adding state to AuthenticationContext and delay creation

emelialei88 · emelialei88 · commit a33efc370fcb · 2025-05-22T14:36:50.000-04:00
Signed-off-by: Emelia Lei &lt;wlei29@bloomberg.net&gt;
diff --git a/src/groups/mqb/mqba/mqba_authenticator.cpp b/src/groups/mqb/mqba/mqba_authenticator.cpp
@@ -28,6 +28,7 @@
 // MQB
 #include <mqbblp_clustercatalog.h>
 #include <mqbnet_authenticationcontext.h>
+#include <mqbnet_initialconnectioncontext.h>
 
 // BMQ
 #include <bmqio_status.h>
@@ -57,26 +58,26 @@ const int k_AUTHENTICATION_READTIMEOUT = 3 * 60;  // 3 minutes
 // -------------------
 
 int Authenticator::onAuthenticationRequest(
-    bsl::ostream&                  errorDescription,
-    const AuthenticationContextSp& context)
+    bsl::ostream&                              errorDescription,
+    const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg,
+    AuthenticationContextSp*                   context)
 {
     // PRECONDITIONS
-    BSLS_ASSERT_SAFE(
-        context->authenticationMessage().isAuthenticateRequestValue());
-    BSLS_ASSERT_SAFE(context->initialConnectionContext()->isIncoming());
-    BSLS_ASSERT_SAFE(!context->isReversed());  // not supported for now
-
-    const bmqp_ctrlmsg::AuthenticateRequest& authenticateRequest =
-        context->authenticationMessage().authenticateRequest();
-
-    BALL_LOG_DEBUG << "Received authentication message from '"
-                   << context->initialConnectionContext()->channel()->peerUri()
-                   << "': " << authenticateRequest;
+    BSLS_ASSERT_SAFE(authenticationMsg.isAuthenticateRequestValue());
 
     bmqp_ctrlmsg::AuthenticationMessage authenticationResponse;
     bmqp_ctrlmsg::AuthenticateResponse& response =
         authenticationResponse.makeAuthenticateResponse();
 
+    // Create an AuthenticationContext for that connection
+    bsl::shared_ptr<mqbnet::AuthenticationContext> authenticationContext =
+        bsl::allocate_shared<mqbnet::AuthenticationContext>(
+            d_allocator_p,
+            authenticationMsg,       // authenticationMessage
+            false,                   // isReversed
+            State::e_AUTHENTICATING  // state
+        );
+
     // Always succeeds for now
     // TODO: For later implementation, plugins will perform authentication,
     // taking the `AuthenticationContext` and updates it with the
@@ -85,16 +86,23 @@ int Authenticator::onAuthenticationRequest(
     response.status().code()     = 0;
     response.lifetimeMs()        = 10 * 60 * 1000;
 
+    authenticationContext->state().testAndSwap(
+        mqbnet::AuthenticationContext::State::e_AUTHENTICATING,
+        mqbnet::AuthenticationContext::State::e_AUTHENTICATED);
+
     int rc = sendAuthenticationMessage(errorDescription,
                                        authenticationResponse,
-                                       context);
+                                       authenticationContext);
+
+    *context = authenticationContext;
 
     return rc;
 }
 
 int Authenticator::onAuthenticationResponse(
-    bsl::ostream&                  errorDescription,
-    const AuthenticationContextSp& context)
+    bsl::ostream&                              errorDescription,
+    const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg,
+    AuthenticationContextSp*                   context)
 {
     BALL_LOG_ERROR << "Not Implemented";
 
@@ -163,9 +171,11 @@ Authenticator::~Authenticator()
     // NOTHING: (required because of inheritance)
 }
 
-int Authenticator::handleAuthentication(bsl::ostream& errorDescription,
-                                        bool*         isContinueRead,
-                                        const AuthenticationContextSp& context)
+int Authenticator::handleAuthentication(
+    bsl::ostream&                              errorDescription,
+    AuthenticationContextSp*                   context,
+    bool*                                      isContinueRead,
+    const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg)
 {
     enum RcEnum {
         // Value for the various RC error categories
@@ -176,19 +186,19 @@ int Authenticator::handleAuthentication(bsl::ostream& errorDescription,
     bmqu::MemOutStream errStream;
     int                rc = rc_SUCCESS;
 
