chore: remove scram authenticator for all gateway

apps/emqx_authn/src/emqx_authn_schema.erl

@@ -25,6 +25,7 @@
     roots/0,
     fields/1,
     authenticator_type/0,
+    authenticator_type_without_scram/0,
     root_type/0,
     mechanism/1,
     backend/1
@@ -43,6 +44,22 @@ enable(_) -> undefined.
 authenticator_type() ->
     hoconsc:union(config_refs([Module || {_AuthnType, Module} <- emqx_authn:providers()])).
 
+authenticator_type_without_scram() ->
+    Providers = lists:filter(
+        fun
+            ({{password_based, _Backend}, _Mod}) ->
+                true;
+            ({jwt, _Mod}) ->
+                true;
+            ({{scram, _Backend}, _Mod}) ->
+                false
+        end,
+        emqx_authn:providers()
+    ),
+    hoconsc:union(
+        config_refs([Module || {_AuthnType, Module} <- Providers])
+    ).
+
 config_refs(Modules) ->
     lists:append([Module:refs() || Module <- Modules]).
 

apps/emqx_exhook/src/emqx_exhook_handler.erl

@@ -231,10 +231,14 @@ properties(M) when is_map(M) ->
            value => stringfy(V)} | Acc]
     end, [], M).
 
-conninfo(_ConnInfo =
-           #{clientid := ClientId, username := Username, peername := {Peerhost, _},
-             sockname := {_, SockPort}, proto_name := ProtoName, proto_ver := ProtoVer,
-             keepalive := Keepalive}) ->
+conninfo(ConnInfo =
+         #{clientid := ClientId,
+           peername := {Peerhost, _},
+           sockname := {_, SockPort}}) ->
+    Username = maps:get(username, ConnInfo, undefined),
+    ProtoName = maps:get(proto_name, ConnInfo, undefined),
+    ProtoVer = maps:get(proto_ver, ConnInfo, undefined),
+    Keepalive = maps:get(keepalive, ConnInfo, 0),
     #{node => stringfy(node()),
       clientid => ClientId,
       username => maybe(Username),

apps/emqx_gateway/src/emqx_gateway_api_authn.erl

@@ -433,6 +433,6 @@ params_fuzzy_in_qs() ->
 
 schema_authn() ->
     emqx_dashboard_swagger:schema_with_examples(
-        emqx_authn_schema:authenticator_type(),
+        emqx_authn_schema:authenticator_type_without_scram(),
         emqx_authn_api:authenticator_examples()
     ).

apps/emqx_gateway/src/emqx_gateway_http.erl

@@ -211,7 +211,7 @@ authn(GwName) ->
     ChainName = emqx_gateway_utils:global_chain(GwName),
     wrap_chain_name(
         ChainName,
-        emqx_map_lib:jsonable_map(emqx:get_config(Path))
+        emqx_map_lib:jsonable_map(emqx:get_raw_config(Path))
     ).
 
 -spec authn(gateway_name(), binary()) -> map().
@@ -221,7 +221,7 @@ authn(GwName, ListenerId) ->
     ChainName = emqx_gateway_utils:listener_chain(GwName, Type, Name),
     wrap_chain_name(
         ChainName,
-        emqx_map_lib:jsonable_map(emqx:get_config(Path))
+        emqx_map_lib:jsonable_map(emqx:get_raw_config(Path))
     ).
 
 wrap_chain_name(ChainName, Conf) ->

apps/emqx_gateway/src/mqttsn/emqx_sn_channel.erl

@@ -363,8 +363,7 @@ auth_connect(
                 username => Username,
                 reason => Reason
             }),
-            %% FIXME: ReasonCode?
-            {error, Reason}
+            {error, name_to_returncode(Reason)}
     end.
 
 ensure_connected(
@@ -2331,3 +2330,6 @@ returncode_name(?SN_RC2_KEEPALIVE_TIMEOUT) -> rejected_keepalive_timeout;
 returncode_name(?SN_RC2_EXCEED_LIMITATION) -> rejected_exceed_limitation;
 returncode_name(?SN_RC2_REACHED_MAX_RETRY) -> reached_max_retry_times;
 returncode_name(_) -> accepted.
+
+name_to_returncode(not_authorized) -> ?SN_RC2_NOT_AUTHORIZE;
+name_to_returncode(_) -> ?SN_RC2_NOT_AUTHORIZE.

apps/emqx_gateway/test/emqx_gateway_authn_SUITE.erl

@@ -159,7 +159,7 @@ t_case_lwm2m(_) ->
 
 -define(SN_CONNACK, 16#05).
 
-t_case_emqx_sn(_) ->
+t_case_mqttsn(_) ->
     Mod = emqx_sn_protocol_SUITE,
     Login = fun(Username, Password, Expect) ->
         RawCfg = emqx_conf:get_raw([gateway, mqttsn], #{}),
@@ -180,7 +180,7 @@ t_case_emqx_sn(_) ->
             end
         )
     end,
-    Login(<<"badadmin">>, <<"badpassowrd">>, <<>>),
+    Login(<<"badadmin">>, <<"badpassowrd">>, <<3, ?SN_CONNACK, 16#80>>),
     Login(<<"admin">>, <<"public">>, <<3, ?SN_CONNACK, 0>>),
     ok.