Use random id for WebSocket sessions

rstoyanchev · rstoyanchev · commit b17e7c321a6d · 2018-09-05T19:49:50.000-04:00
Issue: SPR-17228
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/adapter/AbstractWebSocketSession.java b/spring-websocket/src/main/java/org/springframework/web/socket/adapter/AbstractWebSocketSession.java
@@ -24,7 +24,9 @@
 import org.apache.commons.logging.LogFactory;
 
 import org.springframework.lang.Nullable;
+import org.springframework.util.AlternativeJdkIdGenerator;
 import org.springframework.util.Assert;
+import org.springframework.util.IdGenerator;
 import org.springframework.web.socket.BinaryMessage;
 import org.springframework.web.socket.CloseStatus;
 import org.springframework.web.socket.PingMessage;
@@ -41,8 +43,11 @@
  */
 public abstract class AbstractWebSocketSession<T> implements NativeWebSocketSession {
 
+	protected static final IdGenerator idGenerator = new AlternativeJdkIdGenerator();
+
 	protected static final Log logger = LogFactory.getLog(NativeWebSocketSession.class);
 
+
 	private final Map<String, Object> attributes = new ConcurrentHashMap<>();
 
 	@Nullable
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/adapter/jetty/JettyWebSocketSession.java b/spring-websocket/src/main/java/org/springframework/web/socket/adapter/jetty/JettyWebSocketSession.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,7 +34,6 @@
 import org.springframework.lang.Nullable;
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
-import org.springframework.util.ObjectUtils;
 import org.springframework.web.socket.BinaryMessage;
 import org.springframework.web.socket.CloseStatus;
 import org.springframework.web.socket.PingMessage;
@@ -55,8 +54,7 @@
  */
 public class JettyWebSocketSession extends AbstractWebSocketSession<Session> {
 
-	@Nullable
-	private String id;
+	private final String id;
 
 	@Nullable
 	private URI uri;
@@ -91,13 +89,13 @@ public JettyWebSocketSession(Map<String, Object> attributes) {
 	 */
 	public JettyWebSocketSession(Map<String, Object> attributes, @Nullable Principal user) {
 		super(attributes);
+		this.id = idGenerator.generateId().toString();
 		this.user = user;
 	}
 
 
 	@Override
 	public String getId() {
-		Assert.state(this.id != null, "WebSocket session is not yet initialized");
 		return this.id;
 	}
 
@@ -177,7 +175,6 @@ public boolean isOpen() {
 	public void initializeNativeSession(Session session) {
 		super.initializeNativeSession(session);
 
-		this.id = ObjectUtils.getIdentityHexString(getNativeSession());
 		this.uri = session.getUpgradeRequest().getRequestURI();
 
 		HttpHeaders headers = new HttpHeaders();
diff --git a/spring-websocket/src/main/java/org/springframework/web/socket/adapter/standard/StandardWebSocketSession.java b/spring-websocket/src/main/java/org/springframework/web/socket/adapter/standard/StandardWebSocketSession.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -50,8 +50,7 @@
  */
 public class StandardWebSocketSession extends AbstractWebSocketSession<Session> {
 
-	@Nullable
-	private String id;
+	private final String id;
 
 	@Nullable
 	private URI uri;
@@ -102,6 +101,7 @@ public StandardWebSocketSession(@Nullable HttpHeaders headers, @Nullable Map<Str
 			@Nullable Principal user) {
 
 		super(attributes);
+		this.id = idGenerator.generateId().toString();
 		headers = (headers != null ? headers : new HttpHeaders());
 		this.handshakeHeaders = HttpHeaders.readOnlyHttpHeaders(headers);
 		this.user = user;
@@ -112,7 +112,6 @@ public StandardWebSocketSession(@Nullable HttpHeaders headers, @Nullable Map<Str
 
 	@Override
 	public String getId() {
-		Assert.state(this.id != null, "WebSocket session is not yet initialized");
 		return this.id;
 	}
 
@@ -189,9 +188,7 @@ public boolean isOpen() {
 	public void initializeNativeSession(Session session) {
 		super.initializeNativeSession(session);
 
-		this.id = session.getId();
 		this.uri = session.getRequestURI();
-
 		this.acceptedProtocol = session.getNegotiatedSubprotocol();
 
 		List<Extension> standardExtensions = getNativeSession().getNegotiatedExtensions();
diff --git a/spring-websocket/src/test/java/org/springframework/web/socket/adapter/standard/StandardWebSocketHandlerAdapterTests.java b/spring-websocket/src/test/java/org/springframework/web/socket/adapter/standard/StandardWebSocketHandlerAdapterTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2013 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
 
 package org.springframework.web.socket.adapter.standard;
 
+import java.net.URI;
 import javax.websocket.CloseReason;
 import javax.websocket.CloseReason.CloseCodes;
 import javax.websocket.MessageHandler;
@@ -56,14 +57,15 @@ public void setup() {
 
 	@Test
 	public void onOpen() throws Throwable {
-		given(this.session.getId()).willReturn("123");
+		URI uri = URI.create("http://example.org");
+		given(this.session.getRequestURI()).willReturn(uri);
 		this.adapter.onOpen(this.session, null);
 
 		verify(this.webSocketHandler).afterConnectionEstablished(this.webSocketSession);
 		verify(this.session, atLeast(2)).addMessageHandler(any(MessageHandler.Whole.class));
 
-		given(this.session.getId()).willReturn("123");
-		assertEquals("123", this.webSocketSession.getId());
+		given(this.session.getRequestURI()).willReturn(uri);
+		assertEquals(uri, this.webSocketSession.getUri());
 	}
 
 	@Test
