##-------------------------------------------------------------------- ## HTTP Auth/ACL Plugin ##-------------------------------------------------------------------- ##-------------------------------------------------------------------- ## Authentication request. ## HTTP URL API path for authentication request ## ## Value: URL ## ## Examples: http://127.0.0.1:8991/mqtt/auth, https://[::1]:8991/mqtt/auth auth.http.auth_req = http://127.0.0.1:8991/mqtt/auth ## Value: post | get auth.http.auth_req.method = post ## It only works when method=post ## Value: json | x-www-form-urlencoded auth.http.auth_req.content_type = x-www-form-urlencoded ## Variables: ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %P: password ## - %p: sockport of server accepted ## - %C: common name of client TLS cert ## - %d: subject of client TLS cert ## ## Value: Params auth.http.auth_req.params = clientid=%c,username=%u,password=%P ##-------------------------------------------------------------------- ## Superuser request. ## HTTP URL API path for Superuser request ## ## Value: URL ## ## Examples: http://127.0.0.1:8991/mqtt/superuser, https://[::1]:8991/mqtt/superuser #auth.http.super_req = http://127.0.0.1:8991/mqtt/superuser ## Value: post | get #auth.http.super_req.method = post ## It only works when method=pos ## Value: json | x-www-form-urlencoded #auth.http.super_req.content_type = x-www-form-urlencoded ## Variables: ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %P: password ## - %p: sockport of server accepted ## - %C: common name of client TLS cert ## - %d: subject of client TLS cert ## ## Value: Params #auth.http.super_req.params = clientid=%c,username=%u ##-------------------------------------------------------------------- ## ACL request. ## HTTP URL API path for ACL request ## ## Value: URL ## ## Examples: http://127.0.0.1:8991/mqtt/acl, https://[::1]:8991/mqtt/acl auth.http.acl_req = http://127.0.0.1:8991/mqtt/acl ## Value: post | get auth.http.acl_req.method = get ## It only works when method=post ## Value: json | x-www-form-urlencoded auth.http.acl_req.content_type = x-www-form-urlencoded ## Variables: ## - %A: 1 | 2, 1 = sub, 2 = pub ## - %u: username ## - %c: clientid ## - %a: ipaddress ## - %r: protocol ## - %m: mountpoint ## - %t: topic ## ## Value: Params auth.http.acl_req.params = access=%A,username=%u,clientid=%c,ipaddr=%a,topic=%t,mountpoint=%m ##------------------------------------------------------------------------------ ## Http Reqeust options ## Time-out time for the http request, 0 is never timeout. ## ## Value: Duration ## -h: hour, e.g. '2h' for 2 hours ## -m: minute, e.g. '5m' for 5 minutes ## -s: second, e.g. '30s' for 30 seconds ## ## Default: 5s ## auth.http.request.timeout = 5s ## Connection time-out time, used during the initial request ## when the client is connecting to the server ## ## Value: Duration ## ## Default is same with the timeout option ## auth.http.request.connect_timeout = 0 ## Re-send http reuqest times ## ## Value: integer ## ## Default: 3 auth.http.request.retry_times = 5 ## The interval for re-sending the http request ## ## Value: Duration ## ## Default: 1s auth.http.request.retry_interval = 1s ## The 'Exponential Backoff' mechanism for re-sending request. The actually ## re-send time interval is `interval * backoff ^ times` ## ## Value: float ## ## Default: 2.0 auth.http.request.retry_backoff = 2.0 ##------------------------------------------------------------------------------ ## SSL options ## Path to the file containing PEM-encoded CA certificates. The CA certificates ## are used during server authentication and when building the client certificate chain. ## ## Value: File ## auth.http.ssl.cacertfile = {{ platform_etc_dir }}/certs/ca.pem ## The path to a file containing the client's certificate. ## ## Value: File ## auth.http.ssl.certfile = {{ platform_etc_dir }}/certs/client-cert.pem ## Path to a file containing the client's private PEM-encoded key. ## ## Value: File ## auth.http.ssl.keyfile = {{ platform_etc_dir }}/certs/client-key.pem ##-------------------------------------------------------------------- ## HTTP Request Headers ## ## Example: auth.http.header.Accept-Encoding = * ## ## Value: String ## auth.http.header.Accept = */*