简柏林 / thingskit · Commits

Commit 4cd59674ee3ae844754e38398a5ba048d43b612e

Authored by YevhenBondarenko
Committed by Andrew Shvayka
1 parent 552a1efb

refactored LwM2M client credentials for the new UI

Inline Side-by-side
Showing 15 changed files with 163 additions and 98 deletions
@@ -151,7 +151,7 @@ public class AbstractLwM2MIntegrationTest extends AbstractWebsocketTest { @@ -151,7 +151,7 @@ public class AbstractLwM2MIntegrationTest extends AbstractWebsocketTest {
151 parameterSpec); 151 parameterSpec);
152 KeySpec privateKeySpec = new ECPrivateKeySpec(new BigInteger(privateS), parameterSpec); 152 KeySpec privateKeySpec = new ECPrivateKeySpec(new BigInteger(privateS), parameterSpec);
153 153
154 -// // Get keys 154 + // Get keys
155 serverPublicKey = KeyFactory.getInstance("EC").generatePublic(publicKeySpec); 155 serverPublicKey = KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
156 serverPrivateKey = KeyFactory.getInstance("EC").generatePrivate(privateKeySpec); 156 serverPrivateKey = KeyFactory.getInstance("EC").generatePrivate(privateKeySpec);
157 157
@@ -36,7 +36,7 @@ import org.thingsboard.server.service.telemetry.cmd.v2.EntityDataUpdate; @@ -36,7 +36,7 @@ import org.thingsboard.server.service.telemetry.cmd.v2.EntityDataUpdate;
36 import org.thingsboard.server.service.telemetry.cmd.v2.LatestValueCmd; 36 import org.thingsboard.server.service.telemetry.cmd.v2.LatestValueCmd;
37 import org.thingsboard.server.transport.lwm2m.client.LwM2MTestClient; 37 import org.thingsboard.server.transport.lwm2m.client.LwM2MTestClient;
38 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials; 38 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials;
39 -import org.thingsboard.server.transport.lwm2m.secure.credentials.NoSecClientCredentialsConfig; 39 +import org.thingsboard.server.common.data.device.credentials.lwm2m.NoSecClientCredentials;
40 40
41 import java.util.Collections; 41 import java.util.Collections;
42 import java.util.List; 42 import java.util.List;
@@ -112,10 +112,10 @@ public class NoSecLwM2MIntegrationTest extends AbstractLwM2MIntegrationTest { @@ -112,10 +112,10 @@ public class NoSecLwM2MIntegrationTest extends AbstractLwM2MIntegrationTest {
112 Assert.assertEquals(device.getId(), deviceCredentials.getDeviceId()); 112 Assert.assertEquals(device.getId(), deviceCredentials.getDeviceId());
113 deviceCredentials.setCredentialsType(DeviceCredentialsType.LWM2M_CREDENTIALS); 113 deviceCredentials.setCredentialsType(DeviceCredentialsType.LWM2M_CREDENTIALS);
114 114
115 - deviceCredentials.setCredentialsId(deviceAEndpoint);  
116 -  
117 LwM2MCredentials noSecCredentials = new LwM2MCredentials(); 115 LwM2MCredentials noSecCredentials = new LwM2MCredentials();
118 - noSecCredentials.setClient(new NoSecClientCredentialsConfig()); 116 + NoSecClientCredentials clientCredentials = new NoSecClientCredentials();
  117 + clientCredentials.setEndpoint(deviceAEndpoint);
  118 + noSecCredentials.setClient(clientCredentials);
119 deviceCredentials.setCredentialsValue(JacksonUtil.toString(noSecCredentials)); 119 deviceCredentials.setCredentialsValue(JacksonUtil.toString(noSecCredentials));
120 doPost("/api/device/credentials", deviceCredentials).andExpect(status().isOk()); 120 doPost("/api/device/credentials", deviceCredentials).andExpect(status().isOk());
121 return device; 121 return device;
@@ -22,6 +22,7 @@ import org.junit.Assert; @@ -22,6 +22,7 @@ import org.junit.Assert;
22 import org.junit.Test; 22 import org.junit.Test;
23 import org.thingsboard.common.util.JacksonUtil; 23 import org.thingsboard.common.util.JacksonUtil;
24 import org.thingsboard.server.common.data.Device; 24 import org.thingsboard.server.common.data.Device;
  25 +import org.thingsboard.server.common.data.device.credentials.lwm2m.X509ClientCredentials;
25 import org.thingsboard.server.common.data.query.EntityData; 26 import org.thingsboard.server.common.data.query.EntityData;
26 import org.thingsboard.server.common.data.query.EntityDataPageLink; 27 import org.thingsboard.server.common.data.query.EntityDataPageLink;
