yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(gw): support data-management apis gw's authn

This commit is contained in:
JianBo He 2021-11-22 11:47:03 +08:00
parent 4f752fb5ab
commit 7d9930b64e
2 changed files with 188 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
apps/emqx_gateway/src/emqx_gateway_api_listeners.erl
View File

@ -30,6 +30,7 @@
-import(emqx_gateway_http,
[ return_http_error/2
, with_gateway/2
, with_listener_authn/3
, checks/2
]).
@ -49,6 +50,9 @@
-export([ listeners/2
, listeners_insta/2
, listeners_insta_authn/2
, users/2
, users_insta/2
, import_users/2
]).
%%--------------------------------------------------------------------
@ -62,6 +66,9 @@ paths() ->
[ "/gateway/:name/listeners"
, "/gateway/:name/listeners/:id"
, "/gateway/:name/listeners/:id/authentication"
, "/gateway/:name/listeners/:id/authentication/users"
, "/gateway/:name/listeners/:id/authentication/users/:uid"
, "/gateway/:name/listeners/:id/authentication/import_users"
].
%%--------------------------------------------------------------------
@ -157,6 +164,58 @@ listeners_insta_authn(delete, #{bindings := #{name := Name0,
{204}
end).
users(get, #{bindings := #{name := Name0, id := Id}, query_string := Qs}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
emqx_authn_api:list_users(ChainName, AuthId, page_pramas(Qs))
end);
users(post, #{bindings := #{name := Name0, id := Id},
body := Body}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
emqx_authn_api:add_user(ChainName, AuthId, Body)
end).
users_insta(get, #{bindings := #{name := Name0, id := Id, uid := UserId}}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
emqx_authn_api:find_user(ChainName, AuthId, UserId)
end);
users_insta(put, #{bindings := #{name := Name0, id := Id, uid := UserId},
body := Body}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
emqx_authn_api:update_user(ChainName, AuthId, UserId, Body)
end);
users_insta(delete, #{bindings := #{name := Name0, id := Id, uid := UserId}}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
emqx_authn_api:delete_user(ChainName, AuthId, UserId)
end).
import_users(post, #{bindings := #{name := Name0, id := Id},
body := Body}) ->
with_listener_authn(Name0, Id,
fun(_GwName, #{id := AuthId, chain_name := ChainName}) ->
case maps:get(<<"filename">>, Body, undefined) of
undefined ->
emqx_authn_api:serialize_error({missing_parameter, filename});
Filename ->
case emqx_authentication:import_users(
ChainName, AuthId, Filename) of
ok -> {204};
{error, Reason} ->
emqx_authn_api:serialize_error(Reason)
end
end
end).
%%--------------------------------------------------------------------
%% Utils
page_pramas(Qs) ->
maps:with([<<"page">>, <<"limit">>], Qs).
%%--------------------------------------------------------------------
%% Swagger defines
%%--------------------------------------------------------------------
@ -288,6 +347,109 @@ schema("/gateway/:name/listeners/:id/authentication") ->
, 204 => <<"Deleted">>
}
}
};
schema("/gateway/:name/listeners/:id/authentication/users") ->
#{ 'operationId' => users
, get =>
#{ description => <<"Get the users for the authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path()
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
, 200 => emqx_dashboard_swagger:schema_with_example(
ref(emqx_authn_api, response_user),
emqx_authn_api:response_user_examples())
}
},
post =>
#{ description => <<"Add user for the authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path()
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
, 201 => emqx_dashboard_swagger:schema_with_example(
ref(emqx_authn_api, response_user),
emqx_authn_api:response_user_examples())
}
}
};
schema("/gateway/:name/listeners/:id/authentication/users/:uid") ->
#{ 'operationId' => users_insta
, get =>
#{ description => <<"Get user info from the gateway "
"authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path() ++
params_userid_in_path()
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
, 200 => emqx_dashboard_swagger:schema_with_example(
ref(emqx_authn_api, response_user),
emqx_authn_api:response_user_examples())
}
},
put =>
#{ description => <<"Update the user info for the gateway "
"authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path() ++
params_userid_in_path()
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
, 200 => emqx_dashboard_swagger:schema_with_example(
ref(emqx_authn_api, response_user),
emqx_authn_api:response_user_examples())
}
},
delete =>
#{ description => <<"Delete the user for the gateway "
"authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path() ++
params_userid_in_path() ++
params_paging_in_qs()
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
, 200 => emqx_dashboard_swagger:schema_with_example(
ref(emqx_authn_api, response_user),
emqx_authn_api:response_user_examples())
}
}
};
schema("/gateway/:name/listeners/:id/authentication/import_users") ->
#{ 'operationId' => import_users
, post =>
#{ description => <<"Import users into the gateway authentication">>
, parameters => params_gateway_name_in_path() ++
params_listener_id_in_path()
, 'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(emqx_authn_api, request_import_users),
emqx_authn_api:request_import_users_examples()
)
, responses =>
#{ 400 => error_codes([?BAD_REQUEST], <<"Bad Request">>)
, 404 => error_codes([?NOT_FOUND], <<"Not Found">>)
, 500 => error_codes([?INTERNAL_ERROR],
<<"Ineternal Server Error">>)
%% XXX: Put a hint message into 204 return ?
, 204 => <<"Imported">>
}
}
}.
%%--------------------------------------------------------------------
@ -309,6 +471,24 @@ params_listener_id_in_path() ->
})}
].
params_userid_in_path() ->
[{uid, mk(binary(),
#{ in => path
, desc => <<"User ID">>
})}
].
params_paging_in_qs() ->
[{page, mk(integer(),
#{ in => query
, desc => <<"Page Number">>
})},
{limit, mk(integer(),
#{ in => query
, desc => <<"Page Limit">>
})}
].
%%--------------------------------------------------------------------
%% schemas

8
apps/emqx_gateway/src/emqx_gateway_http.erl
View File

@ -54,6 +54,7 @@
-export([ return_http_error/2
, with_gateway/2
, with_authn/2
, with_listener_authn/3
, checks/2
, schema_bad_request/0
, schema_not_found/0
@ -332,6 +333,13 @@ with_authn(GwName0, Fun) ->
Fun(GwName, Authn)
end).
-spec with_listener_authn(binary(), binary(), function()) -> any().
with_listener_authn(GwName0, Id, Fun) ->
with_gateway(GwName0, fun(GwName) ->
Authn = emqx_gateway_http:authn(GwName, Id),
Fun(GwName, Authn)
end).
-spec with_gateway(binary(), function()) -> any().
with_gateway(GwName0, Fun) ->
try