fix: improve join payload handling

improves error handling on join by doing basic checks on types received by realtime. it's the scafold for future validations with more informative errors to the users

Author: filipecabaco

README.md

@@ -225,6 +225,7 @@ This is the list of operational codes that can help you understand your deployme
 | Code                               | Description                                                                                                                                                                                           |
 | ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | TopicNameRequired                  | You are trying to use Realtime without a topic name set                                                                                                                                               |
+| InvalidJoinPayload                 | The payload provided to Realtime on connect is invalid                                                                                                                                                |
 | RealtimeDisabledForConfiguration   | The configuration provided to Realtime on connect will not be able to provide you any Postgres Changes                                                                                                |
 | TenantNotFound                     | The tenant you are trying to connect to does not exist                                                                                                                                                |
 | ErrorConnectingToWebsocket         | Error when trying to connect to the WebSocket server                                                                                                                                                  |

lib/realtime_web/channels/payloads/broadcast.ex

@@ -0,0 +1,17 @@
+defmodule RealtimeWeb.Channels.Payloads.Broadcast do
+  @moduledoc """
+  Validate broadcast field of the join payload.
+  """
+  use Ecto.Schema
+  import Ecto.Changeset
+  alias RealtimeWeb.Channels.Payloads.Join
+
+  embedded_schema do
+    field :ack, :boolean, default: false
+    field :self, :boolean, default: false
+  end
+
+  def changeset(broadcast, attrs) do
+    cast(broadcast, attrs, [:ack, :self], message: &Join.error_message/2)
+  end
+end

lib/realtime_web/channels/payloads/config.ex

@@ -0,0 +1,26 @@
+defmodule RealtimeWeb.Channels.Payloads.Config do
+  @moduledoc """
+  Validate config field of the join payload.
+  """
+  use Ecto.Schema
+  import Ecto.Changeset
+  alias RealtimeWeb.Channels.Payloads.Join
+  alias RealtimeWeb.Channels.Payloads.Broadcast
+  alias RealtimeWeb.Channels.Payloads.Presence
+  alias RealtimeWeb.Channels.Payloads.PostgresChange
+
+  embedded_schema do
+    embeds_one :broadcast, Broadcast
+    embeds_one :presence, Presence
+    embeds_many :postgres_changes, PostgresChange
+    field :private, :boolean, default: false
+  end
+
+  def changeset(config, attrs) do
+    config
+    |> cast(attrs, [:private], message: &Join.error_message/2)
+    |> cast_embed(:broadcast, invalid_message: "unable to parse, expected a map")
+    |> cast_embed(:presence, invalid_message: "unable to parse, expected a map")
+    |> cast_embed(:postgres_changes, invalid_message: "unable to parse, expected an array of maps")
+  end
+end

