use of org.eclipse.californium.scandium.DTLSConnector in project smarthome by eclipse.
the class TradfriGatewayHandler method obtainIdentityAndPreSharedKey.
/**
* Authenticates against the gateway with the security code in order to receive a pre-shared key for a newly
* generated identity.
* As this requires a remote request, this method might be long-running.
*
* @return true, if credentials were successfully obtained, false otherwise
*/
protected boolean obtainIdentityAndPreSharedKey() {
TradfriGatewayConfig configuration = getConfigAs(TradfriGatewayConfig.class);
String identity = UUID.randomUUID().toString().replace("-", "");
String preSharedKey = null;
CoapResponse gatewayResponse;
String authUrl = null;
String responseText = null;
try {
DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new InetSocketAddress(0));
builder.setPskStore(new StaticPskStore("Client_identity", configuration.code.getBytes()));
DTLSConnector dtlsConnector = new DTLSConnector(builder.build());
CoapEndpoint authEndpoint = new CoapEndpoint(dtlsConnector, NetworkConfig.getStandard());
authUrl = "coaps://" + configuration.host + ":" + configuration.port + "/15011/9063";
CoapClient deviceClient = new CoapClient(new URI(authUrl));
deviceClient.setTimeout(TimeUnit.SECONDS.toMillis(10));
deviceClient.setEndpoint(authEndpoint);
JsonObject json = new JsonObject();
json.addProperty(CLIENT_IDENTITY_PROPOSED, identity);
gatewayResponse = deviceClient.post(json.toString(), 0);
authEndpoint.destroy();
deviceClient.shutdown();
if (gatewayResponse == null) {
// seems we ran in a timeout, which potentially also happens
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "No response from gateway. Might be due to an invalid security code.");
return false;
}
if (gatewayResponse.isSuccess()) {
responseText = gatewayResponse.getResponseText();
json = new JsonParser().parse(responseText).getAsJsonObject();
preSharedKey = json.get(NEW_PSK_BY_GW).getAsString();
if (isNullOrEmpty(preSharedKey)) {
logger.error("Received pre-shared key is empty for thing {} on gateway at {}", getThing().getUID(), configuration.host);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, "Pre-shared key was not obtain successfully");
return false;
} else {
logger.info("Received pre-shared key for gateway '{}'", configuration.host);
logger.debug("Using identity '{}' with pre-shared key '{}'.", identity, preSharedKey);
Configuration editedConfig = editConfiguration();
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_CODE, null);
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_IDENTITY, identity);
editedConfig.put(TradfriBindingConstants.GATEWAY_CONFIG_PRE_SHARED_KEY, preSharedKey);
updateConfiguration(editedConfig);
return true;
}
} else {
logger.warn("Failed obtaining pre-shared key for identity '{}' (response code '{}', response text '{}')", identity, gatewayResponse.getCode(), isNullOrEmpty(gatewayResponse.getResponseText()) ? "<empty>" : gatewayResponse.getResponseText());
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, String.format("Failed obtaining pre-shared key with status code '%s'", gatewayResponse.getCode()));
}
} catch (URISyntaxException e) {
logger.error("Illegal gateway URI '{}'", authUrl, e);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, e.getMessage());
} catch (JsonParseException e) {
logger.warn("Invalid response recieved from gateway '{}'", responseText, e);
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.COMMUNICATION_ERROR, String.format("Invalid response recieved from gateway '%s'", responseText));
}
return false;
}
use of org.eclipse.californium.scandium.DTLSConnector in project smarthome by eclipse.
the class TradfriGatewayHandler method establishConnection.
