refactor(api): use websocket connection to receive events from SSH session

Author: henrybarreto

api/routes/handler.go

@@ -2,12 +2,18 @@ package routes
 
 import (
 	svc "github.com/shellhub-io/shellhub/api/services"
+	"github.com/shellhub-io/shellhub/pkg/websocket"
 )
 
 type Handler struct {
 	service svc.Service
+	// WebSocketUpgrader is used to turns a HTTP request into WebSocketUpgrader connection.
+	WebSocketUpgrader websocket.Upgrader
 }
 
-func NewHandler(s svc.Service) *Handler {
-	return &Handler{service: s}
+func NewHandler(s svc.Service, w websocket.Upgrader) *Handler {
+	return &Handler{
+		service:           s,
+		WebSocketUpgrader: w,
+	}
 }

api/routes/healthcheck_test.go

@@ -14,7 +14,7 @@ import (
 func TestEvaluateHealth(t *testing.T) {
 	e := echo.New()
 	mock := new(mocks.Service)
-	h := NewHandler(mock)
+	h := NewHandler(mock, nil)
 
 	cases := []struct {
 		title         string

api/routes/routes.go

@@ -13,6 +13,7 @@ import (
 	"github.com/shellhub-io/shellhub/pkg/api/authorizer"
 	"github.com/shellhub-io/shellhub/pkg/envs"
 	pkgmiddleware "github.com/shellhub-io/shellhub/pkg/middleware"
+	"github.com/shellhub-io/shellhub/pkg/websocket"
 )
 
 type DefaultHTTPHandlerConfig struct {
@@ -66,7 +67,7 @@ func WithReporter(reporter *sentry.Client) Option {
 func NewRouter(service services.Service, opts ...Option) *echo.Echo {
 	router := DefaultHTTPHandler(service, new(DefaultHTTPHandlerConfig)).(*echo.Echo)
 
-	handler := NewHandler(service)
+	handler := NewHandler(service, websocket.NewGorillaWebSocketUpgrader())
 	for _, opt := range opts {
 		if err := opt(router, handler); err != nil {
 			return nil
@@ -90,7 +91,7 @@ func NewRouter(service services.Service, opts ...Option) *echo.Echo {
 	internalAPI.GET(GetPublicKeyURL, gateway.Handler(handler.GetPublicKey))
 	internalAPI.POST(CreatePrivateKeyURL, gateway.Handler(handler.CreatePrivateKey))
 	internalAPI.POST(EvaluateKeyURL, gateway.Handler(handler.EvaluateKey))
-	internalAPI.POST(EventsSessionsURL, gateway.Handler(handler.EventSession))
+	internalAPI.GET(EventsSessionsURL, gateway.Handler(handler.EventSession))
 
 	// Public routes for external access through API gateway
 	publicAPI := router.Group("/api")

api/routes/session.go

@@ -8,6 +8,8 @@ import (
 	"github.com/shellhub-io/shellhub/pkg/api/query"
 	"github.com/shellhub-io/shellhub/pkg/api/requests"
 	"github.com/shellhub-io/shellhub/pkg/models"
+	"github.com/shellhub-io/shellhub/pkg/websocket"
+	log "github.com/sirupsen/logrus"
 )
 
 const (
@@ -123,7 +125,8 @@ func (h *Handler) KeepAliveSession(c gateway.Context) error {
 }
 
 func (h *Handler) EventSession(c gateway.Context) error {
-	var req requests.SessionEvent
+	var req requests.SessionIDParam
+
 	if err := c.Bind(&req); err != nil {
 		return err
 	}
@@ -132,11 +135,43 @@ func (h *Handler) EventSession(c gateway.Context) error {
 		return err
 	}
 
-	return h.service.EventSession(c.Ctx(), models.UID(req.UID), &models.SessionEvent{
-		Session:   req.UID,
-		Type:      models.SessionEventType(req.Type),
-		Timestamp: req.Timestamp,
-		Data:      req.Data,
-		Seat:      req.Seat,
-	})
+	if !c.IsWebSocket() {
+		return c.NoContent(http.StatusBadRequest)
+	}
+
+	connection, err := h.WebSocketUpgrader.Upgrade(c.Response(), c.Request())
+	if err != nil {
+		return c.NoContent(http.StatusBadRequest)
+	}
+
+	defer connection.Close()
+
+	var r requests.SessionEvent
+	for {
+		if err := connection.ReadJSON(&r); err != nil {
+			if websocket.IsErrorCloseNormal(err) || websocket.IsUnexpectedCloseError(err) {
+				log.WithError(err).WithFields(log.Fields{
+					"uid": req.UID,
+				}).Debug("events websocket closed with a ignored error")
+
+				return nil
+			}
+
+			return err
+		}
+
+		if err := c.Validate(&r); err != nil {
+			return err
+		}
+
+		if err := h.service.EventSession(c.Ctx(), models.UID(req.UID), &models.SessionEvent{
+			Session:   req.UID,
+			Type:      models.SessionEventType(r.Type),
+			Timestamp: r.Timestamp,
+			Data:      r.Data,
+			Seat:      r.Seat,
+		}); err != nil {
+			return err
+		}
+	}
 }

api/routes/session_test.go

@@ -2,22 +2,25 @@ package routes
 
 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
 	"net/http/httptest"
 	"strings"
 	"testing"
 
