diff --git a/apps/emqx_authn/i18n/emqx_authn_api_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_api_i18n.conf
new file mode 100644
index 000000000..56f41aa89
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_api_i18n.conf
@@ -0,0 +1,228 @@
+emqx_authn_api {
+
+ authentication_get {
+ desc {
+ en: """List authenticators for global authentication"""
+ zh: """列出全局认证链上的认证器信息"""
+ }
+ }
+
+ authentication_post {
+ desc {
+ en: """Create authenticator for global authentication"""
+ zh: """为全局认证链创建认证器信息"""
+ }
+ }
+
+ authentication_id_get {
+ desc {
+ en: """Get authenticator from global authentication chain"""
+ zh: """获取全局认证链上指定的认证器信息"""
+ }
+ }
+
+ authentication_id_put {
+ desc {
+ en: """Update authenticator from global authentication chain"""
+ zh: """更新全局认证链上指定的认证器"""
+ }
+ }
+
+ authentication_id_delete {
+ desc {
+ en: """Delete authenticator from global authentication chain"""
+ zh: """删除全局认证链上指定的认证器信息"""
+ }
+ }
+
+ authentication_id_status_get {
+ desc {
+ en: """Get authenticator status from global authentication chain"""
+ zh: """获取全局认证链上指定的认证器状态"""
+ }
+ }
+
+ listeners_listener_id_authentication_get {
+ desc {
+ en: """List authenticators for listener authentication"""
+ zh: """列出监听器上的认证器信息"""
+ }
+ }
+
+ listeners_listener_id_authentication_post {
+ desc {
+ en: """Create authenticator for listener authentication"""
+ zh: """在指定的监听器上创建认证器"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_get {
+ desc {
+ en: """Get authenticator from listener authentication chain"""
+ zh: """获取监听器上指定的认证器信息"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_put {
+ desc {
+ en: """Update authenticator from listener authentication chain"""
+ zh: """更新监听器上指定的认证器"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_delete {
+ desc {
+ en: """Delete authenticator from listener authentication chain"""
+ zh: """删除监听器上指定的认证器"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_status_get {
+ desc {
+ en: """Get authenticator status from listener authentication chain"""
+ zh: """获取监听器上指定的认证器状态"""
+ }
+ }
+
+ authentication_id_move_post {
+ desc {
+ en: """Move authenticator in global authentication chain"""
+ zh: """移动全局认证链上认证器的顺序"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_move_post {
+ desc {
+ en: """Move authenticator in listener authentication chain"""
+ zh: """移动监听器上认证器的顺序"""
+ }
+ }
+
+ authentication_id_import_users_post {
+ desc {
+ en: """Import users into authenticator in global authentication chain"""
+ zh: """为全局认证链上的认证器导入用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_import_users_post {
+ desc {
+ en: """Import users into authenticator in listener authentication chain"""
+ zh: """为监听器上的认证器导入用户数据"""
+ }
+ }
+
+ authentication_id_users_post {
+ desc {
+ en: """Create users for authenticator in global authentication chain"""
+ zh: """为全局认证链上的认证器创建用户数据"""
+ }
+ }
+
+ authentication_id_users_get {
+ desc {
+ en: """List users in authenticator in global authentication chain"""
+ zh: """获取全局认证链上指定的认证器中的用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_users_post {
+ desc {
+ en: """Create users for authenticator in listener authentication chain"""
+ zh: """更新指定监听器上认证器中的用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_users_get {
+ desc {
+ en: """List users in authenticator in listener authentication chain"""
+ zh: """列出指定监听器上认证器中的用户数据"""
+ }
+ }
+
+ authentication_id_users_user_id_get {
+ desc {
+ en: """Get user from authenticator in global authentication chain"""
+ zh: """获取指定监听器上认证器中指定的用户数据"""
+ }
+ }
+
+ authentication_id_users_user_id_put {
+ desc {
+ en: """Update user in authenticator in global authentication chain"""
+ zh: """为指定监听器上认证器添加用户数据"""
+ }
+ }
+
+ authentication_id_users_user_id_delete {
+ desc {
+ en: """Update user in authenticator in global authentication chain"""
+ zh: """更新指定监听器上认证器中的用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_users_user_id_get {
+ desc {
+ en: """Get user from authenticator in listener authentication chain"""
+ zh: """获取指定监听器上认证器中指定的用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_users_user_id_put {
+ desc {
+ en: """Update user in authenticator in listener authentication chain"""
+ zh: """更新指定监听器上认证器中的用户数据"""
+ }
+ }
+
+ listeners_listener_id_authentication_id_users_user_id_delete {
+ desc {
+ en: """Delete user in authenticator in listener authentication chain"""
+ zh: """删除指定监听器上认证器中的用户数据"""
+ }
+ }
+
+ param_auth_id {
+ desc {
+ en: """Authenticator ID"""
+ zh: """认证器 ID"""
+ }
+ }
+
+ param_listener_id {
+ desc {
+ en: """Listener ID"""
+ zh: """监听器 ID"""
+ }
+ }
+
+
+ param_user_id {
+ desc {
+ en: """User ID"""
+ zh: """用户 ID"""
+ }
+ }
+
+ like_username {
+ desc {
+ en: """Fuzzy search username"""
+ zh: """使用用户名模糊查询"""
+ }
+ label {
+ en: """like_username"""
+ zh: """模糊用户名"""
+ }
+ }
+
+ like_clientid {
+ desc {
+ en: """Fuzzy search clientid"""
+ zh: """使用客户端标识符模糊查询"""
+ }
+ label {
+ en: """like_clientid"""
+ zh: """模糊用户名"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_http_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_http_i18n.conf
new file mode 100644
index 000000000..634d5433f
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_http_i18n.conf
@@ -0,0 +1,89 @@
+emqx_authn_http {
+ get {
+ desc {
+ en: """Settings for HTTP-based authentication (GET)."""
+ zh: """基于 HTTP 的认证请求 (GET)"""
+ }
+ label: {
+ en: """get"""
+ zh: """get"""
+ }
+ }
+
+ post {
+ desc {
+ en: """Settings for HTTP-based authentication (POST)."""
+ zh: """基于 HTTP 的认证请求 (POST)"""
+ }
+ label: {
+ en: """post"""
+ zh: """post"""
+ }
+ }
+
+ method {
+ desc {
+ en: """HTTP method."""
+ zh: """HTTP 请求方法"""
+ }
+ label: {
+ en: """method"""
+ zh: """请求方法"""
+ }
+ }
+
+ url {
+ desc {
+ en: """URL of the auth server."""
+ zh: """认证服务器地址"""
+ }
+ label: {
+ en: """url"""
+ zh: """统一资源定位符"""
+ }
+ }
+
+ headers {
+ desc {
+ en: """List of HTTP headers."""
+ zh: """HTTP 请求头列表"""
+ }
+ label: {
+ en: """headers"""
+ zh: """请求头"""
+ }
+ }
+
+ headers_no_content_type {
+ desc {
+ en: """List of HTTP headers. (without content-type)"""
+ zh: """HTTP 请求头列表(无 content-type)"""
+ }
+ label: {
+ en: """headers_no_content_type"""
+ zh: """无content_type的请求头"""
+ }
+ }
+
+ body {
+ desc {
+ en: """Body of the HTTP request."""
+ zh: """HTTP 请求体"""
+ }
+ label: {
+ en: """body"""
+ zh: """请求体"""
+ }
+ }
+
+ request_timeout {
+ desc {
+ en: """HTTP request timeout"""
+ zh: """HTTP 请求超时时长"""
+ }
+ label: {
+ en: """request_timeout"""
+ zh: """请求超时时间"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_i18n.conf
new file mode 100644
index 000000000..b2573357c
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_i18n.conf
@@ -0,0 +1,155 @@
+emqx_authn_schema {
+ enable {
+ desc {
+ en: """Set to true or false to disable this auth provider"""
+ zh: """设为 true 或 false 以启用或禁用此认证数据源"""
+ }
+ label: {
+ en: """enable"""
+ zh: """启用"""
+ }
+ }
+
+ mechanism {
+ desc {
+ en: """Authentication mechanism."""
+ zh: """认证机制"""
+ }
+ label: {
+ en: """mechanism"""
+ zh: """机制"""
+ }
+ }
+
+ backend {
+ desc {
+ en: """Backend type."""
+ zh: """后端类型"""
+ }
+ label: {
+ en: """backend"""
+ zh: """后端"""
+ }
+ }
+
+ metrics {
+ desc {
+ en: """The metrics of the resource"""
+ zh: """统计指标"""
+ }
+ label: {
+ en: """metrics"""
+ zh: """指标"""
+ }
+ }
+
+ node_metrics {
+ desc {
+ en: """The metrics of the resource for each node"""
+ zh: """每个节点上资源的统计指标"""
+ }
+ label: {
+ en: """node_metrics"""
+ zh: """节点指标"""
+ }
+ }
+
+ status {
+ desc {
+ en: """The status of the resource"""
+ zh: """资源状态"""
+ }
+ label: {
+ en: """status"""
+ zh: """状态"""
+ }
+ }
+
+ node_status {
+ desc {
+ en: """The status of the resource for each node"""
+ zh: """每个节点上资源的状态"""
+ }
+ label: {
+ en: """node_status"""
+ zh: """节点状态"""
+ }
+ }
+
+ matched {
+ desc {
+ en: """Count of this resource is queried"""
+ zh: """请求命中次数"""
+ }
+ label: {
+ en: """matched"""
+ zh: """已命中"""
+ }
+ }
+
+ success {
+ desc {
+ en: """Count of query success"""
+ zh: """请求成功次数"""
+ }
+ label: {
+ en: """success"""
+ zh: """成功"""
+ }
+ }
+
+ failed {
+ desc {
+ en: """Count of query failed"""
+ zh: """请求失败次数"""
+ }
+ label: {
+ en: """failed"""
+ zh: """失败"""
+ }
+ }
+
+ rate {
+ desc {
+ en: """The rate of matched, times/second"""
+ zh: """命中速率,单位: 次/秒"""
+ }
+ label: {
+ en: """rate"""
+ zh: """速率"""
+ }
+ }
+
+ rate_max {
+ desc {
+ en: """The max rate of matched, times/second"""
+ zh: """最大命中速率,单位: 次/秒"""
+ }
+ label: {
+ en: """rate_max"""
+ zh: """最大速率"""
+ }
+ }
+
+ rate_last5m {
+ desc {
+ en: """The average rate of matched in the last 5 minutes, times/second"""
+ zh: """5分钟内平均命中速率,单位: 次/秒"""
+ }
+ label: {
+ en: """rate_last5m"""
+ zh: """5分钟内速率"""
+ }
+ }
+
+ node {
+ desc {
+ en: """The node name"""
+ zh: """节点名"""
+ }
+ label: {
+ en: """node"""
+ zh: """节点"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_jwt_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_jwt_i18n.conf
new file mode 100644
index 000000000..44a903f47
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_jwt_i18n.conf
@@ -0,0 +1,232 @@
+emqx_authn_jwt {
+ use_jwks {
+ desc {
+ en: """jwks flag"""
+ zh: """jwks 状态"""
+ }
+ label {
+ en: """use_jwks"""
+ zh: """使用jwks"""
+ }
+ }
+
+ algorithm {
+ desc {
+ en: """Signing algorithm."""
+ zh: """签名算法"""
+ }
+ label {
+ en: """algorithm"""
+ zh: """算法"""
+ }
+ }
+
+ certificate {
+ desc {
+ en: """The certificate used for signing the token."""
+ zh: """用于签名token的证书"""
+ }
+ label {
+ en: """certificate"""
+ zh: """证书"""
+ }
+ }
+
+ secret_base64_encoded {
+ desc {
+ en: """Enable/disable base64 encoding of the secret."""
+ zh: """启用/关闭私匙 base64 编码"""
+ }
+ label {
+ en: """secret_base64_encoded"""
+ zh: """密钥 base64 编码"""
+ }
+ }
+
+ secret {
+ desc {
+ en: """The key to verify the JWT Token using HMAC algorithm."""
+ zh: """使用对称加密的算法"""
+ }
+ label {
+ en: """secret"""
+ zh: """secret"""
+ }
+ }
+
+ endpoint {
+ desc {
+ en: """JWKs endpoint"""
+ zh: """JWKs endpoint"""
+ }
+ label {
+ en: """endpoint"""
+ zh: """endpoint"""
+ }
+ }
+
+ refresh_interval {
+ desc {
+ en: """JWKs refresh interval"""
+ zh: """JWKs 更新间隔"""
+ }
+ label {
+ en: """refresh_interval"""
+ zh: """更新间隔"""
+ }
+ }
+
+ cacertfile {
+ desc {
+ en: """Path to the SSL CA certificate file."""
