Skip to content

Commit

Permalink
feat[onebot11]: impl query string access_token
Browse files Browse the repository at this point in the history
  • Loading branch information
@RTAkland
RTAkland committed Dec 16, 2024
1 parent aafe74a commit 3cfe6dd
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions ronebot-onebot-v11/src/main/kotlin/cn/rtast/rob/util/ws/WsServer.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,12 +52,12 @@ internal class WsServer(
override fun onOpen(conn: WebSocket, handshake: ClientHandshake) {
val allHeaderKeys = mutableListOf<String>()
handshake.iterateHttpFields().forEach { allHeaderKeys.add(it) }
if (!allHeaderKeys.contains("Authorization")) {
logger.warn("Websocket client's access token is not correct, disconnecting...")
conn.close(4003, "Forbidden: Invalid or missing Authorization token")
}
val queryAccessToken = handshake.resourceDescriptor
.split("?").getOrNull(1)?.split("&")
?.firstOrNull { it.startsWith("access_token=") }
?.split("=")?.getOrNull(1)
val value = handshake.getFieldValue("Authorization")
if (value != "Bearer $accessToken") {
if (queryAccessToken != accessToken && value != "Bearer $accessToken") {
logger.warn("Websocket client's access token is not correct, disconnecting...")
conn.close(4003, "Forbidden: Invalid or missing Authorization token")
} else {
Expand Down

0 comments on commit 3cfe6dd

Please sign in to comment.