Document the API protocols in the README.

2014-11-29 00:36:09 +00:00
parent 9d1a70d845
commit c1adebdb04
2 changed files with 320 additions and 0 deletions
@@ -1,5 +1,16 @@
 # websocket-extensions

+A minimal framework that supports the implementation of WebSocket extensions in
+a way that's decoupled from the main protocol. This library aims to allow a
+WebSocket extension to be written and used with any protocol library, by
+defining abstract representations of frames and messages that allow modules to
+co-operate.
+
+`websocket-extensions` provides a container for registering extension plugins,
+and provides all the functions required to negotiate which extensions to use
+during a session via the `Sec-WebSocket-Extensions` header. By implementing the
+APIs defined in this document, an extension may be used by any WebSocket library
+based on this framework.

 ## Installation

@@ -7,6 +18,314 @@
 $ npm install websocket-extensions
 ```

+## Usage
+
+There are two main audiences for this library: authors implementing the
+WebSocket protocol, and authors implementing extensions. End users of a
+WebSocket library or an extension should be able to use any extension by passing
+it as an argument to their chosen protocol library, without needing to know how
+either of them work, or how the `websocket-extensions` framework operates.
+
+The library is designed with the aim that any protocol implementation and any
+extension can be used together, so long as they support an abstract
+representation of frames and messages.
+
+### Data types
+
+The APIs provided by the framework rely on two data types; extensions will
+expect to be given data and to be able to return data in these formats:
+
+#### `Frame`
+
+`Frame` is a structure representing a single WebSocket frame of any type. Frames
+are simple objects that must have at least the following properties, which
+represent the data encoded in the frame:
+
+| `final`      | `true` if the `FIN` bit is set, `false` otherwise                  |
+| `rsv1`       | `true` if the `RSV1` bit is set, `false` otherwise                 |
+| `rsv2`       | `true` if the `RSV2` bit is set, `false` otherwise                 |
+| `rsv3`       | `true` if the `RSV3` bit is set, `false` otherwise                 |
+| `opcode`     | the numeric opcode (`0`, `1`, `2`, `8`, `9`, or `10`) of the frame |
+| `masked`     | `true` if the `MASK` bit is set, `false` otherwise                 |
+| `maskingKey` | a 4-byte `Buffer` if `masked` is `true`, otherwise `null`          |
+| `length`     | the numeric length of the frame's payload                          |
+| `payload`    | a `Buffer` containing the (unmasked) application data              |
+
+If an extension modifies any of these fields, it should make sure it leaves the
+frame in a consistent state, e.g. `length` must mirror the actual length of
+`payload` at all times.
+
+#### `Message`
+
+A `Message` represents a complete application message, which can be formed from
+text, binary and continuation frames. It has the following properties:
+
+| `frames` | an array of `Frame` objects                                |
+| `data`   | the concatenation of all the frame payloads in the message |
+
+Again, if an extension modifies a `Message` it must leave it in a consistent
+state such that `data` is equal to the concatenated payloads in the `frames`
+array.
+
+### For driver authors
+
+A driver author is someone implementing the WebSocket protocol proper, and who
+wishes end users to be able to use WebSocket extensions with their library.
+
+At the start of a WebSocket session, on both the client and the server side,
+they should begin by creating an extension container and adding whichever
+extensions they want to use.
+
+```js
+var Extensions = require('websocket-extensions'),
+    deflate    = require('permessage-deflate');
+
+var exts = new Extensions();
+exts.add(deflate);
+```
+
+In the following examples, `exts` refers to this `Extensions` instance.
+
+#### Client sessions
+
+Clients will use the methods `generateOffer()` and `activate(header)`.
+
+As part of the handshake process, the client must send a
+`Sec-WebSocket-Extensions` header to advertise that it supports the registered
+extensions. This header should be generated using:
+
+```js
+request.headers['sec-websocket-extensions'] = exts.generateOffer();
+```
+
+This returns a string, for example `"permessage-deflate;
+client_max_window_bits"`, that represents all the extensions the client is
+offering to use, and their parameters. This string may contain multiple offers
+for the same extension.
