We are seeing a surprising scenario when we are on a slow network connection and our calls to the WL Server time out.
This happens at WL.Client.connect as well as on invokeProcedure:
we execute the call with a timeout of 10 seconds
the network connection is slow so the call times out
the defined onFailure procedure associated to that call is executed
the WL Server responds with a valid response after the timeout
the onSuccess procedure associated to that call is executed
Is this the designed and intended behavior of the WL Client Framework? Is this specified in the InfoCenter documentation or somewhere?
All developers in our team expected these two procedures to be exclusive and our code was implemented based on this assumption. We are now investigating options on how to match a timed-out/failed response to a success response to make sure we achieve an exclusive execution of onFailure or onSuccess code/logic in our app.
Note: we did not test that with connectOnStartup=true and since the initOptions does not provide an onSuccess procedure (since WL handles that internally) it might be even harder to implement an exclusive execution in this case.
That seems like expected behavior, but don't quote me on that.
You can get the behavior you want (only call the failure callback when it fails, and only call the success callback when it succeeds) using jQuery.Deferreds. There are ways of creating these deferred objects with dojo and other libraries. But, I just tested with jQuery's implementation, which is shipped with every version of IBM Worklight.
$(function () {
var WL = {};
WL.Client = {};
WL.Client.invokeProcedureMock = function (options) {
options.onFailure('failure');
options.onSuccess('success');
};
var dfd = $.Deferred();
var options = {
onSuccess: dfd.resolve,
onFailure: dfd.reject
};
WL.Client.invokeProcedureMock(options);
dfd
.done(function (msg) {
// handle invokeProcedure success
console.log(msg);
})
.fail(function (msg) {
//handle invokeProcedure failure
console.log(msg);
});
});
I put the code above in a JSFiddle, notice that even if I call the onSuccess callback, it won't have any effect because I already called the failure callback (which rejected the deferred). You would add your application logic inside the .done or .fail blocks.
This is just a suggestion, there are likely many ways to approach your issue.
Related
When my client successfully connects to the hub, I want the client to immediately join a group. I have a method in my hub to do that, I just need an event handler for when the connection is established, just like
connection.start().done(
function () {
connection.invoke('JoinGroup', 'GroupName');
});
in SignalR for plain ASP.Net.
Can I do that or do I have to set a timer to do it after x seconds after the start(); call was made?
Edit:
I found out I can do
connection.start(
function (){
connection.invoke('JoinGroup', 'GroupName');
}
);
but it tells me that it Cannot send data if the connection is not in the 'Connected' State.
what do?
SignalR is notoriously difficult due to version mismatches etc.
Please see the following article: https://learn.microsoft.com/en-us/aspnet/core/tutorials/signalr?view=aspnetcore-2.1&tabs=visual-studio
In it, there's a section that specifies how to start (and wait for connection to be established):
var connection = new signalR.HubConnectionBuilder().withUrl("/chatHub").build();
connection.start().then(() => {
//try some stuff here :)
})
.catch(function (err) {
//failed to connect
return console.error(err.toString());
});
The javascript client uses promises that have to be resolved/rejected before you can use it.
The other option is to wrap inside async method and await the call (not sure if this will work correctly). Such as:
await connection.start();
//connection should be started now. beware of exceptions though
I have written an adapter procedure in MFP V8.0. This procedure is secured bu a security check. I want to check that user is already logged-in before calling this adapter procedure:
Procedure is mapped to scope as below:
<procedure name="searchData" scope="restrictedResource"/>
Security Check is defined as below:
<securityCheckDefinition name="UserValidationSecurityCheck" class="com.sample.UserValidationSecurityCheck">
I have done the the Scope Element mapping the server also.
I have written below method which calls the adapter method:
function callAdapterProcedure(invocationData){
var procedureName = invocationData.procedure;
var successHandler = invocationData.successHandler;
var failureHandler = invocationData.failureHandler;
var parameters = invocationData.parameters;
var isuserLoggedIn = checkForLoggedInUser();
alert('is logged in' + isuserLoggedIn);
if(isuserLoggedIn){
var dataRequest = new WLResourceRequest(getAdapterPath(procedureName), WLResourceRequest.GET);
dataRequest.setQueryParameter("params", [JSON.stringify(parameters)]);
dataRequest.send().then(successHandler,failureHandler);
}else{
hideProgressBar();
showAlert(Messages.ALERT_SESSION_TIME_OUT);
logoutWithoutConfirmation();
openLogin();
}
}
Below is the implementation of checkForLoggedInUser() method:
function checkForLoggedInUser(){
var userAlreadyLoggedIn = undefined;//WL.Client.isUserAuthenticated(mrmGlobal.realms.authenticationRealm,null);
WLAuthorizationManager.obtainAccessToken("restrictedResource").then(
function (accessToken) {
alert("obtainAccessToken onSuccess");
userAlreadyLoggedIn = true;
},
function (response) {
alert("obtainAccessToken onFailure: " + JSON.stringify(response));
userAlreadyLoggedIn = false;
});
return userAlreadyLoggedIn;
}
I know that WLAuthorizationManager.obtainAccessToken sends the asynchronous call to the server that's why userAlreadyLoggedIn is always coming as undefined. Is there any way through which I can check that the user session is not timed out before making the adapter call? Basically I want to implement something like WL.Client.isUserAuthenticated (which was there in earlier versions).
--Update--
Plus I have observed one more thing that the handlers method of WLAuthorizationManager.obtainAccessToken are also not getting called.