+	"github.com/gorilla/websocket"
+	"github.com/labstack/echo/v4"
+	"github.com/shellhub-io/shellhub/api/pkg/gateway"
 	svc "github.com/shellhub-io/shellhub/api/services"
-
-	"github.com/shellhub-io/shellhub/api/store"
-
 	"github.com/shellhub-io/shellhub/api/services/mocks"
+	"github.com/shellhub-io/shellhub/api/store"
 	"github.com/shellhub-io/shellhub/pkg/api/authorizer"
 	"github.com/shellhub-io/shellhub/pkg/api/query"
 	"github.com/shellhub-io/shellhub/pkg/api/requests"
 	"github.com/shellhub-io/shellhub/pkg/models"
+	websocketmocks "github.com/shellhub-io/shellhub/pkg/websocket/mocks"
 	"github.com/stretchr/testify/assert"
 	gomock "github.com/stretchr/testify/mock"
 )
@@ -312,3 +315,150 @@ func TestFinishSession(t *testing.T) {
 
 	mock.AssertExpectations(t)
 }
+
+func TestEventSession(t *testing.T) {
+	mock := new(mocks.Service)
+	webSocketUpgraderMock := new(websocketmocks.Upgrader)
+
+	cases := []struct {
+		description   string
+		uid           string
+		seat          int
+		requiredMocks func(uid string)
+		expected      int
+	}{
+		{
+			description: "fails when upgrade cannot be done",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(_ string) {
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(nil, errors.New("")).Once()
+			},
+			expected: http.StatusBadRequest,
+		},
+		{
+			description: "fails when cannot read from websocket due error",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(_ string) {
+				conn := new(websocketmocks.Conn)
+				conn.On("Close").Return(nil).Once()
+				conn.On("ReadJSON", gomock.Anything).Return(io.EOF).Once()
+
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(conn, nil).Once()
+			},
+			expected: http.StatusInternalServerError,
+		},
+		{
+			description: "fails when cannot read from websocket due generic error",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(_ string) {
+				conn := new(websocketmocks.Conn)
+				conn.On("Close").Return(nil).Once()
+				conn.On("ReadJSON", gomock.Anything).Return(errors.New("")).Once()
+
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(conn, nil).Once()
+			},
+			expected: http.StatusInternalServerError,
+		},
+		{
+			description: "fails when record frame is invalid",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(_ string) {
+				conn := new(websocketmocks.Conn)
+				conn.On("Close").Return(nil).Once()
+				conn.On("ReadJSON", gomock.Anything).Return(nil).Once()
+
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(conn, nil).Once()
+			},
+			expected: http.StatusBadRequest,
+		},
+		{
+			description: "fails to write the frame on the database",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(uid string) {
+				conn := new(websocketmocks.Conn)
+				conn.On("Close").Return(nil).Once()
+				conn.On("NextReader").Return().Once()
+				conn.On("ReadJSON", gomock.Anything).Return(nil).Once().Run(func(args gomock.Arguments) {
+					req := args.Get(0).(*requests.SessionEvent) //nolint:forcetypeassert
+
+					json.
+						NewDecoder(strings.NewReader(`{"type":"pty-output","timestamp":"2025-02-03T14:11:32.405Z","data": { "output":"test" },"seat": 0}`)).
+						Decode(req) //nolint:errcheck
+				})
+
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(conn, nil).Once()
+
+				mock.On("EventSession", gomock.Anything, models.UID(uid), gomock.Anything).
+					Return(errors.New("not able record")).Once()
+			},
+			expected: http.StatusInternalServerError,
+		},
+		{
+			description: "success to write one frame on database",
+			uid:         "123",
+			seat:        0,
+			requiredMocks: func(uid string) {
+				conn := new(websocketmocks.Conn)
+				conn.On("Close").Return(nil).Once()
+				conn.On("NextReader").Return().Once()
+				conn.On("ReadJSON", gomock.Anything).Return(nil).Once().Run(func(args gomock.Arguments) {
+					req := args.Get(0).(*requests.SessionEvent) //nolint:forcetypeassert
+
+					json.
+						NewDecoder(strings.NewReader(`{"type":"pty-output","timestamp":"2025-02-03T14:11:32.405Z","data": { "output":"test" },"seat": 0}`)).
+						Decode(req) //nolint:errcheck
+				})
+
+				webSocketUpgraderMock.On("Upgrade", gomock.Anything, gomock.Anything).Return(conn, nil).Once()
+
+				mock.On("EventSession", gomock.Anything, models.UID(uid),
+					gomock.Anything).Return(nil).Once()
+
+				conn.On("ReadJSON", gomock.Anything).Return(&websocket.CloseError{
+					Code: 1000,
+					Text: "test",
+				}).Once()
+			},
+			expected: http.StatusOK,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Run(tc.description, func(t *testing.T) {
+			tc.requiredMocks(tc.uid)
+
+			req := httptest.NewRequest(http.MethodGet, fmt.Sprintf("ws:///internal/sessions/%s/events", tc.uid), nil)
+			req.Header.Set("Content-Type", echo.MIMEApplicationJSON)
+			req.Header.Set("X-Role", authorizer.RoleOwner.String())
+			req.Header.Set("Upgrade", "websocket")
+			req.Header.Set("Connection", "Upgrade")
+			req.Header.Set("Sec-WebSocket-Version", "13")
+			req.Header.Set("Sec-WebSocket-Key", "test")
+
+			e := NewRouter(mock, func(_ *echo.Echo, handler *Handler) error {
+				handler.WebSocketUpgrader = webSocketUpgraderMock
+
+				return nil
+			})
+
+			e.Use(func(next echo.HandlerFunc) echo.HandlerFunc {
+				return func(c echo.Context) error {
+					ctx := gateway.NewContext(mock, c)
+
+					return next(ctx)
+				}
+			})
+
+			rec := httptest.NewRecorder()
+			e.ServeHTTP(rec, req)
+
+			assert.Equal(t, tc.expected, rec.Result().StatusCode)
+			mock.AssertExpectations(t)
+		})
+	}
+}