+
+When the client receives the handshake response from the server, it should pass
+the incoming `Sec-WebSocket-Extensions` header in to `exts` to activate the
+extensions the server has accepted:
+
+```js
+exts.activate(response.headers['sec-websocket-extensions']);
+```
+
+If the server has sent any extension responses that the client does not
+recognize, or are in conflict with one another for use of RSV bits, or that use
+invalid parameters for the named extensions, then `exts.activate()` will
+`throw`. In this event, the client driver should fail the connection with
+closing code `1010`.
+
+#### Server sessions
+
+Servers will use the method `generateResponse(header)`.
+
+A server session needs to generate a `Sec-WebSocket-Extensions` header to send
+in its handshake response:
+
+```js
+var clientOffer = request.headers['sec-websocket-extensions'],
+    extResponse = exts.generateResponse(clientOffer);
+
+response.headers['sec-websocket-extensions'] = extResponse;
+```
+
+Calling `exts.generateResponse(header)` activates those extensions the client
+has asked to use, if they are registered, asks each extension for a set of
+response parameters, and returns a string containing the response parameters for
+all accepted extensions.
+
+#### In both directions
+
+Both clients and servers will use the methods `validFrameRsv(frame)`,
+`processIncomingMessage(message)` and `processOutgoingMessage(message)`.
+
+The WebSocket protocol requires that frames do not have any of the `RSV` bits
+set unless there is an extension in use that allows otherwise. When processing
+an incoming frame, sessions should pass a `Frame` object to:
+
+```js
+exts.validFrameRsv(frame)
+```
+
+If this method returns `false`, the session should fail the WebSocket connection
+with closing code `1002`.
+
+To pass incoming messages through the extension stack, a session should
+construct a `Message` object according to the above datatype definitions, and
+call:
+
+```js
+exts.processIncomingMessage(message, function(error, msg) {
+  // hand the message off to the application
+});
+```
+
+If any extensions fail to process the message, then the callback will yield an
+error and the session should fail the WebSocket connection with closing code
+`1010`. If `error` is `null`, then `msg` should be passed on to the application.
+
+To pass outgoing messages through the extension stack, a session should
+construct a `Message` as before, and call:
+
+```js
+exts.processOutgoingMessage(message, function(error, msg) {
+  // write each frame in msg.frames to the transport
+});
+```
+
+If any extensions fail to process the message, then the callback will yield an
+error and the session should fail the WebSocket connection with closing code
+`1010`. If `error` is `null`, then each frame in `msg.frames` should be written
+to the transport, after applying `frame.maskingKey` to `frame.payload` if
+required.
+
+### For extension authors
+
+An extension author is someone implementing an extension that transforms
+WebSocket messages passing between the client and server. They would like to
+implement their extension once and have it work with any protocol library.
+
+Extension authors will not install `websocket-extensions` or call it directly.
+Instead, they should implement the following API to allow their extension to
+plug into the `websocket-extensions` framework.
+
+An `Extension` is any object that has the following properties:
+
+| `name` | a string containing the name of the extension as used in negotiation headers |
+| `type` | a string, must be `"permessage"` |
+| `rsv1` | either `true` if the extension uses the RSV1 bit, `false` otherwise |
+| `rsv2` | either `true` if the extension uses the RSV2 bit, `false` otherwise |
+| `rsv3` | either `true` if the extension uses the RSV3 bit, `false` otherwise |
+
+It must also implement the following methods:
+
+```js
+ext.createClientSession()
+```
+
+This returns a `ClientSession`, whose interface is defined below.
+
+```js
+ext.createServerSession(offers)
+```
+
+This takes an array of offer params and returns a `ServerSession`, whose
+interface is defined below. For example, if the client handshake contains the
+offer header:
+
+```
+Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; server_max_window_bits=8, \
+                          permessage-deflate; server_max_window_bits=15
+```
+
+then the `permessage-deflate` extension will receive the call:
+
+```js
+ext.createServerSession([
+  {server_no_context_takeover: true, server_max_window_bits: 8},
+  {server_max_window_bits: 15}
+]);
+```
+
+The extension must decide which set of parameters it wants to accept, if any,
+and return a `ServerSession` if it wants to accept the parameters and `null`
+otherwise.
