Skip to content

Commit

Permalink
[#1582] initial draft of CoAP support in Ditto gateway:
Browse files Browse the repository at this point in the history
* provides (unsecure, plain UDP) CoAP endpoint
* providing equivalent CoAP resources as the HTTP resources:
   * /things, /policies, /whoami
   * supporting verbs: GET, PUT, POST, DELETE, PATCH, IPATCH
* providing "observe" functionality for watching changes of resources

Signed-off-by: Thomas Jaeckle <ditto@jaeckles.de>
  • Loading branch information
thjaeckle committed Feb 28, 2023
1 parent 750b255 commit d3c1c6b
Show file tree
Hide file tree
Showing 20 changed files with 870 additions and 82 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,13 @@ public final class DittoAuthorizationContextType extends AuthorizationContextTyp
public static final DittoAuthorizationContextType PRE_AUTHENTICATED_HTTP =
new DittoAuthorizationContextType("pre-authenticated-http");

/**
* Type indicating that the authorization context was created the pre-authenticated mechanism via CoAP which is
* setting an authenticated subject as header field.
*/
public static final DittoAuthorizationContextType PRE_AUTHENTICATED_COAP =
new DittoAuthorizationContextType("pre-authenticated-coap");

/**
* Type indicating that the authorization context was created using the pre-authenticated mechanism of connections
* by having configured the contained auth subjects in a Ditto connection source/target.
Expand Down Expand Up @@ -62,7 +69,7 @@ private DittoAuthorizationContextType(final String type) {
* @return an array containing the Ditto specified authorization context types.
*/
public static AuthorizationContextType[] values() {
return new AuthorizationContextType[]{ PRE_AUTHENTICATED_HTTP, PRE_AUTHENTICATED_CONNECTION, JWT, UNSPECIFIED };
return new AuthorizationContextType[]{ PRE_AUTHENTICATED_HTTP, PRE_AUTHENTICATED_COAP, PRE_AUTHENTICATED_CONNECTION, JWT, UNSPECIFIED };
}

/**
Expand Down
12 changes: 12 additions & 0 deletions bom/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@
<reactive-streams.version>1.0.4</reactive-streams.version>
<netty-bom.version>4.1.86.Final</netty-bom.version>
<cloudevents.version>2.3.0</cloudevents.version>
<californium.version>3.8.0</californium.version>

<slf4j.version>1.7.36</slf4j.version>
<logback.version>1.2.11</logback.version>
Expand Down Expand Up @@ -263,6 +264,17 @@
<version>${cloudevents.version}</version>
</dependency>

<dependency>
<groupId>org.eclipse.californium</groupId>
<artifactId>californium-core</artifactId>
<version>${californium.version}</version>
</dependency>
<dependency>
<groupId>org.eclipse.californium</groupId>
<artifactId>scandium</artifactId>
<version>${californium.version}</version>
</dependency>

<!-- ### Indirect "runtime" dependencies we want to pin to a common version -->
<dependency>
<groupId>org.scala-lang</groupId>
Expand Down
9 changes: 9 additions & 0 deletions gateway/service/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,15 @@
<scope>runtime</scope>
</dependency>

<dependency>
<groupId>org.eclipse.californium</groupId>
<artifactId>californium-core</artifactId>
</dependency>
<dependency>
<groupId>org.eclipse.californium</groupId>
<artifactId>scandium</artifactId>
</dependency>

<dependency>
<groupId>org.eclipse.ditto</groupId>
<artifactId>ditto-base-model</artifactId>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/*
* Copyright (c) 2023 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0
*
* SPDX-License-Identifier: EPL-2.0
*/
package org.eclipse.ditto.gateway.service.coap;

import java.security.Principal;
import java.util.HashMap;
import java.util.Map;

import org.eclipse.californium.elements.auth.AdditionalInfo;
import org.eclipse.californium.scandium.auth.ApplicationLevelInfoSupplier;
import org.eclipse.ditto.base.model.auth.AuthorizationContext;
import org.eclipse.ditto.base.model.headers.DittoHeaderDefinition;
import org.eclipse.ditto.internal.utils.akka.logging.DittoLoggerFactory;
import org.eclipse.ditto.internal.utils.akka.logging.ThreadSafeDittoLogger;

/**
* TODO TJ doc
* TODO TJ use in scope of authenticating with PSK / Certificate
*/
final class DittoCoapDeviceInfoSupplier implements ApplicationLevelInfoSupplier {

private static final ThreadSafeDittoLogger LOGGER =
DittoLoggerFactory.getThreadSafeLogger(DittoCoapDeviceInfoSupplier.class);

/**
* Creates additional information for authenticated devices.
*
* @param context the {@link AuthorizationContext} of the authenticated device.
* @return additional device information.
*/
public static AdditionalInfo createDeviceInfo(final AuthorizationContext context) {
final Map<String, Object> result = new HashMap<>();
result.put(DittoHeaderDefinition.AUTHORIZATION_CONTEXT.getKey(), context);
return AdditionalInfo.from(result);
}

@Override
public AdditionalInfo getInfo(final Principal principal, final Object customArgument) {
if (customArgument instanceof AdditionalInfo additionalInfo) {
final AuthorizationContext authorizationContext =
additionalInfo.get(DittoHeaderDefinition.AUTHORIZATION_CONTEXT.getKey(), AuthorizationContext.class);
LOGGER.info("get AdditionalInfo auth context: {} - for principal: {}", authorizationContext, principal);
return additionalInfo;
}
LOGGER.debug("did not get additional info");
return AdditionalInfo.empty();
}
}
Loading

0 comments on commit d3c1c6b

Please sign in to comment.