Develop/lwm2m (#3826)

* LwM2M - Start transport

* LwM2M - Test endpoint

* LwM2M - Test endpoint

* LwM2M - Test add xml

* LwM2M device registration

* LwM2M - add get from client, add attributes and telemetry upgrade from registration client

* LwM2M - add get from client, add attributes and telemetry upgrade from registration client

* LwM2M implementation

* LwM2M - add to service telemetry and attribute

* LwM2M add to service attribute and telemetry

* LwM2M - add LWM2M_CREDENTIALS to DeviceCredentialsType

* LwM2M - add LWM2M_CREDENTIALS to DeviceCredentialsType

* LwM2M - add transport.process

* LwM2M - delete from yml tenantid, PSK -ok

* LwM2M - yml del tenantId

* LwM2M - add RPK

* LwM2M - add connect only x509 certificate. Crate certificates in serverKeyStore.jks and clientKeyStore.jks

* LwM2M - add no_sec

* LwM2M - add RPK & PSK integration test with app Client

* LwM2M - add RPK & PSK integration test with app Client

* LwM2M - add read JKS from file

* LwM2M - add read JKS from file

* LwM2M - add bootstrap cert

* LwM2M - add bootstrap RPK

* LwM2M - add bootstrap No_sec

* LwM2M - cleaned the code

* LwM2M - add to 3.0 in UI credentials lwm2m

* LwM2M - add to 3.0 in UI credentials lwm2m

* LwM2M - add to 3.0 in UI credentials lwm2m

* LwM2M - fix bug CoAP transport

* LwM2M: UI - add Json to credentials

* LwM2M: Back - add command "/3/0/5" - trigger client

* LwM2M: fix bug Json edit dialog

* LwM2M: fix bug Json edit dialog

* lwm2m: fix bug Json edit dialog: add validate

* lwm2m: UI add tabs

* lwm2m: UI add tabs (cleaner)

* lwm2m: add interface SecurityConfigModels

* lwm2m: add interface SecurityConfigModels2

* lwm2m: change html

* lwm2m: UI add bootstrap component

* lwm2m: UI add bootstrap component with FormControl

* lwm2m: UI add start Observe

* lwm2m: UI - correct

* lwm2m: UI - correct

* lwm2m: UI - add Validator: BS RPK, X509

* lwm2m: UI - add Observe

* lwm2m: UI - finish Observe

* lwm2m: UI - fix bug config-service update identity

* lwm2m: Bootstarp&Sewrver All config secure

* lwm2m: Bootstarp&Sewrver All config secure for new Front format

* lwm2m: Bootstarp&Sewrver Different config secure for new Front format

* lwm2m: Add attributes Gui and Backend

* lwm2m: Add attributes Gui and Backend final

* lwm2m: Add telemetrys to Gui

* lwm2m: Add Attribute & telemetry in Gui to instance

* lwm2m: Optimize Attr/Telemetry

* lwm2m: Optimize Attr/Telemetry

* lwm2m: Optimize Attr/Telemetry

* lwm2m: Optimize Attr/Telemetry for mobile

* lwm2m: Model folder

* lwm2m: Ok on AWS: NoSec, PSK, X509
bad registration - RPK

* lwm2m: KeyStore start only one

* lwm2m: Server observe ok

* lwm2m: Server fix bug finish session without remove

* lwm2m: Server add function installValue

* lwm2m: Server add function getAttrTelemetry to tingsboard

* lwm2m: Server add function installValue

* lwm2m: Server add function update Telemetry, Attr from observe

* lwm2m: Server add comments

* lwm2m: Server add session listener

* lwm2m: Server add onGetChangeCredentials with analyze

* lwm2m: Server add onGetChangeCredentials with analyze Onserve add

* lwm2m: Server: updated algorithm for analyzing dynamic changes in attributes / telemetry / observation

* lwm2m: fix bug:  "ngx-flowchart" compile

* lwm2m: get value resource OPAQUE - byte [] to HexString

* lwm2m: change path to base

* lwm2m: fix bug COAP & lwm2m

* Lwm2m_3_2: back: cleaner, test bootstrap-ok front: restore

* Lwm2m_3_2: back: del SynchronousRegistrationListener.java

* Lwm2m_3_2: front: start profile lwm2m UI

* Lwm2m_3_2: front&back: add to profile lwm2m (api, getModels...)

* Lwm2m_3_2: back: fix bug from commented front: add update change observe/attribute/telemetry to config json

* Lwm2m_3_2: back: fix bug from commented front: add update change observe/attribute/telemetry to config json (2)

* Lwm2m_3_2: back: fix bug from commented front: add update change observe/attribute/telemetry to config json (3)

* Lwm2m_3_2: back: fix bug from commented front: add update change observe/attribute/telemetry to config json (4)

* Lwm2m_3_2: front: add update change bootstrapConfig and save to config json

* Lwm2m_3_2: update after merge master

* lwm2m: fix bug proto

* lwm2m: fix bug in yml keyStore.jks

* lwm2m: fix bug tests

* lwm2m: front: add nameThingsboard

* lwm2m: fix bug Autowired lwm2mContext, caseCamel

* lwm2m: back-end^ start api /lwm2m/deviceProfile/bootstrap

* lwm2m: back-end: add method read models from resources

* lwm2m: back-end/front: add and finish api bootstrapConfig

* lwm2m: back-end: add decode profile

* lwm2m: back-end: add new bin in transport api

* lwm2m: add microservice lwm2m and docker lwm2m.

* lwm2m: add microservice lwm2m and docker lwm2m (fix bug)

* lwm2m: front: start fix bug disabled resources

* lwm2m: master to lwm2m merge, front add change attribute, telemetry

* lwm2m: front PR

* lwm2m: front add sort keyName to Json on the start

* lwm2m: front add instances

* lwm2m: front add/del instances FormGrp Value

* lwm2m: Merge remote-tracking branch 'origin/master' into develop/lwm2m
# Conflicts:
#	common/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttTransportHandler.java
#	common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/SessionMsgListener.java
#	ui-ngx/src/app/modules/home/components/home-components.module.ts

* lwm2m: Merge remote-tracking branch 'origin/master' into develop/lwm2m

* lwm2m: Front: del sort after add/del instance

* lwm2m: Front: fix bug reindex FormArray after update

* Lwm2m: Front fix bug add/del instans

* Lwm2m: Front finish1 profile

* Lwm2m: Back add profile to ModelClient

* Lwm2m: Back add form profile sent thingsboard: attr/tel/observe

* Lwm2m: Back -> fix bug: serverKeyStore.jks] Unable to load KeyStore  files server

* Lwm2m: Back -> fix bug: onRegistered an unReg

* Lwm2m: Back -> add updateProfiles

* Lwm2m: Back -> add updateDevice and updateProfile dynamic

* Lwm2m: Back -> error if CoapCode not access

* Lwm2m: Front -> clear credential

* Lwm2m: Front ->  credential fix bug button "save"

* Lwm2m: Back ->  add telemetry logLwm2m

Co-authored-by: nickAS21 <nick@avalr.com.ua>

@@ -86,6 +86,10 @@
             <artifactId>coap</artifactId>
         </dependency>
         <dependency>
+            <groupId>org.thingsboard.common.transport</groupId>
+            <artifactId>lwm2m</artifactId>
+        </dependency>
+        <dependency>
             <groupId>org.thingsboard</groupId>
             <artifactId>dao</artifactId>
         </dependency>

@@ -62,7 +62,7 @@ public class DeviceActor extends ContextAwareActor {
                 processor.processAttributesUpdate(ctx, (DeviceAttributesEventNotificationMsg) msg);
                 break;
             case DEVICE_CREDENTIALS_UPDATE_TO_DEVICE_ACTOR_MSG:
-                processor.processCredentialsUpdate();
+                processor.processCredentialsUpdate(msg);
                 break;
             case DEVICE_NAME_OR_TYPE_UPDATE_TO_DEVICE_ACTOR_MSG:
                 processor.processNameOrTypeUpdate((DeviceNameOrTypeUpdateMsg) msg);

