diff --git a/apps/emqx/src/emqx_authentication.erl b/apps/emqx/src/emqx_authentication.erl
index 6dc4c4bbd..8312b312f 100644
--- a/apps/emqx/src/emqx_authentication.erl
+++ b/apps/emqx/src/emqx_authentication.erl
@@ -59,7 +59,7 @@
, move_authenticator/3
]).
-%% APIs for observer built-in-database
+%% APIs for observer built_in_database
-export([ import_users/3
, add_user/3
, delete_user/3
@@ -266,7 +266,7 @@ stop() ->
%% @doc Register authentication providers.
%% A provider is a tuple of `AuthNType' the module which implements
%% the authenticator callbacks.
-%% For example, ``[{{'password-based', redis}, emqx_authn_redis}]''
+%% For example, ``[{{'password_based', redis}, emqx_authn_redis}]''
%% NOTE: Later registered provider may override earlier registered if they
%% happen to clash the same `AuthNType'.
-spec register_providers([{authn_type(), module()}]) -> ok.
diff --git a/apps/emqx/src/emqx_schema.erl b/apps/emqx/src/emqx_schema.erl
index 94de42e31..adb2620c3 100644
--- a/apps/emqx/src/emqx_schema.erl
+++ b/apps/emqx/src/emqx_schema.erl
@@ -124,7 +124,7 @@ EMQX can be configured with:
[]: The default value, it allows *ALL* logins- one: For example
{enable:true,backend:\"built-in-database\",mechanism=\"password-based\"}
+- one: For example
{enable:true,backend:\"built_in_database\",mechanism=\"password_based\"}
- chain: An array of structs.
@@ -255,7 +255,7 @@ fields("authorization") ->
, desc => """
Default access control action if the user or client matches no ACL rules,
or if no such user or client is found by the configurable authorization
-sources such as built-in-database, an HTTP API, or a query against PostgreSQL.
+sources such as built_in_database, an HTTP API, or a query against PostgreSQL.
Find more details in 'authorization.sources' config.
"""
})}
diff --git a/apps/emqx/test/emqx_authentication_SUITE.erl b/apps/emqx/test/emqx_authentication_SUITE.erl
index 434109163..7c3a7fecd 100644
--- a/apps/emqx/test/emqx_authentication_SUITE.erl
+++ b/apps/emqx/test/emqx_authentication_SUITE.erl
@@ -40,13 +40,13 @@ roots() -> [{config, #{type => hoconsc:union([
hoconsc:ref(?MODULE, type2)])}}].
fields(type1) ->
- [ {mechanism, {enum, ['password-based']}}
- , {backend, {enum, ['built-in-database']}}
+ [ {mechanism, {enum, ['password_based']}}
+ , {backend, {enum, ['built_in_database']}}
, {enable, fun enable/1}
];
fields(type2) ->
- [ {mechanism, {enum, ['password-based']}}
+ [ {mechanism, {enum, ['password_based']}}
, {backend, {enum, ['mysql']}}
, {enable, fun enable/1}
].
@@ -117,13 +117,13 @@ t_chain(Config) when is_list(Config) ->
t_authenticator({'init', Config}) ->
- [{"auth1", {'password-based', 'built-in-database'}},
- {"auth2", {'password-based', mysql}} | Config];
+ [{"auth1", {'password_based', 'built_in_database'}},
+ {"auth2", {'password_based', mysql}} | Config];
t_authenticator(Config) when is_list(Config) ->
ChainName = 'test',
- AuthenticatorConfig1 = #{mechanism => 'password-based',
- backend => 'built-in-database',
+ AuthenticatorConfig1 = #{mechanism => 'password_based',
+ backend => 'built_in_database',
enable => true},
% Create an authenticator when the authentication chain does not exist
@@ -140,7 +140,7 @@ t_authenticator(Config) when is_list(Config) ->
AuthNType1 = ?config("auth1"),
register_provider(AuthNType1, ?MODULE),
- ID1 = <<"password-based:built-in-database">>,
+ ID1 = <<"password_based:built_in_database">>,
% CRUD of authencaticator
?assertMatch(
@@ -169,8 +169,8 @@ t_authenticator(Config) when is_list(Config) ->
% Multiple authenticators exist at the same time
AuthNType2 = ?config("auth2"),
register_provider(AuthNType2, ?MODULE),
- ID2 = <<"password-based:mysql">>,
- AuthenticatorConfig2 = #{mechanism => 'password-based',
+ ID2 = <<"password_based:mysql">>,
+ AuthenticatorConfig2 = #{mechanism => 'password_based',
backend => mysql,
enable => true},
@@ -202,7 +202,7 @@ t_authenticator({'end', Config}) ->
t_authenticate({init, Config}) ->
[{listener_id, 'tcp:default'},
- {authn_type, {'password-based', 'built-in-database'}} | Config];
+ {authn_type, {'password_based', 'built_in_database'}} | Config];
t_authenticate(Config) when is_list(Config) ->
ListenerID = ?config(listener_id),
@@ -216,8 +216,8 @@ t_authenticate(Config) when is_list(Config) ->
register_provider(AuthNType, ?MODULE),
- AuthenticatorConfig = #{mechanism => 'password-based',
- backend => 'built-in-database',
+ AuthenticatorConfig = #{mechanism => 'password_based',
+ backend => 'built_in_database',
enable => true},
?AUTHN:create_chain(ListenerID),
?assertMatch({ok, _}, ?AUTHN:create_authenticator(ListenerID, AuthenticatorConfig)),
@@ -238,8 +238,8 @@ t_authenticate({'end', Config}) ->
t_update_config({init, Config}) ->
Global = 'mqtt:global',
- AuthNType1 = {'password-based', 'built-in-database'},
- AuthNType2 = {'password-based', mysql},
+ AuthNType1 = {'password_based', 'built_in_database'},
+ AuthNType2 = {'password_based', mysql},
[{global, Global},
{"auth1", AuthNType1},
{"auth2", AuthNType2} | Config];
@@ -249,14 +249,14 @@ t_update_config(Config) when is_list(Config) ->
ok = register_provider(?config("auth1"), ?MODULE),
ok = register_provider(?config("auth2"), ?MODULE),
Global = ?config(global),
- AuthenticatorConfig1 = #{<<"mechanism">> => <<"password-based">>,
- <<"backend">> => <<"built-in-database">>,
+ AuthenticatorConfig1 = #{<<"mechanism">> => <<"password_based">>,
+ <<"backend">> => <<"built_in_database">>,
<<"enable">> => true},
- AuthenticatorConfig2 = #{<<"mechanism">> => <<"password-based">>,
+ AuthenticatorConfig2 = #{<<"mechanism">> => <<"password_based">>,
<<"backend">> => <<"mysql">>,
<<"enable">> => true},
- ID1 = <<"password-based:built-in-database">>,
- ID2 = <<"password-based:mysql">>,
+ ID1 = <<"password_based:built_in_database">>,
+ ID2 = <<"password_based:mysql">>,
?assertMatch({ok, []}, ?AUTHN:list_chains()),
@@ -391,7 +391,7 @@ t_convert_certs(Config) when is_list(Config) ->
, {<<"cacertfile">>, "cacert.pem"}
]),
- CertsDir = certs_dir(Config, [Global, <<"password-based:built-in-database">>]),
+ CertsDir = certs_dir(Config, [Global, <<"password_based:built_in_database">>]),
#{<<"ssl">> := NCerts} = convert_certs(CertsDir, #{<<"ssl">> => Certs}),
Certs2 = certs([ {<<"keyfile">>, "key.pem"}
diff --git a/apps/emqx_authn/src/emqx_authn.erl b/apps/emqx_authn/src/emqx_authn.erl
index 626adc636..f984c06ec 100644
--- a/apps/emqx_authn/src/emqx_authn.erl
+++ b/apps/emqx_authn/src/emqx_authn.erl
@@ -25,14 +25,14 @@
-include("emqx_authn.hrl").