lib/realtime_web/channels/payloads/join.ex

@@ -0,0 +1,58 @@
+defmodule RealtimeWeb.Channels.Payloads.Join do
+  @moduledoc """
+  Payload validation for the phx_join event.
+  """
+  use Ecto.Schema
+  import Ecto.Changeset
+  alias RealtimeWeb.Channels.Payloads.Config
+  alias RealtimeWeb.Channels.Payloads.Broadcast
+  alias RealtimeWeb.Channels.Payloads.Presence
+
+  embedded_schema do
+    embeds_one :config, Config
+    field :access_token, :string
+    field :user_token, :string
+  end
+
+  def changeset(join, attrs) do
+    join
+    |> cast(attrs, [:access_token, :user_token], message: &error_message/2)
+    |> cast_embed(:config, invalid_message: "unable to parse, expected a map")
+  end
+
+  @spec validate(map()) :: {:ok, %__MODULE__{}} | {:error, :invalid_join_payload, map()}
+  def validate(params) do
+    case changeset(%__MODULE__{}, params) do
+      %Ecto.Changeset{valid?: true} = changeset ->
+        {:ok, Ecto.Changeset.apply_changes(changeset)}
+
+      %Ecto.Changeset{valid?: false} = changeset ->
+        errors = Ecto.Changeset.traverse_errors(changeset, &elem(&1, 0))
+        {:error, :invalid_join_payload, errors}
+    end
+  end
+
+  def presence_enabled?(%__MODULE__{config: %Config{presence: %Presence{enabled: enabled}}}), do: enabled
+  def presence_enabled?(_), do: true
+
+  def presence_key(%__MODULE__{config: %Config{presence: %Presence{key: ""}}}), do: UUID.uuid1()
+  def presence_key(%__MODULE__{config: %Config{presence: %Presence{key: key}}}), do: key
+  def presence_key(_), do: UUID.uuid1()
+
+  def ack_broadcast?(%__MODULE__{config: %Config{broadcast: %Broadcast{ack: ack}}}), do: ack
+  def ack_broadcast?(_), do: false
+
+  def self_broadcast?(%__MODULE__{config: %Config{broadcast: %Broadcast{self: self}}}), do: self
+  def self_broadcast?(_), do: false
+
+  def private?(%__MODULE__{config: %Config{private: private}}), do: private
+  def private?(_), do: false
+
+  def error_message(_field, meta) do
+    type = Keyword.get(meta, :type)
+
+    if type,
+      do: "unable to parse, expected #{type}",
+      else: "unable to parse"
+  end
+end

lib/realtime_web/channels/payloads/postgres_change.ex

@@ -0,0 +1,19 @@
+defmodule RealtimeWeb.Channels.Payloads.PostgresChange do
+  @moduledoc """
+  Validate postgres_changes field of the join payload.
+  """
+  use Ecto.Schema
+  import Ecto.Changeset
+  alias RealtimeWeb.Channels.Payloads.Join
+
+  embedded_schema do
+    field :event, :string
+    field :schema, :string
+    field :table, :string
+    field :filter, :string
+  end
+
+  def changeset(postgres_change, attrs) do
+    cast(postgres_change, attrs, [:event, :schema, :table, :filter], message: &Join.error_message/2)
+  end
+end

lib/realtime_web/channels/payloads/presence.ex

@@ -0,0 +1,17 @@
+defmodule RealtimeWeb.Channels.Payloads.Presence do
+  @moduledoc """
+  Validate presence field of the join payload.
+  """
+  use Ecto.Schema
+  import Ecto.Changeset
+  alias RealtimeWeb.Channels.Payloads.Join
+
+  embedded_schema do
+    field :enabled, :boolean, default: true
+    field :key, :string, default: UUID.uuid1()
+  end
+
+  def changeset(presence, attrs) do
+    cast(presence, attrs, [:enabled, :key], message: &Join.error_message/2)
+  end
+end

lib/realtime_web/channels/realtime_channel.ex

@@ -21,6 +21,7 @@ defmodule RealtimeWeb.RealtimeChannel do
   alias Realtime.Tenants.Authorization.Policies.PresencePolicies
   alias Realtime.Tenants.Connect
 
+  alias RealtimeWeb.Channels.Payloads.Join
   alias RealtimeWeb.ChannelsAuthorization
   alias RealtimeWeb.RealtimeChannel.BroadcastHandler
   alias RealtimeWeb.RealtimeChannel.MessageDispatcher
@@ -54,6 +55,15 @@ defmodule RealtimeWeb.RealtimeChannel do
       |> assign(:private?, !!params["config"]["private"])
       |> assign(:policies, nil)
 
