preload the public keys for allowed users to allow immediate connection

domain-server/src/DomainServer.cpp

@@ -81,6 +81,9 @@ DomainServer::DomainServer(int argc, char* argv[]) :
         
         // setup automatic networking settings with data server
         setupAutomaticNetworking();
+        
+        // preload some user public keys so they can connect on first request
+        preloadAllowedUserPublicKeys();
     }
 }
 
@@ -508,8 +511,6 @@ void DomainServer::populateDefaultStaticAssignmentsExcludingTypes(const QSet<Ass
     }
 }
 
-const QString ALLOWED_USERS_SETTINGS_KEYPATH = "security.allowed_users";
-
 const NodeSet STATICALLY_ASSIGNED_NODES = NodeSet() << NodeType::AudioMixer
     << NodeType::AvatarMixer << NodeType::VoxelServer << NodeType::ParticleServer << NodeType::EntityServer
     << NodeType::MetavoxelServer;
@@ -609,6 +610,8 @@ void DomainServer::handleConnectRequest(const QByteArray& packet, const HifiSock
     }
 }
 
+const QString ALLOWED_USERS_SETTINGS_KEYPATH = "security.allowed_users";
+
 bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
                                                  const QByteArray& usernameSignature,
                                                  const HifiSockAddr& senderSockAddr) {
@@ -664,6 +667,31 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
                     }
                 }
             
+                requestUserPublicKey(username);
+            }
+        }
+    } else {
+        // since we have no allowed user list, let them all in
+        return true;
+    }
+    
+    return false;
+}
+
+void DomainServer::preloadAllowedUserPublicKeys() {
+    const QVariant* allowedUsersVariant = valueForKeyPath(_settingsManager.getSettingsMap(), ALLOWED_USERS_SETTINGS_KEYPATH);
+    QStringList allowedUsers = allowedUsersVariant ? allowedUsersVariant->toStringList() : QStringList();
+    
+    if (allowedUsers.size() > 0) {
+        // in the future we may need to limit how many requests here - for now assume that lists of allowed users are not
+        // going to create > 100 requests
+        foreach(const QString& username, allowedUsers) {
+            requestUserPublicKey(username);
+        }
+    }
+}
+
+void DomainServer::requestUserPublicKey(const QString& username) {
     // even if we have a public key for them right now, request a new one in case it has just changed
     JSONCallbackParameters callbackParams;
     callbackParams.jsonCallbackReceiver = this;
@@ -675,14 +703,6 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
     
     AccountManager::getInstance().unauthenticatedRequest(USER_PUBLIC_KEY_PATH.arg(username),
                                                          QNetworkAccessManager::GetOperation, callbackParams);
-            }
-        }
-    } else {
-        // since we have no allowed user list, let them all in
-        return true;
-    }
-    
-    return false;
 }
 
 QUrl DomainServer::oauthRedirectURL() {

domain-server/src/DomainServer.h

@@ -85,6 +85,10 @@ private:
     void handleConnectRequest(const QByteArray& packet, const HifiSockAddr& senderSockAddr);
     bool shouldAllowConnectionFromNode(const QString& username, const QByteArray& usernameSignature,
                                        const HifiSockAddr& senderSockAddr);
+    
+    void preloadAllowedUserPublicKeys();
+    void requestUserPublicKey(const QString& username);
+    
     int parseNodeDataFromByteArray(QDataStream& packetStream,
                                    NodeType_t& nodeType,
                                    HifiSockAddr& publicSockAddr,