27 import org.thingsboard.server.common.data.query.EntityDataQuery; 28 import org.thingsboard.server.common.data.query.EntityDataQuery;
@@ -37,7 +38,6 @@ import org.thingsboard.server.service.telemetry.cmd.v2.EntityDataUpdate; @@ -37,7 +38,6 @@ import org.thingsboard.server.service.telemetry.cmd.v2.EntityDataUpdate;
37 import org.thingsboard.server.service.telemetry.cmd.v2.LatestValueCmd; 38 import org.thingsboard.server.service.telemetry.cmd.v2.LatestValueCmd;
38 import org.thingsboard.server.transport.lwm2m.client.LwM2MTestClient; 39 import org.thingsboard.server.transport.lwm2m.client.LwM2MTestClient;
39 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials; 40 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials;
40 -import org.thingsboard.server.transport.lwm2m.secure.credentials.X509ClientCredentialsConfig;  
41 41
42 import java.util.Collections; 42 import java.util.Collections;
43 import java.util.List; 43 import java.util.List;
@@ -101,7 +101,7 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest { @@ -101,7 +101,7 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest {
101 private final String serverUri = "coaps://localhost:" + port; 101 private final String serverUri = "coaps://localhost:" + port;
102 102
103 @NotNull 103 @NotNull
104 - private Device createDevice(String credentialsId, X509ClientCredentialsConfig credentialsConfig) throws Exception { 104 + private Device createDevice(X509ClientCredentials clientCredentials) throws Exception {
105 Device device = new Device(); 105 Device device = new Device();
106 device.setName("Device A"); 106 device.setName("Device A");
107 device.setDeviceProfileId(deviceProfile.getId()); 107 device.setDeviceProfileId(deviceProfile.getId());
@@ -114,13 +114,11 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest { @@ -114,13 +114,11 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest {
114 Assert.assertEquals(device.getId(), deviceCredentials.getDeviceId()); 114 Assert.assertEquals(device.getId(), deviceCredentials.getDeviceId());
115 deviceCredentials.setCredentialsType(DeviceCredentialsType.LWM2M_CREDENTIALS); 115 deviceCredentials.setCredentialsType(DeviceCredentialsType.LWM2M_CREDENTIALS);
116 116
117 - deviceCredentials.setCredentialsId(credentialsId); 117 + LwM2MCredentials credentials = new LwM2MCredentials();
118 118
119 - LwM2MCredentials X509Credentials = new LwM2MCredentials(); 119 + credentials.setClient(clientCredentials);
120 120
121 - X509Credentials.setClient(credentialsConfig);  
122 -  
123 - deviceCredentials.setCredentialsValue(JacksonUtil.toString(X509Credentials)); 121 + deviceCredentials.setCredentialsValue(JacksonUtil.toString(credentials));
124 doPost("/api/device/credentials", deviceCredentials).andExpect(status().isOk()); 122 doPost("/api/device/credentials", deviceCredentials).andExpect(status().isOk());
125 return device; 123 return device;
126 } 124 }
@@ -128,8 +126,9 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest { @@ -128,8 +126,9 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest {
128 @Test 126 @Test
129 public void testConnectAndObserveTelemetry() throws Exception { 127 public void testConnectAndObserveTelemetry() throws Exception {
130 createDeviceProfile(TRANSPORT_CONFIGURATION); 128 createDeviceProfile(TRANSPORT_CONFIGURATION);
131 -  
132 - Device device = createDevice(endpoint, new X509ClientCredentialsConfig(null, null)); 129 + X509ClientCredentials credentials = new X509ClientCredentials();
  130 + credentials.setEndpoint(endpoint);
  131 + Device device = createDevice(credentials);
133 132
134 SingleEntityFilter sef = new SingleEntityFilter(); 133 SingleEntityFilter sef = new SingleEntityFilter();
135 sef.setSingleEntity(device.getId()); 134 sef.setSingleEntity(device.getId());
@@ -166,7 +165,10 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest { @@ -166,7 +165,10 @@ public class X509LwM2MIntegrationTest extends AbstractLwM2MIntegrationTest {
166 @Test 165 @Test
167 public void testConnectWithCertAndObserveTelemetry() throws Exception { 166 public void testConnectWithCertAndObserveTelemetry() throws Exception {
