ETM-Schurig/powersync-mqtt
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2026-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
powersync-mqtt/server/authorizer.cpp
Michael Zanetti 665faca358 Add Support for websocket transport 
This commit adds support for connecting via the websocket transport
protocol on both, client and server parts.
In addition, the standalone server implemention is more complete, allowing
to manage policies and server ports via command line arguments as well
as adding a command line client tool for subscribing to a broker and/or
publishing messages to it.
2022-06-03 14:59:07 +02:00

127 lines
4.6 KiB
C++
Raw Blame History

/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
*
* Copyright 2013 - 2022, nymea GmbH
* Contact: contact@nymea.io
*
* This file is part of nymea.
* This project including source code and documentation is protected by copyright law, and
* remains the property of nymea GmbH. All rights, including reproduction, publication,
* editing and translation, are reserved. The use of this project is subject to the terms of a
* license agreement to be concluded with nymea GmbH in accordance with the terms
* of use of nymea GmbH, available under https://nymea.io/license
*
* GNU General Public License Usage
* Alternatively, this project may be redistributed and/or modified under
* the terms of the GNU General Public License as published by the Free Software Foundation,
* GNU version 3. this project is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
* PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with this project.
* If not, see <https://www.gnu.org/licenses/>.
*
* For any further details and any questions please contact us under contact@nymea.io
* or see our FAQ/Licensing Information on https://nymea.io/license/faq
*
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
#include "authorizer.h"
#include <QFile>
#include <QSettings>
Authorizer::Authorizer(const QString &policyFile, QObject *parent):
QObject{parent},
m_settingsFile(policyFile)
{
if (QFile::exists(policyFile)) {
qInfo() << "Using policy file:" << policyFile;
}
}
Mqtt::ConnectReturnCode Authorizer::authorizeConnect(int serverAddressId, const QString &clientId, const QString &username, const QString &password, const QHostAddress &peerAddress)
{
Q_UNUSED(serverAddressId)
Q_UNUSED(peerAddress);
if (!QFile::exists(m_settingsFile)) {
return Mqtt::ConnectReturnCodeServerUnavailable;
}
MqttPolicy policy = loadPolicy(clientId);
if (!policy.isValid()) {
return Mqtt::ConnectReturnCodeNotAuthorized;
}
if (policy.username() != username || policy.password() != password) {
return Mqtt::ConnectReturnCodeBadUsernameOrPassword;
}
return Mqtt::ConnectReturnCodeAccepted;
}
bool Authorizer::authorizeSubscribe(int serverAddressId, const QString &clientId, const QString &topicFilter)
{
Q_UNUSED(serverAddressId)
qCritical() << "sub filters" << topicFilter;
if (!QFile::exists(m_settingsFile)) {
return false;
}
MqttPolicy policy = loadPolicy(clientId);
if (!policy.isValid()) {
return false;
}
qCritical() << "policy" << policy.allowedSubscribeTopicFilters();
if (policy.allowedSubscribeTopicFilters().contains(topicFilter)) {
return true;
}
return false;
}
bool Authorizer::authorizePublish(int serverAddressId, const QString &clientId, const QString &topic)
{
Q_UNUSED(serverAddressId)
if (!QFile::exists(m_settingsFile)) {
return false;
}
MqttPolicy policy = loadPolicy(clientId);
if (!policy.isValid()) {
return false;
}
if (policy.allowedPublishTopicFilters().contains(topic)) {
return true;
}
return false;
}
void Authorizer::addPolicy(const QString &clientId, const QString &username, const QString &password, const QStringList &allowedSubscribeTopicFilters, const QStringList &allowedPublishTopicFilters)
{
QSettings settings(m_settingsFile, QSettings::IniFormat);
settings.beginGroup(clientId);
settings.setValue("username", username);
settings.setValue("password", password);
settings.setValue("allowedSubscribeTopicFilters", allowedSubscribeTopicFilters);
settings.setValue("allowedPublishTopicFilters", allowedPublishTopicFilters);
}
void Authorizer::removePolicy(const QString &clientId)
{
QSettings settings(m_settingsFile, QSettings::IniFormat);
settings.remove(clientId);
}
MqttPolicy Authorizer::loadPolicy(const QString &clientId)
{
QSettings settings(m_settingsFile, QSettings::IniFormat);
if (!settings.childGroups().contains(clientId)) {
return MqttPolicy();
}
settings.beginGroup(clientId);
MqttPolicy policy(clientId,
settings.value("username").toString(),
settings.value("password").toString(),
settings.value("allowedSubscribeTopicFilters").toStringList(),
settings.value("allowedPublishTopicFilters").toStringList());
return policy;
}
Reference in New Issue View Git Blame Copy Permalink