Skip to content

Commit

Permalink
GH-1436: Refactoring about Identity class
Browse files Browse the repository at this point in the history 
Co-authored-by: Simon Bernard <sbernard@sierrawireless.com>
  • Loading branch information
@JaroslawLegierski @sbernard31
JaroslawLegierski and sbernard31 committed Jul 3, 2023
1 parent a3d0931 commit f994bc1
Show file tree
Hide file tree
Showing 100 changed files with 1,259 additions and 845 deletions.
15 changes: 8 additions & 7 deletions ...ver-demo/src/main/java/org/eclipse/leshan/server/bootstrap/demo/servlet/EventServlet.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,12 +25,13 @@

import org.eclipse.jetty.servlets.EventSource;
import org.eclipse.jetty.servlets.EventSourceServlet;
import org.eclipse.leshan.core.peer.IpPeer;
import org.eclipse.leshan.core.peer.LwM2mPeer;
import org.eclipse.leshan.core.request.BootstrapDeleteRequest;
import org.eclipse.leshan.core.request.BootstrapDiscoverRequest;
import org.eclipse.leshan.core.request.BootstrapDownlinkRequest;
import org.eclipse.leshan.core.request.BootstrapRequest;
import org.eclipse.leshan.core.request.BootstrapWriteRequest;
import org.eclipse.leshan.core.request.Identity;
import org.eclipse.leshan.core.response.BootstrapDiscoverResponse;
import org.eclipse.leshan.core.response.LwM2mResponse;
import org.eclipse.leshan.server.bootstrap.BootstrapFailureCause;
Expand Down Expand Up @@ -73,12 +74,12 @@ public BootstrapEvent(String name, String endpoint, String message) {
private final BootstrapSessionListener sessionListener = new BootstrapSessionListener() {

@Override
public void sessionInitiated(BootstrapRequest request, Identity clientIdentity) {
public void sessionInitiated(BootstrapRequest request, LwM2mPeer client) {
try {
String endpointName = request.getEndpointName();
StringBuilder b = new StringBuilder();
b.append("Bootstrap Request from ");
b.append(clientIdentity.getPeerAddress());
b.append(client instanceof IpPeer ? ((IpPeer) client).getSocketAddress() : client);
if (request.getPreferredContentFormat() != null) {
b.append("\n");
b.append("Preferred Content Format: ");
Expand All @@ -99,11 +100,11 @@ public void sessionInitiated(BootstrapRequest request, Identity clientIdentity)
}

@Override
public void unAuthorized(BootstrapRequest request, Identity clientIdentity) {
public void unAuthorized(BootstrapRequest request, LwM2mPeer client) {
try {
String endpointName = request.getEndpointName();
StringBuilder b = new StringBuilder();
b.append(clientIdentity);
b.append(client);
b.append(" is not allowed to connect.");
b.append("\n");
b.append("(probably bad credentials)");
Expand All @@ -121,7 +122,7 @@ public void authorized(BootstrapSession session) {
try {
String endpointName = session.getEndpoint();
StringBuilder b = new StringBuilder();
b.append(session.getIdentity());
b.append(session.getClientTransportData());
b.append(" is allowed to connect.");

sendEvent(EVENT_BOOTSTRAP_SESSION,
Expand Down Expand Up @@ -324,7 +325,7 @@ protected EventSource newEventSource(HttpServletRequest req) {

private class LeshanEventSource implements EventSource {

private String endpoint;
private final String endpoint;
private Emitter emitter;

public LeshanEventSource(String endpoint) {
Expand Down
4 changes: 2 additions & 2 deletions ...lient-cf/src/main/java/org/eclipse/leshan/client/californium/LwM2mClientCoapResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
import org.eclipse.leshan.client.servers.ServerIdentity;
import org.eclipse.leshan.core.californium.LwM2mCoapResource;
import org.eclipse.leshan.core.californium.identity.IdentityHandlerProvider;
import org.eclipse.leshan.core.request.Identity;
import org.eclipse.leshan.core.peer.IpPeer;

/**
* A Common {@link CoapResource} used to handle LWM2M request with some specific method for LWM2M client.
Expand Down Expand Up @@ -61,7 +61,7 @@ protected ServerIdentity getServerOrRejectRequest(CoapExchange exchange, Message
* @throws IllegalStateException if we are not able to extract {@link ServerIdentity}.
*/
protected ServerIdentity extractIdentity(Exchange exchange, Message receivedMessage) {
Identity foreignPeerIdentity = getForeignPeerIdentity(exchange, receivedMessage);
IpPeer foreignPeerIdentity = getForeignPeerIdentity(exchange, receivedMessage);
if (foreignPeerIdentity == null)
return null;
return serverIdentityExtractor.extractIdentity(exchange, foreignPeerIdentity);
Expand Down
47 changes: 28 additions & 19 deletions ...va/org/eclipse/leshan/client/californium/endpoint/CaliforniumClientEndpointsProvider.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,16 @@
import org.eclipse.leshan.client.request.DownlinkRequestReceiver;
import org.eclipse.leshan.client.resource.LwM2mObjectTree;
import org.eclipse.leshan.client.servers.ServerIdentity;
import org.eclipse.leshan.client.servers.ServerIdentity.Role;
import org.eclipse.leshan.client.servers.ServerInfo;
import org.eclipse.leshan.core.SecurityMode;
import org.eclipse.leshan.core.californium.identity.IdentityHandler;
import org.eclipse.leshan.core.californium.identity.IdentityHandlerProvider;
import org.eclipse.leshan.core.endpoint.Protocol;
import org.eclipse.leshan.core.oscore.OscoreIdentity;
import org.eclipse.leshan.core.request.Identity;
import org.eclipse.leshan.core.peer.IpPeer;
import org.eclipse.leshan.core.peer.OscoreIdentity;
import org.eclipse.leshan.core.peer.PskIdentity;
import org.eclipse.leshan.core.peer.RpkIdentity;
import org.eclipse.leshan.core.peer.X509Identity;
import org.eclipse.leshan.core.util.NamedThreadFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand Down Expand Up @@ -95,7 +97,7 @@ protected CaliforniumClientEndpointsProvider(Builder builder) {
identityExtrator = new ServerIdentityExtractor() {

@Override
public ServerIdentity extractIdentity(Exchange exchange, Identity foreignPeerIdentity) {
public ServerIdentity extractIdentity(Exchange exchange, IpPeer foreignPeerIdentity) {
// TODO support multi server
Endpoint currentCoapEndpoint = endpoint.getCoapEndpoint();

Expand All @@ -110,20 +112,28 @@ public ServerIdentity extractIdentity(Exchange exchange, Identity foreignPeerIde
&& currentCoapEndpoint.isStarted()) {
// For UDP (not secure) endpoint we also check socket address as anybody send data to this kind of
// endpoint.
if (endpoint.getProtocol().equals(Protocol.COAP) && !currentServer.getIdentity().getPeerAddress()
.equals(foreignPeerIdentity.getPeerAddress())) {
return null;
if (endpoint.getProtocol().equals(Protocol.COAP)) {
if (currentServer.getTransportData() instanceof IpPeer) {
IpPeer currentIpServer = (IpPeer) currentServer.getTransportData();
if (!(currentIpServer.getSocketAddress().equals(foreignPeerIdentity.getSocketAddress()))) {
return null;
}
} else {
throw new IllegalStateException(
String.format("%s is not a LwM2mPeer supported by this class",
currentServer.getTransportData().getClass().getSimpleName()));
}
}
// For OSCORE, be sure OSCORE is used.
if (currentServer.getIdentity().isOSCORE()) {
if (!foreignPeerIdentity.isOSCORE() //
if (currentServer.getTransportData().getIdentity() instanceof OscoreIdentity) {
if (!(foreignPeerIdentity.getIdentity() instanceof OscoreIdentity) //
// we also check OscoreIdentity but this is probably not useful
// because we are using static OSCOREstore which holds only 1 OscoreParameter,
// so if the request was successfully decrypted and OSCORE is used, this MUST be the
// right
// server.
|| !foreignPeerIdentity.getOscoreIdentity()
.equals(currentServer.getIdentity().getOscoreIdentity())) {
|| !foreignPeerIdentity.getIdentity()
.equals(currentServer.getTransportData().getIdentity())) {
return null;
}
}
Expand Down Expand Up @@ -199,32 +209,31 @@ public ServerIdentity createEndpoint(ServerInfo serverInfo, boolean clientInitia
}

private ServerIdentity extractIdentity(ServerInfo serverInfo) {
Identity serverIdentity;
IpPeer serverIdentity;
if (serverInfo.isSecure()) {
// Support PSK
if (serverInfo.secureMode == SecurityMode.PSK) {
serverIdentity = Identity.psk(serverInfo.getAddress(), serverInfo.pskId);
serverIdentity = new IpPeer(serverInfo.getAddress(), new PskIdentity(serverInfo.pskId));
} else if (serverInfo.secureMode == SecurityMode.RPK) {
serverIdentity = Identity.rpk(serverInfo.getAddress(), serverInfo.serverPublicKey);
serverIdentity = new IpPeer(serverInfo.getAddress(), new RpkIdentity(serverInfo.serverPublicKey));
} else if (serverInfo.secureMode == SecurityMode.X509) {
// TODO We set CN with '*' as we are not able to know the CN for some certificate usage and so this is
// not used anymore to identify a server with x509.
// See : https://github.com/eclipse/leshan/issues/992
serverIdentity = Identity.x509(serverInfo.getAddress(), "*");
serverIdentity = new IpPeer(serverInfo.getAddress(), new X509Identity("*"));
} else {
throw new RuntimeException("Unable to create connector : unsupported security mode");
}
} else if (serverInfo.useOscore) {
// Build server identity for OSCORE
serverIdentity = Identity.oscoreOnly(serverInfo.getAddress(),
serverIdentity = new IpPeer(serverInfo.getAddress(),
new OscoreIdentity(serverInfo.oscoreSetting.getRecipientId()));
} else {
serverIdentity = Identity.unsecure(serverInfo.getAddress());
serverIdentity = new IpPeer((serverInfo.getAddress()));
}

if (serverInfo.bootstrap) {
return new ServerIdentity(serverIdentity, serverInfo.serverId, Role.LWM2M_BOOTSTRAP_SERVER,
serverInfo.serverUri);
return new ServerIdentity(serverIdentity, serverInfo.serverUri);
} else {
return new ServerIdentity(serverIdentity, serverInfo.serverId, serverInfo.serverUri);
}
Expand Down
10 changes: 9 additions & 1 deletion ...main/java/org/eclipse/leshan/client/californium/endpoint/ClientCoapMessageTranslator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@
import org.eclipse.leshan.core.californium.identity.IdentityHandlerProvider;
import org.eclipse.leshan.core.model.LwM2mModel;
import org.eclipse.leshan.core.node.LwM2mPath;
import org.eclipse.leshan.core.peer.IpPeer;
import org.eclipse.leshan.core.peer.LwM2mPeer;
import org.eclipse.leshan.core.request.UplinkRequest;
import org.eclipse.leshan.core.response.LwM2mResponse;

Expand All @@ -49,7 +51,13 @@ public Request createCoapRequest(ServerIdentity serverIdentity, UplinkRequest<?
ClientEndpointToolbox toolbox, LwM2mModel model, IdentityHandler identityHandler) {