168 createDeviceProfile(TRANSPORT_CONFIGURATION); 167 createDeviceProfile(TRANSPORT_CONFIGURATION);
169 - Device device = createDevice(null, new X509ClientCredentialsConfig(SslUtil.getCertificateString(clientX509CertNotTrusted), endpoint)); 168 + X509ClientCredentials credentials = new X509ClientCredentials();
  169 + credentials.setEndpoint(endpoint);
  170 + credentials.setCert(SslUtil.getCertificateString(clientX509CertNotTrusted));
  171 + Device device = createDevice(credentials);
170 172
171 SingleEntityFilter sef = new SingleEntityFilter(); 173 SingleEntityFilter sef = new SingleEntityFilter();
172 sef.setSingleEntity(device.getId()); 174 sef.setSingleEntity(device.getId());
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/AbstractLwM2MClientCredentials.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/X509ClientCredentialsConfig.java
@@ -13,24 +13,15 @@ @@ -13,24 +13,15 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 -import lombok.AllArgsConstructor;  
19 -import lombok.Data; 18 +import lombok.Getter;
20 import lombok.NoArgsConstructor; 19 import lombok.NoArgsConstructor;
21 -import org.eclipse.leshan.core.SecurityMode; 20 +import lombok.Setter;
22 21
23 -import static org.eclipse.leshan.core.SecurityMode.X509;  
24 -  
25 -@Data 22 +@Getter
  23 +@Setter
26 @NoArgsConstructor 24 @NoArgsConstructor
27 -@AllArgsConstructor  
28 -public class X509ClientCredentialsConfig implements LwM2MClientCredentialsConfig {  
29 - private String cert; 25 +public abstract class AbstractLwM2MClientCredentials implements LwM2MClientCredentials {
30 private String endpoint; 26 private String endpoint;
31 -  
32 - @Override  
33 - public SecurityMode getSecurityConfigClientMode() {  
34 - return X509;  
35 - }  
36 } 27 }
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/HasKey.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/HasKey.java
@@ -13,13 +13,15 @@ @@ -13,13 +13,15 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 -import org.eclipse.leshan.core.util.Hex; 18 +import lombok.SneakyThrows;
  19 +import org.apache.commons.codec.binary.Hex;
19 20
20 -public class HasKey { 21 +public abstract class HasKey extends AbstractLwM2MClientCredentials {
21 private byte[] key; 22 private byte[] key;
22 23
  24 + @SneakyThrows
23 public void setKey(String key) { 25 public void setKey(String key) {
24 if (key != null) { 26 if (key != null) {
25 this.key = Hex.decodeHex(key.toLowerCase().toCharArray()); 27 this.key = Hex.decodeHex(key.toLowerCase().toCharArray());
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/LwM2MClientCredentials.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/LwM2MClientCredentialsConfig.java
@@ -13,25 +13,24 @@ @@ -13,25 +13,24 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 import com.fasterxml.jackson.annotation.JsonIgnore; 18 import com.fasterxml.jackson.annotation.JsonIgnore;
19 -import com.fasterxml.jackson.annotation.JsonIgnoreProperties;  
20 import com.fasterxml.jackson.annotation.JsonSubTypes; 19 import com.fasterxml.jackson.annotation.JsonSubTypes;
21 import com.fasterxml.jackson.annotation.JsonTypeInfo; 20 import com.fasterxml.jackson.annotation.JsonTypeInfo;
22 -import org.eclipse.leshan.core.SecurityMode;  
23 21
24 -@JsonIgnoreProperties(ignoreUnknown = true)  
25 @JsonTypeInfo( 22 @JsonTypeInfo(
26 use = JsonTypeInfo.Id.NAME, 23 use = JsonTypeInfo.Id.NAME,
27 property = "securityConfigClientMode") 24 property = "securityConfigClientMode")
28 @JsonSubTypes({ 25 @JsonSubTypes({
29 - @JsonSubTypes.Type(value = NoSecClientCredentialsConfig.class, name = "NO_SEC"),  
30 - @JsonSubTypes.Type(value = PSKClientCredentialsConfig.class, name = "PSK"),  
31 - @JsonSubTypes.Type(value = RPKClientCredentialsConfig.class, name = "RPK"),  
32 - @JsonSubTypes.Type(value = X509ClientCredentialsConfig.class, name = "X509")})  
33 -public interface LwM2MClientCredentialsConfig { 26 + @JsonSubTypes.Type(value = NoSecClientCredentials.class, name = "NO_SEC"),
  27 + @JsonSubTypes.Type(value = PSKClientCredentials.class, name = "PSK"),
