onos/web/gui2/doc/notes-websocket.md

UI Web Socket Session Establishment

(1) Web client accesses index.html but is redirected to login page for basic authentication.

(2) MainIndexResource (protected page, user is now authenticated) requests a token to be generated by the UiTokenService.

(3) UiTokenService generates token, adds it to distributed map as entry {token -> username}, and returns token to MainIndexResource.

(4) MainIndexResource embeds username and token in index.html.

(5) Web client opens web socket connection (promoted from http). Note that the UiWebSocket instance is not marked as "authenticated" yet...

(6) UiWebSocket sends bootstrap data (list of ONOS cluster node IPs)

(7) Web client sends initial message "uiAuthenticate", along with username and authentication token (picked up from index.html).

(8) UiWebsocket verifies that token is valid via the UiTokenService, and marks itself as "authenticated".

(9) Subsequent onMessage() calls to UiWebSocket only proceed if "authenticated" is true.

(10) User logs out of ONOS UI, generates onClose() call.

(11) UiWebSocket requests the token be revoked.

(12) UiTokenService unmaps the token from the distributed map.

 WebClient           MainIndex           UiToken           WebSocket
 ----+----           ----+----           ---+---           ----+----
     |            login* |                  |                  |    * basic
(1)  o------------------>|                  |                  |     auth'n 
     |                   |  issueToken(usr) |                  |
(2)  |                   o----------------->|                  |
     |                   |                  o- map token in    |
(3)  |                   | tkn              |  distrib. map    |
     | index.html(tkn)   |<-----------------o                  |
(4)  |<------------------o                  |                  |
     |                   |                  |           onOpen |
(5)  o-------------------------------------------------------->|
     | bootstrapData     |                  |                  |
(6)  |<--------------------------------------------------------o
     |                   |                  |                  |
     |                   |                  |   onMsg(usr,tkn) |
(7)  o-------------------------------------------------------->|
     |                   |                  | isValid(tkn)     |
(8)  |                   |                  |<-----------------o
     |                   |                  o----------------->| 
     |                   |                  |                  o- mark socket
     |                   |                  |                  |  valid
     |                   |                  |                  |
     |                   |                  |       onMsg(...) |
(9)  o-------------------------------------------------------->|
     |                   |                  |                  o- only processed
     |                   |                  |                  |  if socket valid
     
     :                   :                  :                  :
     
     |                   |                  |          onClose |
(10) o-------------------------------------------------------->|
     |                   |                  | revoke(tkn)      |
(11) |                   |                  |<-----------------o
(12) |                   |                  o- unmap token in  |
     |                   |                  |  distrib. map    |
     |                   |                  |                  |