Documentation
¶
Index ¶
- type MqttAuthHook
- func (hook *MqttAuthHook) ApplyAuth(clients []msgserver.ClientAuthInfo) error
- func (hook *MqttAuthHook) CreateKeyPair() (string, string)
- func (hook *MqttAuthHook) CreateToken(authInfo msgserver.ClientAuthInfo) (token string, err error)
- func (hook *MqttAuthHook) GetClientAuth(clientID string) (msgserver.ClientAuthInfo, error)
- func (hook *MqttAuthHook) GetRolePermissions(role string, clientID string) ([]msgserver.RolePermission, bool)
- func (hook *MqttAuthHook) Init(config any) error
- func (hook *MqttAuthHook) OnACLCheck(cl *mqtt.Client, topic string, write bool) bool
- func (hook *MqttAuthHook) OnConnectAuthenticate(cl *mqtt.Client, pk packets.Packet) bool
- func (hook *MqttAuthHook) Provides(b byte) bool
- func (hook *MqttAuthHook) SetRolePermissions(rolePerms map[string][]msgserver.RolePermission)
- func (hook *MqttAuthHook) SetServicePermissions(serviceID string, capability string, roles []string)
- func (hook *MqttAuthHook) ValidatePassword(loginID string, password string) (info msgserver.ClientAuthInfo, err error)
- func (hook *MqttAuthHook) ValidateToken(clientID string, token string, signedNonce string, nonce string) (err error)
- type MqttMsgServer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type MqttAuthHook ¶
MqttAuthHook mochi-co MQTT broker authentication hook with validation methods.
func NewMqttAuthHook ¶
func NewMqttAuthHook(signingKey *ecdsa.PrivateKey) *MqttAuthHook
func (*MqttAuthHook) ApplyAuth ¶
func (hook *MqttAuthHook) ApplyAuth(clients []msgserver.ClientAuthInfo) error
ApplyAuth apply update user authentication and authorization settings
func (*MqttAuthHook) CreateKeyPair ¶
func (hook *MqttAuthHook) CreateKeyPair() (string, string)
CreateKeyPair creates a keypair for use in connecting or signing. This returns the serialized private key and public key strings. NOTE: intended for testing. Might be deprecated in the future.
func (*MqttAuthHook) CreateToken ¶
func (hook *MqttAuthHook) CreateToken(authInfo msgserver.ClientAuthInfo) (token string, err error)
CreateToken creates a new JWT authtoken for a client.
func (*MqttAuthHook) GetClientAuth ¶
func (hook *MqttAuthHook) GetClientAuth(clientID string) (msgserver.ClientAuthInfo, error)
GetClientAuth returns the client auth info for the given ID This returns an error if the client is not found
func (*MqttAuthHook) GetRolePermissions ¶
func (hook *MqttAuthHook) GetRolePermissions(role string, clientID string) ([]msgserver.RolePermission, bool)
GetRolePermissions returns the role permissions for the given clientID
func (*MqttAuthHook) Init ¶
func (hook *MqttAuthHook) Init(config any) error
Init configures the hook with the auth config
func (*MqttAuthHook) OnACLCheck ¶
OnACLCheck returns true if the connecting client has matching read or write access to subscribe or publish to a given topic. Embedded rules are:
allow sub to user's own _INBOX allow pub to any _INBOX senderID must match loginID in all other messages
func (*MqttAuthHook) OnConnectAuthenticate ¶
OnConnectAuthenticate returns true if the connecting client provides proof of its identity.
func (*MqttAuthHook) Provides ¶
func (hook *MqttAuthHook) Provides(b byte) bool
Provides indicates which hook methods this hook provides.
func (*MqttAuthHook) SetRolePermissions ¶
func (hook *MqttAuthHook) SetRolePermissions( rolePerms map[string][]msgserver.RolePermission)
SetRolePermissions applies the given permissions. rolePerms is a map of [role] to a list of permissions that role has. A default set of permissions for predefined roles is available in the auth api.
func (*MqttAuthHook) SetServicePermissions ¶
func (hook *MqttAuthHook) SetServicePermissions( serviceID string, capability string, roles []string)
func (*MqttAuthHook) ValidatePassword ¶
func (hook *MqttAuthHook) ValidatePassword( loginID string, password string) (info msgserver.ClientAuthInfo, err error)
func (*MqttAuthHook) ValidateToken ¶
func (hook *MqttAuthHook) ValidateToken( clientID string, token string, signedNonce string, nonce string) (err error)
ValidateToken verifies the given JWT token and returns its claims. optionally verify the signed nonce using the client's public key. This returns the auth info stored in the token.
type MqttMsgServer ¶
type MqttMsgServer struct {
// authhook handles authentication and authorization for the server and mochi-co
// this carries the mochi auth hook
MqttAuthHook
Config *mqttmsgserver.MqttServerConfig
// contains filtered or unexported fields
}
MqttMsgServer runs a MQTT broker using the Mochi-co embedded mqtt server. this implements the IMsgServer interface
func NewMqttMsgServer ¶
func NewMqttMsgServer(cfg *mqttmsgserver.MqttServerConfig, perms map[string][]msgserver.RolePermission) *MqttMsgServer
NewMqttMsgServer creates a new instance of the Hub MQTT broker.
cfg contains the server configuration. Setup must have been called successfully first. perms contain the map of roles and permissions. See SetRolePermissions for more detail.
func (*MqttMsgServer) Core ¶
func (srv *MqttMsgServer) Core() string
func (*MqttMsgServer) GetServerURLs ¶
func (srv *MqttMsgServer) GetServerURLs() (tsURL string, wssURL string, udsURL string)
GetServerURLs is the URL used to connect to this server. This is set on Start
func (*MqttMsgServer) Start ¶
func (srv *MqttMsgServer) Start() error
Start the MQTT server using the configuration provided with NewMqttMsgServer(). This returns the URL to connect to the server or an error if startup failed.
Source Files