|
|
@@ -32,7 +32,7 @@
|
|
|
|
|
|
-define(EXAMPLE_1, #{name => <<"example 1">>,
|
|
|
mechanism => <<"password-based">>,
|
|
|
- server_type => <<"built-in-example">>,
|
|
|
+ server_type => <<"built-in-database">>,
|
|
|
user_id_type => <<"username">>,
|
|
|
password_hash_algorithm => #{
|
|
|
name => <<"sha256">>
|
|
|
@@ -76,6 +76,16 @@
|
|
|
salt_position => <<"prefix">>
|
|
|
}).
|
|
|
|
|
|
+-define(EXAMPLE_5, #{name => <<"example 5">>,
|
|
|
+ mechanism => <<"password-based">>,
|
|
|
+ server_type => <<"redis">>,
|
|
|
+ server => <<"127.0.0.1:6379">>,
|
|
|
+ database => 0,
|
|
|
+ query => <<"HMGET ${mqtt-username} password_hash salt">>,
|
|
|
+ password_hash_algorithm => <<"sha256">>,
|
|
|
+ salt_position => <<"prefix">>
|
|
|
+ }).
|
|
|
+
|
|
|
-define(ERR_RESPONSE(Desc), #{description => Desc,
|
|
|
content => #{
|
|
|
'application/json' => #{
|
|
|
@@ -180,6 +190,10 @@ authenticators_api() ->
|
|
|
mongodb => #{
|
|
|
summary => <<"Authentication with MongoDB">>,
|
|
|
value => emqx_json:encode(?EXAMPLE_4)
|
|
|
+ },
|
|
|
+ redis => #{
|
|
|
+ summary => <<"Authentication with Redis">>,
|
|
|
+ value => emqx_json:encode(?EXAMPLE_5)
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -192,6 +206,7 @@ authenticators_api() ->
|
|
|
'application/json' => #{
|
|
|
schema => minirest:ref(<<"returned_authenticator">>),
|
|
|
examples => #{
|
|
|
+ %% TODO: return full content
|
|
|
example1 => #{
|
|
|
summary => <<"Example 1">>,
|
|
|
value => emqx_json:encode(maps:put(id, <<"example 1">>, ?EXAMPLE_1))
|
|
|
@@ -207,6 +222,10 @@ authenticators_api() ->
|
|
|
example4 => #{
|
|
|
summary => <<"Example 4">>,
|
|
|
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
|
|
|
+ },
|
|
|
+ example5 => #{
|
|
|
+ summary => <<"Example 4">>,
|
|
|
+ value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -234,6 +253,7 @@ authenticators_api() ->
|
|
|
, maps:put(id, <<"example 2">>, ?EXAMPLE_2)
|
|
|
, maps:put(id, <<"example 3">>, ?EXAMPLE_3)
|
|
|
, maps:put(id, <<"example 4">>, ?EXAMPLE_4)
|
|
|
+ , maps:put(id, <<"example 5">>, ?EXAMPLE_5)
|
|
|
])
|
|
|
}
|
|
|
}
|
|
|
@@ -281,6 +301,10 @@ authenticators_api2() ->
|
|
|
example4 => #{
|
|
|
summary => <<"Example 4">>,
|
|
|
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
|
|
|
+ },
|
|
|
+ example5 => #{
|
|
|
+ summary => <<"Example 5">>,
|
|
|
+ value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -345,6 +369,10 @@ authenticators_api2() ->
|
|
|
example4 => #{
|
|
|
summary => <<"Example 4">>,
|
|
|
value => emqx_json:encode(maps:put(id, <<"example 4">>, ?EXAMPLE_4))
|
|
|
+ },
|
|
|
+ example5 => #{
|
|
|
+ summary => <<"Example 5">>,
|
|
|
+ value => emqx_json:encode(maps:put(id, <<"example 5">>, ?EXAMPLE_5))
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
@@ -1024,6 +1052,66 @@ definitions() ->
|
|
|
}
|
|
|
},
|
|
|
|
|
|
+ PasswordBasedRedisDef = #{
|
|
|
+ type => object,
|
|
|
+ required => [],
|
|
|
+ properties => #{
|
|
|
+ server_type => #{
|
|
|
+ type => string,
|
|
|
+ enum => [<<"redis">>],
|
|
|
+ example => [<<"redis">>]
|
|
|
+ },
|
|
|
+ server => #{
|
|
|
+ description => <<"Mutually exclusive with the 'servers' field, only valid in standalone mode">>,
|
|
|
+ type => string,
|
|
|
+ example => <<"127.0.0.1:27017">>
|
|
|
+ },
|
|
|
+ servers => #{
|
|
|
+ description => <<"Mutually exclusive with the 'server' field, only valid in cluster and sentinel mode">>,
|
|
|
+ type => array,
|
|
|
+ items => #{
|
|
|
+ type => string
|
|
|
+ },
|
|
|
+ example => [<<"127.0.0.1:27017">>]
|
|
|
+ },
|
|
|
+ sentinel => #{
|
|
|
+ description => <<"Only valid in sentinel mode">>,
|
|
|
+ type => string
|
|
|
+ },
|
|
|
+ password => #{
|
|
|
+ type => string
|
|
|
+ },
|
|
|
+ database => #{
|
|
|
+ type => integer,
|
|
|
+ exmaple => 0
|
|
|
+ },
|
|
|
+ query => #{
|
|
|
+ type => string,
|
|
|
+ example => <<"HMGET ${mqtt-username} password_hash salt">>
|
|
|
+ },
|
|
|
+ password_hash_algorithm => #{
|
|
|
+ type => string,
|
|
|
+ enum => [<<"plain">>, <<"md5">>, <<"sha">>, <<"sha256">>, <<"sha512">>, <<"bcrypt">>],
|
|
|
+ default => <<"sha256">>,
|
|
|
+ example => <<"sha256">>
|
|
|
+ },
|
|
|
+ salt_position => #{
|
|
|
+ type => string,
|
|
|
+ enum => [<<"prefix">>, <<"suffix">>],
|
|
|
+ default => <<"prefix">>,
|
|
|
+ example => <<"prefix">>
|
|
|
+ },
|
|
|
+ pool_size => #{
|
|
|
+ type => integer,
|
|
|
+ default => 8
|
|
|
+ },
|
|
|
+ auto_reconnect => #{
|
|
|
+ type => boolean,
|
|
|
+ default => true
|
|
|
+ }
|
|
|
+ }
|
|
|
+ },
|
|
|
+
|
|
|
PasswordBasedHTTPServerDef = #{
|
|
|
type => object,
|
|
|
required => [ server_type
|
|
|
@@ -1155,6 +1243,7 @@ definitions() ->
|
|
|
, #{<<"password_based_mysql">> => PasswordBasedMySQLDef}
|
|
|
, #{<<"password_based_pgsql">> => PasswordBasedPgSQLDef}
|
|
|
, #{<<"password_based_mongodb">> => PasswordBasedMongoDBDef}
|
|
|
+ , #{<<"password_based_redis">> => PasswordBasedRedisDef}
|
|
|
, #{<<"password_based_http_server">> => PasswordBasedHTTPServerDef}
|
|
|
, #{<<"password_hash_algorithm">> => PasswordHashAlgorithmDef}
|
|
|
, #{<<"ssl">> => SSLDef}
|
zhouzb