private void establishConnection() {
TradfriGatewayConfig configuration = getConfigAs(TradfriGatewayConfig.class);
this.gatewayURI = "coaps://" + configuration.host + ":" + configuration.port + "/" + DEVICES;
this.gatewayInfoURI = "coaps://" + configuration.host + ":" + configuration.port + "/" + GATEWAY + "/" + GATEWAY_DETAILS;
try {
URI uri = new URI(gatewayURI);
deviceClient = new TradfriCoapClient(uri);
} catch (URISyntaxException e) {
logger.error("Illegal gateway URI '{}': {}", gatewayURI, e.getMessage());
updateStatus(ThingStatus.OFFLINE, ThingStatusDetail.CONFIGURATION_ERROR, e.getMessage());
return;
}
DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new InetSocketAddress(0));
builder.setPskStore(new StaticPskStore(configuration.identity, configuration.preSharedKey.getBytes()));
dtlsConnector = new DTLSConnector(builder.build());
endPoint = new TradfriCoapEndpoint(dtlsConnector, NetworkConfig.getStandard());
deviceClient.setEndpoint(endPoint);
updateStatus(ThingStatus.UNKNOWN);
// schedule a new scan every minute
scanJob = scheduler.scheduleWithFixedDelay(this::startScan, 0, 1, TimeUnit.MINUTES);
}
use of org.eclipse.californium.scandium.DTLSConnector in project hono by eclipse.
the class CoapTestBase method getCoapsClient.
/**
* Creates the client to use for uploading data to the secure endpoint
* of the CoAP adapter.
*
* @param dtlsConnectorConfig The configuration of the DTLS connector to use for connecting
* to the adapter.
* @return The client.
*/
protected CoapClient getCoapsClient(final DtlsConnectorConfig.Builder dtlsConnectorConfig) {
// listen on wildcard to support non-localhost docker daemons
dtlsConnectorConfig.setAddress(new InetSocketAddress(0));
dtlsConnectorConfig.setMaxRetransmissions(1);
final CoapEndpoint.Builder builder = new CoapEndpoint.Builder();
builder.setNetworkConfig(NetworkConfig.createStandardWithoutFile());
builder.setConnector(new DTLSConnector(dtlsConnectorConfig.build()));
return new CoapClient().setEndpoint(builder.build());
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class LeshanClientBuilder method build.
/**
* Creates an instance of {@link LeshanClient} based on the properties set on this builder.
*/
public LeshanClient build() {
if (localAddress == null) {
localAddress = new InetSocketAddress(0);
}
if (objectEnablers == null) {
ObjectsInitializer initializer = new ObjectsInitializer();
initializer.setInstancesForObject(LwM2mId.SECURITY, Security.noSec("coap://leshan.eclipse.org:5683", 12345));
initializer.setInstancesForObject(LwM2mId.SERVER, new Server(12345, 5 * 60, BindingMode.U, false));
initializer.setInstancesForObject(LwM2mId.DEVICE, new Device("Eclipse Leshan", "model12345", "12345", "U"));
objectEnablers = initializer.createMandatory();
}
if (coapConfig == null) {
coapConfig = createDefaultNetworkConfig();
}
// handle dtlsConfig
DtlsConnectorConfig dtlsConfig = null;
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
}
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle PSK Store
LwM2mObjectEnabler securityEnabler = this.objectEnablers.get(LwM2mId.SECURITY);
if (securityEnabler == null) {
throw new IllegalArgumentException("Security object is mandatory");
}
if (incompleteConfig.getPskStore() == null) {
dtlsConfigBuilder.setPskStore(new SecurityObjectPskStore(securityEnabler));
} else {
LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
}
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localSecureAddress == null) {
localSecureAddress = new InetSocketAddress(0);
}
dtlsConfigBuilder.setAddress(localSecureAddress);
} else if (localSecureAddress != null && !localSecureAddress.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localSecureAddress, incompleteConfig.getAddress()));
}
// Handle active peers
if (incompleteConfig.getMaxConnections() == null)
dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
if (incompleteConfig.getStaleConnectionThreshold() == null)
dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
// Use only 1 thread to handle DTLS connection by default
if (incompleteConfig.getConnectionThreadCount() == null) {
dtlsConfigBuilder.setConnectionThreadCount(1);
}
dtlsConfig = dtlsConfigBuilder.build();
// create endpoints
CoapEndpoint unsecuredEndpoint = null;
if (!noUnsecuredEndpoint) {
if (endpointFactory != null) {
unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(localAddress);
builder.setNetworkConfig(coapConfig);
unsecuredEndpoint = builder.build();
}
}
CoapEndpoint securedEndpoint = null;
if (!noSecuredEndpoint) {
if (endpointFactory != null) {
securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setConnector(new DTLSConnector(dtlsConfig));
builder.setNetworkConfig(coapConfig);
securedEndpoint = builder.build();
}
}
if (securedEndpoint == null && unsecuredEndpoint == null) {
throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
}
return new LeshanClient(endpoint, unsecuredEndpoint, securedEndpoint, objectEnablers, coapConfig, additionalAttributes);
}
use of org.eclipse.californium.scandium.DTLSConnector in project leshan by eclipse.