providers() ->
- [ {{'password-based', 'built-in-database'}, emqx_authn_mnesia}
- , {{'password-based', mysql}, emqx_authn_mysql}
- , {{'password-based', postgresql}, emqx_authn_pgsql}
- , {{'password-based', mongodb}, emqx_authn_mongodb}
- , {{'password-based', redis}, emqx_authn_redis}
- , {{'password-based', 'http'}, emqx_authn_http}
+ [ {{'password_based', 'built_in_database'}, emqx_authn_mnesia}
+ , {{'password_based', mysql}, emqx_authn_mysql}
+ , {{'password_based', postgresql}, emqx_authn_pgsql}
+ , {{'password_based', mongodb}, emqx_authn_mongodb}
+ , {{'password_based', redis}, emqx_authn_redis}
+ , {{'password_based', 'http'}, emqx_authn_http}
, {jwt, emqx_authn_jwt}
- , {{scram, 'built-in-database'}, emqx_enhanced_authn_scram_mnesia}
+ , {{scram, 'built_in_database'}, emqx_enhanced_authn_scram_mnesia}
].
check_configs(C) when is_map(C) ->
diff --git a/apps/emqx_authn/src/emqx_authn_api.erl b/apps/emqx_authn/src/emqx_authn_api.erl
index 623012bee..e23dfe05f 100644
--- a/apps/emqx_authn/src/emqx_authn_api.erl
+++ b/apps/emqx_authn/src/emqx_authn_api.erl
@@ -964,21 +964,21 @@ authenticator_array_example() ->
authenticator_examples() ->
#{
- 'password-based:built-in-database' => #{
- summary => <<"Built-in password-based authentication">>,
+ 'password_based:built_in_database' => #{
+ summary => <<"Built-in password_based authentication">>,
value => #{
- mechanism => <<"password-based">>,
- backend => <<"built-in-database">>,
+ mechanism => <<"password_based">>,
+ backend => <<"built_in_database">>,
user_id_type => <<"username">>,
password_hash_algorithm => #{
name => <<"sha256">>
}
}
},
- 'password-based:http' => #{
- summary => <<"Password-based authentication through external HTTP API">>,
+ 'password_based:http' => #{
+ summary => <<"password_based authentication through external HTTP API">>,
value => #{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
backend => <<"http">>,
method => <<"post">>,
url => <<"http://127.0.0.1:18083">>,
@@ -1009,10 +1009,10 @@ authenticator_examples() ->
}
}
},
- 'password-based:mongodb' => #{
- summary => <<"Password-based authentication with MongoDB backend">>,
+ 'password_based:mongodb' => #{
+ summary => <<"password_based authentication with MongoDB backend">>,
value => #{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
backend => <<"mongodb">>,
server => <<"127.0.0.1:27017">>,
database => example,
@@ -1027,10 +1027,10 @@ authenticator_examples() ->
salt_position => <<"prefix">>
}
},
- 'password-based:redis' => #{
- summary => <<"Password-based authentication with Redis backend">>,
+ 'password_based:redis' => #{
+ summary => <<"password_based authentication with Redis backend">>,
value => #{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
backend => <<"redis">>,
server => <<"127.0.0.1:6379">>,
database => 0,
@@ -1091,10 +1091,10 @@ request_move_examples() ->
position => <<"bottom">>
}
},
- 'move_before_password-based:built-in-database' => #{
+ 'move_before_password_based:built_in_database' => #{
summary => <<"Move authenticator to the position preceding some other authenticator">>,
value => #{
- position => <<"before:password-based:built-in-database">>
+ position => <<"before:password_based:built_in_database">>
}
}
}.
diff --git a/apps/emqx_authn/src/enhanced_authn/emqx_enhanced_authn_scram_mnesia.erl b/apps/emqx_authn/src/enhanced_authn/emqx_enhanced_authn_scram_mnesia.erl
index 00c1edc5f..d7c3507e6 100644
--- a/apps/emqx_authn/src/enhanced_authn/emqx_enhanced_authn_scram_mnesia.erl
+++ b/apps/emqx_authn/src/enhanced_authn/emqx_enhanced_authn_scram_mnesia.erl
@@ -87,7 +87,7 @@ roots() -> [?CONF_NS].
fields(?CONF_NS) ->
[ {mechanism, emqx_authn_schema:mechanism('scram')}
- , {backend, emqx_authn_schema:backend('built-in-database')}
+ , {backend, emqx_authn_schema:backend('built_in_database')}
, {algorithm, fun algorithm/1}
, {iteration_count, fun iteration_count/1}
] ++ emqx_authn_schema:common_fields().
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
index 7bf9e1503..94a295f65 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_http.erl
@@ -60,7 +60,7 @@ fields(post) ->
] ++ common_fields().
common_fields() ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
, {backend, emqx_authn_schema:backend(http)}
, {url, fun url/1}
, {body, map([{fuzzy, term(), binary()}])}
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
index 7ff9e85ef..9036147ef 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mnesia.erl
@@ -93,8 +93,8 @@ namespace() -> "authn-builtin_db".
roots() -> [?CONF_NS].
fields(?CONF_NS) ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
- , {backend, emqx_authn_schema:backend('built-in-database')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
+ , {backend, emqx_authn_schema:backend('built_in_database')}
, {user_id_type, fun user_id_type/1}
, {password_hash_algorithm, fun emqx_authn_password_hashing:type_rw/1}
] ++ emqx_authn_schema:common_fields().
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
index 762813e5c..c4433bbac 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mongodb.erl
@@ -56,7 +56,7 @@ fields('sharded-cluster') ->
common_fields() ++ emqx_connector_mongo:fields(sharded).
common_fields() ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
, {backend, emqx_authn_schema:backend(mongodb)}
, {collection, fun collection/1}
, {selector, fun selector/1}
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
index 61a1cdf81..4c677719e 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl
@@ -44,7 +44,7 @@ namespace() -> "authn-mysql".
roots() -> [?CONF_NS].
fields(?CONF_NS) ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
, {backend, emqx_authn_schema:backend(mysql)}
, {password_hash_algorithm, fun emqx_authn_password_hashing:type_ro/1}
, {query, fun query/1}
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
index 7f9735349..74794c10e 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl
@@ -50,7 +50,7 @@ namespace() -> "authn-postgresql".
roots() -> [?CONF_NS].
fields(?CONF_NS) ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
, {backend, emqx_authn_schema:backend(postgresql)}
, {password_hash_algorithm, fun emqx_authn_password_hashing:type_ro/1}
, {query, fun query/1}
diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
index 19d590287..df95922d0 100644
--- a/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
+++ b/apps/emqx_authn/src/simple_authn/emqx_authn_redis.erl
@@ -56,7 +56,7 @@ fields(sentinel) ->
common_fields() ++ emqx_connector_redis:fields(sentinel).
common_fields() ->
- [ {mechanism, emqx_authn_schema:mechanism('password-based')}
+ [ {mechanism, emqx_authn_schema:mechanism('password_based')}
, {backend, emqx_authn_schema:backend(redis)}
, {cmd, fun cmd/1}
, {password_hash_algorithm, fun emqx_authn_password_hashing:type_ro/1}
diff --git a/apps/emqx_authn/test/emqx_authn_api_SUITE.erl b/apps/emqx_authn/test/emqx_authn_api_SUITE.erl
index 63c631b4b..b0164d93d 100644
--- a/apps/emqx_authn/test/emqx_authn_api_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_api_SUITE.erl
@@ -155,7 +155,7 @@ test_authenticators(PathPrefix) ->
InvalidConfig1),
?assertAuthenticatorsMatch(
- [#{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>}],
+ [#{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"http">>}],
PathPrefix ++ [?CONF_NS]).
test_authenticator(PathPrefix) ->
@@ -166,49 +166,49 @@ test_authenticator(PathPrefix) ->
ValidConfig0),
{ok, 200, _} = request(
get,
- uri(PathPrefix ++ [?CONF_NS, "password-based:http"])),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:http"])),
{ok, 404, _} = request(
get,
- uri(PathPrefix ++ [?CONF_NS, "password-based:redis"])),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:redis"])),
{ok, 404, _} = request(
put,
- uri(PathPrefix ++ [?CONF_NS, "password-based:built-in-database"]),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database"]),
emqx_authn_test_lib:built_in_database_example()),
InvalidConfig0 = ValidConfig0#{method => <<"delete">>},
{ok, 400, _} = request(
put,
- uri(PathPrefix ++ [?CONF_NS, "password-based:http"]),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
InvalidConfig0),
InvalidConfig1 = ValidConfig0#{method => <<"get">>,
headers => #{<<"content-type">> => <<"application/json">>}},
{ok, 400, _} = request(
put,
- uri(PathPrefix ++ [?CONF_NS, "password-based:http"]),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
InvalidConfig1),
ValidConfig1 = ValidConfig0#{pool_size => 9},
{ok, 200, _} = request(
put,
- uri(PathPrefix ++ [?CONF_NS, "password-based:http"]),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
ValidConfig1),
{ok, 404, _} = request(
delete,
- uri(PathPrefix ++ [?CONF_NS, "password-based:redis"])),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:redis"])),
{ok, 204, _} = request(
delete,
- uri(PathPrefix ++ [?CONF_NS, "password-based:http"])),
+ uri(PathPrefix ++ [?CONF_NS, "password_based:http"])),
?assertAuthenticatorsMatch([], PathPrefix ++ [?CONF_NS]).
test_authenticator_users(PathPrefix) ->
- UsersUri = uri(PathPrefix ++ [?CONF_NS, "password-based:built-in-database", "users"]),
+ UsersUri = uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database", "users"]),
{ok, 200, _} = request(
post,
@@ -263,7 +263,7 @@ test_authenticator_users(PathPrefix) ->
lists:usort([ UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])).
test_authenticator_user(PathPrefix) ->
- UsersUri = uri(PathPrefix ++ [?CONF_NS, "password-based:built-in-database", "users"]),
+ UsersUri = uri(PathPrefix ++ [?CONF_NS, "password_based:built_in_database", "users"]),
{ok, 200, _} = request(
post,
@@ -318,9 +318,9 @@ test_authenticator_move(PathPrefix) ->
?assertAuthenticatorsMatch(
[
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"http">>},
#{<<"mechanism">> := <<"jwt">>},
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"built_in_database">>}
],
PathPrefix ++ [?CONF_NS]),
@@ -344,12 +344,12 @@ test_authenticator_move(PathPrefix) ->
{ok, 404, _} = request(
post,
uri(PathPrefix ++ [?CONF_NS, "jwt", "move"]),
- #{position => <<"before:password-based:redis">>}),
+ #{position => <<"before:password_based:redis">>}),
{ok, 404, _} = request(
post,
uri(PathPrefix ++ [?CONF_NS, "jwt", "move"]),
- #{position => <<"before:password-based:redis">>}),
+ #{position => <<"before:password_based:redis">>}),
% Valid moves
@@ -361,8 +361,8 @@ test_authenticator_move(PathPrefix) ->
?assertAuthenticatorsMatch(
[
#{<<"mechanism">> := <<"jwt">>},
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"http">>},
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"built_in_database">>}
],
PathPrefix ++ [?CONF_NS]),
@@ -373,8 +373,8 @@ test_authenticator_move(PathPrefix) ->
?assertAuthenticatorsMatch(
[
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>},
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"http">>},
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"built_in_database">>},
#{<<"mechanism">> := <<"jwt">>}
],
PathPrefix ++ [?CONF_NS]),
@@ -382,20 +382,20 @@ test_authenticator_move(PathPrefix) ->
{ok, 204, _} = request(
post,
uri(PathPrefix ++ [?CONF_NS, "jwt", "move"]),
- #{position => <<"before:password-based:built-in-database">>}),
+ #{position => <<"before:password_based:built_in_database">>}),
?assertAuthenticatorsMatch(
[
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"http">>},
#{<<"mechanism">> := <<"jwt">>},
- #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+ #{<<"mechanism">> := <<"password_based">>, <<"backend">> := <<"built_in_database">>}
],
PathPrefix ++ [?CONF_NS]).
test_authenticator_import_users(PathPrefix) ->
ImportUri = uri(
PathPrefix ++
- [?CONF_NS, "password-based:built-in-database", "import_users"]),
+ [?CONF_NS, "password_based:built_in_database", "import_users"]),
{ok, 200, _} = request(
diff --git a/apps/emqx_authn/test/emqx_authn_http_SUITE.erl b/apps/emqx_authn/test/emqx_authn_http_SUITE.erl
index ca13bb940..c42aef019 100644
--- a/apps/emqx_authn/test/emqx_authn_http_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_http_SUITE.erl
@@ -179,7 +179,7 @@ t_update(_Config) ->
% We update with config with correct query, provider should update and work properly
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:http">>, CorrectConfig}),
+ {update_authenticator, ?GLOBAL, <<"password_based:http">>, CorrectConfig}),
{ok,_} = emqx_access_control:authenticate(?CREDENTIALS).
@@ -240,7 +240,7 @@ test_is_superuser({Kind, Value, ExpectedValue}) ->
raw_http_auth_config() ->
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
enable => <<"true">>,
backend => <<"http">>,
diff --git a/apps/emqx_authn/test/emqx_authn_https_SUITE.erl b/apps/emqx_authn/test/emqx_authn_https_SUITE.erl
index ba23c828d..481b5477c 100644
--- a/apps/emqx_authn/test/emqx_authn_https_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_https_SUITE.erl
@@ -124,7 +124,7 @@ raw_https_auth_config(SpecificSSLOpts) ->
emqx_authn_test_lib:client_ssl_cert_opts(),
#{enable => <<"true">>}),
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
enable => <<"true">>,
backend => <<"http">>,
diff --git a/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl
index 569f1503a..ff380f850 100644
--- a/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mnesia_SUITE.erl
@@ -53,8 +53,8 @@ end_per_testcase(_Case, Config) ->
t_check_schema(_Config) ->
ConfigOk = #{
- <<"mechanism">> => <<"password-based">>,
- <<"backend">> => <<"built-in-database">>,
+ <<"mechanism">> => <<"password_based">>,
+ <<"backend">> => <<"built_in_database">>,
<<"user_id_type">> => <<"username">>,
<<"password_hash_algorithm">> => #{
<<"name">> => <<"bcrypt">>,
@@ -65,8 +65,8 @@ t_check_schema(_Config) ->
hocon_tconf:check_plain(emqx_authn_mnesia, ?CONF(ConfigOk)),
ConfigNotOk = #{
- <<"mechanism">> => <<"password-based">>,
- <<"backend">> => <<"built-in-database">>,
+ <<"mechanism">> => <<"password_based">>,
+ <<"backend">> => <<"built_in_database">>,
<<"user_id_type">> => <<"username">>,
<<"password_hash_algorithm">> => #{
<<"name">> => <<"md6">>
diff --git a/apps/emqx_authn/test/emqx_authn_mongo_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mongo_SUITE.erl
index f003456ad..13e39dcd8 100644
--- a/apps/emqx_authn/test/emqx_authn_mongo_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mongo_SUITE.erl
@@ -177,7 +177,7 @@ t_update(_Config) ->
% We update with config with correct selector, provider should update and work properly
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:mongodb">>, CorrectConfig}),
+ {update_authenticator, ?GLOBAL, <<"password_based:mongodb">>, CorrectConfig}),
{ok,_} = emqx_access_control:authenticate(
#{username => <<"plain">>,
@@ -238,7 +238,7 @@ test_is_superuser({Value, ExpectedValue}) ->
raw_mongo_auth_config() ->
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
@@ -309,7 +309,8 @@ user_seeds() ->
#{data => #{
username => <<"bcrypt">>,
- password_hash => <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
+ password_hash =>
+ <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
salt => <<"$2b$12$wtY3h20mUjjmeaClpqZVve">>,
is_superuser => 0
},
@@ -325,7 +326,8 @@ user_seeds() ->
#{data => #{
username => <<"bcrypt0">>,
- password_hash => <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
+ password_hash =>
+ <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
salt => <<"$2b$12$wtY3h20mUjjmeaClpqZVve">>,
is_superuser => <<"0">>
},
@@ -343,7 +345,8 @@ user_seeds() ->
#{data => #{
username => <<"bcrypt1">>,
- password_hash => <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
+ password_hash =>
+ <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
salt => <<"$2b$12$wtY3h20mUjjmeaClpqZVve">>,
is_superuser => <<"0">>
},
@@ -360,7 +363,8 @@ user_seeds() ->
#{data => #{
username => <<"bcrypt2">>,
- password_hash => <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
+ password_hash =>
+ <<"$2b$12$wtY3h20mUjjmeaClpqZVveDWGlHzCGsvuThMlneGHA7wVeFYyns2u">>,
salt => <<"$2b$12$wtY3h20mUjjmeaClpqZVve">>,
is_superuser => <<"0">>
},
diff --git a/apps/emqx_authn/test/emqx_authn_mongo_tls_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mongo_tls_SUITE.erl
index 8ad0caa6d..8c612bd20 100644
--- a/apps/emqx_authn/test/emqx_authn_mongo_tls_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mongo_tls_SUITE.erl
@@ -151,7 +151,7 @@ raw_mongo_auth_config(SpecificSSLOpts) ->
emqx_authn_test_lib:client_ssl_cert_opts(),
#{enable => <<"true">>}),
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
index b83f710f1..cb8933b40 100644
--- a/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mysql_SUITE.erl
@@ -28,7 +28,7 @@
-define(MYSQL_RESOURCE, <<"emqx_authn_mysql_SUITE">>).
-define(PATH, [authentication]).
--define(ResourceID, <<"password-based:mysql">>).
+-define(ResourceID, <<"password_based:mysql">>).
all() ->
[{group, require_seeds}, t_create, t_create_invalid].
@@ -190,7 +190,7 @@ t_update(_Config) ->
% We update with config with correct query, provider should update and work properly
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:mysql">>, CorrectConfig}),
+ {update_authenticator, ?GLOBAL, <<"password_based:mysql">>, CorrectConfig}),
{ok,_} = emqx_access_control:authenticate(
#{username => <<"plain">>,
@@ -205,7 +205,7 @@ t_update(_Config) ->
raw_mysql_auth_config() ->
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_mysql_tls_SUITE.erl b/apps/emqx_authn/test/emqx_authn_mysql_tls_SUITE.erl
index 51bf9d235..e1404eb60 100644
--- a/apps/emqx_authn/test/emqx_authn_mysql_tls_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_mysql_tls_SUITE.erl
@@ -27,7 +27,7 @@
-define(MYSQL_HOST, "mysql-tls").
-define(PATH, [authentication]).
--define(ResourceID, <<"password-based:mysql">>).
+-define(ResourceID, <<"password_based:mysql">>).
all() ->
emqx_common_test_helpers:all(?MODULE).
@@ -116,7 +116,7 @@ raw_mysql_auth_config(SpecificSSLOpts) ->
emqx_authn_test_lib:client_ssl_cert_opts(),
#{enable => <<"true">>}),
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_pgsql_SUITE.erl b/apps/emqx_authn/test/emqx_authn_pgsql_SUITE.erl
index 572e45f00..4b5606735 100644
--- a/apps/emqx_authn/test/emqx_authn_pgsql_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_pgsql_SUITE.erl
@@ -27,7 +27,7 @@
-define(PGSQL_HOST, "pgsql").
-define(PGSQL_RESOURCE, <<"emqx_authn_pgsql_SUITE">>).
--define(ResourceID, <<"password-based:postgresql">>).
+-define(ResourceID, <<"password_based:postgresql">>).
-define(PATH, [authentication]).
@@ -191,7 +191,7 @@ t_update(_Config) ->
% We update with config with correct query, provider should update and work properly
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:postgresql">>, CorrectConfig}),
+ {update_authenticator, ?GLOBAL, <<"password_based:postgresql">>, CorrectConfig}),
{ok,_} = emqx_access_control:authenticate(
#{username => <<"plain">>,
@@ -243,7 +243,7 @@ test_is_superuser({Field, Value, ExpectedValue}) ->
Config = maps:put(query, Query, raw_pgsql_auth_config()),
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:postgresql">>, Config}),
+ {update_authenticator, ?GLOBAL, <<"password_based:postgresql">>, Config}),
Credentials = #{
listener => 'tcp:default',
@@ -262,7 +262,7 @@ test_is_superuser({Field, Value, ExpectedValue}) ->
raw_pgsql_auth_config() ->
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_pgsql_tls_SUITE.erl b/apps/emqx_authn/test/emqx_authn_pgsql_tls_SUITE.erl
index 591dd1eea..0039b7239 100644
--- a/apps/emqx_authn/test/emqx_authn_pgsql_tls_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_pgsql_tls_SUITE.erl
@@ -27,7 +27,7 @@
-define(PGSQL_HOST, "pgsql-tls").
-define(PATH, [authentication]).
--define(ResourceID, <<"password-based:postgresql">>).
+-define(ResourceID, <<"password_based:postgresql">>).
all() ->
emqx_common_test_helpers:all(?MODULE).
@@ -116,7 +116,7 @@ raw_pgsql_auth_config(SpecificSSLOpts) ->
emqx_authn_test_lib:client_ssl_cert_opts(),
#{enable => <<"true">>}),
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_redis_SUITE.erl b/apps/emqx_authn/test/emqx_authn_redis_SUITE.erl
index fcc00612e..2cf476be7 100644
--- a/apps/emqx_authn/test/emqx_authn_redis_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_redis_SUITE.erl
@@ -28,7 +28,7 @@
-define(REDIS_RESOURCE, <<"emqx_authn_redis_SUITE">>).
-define(PATH, [authentication]).
--define(ResourceID, <<"password-based:redis">>).
+-define(ResourceID, <<"password_based:redis">>).
all() ->
[{group, require_seeds}, t_create, t_create_invalid].
@@ -207,7 +207,7 @@ t_update(_Config) ->
% We update with config with correct query, provider should update and work properly
{ok, _} = emqx:update_config(
?PATH,
- {update_authenticator, ?GLOBAL, <<"password-based:redis">>, CorrectConfig}),
+ {update_authenticator, ?GLOBAL, <<"password_based:redis">>, CorrectConfig}),
{ok,_} = emqx_access_control:authenticate(
#{username => <<"plain">>,
@@ -222,7 +222,7 @@ t_update(_Config) ->
raw_redis_auth_config() ->
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_redis_tls_SUITE.erl b/apps/emqx_authn/test/emqx_authn_redis_tls_SUITE.erl
index 670088e08..177877e25 100644
--- a/apps/emqx_authn/test/emqx_authn_redis_tls_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_authn_redis_tls_SUITE.erl
@@ -114,7 +114,7 @@ raw_redis_auth_config(SpecificSSLOpts) ->
emqx_authn_test_lib:client_ssl_cert_opts(),
#{enable => <<"true">>}),
#{
- mechanism => <<"password-based">>,
+ mechanism => <<"password_based">>,
password_hash_algorithm => #{name => <<"plain">>,
salt_position => <<"suffix">>},
enable => <<"true">>,
diff --git a/apps/emqx_authn/test/emqx_authn_test_lib.erl b/apps/emqx_authn/test/emqx_authn_test_lib.erl
index 357d8b05b..affa4aa77 100644
--- a/apps/emqx_authn/test/emqx_authn_test_lib.erl
+++ b/apps/emqx_authn/test/emqx_authn_test_lib.erl
@@ -26,10 +26,10 @@ authenticator_example(Id) ->
Example.
http_example() ->
- authenticator_example('password-based:http').
+ authenticator_example('password_based:http').
built_in_database_example() ->
- authenticator_example('password-based:built-in-database').
+ authenticator_example('password_based:built_in_database').
jwt_example() ->
authenticator_example(jwt).
diff --git a/apps/emqx_authn/test/emqx_enhanced_authn_scram_mnesia_SUITE.erl b/apps/emqx_authn/test/emqx_enhanced_authn_scram_mnesia_SUITE.erl
index 456432e98..55d1f21f1 100644
--- a/apps/emqx_authn/test/emqx_enhanced_authn_scram_mnesia_SUITE.erl
+++ b/apps/emqx_authn/test/emqx_enhanced_authn_scram_mnesia_SUITE.erl
@@ -58,7 +58,7 @@ end_per_testcase(_Case, Config) ->
t_create(_Config) ->
ValidConfig = #{
<<"mechanism">> => <<"scram">>,
- <<"backend">> => <<"built-in-database">>,
+ <<"backend">> => <<"built_in_database">>,
<<"algorithm">> => <<"sha512">>,
<<"iteration_count">> => <<"4096">>
},
@@ -73,7 +73,7 @@ t_create(_Config) ->
t_create_invalid(_Config) ->
InvalidConfig = #{
<<"mechanism">> => <<"scram">>,
- <<"backend">> => <<"built-in-database">>,
+ <<"backend">> => <<"built_in_database">>,
<<"algorithm">> => <<"sha271828">>,
<<"iteration_count">> => <<"4096">>
},
@@ -339,7 +339,7 @@ test_is_superuser(UserInfo, ExpectedIsSuperuser) ->
config() ->
#{
mechanism => <<"scram">>,
- backend => <<"built-in-database">>,
+ backend => <<"built_in_database">>,
algorithm => sha512,
iteration_count => 4096
}.
@@ -347,7 +347,7 @@ config() ->
raw_config(Algorithm) ->
#{
<<"mechanism">> => <<"scram">>,
- <<"backend">> => <<"built-in-database">>,
+ <<"backend">> => <<"built_in_database">>,
<<"algorithm">> => atom_to_binary(Algorithm),
<<"iteration_count">> => <<"4096">>
}.
diff --git a/apps/emqx_authz/etc/emqx_authz.conf b/apps/emqx_authz/etc/emqx_authz.conf
index 5bb6ab841..082f60ae0 100644
--- a/apps/emqx_authz/etc/emqx_authz.conf
+++ b/apps/emqx_authz/etc/emqx_authz.conf
@@ -56,7 +56,7 @@ authorization {
# selector: { "$or": [ { "username": "${username}" }, { "clientid": "${clientid}" } ] }
# },
{
- type: built-in-database
+ type: built_in_database
},
{
type: file
diff --git a/apps/emqx_authz/src/emqx_authz.erl b/apps/emqx_authz/src/emqx_authz.erl
index 2b8865725..a51e78719 100644
--- a/apps/emqx_authz/src/emqx_authz.erl
+++ b/apps/emqx_authz/src/emqx_authz.erl
@@ -111,11 +111,14 @@ lookup(Type) ->
Source.
move(Type, #{<<"before">> := Before}) ->
- emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))});
+ emqx_authz_utils:update_config(
+ ?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_BEFORE(type(Before))});
move(Type, #{<<"after">> := After}) ->
- emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))});
+ emqx_authz_utils:update_config(
+ ?CONF_KEY_PATH, {?CMD_MOVE, type(Type), ?CMD_MOVE_AFTER(type(After))});
move(Type, Position) ->
- emqx_authz_utils:update_config(?CONF_KEY_PATH, {?CMD_MOVE, type(Type), Position}).
+ emqx_authz_utils:update_config(
+ ?CONF_KEY_PATH, {?CMD_MOVE, type(Type), Position}).
update({?CMD_REPLACE, Type}, Sources) ->
emqx_authz_utils:update_config(?CONF_KEY_PATH, {{?CMD_REPLACE, type(Type)}, Sources});
@@ -341,7 +344,7 @@ find_action_in_hooks() ->
[Action] = [Action || {callback,{?MODULE, authorize, _} = Action, _, _} <- Callbacks ],
Action.
-authz_module('built-in-database') ->
+authz_module('built_in_database') ->
emqx_authz_mnesia;
authz_module(Type) ->
list_to_existing_atom("emqx_authz_" ++ atom_to_list(Type)).
@@ -360,8 +363,8 @@ type(redis) -> redis;
type(<<"redis">>) -> redis;
type(postgresql) -> postgresql;
type(<<"postgresql">>) -> postgresql;
-type('built-in-database') -> 'built-in-database';
-type(<<"built-in-database">>) -> 'built-in-database';
+type('built_in_database') -> 'built_in_database';
+type(<<"built_in_database">>) -> 'built_in_database';
%% should never happen if the input is type-checked by hocon schema
type(Unknown) -> error({unknown_authz_source_type, Unknown}).
diff --git a/apps/emqx_authz/src/emqx_authz_api_mnesia.erl b/apps/emqx_authz/src/emqx_authz_api_mnesia.erl
index fd4f5a9e3..12459d684 100644
--- a/apps/emqx_authz/src/emqx_authz_api_mnesia.erl
+++ b/apps/emqx_authz/src/emqx_authz_api_mnesia.erl
@@ -65,18 +65,18 @@ api_spec() ->
emqx_dashboard_swagger:spec(?MODULE, #{check_schema => true}).
paths() ->
- [ "/authorization/sources/built-in-database/username"
- , "/authorization/sources/built-in-database/clientid"
- , "/authorization/sources/built-in-database/username/:username"
- , "/authorization/sources/built-in-database/clientid/:clientid"
- , "/authorization/sources/built-in-database/all"
- , "/authorization/sources/built-in-database/purge-all"].
+ [ "/authorization/sources/built_in_database/username"
+ , "/authorization/sources/built_in_database/clientid"
+ , "/authorization/sources/built_in_database/username/:username"
+ , "/authorization/sources/built_in_database/clientid/:clientid"
+ , "/authorization/sources/built_in_database/all"
+ , "/authorization/sources/built_in_database/purge-all"].
%%--------------------------------------------------------------------
%% Schema for each URI
%%--------------------------------------------------------------------
-schema("/authorization/sources/built-in-database/username") ->
+schema("/authorization/sources/built_in_database/username") ->
#{ 'operationId' => users
, get =>
#{ tags => [<<"authorization">>]
@@ -106,7 +106,7 @@ schema("/authorization/sources/built-in-database/username") ->
}
}
};
-schema("/authorization/sources/built-in-database/clientid") ->
+schema("/authorization/sources/built_in_database/clientid") ->
#{ 'operationId' => clients
, get =>
#{ tags => [<<"authorization">>]
@@ -138,7 +138,7 @@ schema("/authorization/sources/built-in-database/clientid") ->
}
}
};
-schema("/authorization/sources/built-in-database/username/:username") ->
+schema("/authorization/sources/built_in_database/username/:username") ->
#{ 'operationId' => user
, get =>
#{ tags => [<<"authorization">>]
@@ -176,7 +176,7 @@ schema("/authorization/sources/built-in-database/username/:username") ->
}
}
};
-schema("/authorization/sources/built-in-database/clientid/:clientid") ->
+schema("/authorization/sources/built_in_database/clientid/:clientid") ->
#{ 'operationId' => client
, get =>
#{ tags => [<<"authorization">>]
@@ -214,7 +214,7 @@ schema("/authorization/sources/built-in-database/clientid/:clientid") ->
}
}
};
-schema("/authorization/sources/built-in-database/all") ->
+schema("/authorization/sources/built_in_database/all") ->
#{ 'operationId' => all
, get =>
#{ tags => [<<"authorization">>]
@@ -235,7 +235,7 @@ schema("/authorization/sources/built-in-database/all") ->
}
}
};
-schema("/authorization/sources/built-in-database/purge-all") ->
+schema("/authorization/sources/built_in_database/purge-all") ->
#{ 'operationId' => purge
, delete =>
#{ tags => [<<"authorization">>]
@@ -389,17 +389,17 @@ all(post, #{body := #{<<"rules">> := Rules}}) ->
{204}.
purge(delete, _) ->
- case emqx_authz_api_sources:get_raw_source(<<"built-in-database">>) of
+ case emqx_authz_api_sources:get_raw_source(<<"built_in_database">>) of
[#{<<"enable">> := false}] ->
ok = emqx_authz_mnesia:purge_rules(),
{204};
[#{<<"enable">> := true}] ->
{400, #{code => <<"BAD_REQUEST">>,
message =>
- <<"'built-in-database' type source must be disabled before purge.">>}};
+ <<"'built_in_database' type source must be disabled before purge.">>}};
[] ->
{404, #{code => <<"BAD_REQUEST">>,
- message => <<"'built-in-database' type source is not found.">>
+ message => <<"'built_in_database' type source is not found.">>
}}
end.
@@ -513,7 +513,7 @@ rules_example({ExampleName, ExampleType}) ->
[Example]
end,
#{
- 'password-based:built-in-database' => #{
+ 'password_based:built_in_database' => #{
summary => Summary,
value => Value
}
diff --git a/apps/emqx_authz/src/emqx_authz_api_schema.erl b/apps/emqx_authz/src/emqx_authz_api_schema.erl
index 663de11ad..8cfcf3033 100644
--- a/apps/emqx_authz/src/emqx_authz_api_schema.erl
+++ b/apps/emqx_authz/src/emqx_authz_api_schema.erl
@@ -35,8 +35,8 @@ fields(http) ->
++ maps:to_list(maps:without([ base_url
, pool_type],
maps:from_list(emqx_connector_http:fields(config))));
-fields('built-in-database') ->
- authz_common_fields('built-in-database');
+fields('built_in_database') ->
+ authz_common_fields('built_in_database');
fields(mongo_single) ->
authz_mongo_common_fields()
++ emqx_connector_mongo:fields(single);
@@ -170,7 +170,7 @@ authz_sources_types(Type) ->
end
++
[ http
- , 'built-in-database'
+ , 'built_in_database'
, mysql
, postgresql
, file].
diff --git a/apps/emqx_authz/src/emqx_authz_mnesia.erl b/apps/emqx_authz/src/emqx_authz_mnesia.erl
index 72c33c4b8..9f4e0ffeb 100644
--- a/apps/emqx_authz/src/emqx_authz_mnesia.erl
+++ b/apps/emqx_authz/src/emqx_authz_mnesia.erl
@@ -94,7 +94,7 @@ dry_run(_Source) -> ok.
authorize(#{username := Username,
clientid := Clientid
- } = Client, PubSub, Topic, #{type := 'built-in-database'}) ->
+ } = Client, PubSub, Topic, #{type := 'built_in_database'}) ->
Rules = case mnesia:dirty_read(?ACL_TABLE, {?ACL_TABLE_CLIENTID, Clientid}) of
[] -> [];
diff --git a/apps/emqx_authz/src/emqx_authz_schema.erl b/apps/emqx_authz/src/emqx_authz_schema.erl
index a44361fad..27510e9ed 100644
--- a/apps/emqx_authz/src/emqx_authz_schema.erl
+++ b/apps/emqx_authz/src/emqx_authz_schema.erl
@@ -113,7 +113,7 @@ fields(http_post) ->
, {headers, fun headers/1}
] ++ http_common_fields();
fields(mnesia) ->
- [ {type, #{type => 'built-in-database'}}
+ [ {type, #{type => 'built_in_database'}}
, {enable, #{type => boolean(),
default => true}}
];
diff --git a/apps/emqx_authz/test/emqx_authz_api_mnesia_SUITE.erl b/apps/emqx_authz/test/emqx_authz_api_mnesia_SUITE.erl
index 73dfb98fa..bf057c4ad 100644
--- a/apps/emqx_authz/test/emqx_authz_api_mnesia_SUITE.erl
+++ b/apps/emqx_authz/test/emqx_authz_api_mnesia_SUITE.erl
@@ -62,7 +62,7 @@ set_special_configs(emqx_authz) ->
{ok, _} = emqx:update_config([authorization, cache, enable], false),
{ok, _} = emqx:update_config([authorization, no_match], deny),
{ok, _} = emqx:update_config([authorization, sources],
- [#{<<"type">> => <<"built-in-database">>}]),
+ [#{<<"type">> => <<"built_in_database">>}]),
ok;
set_special_configs(_App) ->
ok.
@@ -74,12 +74,12 @@ set_special_configs(_App) ->
t_api(_) ->
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "username"])
+ , uri(["authorization", "sources", "built_in_database", "username"])
, [?USERNAME_RULES_EXAMPLE]),
{ok, 200, Request1} =
request( get
- , uri(["authorization", "sources", "built-in-database", "username"])
+ , uri(["authorization", "sources", "built_in_database", "username"])
, []),
#{<<"data">> := [#{<<"username">> := <<"user1">>, <<"rules">> := Rules1}],
<<"meta">> := #{<<"count">> := 1,
@@ -91,7 +91,7 @@ t_api(_) ->
request( get
, uri([ "authorization"
, "sources"
- , "built-in-database"
+ , "built_in_database"
, "username?page=1&limit=20&like_username=noexist"])
, []),
#{<<"data">> := [],
@@ -102,47 +102,47 @@ t_api(_) ->
{ok, 200, Request2} =
request( get
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, []),
#{<<"username">> := <<"user1">>, <<"rules">> := Rules1} = jsx:decode(Request2),
{ok, 204, _} =
request( put
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, ?USERNAME_RULES_EXAMPLE#{rules => []}),
{ok, 200, Request3} =
request( get
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, []),
#{<<"username">> := <<"user1">>, <<"rules">> := Rules2} = jsx:decode(Request3),
?assertEqual(0, length(Rules2)),
{ok, 204, _} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, []),
{ok, 404, _} =
request( get
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, []),
{ok, 404, _} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "username", "user1"])
+ , uri(["authorization", "sources", "built_in_database", "username", "user1"])
, []),
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "clientid"])
+ , uri(["authorization", "sources", "built_in_database", "clientid"])
, [?CLIENTID_RULES_EXAMPLE]),
{ok, 200, Request4} =
request( get
- , uri(["authorization", "sources", "built-in-database", "clientid"])
+ , uri(["authorization", "sources", "built_in_database", "clientid"])
, []),
{ok, 200, Request5} =
request( get
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, []),
#{<<"data">> := [#{<<"clientid">> := <<"client1">>, <<"rules">> := Rules3}],
<<"meta">> := #{<<"count">> := 1, <<"limit">> := 100, <<"page">> := 1}}
@@ -152,97 +152,97 @@ t_api(_) ->
{ok, 204, _} =
request( put
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, ?CLIENTID_RULES_EXAMPLE#{rules => []}),
{ok, 200, Request6} =
request( get
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, []),
#{<<"clientid">> := <<"client1">>, <<"rules">> := Rules4} = jsx:decode(Request6),
?assertEqual(0, length(Rules4)),
{ok, 204, _} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, []),
{ok, 404, _} =
request( get
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, []),
{ok, 404, _} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "clientid", "client1"])
+ , uri(["authorization", "sources", "built_in_database", "clientid", "client1"])
, []),
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "all"])
+ , uri(["authorization", "sources", "built_in_database", "all"])
, ?ALL_RULES_EXAMPLE),
{ok, 200, Request7} =
request( get
- , uri(["authorization", "sources", "built-in-database", "all"])
+ , uri(["authorization", "sources", "built_in_database", "all"])
, []),
#{<<"rules">> := Rules5} = jsx:decode(Request7),
?assertEqual(3, length(Rules5)),
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "all"])
+ , uri(["authorization", "sources", "built_in_database", "all"])
, ?ALL_RULES_EXAMPLE#{rules => []}),
{ok, 200, Request8} =
request( get
- , uri(["authorization", "sources", "built-in-database", "all"])
+ , uri(["authorization", "sources", "built_in_database", "all"])
, []),
#{<<"rules">> := Rules6} = jsx:decode(Request8),
?assertEqual(0, length(Rules6)),
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "username"])
+ , uri(["authorization", "sources", "built_in_database", "username"])
, [ #{username => erlang:integer_to_binary(N), rules => []}
|| N <- lists:seq(1, 20) ]),
{ok, 200, Request9} =
request( get
- , uri(["authorization", "sources", "built-in-database", "username?page=2&limit=5"])
+ , uri(["authorization", "sources", "built_in_database", "username?page=2&limit=5"])
, []),
#{<<"data">> := Data1} = jsx:decode(Request9),
?assertEqual(5, length(Data1)),
{ok, 204, _} =
request( post
- , uri(["authorization", "sources", "built-in-database", "clientid"])
+ , uri(["authorization", "sources", "built_in_database", "clientid"])
, [ #{clientid => erlang:integer_to_binary(N), rules => []}
|| N <- lists:seq(1, 20) ]),
{ok, 200, Request10} =
request( get
- , uri(["authorization", "sources", "built-in-database", "clientid?limit=5"])
+ , uri(["authorization", "sources", "built_in_database", "clientid?limit=5"])
, []),
#{<<"data">> := Data2} = jsx:decode(Request10),
?assertEqual(5, length(Data2)),
{ok, 400, Msg1} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "purge-all"])
+ , uri(["authorization", "sources", "built_in_database", "purge-all"])
, []),
?assertMatch({match, _}, re:run(Msg1, "must\sbe\sdisabled\sbefore")),
{ok, 204, _} =
request( put
- , uri(["authorization", "sources", "built-in-database"])
+ , uri(["authorization", "sources", "built_in_database"])
, #{<<"enable">> => true}),
%% test idempotence
{ok, 204, _} =
request( put
- , uri(["authorization", "sources", "built-in-database"])
+ , uri(["authorization", "sources", "built_in_database"])
, #{<<"enable">> => true}),
{ok, 204, _} =
request( put
- , uri(["authorization", "sources", "built-in-database"])
+ , uri(["authorization", "sources", "built_in_database"])
, #{<<"enable">> => false}),
{ok, 204, _} =
request( delete
- , uri(["authorization", "sources", "built-in-database", "purge-all"])
+ , uri(["authorization", "sources", "built_in_database", "purge-all"])
, []),
?assertEqual(0, emqx_authz_mnesia:record_count()),
ok.
diff --git a/apps/emqx_authz/test/emqx_authz_mnesia_SUITE.erl b/apps/emqx_authz/test/emqx_authz_mnesia_SUITE.erl
index 804249966..0f926f1bd 100644
--- a/apps/emqx_authz/test/emqx_authz_mnesia_SUITE.erl
+++ b/apps/emqx_authz/test/emqx_authz_mnesia_SUITE.erl
@@ -125,7 +125,7 @@ t_normalize_rules(_Config) ->
raw_mnesia_authz_config() ->
#{
<<"enable">> => <<"true">>,
- <<"type">> => <<"built-in-database">>
+ <<"type">> => <<"built_in_database">>
}.
