NOTICKET: Setup and Sepcify Websocket Structure

src/main/java/de/towerdefence/server/server/JsonWebsocketHandler.java

@@ -41,7 +41,7 @@ public abstract class JsonWebsocketHandler extends TextWebSocketHandler {
             try{
                 session.close(reason);
             } catch (Exception exception) {
-                logger.debug("Unable to Close the Session", exception);
+                logger.info("Unable to Close the Session", exception);
             }
         }
     }

src/main/java/de/towerdefence/server/server/channels/connection/ConnectionWebsocketHandler.java

@@ -22,11 +22,12 @@ public class ConnectionWebsocketHandler extends JsonWebsocketHandler {
     protected void handleTextMessage(WebSocketSession session, TextMessage message) {
         try{
             String payload = message.getPayload();
-            switch ( objectMapper.readTree(payload).get("$id").asText()) {
-                case "RequestConnectionToken" -> handleRequestConnectionToken(session, payload);
+            switch ( objectMapper.readTree(payload).get("$id").asText().toLowerCase()) {
+                case "requestconnectiontoken" -> handleRequestConnectionToken(session, payload);
                 default -> this.closeSession(session, CloseStatus.BAD_DATA);
             }
         } catch (Exception exception) {
+            System.out.println(exception.getMessage());
             this.closeSession(session, CloseStatus.BAD_DATA);
         }
     }
@@ -35,6 +36,6 @@ public class ConnectionWebsocketHandler extends JsonWebsocketHandler {
         RequestConnectionTokenMessage msg = objectMapper.readValue(payload, RequestConnectionTokenMessage.class);
         Player player = this.sessionPlayers.get(session);
         String jwt = this.sessionsService.createSession(player, msg.getChannel());
-        new ProvidedConnectionTokenMessage(channel, jwt).send(session);
+        new ProvidedConnectionTokenMessage(msg.getChannel(), jwt).send(session);
     }
 }

src/main/java/de/towerdefence/server/server/channels/connection/in/RequestConnectionTokenMessage.java

@@ -1,5 +1,6 @@
 package de.towerdefence.server.server.channels.connection.in;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
 import de.towerdefence.server.session.Channel;
 import jakarta.validation.constraints.NotNull;
 import lombok.*;
@@ -7,6 +8,7 @@ import lombok.*;
 @Data
 @NotNull
 public class RequestConnectionTokenMessage {
-    private String $id;
+    @JsonProperty("$id")
+    private String messageId;
     private Channel channel;
 }

src/main/java/de/towerdefence/server/session/JwtService.java

@@ -21,20 +21,21 @@ public class JwtService {
         this.secretKey = Keys.hmacShaKeyFor(config.getSecret().getBytes(StandardCharsets.UTF_8));
     }
 
-    public String generateToken(String username, long ttl) {
+    public String generateToken(String username, Channel channel, long ttl) {
         long now = System.currentTimeMillis();
         Date issueDate = new Date(now);
         Date expirationDate = new Date(now + ttl * 1000);
 
         return Jwts.builder()
                 .subject(username)
+                .claim("channel", channel.getJsonName())
                 .issuedAt(issueDate)
                 .expiration(expirationDate)
                 .signWith(secretKey)
                 .compact();
     }
 
-    public Optional<String> verifyToken(String token) {
+    public Optional<String> verifyToken(String token, Channel channel) {
         Claims claims = Jwts.parser()
                 .verifyWith(secretKey)
                 .build()
@@ -45,6 +46,16 @@ public class JwtService {
             return Optional.empty();
         }
 
+        Channel tokenChannel;
+        try {
+            tokenChannel = Channel.fromJsonName(claims.get("channel", String.class));
+        } catch (IllegalArgumentException ignored) {
+            return Optional.empty();
+        }
+        if(!channel.equals(tokenChannel)) {
+            return Optional.empty();
+        }
+
         return Optional.of(claims.getSubject());
     }
 }

src/main/java/de/towerdefence/server/session/SessionsService.java

@@ -24,7 +24,7 @@ public class SessionsService {
     private static final ScheduledExecutorService scheduler = Executors.newScheduledThreadPool(1);
 
     public String createSession(Player player, Channel channel){
-        String jwt = jwtService.generateToken(player.getUsername(), TIME_TO_LIVE_SECONDS);
+        String jwt = jwtService.generateToken(player.getUsername(), channel, TIME_TO_LIVE_SECONDS);
         if(tokenGrants.containsKey(jwt)){
             throw new IllegalStateException("The exact same JWT allready exists");
         }
@@ -43,7 +43,7 @@ public class SessionsService {
         if (grantedChannel == null || !grantedChannel.equals(channel)) {
             return Optional.empty();
         }
-        Optional<String> username = jwtService.verifyToken(jwt);
+        Optional<String> username = jwtService.verifyToken(jwt, channel);
         if (username.isEmpty()) {
             return Optional.empty();
         }

ws/example/time_channel.sh

@@ -0,0 +1,17 @@
+#!/bin/sh
+
+response=$(curl -s -X 'POST' \
+  'http://localhost:8080/api/v1/player/login' \
+  -H 'accept: application/json' \
+  -H 'Content-Type: application/json' \
+  -d '{
+  "username": "Player1",
+  "password": "1234"
+}')
+
+token=$(echo "$response" | jq -r .token)
+payload='{"$id": "RequestConnectionToken", "channel": "time"}'
+response=$(echo "$payload" | websocat ws://localhost:8080/ws/connection -H "Authorization: $token")
+
+time_token=$(echo "$response" | jq -r .token)
+websocat ws://localhost:8080/ws/time -H "Authorization: $time_token"

ws/ws.yml

@@ -33,6 +33,7 @@ channels:
           Specific Channel
         payload:
           type: object
+          additionalProperties: false
           properties:
             $id:
               type: string
@@ -51,6 +52,7 @@ channels:
           Specific Channel
         payload:
           type: object
+          additionalProperties: false
           properties:
             $id:
               type: string
@@ -75,6 +77,7 @@ channels:
         description: The Current time in Unix Time
         payload:
           type: object
+          additionalProperties: false
           properties:
             $id:
               type: string