service

package

v0.0.0-...-147f0cf Latest Latest Go to latest Published: Oct 27, 2023 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hiveot/hub

Documentation ¶

Index ¶

Constants
type IdProvHttpServer
- func StartIdProvHttpServer(port uint, serverCert *tls.Certificate, caCert *x509.Certificate, ...) (*IdProvHttpServer, error)
- func (srv *IdProvHttpServer) Stop()
type IdProvService
- func NewIdProvService(hc *hubclient.HubClient, port uint, serverCert *tls.Certificate, ...) *IdProvService
- func (svc *IdProvService) Start() (err error)
- func (svc *IdProvService) Stop()
type ManageIdProvService
- func StartManageIdProvService(hc *hubclient.HubClient) (*ManageIdProvService, error)

Constants ¶

View Source

const ApprovedSecret = "approved"

View Source

const DefaultIoTCertValidityDays = 14

View Source

const DefaultRetrySec = 12 * 3600

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type IdProvHttpServer ¶

type IdProvHttpServer struct {
	// contains filtered or unexported fields
}

IdProvHttpServer serves the provisioning requests

func StartIdProvHttpServer ¶

func StartIdProvHttpServer(
	port uint, serverCert *tls.Certificate, caCert *x509.Certificate, mng *ManageIdProvService) (*IdProvHttpServer, error)

StartIdProvHttpServer starts the http server to handle provisioning requests

func (*IdProvHttpServer) Stop ¶

func (srv *IdProvHttpServer) Stop()

Stop the http server

type IdProvService ¶

type IdProvService struct {
	// contains filtered or unexported fields
}

IdProvService handles provisioning requests from devices and services. This starts listening on the provisioning port using a server certificate signed by the Hub CA. If enabled, publish the DNS-SD discovery record with the server address and port.

Connecting clients can request an auth token, providing their ID and public key. The server responds with a token or wait-for-approval. In case of wait for approval the client must repeat the request, in 1 minute intervals until approval is received or rejected.

The server connects to the Hub to obtain auth tokens from the auth service. Tokens issued will be very short lived and require the device to refresh with the auth service directly, after connecting to the hub.

The provisioning server can be started and stopped on the fly so it only runs when needed.

func NewIdProvService ¶

func NewIdProvService(hc *hubclient.HubClient, port uint, serverCert *tls.Certificate, caCert *x509.Certificate) *IdProvService

NewIdProvService creates a new provisioning service instance

func (*IdProvService) Start ¶

func (svc *IdProvService) Start() (err error)

Start the provisioning service 1. start the management service 2. set allowed roles for RPC calls to this service 3. Start the http request server 4. start the security check for rogue DNS-SD records 5. start DNS-SD discovery server

func (*IdProvService) Stop ¶

func (svc *IdProvService) Stop()

Stop the provisioning service

type ManageIdProvService ¶

type ManageIdProvService struct {
	// contains filtered or unexported fields
}

func StartManageIdProvService ¶

func StartManageIdProvService(hc *hubclient.HubClient) (*ManageIdProvService, error)

func (*ManageIdProvService) ApproveRequest ¶

func (svc *ManageIdProvService) ApproveRequest(ctx hubclient.ServiceContext,
	args *idprovapi.ApproveRequestArgs) error

ApproveRequest approves an existing provisioning request. The client will be added on the next request. The next repeat request will return a short-lived token.

func (*ManageIdProvService) GetRequests ¶

func (svc *ManageIdProvService) GetRequests(ctx hubclient.ServiceContext,
	args *idprovapi.GetRequestsArgs) (*idprovapi.GetRequestsResp, error)

GetRequests returns list of requests since last start If args.OnlyPending is set then only return pending requests Note that rejected requests are never returned

func (*ManageIdProvService) PreApproveClients ¶

func (svc *ManageIdProvService) PreApproveClients(ctx hubclient.ServiceContext,
	args *idprovapi.PreApproveClientsArgs) error

PreApproveClients uploads list of pre-approved devices and services

func (*ManageIdProvService) RejectRequest ¶

func (svc *ManageIdProvService) RejectRequest(ctx hubclient.ServiceContext,
	args *idprovapi.RejectRequestArgs) error

RejectRequest rejects a provisioning request

func (*ManageIdProvService) Stop ¶

func (svc *ManageIdProvService) Stop()

func (*ManageIdProvService) SubmitRequest ¶

func (svc *ManageIdProvService) SubmitRequest(ctx hubclient.ServiceContext,
	args *idprovapi.ProvisionRequestArgs) (resp *idprovapi.ProvisionRequestResp, err error)

SubmitRequest creates a provisioning request for a device

If the request is pre-approved a token will be returned if the pubKey and/or MAC matches. If the pre-approval does not include a public key then only match required is the MAC.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL