-
-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose underlying connection in ServerRequest #324
Comments
Doesn't seem like it should be too difficult to expose the connection to a request handler. In
Then surely just a matter of getting the MiddlewareRunner to make use of the connection being passed to it:
Due to the nature of Is this kind of approach workable? I'm new to ReactPHP, so just trying to figure this out as I go. |
@dwgebler Thanks you for bringing this up, I can see how this would be useful! I see there was discussion about this on IRC and it seems to resolve mostly around TLS (formerly SSL) parameters?
This sounds like a nice feature to me! I agree that we should provide support for accessing TLS parameters (if available) and agree that "server params" would probably be the best place for this. This mimics how nginx (http://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables) and Apache (http://httpd.apache.org/docs/current/mod/mod_ssl.html#envvars) work. That being said, it's my understanding that this should only be exposed as part of "server params" without exposing the underlying connection. The concept of "connection" is a lower-level detail that we should probably not leak to the HTTP layer. The TLS parameters can be accessed through Before looking into this further, I would love to hear some more thoughts from more people 👍 I've you're feeling adventurous, here's a somewhat hacky gist to access these TLS parameters without having any dedicated APIs for this: $server = new Server(function (ServerRequestInterface $request) {
$connection = null;
foreach (debug_backtrace() as $trace) {
foreach ($trace['args'] as $arg) {
if ($arg instanceof ConnectionInterface) {
$connection = $arg;
break 2;
}
}
}
ob_start();
var_dump(
$connection,
isset($connection->stream) ? stream_get_meta_data($connection->stream) : null,
isset($connection->stream) ? stream_context_get_options($connection->stream) : null
);
$response = ob_get_clean();
return new Response(
200,
array(
'Content-Type' => 'text/plain'
),
$response
);
}); |
Thanks @clue yes my interest in exposing the connection is to retrieve a client certificate at the HTTP layer, my particular use case being user level access control in a RESTful API. Obviously I've been looking for a quick solution (appreciate the hacky approach, which is great to carry on building a proof of concept of my API, but not a solution I can rely on in production) but yes from a design perspective, the HTTP layer should have the client certificate as part of the server environment rather than needing to know about a socket connection. Note we would need both meta data and context options to build the same server environment as Apache mod_ssl injects and would need to parse the peer certificate but AFAIK parsing is only possible with the openssl_ functions. |
+1 for:
|
The request object passed to the request handler should be able to access the underlying socket connection. At the moment, there is no way for the Connection object to be passed between a connection event handler and a request handler - an example of why this is an issue is data from a client certificate when using mutual authentication cannot be passed to the request handler (e.g. certificate Common Name).
The text was updated successfully, but these errors were encountered: