125 lines
3.5 KiB
Erlang
125 lines
3.5 KiB
Erlang
%%--------------------------------------------------------------------
|
|
%% Copyright (c) 2020-2023 EMQ Technologies Co., Ltd. All Rights Reserved.
|
|
%%
|
|
%% Licensed under the Apache License, Version 2.0 (the "License");
|
|
%% you may not use this file except in compliance with the License.
|
|
%% You may obtain a copy of the License at
|
|
%%
|
|
%% http://www.apache.org/licenses/LICENSE-2.0
|
|
%%
|
|
%% Unless required by applicable law or agreed to in writing, software
|
|
%% distributed under the License is distributed on an "AS IS" BASIS,
|
|
%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
%% See the License for the specific language governing permissions and
|
|
%% limitations under the License.
|
|
%%--------------------------------------------------------------------
|
|
|
|
-module(emqx_authn_mongodb_schema).
|
|
|
|
-include("emqx_auth_mongodb.hrl").
|
|
-include_lib("hocon/include/hoconsc.hrl").
|
|
|
|
-behaviour(emqx_authn_schema).
|
|
|
|
-export([
|
|
fields/1,
|
|
desc/1,
|
|
refs/0,
|
|
select_union_member/1
|
|
]).
|
|
|
|
refs() ->
|
|
[
|
|
?R_REF(mongo_single),
|
|
?R_REF(mongo_rs),
|
|
?R_REF(mongo_sharded)
|
|
].
|
|
|
|
select_union_member(
|
|
#{
|
|
<<"mechanism">> := ?AUTHN_MECHANISM_BIN, <<"backend">> := ?AUTHN_BACKEND_BIN
|
|
} = Value
|
|
) ->
|
|
refs(Value);
|
|
select_union_member(#{<<"backend">> := ?AUTHN_BACKEND_BIN}) ->
|
|
throw(#{
|
|
reason => "unknown_mechanism",
|
|
expected => ?AUTHN_MECHANISM
|
|
});
|
|
select_union_member(_) ->
|
|
undefined.
|
|
|
|
refs(#{<<"mongo_type">> := <<"single">>}) ->
|
|
[?R_REF(mongo_single)];
|
|
refs(#{<<"mongo_type">> := <<"rs">>}) ->
|
|
[?R_REF(mongo_rs)];
|
|
refs(#{<<"mongo_type">> := <<"sharded">>}) ->
|
|
[?R_REF(mongo_sharded)];
|
|
refs(_) ->
|
|
throw(#{
|
|
field_name => mongo_type,
|
|
expected => "single | rs | sharded"
|
|
}).
|
|
|
|
fields(mongo_single) ->
|
|
common_fields() ++ emqx_mongodb:fields(single);
|
|
fields(mongo_rs) ->
|
|
common_fields() ++ emqx_mongodb:fields(rs);
|
|
fields(mongo_sharded) ->
|
|
common_fields() ++ emqx_mongodb:fields(sharded).
|
|
|
|
desc(mongo_single) ->
|
|
?DESC(single);
|
|
desc(mongo_rs) ->
|
|
?DESC('replica-set');
|
|
desc(mongo_sharded) ->
|
|
?DESC('sharded-cluster');
|
|
desc(_) ->
|
|
undefined.
|
|
|
|
common_fields() ->
|
|
[
|
|
{mechanism, emqx_authn_schema:mechanism(password_based)},
|
|
{backend, emqx_authn_schema:backend(mongodb)},
|
|
{collection, fun collection/1},
|
|
{filter, fun filter/1},
|
|
{password_hash_field, fun password_hash_field/1},
|
|
{salt_field, fun salt_field/1},
|
|
{is_superuser_field, fun is_superuser_field/1},
|
|
{password_hash_algorithm, fun emqx_authn_password_hashing:type_ro/1}
|
|
] ++ emqx_authn_schema:common_fields().
|
|
|
|
collection(type) -> binary();
|
|
collection(desc) -> ?DESC(?FUNCTION_NAME);
|
|
collection(required) -> true;
|
|
collection(_) -> undefined.
|
|
|
|
filter(type) ->
|
|
map();
|
|
filter(desc) ->
|
|
?DESC(?FUNCTION_NAME);
|
|
filter(required) ->
|
|
false;
|
|
filter(default) ->
|
|
#{};
|
|
filter(_) ->
|
|
undefined.
|
|
|
|
password_hash_field(type) -> binary();
|
|
password_hash_field(desc) -> ?DESC(?FUNCTION_NAME);
|
|
password_hash_field(required) -> false;
|
|
password_hash_field(default) -> <<"password_hash">>;
|
|
password_hash_field(_) -> undefined.
|
|
|
|
salt_field(type) -> binary();
|
|
salt_field(desc) -> ?DESC(?FUNCTION_NAME);
|
|
salt_field(required) -> false;
|
|
salt_field(default) -> <<"salt">>;
|
|
salt_field(_) -> undefined.
|
|
|
|
is_superuser_field(type) -> binary();
|
|
is_superuser_field(desc) -> ?DESC(?FUNCTION_NAME);
|
|
is_superuser_field(required) -> false;
|
|
is_superuser_field(default) -> <<"is_superuser">>;
|
|
is_superuser_field(_) -> undefined.
|