From your code:
WLAuthorizationManager.obtainAccessToken("restrictedResource").then(
function (accessToken) {
alert("obtainAccessToken onSuccess");
userAlreadyLoggedIn = true;
},
function (response) {
alert("obtainAccessToken onFailure: " + JSON.stringify(response));
userAlreadyLoggedIn = false;
});
It is a common misconception to think that obtainAccessToken's onFailure means the user is not logged in. But that's not exactly how it works.
When you call obtainAccessToken, there are 3 possible outcomes:
Success: The user is logged in, and obtainAccessToken onSuccess is called (along with the challenge handler's success method).
Challenge: The user is not logged in, the security check sent a challenge to the client. This challenge will be received by your challenge handler. obtain will remain on hold until you answer the challenge. This is probably what happens in your case, this would not explain why none of the obtain's handlers are being called.
Failure: Something went wrong during the authentication. It could be that the server is down, networking issue, the scope does not exist, or the user is blocked, etc. In this case, obtainAccessToken's onFailure will be called.
There currently is no API to check if a scope is granted without triggering a challenge. I have opened an internal feature request, feel free to submit your own (https://www.ibm.com/developerworks/rfe ).
In the meantime you could add your own internal boolean flag, that you set to true whenever you login and false whenever you logout.
Can i use JWT authentication with gundb? And if so, would it dramatically slow down my sync speed? I was going to try and implement a test using the tutorial here but wanted to see if there were any 'gotchas' I should be aware of.
The API has changed to use a middleware system. The SEA (Security, Encryption, Authorization) framework will be published to handle stuff like this. However, you can roll your own by doing something like this on the server:
Gun.on('opt', function(ctx){
if(ctx.once){ return }
ctx.on('in', function(msg){
var to = this.to;
// process message.
to.next(msg); // pass to next middleware
});
});
Registering the in listener via the opt hook lets this middleware become 1st in line (before even gun core), that way you can filter all inputs and reject them if necessary (by not calling to.next(msg)).
Likewise to add headers on the client you would want to register an out listener (similarly to how we did for the in) and modify the outgoing message to have msg.headers = {token: data} and then pass it forward to the next middleware layers (which will probably be websocket/transport hooks) by doing to.next(msg) as well. More docs to come on this as it stabilizes.
Old Answer:
A very late answer, sorry this was not addressed sooner:
The default websocket/ajax adapter allows you to update a headers property that gets passed on every networked message:
gun.opt({
headers: { token: JWT },
});
On the server you can then intercept and reject/authorize requests based on the token:
gun.wsp(server, function(req, res, next){
if('get' === req.method){
return next(req, res);
}
if('put' === req.method){
return res({body: {err: "Permission denied!"}});
}
});
The above example rejects all writes and authorizes all reads, but you would replace this logic with your own rules.
socket.io supports a single global authorization method with no middleware feature. Both express.io and passport.socketio depend on this feature as an injection point for their logic.
express.io attaches the express session to the request, and passport.socketio attaches the inflated user object. how do I combine the two features elegantly?
The only way I found is grabbing the authorization callback of express.io from socket.io and wiring it to be passport.socketio's success callback:
app.io.configure(function() {
var expressAuth = app.io.get('authorization');
var sessionConfig = {
...
success : expressAuth // callback on success
};
app.io.set('authorization', passportSocketIo.authorize(sessionConfig));
});
This works for me, but It's coupled with the order of the 'authorization' registrations. Any better ideas?
I want to achieve such a functionality.
That is:
1) in case of connecting to worklight server successfully, Direct Update is available.
2) in case of failing to connect to worklight server, the app can run offline.
Below is my configuration in "initOptions.js".
// # Should application automatically attempt to connect to Worklight Server on application start up
// # The default value is true, we are overriding it to false here.
connectOnStartup : true,
// # The callback function to invoke in case application fails to connect to Worklight Server
onConnectionFailure: function (){
alert("onConnectionFailure");
doDojoReady();
},
// # Worklight server connection timeout
timeout: 10 * 1000,
// # How often heartbeat request will be sent to Worklight Server
heartBeatIntervalInSecs: 20 * 60,
// # Should application produce logs
// # Default value is true
//enableLogger: false,
// # The options of busy indicator used during application start up
busyOptions: {text: "Loading..."
But it doesn't work.
Any idea?
Direct Update happens only when a connection to the server is available. From the way you phrased your question, your problem is that when the app cannot connect to the server it doesn't work "offline". So your question has got nothing to do with Direct Update (if it does, re-phrase your question appropriately).
What you should do, is read the training material for working offline in Worklight.
You are not specifying what "doesn't work". Do you get the alert you've placed in onConnectionFailure? How does your doDojoReady function look like?
I too am using Dojo in Worklight.
My practice is have worklight configured not to connect on startup
var wlInitOptions = {
connectOnStartup : false
in my wl init I then initialise my dojo app,
function wlCommonInit(){
loadDojoLayers();
};
requiring whatever layers I'm using, and then do the actual dojo parsing
require([ "dojo/parser",
"myApp/appController",
"dojo/domReady!"
],
function(parser, appController) {
parser.parse().then (function(){
appController.init();
});
});
Finally, now WL, Dojo, and myApp are all ready I attempt the WL connection, calling this method from my appController.init()
connectWLServer: function() {
// possibly WL.Client.login(realm) here
var options = {
onSuccess: lang.hitch(this, "connectedWLServer"),
onFailure: lang.hitch(this, "connectWLServerFailed"),
};
WL.Client.connect(options);
}
Any Direct Update activities happen at this point. Note that the app as whole keeps going whether or not the connection works, but clearly we can run appropriate code in success and fail cases. Depending upon exactly what authentication is needed an explicit login call may be needed - adapter-based authentication can't happen automatically from inside the connect().