use of org.eclipse.californium.core.network.CoapEndpoint in project smarthome by eclipse.
the class TradfriGatewayHandler method obtainIdentityAndPreSharedKey.
/**
* Authenticates against the gateway with the security code in order to receive a pre-shared key for a newly
* generated identity.
* As this requires a remote request, this method might be long-running.
*
* @return true, if credentials were successfully obtained, false otherwise
*/
protected boolean obtainIdentityAndPreSharedKey() {
TradfriGatewayConfig configuration = getConfigAs(TradfriGatewayConfig.class);
String identity = UUID.randomUUID().toString().replace("-", "");
String preSharedKey = null;
CoapResponse gatewayResponse;
String authUrl = null;
String responseText = null;
try {
DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new InetSocketAddress(0));
builder.setPskStore(new StaticPskStore("Client_identity", configuration.code.getBytes()));
DTLSConnector dtlsConnector = new DTLSConnector(builder.build());
CoapEndpoint authEndpoint = new CoapEndpoint(dtlsConnector, NetworkConfig.getStandard());
authUrl = "coaps://" + configuration.host + ":" + configuration.port + "/15011/9063";
CoapClient deviceClient = new CoapClient(new URI(authUrl));
deviceClient.setTimeout(TimeUnit.SECONDS.toMillis(10));
deviceClient.setEndpoint(authEndpoint);
JsonObject json = new JsonObject();
json.addProperty(CLIENT_IDENTITY_PROPOSED, identity);
gatewayResponse = deviceClient.post(json.toString(), 0);
authEndpoint.destroy();
deviceClient.shutdown();
if (gatewayResponse == null) {
// seems we ran in a timeout, which potentially also happens
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "No response from gateway. Might be due to an invalid security code.");
return false;
}
if (gatewayResponse.isSuccess()) {
responseText = gatewayResponse.getResponseText();
json = new JsonParser().parse(responseText).getAsJsonObject();
preSharedKey = json.get(NEW_PSK_BY_GW).getAsString();
if (isNullOrEmpty(preSharedKey)) {
logger.error("Received pre-shared key is empty for thing {} on gateway at {}", getThing().getUID(), configuration.host);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "Pre-shared key was not obtain successfully");
return false;
} else {
logger.info("Received pre-shared key for gateway '{}'", configuration.host);
logger.debug("Using identity '{}' with pre-shared key '{}'.", identity, preSharedKey);
Configuration editedConfig = editConfiguration();
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_CODE, null);
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_IDENTITY, identity);
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_PRE_SHARED_KEY, preSharedKey);
updateConfiguration(editedConfig);
return true;
}
} else {
logger.warn("Failed obtaining pre-shared key for identity '{}' (response code '{}', response text '{}')", identity, gatewayResponse.getCode(), isNullOrEmpty(gatewayResponse.getResponseText()) ? "<empty>" : gatewayResponse.getResponseText());
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, String.format("Failed obtaining pre-shared key with status code '%s'", gatewayResponse.getCode()));
}
} catch (URISyntaxException e) {
logger.error("Illegal gateway URI '{}'", authUrl, e);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, e.getMessage());
} catch (JsonParseException e) {
logger.warn("Invalid response recieved from gateway '{}'", responseText, e);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, String.format("Invalid response recieved from gateway '%s'", responseText));
}
return false;
}
use of org.eclipse.californium.core.network.CoapEndpoint in project leshan by eclipse.
the class RegistrationTest method register_with_invalid_request.
@Test
public void register_with_invalid_request() throws InterruptedException, IOException {
// Check registration
helper.assertClientNotRegisterered();
// create a register request without the list of supported object
Request coapRequest = new Request(Code.POST);
coapRequest.setDestinationContext(new AddressEndpointContext(helper.server.getUnsecuredAddress()));
coapRequest.getOptions().setContentFormat(ContentFormat.LINK.getCode());
coapRequest.getOptions().addUriPath("rd");
coapRequest.getOptions().addUriQuery("ep=" + helper.currentEndpointIdentifier);
// send request
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(new InetSocketAddress(0));
CoapEndpoint coapEndpoint = builder.build();
coapEndpoint.start();
coapEndpoint.sendRequest(coapRequest);
// check response
Response response = coapRequest.waitForResponse(1000);
assertEquals(response.getCode(), org.eclipse.californium.core.coap.CoAP.ResponseCode.BAD_REQUEST);
coapEndpoint.stop();
}
use of org.eclipse.californium.core.network.CoapEndpoint in project leshan by eclipse.
the class LeshanClientBuilder method build.
/**
* Creates an instance of {@link LeshanClient} based on the properties set on this builder.
