Add hook to auth packet

2020-04-16 16:07:01 +08:00 · 2020-04-16 16:07:01 +08:00 · dccf3560f0
parent e806a96031
commit dccf3560f0
3 changed files with 12 additions and 14 deletions
--- a/src/emqx_channel.erl
+++ b/src/emqx_channel.erl
@ -1138,21 +1138,18 @@ do_enhanced_auth(undefined, _AuthData, Channel) ->
 do_enhanced_auth(_AuthMethod, undefined, Channel) ->
    {error, emqx_reason_codes:connack_error(not_authorized), Channel};
 do_enhanced_auth(AuthMethod, AuthData, Channel = #channel{auth_cache = Cache}) ->
-    case do_auth_check(AuthMethod, AuthData, Cache) of
-        ok -> {ok, #{}, Channel#channel{auth_cache = #{}}};
+    case run_hooks('client.enhanced_authenticate',[AuthMethod, AuthData, Cache]) of
+        {ok, <<>>} -> {ok, #{}, Channel#channel{auth_cache = #{}}};
        {ok, NAuthData} ->
            NProperties = #{'Authentication-Method' => AuthMethod, 'Authentication-Data' => NAuthData},
            {ok, NProperties, Channel#channel{auth_cache = #{}}};
        {continue, NAuthData, NCache} ->
            NProperties = #{'Authentication-Method' => AuthMethod, 'Authentication-Data' => NAuthData},
            {continue, NProperties, Channel#channel{auth_cache = NCache}};
-        {error, _Reason} ->
+        _ ->
            {error, emqx_reason_codes:connack_error(not_authorized), Channel}
    end.

-do_auth_check(_AuthMethod, _AuthData, _AuthDataCache) ->
-    {error, not_authorized}. 
-
 %%--------------------------------------------------------------------
 %% Process Topic Alias

--- a/src/emqx_metrics.erl
+++ b/src/emqx_metrics.erl
@ -520,11 +520,12 @@ reserved_idx('client.connect')               -> 200;
 reserved_idx('client.connack')               -> 201;
 reserved_idx('client.connected')             -> 202;
 reserved_idx('client.authenticate')          -> 203;
-reserved_idx('client.auth.anonymous')        -> 204;
-reserved_idx('client.check_acl')             -> 205;
-reserved_idx('client.subscribe')             -> 206;
-reserved_idx('client.unsubscribe')           -> 207;
-reserved_idx('client.disconnected')          -> 208;
+reserved_idx('client.enhanced_authenticate') -> 204;
+reserved_idx('client.auth.anonymous')        -> 205;
+reserved_idx('client.check_acl')             -> 206;
+reserved_idx('client.subscribe')             -> 207;
+reserved_idx('client.unsubscribe')           -> 208;
+reserved_idx('client.disconnected')          -> 209;

 reserved_idx('session.created')              -> 220;
 reserved_idx('session.resumed')              -> 221;
--- a/test/emqx_channel_SUITE.erl
+++ b/test/emqx_channel_SUITE.erl
@ -120,7 +120,7 @@ t_handle_in_connect_auth_failed(_) ->
                                clean_start = true,
                                keepalive   = 30,
                                properties  = #{
-                                            'Authentication-Method' => "failed_auth_method",
+                                            'Authentication-Method' => <<"failed_auth_method">>,
                                            'Authentication-Data' => <<"failed_auth_data">>
                                            },
                                clientid    = <<"clientid">>,
@ -131,7 +131,7 @@ t_handle_in_connect_auth_failed(_) ->

 t_handle_in_continue_auth(_) ->
    Properties = #{
-                'Authentication-Method' => "failed_auth_method",
+                'Authentication-Method' => <<"failed_auth_method">>,
                'Authentication-Data' => <<"failed_auth_data">>
                },
    {shutdown, bad_authentication_method, ?CONNACK_PACKET(?RC_BAD_AUTHENTICATION_METHOD), _} =
@ -141,7 +141,7 @@ t_handle_in_continue_auth(_) ->

 t_handle_in_re_auth(_) ->
    Properties = #{
-                'Authentication-Method' => "failed_auth_method",
+                'Authentication-Method' => <<"failed_auth_method">>,
                'Authentication-Data' => <<"failed_auth_data">>
                },
    {ok, [{outgoing, ?DISCONNECT_PACKET(?RC_BAD_AUTHENTICATION_METHOD)}, {close, bad_authentication_method}], _} =