packaging
/
j7s-jwt-mosquitto-auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pass device grant test.

This commit is contained in:
James Pace 2022-03-26 01:32:10 +00:00
parent 3b4be67de3
commit fa238f650d
3 changed files with 35 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Authorizer.cpp
View File

@ -25,7 +25,7 @@ std::optional<std::string> getKey(const std::string &user, const YAML::Node &key
// Class implementation. // Class implementation.
Authorizer::Authorizer(const std::string &keyFilePath, const std::string &aclFilePath) : Authorizer::Authorizer(const std::string &keyFilePath, const std::string &aclFilePath) :
_keyFile{keyFilePath}, _aclFile{aclFilePath} _keyFile{YAML::LoadFile(keyFilePath)}, _aclFile{YAML::LoadFile(aclFilePath)}
{ {
} }
@ -98,6 +98,7 @@ bool Authorizer::is_unknown(const std::string &username)
std::tuple<bool, bool> checkACL(const std::string &user, const YAML::Node &aclFile) std::tuple<bool, bool> checkACL(const std::string &user, const YAML::Node &aclFile)
{ {
// TODO: Make sure default exists. // TODO: Make sure default exists.
YAML::Node userDict; YAML::Node userDict;
if (aclFile[user]) if (aclFile[user])
{ {

58
src/utils.cpp
View File

@ -61,34 +61,42 @@ bool validate(const std::string &token, const std::string &username, const std::
} }
auto claims = decoded_token.get_payload_claims(); auto claims = decoded_token.get_payload_claims();
// Check username matches. try
if (not claims.contains("upn"))
{ {
std::cerr << "Missing upn." << std::endl; // Check username matches.
return false; if (not claims.contains("upn"))
} {
if (claims["upn"].as_string() != username) std::cerr << "Missing upn." << std::endl;
{ return false;
std::cerr << "Wrong username." << std::endl; }
return false; if (claims["upn"].as_string() != username)
} {
std::cerr << "Wrong username." << std::endl;
return false;
}
// Check for mqtt-write claim value. // Check for mqtt-write claim value.
if (not claims.contains("mqtt")) if (not claims.contains("mqtt"))
{ {
std::cerr << "Missing mqtt claim." << std::endl; std::cerr << "Missing mqtt claim." << std::endl;
return false; return false;
} }
if (not(claims["mqtt"].as_string() == "true")) if (not(claims["mqtt"].as_bool()))
{ {
std::cerr << "Not claiming can do mqtt." << std::endl; std::cerr << "Not claiming can do mqtt." << std::endl;
return false; return false;
} }
// Do we have an expiration time? // Do we have an expiration time?
if (not claims.contains("exp")) if (not claims.contains("exp"))
{
std::cerr << "Missing expiration time claim." << std::endl;
return false;
}
}
catch(const std::bad_cast& exception)
{ {
std::cerr << "Missing expiration time claim." << std::endl; std::cerr << "Failed to parse claims. Reason: " << exception.what() << std::endl;
return false; return false;
} }
@ -105,7 +113,7 @@ std::string gen_token(
const auto token = jwt::create() const auto token = jwt::create()
.set_type("JWT") .set_type("JWT")
.set_payload_claim("upn", jwt::claim(username)) .set_payload_claim("upn", jwt::claim(username))
.set_payload_claim("mqtt", jwt::claim(std::string("true"))) .set_payload_claim("mqtt", jwt::claim(picojson::value(true)))
.set_issued_at(issue_time) .set_issued_at(issue_time)
.set_expires_at(expr_time) .set_expires_at(expr_time)
.sign(jwt::algorithm::rs256(pub_key, priv_key, "", "")); .sign(jwt::algorithm::rs256(pub_key, priv_key, "", ""));

1
test/token_test.cpp
View File

@ -13,7 +13,6 @@
// limitations under the License. // limitations under the License.
#include <j7s-plugin/utils.h> #include <j7s-plugin/utils.h>
#include <ctime>
#include <iostream> #include <iostream>
#include "gtest/gtest.h" #include "gtest/gtest.h"