use of org.eclipse.hono.service.auth.device.Device in project hono by eclipse.
the class VertxBasedMqttProtocolAdapterTest method testOnPublishedMessageFailsForMissingDeviceId.
/**
* Verifies that the adapter fails to map a topic without a device ID received from an anonymous device.
*
* @param ctx The helper to use for running tests on vert.x.
*/
@Test
public void testOnPublishedMessageFailsForMissingDeviceId(final TestContext ctx) {
givenAnAdapter();
// WHEN an anonymous device publishes a message to a topic that does not contain a device ID
final MqttContext context = newContext(MqttQoS.AT_MOST_ONCE, TelemetryConstants.TELEMETRY_ENDPOINT + "/my-tenant");
adapter.onPublishedMessage(context).setHandler(ctx.asyncAssertFailure(t -> {
// THEN the message cannot be mapped to an address
}));
}
use of org.eclipse.hono.service.auth.device.Device in project hono by eclipse.
the class VertxBasedMqttProtocolAdapterTest method testOnPublishedMessageFailsForMissingTenant.
/**
* Verifies that the adapter fails to map a topic without a tenant ID received from an anonymous device.
*
* @param ctx The helper to use for running tests on vert.x.
*/
@Test
public void testOnPublishedMessageFailsForMissingTenant(final TestContext ctx) {
givenAnAdapter();
// WHEN an anonymous device publishes a message to a topic that does not contain a tenant ID
final MqttContext context = newContext(MqttQoS.AT_MOST_ONCE, TelemetryConstants.TELEMETRY_ENDPOINT);
adapter.onPublishedMessage(context).setHandler(ctx.asyncAssertFailure(t -> {
// THEN the message cannot be mapped to an address
}));
}
use of org.eclipse.hono.service.auth.device.Device in project hono by eclipse.
the class VertxBasedHttpProtocolAdapter method handlePostTelemetry.
void handlePostTelemetry(final RoutingContext ctx) {
if (Device.class.isInstance(ctx.user())) {
Device device = (Device) ctx.user();
uploadTelemetryMessage(ctx, device.getTenantId(), device.getDeviceId());
} else {
handle401(ctx);
}
}
use of org.eclipse.hono.service.auth.device.Device in project hono by eclipse.
the class AbstractVertxBasedMqttProtocolAdapter method handleEndpointConnectionWithAuthentication.
private void handleEndpointConnectionWithAuthentication(final MqttEndpoint endpoint) {
if (endpoint.auth() == null) {
LOG.debug("connection request from device [clientId: {}] rejected: {}", endpoint.clientIdentifier(), "device did not provide credentials in CONNECT packet");
endpoint.reject(MqttConnectReturnCode.CONNECTION_REFUSED_BAD_USER_NAME_OR_PASSWORD);
} else {
final DeviceCredentials credentials = getCredentials(endpoint.auth());
if (credentials == null) {
LOG.debug("connection request from device [clientId: {}] rejected: {}", endpoint.clientIdentifier(), "device provided malformed credentials in CONNECT packet");
endpoint.reject(MqttConnectReturnCode.CONNECTION_REFUSED_BAD_USER_NAME_OR_PASSWORD);
} else {
getTenantConfiguration(credentials.getTenantId()).compose(tenantConfig -> {
if (tenantConfig.isAdapterEnabled(getTypeName())) {
LOG.debug("protocol adapter [{}] is enabled for tenant [{}]", getTypeName(), credentials.getTenantId());
return Future.succeededFuture(tenantConfig);
} else {
LOG.debug("protocol adapter [{}] is disabled for tenant [{}]", getTypeName(), credentials.getTenantId());
return Future.failedFuture(new ClientErrorException(HttpURLConnection.HTTP_FORBIDDEN, "adapter disabled for tenant"));
}
}).compose(tenantConfig -> {
final Future<Device> result = Future.future();
getCredentialsAuthProvider().authenticate(credentials, result.completer());
return result;
}).map(authenticatedDevice -> {
LOG.debug("successfully authenticated device [tenant-id: {}, auth-id: {}, device-id: {}]", authenticatedDevice.getTenantId(), credentials.getAuthId(), authenticatedDevice.getDeviceId());
onAuthenticationSuccess(endpoint, authenticatedDevice);
return null;
}).otherwise(t -> {
LOG.debug("cannot authenticate device [tenant-id: {}, auth-id: {}]", credentials.getTenantId(), credentials.getAuthId(), t);
if (ServerErrorException.class.isInstance(t)) {
// one of the services we depend on might not be available (yet)
endpoint.reject(MqttConnectReturnCode.CONNECTION_REFUSED_SERVER_UNAVAILABLE);
} else {
// validation of credentials has failed
endpoint.reject(MqttConnectReturnCode.CONNECTION_REFUSED_NOT_AUTHORIZED);
}
return null;
});
}
}
}
use of org.eclipse.hono.service.auth.device.Device in project hono by eclipse.
the class AbstractVertxBasedMqttProtocolAdapterTest method testAuthenticatedMqttAdapterCreatesMessageHandlersForAuthenticatedDevices.
/**
* Verifies that on successful authentication the adapter sets appropriate message and close
* handlers on the client endpoint.
*/
@SuppressWarnings({ "unchecked" })
@Test
public void testAuthenticatedMqttAdapterCreatesMessageHandlersForAuthenticatedDevices() {
// GIVEN an adapter
final MqttServer server = getMqttServer(false);
final AbstractVertxBasedMqttProtocolAdapter<ProtocolAdapterProperties> adapter = getAdapter(server);
forceClientMocksToConnected();
doAnswer(invocation -> {
Handler<AsyncResult<Device>> resultHandler = invocation.getArgument(1);
resultHandler.handle(Future.succeededFuture(new Device("DEFAULT_TENANT", "4711")));
return null;
}).when(credentialsAuthProvider).authenticate(any(DeviceCredentials.class), any(Handler.class));
// WHEN a device tries to connect with valid credentials
final MqttEndpoint endpoint = getMqttEndpointAuthenticated();
adapter.handleEndpointConnection(endpoint);
// THEN the device's logical ID is successfully established and corresponding handlers
// are registered
final ArgumentCaptor<DeviceCredentials> credentialsCaptor = ArgumentCaptor.forClass(DeviceCredentials.class);
verify(credentialsAuthProvider).authenticate(credentialsCaptor.capture(), any(Handler.class));
assertThat(credentialsCaptor.getValue().getAuthId(), is("sensor1"));
verify(endpoint).accept(false);
verify(endpoint).publishHandler(any(Handler.class));
verify(endpoint).closeHandler(any(Handler.class));
}
Aggregations