-    switch (context->authenticationMessage().selectionId()) {
+    switch (authenticationMsg.selectionId()) {
     case bmqp_ctrlmsg::AuthenticationMessage::
         SELECTION_ID_AUTHENTICATE_REQUEST: {
-        rc = onAuthenticationRequest(errStream, context);
+        rc = onAuthenticationRequest(errStream, authenticationMsg, context);
     } break;  // BREAK
     case bmqp_ctrlmsg::AuthenticationMessage::
         SELECTION_ID_AUTHENTICATE_RESPONSE: {
-        rc = onAuthenticationResponse(errStream, context);
+        rc = onAuthenticationResponse(errStream, authenticationMsg, context);
     } break;  // BREAK
     default: {
         errorDescription
             << "Invalid authentication message received (unknown type): "
-            << context->authenticationMessage();
+            << authenticationMsg;
         return rc_ERROR;  // RETURN
     }
     }
diff --git a/src/groups/mqb/mqba/mqba_authenticator.h b/src/groups/mqb/mqba/mqba_authenticator.h
@@ -78,6 +78,8 @@ class Authenticator : public mqbnet::Authenticator {
         bdlcc::ObjectPoolFunctors::RemoveAll<bdlbb::Blob> >
         BlobSpPool;
 
+    typedef mqbnet::AuthenticationContext::State State;
+
   private:
     typedef bsl::shared_ptr<mqbnet::AuthenticationContext>
         AuthenticationContextSp;
@@ -100,22 +102,29 @@ class Authenticator : public mqbnet::Authenticator {
   private:
     // PRIVATE MANIPULATORS
 
-    /// Invoked when received a `AuthenticationRequest` authentication message
-    /// with the specified `context`.  The behavior of this function is
-    /// undefined unless `d_authenticationMessage` in the `context` is an
-    /// `AuthenticateRequest` and this request is incoming or reversed
-    /// connection.  Returns 0 on success, or return a non-zero code and
-    /// populate the specified `errorDescription` with a description of the
-    /// error on failure.
-    int onAuthenticationRequest(bsl::ostream& errorDescription,
-                                const AuthenticationContextSp& context);
-
-    /// Invoked when received a `AuthenticationResponse` authentication message
-    /// with the specified `context`.  Returns 0 on success, or return a
-    /// non-zero code and populate the specified `errorDescription` with
-    /// a description of the error on failure.
-    int onAuthenticationResponse(bsl::ostream& errorDescription,
-                                 const AuthenticationContextSp& context);
+    /// Handles an incoming `AuthenticationRequest` message by authenticating
+    /// using the specified `AuthenticationMessage`.  On success, creates an
+    /// `AuthenticationContext` and stores it in `context`. The behavior of
+    /// this function is undefined unless `authenticationMsg` is an
+    /// `AuthenticationRequest`.
+    /// Returns 0 on success; otherwise, returns a non-zero error code and
+    /// populates `errorDescription` with details of the failure.
+    int onAuthenticationRequest(
+        bsl::ostream&                              errorDescription,
+        const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg,
+        AuthenticationContextSp*                   context);
+
+    /// Handles an incoming `AuthenticationResponse` message by authenticating
+    /// using the specified `AuthenticationMessage`.  On success, creates an
+    /// `AuthenticationContext` and stores it in `context`. The behavior of
+    /// this function is undefined unless `authenticationMsg` is an
+    /// `AuthenticationResponse`.
+    /// Returns 0 on success; otherwise, returns a non-zero error code and
+    /// populates `errorDescription` with details of the failure.
+    int onAuthenticationResponse(
+        bsl::ostream&                              errorDescription,
+        const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg,
+        AuthenticationContextSp*                   context);
 
     /// Send the specified `message` to the peer associated with the
     /// specified `context` and return 0 on success, or return a non-zero
@@ -152,13 +161,22 @@ class Authenticator : public mqbnet::Authenticator {
     // MANIPULATORS
     //   (virtual: mqbnet::Authenticator)
 
