Pass client Identity in call to BootstrapStore.getBootstrap

[lhotari]

This is the example of the changed interface:

package org.eclipse.leshan.server.bootstrap;

import org.eclipse.leshan.core.request.Identity;

/**
 * A store containing the bootstrap information to be sent to the devices.
 */
public interface BootstrapStore {

    BootstrapConfig getBootstrap(String endpoint, Identity identity);

}

currently the BootstrapStore interface method only contains the String endpoint parameter.

• Identity information is useful for implementing a multi-tenant
  Bootstrap Server where the endpoint name isn't guaranteed to be
  unique across multiple tenants.

  • When the identity is provided, it is possible to implement a
    BootstrapStore that can use the autenticated client's
    information for looking up the correct information to be used
    for bootstrapping.

• In LwM2M 1.1, the endpoint name is optional in client initiated
  bootstrapping
  In 6.1.3.3. Client Initiated Bootstrap

  The LwM2M Client MAY omit "Endpoint Client Name" if it is
  equal to the identifier utilized in the security protocol.

  • changing the BootstrapStore interface will also prepare for LwM2M 1.1

[sbernard31]

I don't think the argument about the 1.1 is too strong as the spec say that it can be omitted only if it is equals to the identifier from security protocol.
So in this case, we still have an endpoint value for the BootstrapStore API.

The LWM2M spec 1.0 propose severals format to ensure uniqueness of endpoint name :

UUID URN: Identify a device using a Universally Unique
IDentifier (UUID). The UUID specifies a valid, hex digit
character string as defined in [RFC4122]. The format of the
URN is
urn:uuid:########-####-####-############

OPS URN: Identify a device using the format "-"
"-" as defined in Section 3.4.4
of [TR-069]. The format of the URN is urn:dev:ops: "-"
"-" .

OS URN: Identify a device using the format
"-" as defined in Section 3.4.4 of [TR-069]. The
format of the URN is urn:dev:os: "-".

IMEI URN: Identify a device using an International Mobile
Equipment Identifiers [3GPP-TS_23.003]. The IMEI URN
specifies a valid, 15 digit IMEI. The format of the URN is
urn:imei:###############

ESN URN: Identify a device using an Electronic Serial Number.
The ESN specifies a valid, 8 digit ESN. The format of the URN
is urn:esn:########

MEID URN: Identify a device using a Mobile Equipment
Identifier. The MEID URN specifies a valid, 14 digit MEID. The
format of the URN is urn:meid:##############

IMEI-MSISDN URN: Identify a device using a combination of
International Mobile Equipment Identifier [3GPP-TS_23.003]
and MSISDN. IMEI is 15 digits and MSISDN is 15 digits. The
format of the URN is urn:imei-msisdn: ###############-

Anyway, we could add identity to BootstrapStore, if this helps. But keep in mind that even if you will be able to have duplicated endpoint name, you will not be able to have duplicated security credentials. So maybe the benefits will not be so strong ?

Do you plan to provide a PR for this change ?

[lhotari]

The LwM2M 1.1. argument wasn't my actual reason to request this change. I just happened to think that it could be related and making this interface change before Leshan 1.0 could perhaps help in adding LwM2M 1.1 support later.

Yes, I'm aware of the proposals to ensure uniqueness of the endpoint names. In the multi-tenant bootstrap server use case it could be considered a security issue to start controlling the uniqueness of endpoint names across all tenants in the system. The minor threat that there would be is that another tenant could check if some other tenant has registered devices with a specific endpoint name.

It helps to add the Identity parameter to BootstrapStore since that would solve the issue that I am facing with my customer's development team.

Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)

[sbernard31]

Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)

You made several contributions by the past by opening issues. I would have enjoyed you level up by contributing a very small PR 😉, but I understand your concern I would made the change myself soon.

[sbernard31]

I create a PR #549 for this.

If you have time to have a look ?

[lhotari]

Thanks @sbernard31, it looks good to me.

[sbernard31]

#549 is integrated in master.