+ zh: """SSL CA 证书公钥文件路径"""
+ }
+ label {
+ en: """cacertfile"""
+ zh: """CA 证书文件"""
+ }
+ }
+
+ certfile {
+ desc {
+ en: """Path to the SSL certificate file."""
+ zh: """证书文件路径"""
+ }
+ label {
+ en: """certfile"""
+ zh: """证书文件"""
+ }
+ }
+
+ keyfile {
+ desc {
+ en: """Path to the SSL secret key file."""
+ zh: """SSL 私钥文件路径"""
+ }
+ label {
+ en: """keyfile"""
+ zh: """私钥文件"""
+ }
+ }
+
+ verify {
+ desc {
+ en: """Enable or disable SSL peer verification."""
+ zh: """指定握手过程中是否校验客户端"""
+ }
+ label {
+ en: """verify"""
+ zh: """verify"""
+ }
+ }
+
+ server_name_indication {
+ desc {
+ en: """SSL SNI (Server Name Indication)"""
+ zh: """SSL SNI (服务器名称指示)"""
+ }
+ label {
+ en: """server_name_indication"""
+ zh: """服务器名称指示"""
+ }
+ }
+
+ verify_claims {
+ desc {
+ en: """The list of claims to verify."""
+ zh: """The list of claims to verify."""
+ }
+ label {
+ en: """verify_claims"""
+ zh: """verify_claims"""
+ }
+ }
+
+ pool_size {
+ desc {
+ en: """JWKs connection count"""
+ zh: """JWKs 连接数量"""
+ }
+ label {
+ en: """pool_size"""
+ zh: """pool_size"""
+ }
+ }
+
+ ssl {
+ desc {
+ en: """SSL options."""
+ zh: """SSL 选项"""
+ }
+ label {
+ en: """ssl"""
+ zh: """ssl"""
+ }
+ }
+
+ enable {
+ desc {
+ en: """Enable/disable SSL."""
+ zh: """启用/禁用 SSL"""
+ }
+ label {
+ en: """enable"""
+ zh: """启用"""
+ }
+ }
+
+ hmac-based {
+ desc {
+ en: """Settings for HMAC-based token signing algorithm."""
+ zh: """HMAC-based token 签名配置"""
+ }
+ label {
+ en: """hmac-based"""
+ zh: """hmac-based"""
+ }
+ }
+
+ public-key {
+ desc {
+ en: """Settings for public key-based token signing algorithm."""
+ zh: """公钥token签名配置"""
+ }
+ label {
+ en: """public-key"""
+ zh: """public-key"""
+ }
+ }
+
+ jwks {
+ desc {
+ en: """Settings for a signing using JSON Web Key Set (JWKs)."""
+ zh: """JWks 签名配置"""
+ }
+ label {
+ en: """jwks"""
+ zh: """jwks"""
+ }
+ }
+
+ ssl_disable {
+ desc {
+ en: """SSL disabled"""
+ zh: """SSL 关闭"""
+ }
+ label {
+ en: """ssl_disable"""
+ zh: """关闭SSL"""
+ }
+ }
+
+ ssl_enable {
+ desc {
+ en: """SSL configuration."""
+ zh: """SSL 配置"""
+ }
+ label {
+ en: """ssl_enable"""
+ zh: """启用SSL"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_mnesia_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_mnesia_i18n.conf
new file mode 100644
index 000000000..a545acaa7
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_mnesia_i18n.conf
@@ -0,0 +1,23 @@
+emqx_authn_mnesia {
+ authentication {
+ desc {
+ en: """Configuration for authentication using the built-in database."""
+ zh: """内置数据库认证配置"""
+ }
+ label: {
+ en: """authentication"""
+ zh: """认证配置"""
+ }
+ }
+
+ user_id_type {
+ desc {
+ en: """Authenticate by Client ID or Username."""
+ zh: """认证类型,基于 Client ID 或 Username"""
+ }
+ label: {
+ en: """user_id_type"""
+ zh: """用户标识类型"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_mongo_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_mongo_i18n.conf
new file mode 100644
index 000000000..740d842ec
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_mongo_i18n.conf
@@ -0,0 +1,99 @@
+emqx_authn_mongodb {
+ standalone {
+ desc {
+ en: """Configuration for a standalone MongoDB instance."""
+ zh: """MongoDB 单节点认证配置"""
+ }
+ label: {
+ en: """standalone"""
+ zh: """standalone 模式"""
+ }
+ }
+
+ replica-set {
+ desc {
+ en: """Configuration for a replica set."""
+ zh: """MongoDB replica set 模式认证配置"""
+ }
+ label: {
+ en: """replica-set"""
+ zh: """replica-set 模式"""
+ }
+ }
+
+ sharded-cluster {
+ desc {
+ en: """Configuration for a sharded cluster."""
+ zh: """MongoDB sharded cluster 模式认证配置"""
+ }
+ label: {
+ en: """sharded-cluster"""
+ zh: """sharded-cluster 模式"""
+ }
+ }
+
+ collection {
+ desc {
+ en: """Collection used to store authentication data."""
+ zh: """认证数据集名称"""
+ }
+ label: {
+ en: """collection"""
+ zh: """数据集"""
+ }
+ }
+
+ selector {
+ desc {
+ en: """
+Statement that is executed during the authentication process.
+Commands can support following wildcards:\n
+- `${username}`: substituted with client's username\n
+- `${clientid}`: substituted with the clientid
+"""
+ zh: """
+认证过程中所使用的查询命令。
+查询命令支持如下占位符:
+- `${username}`: 代替客户端的用户名
+- `${clientid}`: 代替客户端的客户端标识符
+"""
+ }
+ label: {
+ en: """selector"""
+ zh: """认证查询"""
+ }
+ }
+
+ password_hash_field {
+ desc {
+ en: """Document field that contains password hash."""
+ zh: """数据文档中的密码散列值"""
+ }
+ label: {
+ en: """password_hash_field"""
+ zh: """密码散列字段"""
+ }
+ }
+
+ salt_field {
+ desc {
+ en: """Document field that contains the password salt."""
+ zh: """数据文档中的密码加盐"""
+ }
+ label: {
+ en: """salt_field"""
+ zh: """加盐字段"""
+ }
+ }
+
+ is_superuser_field {
+ desc {
+ en: """Document field that defines if the user has superuser privileges."""
+ zh: """数据文档中的超级用户权限记录"""
+ }
+ label: {
+ en: """is_superuser_field"""
+ zh: """超级用户字段"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_mysql_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_mysql_i18n.conf
new file mode 100644
index 000000000..1c931cd0e
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_mysql_i18n.conf
@@ -0,0 +1,34 @@
+emqx_authn_mysql {
+ authentication {
+ desc {
+ en: """Configuration for authentication using MySQL database."""
+ zh: """MySQL 认证配置"""
+ }
+ label: {
+ en: """authentication"""
+ zh: """认证配置"""
+ }
+ }
+
+ query {
+ desc {
+ en: """SQL query used to lookup client data."""
+ zh: """客户端数据查询 SQL 语句"""
+ }
+ label: {
+ en: """query"""
+ zh: """请求"""
+ }
+ }
+
+ query_timeout {
+ dsec {
+ en: """Timeout for the SQL query."""
+ zh: """SQL 查询超时时长"""
+ }
+ label: {
+ en: """query_timeout"""
+ zh: """请求超时"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_pgsql_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_pgsql_i18n.conf
new file mode 100644
index 000000000..4f936be1d
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_pgsql_i18n.conf
@@ -0,0 +1,23 @@
+emqx_authn_pgsql {
+ authentication {
+ desc {
+ en: """Configuration for PostgreSQL authentication backend."""
+ zh: """PostgreSQL 认证配置"""
+ }
+ label: {
+ en: """authentication"""
+ zh: """认证配置"""
+ }
+ }
+
+ query {
+ desc {
+ en: """`SQL` query for looking up authentication data."""
+ zh: """客户端数据查询 SQL 语句"""
+ }
+ label: {
+ en: """query"""
+ zh: """请求"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/i18n/emqx_authn_redis_i18n.conf b/apps/emqx_authn/i18n/emqx_authn_redis_i18n.conf
new file mode 100644
index 000000000..0ae12b959
--- /dev/null
+++ b/apps/emqx_authn/i18n/emqx_authn_redis_i18n.conf
@@ -0,0 +1,45 @@
+emqx_authn_redis {
+ standalone {
+ desc {
+ en: """Configuration for a standalone Redis instance."""
+ zh: """Redis 单节点认证配置"""
+ }
+ label: {
+ en: """standalone"""
+ zh: """standalone"""
+ }
+ }
+
+ cluster {
+ desc {
+ en: """Configuration for a Redis cluster."""
+ zh: """Redis 集群模式认证配置"""
+ }
+ label: {
+ en: """cluster"""
+ zh: """cluster"""
+ }
+ }
+
+ sentinel {
+ desc {
+ en: """Configuration for a Redis Sentinel."""
+ zh: """Redis 哨兵模式认证配置"""
+ }
+ label: {
+ en: """sentinel"""
+ zh: """sentinel"""
+ }
+ }
+
+ cmd {
+ desc {
+ en: """Database query used to retrieve authentication data."""
+ zh: """Redis 认证数据查询语句"""
+ }
+ label: {
+ en: """cmd"""
+ zh: """查询命令"""
+ }
+ }
+}
diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl
index c785bf0f6..2e4c7a579 100644
--- a/apps/emqx_authn/src/emqx_authn_api.erl
+++ b/apps/emqx_authn/src/emqx_authn_api.erl
@@ -18,11 +18,11 @@
-behaviour(minirest_api).
--include_lib("typerefl/include/types.hrl").
-include("emqx_authn.hrl").
--include_lib("emqx/include/emqx_placeholder.hrl").
-include_lib("emqx/include/logger.hrl").
+-include_lib("emqx/include/emqx_placeholder.hrl").
-include_lib("emqx/include/emqx_authentication.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-import(hoconsc, [mk/2, ref/1, ref/2]).
-import(emqx_dashboard_swagger, [error_codes/2]).
@@ -154,7 +154,7 @@ schema("/authentication") ->
'operationId' => authenticators,
get => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"List authenticators for global authentication">>,
+ description => ?DESC(authentication_get),
responses => #{
200 => emqx_dashboard_swagger:schema_with_example(
hoconsc:array(emqx_authn_schema:authenticator_type()),
@@ -164,7 +164,7 @@ schema("/authentication") ->
},
post => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Create authenticator for global authentication">>,
+ description => ?DESC(authentication_post),
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
emqx_authn_schema:authenticator_type(),
authenticator_examples()
@@ -184,7 +184,7 @@ schema("/authentication/:id") ->
'operationId' => authenticator,
get => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Get authenticator from global authentication chain">>,
+ description => ?DESC(authentication_id_get),
parameters => [param_auth_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_examples(
@@ -196,7 +196,7 @@ schema("/authentication/:id") ->
},
put => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Update authenticator from global authentication chain">>,
+ description => ?DESC(authentication_id_put),
parameters => [param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
emqx_authn_schema:authenticator_type(),
@@ -214,7 +214,7 @@ schema("/authentication/:id") ->
},
delete => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Delete authenticator from global authentication chain">>,
+ description => ?DESC(authentication_id_delete),
parameters => [param_auth_id()],
responses => #{
204 => <<"Authenticator deleted">>,
@@ -227,7 +227,7 @@ schema("/authentication/:id/status") ->
'operationId' => authenticator_status,
get => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Get authenticator status from global authentication chain">>,
+ description => ?DESC(authentication_id_status_get),
parameters => [param_auth_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_examples(
@@ -243,7 +243,7 @@ schema("/listeners/:listener_id/authentication") ->
'operationId' => listener_authenticators,
get => #{
tags => ?API_TAGS_SINGLE,
- description => <<"List authenticators for listener authentication">>,
+ description => ?DESC(listeners_listener_id_authentication_get),
parameters => [param_listener_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_example(
@@ -254,7 +254,7 @@ schema("/listeners/:listener_id/authentication") ->
},
post => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Create authenticator for listener authentication">>,
+ description => ?DESC(listeners_listener_id_authentication_post),
parameters => [param_listener_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
emqx_authn_schema:authenticator_type(),
@@ -275,7 +275,7 @@ schema("/listeners/:listener_id/authentication/:id") ->
'operationId' => listener_authenticator,
get => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Get authenticator from listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_get),
parameters => [param_listener_id(), param_auth_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_examples(
@@ -287,7 +287,7 @@ schema("/listeners/:listener_id/authentication/:id") ->
},
put => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Update authenticator from listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_put),
parameters => [param_listener_id(), param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
emqx_authn_schema:authenticator_type(),
@@ -305,7 +305,7 @@ schema("/listeners/:listener_id/authentication/:id") ->
},
delete => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Delete authenticator from listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_delete),
parameters => [param_listener_id(), param_auth_id()],
responses => #{
204 => <<"Authenticator deleted">>,
@@ -318,7 +318,7 @@ schema("/listeners/:listener_id/authentication/:id/status") ->
'operationId' => listener_authenticator_status,
get => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Get authenticator status from listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_status_get),
parameters => [param_listener_id(), param_auth_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_examples(
@@ -334,7 +334,7 @@ schema("/authentication/:id/move") ->
'operationId' => authenticator_move,
post => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Move authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_move_post),
parameters => [param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_move),
@@ -352,7 +352,7 @@ schema("/listeners/:listener_id/authentication/:id/move") ->
'operationId' => listener_authenticator_move,
post => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Move authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_move_post),
parameters => [param_listener_id(), param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_move),
@@ -370,7 +370,7 @@ schema("/authentication/:id/import_users") ->
'operationId' => authenticator_import_users,
post => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Import users into authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_import_users_post),
parameters => [param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_import_users),
@@ -388,7 +388,7 @@ schema("/listeners/:listener_id/authentication/:id/import_users") ->
'operationId' => listener_authenticator_import_users,
post => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Import users into authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_import_users_post),
parameters => [param_listener_id(), param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_import_users),
@@ -406,7 +406,7 @@ schema("/authentication/:id/users") ->
'operationId' => authenticator_users,
post => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Create users for authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_users_post),
parameters => [param_auth_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_user_create),
@@ -423,7 +423,7 @@ schema("/authentication/:id/users") ->
},
get => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"List users in authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_users_get),
parameters => [
param_auth_id(),
ref(emqx_dashboard_swagger, page),
@@ -431,13 +431,13 @@ schema("/authentication/:id/users") ->
{like_username,
mk(binary(), #{
in => query,
- desc => <<"Fuzzy search username">>,
+ desc => ?DESC(like_username),
required => false
})},
{like_clientid,
mk(binary(), #{
in => query,
- desc => <<"Fuzzy search clientid">>,
+ desc => ?DESC(like_clientid),
required => false
})}
],
@@ -455,7 +455,7 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
'operationId' => listener_authenticator_users,
post => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Create users for authenticator in global authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_users_post),
parameters => [param_auth_id(), param_listener_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_user_create),
@@ -472,7 +472,7 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
},
get => #{
tags => ?API_TAGS_SINGLE,
- description => <<"List users in authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_users_get),
parameters => [
param_listener_id(),
param_auth_id(),
@@ -493,7 +493,7 @@ schema("/authentication/:id/users/:user_id") ->
'operationId' => authenticator_user,
get => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Get user from authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_users_user_id_get),
parameters => [param_auth_id(), param_user_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_examples(
@@ -505,7 +505,7 @@ schema("/authentication/:id/users/:user_id") ->
},
put => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Update user in authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_users_user_id_put),
parameters => [param_auth_id(), param_user_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_examples(
ref(request_user_update),
@@ -522,7 +522,7 @@ schema("/authentication/:id/users/:user_id") ->
},
delete => #{
tags => ?API_TAGS_GLOBAL,
- description => <<"Update user in authenticator in global authentication chain">>,
+ description => ?DESC(authentication_id_users_user_id_delete),
parameters => [param_auth_id(), param_user_id()],
responses => #{
204 => <<"User deleted">>,
@@ -535,7 +535,7 @@ schema("/listeners/:listener_id/authentication/:id/users/:user_id") ->
'operationId' => listener_authenticator_user,
get => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Get user from authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_users_user_id_get),
parameters => [param_listener_id(), param_auth_id(), param_user_id()],
responses => #{
200 => emqx_dashboard_swagger:schema_with_example(
@@ -547,7 +547,7 @@ schema("/listeners/:listener_id/authentication/:id/users/:user_id") ->
},
put => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Update user in authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_users_user_id_put),
parameters => [param_listener_id(), param_auth_id(), param_user_id()],
'requestBody' => emqx_dashboard_swagger:schema_with_example(
ref(request_user_update),
@@ -564,7 +564,7 @@ schema("/listeners/:listener_id/authentication/:id/users/:user_id") ->
},
delete => #{
tags => ?API_TAGS_SINGLE,
- description => <<"Update user in authenticator in listener authentication chain">>,
+ description => ?DESC(listeners_listener_id_authentication_id_users_user_id_delete),
parameters => [param_listener_id(), param_auth_id(), param_user_id()],
responses => #{
204 => <<"User deleted">>,
@@ -578,7 +578,7 @@ param_auth_id() ->
id,
mk(binary(), #{
in => path,
- desc => <<"Authenticator ID">>,
+ desc => ?DESC(param_auth_id),
required => true
})
}.
@@ -588,7 +588,7 @@ param_listener_id() ->
listener_id,
mk(binary(), #{
in => path,
- desc => <<"Listener ID">>,
+ desc => ?DESC(param_listener_id),
required => true,
example => emqx_listeners:id_example()
})
@@ -599,7 +599,7 @@ param_user_id() ->
user_id,
mk(binary(), #{
in => path,
- desc => <<"User ID">>
+ desc => ?DESC(param_user_id)
})
}.
diff --git a/apps/emqx_authn/src/emqx_authn_schema.erl b/apps/emqx_authn/src/emqx_authn_schema.erl
index 32994cbbe..ef20e36cf 100644
--- a/apps/emqx_authn/src/emqx_authn_schema.erl
+++ b/apps/emqx_authn/src/emqx_authn_schema.erl
@@ -17,7 +17,7 @@
-module(emqx_authn_schema).
-elvis([{elvis_style, invalid_dynamic_call, disable}]).
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-import(hoconsc, [mk/2, ref/2]).
-export([
@@ -38,7 +38,7 @@ common_fields() ->
enable(type) -> boolean();
enable(default) -> true;
-enable(desc) -> "Set to false to disable this auth provider";
+enable(desc) -> ?DESC(?FUNCTION_NAME);
enable(_) -> undefined.
authenticator_type() ->
@@ -74,7 +74,7 @@ mechanism(Name) ->
hoconsc:enum([Name]),
#{
required => true,
- desc => "Authentication mechanism."
+ desc => ?DESC("mechanism")
}
).
@@ -83,51 +83,47 @@ backend(Name) ->
hoconsc:enum([Name]),
#{
required => true,
- desc => "Backend type."
+ desc => ?DESC("backend")
}
).
fields("metrics_status_fields") ->
[
- {"metrics", mk(ref(?MODULE, "metrics"), #{desc => "The metrics of the resource"})},
+ {"metrics", mk(ref(?MODULE, "metrics"), #{desc => ?DESC("metrics")})},
{"node_metrics",
mk(
hoconsc:array(ref(?MODULE, "node_metrics")),
- #{desc => "The metrics of the resource for each node"}
+ #{desc => ?DESC("node_metrics")}
)},
- {"status", mk(status(), #{desc => "The status of the resource"})},
+ {"status", mk(status(), #{desc => ?DESC("status")})},
{"node_status",
mk(
hoconsc:array(ref(?MODULE, "node_status")),
- #{desc => "The status of the resource for each node"}
+ #{desc => ?DESC("node_status")}
)}
];
fields("metrics") ->
[
- {"matched", mk(integer(), #{desc => "Count of this resource is queried"})},
- {"success", mk(integer(), #{desc => "Count of query success"})},
- {"failed", mk(integer(), #{desc => "Count of query failed"})},
- {"rate", mk(float(), #{desc => "The rate of matched, times/second"})},
- {"rate_max", mk(float(), #{desc => "The max rate of matched, times/second"})},
- {"rate_last5m",
- mk(
- float(),
- #{desc => "The average rate of matched in the last 5 minutes, times/second"}
- )}
+ {"matched", mk(integer(), #{desc => ?DESC("matched")})},
+ {"success", mk(integer(), #{desc => ?DESC("success")})},
+ {"failed", mk(integer(), #{desc => ?DESC("failed")})},
+ {"rate", mk(float(), #{desc => ?DESC("rate")})},
+ {"rate_max", mk(float(), #{desc => ?DESC("rate_max")})},
+ {"rate_last5m", mk(float(), #{desc => ?DESC("rate_last5m")})}
];
fields("node_metrics") ->
[
node_name(),
- {"metrics", mk(ref(?MODULE, "metrics"), #{})}
+ {"metrics", mk(ref(?MODULE, "metrics"), #{desc => ?DESC("metrics")})}
];
fields("node_status") ->
[
node_name(),
- {"status", mk(status(), #{desc => "Status of the node."})}
+ {"status", mk(status(), #{desc => ?DESC("node_status")})}
].
status() ->
hoconsc:enum([connected, disconnected, connecting]).
node_name() ->
- {"node", mk(binary(), #{desc => "The node name", example => "emqx@127.0.0.1"})}.
+ {"node", mk(binary(), #{desc => ?DESC("node"), example => "emqx@127.0.0.1"})}.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
index d13f2c69f..b03a7f1b1 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
@@ -18,7 +18,7 @@
-include("emqx_authn.hrl").
-include_lib("emqx/include/logger.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-include_lib("emqx_connector/include/emqx_connector.hrl").
-behaviour(hocon_schema).
@@ -62,19 +62,19 @@ roots() ->
fields(get) ->
[
- {method, #{type => get, required => true, default => post, desc => "HTTP method."}},
+ {method, #{type => get, required => true, default => post, desc => ?DESC(method)}},
{headers, fun headers_no_content_type/1}
] ++ common_fields();
fields(post) ->
[
- {method, #{type => post, required => true, default => post, desc => "HTTP method."}},
+ {method, #{type => post, required => true, default => post, desc => ?DESC(method)}},
{headers, fun headers/1}
] ++ common_fields().
desc(get) ->
- "Settings for HTTP-based authentication (GET).";
+ ?DESC(get);
desc(post) ->
- "Settings for HTTP-based authentication (POST).";
+ ?DESC(post);
desc(_) ->
undefined.
@@ -83,8 +83,7 @@ common_fields() ->
{mechanism, emqx_authn_schema:mechanism(password_based)},
{backend, emqx_authn_schema:backend(http)},
{url, fun url/1},
- {body,
- hoconsc:mk(map([{fuzzy, term(), binary()}]), #{desc => "Body of the HTTP request."})},
+ {body, hoconsc:mk(map([{fuzzy, term(), binary()}]), #{desc => ?DESC(body)})},
{request_timeout, fun request_timeout/1}
] ++ emqx_authn_schema:common_fields() ++
maps:to_list(
@@ -104,7 +103,7 @@ validations() ->
].
url(type) -> binary();
-url(desc) -> "URL of the auth server.";
+url(desc) -> ?DESC(?FUNCTION_NAME);
url(validator) -> [?NOT_EMPTY("the value of the field 'url' cannot be empty")];
url(required) -> true;
url(_) -> undefined.
@@ -112,7 +111,7 @@ url(_) -> undefined.
headers(type) ->
map();
headers(desc) ->
- "List of HTTP headers.";
+ ?DESC(?FUNCTION_NAME);
headers(converter) ->
fun(Headers) ->
maps:merge(default_headers(), transform_header_name(Headers))
@@ -125,7 +124,7 @@ headers(_) ->
headers_no_content_type(type) ->
map();
headers_no_content_type(desc) ->
- "List of HTTP headers.";
+ ?DESC(?FUNCTION_NAME);
headers_no_content_type(converter) ->
fun(Headers) ->
maps:merge(default_headers_no_content_type(), transform_header_name(Headers))
@@ -136,7 +135,7 @@ headers_no_content_type(_) ->
undefined.
request_timeout(type) -> emqx_schema:duration_ms();
-request_timeout(desc) -> "HTTP request timeout";
+request_timeout(desc) -> ?DESC(?FUNCTION_NAME);
request_timeout(default) -> <<"5s">>;
request_timeout(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
index b296e32a6..c5d84e98d 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_jwt.erl
@@ -17,8 +17,8 @@
-module(emqx_authn_jwt).
-include("emqx_authn.hrl").
--include_lib("typerefl/include/types.hrl").
-include_lib("emqx/include/logger.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -55,22 +55,22 @@ roots() ->
fields('hmac-based') ->
[
- {use_jwks, sc(hoconsc:enum([false]), #{required => true, desc => ""})},
+ {use_jwks, sc(hoconsc:enum([false]), #{required => true, desc => ?DESC(use_jwks)})},
{algorithm,
- sc(hoconsc:enum(['hmac-based']), #{required => true, desc => "Signing algorithm."})},
+ sc(hoconsc:enum(['hmac-based']), #{required => true, desc => ?DESC(algorithm)})},
{secret, fun secret/1},
{secret_base64_encoded, fun secret_base64_encoded/1}
] ++ common_fields();
fields('public-key') ->
[
- {use_jwks, sc(hoconsc:enum([false]), #{required => true, desc => ""})},
+ {use_jwks, sc(hoconsc:enum([false]), #{required => true, desc => ?DESC(use_jwks)})},
{algorithm,
- sc(hoconsc:enum(['public-key']), #{required => true, desc => "Signing algorithm."})},
+ sc(hoconsc:enum(['public-key']), #{required => true, desc => ?DESC(algorithm)})},
{certificate, fun certificate/1}
] ++ common_fields();
fields('jwks') ->
[
- {use_jwks, sc(hoconsc:enum([true]), #{required => true, desc => ""})},
+ {use_jwks, sc(hoconsc:enum([true]), #{required => true, desc => ?DESC(use_jwks)})},
{endpoint, fun endpoint/1},
{pool_size, fun pool_size/1},
{refresh_interval, fun refresh_interval/1},
@@ -79,14 +79,14 @@ fields('jwks') ->
hoconsc:ref(?MODULE, ssl_enable),
hoconsc:ref(?MODULE, ssl_disable)
]),
- desc => "Enable/disable SSL.",
+ desc => ?DESC(ssl),
default => #{<<"enable">> => false},
required => false
}}
] ++ common_fields();
fields(ssl_enable) ->
[
- {enable, #{type => true, desc => ""}},
+ {enable, #{type => true, desc => ?DESC(enable)}},
{cacertfile, fun cacertfile/1},
{certfile, fun certfile/1},
{keyfile, fun keyfile/1},
@@ -94,18 +94,18 @@ fields(ssl_enable) ->
{server_name_indication, fun server_name_indication/1}
];
fields(ssl_disable) ->
- [{enable, #{type => false, desc => ""}}].
+ [{enable, #{type => false, desc => ?DESC(enable)}}].
desc('hmac-based') ->
- "Settings for HMAC-based token signing algorithm.";
+ ?DESC('hmac-based');
desc('public-key') ->
- "Settings for public key-based token signing algorithm.";
+ ?DESC('public-key');
desc('jwks') ->
- "Settings for a signing using JSON Web Key Set (JWKs).";
+ ?DESC('jwks');
desc(ssl_disable) ->
- "";
+ ?DESC(ssl_disable);
desc(ssl_enable) ->
- "SSL configuration.";
+ ?DESC(ssl_enable);
desc(_) ->
undefined.
@@ -116,56 +116,56 @@ common_fields() ->
] ++ emqx_authn_schema:common_fields().
secret(type) -> binary();
-secret(desc) -> "The key to verify the JWT Token using HMAC algorithm.";
+secret(desc) -> ?DESC(?FUNCTION_NAME);
secret(required) -> true;
secret(_) -> undefined.
secret_base64_encoded(type) -> boolean();
-secret_base64_encoded(desc) -> "Enable/disable base64 encoding of the secret.";
+secret_base64_encoded(desc) -> ?DESC(?FUNCTION_NAME);
secret_base64_encoded(default) -> false;
secret_base64_encoded(_) -> undefined.
certificate(type) -> string();
-certificate(desc) -> "The certificate used for signing the token.";
+certificate(desc) -> ?DESC(?FUNCTION_NAME);
certificate(required) -> ture;
certificate(_) -> undefined.
endpoint(type) -> string();
-endpoint(desc) -> "JWKs endpoint.";
+endpoint(desc) -> ?DESC(?FUNCTION_NAME);
endpoint(required) -> true;
endpoint(_) -> undefined.
refresh_interval(type) -> integer();
-refresh_interval(desc) -> "JWKs refresh interval";
+refresh_interval(desc) -> ?DESC(?FUNCTION_NAME);
refresh_interval(default) -> 300;
refresh_interval(validator) -> [fun(I) -> I > 0 end];
refresh_interval(_) -> undefined.
cacertfile(type) -> string();
-cacertfile(desc) -> "Path to the SSL CA certificate file.";
+cacertfile(desc) -> ?DESC(?FUNCTION_NAME);
cacertfile(_) -> undefined.
certfile(type) -> string();
-certfile(desc) -> "Path to the SSL certificate file.";
+certfile(desc) -> ?DESC(?FUNCTION_NAME);
certfile(_) -> undefined.
keyfile(type) -> string();
-keyfile(desc) -> "Path to the SSL secret key file.";
+keyfile(desc) -> ?DESC(?FUNCTION_NAME);
keyfile(_) -> undefined.
verify(type) -> hoconsc:enum([verify_peer, verify_none]);
-verify(desc) -> "Enable or disable SSL peer verification.";
+verify(desc) -> ?DESC(?FUNCTION_NAME);
verify(default) -> verify_none;
verify(_) -> undefined.
server_name_indication(type) -> string();
-server_name_indication(desc) -> "SSL SNI (Server Name Indication)";
+server_name_indication(desc) -> ?DESC(?FUNCTION_NAME);
server_name_indication(_) -> undefined.
verify_claims(type) ->
list();
verify_claims(desc) ->
- "The list of claims to verify.";
+ ?DESC(?FUNCTION_NAME);
verify_claims(default) ->
#{};
verify_claims(validator) ->
@@ -180,7 +180,7 @@ verify_claims(_) ->
undefined.
pool_size(type) -> integer();
-pool_size(desc) -> "JWKS connection count";
+pool_size(desc) -> ?DESC(?FUNCTION_NAME);
pool_size(default) -> 8;
pool_size(validator) -> [fun(I) -> I > 0 end];
pool_size(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
index 7971ce049..b3bb91ff7 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
@@ -18,7 +18,7 @@
-include("emqx_authn.hrl").
-include_lib("stdlib/include/ms_transform.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -110,12 +110,12 @@ fields(?CONF_NS) ->
] ++ emqx_authn_schema:common_fields().
desc(?CONF_NS) ->
- "Configuration for authentication using the built-in database.";
+ ?DESC(?CONF_NS);
desc(_) ->
undefined.
user_id_type(type) -> user_id_type();
-user_id_type(desc) -> "Authenticate by client ID or username.";
+user_id_type(desc) -> ?DESC(?FUNCTION_NAME);
user_id_type(default) -> <<"username">>;
user_id_type(required) -> true;
user_id_type(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
index f5ceaa577..2174406e0 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
@@ -18,7 +18,7 @@
-include("emqx_authn.hrl").
-include_lib("emqx/include/logger.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -61,17 +61,17 @@ fields('sharded-cluster') ->
common_fields() ++ emqx_connector_mongo:fields(sharded).
desc(standalone) ->
- "Configuration for a standalone MongoDB instance.";
+ ?DESC(standalone);
desc('replica-set') ->
- "Configuration for a replica set.";
+ ?DESC('replica-set');
desc('sharded-cluster') ->
- "Configuration for a sharded cluster.";
+ ?DESC('sharded-cluster');
desc(_) ->
undefined.
common_fields() ->
[
- {mechanism, emqx_authn_schema:mechanism('password_based')},
+ {mechanism, emqx_authn_schema:mechanism(password_based)},
{backend, emqx_authn_schema:backend(mongodb)},
{collection, fun collection/1},
{selector, fun selector/1},
@@ -82,32 +82,29 @@ common_fields() ->
] ++ emqx_authn_schema:common_fields().
collection(type) -> binary();
-collection(desc) -> "Collection used to store authentication data.";
+collection(desc) -> ?DESC(?FUNCTION_NAME);
collection(required) -> true;
collection(_) -> undefined.
selector(type) ->
map();
selector(desc) ->
- "Statement that is executed during the authentication process. "
- "Commands can support following wildcards:\n"
- " - `${username}`: substituted with client's username\n"
- " - `${clientid}`: substituted with the clientid";
+ ?DESC(?FUNCTION_NAME);
selector(_) ->
undefined.
password_hash_field(type) -> binary();
-password_hash_field(desc) -> "Document field that contains password hash.";
+password_hash_field(desc) -> ?DESC(?FUNCTION_NAME);
password_hash_field(required) -> false;
password_hash_field(_) -> undefined.
salt_field(type) -> binary();
-salt_field(desc) -> "Document field that contains the password salt.";
+salt_field(desc) -> ?DESC(?FUNCTION_NAME);
salt_field(required) -> false;
salt_field(_) -> undefined.
is_superuser_field(type) -> binary();
-is_superuser_field(desc) -> "Document field that defines if the user has superuser privileges.";
+is_superuser_field(desc) -> ?DESC(?FUNCTION_NAME);
is_superuser_field(required) -> false;
is_superuser_field(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
index 9cbe0c174..11575149c 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
@@ -18,7 +18,7 @@
-include("emqx_authn.hrl").
-include_lib("emqx/include/logger.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -56,20 +56,20 @@ fields(?CONF_NS) ->
{query, fun query/1},
{query_timeout, fun query_timeout/1}
] ++ emqx_authn_schema:common_fields() ++
- proplists:delete(prepare_statement, emqx_connector_mysql:fields(config)).
+ proplists:delete(prepare_statement, emqx_connector_mysql:fields(config)).
desc(?CONF_NS) ->
- "Configuration for authentication using MySQL database.";
+ ?DESC(?CONF_NS);
desc(_) ->
undefined.
query(type) -> string();
-query(desc) -> "SQL query used to lookup client data.";
+query(desc) -> ?DESC(?FUNCTION_NAME);
query(required) -> true;
query(_) -> undefined.
query_timeout(type) -> emqx_schema:duration_ms();
-query_timeout(desc) -> "Timeout for the SQL query.";
+query_timeout(desc) -> ?DESC(?FUNCTION_NAME);
query_timeout(default) -> "5s";
query_timeout(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
index cb8340a4a..47eb57634 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
@@ -19,7 +19,7 @@
-include("emqx_authn.hrl").
-include_lib("emqx/include/logger.hrl").
-include_lib("epgsql/include/epgsql.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -63,12 +63,12 @@ fields(?CONF_NS) ->
proplists:delete(prepare_statement, emqx_connector_pgsql:fields(config)).
desc(?CONF_NS) ->
- "Configuration for PostgreSQL authentication backend.";
+ ?DESC(?CONF_NS);
desc(_) ->
undefined.
query(type) -> string();
-query(desc) -> "`SQL` query for looking up authentication data.";
+query(desc) -> ?DESC(?FUNCTION_NAME);
query(required) -> true;
query(_) -> undefined.
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
index b29f0acdf..37870448c 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
@@ -18,7 +18,7 @@
-include("emqx_authn.hrl").
-include_lib("emqx/include/logger.hrl").
--include_lib("typerefl/include/types.hrl").
+-include_lib("hocon/include/hoconsc.hrl").
-behaviour(hocon_schema).
-behaviour(emqx_authentication).
@@ -61,24 +61,24 @@ fields(sentinel) ->
common_fields() ++ emqx_connector_redis:fields(sentinel).
desc(standalone) ->
- "Configuration for a standalone Redis instance.";
+ ?DESC(standalone);
desc(cluster) ->
- "Configuration for a Redis cluster.";
+ ?DESC(cluster);
desc(sentinel) ->
- "Configuration for a Redis Sentinel.";
+ ?DESC(sentinel);
desc(_) ->
"".
common_fields() ->
[
- {mechanism, emqx_authn_schema:mechanism('password_based')},
+ {mechanism, emqx_authn_schema:mechanism(password_based)},
{backend, emqx_authn_schema:backend(redis)},
{cmd, fun cmd/1},
{password_hash_algorithm, fun emqx_authn_password_hashing:type_ro/1}
] ++ emqx_authn_schema:common_fields().
cmd(type) -> string();
-cmd(desc) -> "Redis query.";
+cmd(desc) -> ?DESC(?FUNCTION_NAME);
cmd(required) -> true;
cmd(_) -> undefined.
diff --git a/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
index b6ae6d514..3d2dba895 100644
--- a/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
@@ -198,10 +198,10 @@ t_update(_Config) ->
>>
},
- {ok, _} = emqx:update_config(
- ?PATH,
- {create_authenticator, ?GLOBAL, IncorrectConfig}
- ),
+ {ok, _} = emqx:update_config(
+ ?PATH,
+ {create_authenticator, ?GLOBAL, IncorrectConfig}
+ ),
{error, not_authorized} = emqx_access_control:authenticate(
#{