-    int handleAuthentication(bsl::ostream&                  errorDescription,
-                             bool*                          isContinueRead,
-                             const AuthenticationContextSp& context)
-        BSLS_KEYWORD_OVERRIDE;
+    /// Authenticate the connection based on the type of AuthenticationMessage
+    /// `authenticationMsg`.  Set `isContinueRead` to true if we want to
+    /// continue reading instead of finishing authentication.  Create an
+    /// AuthenticationContext and store into `context`.
+    /// Return 0 on success, or a non-zero error code and populate the
+    /// specified `errorDescription` with a description of the error otherwise.
+    int handleAuthentication(bsl::ostream&            errorDescription,
+                             AuthenticationContextSp* context,
+                             bool*                    isContinueRead,
+                             const bmqp_ctrlmsg::AuthenticationMessage&
+                                 authenticationMsg) BSLS_KEYWORD_OVERRIDE;
 
     /// Send out outbound authentication message or reverse connection request
     /// with the specified `context`.
+    /// Return 0 on success, or a non-zero error code and populate the
+    /// specified `errorDescription` with a description of the error otherwise.
     int authenticationOutboundOrReverse(const AuthenticationContextSp& context)
         BSLS_KEYWORD_OVERRIDE;
 };
diff --git a/src/groups/mqb/mqba/mqba_initialconnectionhandler.cpp b/src/groups/mqb/mqba/mqba_initialconnectionhandler.cpp
@@ -37,6 +37,7 @@
 #include <bdlb_scopeexit.h>
 #include <bdlf_bind.h>
 #include <bdlma_localsequentialallocator.h>
+#include <bsl_memory.h>
 #include <bsls_timeinterval.h>
 
 namespace BloombergLP {
@@ -191,13 +192,22 @@ int InitialConnectionHandler::processBlob(
 
     // Authentication or Negotiation based on the type of message received.
     if (authenticationMsg.has_value()) {
-        context->authenticationContext()->setAuthenticationMessage(
-            authenticationMsg.value());
+        BALL_LOG_DEBUG << "Received authentication message from '"
+                       << context->channel()->peerUri()
+                       << "': " << authenticationMsg.value();
+
+        bsl::shared_ptr<mqbnet::AuthenticationContext> authenticationContext;
 
         rc = d_authenticator_mp->handleAuthentication(
             errorDescription,
+            &authenticationContext,
             isContinueRead,
-            context->authenticationContext());
+            authenticationMsg.value());
+
+        if (rc == rc_SUCCESS) {
+            authenticationContext->setInitialConnectionContext(context.get());
+            context->setAuthenticationContext(authenticationContext);
+        }
     }
     else if (negotiationMsg.has_value()) {
         context->negotiationContext()->d_negotiationMessage =
@@ -344,15 +354,6 @@ InitialConnectionHandler::~InitialConnectionHandler()
 void InitialConnectionHandler::setupContext(
     const InitialConnectionContextSp& context)
 {
-    // Create an AuthenticationContext for that connection
-    bsl::shared_ptr<mqbnet::AuthenticationContext> authenticationContext =
-        bsl::allocate_shared<mqbnet::AuthenticationContext>(
-            d_allocator_p,
-            context.get(),  // initialConnectionContext
-            false           // isReversed
-        );
-    context->setAuthenticationContext(authenticationContext);
-
     // Create an NegotiationContext for that connection
     bsl::shared_ptr<mqbnet::NegotiationContext> negotiationContext;
     negotiationContext.createInplace(d_allocator_p);
diff --git a/src/groups/mqb/mqbnet/mqbnet_authenticationcontext.cpp b/src/groups/mqb/mqbnet/mqbnet_authenticationcontext.cpp
@@ -20,6 +20,9 @@
 // MQB
 #include <mqbnet_initialconnectioncontext.h>
 
+// BDE
+#include <bsls_atomic.h>
+
 namespace BloombergLP {
 namespace mqbnet {
 
@@ -28,12 +31,13 @@ namespace mqbnet {
 // ---------------------------
 
 AuthenticationContext::AuthenticationContext(
-    InitialConnectionContext* initialConnectionContext,
-    bool                      isReversed,
-    ConnectionType::Enum      connectionType,
-    bslma::Allocator*         basicAllocator)
-: d_initialConnectionContext_p(initialConnectionContext)
-, d_authenticationMessage(basicAllocator)
+    const bmqp_ctrlmsg::AuthenticationMessage& authenticationMessage,
+    bool                                       isReversed,
+    State                                      state,
+    ConnectionType::Enum                       connectionType)
+: d_initialConnectionContext_p(nullptr)
+, d_authenticationMessage(authenticationMessage)
+, d_state(state)
 , d_isReversed(isReversed)
 , d_connectionType(connectionType)
 {
@@ -54,6 +58,11 @@ AuthenticationContext& AuthenticationContext::setAuthenticationMessage(
     return *this;
 }
 
