packaging
/
j7s-jwt-mosquitto-auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

General cleanup.

This commit is contained in:
James Pace 2021-11-20 15:02:30 +00:00
parent 96e419c12c
commit 160d704114
6 changed files with 23 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/jwp-plugin/AuthList.hpp
View File

@ -15,6 +15,7 @@
#include <forward_list>
#include <string>
// A list with easily checkable contents.
class AuthList
{
public:

3
include/jwp-plugin/Authorizer.hpp
View File

@ -15,11 +15,10 @@
#include <jwp-plugin/AuthList.hpp>
#include <jwt-cpp/jwt.h>
#include <optional>
#include <string>
// Autenticates a user using jwts.
class Authorizer
{
public:

3
include/jwp-plugin/jwp-plugin.h
View File

@ -12,6 +12,9 @@
// See the License for the specific language governing permissions and
// limitations under the License.
// Mosquitto authentication plugin that using Authorizer to authorize
// users using jwts.
extern "C" {
#include "mosquitto.h"
#include "mosquitto_broker.h"

9
src/AuthList.cpp
View File

@ -23,8 +23,7 @@ void AuthList::add(const std::string& username)
{
// Is the username already in the list?
// If not add it.
const auto found = std::find(std::begin(_allowedUsernames), std::end(_allowedUsernames), username);
if(found == std::end(_allowedUsernames))
if(not confirm(username))
{
_allowedUsernames.emplace_front(username);
}
@ -32,8 +31,9 @@ void AuthList::add(const std::string& username)
void AuthList::remove(const std::string& username)
{
const auto found = std::find(std::begin(_allowedUsernames), std::end(_allowedUsernames), username);
if(found != std::end(_allowedUsernames))
// Is the user in the list?
// Is so, remove it,
if(confirm(username))
{
_allowedUsernames.remove(username);
}
@ -41,6 +41,7 @@ void AuthList::remove(const std::string& username)
bool AuthList::confirm(const std::string& username)
{
// Is the user in the list?
const auto found = std::find(std::begin(_allowedUsernames), std::end(_allowedUsernames), username);
if(found != std::end(_allowedUsernames))
{

10
src/Authorizer.cpp
View File

@ -63,7 +63,7 @@ bool Authorizer::add(const std::string& token, const std::string& username)
}
catch(jwt::error::token_verification_exception& exception)
{
std::cout << exception.what() << std::endl;
std::cerr << exception.what() << std::endl;
return false;
}
auto claims = decoded_token.get_payload_claims();
@ -71,19 +71,19 @@ bool Authorizer::add(const std::string& token, const std::string& username)
// Check username matches.
if(not claims.contains("upn"))
{
std::cout << "Missing upn." << std::endl;
std::cerr << "Missing upn." << std::endl;
return false;
}
if(claims["upn"].as_string() != username)
{
std::cout << "Wrong username." << std::endl;
std::cerr << "Wrong username." << std::endl;
return false;
}
// Check for mqtt-write claim value.
if(not (claims.contains("mqtt-write") and claims.contains("mqtt-read")))
{
std::cout << "Missing mqtt-write or mqtt-read." << std::endl;
std::cerr << "Missing mqtt-write or mqtt-read." << std::endl;
return false;
}
@ -91,7 +91,7 @@ bool Authorizer::add(const std::string& token, const std::string& username)
bool can_read = claims["mqtt-read"].as_bool();
if(not (can_write or can_read))
{
std::cout << "Can't write or can't read." << std::endl;
std::cerr << "Can't write or can't read." << std::endl;
return false;
}

19
src/jwp-plugin.cpp
View File

@ -50,27 +50,24 @@ int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier, void **userdata, st
if(key == "public_key")
{
const auto key = Authorizer::read_key(std::string(options[index].value));
if(key)
{
public_key = *key;
}
else
if(not key or key->empty())
{
mosquitto_log_printf(MOSQ_LOG_ERR, "Could not read public key.");
return MOSQ_ERR_INVAL;
}
public_key = *key;
}
else if(key == "issuer")
{
issuer = std::string(options[index].value);
if(issuer.empty())
{
mosquitto_log_printf(MOSQ_LOG_ERR, "issuer not set.");
return MOSQ_ERR_INVAL;
}
}
}
if(public_key.empty() or issuer.empty())
{
mosquitto_log_printf(MOSQ_LOG_ERR, "public_key or issue not set.");
return MOSQ_ERR_INVAL;
}
authorizer = std::make_unique<Authorizer>(public_key, issuer);
// Register the callbacks.