// create CoAP Request
CoapRequestBuilder builder = new CoapRequestBuilder(serverIdentity.getIdentity(), toolbox.getEncoder(), model,
LwM2mPeer server = serverIdentity.getTransportData();
if (!(server instanceof IpPeer)) {
throw new IllegalStateException(
String.format("%s is not a LwM2mPeer supported by this class", server.getClass().getSimpleName()));
}

CoapRequestBuilder builder = new CoapRequestBuilder((IpPeer) server, toolbox.getEncoder(), model,
toolbox.getLinkSerializer(), identityHandler);
lwm2mRequest.accept(builder);
return builder.getRequest();
Expand Down
4 changes: 2 additions & 2 deletions ...src/main/java/org/eclipse/leshan/client/californium/endpoint/ServerIdentityExtractor.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@

import org.eclipse.californium.core.network.Exchange;
import org.eclipse.leshan.client.servers.ServerIdentity;
import org.eclipse.leshan.core.request.Identity;
import org.eclipse.leshan.core.peer.IpPeer;

public interface ServerIdentityExtractor {
ServerIdentity extractIdentity(Exchange exchange, Identity foreignPeerIdentity);
ServerIdentity extractIdentity(Exchange exchange, IpPeer foreignPeerIdentity);
}
22 changes: 13 additions & 9 deletions .../org/eclipse/leshan/client/californium/endpoint/coap/CoapOscoreClientEndpointFactory.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,10 @@
import org.eclipse.leshan.core.californium.oscore.cf.OscoreParameters;
import org.eclipse.leshan.core.californium.oscore.cf.StaticOscoreStore;
import org.eclipse.leshan.core.oscore.InvalidOscoreSettingException;
import org.eclipse.leshan.core.oscore.OscoreIdentity;
import org.eclipse.leshan.core.oscore.OscoreValidator;
import org.eclipse.leshan.core.request.Identity;
import org.eclipse.leshan.core.peer.IpPeer;
import org.eclipse.leshan.core.peer.LwM2mPeer;
import org.eclipse.leshan.core.peer.OscoreIdentity;
import org.eclipse.leshan.core.util.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand Down Expand Up @@ -114,29 +115,32 @@ protected CoapEndpoint.Builder createEndpointBuilder(InetSocketAddress address,
@Override
public IdentityHandler createIdentityHandler() {
return new IdentityHandler() {

@Override
public Identity getIdentity(Message receivedMessage) {
public LwM2mPeer getIdentity(Message receivedMessage) {
EndpointContext context = receivedMessage.getSourceContext();
InetSocketAddress peerAddress = context.getPeerAddress();
Principal senderIdentity = context.getPeerIdentity();
if (senderIdentity == null) {
// Build identity for OSCORE if it is used
if (context.get(OSCoreEndpointContextInfo.OSCORE_RECIPIENT_ID) != null) {
String recipient = context.get(OSCoreEndpointContextInfo.OSCORE_RECIPIENT_ID);
return Identity.oscoreOnly(peerAddress,
new OscoreIdentity(Hex.decodeHex(recipient.toCharArray())));

return new IpPeer(peerAddress, new OscoreIdentity(Hex.decodeHex(recipient.toCharArray())));
}
return Identity.unsecure(peerAddress);
return new IpPeer(peerAddress);
} else {
return null;
}
}

@Override
public EndpointContext createEndpointContext(Identity identity, boolean allowConnectionInitiation) {
public EndpointContext createEndpointContext(LwM2mPeer client, boolean allowConnectionInitiation) {
// TODO OSCORE : should we add properties to endpoint context ?
return new AddressEndpointContext(identity.getPeerAddress());
if (client instanceof IpPeer) {
return new AddressEndpointContext(((IpPeer) client).getSocketAddress());
} else {
throw new IllegalStateException(String.format("Unsupported Peer : %s", client));
}
}
};
}
Expand Down
Loading

0 comments on commit f994bc1

Please sign in to comment.