diff --git a/apps/emqx/include/emqx.hrl b/apps/emqx/include/emqx.hrl index 63ab13256..550e650a2 100644 --- a/apps/emqx/include/emqx.hrl +++ b/apps/emqx/include/emqx.hrl @@ -147,6 +147,6 @@ }). -record(chain, - { name :: binary() + { name :: atom() , authenticators :: [#authenticator{}] }). \ No newline at end of file diff --git a/apps/emqx/src/emqx_authentication.erl b/apps/emqx/src/emqx_authentication.erl index 2b561d298..8dcca50eb 100644 --- a/apps/emqx/src/emqx_authentication.erl +++ b/apps/emqx/src/emqx_authentication.erl @@ -473,7 +473,7 @@ handle_call({update_authenticator, ChainName, AuthenticatorID, Config}, _From, S state = #{version := Version} = ST} = Authenticator -> case AuthenticatorID =:= generate_id(Config) of true -> - Unique = <>, + Unique = unique(ChainName, AuthenticatorID, Version), case Provider:update(Config#{'_unique' => Unique}, ST) of {ok, NewST} -> NewAuthenticator = Authenticator#authenticator{state = switch_version(NewST)}, @@ -575,17 +575,17 @@ split_by_id(ID, AuthenticatorsConfig) -> end. global_chain(mqtt) -> - <<"mqtt:global">>; + 'mqtt:global'; global_chain('mqtt-sn') -> - <<"mqtt-sn:global">>; + 'mqtt-sn:global'; global_chain(coap) -> - <<"coap:global">>; + 'coap:global'; global_chain(lwm2m) -> - <<"lwm2m:global">>; + 'lwm2m:global'; global_chain(stomp) -> - <<"stomp:global">>; + 'stomp:global'; global_chain(_) -> - <<"unknown:global">>. + 'unknown:global'. may_hook(#{hooked := false} = State) -> case lists:any(fun(#chain{authenticators = []}) -> false; @@ -618,7 +618,7 @@ do_create_authenticator(ChainName, AuthenticatorID, #{enable := Enable} = Config undefined -> {error, no_available_provider}; Provider -> - Unique = <>, + Unique = unique(ChainName, AuthenticatorID, ?VER_1), case Provider:create(Config#{'_unique' => Unique}) of {ok, State} -> Authenticator = #authenticator{id = AuthenticatorID, @@ -704,6 +704,10 @@ serialize_authenticator(#authenticator{id = ID, , state => State }. +unique(ChainName, AuthenticatorID, Version) -> + NChainName = atom_to_binary(ChainName), + <>. + switch_version(State = #{version := ?VER_1}) -> State#{version := ?VER_2}; switch_version(State = #{version := ?VER_2}) -> diff --git a/apps/emqx/src/emqx_channel.erl b/apps/emqx/src/emqx_channel.erl index e25a9c8d6..5e978669d 100644 --- a/apps/emqx/src/emqx_channel.erl +++ b/apps/emqx/src/emqx_channel.erl @@ -214,7 +214,7 @@ init(ConnInfo = #{peername := {PeerHost, _Port}, ClientInfo = set_peercert_infos( Peercert, #{zone => Zone, - listener => Listener, + listener => emqx_listeners:listener_id(Type, Listener), protocol => Protocol, peerhost => PeerHost, sockport => SockPort, @@ -223,7 +223,7 @@ init(ConnInfo = #{peername := {PeerHost, _Port}, mountpoint => MountPoint, is_bridge => false, is_superuser => false - }, Zone, Listener), + }, Zone), {NClientInfo, NConnInfo} = take_ws_cookie(ClientInfo, ConnInfo), #channel{conninfo = NConnInfo, clientinfo = NClientInfo, @@ -244,12 +244,12 @@ quota_policy(RawPolicy) -> erlang:trunc(hocon_postprocess:duration(StrWind) / 1000)}} || {Name, [StrCount, StrWind]} <- maps:to_list(RawPolicy)]. -set_peercert_infos(NoSSL, ClientInfo, _, _) +set_peercert_infos(NoSSL, ClientInfo, _) when NoSSL =:= nossl; NoSSL =:= undefined -> ClientInfo#{username => undefined}; -set_peercert_infos(Peercert, ClientInfo, Zone, _Listener) -> +set_peercert_infos(Peercert, ClientInfo, Zone) -> {DN, CN} = {esockd_peercert:subject(Peercert), esockd_peercert:common_name(Peercert)}, PeercetAs = fun(Key) -> diff --git a/apps/emqx/test/emqx_authentication_SUITE.erl b/apps/emqx/test/emqx_authentication_SUITE.erl index a940adc88..0b610d2e5 100644 --- a/apps/emqx/test/emqx_authentication_SUITE.erl +++ b/apps/emqx/test/emqx_authentication_SUITE.erl @@ -94,7 +94,7 @@ end_per_suite(_) -> t_chain(_) -> % CRUD of authentication chain - ChainName = <<"test">>, + ChainName = 'test', ?assertMatch({ok, []}, ?AUTHN:list_chains()), ?assertMatch({ok, #{name := ChainName, authenticators := []}}, ?AUTHN:create_chain(ChainName)), ?assertEqual({error, {already_exists, {chain, ChainName}}}, ?AUTHN:create_chain(ChainName)), @@ -105,7 +105,7 @@ t_chain(_) -> ok. t_authenticator(_) -> - ChainName = <<"test">>, + ChainName = 'test', AuthenticatorConfig1 = #{mechanism => 'password-based', backend => 'built-in-database', enable => true}, @@ -155,7 +155,7 @@ t_authenticator(_) -> ok. t_authenticate(_) -> - ListenerID = <<"tcp:default">>, + ListenerID = 'tcp:default', ClientInfo = #{zone => default, listener => ListenerID, protocol => mqtt, @@ -186,7 +186,7 @@ t_update_config(_) -> ?AUTHN:add_provider(AuthNType1, ?MODULE), ?AUTHN:add_provider(AuthNType2, ?MODULE), - Global = <<"mqtt:global">>, + Global = 'mqtt:global', AuthenticatorConfig1 = #{mechanism => 'password-based', backend => 'built-in-database', enable => true}, @@ -212,7 +212,7 @@ t_update_config(_) -> ?assertMatch({ok, _}, update_config([authentication], {delete_authenticator, Global, ID1})), ?assertEqual({error, {not_found, {authenticator, ID1}}}, ?AUTHN:lookup_authenticator(Global, ID1)), - ListenerID = <<"tcp:default">>, + ListenerID = 'tcp:default', ConfKeyPath = [listeners, tcp, default, authentication], ?assertMatch({ok, _}, update_config(ConfKeyPath, {create_authenticator, ListenerID, AuthenticatorConfig1})), ?assertMatch({ok, #{id := ID1, state := #{mark := 1}}}, ?AUTHN:lookup_authenticator(ListenerID, ID1)), diff --git a/apps/emqx_authn/include/emqx_authn.hrl b/apps/emqx_authn/include/emqx_authn.hrl index bdf93204a..5eef08012 100644 --- a/apps/emqx_authn/include/emqx_authn.hrl +++ b/apps/emqx_authn/include/emqx_authn.hrl @@ -18,7 +18,7 @@ -define(AUTHN, emqx_authentication). --define(GLOBAL, <<"mqtt:global">>). +-define(GLOBAL, 'mqtt:global'). -define(RE_PLACEHOLDER, "\\$\\{[a-z0-9\\-]+\\}"). diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl index afac57f99..7c3bcbd63 100644 --- a/apps/emqx_authn/src/emqx_authn_api.erl +++ b/apps/emqx_authn/src/emqx_authn_api.erl @@ -1824,7 +1824,8 @@ find_listener(ListenerID) -> {ok, {Type, Name}} end. -create_authenticator(ConfKeyPath, ChainName, Config) -> +create_authenticator(ConfKeyPath, ChainName0, Config) -> + ChainName = to_atom(ChainName0), case update_config(ConfKeyPath, {create_authenticator, ChainName, Config}) of {ok, #{post_config_update := #{?AUTHN := #{id := ID}}, raw_config := AuthenticatorsConfig}} -> @@ -1849,7 +1850,8 @@ list_authenticator(ConfKeyPath, AuthenticatorID) -> serialize_error(Reason) end. -update_authenticator(ConfKeyPath, ChainName, AuthenticatorID, Config) -> +update_authenticator(ConfKeyPath, ChainName0, AuthenticatorID, Config) -> + ChainName = to_atom(ChainName0), case update_config(ConfKeyPath, {update_authenticator, ChainName, AuthenticatorID, Config}) of {ok, #{post_config_update := #{?AUTHN := #{id := ID}}, @@ -1860,7 +1862,8 @@ update_authenticator(ConfKeyPath, ChainName, AuthenticatorID, Config) -> serialize_error(Reason) end. -delete_authenticator(ConfKeyPath, ChainName, AuthenticatorID) -> +delete_authenticator(ConfKeyPath, ChainName0, AuthenticatorID) -> + ChainName = to_atom(ChainName0), case update_config(ConfKeyPath, {delete_authenticator, ChainName, AuthenticatorID}) of {ok, _} -> {204}; @@ -1868,7 +1871,8 @@ delete_authenticator(ConfKeyPath, ChainName, AuthenticatorID) -> serialize_error(Reason) end. -move_authenitcator(ConfKeyPath, ChainName, AuthenticatorID, Position) -> +move_authenitcator(ConfKeyPath, ChainName0, AuthenticatorID, Position) -> + ChainName = to_atom(ChainName0), case update_config(ConfKeyPath, {move_authenticator, ChainName, AuthenticatorID, Position}) of {ok, _} -> {204}; @@ -1876,7 +1880,8 @@ move_authenitcator(ConfKeyPath, ChainName, AuthenticatorID, Position) -> serialize_error(Reason) end. -add_user(ChainName, AuthenticatorID, #{<<"user_id">> := UserID, <<"password">> := Password} = UserInfo) -> +add_user(ChainName0, AuthenticatorID, #{<<"user_id">> := UserID, <<"password">> := Password} = UserInfo) -> + ChainName = to_atom(ChainName0), Superuser = maps:get(<<"superuser">>, UserInfo, false), case ?AUTHN:add_user(ChainName, AuthenticatorID, #{ user_id => UserID , password => Password @@ -1891,7 +1896,8 @@ add_user(_, _, #{<<"user_id">> := _}) -> add_user(_, _, _) -> serialize_error({missing_parameter, user_id}). -update_user(ChainName, AuthenticatorID, UserID, UserInfo) -> +update_user(ChainName0, AuthenticatorID, UserID, UserInfo) -> + ChainName = to_atom(ChainName0), case maps:with([<<"password">>, <<"superuser">>], UserInfo) =:= #{} of true -> serialize_error({missing_parameter, password}); @@ -1904,7 +1910,8 @@ update_user(ChainName, AuthenticatorID, UserID, UserInfo) -> end end. -find_user(ChainName, AuthenticatorID, UserID) -> +find_user(ChainName0, AuthenticatorID, UserID) -> + ChainName = to_atom(ChainName0), case ?AUTHN:lookup_user(ChainName, AuthenticatorID, UserID) of {ok, User} -> {200, User}; @@ -1912,7 +1919,8 @@ find_user(ChainName, AuthenticatorID, UserID) -> serialize_error(Reason) end. -delete_user(ChainName, AuthenticatorID, UserID) -> +delete_user(ChainName0, AuthenticatorID, UserID) -> + ChainName = to_atom(ChainName0), case ?AUTHN:delete_user(ChainName, AuthenticatorID, UserID) of ok -> {204}; @@ -1920,7 +1928,8 @@ delete_user(ChainName, AuthenticatorID, UserID) -> serialize_error(Reason) end. -list_users(ChainName, AuthenticatorID) -> +list_users(ChainName0, AuthenticatorID) -> + ChainName = to_atom(ChainName0), case ?AUTHN:list_users(ChainName, AuthenticatorID) of {ok, Users} -> {200, Users}; @@ -1973,4 +1982,9 @@ serialize_error(Reason) -> to_list(M) when is_map(M) -> [M]; to_list(L) when is_list(L) -> - L. \ No newline at end of file + L. + +to_atom(B) when is_binary(B) -> + binary_to_atom(B); +to_atom(A) when is_atom(A) -> + A. \ No newline at end of file diff --git a/apps/emqx_authn/src/emqx_authn_app.erl b/apps/emqx_authn/src/emqx_authn_app.erl index 58470289a..016decdd2 100644 --- a/apps/emqx_authn/src/emqx_authn_app.erl +++ b/apps/emqx_authn/src/emqx_authn_app.erl @@ -53,7 +53,7 @@ remove_providers() -> initialize() -> ?AUTHN:initialize_authentication(?GLOBAL, emqx:get_raw_config([authentication], [])), lists:foreach(fun({ListenerID, ListenerConfig}) -> - ?AUTHN:initialize_authentication(atom_to_binary(ListenerID), maps:get(authentication, ListenerConfig, [])) + ?AUTHN:initialize_authentication(ListenerID, maps:get(authentication, ListenerConfig, [])) end, emqx_listeners:list()), ok.