*/
public LeshanClient build() {
if (localAddress == null) {
localAddress = new InetSocketAddress(0);
}
if (objectEnablers == null) {
ObjectsInitializer initializer = new ObjectsInitializer();
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coap://leshan.eclipse.org:5683", 12345));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, 5 * 60, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", "model12345", "12345", "U"));
objectEnablers = initializer.createMandatory();
}
if (coapConfig == null) {
coapConfig = createDefaultNetworkConfig();
}
// handle dtlsConfig
DtlsConnectorConfig dtlsConfig = null;
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
}
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle PSK Store
LwM2mObjectEnabler securityEnabler = this.objectEnablers.get(LwM2mId.SECURITY);
if (securityEnabler == null) {
throw new IllegalArgumentException("Security object is mandatory");
}
if (incompleteConfig.getPskStore() == null) {
dtlsConfigBuilder.setPskStore(new SecurityObjectPskStore(securityEnabler));
} else {
LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
}
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localSecureAddress == null) {
localSecureAddress = new InetSocketAddress(0);
}
dtlsConfigBuilder.setAddress(localSecureAddress);
} else if (localSecureAddress != null && !localSecureAddress.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localSecureAddress, incompleteConfig.getAddress()));
}
// Handle active peers
if (incompleteConfig.getMaxConnections() == null)
dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
if (incompleteConfig.getStaleConnectionThreshold() == null)
dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
// Use only 1 thread to handle DTLS connection by default
if (incompleteConfig.getConnectionThreadCount() == null) {
dtlsConfigBuilder.setConnectionThreadCount(1);
}
dtlsConfig = dtlsConfigBuilder.build();
// create endpoints
CoapEndpoint unsecuredEndpoint = null;
if (!noUnsecuredEndpoint) {
if (endpointFactory != null) {
unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(localAddress);
builder.setNetworkConfig(coapConfig);
unsecuredEndpoint = builder.build();
}
}
CoapEndpoint securedEndpoint = null;
if (!noSecuredEndpoint) {
if (endpointFactory != null) {
securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setConnector(new DTLSConnector(dtlsConfig));
builder.setNetworkConfig(coapConfig);
securedEndpoint = builder.build();
}
}
if (securedEndpoint == null && unsecuredEndpoint == null) {
throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
}
return new LeshanClient(endpoint, unsecuredEndpoint, securedEndpoint, objectEnablers, coapConfig, additionalAttributes);
}
use of org.eclipse.californium.core.network.CoapEndpoint in project leshan by eclipse.
the class LeshanBootstrapServerBuilder method build.
public LeshanBootstrapServer build() {
if (localAddress == null)
localAddress = new InetSocketAddress(LwM2m.DEFAULT_COAP_PORT);
// TODO we should have default implementation for BootstrapStore in leshan.server project.
if (configStore == null)
throw new IllegalStateException("BootstrapStore is mandatory");
if (sessionManager == null)
sessionManager = new DefaultBootstrapSessionManager(securityStore);
if (model == null)
model = new LwM2mModel(ObjectLoader.loadDefault());
if (coapConfig == null) {
coapConfig = createDefaultNetworkConfig();
}
// handle dtlsConfig
DtlsConnectorConfig dtlsConfig = null;
if (!noSecuredEndpoint) {
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
}
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle PSK Store
if (incompleteConfig.getPskStore() == null && securityStore != null) {
dtlsConfigBuilder.setPskStore(new LwM2mBootstrapPskStore(securityStore));
} else {
LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
}
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localAddressSecure == null) {
localAddressSecure = new InetSocketAddress(0);
}
dtlsConfigBuilder.setAddress(localAddressSecure);
} else if (localAddressSecure != null && !localAddressSecure.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localAddressSecure, incompleteConfig.getAddress()));
}
// Handle active peers
if (incompleteConfig.getMaxConnections() == null)
dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
if (incompleteConfig.getStaleConnectionThreshold() == null)
dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
// we try to build the dtlsConfig, if it fail we will just not create the secured endpoint
try {
dtlsConfig = dtlsConfigBuilder.build();
} catch (IllegalStateException e) {
}
}
CoapEndpoint unsecuredEndpoint = null;
if (!noUnsecuredEndpoint) {
if (endpointFactory != null) {
unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(localAddress);
builder.setNetworkConfig(coapConfig);
unsecuredEndpoint = builder.build();
}
}
CoapEndpoint securedEndpoint = null;
if (!noSecuredEndpoint && dtlsConfig != null) {
if (endpointFactory != null) {
securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setConnector(new DTLSConnector(dtlsConfig));
builder.setNetworkConfig(coapConfig);
builder.setEndpointContextMatcher(new Lwm2mEndpointContextMatcher());
securedEndpoint = builder.build();
}
}
if (securedEndpoint == null && unsecuredEndpoint == null) {
throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
}
return new LeshanBootstrapServer(unsecuredEndpoint, securedEndpoint, configStore, securityStore, sessionManager, model, coapConfig);
}
use of org.eclipse.californium.core.network.CoapEndpoint in project leshan by eclipse.
the class LeshanServerBuilder method build.
public LeshanServer build() {
if (localAddress == null)
localAddress = new InetSocketAddress(LwM2m.DEFAULT_COAP_PORT);
if (registrationStore == null)
registrationStore = new InMemoryRegistrationStore();
if (authorizer == null)
authorizer = new DefaultAuthorizer(securityStore);
if (modelProvider == null)
modelProvider = new StandardModelProvider();
if (encoder == null)
encoder = new DefaultLwM2mNodeEncoder();
if (decoder == null)
decoder = new DefaultLwM2mNodeDecoder();
if (coapConfig == null)
coapConfig = createDefaultNetworkConfig();
if (awakeTimeProvider == null)
awakeTimeProvider = new StaticClientAwakeTimeProvider();
// handle dtlsConfig
DtlsConnectorConfig dtlsConfig = null;
if (!noSecuredEndpoint) {
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
}
// set default DTLS setting for Leshan unless user change it.
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle PSK Store
if (incompleteConfig.getPskStore() == null && securityStore != null) {
dtlsConfigBuilder.setPskStore(new LwM2mPskStore(this.securityStore, registrationStore));
} else {
LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
}
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localSecureAddress == null) {
localSecureAddress = new InetSocketAddress(LwM2m.DEFAULT_COAP_SECURE_PORT);
}
dtlsConfigBuilder.setAddress(localSecureAddress);
} else if (localSecureAddress != null && !localSecureAddress.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localSecureAddress, incompleteConfig.getAddress()));
}
// Handle active peers
if (incompleteConfig.getMaxConnections() == null)
dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
if (incompleteConfig.getStaleConnectionThreshold() == null)
dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
// handle trusted certificates
if (trustedCertificates != null) {
if (incompleteConfig.getTrustStore() == null) {
dtlsConfigBuilder.setTrustStore(trustedCertificates);
} else if (!Arrays.equals(trustedCertificates, incompleteConfig.getTrustStore())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for trusted Certificates (trustStore) : \n%s != \n%s", Arrays.toString(trustedCertificates), Arrays.toString(incompleteConfig.getTrustStore())));
}
}
// check conflict for private key
if (privateKey != null) {
if (incompleteConfig.getPrivateKey() != null && !incompleteConfig.getPrivateKey().equals(privateKey)) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for private key: %s != %s", privateKey, incompleteConfig.getPrivateKey()));
}
// if in raw key mode and not in X.509 set the raw keys
if (certificateChain == null && publicKey != null) {
if (incompleteConfig.getPublicKey() != null && !incompleteConfig.getPublicKey().equals(publicKey)) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for public key: %s != %s", publicKey, incompleteConfig.getPublicKey()));
}
dtlsConfigBuilder.setIdentity(privateKey, publicKey);
}
// if in X.509 mode set the private key, certificate chain, public key is extracted from the certificate
if (certificateChain != null && certificateChain.length > 0) {
if (incompleteConfig.getCertificateChain() != null && !Arrays.equals(incompleteConfig.getCertificateChain(), certificateChain)) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for certificate chain: %s != %s", Arrays.toString(certificateChain), Arrays.toString(incompleteConfig.getCertificateChain())));
}
dtlsConfigBuilder.setIdentity(privateKey, certificateChain, false);
}
}
// we try to build the dtlsConfig, if it fail we will just not create the secured endpoint
try {
dtlsConfig = dtlsConfigBuilder.build();
} catch (IllegalStateException e) {
}
}
// create endpoints
CoapEndpoint unsecuredEndpoint = null;
if (!noUnsecuredEndpoint) {
if (endpointFactory != null) {
unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, registrationStore);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(localAddress);
builder.setNetworkConfig(coapConfig);
builder.setObservationStore(registrationStore);
unsecuredEndpoint = builder.build();
}
}
CoapEndpoint securedEndpoint = null;
if (!noSecuredEndpoint && dtlsConfig != null) {
if (endpointFactory != null) {
securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, registrationStore);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setConnector(new DTLSConnector(dtlsConfig));
builder.setNetworkConfig(coapConfig);
builder.setObservationStore(registrationStore);
builder.setEndpointContextMatcher(new Lwm2mEndpointContextMatcher());
securedEndpoint = builder.build();
}
}
if (securedEndpoint == null && unsecuredEndpoint == null) {
throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
}
return new LeshanServer(unsecuredEndpoint, securedEndpoint, registrationStore, securityStore, authorizer, modelProvider, encoder, decoder, coapConfig, noQueueMode, awakeTimeProvider);
}
Aggregations