@@ -24,6 +24,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.collections.CollectionUtils;
 import org.thingsboard.rule.engine.api.RpcError;
 import org.thingsboard.rule.engine.api.msg.DeviceAttributesEventNotificationMsg;
+import org.thingsboard.rule.engine.api.msg.DeviceCredentialsUpdateNotificationMsg;
 import org.thingsboard.rule.engine.api.msg.DeviceNameOrTypeUpdateMsg;
 import org.thingsboard.server.actors.ActorSystemContext;
 import org.thingsboard.server.actors.TbActorCtx;
@@ -36,6 +37,9 @@ import org.thingsboard.server.common.data.kv.AttributeKey;
 import org.thingsboard.server.common.data.kv.AttributeKvEntry;
 import org.thingsboard.server.common.data.kv.KvEntry;
 import org.thingsboard.server.common.data.rpc.ToDeviceRpcRequestBody;
+import org.thingsboard.server.common.data.security.DeviceCredentials;
+import org.thingsboard.server.common.data.security.DeviceCredentialsType;
+import org.thingsboard.server.common.msg.TbActorMsg;
 import org.thingsboard.server.common.msg.TbMsgMetaData;
 import org.thingsboard.server.common.msg.queue.TbCallback;
 import org.thingsboard.server.common.msg.rpc.ToDeviceRpcRequest;
@@ -61,6 +65,7 @@ import org.thingsboard.server.gen.transport.TransportProtos.ToDeviceRpcResponseM
 import org.thingsboard.server.gen.transport.TransportProtos.ToServerRpcResponseMsg;
 import org.thingsboard.server.gen.transport.TransportProtos.ToTransportMsg;
 import org.thingsboard.server.gen.transport.TransportProtos.TransportToDeviceActorMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.ToTransportUpdateCredentialsProto;
 import org.thingsboard.server.gen.transport.TransportProtos.TsKvProto;
 import org.thingsboard.server.service.rpc.FromDeviceRpcResponse;
 import org.thingsboard.server.service.rpc.ToDeviceRpcRequestActorMsg;
@@ -450,11 +455,19 @@ class DeviceActorMessageProcessor extends AbstractContextAwareMsgProcessor {
         dumpSessions();
     }
 
-    void processCredentialsUpdate() {
-        sessions.forEach(this::notifyTransportAboutClosedSession);
-        attributeSubscriptions.clear();
-        rpcSubscriptions.clear();
-        dumpSessions();
+    void processCredentialsUpdate(TbActorMsg msg) {
+        if (((DeviceCredentialsUpdateNotificationMsg) msg).getDeviceCredentials().getCredentialsType() == DeviceCredentialsType.LWM2M_CREDENTIALS) {
+            log.info("1) LwM2Mtype: ");
+            sessions.forEach((k, v) -> {
+                notifyTransportAboutProfileUpdate(k, v, ((DeviceCredentialsUpdateNotificationMsg) msg).getDeviceCredentials());
+            });
+        } else {
+            sessions.forEach(this::notifyTransportAboutClosedSession);
+            attributeSubscriptions.clear();
+            rpcSubscriptions.clear();
+            dumpSessions();
+
+        }
     }
 
     private void notifyTransportAboutClosedSession(UUID sessionId, SessionInfoMetaData sessionMd) {
@@ -465,6 +478,18 @@ class DeviceActorMessageProcessor extends AbstractContextAwareMsgProcessor {
         systemContext.getTbCoreToTransportService().process(sessionMd.getSessionInfo().getNodeId(), msg);
     }
 
+    void notifyTransportAboutProfileUpdate(UUID sessionId, SessionInfoMetaData sessionMd, DeviceCredentials deviceCredentials) {
+        log.info("2) LwM2Mtype: ");
+        TransportProtos.ToTransportUpdateCredentialsProto.Builder notification = TransportProtos.ToTransportUpdateCredentialsProto.newBuilder();
+        notification.addCredentialsId(deviceCredentials.getCredentialsId());
+        notification.addCredentialsValue(deviceCredentials.getCredentialsValue());
+        ToTransportMsg msg = ToTransportMsg.newBuilder()
+                .setSessionIdMSB(sessionId.getMostSignificantBits())
+                .setSessionIdLSB(sessionId.getLeastSignificantBits())
+                .setToTransportUpdateCredentialsNotification(notification).build();
+        systemContext.getTbCoreToTransportService().process(sessionMd.getSessionInfo().getNodeId(), msg);
+    }
+
     void processNameOrTypeUpdate(DeviceNameOrTypeUpdateMsg msg) {
         this.deviceName = msg.getDeviceName();
         this.deviceType = msg.getDeviceType();

@@ -92,6 +92,7 @@ import org.thingsboard.server.queue.discovery.PartitionService;
 import org.thingsboard.server.queue.provider.TbQueueProducerProvider;
 import org.thingsboard.server.queue.util.TbCoreComponent;
 import org.thingsboard.server.service.component.ComponentDiscoveryService;
+import org.thingsboard.server.service.lwm2m.LwM2MModelsRepository;
 import org.thingsboard.server.service.profile.TbDeviceProfileCache;
 import org.thingsboard.server.dao.tenant.TbTenantProfileCache;
 import org.thingsboard.server.service.queue.TbClusterService;
@@ -211,6 +212,9 @@ public abstract class BaseController {
     @Autowired
     protected TbDeviceProfileCache deviceProfileCache;
 
+    @Autowired
+    protected LwM2MModelsRepository lwM2MModelsRepository;
+
     @Value("${server.log_controller_error_stack_trace}")
     @Getter
     private boolean logControllerErrorStackTrace;

@@ -278,9 +278,8 @@ public class DeviceController extends BaseController {
         try {
             Device device = checkDeviceId(deviceCredentials.getDeviceId(), Operation.WRITE_CREDENTIALS);
             DeviceCredentials result = checkNotNull(deviceCredentialsService.updateDeviceCredentials(getCurrentUser().getTenantId(), deviceCredentials));
-
-            tbClusterService.pushMsgToCore(new DeviceCredentialsUpdateNotificationMsg(getCurrentUser().getTenantId(), deviceCredentials.getDeviceId()), null);
-
+            //log.info("0 LwM2M CredentialsUpdate start)
+            tbClusterService.pushMsgToCore(new DeviceCredentialsUpdateNotificationMsg(getCurrentUser().getTenantId(), deviceCredentials.getDeviceId(), result), null);
             logEntityAction(device.getId(), device,
                     device.getCustomerId(),
                     ActionType.CREDENTIALS_UPDATED, null, deviceCredentials);