the class LeshanBootstrapServerBuilder method build.
public LeshanBootstrapServer build() {
if (localAddress == null)
localAddress = new InetSocketAddress(LwM2m.DEFAULT_COAP_PORT);
// TODO we should have default implementation for BootstrapStore in leshan.server project.
if (configStore == null)
throw new IllegalStateException("BootstrapStore is mandatory");
if (sessionManager == null)
sessionManager = new DefaultBootstrapSessionManager(securityStore);
if (model == null)
model = new LwM2mModel(ObjectLoader.loadDefault());
if (coapConfig == null) {
coapConfig = createDefaultNetworkConfig();
}
// handle dtlsConfig
DtlsConnectorConfig dtlsConfig = null;
if (!noSecuredEndpoint) {
if (dtlsConfigBuilder == null) {
dtlsConfigBuilder = new DtlsConnectorConfig.Builder();
}
DtlsConnectorConfig incompleteConfig = dtlsConfigBuilder.getIncompleteConfig();
// Handle PSK Store
if (incompleteConfig.getPskStore() == null && securityStore != null) {
dtlsConfigBuilder.setPskStore(new LwM2mBootstrapPskStore(securityStore));
} else {
LOG.warn("PskStore should be automatically set by Leshan. Using a custom implementation is not advised.");
}
// Handle secure address
if (incompleteConfig.getAddress() == null) {
if (localAddressSecure == null) {
localAddressSecure = new InetSocketAddress(0);
}
dtlsConfigBuilder.setAddress(localAddressSecure);
} else if (localAddressSecure != null && !localAddressSecure.equals(incompleteConfig.getAddress())) {
throw new IllegalStateException(String.format("Configuration conflict between LeshanBuilder and DtlsConnectorConfig.Builder for secure address: %s != %s", localAddressSecure, incompleteConfig.getAddress()));
}
// Handle active peers
if (incompleteConfig.getMaxConnections() == null)
dtlsConfigBuilder.setMaxConnections(coapConfig.getInt(Keys.MAX_ACTIVE_PEERS));
if (incompleteConfig.getStaleConnectionThreshold() == null)
dtlsConfigBuilder.setStaleConnectionThreshold(coapConfig.getLong(Keys.MAX_PEER_INACTIVITY_PERIOD));
// we try to build the dtlsConfig, if it fail we will just not create the secured endpoint
try {
dtlsConfig = dtlsConfigBuilder.build();
} catch (IllegalStateException e) {
}
}
CoapEndpoint unsecuredEndpoint = null;
if (!noUnsecuredEndpoint) {
if (endpointFactory != null) {
unsecuredEndpoint = endpointFactory.createUnsecuredEndpoint(localAddress, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setInetSocketAddress(localAddress);
builder.setNetworkConfig(coapConfig);
unsecuredEndpoint = builder.build();
}
}
CoapEndpoint securedEndpoint = null;
if (!noSecuredEndpoint && dtlsConfig != null) {
if (endpointFactory != null) {
securedEndpoint = endpointFactory.createSecuredEndpoint(dtlsConfig, coapConfig, null);
} else {
CoapEndpoint.CoapEndpointBuilder builder = new CoapEndpoint.CoapEndpointBuilder();
builder.setConnector(new DTLSConnector(dtlsConfig));
builder.setNetworkConfig(coapConfig);
builder.setEndpointContextMatcher(new Lwm2mEndpointContextMatcher());
securedEndpoint = builder.build();
}
}
if (securedEndpoint == null && unsecuredEndpoint == null) {
throw new IllegalStateException("All CoAP enpoints are deactivated, at least one endpoint should be activated");
}
return new LeshanBootstrapServer(unsecuredEndpoint, securedEndpoint, configStore, securityStore, sessionManager, model, coapConfig);
}
Aggregations