chore: remove scram authenticator for all gateway

This commit is contained in:
JianBo He 2022-04-12 16:13:55 +08:00
parent 2305d90775
commit 7954f32858
6 changed files with 34 additions and 11 deletions

View File

@ -25,6 +25,7 @@
roots/0, roots/0,
fields/1, fields/1,
authenticator_type/0, authenticator_type/0,
authenticator_type_without_scram/0,
root_type/0, root_type/0,
mechanism/1, mechanism/1,
backend/1 backend/1
@ -43,6 +44,22 @@ enable(_) -> undefined.
authenticator_type() -> authenticator_type() ->
hoconsc:union(config_refs([Module || {_AuthnType, Module} <- emqx_authn:providers()])). hoconsc:union(config_refs([Module || {_AuthnType, Module} <- emqx_authn:providers()])).
authenticator_type_without_scram() ->
Providers = lists:filter(
fun
({{password_based, _Backend}, _Mod}) ->
true;
({jwt, _Mod}) ->
true;
({{scram, _Backend}, _Mod}) ->
false
end,
emqx_authn:providers()
),
hoconsc:union(
config_refs([Module || {_AuthnType, Module} <- Providers])
).
config_refs(Modules) -> config_refs(Modules) ->
lists:append([Module:refs() || Module <- Modules]). lists:append([Module:refs() || Module <- Modules]).

View File

@ -231,10 +231,14 @@ properties(M) when is_map(M) ->
value => stringfy(V)} | Acc] value => stringfy(V)} | Acc]
end, [], M). end, [], M).
conninfo(_ConnInfo = conninfo(ConnInfo =
#{clientid := ClientId, username := Username, peername := {Peerhost, _}, #{clientid := ClientId,
sockname := {_, SockPort}, proto_name := ProtoName, proto_ver := ProtoVer, peername := {Peerhost, _},
keepalive := Keepalive}) -> sockname := {_, SockPort}}) ->
Username = maps:get(username, ConnInfo, undefined),
ProtoName = maps:get(proto_name, ConnInfo, undefined),
ProtoVer = maps:get(proto_ver, ConnInfo, undefined),
Keepalive = maps:get(keepalive, ConnInfo, 0),
#{node => stringfy(node()), #{node => stringfy(node()),
clientid => ClientId, clientid => ClientId,
username => maybe(Username), username => maybe(Username),

View File

@ -433,6 +433,6 @@ params_fuzzy_in_qs() ->
schema_authn() -> schema_authn() ->
emqx_dashboard_swagger:schema_with_examples( emqx_dashboard_swagger:schema_with_examples(
emqx_authn_schema:authenticator_type(), emqx_authn_schema:authenticator_type_without_scram(),
emqx_authn_api:authenticator_examples() emqx_authn_api:authenticator_examples()
). ).

View File

@ -211,7 +211,7 @@ authn(GwName) ->
ChainName = emqx_gateway_utils:global_chain(GwName), ChainName = emqx_gateway_utils:global_chain(GwName),
wrap_chain_name( wrap_chain_name(
ChainName, ChainName,
emqx_map_lib:jsonable_map(emqx:get_config(Path)) emqx_map_lib:jsonable_map(emqx:get_raw_config(Path))
). ).
-spec authn(gateway_name(), binary()) -> map(). -spec authn(gateway_name(), binary()) -> map().
@ -221,7 +221,7 @@ authn(GwName, ListenerId) ->
ChainName = emqx_gateway_utils:listener_chain(GwName, Type, Name), ChainName = emqx_gateway_utils:listener_chain(GwName, Type, Name),
wrap_chain_name( wrap_chain_name(
ChainName, ChainName,
emqx_map_lib:jsonable_map(emqx:get_config(Path)) emqx_map_lib:jsonable_map(emqx:get_raw_config(Path))
). ).
wrap_chain_name(ChainName, Conf) -> wrap_chain_name(ChainName, Conf) ->

View File

@ -363,8 +363,7 @@ auth_connect(
username => Username, username => Username,
reason => Reason reason => Reason
}), }),
%% FIXME: ReasonCode? {error, name_to_returncode(Reason)}
{error, Reason}
end. end.
ensure_connected( ensure_connected(
@ -2331,3 +2330,6 @@ returncode_name(?SN_RC2_KEEPALIVE_TIMEOUT) -> rejected_keepalive_timeout;
returncode_name(?SN_RC2_EXCEED_LIMITATION) -> rejected_exceed_limitation; returncode_name(?SN_RC2_EXCEED_LIMITATION) -> rejected_exceed_limitation;
returncode_name(?SN_RC2_REACHED_MAX_RETRY) -> reached_max_retry_times; returncode_name(?SN_RC2_REACHED_MAX_RETRY) -> reached_max_retry_times;
returncode_name(_) -> accepted. returncode_name(_) -> accepted.
name_to_returncode(not_authorized) -> ?SN_RC2_NOT_AUTHORIZE;
name_to_returncode(_) -> ?SN_RC2_NOT_AUTHORIZE.

View File

@ -159,7 +159,7 @@ t_case_lwm2m(_) ->
-define(SN_CONNACK, 16#05). -define(SN_CONNACK, 16#05).
t_case_emqx_sn(_) -> t_case_mqttsn(_) ->
Mod = emqx_sn_protocol_SUITE, Mod = emqx_sn_protocol_SUITE,
Login = fun(Username, Password, Expect) -> Login = fun(Username, Password, Expect) ->
RawCfg = emqx_conf:get_raw([gateway, mqttsn], #{}), RawCfg = emqx_conf:get_raw([gateway, mqttsn], #{}),
@ -180,7 +180,7 @@ t_case_emqx_sn(_) ->
end end
) )
end, end,
Login(<<"badadmin">>, <<"badpassowrd">>, <<>>), Login(<<"badadmin">>, <<"badpassowrd">>, <<3, ?SN_CONNACK, 16#80>>),
Login(<<"admin">>, <<"public">>, <<3, ?SN_CONNACK, 0>>), Login(<<"admin">>, <<"public">>, <<3, ?SN_CONNACK, 0>>),
ok. ok.