  28 + @JsonSubTypes.Type(value = RPKClientCredentials.class, name = "RPK"),
  29 + @JsonSubTypes.Type(value = X509ClientCredentials.class, name = "X509")})
  30 +public interface LwM2MClientCredentials {
34 31
35 @JsonIgnore 32 @JsonIgnore
36 - SecurityMode getSecurityConfigClientMode(); 33 + LwM2MSecurityMode getSecurityConfigClientMode();
  34 +
  35 + String getEndpoint();
37 } 36 }
  1 +/**
  2 + * Copyright © 2016-2021 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
  17 +
  18 +public enum LwM2MSecurityMode {
  19 + PSK, RPK, X509, NO_SEC;
  20 +}
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/NoSecClientCredentials.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/NoSecClientCredentialsConfig.java
@@ -13,16 +13,12 @@ @@ -13,16 +13,12 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 -import org.eclipse.leshan.core.SecurityMode;  
19 -  
20 -import static org.eclipse.leshan.core.SecurityMode.NO_SEC;  
21 -  
22 -public class NoSecClientCredentialsConfig implements LwM2MClientCredentialsConfig { 18 +public class NoSecClientCredentials extends AbstractLwM2MClientCredentials {
23 19
24 @Override 20 @Override
25 - public SecurityMode getSecurityConfigClientMode() {  
26 - return NO_SEC; 21 + public LwM2MSecurityMode getSecurityConfigClientMode() {
  22 + return LwM2MSecurityMode.NO_SEC;
27 } 23 }
28 } 24 }
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/PSKClientCredentials.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/PSKClientCredentialsConfig.java
@@ -13,20 +13,18 @@ @@ -13,20 +13,18 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 -import lombok.Data;  
19 -import org.eclipse.leshan.core.SecurityMode; 18 +import lombok.Getter;
  19 +import lombok.Setter;
20 20
21 -import static org.eclipse.leshan.core.SecurityMode.PSK;  
22 -  
23 -@Data  
24 -public class PSKClientCredentialsConfig extends HasKey implements LwM2MClientCredentialsConfig { 21 +@Getter
  22 +@Setter
  23 +public class PSKClientCredentials extends HasKey {
25 private String identity; 24 private String identity;
26 - private String endpoint;  
27 25
28 @Override 26 @Override
29 - public SecurityMode getSecurityConfigClientMode() {  
30 - return PSK; 27 + public LwM2MSecurityMode getSecurityConfigClientMode() {
  28 + return LwM2MSecurityMode.PSK;
31 } 29 }
32 } 30 }
common/data/src/main/java/org/thingsboard/server/common/data/device/credentials/lwm2m/RPKClientCredentials.java renamed from common/transport/lwm2m/src/main/java/org/thingsboard/server/transport/lwm2m/secure/credentials/RPKClientCredentialsConfig.java
@@ -13,16 +13,12 @@ @@ -13,16 +13,12 @@
13 * See the License for the specific language governing permissions and 13 * See the License for the specific language governing permissions and
14 * limitations under the License. 14 * limitations under the License.
15 */ 15 */
16 -package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
17 17
18 -import org.eclipse.leshan.core.SecurityMode;  
19 -  
20 -import static org.eclipse.leshan.core.SecurityMode.RPK;  
21 -  
22 -public class RPKClientCredentialsConfig extends HasKey implements LwM2MClientCredentialsConfig { 18 +public class RPKClientCredentials extends HasKey {
23 19
24 @Override 20 @Override
25 - public SecurityMode getSecurityConfigClientMode() {  
26 - return RPK; 21 + public LwM2MSecurityMode getSecurityConfigClientMode() {
  22 + return LwM2MSecurityMode.RPK;
27 } 23 }
28 } 24 }
  1 +/**
  2 + * Copyright © 2016-2021 The Thingsboard Authors
  3 + *
  4 + * Licensed under the Apache License, Version 2.0 (the "License");
  5 + * you may not use this file except in compliance with the License.
  6 + * You may obtain a copy of the License at
  7 + *
  8 + * http://www.apache.org/licenses/LICENSE-2.0
  9 + *
  10 + * Unless required by applicable law or agreed to in writing, software
  11 + * distributed under the License is distributed on an "AS IS" BASIS,
  12 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 + * See the License for the specific language governing permissions and
  14 + * limitations under the License.