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.controller;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.web.bind.annotation.*;
+import org.thingsboard.server.common.data.exception.ThingsboardException;
+import org.thingsboard.server.common.data.lwm2m.LwM2mObject;
+import org.thingsboard.server.common.data.lwm2m.ServerSecurityConfig;
+import org.thingsboard.server.common.data.page.PageData;
+import org.thingsboard.server.common.data.page.PageLink;
+import org.thingsboard.server.queue.util.TbCoreComponent;
+
+import java.util.List;
+
+@Slf4j
+@RestController
+@TbCoreComponent
+@RequestMapping("/api")
+public class DeviceLwm2mController extends BaseController {
+
+
+    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
+    @RequestMapping(value = "/lwm2m/deviceProfile/{objectIds}", method = RequestMethod.GET)
+    @ResponseBody
+    public List<LwM2mObject> getLwm2mListObjects(@PathVariable("objectIds") int[] objectIds) throws ThingsboardException {
+        try {
+            return lwM2MModelsRepository.getLwm2mObjects(objectIds, null);
+        } catch (Exception e) {
+            throw handleException(e);
+        }
+    }
+
+    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
+    @RequestMapping(value = "/lwm2m/deviceProfile/objects", params = {"pageSize", "page"}, method = RequestMethod.GET)
+    @ResponseBody
+    public PageData<LwM2mObject> getLwm2mListObjects(@RequestParam int pageSize,
+                                                     @RequestParam int page,
+                                                     @RequestParam(required = false) String textSearch,
+                                                     @RequestParam(required = false) String sortProperty,
+                                                     @RequestParam(required = false) String sortOrder) throws ThingsboardException {
+        try {
+            PageLink pageLink = createPageLink(pageSize, page, textSearch, sortProperty, sortOrder);
+            return checkNotNull(lwM2MModelsRepository.findDeviceLwm2mObjects(getTenantId(), pageLink));
+        } catch (Exception e) {
+            throw handleException(e);
+        }
+    }
+
+    @PreAuthorize("hasAnyAuthority('TENANT_ADMIN', 'CUSTOMER_USER')")
+    @RequestMapping(value = "/lwm2m/deviceProfile/bootstrap/{securityMode}/{bootstrapServerIs}", method = RequestMethod.GET)
+    @ResponseBody
+    public ServerSecurityConfig getLwm2mBootstrapSecurityInfo(@PathVariable("securityMode") String securityMode,
+                                                              @PathVariable("bootstrapServerIs") boolean bootstrapServerIs) throws ThingsboardException {
+        try {
+            return lwM2MModelsRepository.getBootstrapSecurityInfo(securityMode, bootstrapServerIs);
+        } catch (Exception e) {
+            throw handleException(e);
+        }
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.service.lwm2m;
+
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.model.ObjectModel;
+import org.eclipse.leshan.core.util.Hex;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.data.domain.PageImpl;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.common.data.lwm2m.*;
+import org.thingsboard.server.common.data.id.TenantId;
+import org.thingsboard.server.common.data.page.PageData;
+import org.thingsboard.server.common.data.page.PageLink;
+import org.thingsboard.server.common.transport.lwm2m.LwM2MTransportConfigBootstrap;
+import org.thingsboard.server.common.transport.lwm2m.LwM2MTransportConfigServer;
+import org.thingsboard.server.dao.service.Validator;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+
+import java.math.BigInteger;
+import java.security.*;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.ECPoint;
+import java.security.spec.KeySpec;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
+import static org.thingsboard.server.dao.service.Validator.validateId;
+
+@Slf4j
+@Service
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true') || '${service.type:null}'=='monolith' || '${service.type:null}'=='tb-core'")
+public class LwM2MModelsRepository {
+
+    private static final String INCORRECT_TENANT_ID = "Incorrect tenantId ";
+
+    @Autowired
+    LwM2MTransportConfigServer contextServer;
+
+
+    @Autowired
+    LwM2MTransportConfigBootstrap contextBootStrap;
+
+    /**
+     * @param objectIds
+     * @param textSearch
+     * @return list of LwM2mObject
+     * Filter by Predicate (uses objectIds, if objectIds is null then it uses textSearch,
+     * if textSearch is null then it uses AllList from  List<ObjectModel>)
+     */
+    public List<LwM2mObject> getLwm2mObjects(int[] objectIds, String textSearch) {
+        return getLwm2mObjects((objectIds != null && objectIds.length > 0) ?
+                (ObjectModel element) -> IntStream.of(objectIds).anyMatch(x -> x == element.id) :
+                (textSearch != null && !textSearch.isEmpty()) ? (ObjectModel element) -> element.name.contains(textSearch) : null);
+    }
+
+    /**
+     * @param predicate
+     * @return list of LwM2mObject
+     */
+    private List<LwM2mObject> getLwm2mObjects(Predicate<? super ObjectModel> predicate) {
+        List<LwM2mObject> lwM2mObjects = new ArrayList<>();
+        List<ObjectModel> listObjects = (predicate == null) ? this.contextServer.getModelsValue() :
+                contextServer.getModelsValue().stream()
+                        .filter(predicate)
+                        .collect(Collectors.toList());
+        listObjects.forEach(obj -> {
+            LwM2mObject lwM2mObject = new LwM2mObject();
+            lwM2mObject.setId(obj.id);
+            lwM2mObject.setName(obj.name);
+            lwM2mObject.setMultiple(obj.multiple);
+            lwM2mObject.setMandatory(obj.mandatory);
+            LwM2mInstance instance = new LwM2mInstance();
+            instance.setId(0);
+            List<LwM2mResource> resources = new ArrayList<>();
+            obj.resources.forEach((k, v) -> {
+                if (!v.operations.isExecutable()) {
+                    LwM2mResource resource = new LwM2mResource(k, v.name, false, false, false);
+                    resources.add(resource);
+                }
+            });
+            instance.setResources(resources.stream().toArray(LwM2mResource[]::new));
+            lwM2mObject.setInstances(new LwM2mInstance[]{instance});
+            lwM2mObjects.add(lwM2mObject);
+        });
+        return lwM2mObjects;
+    }
+
+    /**
+     * @param tenantId
+     * @param pageLink
+     * @return List of LwM2mObject in PageData format
+     */
+    public PageData<LwM2mObject> findDeviceLwm2mObjects(TenantId tenantId, PageLink pageLink) {
+        log.trace("Executing findDeviceProfileInfos tenantId [{}], pageLink [{}]", tenantId, pageLink);
+        validateId(tenantId, INCORRECT_TENANT_ID + tenantId);
+        Validator.validatePageLink(pageLink);
+        return this.findLwm2mListObjects(pageLink);
+    }
+
+    /**
+     * @param pageLink
+     * @return List of LwM2mObject in PageData format, filter == TextSearch
+     * PageNumber = 1, PageSize = List<LwM2mObject>.size()
+     */
+    public PageData<LwM2mObject> findLwm2mListObjects(PageLink pageLink) {
+        PageImpl page = new PageImpl(getLwm2mObjects(null, pageLink.getTextSearch()));
+        PageData pageData = new PageData(page.getContent(), page.getTotalPages(), page.getTotalElements(), page.hasNext());
+        return pageData;
+    }
+
+    /**
+     *
+     * @param securityMode
+     * @param bootstrapServerIs
+     * @return ServerSecurityConfig more value is default: Important - port, host, publicKey
+     */
+    public ServerSecurityConfig getBootstrapSecurityInfo(String securityMode, boolean bootstrapServerIs) {
+        LwM2MSecurityMode lwM2MSecurityMode = LwM2MSecurityMode.fromSecurityMode(securityMode.toLowerCase());
+        return getBootstrapServer(bootstrapServerIs, lwM2MSecurityMode);
+    }
+
+    /**
+     *
+     * @param bootstrapServerIs
+     * @param mode
+     * @return ServerSecurityConfig more value is default: Important - port, host, publicKey
+     */
+    private ServerSecurityConfig getBootstrapServer(boolean bootstrapServerIs, LwM2MSecurityMode mode) {
+        ServerSecurityConfig bsServ = new ServerSecurityConfig();
+        if (bootstrapServerIs) {
+            switch (mode) {
+                case NO_SEC:
+                    bsServ.setHost(contextBootStrap.getBootstrapHost());
+                    bsServ.setPort(contextBootStrap.getBootstrapPort());
+                    bsServ.setServerPublicKey("");
+                    break;
+                case PSK:
+                    bsServ.setHost(contextBootStrap.getBootstrapSecureHost());
+                    bsServ.setPort(contextBootStrap.getBootstrapSecurePort());
+                    bsServ.setServerPublicKey("");
+                    break;
+                case RPK:
+                    bsServ.setHost(contextBootStrap.getBootstrapSecureHost());
+                    bsServ.setPort(contextBootStrap.getBootstrapSecurePort());
+                    bsServ.setServerPublicKey(getRPKPublicKey(this.contextBootStrap.getBootstrapPublicX(), this.contextBootStrap.getBootstrapPublicY()));
+                    break;
+                case X509:
+                    bsServ.setHost(contextBootStrap.getBootstrapSecureHost());
+                    bsServ.setPort(contextBootStrap.getBootstrapSecurePortCert());
+                    bsServ.setServerPublicKey(getServerPublicKeyX509(contextBootStrap.getBootstrapAlias()));
+                    break;
+                default:
+                    break;
+            }
+        } else {
+            bsServ.setBootstrapServerIs(bootstrapServerIs);
+            bsServ.setServerId(123);
+            switch (mode) {
+                case NO_SEC:
+                    bsServ.setHost(contextServer.getServerHost());
+                    bsServ.setPort(contextServer.getServerPort());
+                    bsServ.setServerPublicKey("");
+                    break;
+                case PSK:
+                    bsServ.setHost(contextServer.getServerSecureHost());
+                    bsServ.setPort(contextServer.getServerSecurePort());
+                    bsServ.setServerPublicKey("");
+                    break;
+                case RPK:
+                    bsServ.setHost(contextServer.getServerSecureHost());
+                    bsServ.setPort(contextServer.getServerSecurePort());
+                    bsServ.setServerPublicKey(getRPKPublicKey(this.contextServer.getServerPublicX(), this.contextServer.getServerPublicY()));
+                    break;
+                case X509:
+                    bsServ.setHost(contextServer.getServerSecureHost());
+                    bsServ.setPort(contextServer.getServerSecurePortCert());
+                    bsServ.setServerPublicKey(getServerPublicKeyX509(contextServer.getServerAlias()));
+                    break;
+                default:
+                    break;
+            }
+        }
+        return bsServ;
+    }
+
+    /**
+     *
+     * @param alias
+     * @return PublicKey format HexString or null
+     */
+    private String getServerPublicKeyX509 (String alias) {
+        try {
+            X509Certificate  serverCertificate = (X509Certificate) contextServer.getKeyStoreValue().getCertificate(alias);
+            return  Hex.encodeHexString(serverCertificate.getEncoded());
+        } catch (CertificateEncodingException | KeyStoreException e) {
+            e.printStackTrace();
+        }
+        return  null;
+    }
+
+    /**
+     *
+     * @param publicServerX
+     * @param publicServerY
+     * @return  PublicKey format HexString or null
+     */
+    private String getRPKPublicKey(String publicServerX, String publicServerY) {
+        try {
+            /** Get Elliptic Curve Parameter spec for secp256r1 */
+            AlgorithmParameters algoParameters = AlgorithmParameters.getInstance("EC");
+            algoParameters.init(new ECGenParameterSpec("secp256r1"));
+            ECParameterSpec parameterSpec = algoParameters.getParameterSpec(ECParameterSpec.class);
+            if (publicServerX != null && !publicServerX.isEmpty() && publicServerY != null && !publicServerY.isEmpty()) {
+                /** Get point values */
+                byte[] publicX = Hex.decodeHex(publicServerX.toCharArray());
+                byte[] publicY = Hex.decodeHex(publicServerY.toCharArray());
+                /** Create key specs */
+                KeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(new BigInteger(publicX), new BigInteger(publicY)),
+                        parameterSpec);
+                /** Get keys */
+                PublicKey  publicKey = KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
+                if (publicKey != null && publicKey.getEncoded().length > 0 ) {
+                   return Hex.encodeHexString(publicKey.getEncoded());
+                }
+            }
+        } catch (GeneralSecurityException | IllegalArgumentException e) {
+            log.error("[{}] Failed generate Server RPK for profile", e.getMessage());
+            throw new RuntimeException(e);
+        }
+        return null;
+    }
+}
+