+bsls::AtomicInt& AuthenticationContext::state()
+{
+    return d_state;
+}
+
 AuthenticationContext& AuthenticationContext::setIsReversed(bool value)
 {
     d_isReversed = value;
diff --git a/src/groups/mqb/mqbnet/mqbnet_authenticationcontext.h b/src/groups/mqb/mqbnet/mqbnet_authenticationcontext.h
@@ -40,10 +40,18 @@ namespace mqbnet {
 
 /// VST for the context associated with an connection being authenticated.
 class AuthenticationContext {
+  public:
+    // TYPES
+    enum State {
+        e_AUTHENTICATING = 0,
+        e_AUTHENTICATED,
+    };
+
   private:
     // DATA
     InitialConnectionContext*           d_initialConnectionContext_p;
     bmqp_ctrlmsg::AuthenticationMessage d_authenticationMessage;
+    bsls::AtomicInt                     d_state;
     bool                                d_isReversed;
     ConnectionType::Enum                d_connectionType;
 
@@ -61,10 +69,10 @@ class AuthenticationContext {
                                    bslma::UsesBslmaAllocator)
     // CREATORS
     AuthenticationContext(
-        InitialConnectionContext* initialConnectionContext,
-        bool                      isReversed,
-        ConnectionType::Enum      connectionType = ConnectionType::e_UNKNOWN,
-        bslma::Allocator*         basicAllocator = 0);
+        const bmqp_ctrlmsg::AuthenticationMessage& authenticationMessage,
+        bool                                       isReversed,
+        State                                      state,
+        ConnectionType::Enum connectionType = ConnectionType::e_UNKNOWN);
 
     // MANIPULATORS
     AuthenticationContext&
@@ -74,6 +82,8 @@ class AuthenticationContext {
     AuthenticationContext& setIsReversed(bool value);
     AuthenticationContext& setConnectionType(ConnectionType::Enum value);
 
+    bsls::AtomicInt& state();
+
     // ACCESSORS
     InitialConnectionContext* initialConnectionContext() const;
     const bmqp_ctrlmsg::AuthenticationMessage& authenticationMessage() const;
diff --git a/src/groups/mqb/mqbnet/mqbnet_authenticator.h b/src/groups/mqb/mqbnet/mqbnet_authenticator.h
@@ -25,11 +25,12 @@
 /// (re)authenticates a connection with a BlazingMQ client or another bmqbrkr.
 
 // MQB
+#include <bmqp_ctrlmsg_messages.h>
 #include <mqbnet_authenticationcontext.h>
 
 // BDE
-#include <bsl_iostream.h>
 #include <bsl_memory.h>
+#include <bsl_ostream.h>
 
 namespace BloombergLP {
 
@@ -50,14 +51,16 @@ class Authenticator {
     // MANIPULATORS
 
     /// Authenticate the connection based on the type of AuthenticationMessage
-    /// in the specified `context`.  Set `isContinueRead` to true if we want to
-    /// continue reading instead of finishing authentication.
+    /// `authenticationMsg`.  Set `isContinueRead` to true if we want to
+    /// continue reading instead of finishing authentication.  Create an
+    /// AuthenticationContext and store into `context`.
     /// Return 0 on success, or a non-zero error code and populate the
     /// specified `errorDescription` with a description of the error otherwise.
     virtual int handleAuthentication(
-        bsl::ostream&                                 errorDescription,
-        bool*                                         isContinueRead,
-        const bsl::shared_ptr<AuthenticationContext>& context) = 0;
+        bsl::ostream&                              errorDescription,
+        bsl::shared_ptr<AuthenticationContext>*    context,
+        bool*                                      isContinueRead,
+        const bmqp_ctrlmsg::AuthenticationMessage& authenticationMsg) = 0;
 
     /// Send out outbound authentication message or reverse connection request
     /// with the specified `context`.
