enh: add token transport

[yihaoDeng]

Description

Issue(s)

• Close/close/Fix/fix/Resolve/resolve: Issue Link

Checklist

Please check the items in the checklist if applicable.

• Is the user manual updated?
• Are the test cases passed and automated?
• Is there no significant decrease in test coverage?

[gemini-code-assist]

Summary of Changes

Hello @yihaoDeng, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the system's transport layer by integrating support for token-based identification. It introduces new data fields and modifies existing functions and message handling logic to allow connections to be established and identified using either traditional user credentials or a new token-based mechanism. This change provides greater flexibility in how clients authenticate and interact with the system, laying the groundwork for more diverse security and access control strategies.

Highlights

• Token-based Identification Fields: New fields identifier and isToken have been introduced in core transport structures like SRpcConnInfo, SRpcInit, STransInfo, SRpcInfo, and SSvrConn to support token-based identification.
• Transporter Function Signature Update: The openTransporter function signature has been modified to accept an identifier string and an isToken flag, replacing the previous user and auth parameters, reflecting the shift towards a more generic identification mechanism.
• Dynamic User Information Handling: The client-side (cliConnMayAddUserInfo) and server-side (uvConnMayGetUserInfo) logic for handling user information in transport messages has been updated to dynamically select between the traditional user field and the new identifier field based on the isToken flag in the message header.
• Message Header Flag: The secured bitfield in STransMsgHead has been repurposed and renamed to isToken, indicating whether the message carries token-based identification.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces support for token-based authentication in the transport layer. The changes include updating data structures to carry token information and modifying client and server logic to handle this new authentication method. While the overall direction is good, I've identified a critical memory corruption vulnerability on the server-side due to incorrect memory allocation. Additionally, the client-side implementation for token authentication appears to be incomplete, using hardcoded placeholder values. I've also noted a minor maintainability issue with a confusing field name. These issues should be addressed to ensure the feature is robust and secure.

[gemini-code-assist]

There's a potential memory corruption bug here. The memory for tHead is allocated using sizeof(pInst->user), but it should use the offset variable, which correctly reflects the size of either the user or the identifier. If isToken is true, offset will be sizeof(pConn->identifier), which might be different from sizeof(pInst->user), leading to an incorrect allocation size. This could cause a buffer overflow in the subsequent memcpy.

    STransMsgHead* tHead = taosMemoryCalloc(1, len - offset);

[gemini-code-assist]

The call to openTransporter appears to have incorrect or incomplete logic for token-based authentication. The isToken parameter is hardcoded to 0, and a magic string "<token>" is used as the identifier when user is null. This will not work for actual token authentication and seems to be a placeholder. This should be updated to correctly handle tokens, likely by passing a real token and setting isToken to 1 when appropriate.

[gemini-code-assist]

The rpcInit.user field is now being used to store an identifier which can be either a username or a token. This can be confusing given its name and the original comment in its definition. To improve clarity and maintainability, consider renaming the user field in the SRpcInit struct (defined in include/libs/transport/trpc.h) to something more generic like identifier.