - DBMsg = errors.New("db failed") - ArgsMsg = errors.New("args failed") - CallBackMsg = errors.New("callback failed") + ParseTokenMsg = errors.New("parse token failed") + TokenExpiredMsg = errors.New("token is timed out, please log in again") + TokenInvalidMsg = errors.New("token has been invalidated") + TokenNotValidYetMsg = errors.New("token not active yet") + TokenMalformedMsg = errors.New("that's not even a token") + TokenUnknownMsg = errors.New("couldn't handle this token") + TokenUserKickedMsg = errors.New("user has been kicked") + TokenDifferentPlatformIDMsg = errors.New("different platformID") + TokenDifferentUserIDMsg = errors.New("different userID") + AccessMsg = errors.New("no permission") + StatusMsg = errors.New("status is abnormal") + DBMsg = errors.New("db failed") + ArgsMsg = errors.New("args failed") + CallBackMsg = errors.New("callback failed") ThirdPartyMsg = errors.New("third party error") ) diff --git a/pkg/common/token_verify/jwt_token.go b/pkg/common/token_verify/jwt_token.go index 54a1b4274..3d93ccb44 100644 --- a/pkg/common/token_verify/jwt_token.go +++ b/pkg/common/token_verify/jwt_token.go @@ -188,7 +188,7 @@ func ParseToken(tokensString, operationID string) (claims *Claims, err error) { return nil, utils.Wrap(&constant.ErrTokenInvalid, "get token from redis err") } if m == nil { - log.NewError(operationID, "get token from redis err", "m is nil", tokensString) + log.NewError(operationID, "get token from redis err, not in redis ", "m is nil", tokensString) return nil, utils.Wrap(&constant.ErrTokenInvalid, "get token from redis err") } if v, ok := m[tokensString]; ok { @@ -196,13 +196,9 @@ func ParseToken(tokensString, operationID string) (claims *Claims, err error) { case constant.NormalToken: log.NewDebug(operationID, "this is normal return", claims) return claims, nil - case constant.InValidToken: - return nil, utils.Wrap(&constant.ErrTokenInvalid, "") case constant.KickedToken: log.Error(operationID, "this token has been kicked by other same terminal ", constant.ErrTokenKicked) return nil, utils.Wrap(&constant.ErrTokenKicked, "this token has been kicked by other same terminal ") - case constant.ExpiredToken: - return nil, utils.Wrap(&constant.ErrTokenExpired, "") default: return nil, utils.Wrap(&constant.ErrTokenUnknown, "") } @@ -244,20 +240,21 @@ func VerifyToken(token, uid string) (bool, error) { log.NewDebug("", claims.UID, claims.Platform) return true, nil } + func WsVerifyToken(token, uid string, platformID string, operationID string) (bool, error, string) { argMsg := "token: " + token + " operationID: " + operationID + " userID: " + uid + " platformID: " + platformID claims, err := ParseToken(token, operationID) if err != nil { - errMsg := "parse token err " + argMsg + errMsg := "parse token err " + err.Error() + argMsg return false, utils.Wrap(err, errMsg), errMsg } if claims.UID != uid { errMsg := " uid is not same to token uid " + " claims.UID " + claims.UID + argMsg - return false, utils.Wrap(&constant.ErrTokenUnknown, errMsg), errMsg + return false, utils.Wrap(&constant.ErrTokenDifferentUserID, errMsg), errMsg } if claims.Platform != constant.PlatformIDToName(utils.StringToInt(platformID)) { errMsg := " platform is not same to token platform " + argMsg + "claims platformID " + claims.Platform - return false, utils.Wrap(&constant.ErrTokenUnknown, errMsg), errMsg + return false, utils.Wrap(&constant.ErrTokenDifferentPlatformID, errMsg), errMsg } log.NewDebug(operationID, utils.GetSelfFuncName(), " check ok ", claims.UID, uid, claims.Platform) return true, nil, ""