yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(authn redis): add api spec for redis authentication

This commit is contained in:
zhouzb 2021-08-06 15:22:49 +08:00
parent 3761db0525
commit f43d3e9f66
1 changed files with 90 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
apps/emqx_authn/src/emqx_authn_api.erl
View File

@ -32,7 +32,7 @@
-define(EXAMPLE_1, #{name => <<"example 1">>, -define(EXAMPLE_1, #{name => <<"example 1">>,
mechanism => <<"password-based">>, mechanism => <<"password-based">>,
server_type => <<"built-in-example">>, server_type => <<"built-in-database">>,
user_id_type => <<"username">>, user_id_type => <<"username">>,
password_hash_algorithm => #{ password_hash_algorithm => #{
name => <<"sha256">> name => <<"sha256">>
@ -76,6 +76,16 @@
salt_position => <<"prefix">> salt_position => <<"prefix">>
}). }).
-define(EXAMPLE_5, #{name => <<"example 5">>,
mechanism => <<"password-based">>,
server_type => <<"redis">>,
server => <<"127.0.0.1:6379">>,
database => 0,
query => <<"HMGET ${mqtt-username} password_hash salt">>,
password_hash_algorithm => <<"sha256">>,
salt_position => <<"prefix">>
}).
-define(ERR_RESPONSE(Desc), #{description => Desc, -define(ERR_RESPONSE(Desc), #{description => Desc,
content => #{ content => #{
'application/json' => #{ 'application/json' => #{
@ -180,6 +190,10 @@ authenticators_api() ->
mongodb => #{ mongodb => #{
summary => <<"Authentication with MongoDB">>, summary => <<"Authentication with MongoDB">>,
value => emqx_json:encode(?EXAMPLE_4) value => emqx_json:encode(?EXAMPLE_4)
},
redis => #{
summary => <<"Authentication with Redis">>,
value => emqx_json:encode(?EXAMPLE_5)
} }
} }
} }
@ -192,6 +206,7 @@ authenticators_api() ->
'application/json' => #{ 'application/json' => #{
schema => minirest:ref(<<"returned_authenticator">>), schema => minirest:ref(<<"returned_authenticator">>),
examples => #{ examples => #{
%% TODO: return full content
example1 => #{ example1 => #{
summary => <<"Example 1">>, summary => <<"Example 1">>,
value => emqx_json:encode(maps:put(id, <<"example 1">>, ?EXAMPLE_1)) value => emqx_json:encode(maps:put(id, <<"example 1">>, ?EXAMPLE_1))
@ -207,6 +222,10 @@ authenticators_api() ->
example4 => #{ example4 => #{
summary => <<"Example 4">>, summary => <<"Example 4">>,
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
},
example5 => #{
summary => <<"Example 4">>,
value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
} }
} }
} }
@ -234,6 +253,7 @@ authenticators_api() ->
, maps:put(id, <<"example 2">>, ?EXAMPLE_2) , maps:put(id, <<"example 2">>, ?EXAMPLE_2)
, maps:put(id, <<"example 3">>, ?EXAMPLE_3) , maps:put(id, <<"example 3">>, ?EXAMPLE_3)
, maps:put(id, <<"example 4">>, ?EXAMPLE_4) , maps:put(id, <<"example 4">>, ?EXAMPLE_4)
, maps:put(id, <<"example 5">>, ?EXAMPLE_5)
]) ])
} }
} }
@ -281,6 +301,10 @@ authenticators_api2() ->
example4 => #{ example4 => #{
summary => <<"Example 4">>, summary => <<"Example 4">>,
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
},
example5 => #{
summary => <<"Example 5">>,
value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
} }
} }
} }
@ -345,6 +369,10 @@ authenticators_api2() ->
example4 => #{ example4 => #{
summary => <<"Example 4">>, summary => <<"Example 4">>,
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4)) value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
},
example5 => #{
summary => <<"Example 5">>,
value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
} }
} }
} }
@ -1024,6 +1052,66 @@ definitions() ->
} }
}, },
PasswordBasedRedisDef = #{
type => object,
required => [],
properties => #{
server_type => #{
type => string,
enum => [<<"redis">>],
example => [<<"redis">>]
},
server => #{
description => <<"Mutually exclusive with the 'servers' field, only valid in standalone mode">>,
type => string,
example => <<"127.0.0.1:27017">>
},
servers => #{
description => <<"Mutually exclusive with the 'server' field, only valid in cluster and sentinel mode">>,
type => array,
items => #{
type => string
},
example => [<<"127.0.0.1:27017">>]
},
sentinel => #{
description => <<"Only valid in sentinel mode">>,
type => string
},
password => #{
type => string
},
database => #{
type => integer,
exmaple => 0
},
query => #{
type => string,
example => <<"HMGET ${mqtt-username} password_hash salt">>
},
password_hash_algorithm => #{
type => string,
enum => [<<"plain">>, <<"md5">>, <<"sha">>, <<"sha256">>, <<"sha512">>, <<"bcrypt">>],
default => <<"sha256">>,
example => <<"sha256">>
},
salt_position => #{
type => string,
enum => [<<"prefix">>, <<"suffix">>],
default => <<"prefix">>,
example => <<"prefix">>
},
pool_size => #{
type => integer,
default => 8
},
auto_reconnect => #{
type => boolean,
default => true
}
}
},
PasswordBasedHTTPServerDef = #{ PasswordBasedHTTPServerDef = #{
type => object, type => object,
required => [ server_type required => [ server_type
@ -1155,6 +1243,7 @@ definitions() ->
, #{<<"password_based_mysql">> => PasswordBasedMySQLDef} , #{<<"password_based_mysql">> => PasswordBasedMySQLDef}
, #{<<"password_based_pgsql">> => PasswordBasedPgSQLDef} , #{<<"password_based_pgsql">> => PasswordBasedPgSQLDef}
, #{<<"password_based_mongodb">> => PasswordBasedMongoDBDef} , #{<<"password_based_mongodb">> => PasswordBasedMongoDBDef}
, #{<<"password_based_redis">> => PasswordBasedRedisDef}
, #{<<"password_based_http_server">> => PasswordBasedHTTPServerDef} , #{<<"password_based_http_server">> => PasswordBasedHTTPServerDef}
, #{<<"password_hash_algorithm">> => PasswordHashAlgorithmDef} , #{<<"password_hash_algorithm">> => PasswordHashAlgorithmDef}
, #{<<"ssl">> => SSLDef} , #{<<"ssl">> => SSLDef}