+
+#### `ClientSession`
+
+A `ClientSession` is the type returned by `ext.createClientSession()`. It must
+implement the following methods, as well as the `Session` API listed below.
+
+```js
+clientSession.generateOffer()
+// e.g.  -> [
+//            {server_no_context_takeover: true, server_max_window_bits: 8},
+//            {server_max_window_bits: 15}
+//          ]
+```
+
+This must return a set of parameters to include in the client's
+`Sec-WebSocket-Extensions` offer header. If the session wants to offer multiple
+configurations, it can return an array of sets of parameters as shown above.
+
+```js
+clientSession.activate(params) // -> true
+```
+
+This must take a single set of parameters from the server's handshake response
+and use them to configure the client session. If the client accepts the given
+parameters, then this method must return `true`. If it returns any other value,
+the framework will interpret this as the client rejecting the response, and will
+`throw`.
+
+#### `ServerSession`
+
+A `ServerSession` is the type returned by `ext.createServerSession(offers)`. It
+must implement the following methods, as well as the `Session` API listed below.
+
+```js
+serverSession.generateResponse()
+// e.g.  -> {server_max_window_bits: 8}
+```
+
+This returns the set of parameters the server session wants to send in its
+`Sec-WebSocket-Extensions` response header. Only one set of parameters is
+returned to the client per extension. Server sessions that would confict on
+their use of RSV bits are not activated.
+
+#### `Session`
+
+The `Session` API must be implemented by both client and server sessions. It
+contains three methods: `validFrameRsv(frame)`,
+`processIncomingMessage(message)` and `processOutgoingMessage(message)`.
+
+```js
+session.validFrameRsv(frame)
+```
+
+This takes a `Frame` as defined above, and returns a response indicating which
+RSV bits are allowed to be set on the frame. (If a session is having this method
+called, the session is active and should its bits can be used.) For example, the
+`permessage-deflate` extension allows the RSV1 bit to be set on `text` and
+`binary` frames, and implements this method like this:
+
+```js
+Session.prototype.validFrameRsv = function(frame) {
+  if (frame.opcode === 1 || frame.opcode === 2) {
+    return {rsv1: true, rsv2: false, rsv3: false};
+  else
+    return {rsv1: false, rsv2: false, rsv3: false};
+};
+```
+
+Note that returning `false` for an `rsvX` field does not mean the session is
+forbidding its use; the framework assumes all RSV bits are banned unless a
+session indicates otherwise.
+
+```js
+session.processIncomingMessage(message, function(error, msg) { ... })
+```
+
+The session must implement this method to take an incoming `Message` as defined
+above, transform it in any way it needs, then return it via the callback. If
+there is an error processing the message, this method should yield an error as
+the first argument.
+
+```js
+session.processOutgoingMessage(message, function(error, msg) { ... })
+```
+
+The session must implement this method to take an outgoing `Message` as defined
+above, transform it in any way it needs, then return it via the callback. If
+there is an error processing the message, this method should yield an error as
+the first argument.
+
+## Examples
+
+* Consumer: [websocket-driver](https://github.com/faye/websocket-driver-node)
+* Provider: [permessage-deflate](https://github.com/faye/permessage-deflate-node)

 ## License

@@ -14,6 +14,7 @@ var Extensions = function() {
 var instance = {
  add: function(ext) {
    if (typeof ext.name !== 'string') throw new TypeError('extension.name must be a string');
+    if (ext.type !== 'permessage') throw new TypeError('extension.type must be "permessage"');

    if (typeof ext.rsv1 !== 'boolean') throw new TypeError('extension.rsv1 must be true or false');
    if (typeof ext.rsv2 !== 'boolean') throw new TypeError('extension.rsv2 must be true or false');