setup_client_samples(ClientInfo, Samples, Key) ->
diff --git a/apps/emqx_conf/etc/emqx_conf.md b/apps/emqx_conf/etc/emqx_conf.md
index 837638d91..9f5c0d8dd 100644
--- a/apps/emqx_conf/etc/emqx_conf.md
+++ b/apps/emqx_conf/etc/emqx_conf.md
@@ -196,7 +196,7 @@ e.g. `authentication.1={...}` is parsed as `authentication={"1": {...}}`
Indexed-map arrays can be used to override list arrays:
```
-authentication=[{enable=true, backend="built-in-database", mechanism="password-based"}]
+authentication=[{enable=true, backend="built_in_database", mechanism="password_based"}]
# we can disable this authentication provider with:
authentication.1.enable=false
```
@@ -204,7 +204,7 @@ However, list arrays do not get recursively merged into indexed-map arrays.
e.g.
```
-authentication=[{enable=true, backend="built-in-database", mechanism="password-based"}]
+authentication=[{enable=true, backend="built_in_database", mechanism="password_based"}]
## below value will replace the whole array, but not to override just one field.
authentication=[{enable=true}]
```
diff --git a/apps/emqx_conf/src/emqx_conf_schema.erl b/apps/emqx_conf/src/emqx_conf_schema.erl
index cc97830fd..1102facf1 100644
--- a/apps/emqx_conf/src/emqx_conf_schema.erl
+++ b/apps/emqx_conf/src/emqx_conf_schema.erl
@@ -959,7 +959,7 @@ In EMQX, MQTT client access control is extremely flexible.
An out-of-the-box set of authorization data sources are supported.
For example,
'file' source is to support concise and yet generic ACL rules in a file;
-'built-in-database' source can be used to store per-client customizable rule sets,
+'built_in_database' source can be used to store per-client customizable rule sets,
natively in the EMQX node;
'http' source to make EMQX call an external HTTP API to make the decision;
'PostgreSQL' etc. to look up clients or rules from external databases;
diff --git a/apps/emqx_gateway/etc/emqx_gateway.conf.example b/apps/emqx_gateway/etc/emqx_gateway.conf.example
index 50cd1e2ca..09c1e9426 100644
--- a/apps/emqx_gateway/etc/emqx_gateway.conf.example
+++ b/apps/emqx_gateway/etc/emqx_gateway.conf.example
@@ -27,8 +27,8 @@ gateway.stomp {
}
authentication: {
- mechanism = password-based
- backend = built-in-database
+ mechanism = password_based
+ backend = built_in_database
user_id_type = clientid
}
@@ -43,8 +43,8 @@ gateway.stomp {
]
authentication: {
- mechanism = password-based
- backend = built-in-database
+ mechanism = password_based
+ backend = built_in_database
user_id_type = username
}
diff --git a/apps/emqx_gateway/src/emqx_gateway_api_listeners.erl b/apps/emqx_gateway/src/emqx_gateway_api_listeners.erl
index 8b8ab6fd2..61285082f 100644
--- a/apps/emqx_gateway/src/emqx_gateway_api_listeners.erl
+++ b/apps/emqx_gateway/src/emqx_gateway_api_listeners.erl
@@ -709,8 +709,8 @@ examples_listener() ->
, max_connections => 1024000
, max_conn_rate => 1000
, authentication =>
- #{ backend => <<"built-in-database">>
- , mechanism => <<"password-based">>
+ #{ backend => <<"built_in_database">>
+ , mechanism => <<"password_based">>
, password_hash_algorithm =>
#{ name => <<"sha256">>
}
diff --git a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl
index 7fb611e9a..dab5962df 100644
--- a/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl
+++ b/apps/emqx_gateway/test/emqx_gateway_api_SUITE.erl
@@ -190,8 +190,8 @@ t_authn(_) ->
{201, _} = request(post, "/gateway", GwConf),
{204, _} = request(get, "/gateway/stomp/authentication"),
- AuthConf = #{mechanism => <<"password-based">>,
- backend => <<"built-in-database">>,
+ AuthConf = #{mechanism => <<"password_based">>,
+ backend => <<"built_in_database">>,
user_id_type => <<"clientid">>
},
{201, _} = request(post, "/gateway/stomp/authentication", AuthConf),
@@ -213,8 +213,8 @@ t_authn_data_mgmt(_) ->
{201, _} = request(post, "/gateway", GwConf),
{204, _} = request(get, "/gateway/stomp/authentication"),
- AuthConf = #{mechanism => <<"password-based">>,
- backend => <<"built-in-database">>,
+ AuthConf = #{mechanism => <<"password_based">>,
+ backend => <<"built_in_database">>,
user_id_type => <<"clientid">>
},
{201, _} = request(post, "/gateway/stomp/authentication", AuthConf),
@@ -291,8 +291,8 @@ t_listeners_authn(_) ->
{200, ConfResp} = request(get, "/gateway/stomp"),
assert_confs(GwConf, ConfResp),
- AuthConf = #{mechanism => <<"password-based">>,
- backend => <<"built-in-database">>,
+ AuthConf = #{mechanism => <<"password_based">>,
+ backend => <<"built_in_database">>,
user_id_type => <<"clientid">>
},
Path = "/gateway/stomp/listeners/stomp:tcp:def/authentication",
@@ -322,8 +322,8 @@ t_listeners_authn_data_mgmt(_) ->
{200, ConfResp} = request(get, "/gateway/stomp"),
assert_confs(GwConf, ConfResp),
- AuthConf = #{mechanism => <<"password-based">>,
- backend => <<"built-in-database">>,
+ AuthConf = #{mechanism => <<"password_based">>,
+ backend => <<"built_in_database">>,
user_id_type => <<"clientid">>
},
Path = "/gateway/stomp/listeners/stomp:tcp:def/authentication",
diff --git a/apps/emqx_gateway/test/emqx_gateway_conf_SUITE.erl b/apps/emqx_gateway/test/emqx_gateway_conf_SUITE.erl
index 15fac5c3d..bc34da123 100644
--- a/apps/emqx_gateway/test/emqx_gateway_conf_SUITE.erl
+++ b/apps/emqx_gateway/test/emqx_gateway_conf_SUITE.erl
@@ -226,13 +226,13 @@ asClqpnHT8/VJYTD7Kqj0fouTTZf0zkig/y+2XERppd8k+pSKjUCPQ==
}
}).
-define(CONF_STOMP_AUTHN_1,
- #{ <<"mechanism">> => <<"password-based">>,
- <<"backend">> => <<"built-in-database">>,
+ #{ <<"mechanism">> => <<"password_based">>,
+ <<"backend">> => <<"built_in_database">>,
<<"user_id_type">> => <<"clientid">>
}).
-define(CONF_STOMP_AUTHN_2,
- #{ <<"mechanism">> => <<"password-based">>,
- <<"backend">> => <<"built-in-database">>,
+ #{ <<"mechanism">> => <<"password_based">>,
+ <<"backend">> => <<"built_in_database">>,
<<"user_id_type">> => <<"username">>
}).