@@ -53,6 +53,8 @@ public class DefaultDeviceAuthService implements DeviceAuthService {
                         return DeviceAuthResult.of(credentials.getDeviceId());
                     case X509_CERTIFICATE:
                         return DeviceAuthResult.of(credentials.getDeviceId());
+                    case LWM2M_CREDENTIALS:
+                        return DeviceAuthResult.of(credentials.getDeviceId());
                     default:
                         return DeviceAuthResult.of("Credentials Type is not supported yet!");
                 }
@@ -65,4 +67,4 @@ public class DefaultDeviceAuthService implements DeviceAuthService {
         }
     }
 
-}
\ No newline at end of file
+}

@@ -201,6 +201,7 @@ public class DefaultTelemetrySubscriptionService extends AbstractSubscriptionSer
     }
 
     @Override
+
     public void saveAndNotify(TenantId tenantId, EntityId entityId, String scope, List<AttributeKvEntry> attributes, FutureCallback<Void> callback) {
         saveAndNotify(tenantId, entityId, scope, attributes, true, callback);
     }

@@ -69,6 +69,7 @@ import org.thingsboard.server.gen.transport.TransportProtos.TransportApiResponse
 import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceCredentialsResponseMsg;
 import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceTokenRequestMsg;
 import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceX509CertRequestMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceLwM2MCredentialsRequestMsg;
 import org.thingsboard.server.queue.common.TbProtoQueueMsg;
 import org.thingsboard.server.queue.util.TbCoreComponent;
 import org.thingsboard.server.dao.device.provision.ProvisionFailedException;
@@ -149,6 +150,13 @@ public class DefaultTransportApiService implements TransportApiService {
         } else if (transportApiRequestMsg.hasEntityProfileRequestMsg()) {
             return Futures.transform(handle(transportApiRequestMsg.getEntityProfileRequestMsg()),
                     value -> new TbProtoQueueMsg<>(tbProtoQueueMsg.getKey(), value, tbProtoQueueMsg.getHeaders()), MoreExecutors.directExecutor());
+        } else if (transportApiRequestMsg.hasLwM2MRequestMsg()) {
+            return Futures.transform(handle(transportApiRequestMsg.getLwM2MRequestMsg()),
+                    value -> new TbProtoQueueMsg<>(tbProtoQueueMsg.getKey(), value, tbProtoQueueMsg.getHeaders()), MoreExecutors.directExecutor());
+        } else if (transportApiRequestMsg.hasValidateDeviceLwM2MCredentialsRequestMsg()) {
+            ValidateDeviceLwM2MCredentialsRequestMsg msg = transportApiRequestMsg.getValidateDeviceLwM2MCredentialsRequestMsg();
+            return Futures.transform(validateCredentials(msg.getCredentialsId(), DeviceCredentialsType.LWM2M_CREDENTIALS),
+                    value -> new TbProtoQueueMsg<>(tbProtoQueueMsg.getKey(), value, tbProtoQueueMsg.getHeaders()), MoreExecutors.directExecutor());
         } else if (transportApiRequestMsg.hasProvisionDeviceRequestMsg()) {
             return Futures.transform(handle(transportApiRequestMsg.getProvisionDeviceRequestMsg()),
                     value -> new TbProtoQueueMsg<>(tbProtoQueueMsg.getKey(), value, tbProtoQueueMsg.getHeaders()), MoreExecutors.directExecutor());
@@ -396,4 +404,40 @@ public class DefaultTransportApiService implements TransportApiService {
         return TransportApiResponseMsg.newBuilder()
                 .setValidateCredResponseMsg(ValidateDeviceCredentialsResponseMsg.getDefaultInstance()).build();
     }
+
+    private ListenableFuture<TransportApiResponseMsg> handle(TransportProtos.LwM2MRequestMsg requestMsg) {
+        if (requestMsg.hasRegistrationMsg()) {
+            return handleRegistration(requestMsg.getRegistrationMsg());
+        } else {
+            return Futures.immediateFailedFuture(new RuntimeException("Not supported!"));
+        }
+    }
+
+    private ListenableFuture<TransportApiResponseMsg> handleRegistration(TransportProtos.LwM2MRegistrationRequestMsg msg) {
+        TenantId tenantId = new TenantId(UUID.fromString(msg.getTenantId()));
+        String deviceName = msg.getEndpoint();
+        Lock deviceCreationLock = deviceCreationLocks.computeIfAbsent(deviceName, id -> new ReentrantLock());
+        deviceCreationLock.lock();
+        try {
+            Device device = deviceService.findDeviceByTenantIdAndName(tenantId, deviceName);
+            if (device == null) {
+                device = new Device();
+                device.setTenantId(tenantId);
+                device.setName(deviceName);
+                device.setType("LwM2M");
+                device = deviceService.saveDevice(device);
+                deviceStateService.onDeviceAdded(device);
+            }
+            TransportProtos.LwM2MRegistrationResponseMsg registrationResponseMsg =
+                    TransportProtos.LwM2MRegistrationResponseMsg.newBuilder()
+                            .setDeviceInfo(getDeviceInfoProto(device)).build();
+            TransportProtos.LwM2MResponseMsg responseMsg = TransportProtos.LwM2MResponseMsg.newBuilder().setRegistrationMsg(registrationResponseMsg).build();
+            return Futures.immediateFuture(TransportApiResponseMsg.newBuilder().setLwM2MResponseMsg(responseMsg).build());
+        } catch (JsonProcessingException e) {
+            log.warn("[{}][{}] Failed to lookup device by gateway id and name", tenantId, deviceName, e);
+            throw new RuntimeException(e);
+        } finally {
+            deviceCreationLock.unlock();
+        }
+    }
 }

+  ______    __      _                              __                                __
+ /_  __/   / /_    (_)   ____    ____ _   _____   / /_   ____   ____ _   _____  ____/ /
+  / /     / __ \  / /   / __ \  / __ `/  / ___/  / __ \ / __ \ / __ `/  / ___/ / __  /
+ / /     / / / / / /   / / / / / /_/ /  (__  )  / /_/ // /_/ // /_/ /  / /    / /_/ /
+/_/     /_/ /_/ /_/   /_/ /_/  \__, /  /____/  /_.___/ \____/ \__,_/  /_/     \__,_/
+                              /____/
+
  ===================================================
  :: ${application.title} ::      ${application.formatted-version}
  ===================================================

@@ -433,7 +433,7 @@ spring:
     database-platform: "${SPRING_JPA_DATABASE_PLATFORM:org.hibernate.dialect.PostgreSQLDialect}"
   datasource:
     driverClassName: "${SPRING_DRIVER_CLASS_NAME:org.postgresql.Driver}"
-    url: "${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/thingsboard}"
+    url: "${SPRING_DATASOURCE_URL:jdbc:postgresql://localhost:5432/thingsboard_ce_3_2_2}"
     username: "${SPRING_DATASOURCE_USERNAME:postgres}"
     password: "${SPRING_DATASOURCE_PASSWORD:postgres}"
     hikari:
@@ -488,7 +488,7 @@ js:
   # Built-in JVM JavaScript environment properties
   local:
     # Use Sandboxed (secured) JVM JavaScript environment
-    use_js_sandbox: "${USE_LOCAL_JS_SANDBOX:true}"
+    use_js_sandbox: "${USE_LOCAL_JS_SANDBOX:false}"
     # Specify thread pool size for JavaScript sandbox resource monitor
     monitor_thread_pool_size: "${LOCAL_JS_SANDBOX_MONITOR_THREAD_POOL_SIZE:4}"
     # Maximum CPU time in milliseconds allowed for script execution
@@ -565,6 +565,74 @@ transport:
     bind_address: "${COAP_BIND_ADDRESS:0.0.0.0}"
     bind_port: "${COAP_BIND_PORT:5683}"
     timeout: "${COAP_TIMEOUT:10000}"
+  # Local LwM2M transport parameters
+  lwm2m:
+    # Enable/disable lvm2m transport protocol.
+    enabled: "${LWM2M_ENABLED:true}"
+    #   We choose a default timeout a bit higher to the MAX_TRANSMIT_WAIT(62-93s) which is the time from starting to
+    #   send a Confirmable message to the time when an acknowledgement is no longer expected.
+    #   DEFAULT_TIMEOUT = 2 * 60 * 1000l; 2 min in ms
+    timeout: "${LWM2M_TIMEOUT:120000}"
+#    model_path_file: "${LWM2M_MODEL_PATH_FILE:./common/transport/lwm2m/src/main/resources/models/}"
+    model_path_file: "${LWM2M_MODEL_PATH_FILE:}"
+    support_deprecated_ciphers_enable: "${LWM2M_SUPPORT_DEPRECATED_CIPHERS_ENABLED:true}"
+    secure:
+      # Only Certificate_x509:
+      # To get helps about files format and how to generate it, see: https://github.com/eclipse/leshan/wiki/Credential-files-format
+      # Create new X509 Certificates: common/transport/lwm2m/src/main/resources/credentials/shell/lwM2M_credentials.sh
+      key_store_type: "${LWM2M_KEYSTORE_TYPE:JKS}"
+      # key_store_type: "${LWM2M_KEYSTORE_TYPE:PKCS12}"
+#      key_store_path_file: "${KEY_STORE_PATH_FILE:/usr/share/thingsboard/conf/credentials/serverKeyStore.jks}"
+      key_store_path_file: "${KEY_STORE_PATH_FILE:}"
+      key_store_password: "${LWM2M_KEYSTORE_PASSWORD_SERVER:server_ks_password}"
+      root_alias: "${LWM2M_SERVER_ROOT_CA:rootca}"
+      enable_gen_psk_rpk: "${ENABLE_GEN_PSK_RPK:true}"
+    server:
+      bind_address: "${LWM2M_BIND_ADDRESS:0.0.0.0}"
+      bind_port: "${LWM2M_BIND_PORT:5685}"
+      bind_port_cert: "${LWM2M_BIND_PORT_CERT:5687}"
+      secure:
+        start_all: "${START_SERVER_ALL:true}"
+        #leshan.core (V1_1)
+        #DTLS security modes:
+        #0: Pre-Shared Key mode
+        #1: Raw Public Key mode
+        #2: Certificate mode X509
+        #3: NoSec mode  *
+        #OMA-TS-LightweightM2M_Core-V1_1_1-20190617-A (add)
+        #4: Certificate mode X509 with EST
+        # If only startAll == false
+        dtls_mode: "${LWM2M_SECURITY_MODE:1}"
+        bind_address: "${LWM2M_BIND_ADDRESS:0.0.0.0}"
+        bind_port: "${LWM2M_BIND_PORT_SEC:5686}"
+        bind_port_cert: "${LWM2M_BIND_PORT_SEC_CERT:5688}"
+        # Only RPK: Public & Private Key
+#        create_rpk: "${CREATE_RPK:}"
+        public_x: "${LWM2M_SERVER_PUBLIC_X:405354ea8893471d9296afbc8b020a5c6201b0bb25812a53b849d4480fa5f069}"
+        public_y: "${LWM2M_SERVER_PUBLIC_Y:30c9237e946a3a1692c1cafaa01a238a077f632c99371348337512363f28212b}"
+        private_s: "${LWM2M_SERVER_PRIVATE_S:274671fe40ce937b8a6352cf0a418e8a39e4bf0bb9bf74c910db953c20c73802}"
+        # Only Certificate_x509:
+        alias: "${LWM2M_KEYSTORE_ALIAS_SERVER:server}"
+    bootstrap:
+      enable: "${BOOTSTRAP:true}"
+      bind_address: "${LWM2M_BIND_ADDRESS_BS:0.0.0.0}"
+      bind_port: "${LWM2M_BIND_PORT_BS:5689}"
+      bind_port_cert: "${LWM2M_BIND_PORT_SER_BS:5691}"
+      secure:
+        start_all: "${START_BOOTSTRAP_ALL:true}"
+        # If only startAll == false
+        dtls_mode: "${LWM2M_SECURITY_MODE_BS:1}"
+        bind_address: "${LWM2M_BIND_ADDRESS_BS:0.0.0.0}"
+        bind_port: "${LWM2M_BIND_PORT_SEC_BS:5690}"
+        bind_port_cert: "${LWM2M_BIND_PORT_SEC_CERT_BS:5692}"
+        # Only RPK: Public & Private Key
+        public_x: "${LWM2M_SERVER_PUBLIC_X_BS:993ef2b698c6a9c0c1d8be78b13a9383c0854c7c7c7a504d289b403794648183}"
+        public_y: "${LWM2M_SERVER_PUBLIC_Y_BS:267412d5fc4e5ceb2257cb7fd7f76ebdac2fa9aa100afb162e990074cc0bfaa2}"
+        private_s: "${LWM2M_SERVER_PRIVATE_S_BS:9dbdbb073fc63570693a9aaf1013414e261c571f27e27fc6a8c1c2ad9347875a}"
+        # Only Certificate_x509:
+        alias: "${LWM2M_KEYSTORE_ALIAS_BOOTSTRAP:bootstrap}"
+      # Redis
+    redis_url: "${LWM2M_REDIS_URL:''}"
 
 swagger:
   api_path_regex: "${SWAGGER_API_PATH_REGEX:/api.*}"

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.common.data.lwm2m;
+
+import lombok.Data;
+
+@Data
+public class LwM2mInstance {
+    int id;
+    LwM2mResource [] resources;
+
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.common.data.lwm2m;
+
+import lombok.Data;
+
+@Data
+public class LwM2mObject {
+    int id;
+    String name;
+    boolean multiple;
+    boolean mandatory;
+    LwM2mInstance [] instances;
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.common.data.lwm2m;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+
+import java.util.stream.Stream;
+
+@Data
+@AllArgsConstructor
+public class LwM2mResource {
+    int id;
+    String name;
+    boolean observe;
+    boolean attribute;
+    boolean telemetry;
+    String keyName;
+
+    public LwM2mResource(int id, String name, boolean observe, boolean attribute, boolean telemetry) {
+        this.id = id;
+        this.name = name;
+        this.observe = observe;
+        this.attribute = attribute;
+        this.telemetry = telemetry;
+        this.keyName = getCamelCase (this.name);
+    }
+
+    private String getCamelCase (String name) {
+        name = name.replaceAll("-", " ");
+        name = name.replaceAll("_", " ");
+        String [] nameCamel1 = name.split(" ");
+        String [] nameCamel2 = new String[nameCamel1.length];
+        int[] idx = { 0 };
+        Stream.of(nameCamel1).forEach((s -> {
+            nameCamel2[idx[0]] = toProperCase(idx[0]++,  s);
+        }));
+        return String.join("", nameCamel2);
+    }
+
+    private String toProperCase(int idx, String s) {
+        if (!s.isEmpty() && s.length()> 0) {
+            String s1 = (idx == 0) ? s.substring(0, 1).toLowerCase() : s.substring(0, 1).toUpperCase();
+            String s2 = "";
+            if (s.length()> 1) s2 = s.substring(1).toLowerCase();
+            s = s1 + s2;
+        }
+        return s;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.common.data.lwm2m;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+public class ServerSecurityConfig {
+    String host;
+    Integer port;
+    String serverPublicKey;
+    @Builder.Default
+    boolean bootstrapServerIs = true;
+    @Builder.Default
+    Integer clientHoldOffTime = 1;
+    @Builder.Default
+    Integer serverId = 111;
+    @Builder.Default
+    Integer bootstrapServerAccountTimeout = 0;
+}

@@ -19,6 +19,8 @@ public enum DeviceCredentialsType {
 
     ACCESS_TOKEN,
     X509_CERTIFICATE,
-    MQTT_BASIC
+    MQTT_BASIC,
+    LWM2M_CREDENTIALS
+
 
 }

@@ -183,6 +183,47 @@ message GetEntityProfileRequestMsg {
   int64 entityIdLSB = 3;
 }
 
+message LwM2MRegistrationRequestMsg {
+  string tenantId = 1;
+  string endpoint = 2;
+}
+
+message LwM2MRegistrationResponseMsg {
+  DeviceInfoProto deviceInfo = 1;
+}
+
+message LwM2MRequestMsg {
+  LwM2MRegistrationRequestMsg registrationMsg = 1;
+}
+
+message LwM2MResponseMsg {
+  LwM2MRegistrationResponseMsg registrationMsg = 1;
+}
+
+message ValidateDeviceLwM2MCredentialsRequestMsg {
+  string credentialsId = 1;
+}
+
+message ToTransportUpdateCredentialsProto {
+  repeated string credentialsId = 1;
+  repeated string credentialsValue = 2;
+}
+
+message GetTenantRoutingInfoRequestMsg {
+  int64 tenantIdMSB = 1;
+  int64 tenantIdLSB = 2;
+}
+
+message GetTenantRoutingInfoResponseMsg {
+  bool isolatedTbCore = 1;
+  bool isolatedTbRuleEngine = 2;
+}
+
+message GetDeviceProfileRequestMsg {
+  int64 profileIdMSB = 1;
+  int64 profileIdLSB = 2;
+}
+
 message GetEntityProfileResponseMsg {
   string entityType = 1;
   bytes data = 2;
@@ -479,8 +520,10 @@ message TransportApiRequestMsg {
   ValidateDeviceX509CertRequestMsg validateX509CertRequestMsg = 2;
   GetOrCreateDeviceFromGatewayRequestMsg getOrCreateDeviceRequestMsg = 3;
   GetEntityProfileRequestMsg entityProfileRequestMsg = 4;
+  LwM2MRequestMsg lwM2MRequestMsg = 5;
   ValidateBasicMqttCredRequestMsg validateBasicMqttCredRequestMsg = 6;
   ProvisionDeviceRequestMsg provisionDeviceRequestMsg = 7;
+  ValidateDeviceLwM2MCredentialsRequestMsg validateDeviceLwM2MCredentialsRequestMsg = 8;
 }
 
 /* Response from ThingsBoard Core Service to Transport Service */
@@ -489,6 +532,7 @@ message TransportApiResponseMsg {
   GetOrCreateDeviceFromGatewayResponseMsg getOrCreateDeviceResponseMsg = 2;
   GetEntityProfileResponseMsg entityProfileResponseMsg = 3;
   ProvisionDeviceResponseMsg provisionDeviceResponseMsg = 4;
+  LwM2MResponseMsg lwM2MResponseMsg = 6;
 }
 
 /* Messages that are handled by ThingsBoard Core Service */
@@ -529,10 +573,10 @@ message ToTransportMsg {
   AttributeUpdateNotificationMsg attributeUpdateNotification = 5;
   ToDeviceRpcRequestMsg toDeviceRequest = 6;
   ToServerRpcResponseMsg toServerResponse = 7;
-  /* For Tenant, TenantProfile and DeviceProfile */
   EntityUpdateMsg entityUpdateMsg = 8;
   EntityDeleteMsg entityDeleteMsg = 9;
   ProvisionDeviceResponseMsg provisionResponse = 10;
+  ToTransportUpdateCredentialsProto toTransportUpdateCredentialsNotification = 11;
 }
 
 message UsageStatsKVProto{

@@ -24,6 +24,7 @@ import org.springframework.stereotype.Component;
 import org.thingsboard.server.common.transport.TransportContext;
 import org.thingsboard.server.transport.coap.adaptors.CoapTransportAdaptor;
 
+
 /**
  * Created by ashvayka on 18.10.18.
  */

@@ -16,14 +16,15 @@
 package org.thingsboard.server.transport.coap;
 
 import lombok.extern.slf4j.Slf4j;
+import org.eclipse.californium.core.CoapObserveRelation;
 import org.eclipse.californium.core.CoapResource;
+import org.eclipse.californium.core.coap.CoAP;
 import org.eclipse.californium.core.coap.CoAP.ResponseCode;
 import org.eclipse.californium.core.coap.Request;
+import org.eclipse.californium.core.network.Endpoint;
 import org.eclipse.californium.core.network.Exchange;
-import org.eclipse.californium.core.network.ExchangeObserver;
 import org.eclipse.californium.core.server.resources.CoapExchange;
 import org.eclipse.californium.core.server.resources.Resource;
-import org.springframework.util.ReflectionUtils;
 import org.thingsboard.server.common.data.DataConstants;
 import org.thingsboard.server.common.data.DeviceTransportType;
 import org.thingsboard.server.common.data.security.DeviceTokenCredentials;
@@ -40,26 +41,26 @@ import org.thingsboard.server.common.transport.auth.ValidateDeviceCredentialsRes
 import org.thingsboard.server.gen.transport.TransportProtos;
 import org.thingsboard.server.gen.transport.TransportProtos.ProvisionDeviceResponseMsg;
 
-import java.lang.reflect.Field;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import java.util.UUID;
+import java.util.Timer;
+import java.util.TimerTask;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
 import java.util.concurrent.atomic.AtomicInteger;
 import java.util.function.Consumer;
 
 @Slf4j
 public class CoapTransportResource extends CoapResource {
-    // coap://localhost:port/api/v1/DEVICE_TOKEN/[attributes|telemetry|rpc[/requestId]]
     private static final int ACCESS_TOKEN_POSITION = 3;
     private static final int FEATURE_TYPE_POSITION = 4;
     private static final int REQUEST_ID_POSITION = 5;
 
     private final CoapTransportContext transportContext;
     private final TransportService transportService;
-    private final Field observerField;
     private final long timeout;
     private final ConcurrentMap<String, TransportProtos.SessionInfoProto> tokenToSessionIdMap = new ConcurrentHashMap<>();
     private final Set<UUID> rpcSubscriptions = ConcurrentHashMap.newKeySet();
@@ -73,9 +74,20 @@ public class CoapTransportResource extends CoapResource {
         // This is important to turn off existing observable logic in
         // CoapResource. We will have our own observe monitoring due to 1:1
         // observe relationship.
-        this.setObservable(false);
-        observerField = ReflectionUtils.findField(Exchange.class, "observer");
-        observerField.setAccessible(true);
+        this.setObservable(true); // enable observing
+        this.setObserveType(CoAP.Type.CON); // configure the notification type to CONs
+        this.getAttributes().setObservable(); // mark observable in the Link-Format
+        // schedule a periodic update task, otherwise let events call changed()
+        Timer timer = new Timer();
+        timer.schedule(new UpdateTask(), 0, 5000);
+    }
+
+    private class UpdateTask extends TimerTask {
+        @Override
+        public void run() {
+            // .. periodic update of the resource
+            changed(); // notify all observers
+        }
     }
 
