in src/main/java/com/microsoft/azure/proton/transport/ws/impl/WebSocketUpgrade.java [118:181]
public Boolean validateUpgradeReply(byte[] responseBytes) {
final String httpString = new String(responseBytes, StandardCharsets.UTF_8);
boolean isStatusLineOk = false;
boolean isUpgradeHeaderOk = false;
boolean isConnectionHeaderOk = false;
boolean isProtocolHeaderOk = false;
boolean isAcceptHeaderOk = false;
final Scanner scanner = new Scanner(httpString);
while (scanner.hasNextLine()) {
final String line = scanner.nextLine();
final String lowercase = line.toLowerCase(Locale.ROOT);
if ((lowercase.contains("http/1.1"))
&& (line.contains("101"))
&& (lowercase.contains("switching protocols"))) {
isStatusLineOk = true;
continue;
}
if ((lowercase.contains("upgrade")) && (lowercase.contains("websocket"))) {
isUpgradeHeaderOk = true;
continue;
}
if ((lowercase.contains("connection")) && (lowercase.contains("upgrade"))) {
isConnectionHeaderOk = true;
continue;
}
if (lowercase.contains("sec-websocket-protocol") && (lowercase.contains(protocol.toLowerCase(Locale.ROOT)))) {
isProtocolHeaderOk = true;
continue;
}
if (lowercase.contains("sec-websocket-accept")) {
MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("SHA-1");
} catch (NoSuchAlgorithmException e) {
// can't happen since SHA-1 is a known digest
break;
}
final byte[] bytes = (this.webSocketKey + RFC_GUID).getBytes(StandardCharsets.ISO_8859_1);
final String expectedKey = Base64.encodeBase64StringLocal(messageDigest.digest(bytes)).trim();
if (line.contains(expectedKey)) {
isAcceptHeaderOk = true;
}
}
}
scanner.close();
return (isStatusLineOk) && (isUpgradeHeaderOk) && (isConnectionHeaderOk) && (isProtocolHeaderOk) && (isAcceptHeaderOk);
}