+    case Join.validate(params) do
+      {:ok, _join} ->
+        nil
+
+      {:error, :invalid_join_payload, errors} ->
+        log_params = params |> Map.put("access_token", "<redacted>") |> Map.put("user_token", "<redacted>")
+        log_error(socket, "InvalidJoinPayload", %{changeset_errors: errors, params: log_params})
+    end
+
     with :ok <- SignalHandler.shutdown_in_progress?(),
          :ok <- only_private?(tenant_id, socket),
          :ok <- limit_joins(socket),

mix.exs

@@ -4,7 +4,7 @@ defmodule Realtime.MixProject do
   def project do
     [
       app: :realtime,
-      version: "2.44.0",
+      version: "2.44.1",
       elixir: "~> 1.17.3",
       elixirc_paths: elixirc_paths(Mix.env()),
       start_permanent: Mix.env() == :prod,

phx_join.schema.json

@@ -0,0 +1,139 @@
+{
+    "type": "object",
+    "description": "",
+    "title": "phx_join",
+    "required": [
+        "access_token",
+        "config"
+    ],
+    "properties": {
+        "config": {
+            "title": "config",
+            "$ref": "#/$defs/phx_join_config"
+        },
+        "access_token": {
+            "type": "string",
+            "description": "String, e.g. 'hello'",
+            "title": "access_token"
+        }
+    },
+    "additionalProperties": false,
+    "$defs": {
+        "phx_join_config": {
+            "type": "object",
+            "description": "",
+            "title": "phx_join_config",
+            "properties": {
+                "private": {
+                    "type": "boolean",
+                    "description": "Boolean, e.g. true",
+                    "title": "private",
+                    "default": false
+                },
+                "broadcast": {
+                    "title": "broadcast",
+                    "$ref": "#/$defs/phx_join_broadcast",
+                    "default": {
+                        "self": false,
+                        "ack": false
+                    }
+                },
+                "presence": {
+                    "title": "presence",
+                    "$ref": "#/$defs/phx_join_presence",
+                    "default": {
+                        "enabled": false,
+                        "key": ""
+                    }
+                },
+                "postgres_changes": {
+                    "type": "array",
+                    "title": "phx_join_postgres_changes",
+                    "items": {
+                        "$ref": "#/$defs/phx_join_postgres_changes",
+                        "default": {
+                            "table": "",
+                            "filter": "",
+                            "schema": "",
+                            "event": ""
+                        }
+                    }
+                }
+            },
+            "additionalProperties": false
+        },
+        "phx_join_broadcast": {
+            "type": "object",
+            "description": "",
+            "title": "phx_join_broadcast",
+            "properties": {
+                "self": {
+                    "type": "boolean",
+                    "description": "Boolean, e.g. true",
+                    "title": "self",
+                    "default": false
+                },
+                "ack": {
+                    "type": "boolean",
+                    "description": "Boolean, e.g. true",
+                    "title": "ack",
+                    "default": false
+                }
+            },
+            "additionalProperties": false
+        },
+        "phx_join_postgres_changes": {
+            "type": "object",
+            "description": "",
+            "title": "phx_join_postgres_changes",
+            "required": [
+                "event",
+                "filter",
+                "schema",
+                "table"
+            ],
+            "properties": {
+                "table": {
+                    "type": "string",
+                    "description": "String, e.g. 'hello'",
+                    "title": "table"
+                },
+                "filter": {
+                    "type": "string",
+                    "description": "String, e.g. 'hello'",
+                    "title": "filter"
+                },
+                "schema": {
+                    "type": "string",
+                    "description": "String, e.g. 'hello'",
+                    "title": "schema"
+                },
+                "event": {
+                    "type": "string",
+                    "description": "String, e.g. 'hello'",
+                    "title": "event"
+                }
+            },
+            "additionalProperties": false
+        },
+        "phx_join_presence": {
+            "type": "object",
+            "description": "",
+            "title": "phx_join_presence",
+            "properties": {
+                "enabled": {
+                    "type": "boolean",
+                    "description": "Boolean, e.g. true",
+                    "title": "enabled",
+                    "default": false
+                },
+                "key": {
+                    "type": "string",
+                    "description": "String, e.g. 'hello'",
+                    "title": "key"
+                }
+            },
+            "additionalProperties": false
+        }
+    }
+}