     @Override
@@ -187,9 +199,7 @@ public class CoapTransportResource extends CoapResource {
                                         new CoapOkCallback(exchange));
                                 break;
                             case SUBSCRIBE_ATTRIBUTES_REQUEST:
-                                attributeSubscriptions.add(sessionId);
-                                advanced.setObserver(new CoapExchangeObserverProxy((ExchangeObserver) observerField.get(advanced),
-                                        registerAsyncCoapSession(exchange, request, sessionInfo, sessionId)));
+                                transportService.registerSyncSession(sessionInfo, new CoapSessionListener(sessionId, exchange), transportContext.getTimeout());
                                 transportService.process(sessionInfo,
                                         TransportProtos.SubscribeToAttributeUpdatesMsg.getDefaultInstance(),
                                         new CoapNoOpCallback(exchange));
@@ -206,8 +216,6 @@ public class CoapTransportResource extends CoapResource {
                                 break;
                             case SUBSCRIBE_RPC_COMMANDS_REQUEST:
                                 rpcSubscriptions.add(sessionId);
-                                advanced.setObserver(new CoapExchangeObserverProxy((ExchangeObserver) observerField.get(advanced),
-                                        registerAsyncCoapSession(exchange, request, sessionInfo, sessionId)));
                                 transportService.process(sessionInfo,
                                         TransportProtos.SubscribeToRPCMsg.getDefaultInstance(),
                                         new CoapNoOpCallback(exchange));
@@ -243,9 +251,6 @@ public class CoapTransportResource extends CoapResource {
                     } catch (AdaptorException e) {
                         log.trace("[{}] Failed to decode message: ", sessionId, e);
                         exchange.respond(ResponseCode.BAD_REQUEST);
-                    } catch (IllegalAccessException e) {
-                        log.trace("[{}] Failed to process message: ", sessionId, e);
-                        exchange.respond(ResponseCode.INTERNAL_SERVER_ERROR);
                     }
                 }));
     }
@@ -459,24 +464,17 @@ public class CoapTransportResource extends CoapResource {
         }
     }
 
-    public class CoapExchangeObserverProxy implements ExchangeObserver {
-
-        private final ExchangeObserver proxy;
-        private final String token;
-
-        CoapExchangeObserverProxy(ExchangeObserver proxy, String token) {
-            super();
-            this.proxy = proxy;
-            this.token = token;
-        }
-
-        @Override
-        public void completed(Exchange exchange) {
-            proxy.completed(exchange);
-            TransportProtos.SessionInfoProto session = tokenToSessionIdMap.remove(token);
-            if (session != null) {
-                closeAndDeregister(session);
-            }
+    public class CoapExchangeObserverProxy extends CoapObserveRelation {
+
+        /**
+         * Constructs a new CoapObserveRelation with the specified request.
+         *
+         * @param request  the request
+         * @param endpoint the endpoint
+         * @param executor
+         */
+        protected CoapExchangeObserverProxy(Request request, Endpoint endpoint, ScheduledThreadPoolExecutor executor) {
+            super(request, endpoint, executor);
         }
     }
 

@@ -18,8 +18,9 @@ package org.thingsboard.server.transport.coap;
 import lombok.extern.slf4j.Slf4j;
 import org.eclipse.californium.core.CoapResource;
 import org.eclipse.californium.core.CoapServer;
+
 import org.eclipse.californium.core.network.CoapEndpoint;
-import org.eclipse.californium.core.network.config.NetworkConfig;
+import org.eclipse.californium.core.network.CoapEndpoint.Builder;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
 import org.springframework.stereotype.Service;
@@ -47,11 +48,15 @@ public class CoapTransportService {
     public void init() throws UnknownHostException {
         log.info("Starting CoAP transport...");
         log.info("Starting CoAP transport server");
-        this.server = new CoapServer(NetworkConfig.createStandardWithoutFile());
+        this.server = new CoapServer();
         createResources();
         InetAddress addr = InetAddress.getByName(coapTransportContext.getHost());
         InetSocketAddress sockAddr = new InetSocketAddress(addr, coapTransportContext.getPort());
-        server.addEndpoint(new CoapEndpoint(sockAddr));
+        Builder builder = new Builder();
+        builder.setInetSocketAddress(sockAddr);
+        CoapEndpoint coapEndpoint = builder.build();
+
+        server.addEndpoint(coapEndpoint);
         server.start();
         log.info("CoAP transport started!");
     }

@@ -31,6 +31,7 @@ import org.thingsboard.server.common.transport.adaptor.JsonConverter;
 import org.thingsboard.server.gen.transport.TransportProtos;
 import org.thingsboard.server.transport.coap.CoapTransportResource;
 
+
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;

@@ -28,6 +28,7 @@ import org.eclipse.californium.core.CoapClient;
 import org.eclipse.californium.core.CoapHandler;
 import org.eclipse.californium.core.CoapResponse;
 import org.eclipse.californium.core.coap.MediaTypeRegistry;
+import org.eclipse.californium.elements.exception.ConnectorException;
 import org.thingsboard.server.common.msg.session.FeatureType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -61,7 +62,7 @@ public class DeviceEmulator {
         this.attributesClient = new CoapClient(getFeatureTokenUrl(host, port, token, FeatureType.ATTRIBUTES));
         this.telemetryClient = new CoapClient(getFeatureTokenUrl(host, port, token, FeatureType.TELEMETRY));
         this.rpcClient = new CoapClient(getFeatureTokenUrl(host, port, token, FeatureType.RPC));
-        this.keys = keys.split(",");
+        this.keys = (keys != null && !keys.isEmpty()) ?  keys.split(",") : null;
     }
 
     public void start() {
@@ -72,11 +73,8 @@ public class DeviceEmulator {
                 try {
                     sendObserveRequest(rpcClient);
                     while (!Thread.interrupted()) {
-
-
                         sendRequest(attributesClient, createAttributesRequest());
                         sendRequest(telemetryClient, createTelemetryRequest());
-
                         Thread.sleep(1000);
                     }
                 } catch (Exception e) {
@@ -84,8 +82,8 @@ public class DeviceEmulator {
                 }
             }
 
-            private void sendRequest(CoapClient client, JsonNode request) throws JsonProcessingException {
-                CoapResponse telemetryResponse = client.setTimeout(60000).post(mapper.writeValueAsString(request),
+            private void sendRequest(CoapClient client, JsonNode request) throws IOException, ConnectorException {
+                CoapResponse telemetryResponse = client.setTimeout((long) 60000).post(mapper.writeValueAsString(request),
                         MediaTypeRegistry.APPLICATION_JSON);
                 log.info("Response: {}, {}", telemetryResponse.getCode(), telemetryResponse.getResponseText());
             }
@@ -113,6 +111,7 @@ public class DeviceEmulator {
 
                                 @Override
                                 public void onError() {
+                                    log.info("Command Response Ack Error, No connect");
                                     //Do nothing
                                 }
                             }, mapper.writeValueAsString(response), MediaTypeRegistry.APPLICATION_JSON);
@@ -157,6 +156,15 @@ public class DeviceEmulator {
         if (args.length != 4) {
             System.out.println("Usage: java -jar " + DeviceEmulator.class.getSimpleName() + ".jar host port device_token keys");
         }
+        /**
+         * DeviceEmulator(String host, int port, String token, String keys)
+         * args[]:
+         * host = "localhost",
+         * port = 0,
+         * token = "{Tokrn device from thingboard}"), kSzbDRGwaZqZ6Y25gTLF
+         * keys = "{Telemetry}"
+         *
+         */
         final DeviceEmulator emulator = new DeviceEmulator(args[0], Integer.parseInt(args[1]), args[2], args[3]);
         emulator.start();
         Runtime.getRuntime().addShutdownHook(new Thread() {
@@ -167,7 +175,6 @@ public class DeviceEmulator {
         });
     }
 
-
     private String getFeatureTokenUrl(String host, int port, String token, FeatureType featureType) {
         return getBaseUrl(host, port) + token + "/" + featureType.name().toLowerCase();
     }