  15 + */
  16 +package org.thingsboard.server.common.data.device.credentials.lwm2m;
  17 +
  18 +import lombok.Getter;
  19 +import lombok.Setter;
  20 +
  21 +@Getter
  22 +@Setter
  23 +public class X509ClientCredentials extends AbstractLwM2MClientCredentials {
  24 + private String cert;
  25 +
  26 + @Override
  27 + public LwM2MSecurityMode getSecurityConfigClientMode() {
  28 + return LwM2MSecurityMode.X509;
  29 + }
  30 +}
@@ -17,21 +17,21 @@ package org.thingsboard.server.transport.lwm2m.secure; @@ -17,21 +17,21 @@ package org.thingsboard.server.transport.lwm2m.secure;
17 17
18 import lombok.RequiredArgsConstructor; 18 import lombok.RequiredArgsConstructor;
19 import lombok.extern.slf4j.Slf4j; 19 import lombok.extern.slf4j.Slf4j;
20 -import org.eclipse.leshan.core.SecurityMode;  
21 import org.eclipse.leshan.core.util.SecurityUtil; 20 import org.eclipse.leshan.core.util.SecurityUtil;
22 import org.eclipse.leshan.server.security.SecurityInfo; 21 import org.eclipse.leshan.server.security.SecurityInfo;
23 import org.springframework.stereotype.Component; 22 import org.springframework.stereotype.Component;
24 import org.thingsboard.common.util.JacksonUtil; 23 import org.thingsboard.common.util.JacksonUtil;
25 import org.thingsboard.server.common.data.StringUtils; 24 import org.thingsboard.server.common.data.StringUtils;
  25 +import org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MSecurityMode;
26 import org.thingsboard.server.common.transport.TransportServiceCallback; 26 import org.thingsboard.server.common.transport.TransportServiceCallback;
27 import org.thingsboard.server.common.transport.auth.ValidateDeviceCredentialsResponse; 27 import org.thingsboard.server.common.transport.auth.ValidateDeviceCredentialsResponse;
28 import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceLwM2MCredentialsRequestMsg; 28 import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceLwM2MCredentialsRequestMsg;
29 import org.thingsboard.server.queue.util.TbLwM2mTransportComponent; 29 import org.thingsboard.server.queue.util.TbLwM2mTransportComponent;
30 import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig; 30 import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig;
31 -import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MClientCredentialsConfig; 31 +import org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MClientCredentials;
32 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials; 32 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials;
33 -import org.thingsboard.server.transport.lwm2m.secure.credentials.PSKClientCredentialsConfig;  
34 -import org.thingsboard.server.transport.lwm2m.secure.credentials.RPKClientCredentialsConfig; 33 +import org.thingsboard.server.common.data.device.credentials.lwm2m.PSKClientCredentials;
  34 +import org.thingsboard.server.common.data.device.credentials.lwm2m.RPKClientCredentials;
35 import org.thingsboard.server.transport.lwm2m.server.LwM2mTransportContext; 35 import org.thingsboard.server.transport.lwm2m.server.LwM2mTransportContext;
36 import org.thingsboard.server.transport.lwm2m.server.LwM2mTransportUtil; 36 import org.thingsboard.server.transport.lwm2m.server.LwM2mTransportUtil;
37 37
@@ -97,8 +97,8 @@ public class LwM2mCredentialsSecurityInfoValidator { @@ -97,8 +97,8 @@ public class LwM2mCredentialsSecurityInfoValidator {
97 if (credentials != null) { 97 if (credentials != null) {
98 if (keyValue.equals(LwM2mTransportUtil.LwM2mTypeServer.BOOTSTRAP)) { 98 if (keyValue.equals(LwM2mTransportUtil.LwM2mTypeServer.BOOTSTRAP)) {
99 result.setBootstrapCredentialConfig(credentials.getBootstrap()); 99 result.setBootstrapCredentialConfig(credentials.getBootstrap());
100 - if (SecurityMode.PSK.equals(credentials.getClient().getSecurityConfigClientMode())) {  
101 - PSKClientCredentialsConfig pskClientConfig = (PSKClientCredentialsConfig) credentials.getClient(); 100 + if (LwM2MSecurityMode.PSK.equals(credentials.getClient().getSecurityConfigClientMode())) {
  101 + PSKClientCredentials pskClientConfig = (PSKClientCredentials) credentials.getClient();
102 endpoint = StringUtils.isNotEmpty(pskClientConfig.getEndpoint()) ? pskClientConfig.getEndpoint() : endpoint; 102 endpoint = StringUtils.isNotEmpty(pskClientConfig.getEndpoint()) ? pskClientConfig.getEndpoint() : endpoint;
103 } 103 }
104 result.setEndpoint(endpoint); 104 result.setEndpoint(endpoint);
@@ -130,8 +130,8 @@ public class LwM2mCredentialsSecurityInfoValidator { @@ -130,8 +130,8 @@ public class LwM2mCredentialsSecurityInfoValidator {
130 result.setSecurityMode(NO_SEC); 130 result.setSecurityMode(NO_SEC);
131 } 131 }
132 132
133 - private void createClientSecurityInfoPSK(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentialsConfig clientCredentialsConfig) {  
134 - PSKClientCredentialsConfig pskConfig = (PSKClientCredentialsConfig) clientCredentialsConfig; 133 + private void createClientSecurityInfoPSK(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentials clientCredentialsConfig) {
  134 + PSKClientCredentials pskConfig = (PSKClientCredentials) clientCredentialsConfig;
135 if (StringUtils.isNotEmpty(pskConfig.getIdentity())) { 135 if (StringUtils.isNotEmpty(pskConfig.getIdentity())) {
136 try { 136 try {
137 if (pskConfig.getKey() != null && pskConfig.getKey().length > 0) { 137 if (pskConfig.getKey() != null && pskConfig.getKey().length > 0) {
@@ -149,8 +149,8 @@ public class LwM2mCredentialsSecurityInfoValidator { @@ -149,8 +149,8 @@ public class LwM2mCredentialsSecurityInfoValidator {
149 } 149 }
150 } 150 }
151 151
152 - private void createClientSecurityInfoRPK(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentialsConfig clientCredentialsConfig) {  
153 - RPKClientCredentialsConfig rpkConfig = (RPKClientCredentialsConfig) clientCredentialsConfig; 152 + private void createClientSecurityInfoRPK(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentials clientCredentialsConfig) {
  153 + RPKClientCredentials rpkConfig = (RPKClientCredentials) clientCredentialsConfig;
154 try { 154 try {
155 if (rpkConfig.getKey() != null) { 155 if (rpkConfig.getKey() != null) {
156 PublicKey key = SecurityUtil.publicKey.decode(rpkConfig.getKey()); 156 PublicKey key = SecurityUtil.publicKey.decode(rpkConfig.getKey());
@@ -164,7 +164,7 @@ public class LwM2mCredentialsSecurityInfoValidator { @@ -164,7 +164,7 @@ public class LwM2mCredentialsSecurityInfoValidator {
164 } 164 }
165 } 165 }
166 166
167 - private void createClientSecurityInfoX509(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentialsConfig clientCredentialsConfig) { 167 + private void createClientSecurityInfoX509(EndpointSecurityInfo result, String endpoint, LwM2MClientCredentials clientCredentialsConfig) {
168 result.setSecurityInfo(SecurityInfo.newX509CertInfo(endpoint)); 168 result.setSecurityInfo(SecurityInfo.newX509CertInfo(endpoint));
169 result.setSecurityMode(X509); 169 result.setSecurityMode(X509);
170 } 170 }
@@ -15,7 +15,6 @@ @@ -15,7 +15,6 @@
15 */ 15 */
16 package org.thingsboard.server.transport.lwm2m.secure; 16 package org.thingsboard.server.transport.lwm2m.secure;
17 17
18 -import com.fasterxml.jackson.databind.JsonNode;  
19 import lombok.RequiredArgsConstructor; 18 import lombok.RequiredArgsConstructor;
20 import lombok.extern.slf4j.Slf4j; 19 import lombok.extern.slf4j.Slf4j;
21 import org.eclipse.californium.elements.util.CertPathUtil; 20 import org.eclipse.californium.elements.util.CertPathUtil;
@@ -30,12 +29,12 @@ import org.eclipse.californium.scandium.dtls.HandshakeResultHandler; @@ -30,12 +29,12 @@ import org.eclipse.californium.scandium.dtls.HandshakeResultHandler;
30 import org.eclipse.californium.scandium.dtls.x509.NewAdvancedCertificateVerifier; 29 import org.eclipse.californium.scandium.dtls.x509.NewAdvancedCertificateVerifier;
31 import org.eclipse.californium.scandium.dtls.x509.StaticCertificateVerifier; 30 import org.eclipse.californium.scandium.dtls.x509.StaticCertificateVerifier;
32 import org.eclipse.californium.scandium.util.ServerNames; 31 import org.eclipse.californium.scandium.util.ServerNames;
33 -import org.eclipse.leshan.core.SecurityMode;  
34 import org.springframework.beans.factory.annotation.Value; 32 import org.springframework.beans.factory.annotation.Value;
35 import org.springframework.stereotype.Component; 33 import org.springframework.stereotype.Component;
36 import org.springframework.util.StringUtils; 34 import org.springframework.util.StringUtils;
37 import org.thingsboard.common.util.JacksonUtil; 35 import org.thingsboard.common.util.JacksonUtil;
38 import org.thingsboard.server.common.data.DeviceProfile; 36 import org.thingsboard.server.common.data.DeviceProfile;
  37 +import org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MSecurityMode;
39 import org.thingsboard.server.common.msg.EncryptionUtil; 38 import org.thingsboard.server.common.msg.EncryptionUtil;
40 import org.thingsboard.server.common.transport.TransportService; 39 import org.thingsboard.server.common.transport.TransportService;
41 import org.thingsboard.server.common.transport.TransportServiceCallback; 40 import org.thingsboard.server.common.transport.TransportServiceCallback;
@@ -44,7 +43,7 @@ import org.thingsboard.server.common.transport.util.SslUtil; @@ -44,7 +43,7 @@ import org.thingsboard.server.common.transport.util.SslUtil;
44 import org.thingsboard.server.gen.transport.TransportProtos; 43 import org.thingsboard.server.gen.transport.TransportProtos;
45 import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig; 44 import org.thingsboard.server.transport.lwm2m.config.LwM2MTransportServerConfig;
46 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials; 45 import org.thingsboard.server.transport.lwm2m.secure.credentials.LwM2MCredentials;
47 -import org.thingsboard.server.transport.lwm2m.secure.credentials.X509ClientCredentialsConfig; 46 +import org.thingsboard.server.common.data.device.credentials.lwm2m.X509ClientCredentials;
48 import org.thingsboard.server.transport.lwm2m.server.store.TbLwM2MDtlsSessionStore; 47 import org.thingsboard.server.transport.lwm2m.server.store.TbLwM2MDtlsSessionStore;
49 48
50 import javax.annotation.PostConstruct; 49 import javax.annotation.PostConstruct;
@@ -140,10 +139,10 @@ public class TbLwM2MDtlsCertificateVerifier implements NewAdvancedCertificateVer @@ -140,10 +139,10 @@ public class TbLwM2MDtlsCertificateVerifier implements NewAdvancedCertificateVer
140 ValidateDeviceCredentialsResponse msg = deviceCredentialsResponse[0]; 139 ValidateDeviceCredentialsResponse msg = deviceCredentialsResponse[0];
141 if (msg != null && org.thingsboard.server.common.data.StringUtils.isNotEmpty(msg.getCredentials())) { 140 if (msg != null && org.thingsboard.server.common.data.StringUtils.isNotEmpty(msg.getCredentials())) {
142 LwM2MCredentials credentials = JacksonUtil.fromString(msg.getCredentials(), LwM2MCredentials.class); 141 LwM2MCredentials credentials = JacksonUtil.fromString(msg.getCredentials(), LwM2MCredentials.class);
143 - if(!credentials.getClient().getSecurityConfigClientMode().equals(SecurityMode.X509)){ 142 + if(!credentials.getClient().getSecurityConfigClientMode().equals(LwM2MSecurityMode.X509)){
144 continue; 143 continue;
145 } 144 }
146 - X509ClientCredentialsConfig config = (X509ClientCredentialsConfig) credentials.getClient(); 145 + X509ClientCredentials config = (X509ClientCredentials) credentials.getClient();
147 String certBody = config.getCert(); 146 String certBody = config.getCert();
148 String endpoint = config.getEndpoint(); 147 String endpoint = config.getEndpoint();
149 if (strCert.equals(certBody)) { 148 if (strCert.equals(certBody)) {
@@ -16,10 +16,11 @@ @@ -16,10 +16,11 @@
16 package org.thingsboard.server.transport.lwm2m.secure.credentials; 16 package org.thingsboard.server.transport.lwm2m.secure.credentials;
17 17
18 import lombok.Data; 18 import lombok.Data;
  19 +import org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MClientCredentials;
19 import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2MBootstrapConfig; 20 import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2MBootstrapConfig;
20 21
21 @Data 22 @Data
22 public class LwM2MCredentials { 23 public class LwM2MCredentials {
23 - private LwM2MClientCredentialsConfig client; 24 + private LwM2MClientCredentials client;
24 private LwM2MBootstrapConfig bootstrap; 25 private LwM2MBootstrapConfig bootstrap;
25 } 26 }
@@ -16,7 +16,6 @@ @@ -16,7 +16,6 @@
16 package org.thingsboard.server.dao.device; 16 package org.thingsboard.server.dao.device;
17 17
18 18
19 -import com.fasterxml.jackson.databind.JsonNode;  
20 import com.fasterxml.jackson.databind.node.ObjectNode; 19 import com.fasterxml.jackson.databind.node.ObjectNode;
21 import lombok.extern.slf4j.Slf4j; 20 import lombok.extern.slf4j.Slf4j;
22 import org.hibernate.exception.ConstraintViolationException; 21 import org.hibernate.exception.ConstraintViolationException;
@@ -28,6 +27,9 @@ import org.springframework.util.StringUtils; @@ -28,6 +27,9 @@ import org.springframework.util.StringUtils;
28 import org.thingsboard.common.util.JacksonUtil; 27 import org.thingsboard.common.util.JacksonUtil;
29 import org.thingsboard.server.common.data.Device; 28 import org.thingsboard.server.common.data.Device;
30 import org.thingsboard.server.common.data.device.credentials.BasicMqttCredentials; 29 import org.thingsboard.server.common.data.device.credentials.BasicMqttCredentials;
  30 +import org.thingsboard.server.common.data.device.credentials.lwm2m.LwM2MClientCredentials;
  31 +import org.thingsboard.server.common.data.device.credentials.lwm2m.PSKClientCredentials;
  32 +import org.thingsboard.server.common.data.device.credentials.lwm2m.X509ClientCredentials;
31 import org.thingsboard.server.common.data.id.DeviceId; 33 import org.thingsboard.server.common.data.id.DeviceId;
32 import org.thingsboard.server.common.data.id.EntityId; 34 import org.thingsboard.server.common.data.id.EntityId;
33 import org.thingsboard.server.common.data.id.TenantId; 35 import org.thingsboard.server.common.data.id.TenantId;
@@ -133,7 +135,6 @@ public class DeviceCredentialsServiceImpl extends AbstractEntityService implemen @@ -133,7 +135,6 @@ public class DeviceCredentialsServiceImpl extends AbstractEntityService implemen
133 deviceCredentials.setCredentialsValue(JacksonUtil.toString(mqttCredentials)); 135 deviceCredentials.setCredentialsValue(JacksonUtil.toString(mqttCredentials));
134 } 136 }
135 137
136 -  
137 private void formatCertData(DeviceCredentials deviceCredentials) { 138 private void formatCertData(DeviceCredentials deviceCredentials) {
138 String cert = EncryptionUtil.trimNewLines(deviceCredentials.getCredentialsValue()); 139 String cert = EncryptionUtil.trimNewLines(deviceCredentials.getCredentialsValue());
139 String sha3Hash = EncryptionUtil.getSha3Hash(cert); 140 String sha3Hash = EncryptionUtil.getSha3Hash(cert);
@@ -142,18 +143,48 @@ public class DeviceCredentialsServiceImpl extends AbstractEntityService implemen @@ -142,18 +143,48 @@ public class DeviceCredentialsServiceImpl extends AbstractEntityService implemen
142 } 143 }
143 144
144 private void formatSimpleLwm2mCredentials(DeviceCredentials deviceCredentials) { 145 private void formatSimpleLwm2mCredentials(DeviceCredentials deviceCredentials) {
145 - ObjectNode json = JacksonUtil.fromString(deviceCredentials.getCredentialsValue(), ObjectNode.class);  
146 - JsonNode client = json.get("client");  
147 - if (client != null && client.get("securityConfigClientMode").asText().equals("X509") && client.has("cert")) {  
148 - JsonNode certJson = client.get("cert");  
149 - if (!certJson.isNull()) {  
150 - String cert = EncryptionUtil.trimNewLines(certJson.asText());  
151 - String sha3Hash = EncryptionUtil.getSha3Hash(cert);  
152 - deviceCredentials.setCredentialsId(sha3Hash);  
153 - ((ObjectNode) client).put("cert", cert);  
154 - deviceCredentials.setCredentialsValue(JacksonUtil.toString(json)); 146 + LwM2MClientCredentials clientCredentials;
  147 + ObjectNode json;
  148 + try {
  149 + json = JacksonUtil.fromString(deviceCredentials.getCredentialsValue(), ObjectNode.class);
  150 + if (json == null) {
  151 + throw new IllegalArgumentException();
155 } 152 }
  153 + clientCredentials = JacksonUtil.convertValue(json.get("client"), LwM2MClientCredentials.class);
  154 + if (clientCredentials == null) {
  155 + throw new IllegalArgumentException();
  156 + }
  157 + } catch (IllegalArgumentException e) {
  158 + throw new DataValidationException("Invalid credentials body for LwM2M credentials!");
  159 + }
  160 +
  161 + String credentialsId;
  162 +
  163 + switch (clientCredentials.getSecurityConfigClientMode()) {
  164 + case NO_SEC:
  165 + case RPK:
  166 + credentialsId = clientCredentials.getEndpoint();
  167 + break;
  168 + case PSK:
  169 + credentialsId = ((PSKClientCredentials) clientCredentials).getIdentity();
  170 + break;
  171 + case X509:
  172 + X509ClientCredentials x509Config = (X509ClientCredentials) clientCredentials;
  173 + if (x509Config.getCert() != null) {
  174 + String cert = EncryptionUtil.trimNewLines(x509Config.getCert());
  175 + String sha3Hash = EncryptionUtil.getSha3Hash(cert);
  176 + x509Config.setCert(cert);
  177 + ((ObjectNode) json.get("client")).put("cert", cert);
  178 + deviceCredentials.setCredentialsValue(JacksonUtil.toString(json));
  179 + credentialsId = sha3Hash;
  180 + } else {
  181 + credentialsId = x509Config.getEndpoint();
  182 + }
  183 + break;
  184 + default:
  185 + throw new DataValidationException("Invalid credentials body for LwM2M credentials!");
156 } 186 }
  187 + deviceCredentials.setCredentialsId(credentialsId);
157 } 188 }
158 189
159 @Override 190 @Override