@@ -327,6 +327,7 @@ public class DeviceApiController {
         public void onToServerRpcResponse(ToServerRpcResponseMsg msg) {
             responseWriter.setResult(new ResponseEntity<>(JsonConverter.toJson(msg).toString(), HttpStatus.OK));
         }
+
     }
 
     private void reportActivity(SessionInfoProto sessionInfo) {

+
+<!--
+
+    Copyright © 2016-2020 The Thingsboard Authors
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.thingsboard.common</groupId>
+        <version>3.2.0-SNAPSHOT</version>
+        <artifactId>transport</artifactId>
+    </parent>
+    <groupId>org.thingsboard.common.transport</groupId>
+    <artifactId>lwm2m</artifactId>
+    <packaging>jar</packaging>
+
+    <name>Thingsboard LwM2M Transport Common</name>
+    <url>https://thingsboard.io</url>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <main.dir>${basedir}/../../..</main.dir>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.thingsboard.common.transport</groupId>
+            <artifactId>transport-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context-support</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>log4j-over-slf4j</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-core</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+        </dependency>
+        <!--  lechan start -->
+        <dependency>
+            <groupId>org.eclipse.leshan</groupId>
+            <artifactId>leshan-server-cf</artifactId>
+        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.eclipse.leshan</groupId>-->
+<!--            <artifactId>leshan-server-cf</artifactId>-->
+<!--        </dependency>   -->
+        <dependency>
+            <groupId>org.eclipse.leshan</groupId>
+            <artifactId>leshan-client-cf</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.eclipse.leshan</groupId>
+            <artifactId>leshan-server-redis</artifactId>
+        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.eclipse.californium</groupId>-->
+<!--            <artifactId>californium-core</artifactId>-->
+<!--        </dependency>-->
+        <!--  leshan finish -->
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-all</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.californium</groupId>
+            <artifactId>californium-core</artifactId>
+            <version>${californium.version}</version>
+            <type>test-jar</type>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.eclipse.californium</groupId>
+            <artifactId>element-connector</artifactId>
+            <version>${californium.version}</version>
+            <type>test-jar</type>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+</project>

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
+import org.eclipse.leshan.core.model.StaticModel;
+import org.eclipse.leshan.server.bootstrap.BootstrapSessionManager;
+import org.eclipse.leshan.server.californium.bootstrap.LeshanBootstrapServer;
+import org.eclipse.leshan.server.californium.bootstrap.LeshanBootstrapServerBuilder;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2MBootstrapSecurityStore;
+import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2MInMemoryBootstrapConfigStore;
+import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2MSetSecurityStoreBootstrap;
+import org.thingsboard.server.transport.lwm2m.bootstrap.secure.LwM2mDefaultBootstrapSessionManager;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+import org.thingsboard.server.transport.lwm2m.server.LwM2MTransportContextServer;
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.X509;
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.RPK;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig;
+
+@Slf4j
+@Component
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true'&& '${transport.lwm2m.bootstrap.enable:false}'=='true') || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true'&& '${transport.lwm2m.bootstrap.enable}'=='true')")
+public class LwM2MTransportBootstrapServerConfiguration {
+
+    @Autowired
+    private LwM2MTransportContextBootstrap contextBs;
+
+    @Autowired
+    private LwM2MTransportContextServer contextS;
+
+    @Autowired
+    private LwM2MBootstrapSecurityStore lwM2MBootstrapSecurityStore;
+
+    @Autowired
+    private LwM2MInMemoryBootstrapConfigStore lwM2MInMemoryBootstrapConfigStore;
+
+
+    @Primary
+    @Bean(name = "leshanBootstrapCert")
+    public LeshanBootstrapServer getLeshanBootstrapServerCert() {
+        log.info("Prepare and start BootstrapServerCert... PostConstruct");
+        return getLeshanBootstrapServer(this.contextBs.getCtxBootStrap().getBootstrapPortCert(), this.contextBs.getCtxBootStrap().getBootstrapSecurePortCert(), X509);
+    }
+
+    @Bean(name = "leshanBootstrapRPK")
+    public LeshanBootstrapServer getLeshanBootstrapServerRPK() {
+        log.info("Prepare and start BootstrapServerRPK... PostConstruct");
+        return getLeshanBootstrapServer(this.contextBs.getCtxBootStrap().getBootstrapPort(), this.contextBs.getCtxBootStrap().getBootstrapSecurePort(), RPK);
+    }
+
+    public LeshanBootstrapServer getLeshanBootstrapServer(Integer bootstrapPort, Integer bootstrapSecurePort, LwM2MSecurityMode dtlsMode) {
+        LeshanBootstrapServerBuilder builder = new LeshanBootstrapServerBuilder();
+        builder.setLocalAddress(this.contextBs.getCtxBootStrap().getBootstrapHost(), bootstrapPort);
+        builder.setLocalSecureAddress(this.contextBs.getCtxBootStrap().getBootstrapSecureHost(), bootstrapSecurePort);
+
+        /** Create CoAP Config */
+        builder.setCoapConfig(getCoapConfig ());
+
+        /**  ConfigStore */
+        builder.setConfigStore(lwM2MInMemoryBootstrapConfigStore);
+
+        /** SecurityStore */
+        builder.setSecurityStore(lwM2MBootstrapSecurityStore);
+
+        /** Define model provider (Create Models )*/
+        builder.setModel(new StaticModel(contextS.getCtxServer().getModelsValue()));
+
+        /** Create and Set DTLS Config */
+        DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder();
+        dtlsConfig.setRecommendedCipherSuitesOnly(contextS.getCtxServer().isSupportDeprecatedCiphersEnable());
+        builder.setDtlsConfig(dtlsConfig);
+
+        /**  Create credentials */
+        new LwM2MSetSecurityStoreBootstrap(builder, contextBs, contextS, dtlsMode);
+
+        BootstrapSessionManager sessionManager = new LwM2mDefaultBootstrapSessionManager(lwM2MBootstrapSecurityStore);
+        builder.setSessionManager(sessionManager);
+
+        /** Create BootstrapServer */
+        return builder.build();
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.server.californium.bootstrap.LeshanBootstrapServer;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+
+import javax.annotation.PostConstruct;
+import javax.annotation.PreDestroy;
+
+@Slf4j
+@Service
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled}'=='true'&& '${transport.lwm2m.bootstrap.enable}'=='true') || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true'&& '${transport.lwm2m.bootstrap.enable}'=='true')")
+public class LwM2MTransportBootstrapServerInitializer {
+
+    @Autowired
+    @Qualifier("leshanBootstrapCert")
+    private LeshanBootstrapServer lhBServerCert;
+
+    @Autowired
+    @Qualifier("leshanBootstrapRPK")
+    private LeshanBootstrapServer lhBServerRPK;
+
+    @Autowired
+    private LwM2MTransportContextBootstrap contextBS;
+
+    @PostConstruct
+    public void init() {
+        if (this.contextBS.getCtxBootStrap().isBootstrapStartAll()) {
+            this.lhBServerCert.start();
+            this.lhBServerRPK.start();
+        }
+        else {
+            if (this.contextBS.getCtxBootStrap().getBootStrapDtlsMode() == LwM2MSecurityMode.X509.code) {
+                this.lhBServerCert.start();
+            }
+            else {
+                this.lhBServerRPK.start();
+            }
+        }
+    }
+
+    @PreDestroy
+    public void shutdown() throws InterruptedException {
+        log.info("Stopping LwM2M transport Bootstrap Server!");
+        try {
+            lhBServerCert.destroy();
+            lhBServerRPK.destroy();
+        } finally {
+        }
+        log.info("LwM2M transport Bootstrap Server stopped!");
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap;
+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.transport.TransportContext;
+import org.thingsboard.server.common.transport.lwm2m.LwM2MTransportConfigBootstrap;
+
+import javax.annotation.PostConstruct;
+
+
+@Slf4j
+@Component
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true') || '${service.type:null}'=='monolith'")
+public class LwM2MTransportContextBootstrap extends TransportContext {
+
+    private LwM2MTransportConfigBootstrap ctxBootStrap;
+    @Autowired
+    LwM2MTransportConfigBootstrap lwM2MTransportConfigBootstarp;
+
+    @PostConstruct
+    public void init() {
+        this.ctxBootStrap = lwM2MTransportConfigBootstarp;
+    }
+
+    public LwM2MTransportConfigBootstrap getCtxBootStrap() {
+        return this.ctxBootStrap;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.Builder;
+import lombok.Data;
+import org.eclipse.leshan.core.SecurityMode;
+import org.eclipse.leshan.core.request.BindingMode;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.server.bootstrap.BootstrapConfig;
+
+import java.nio.charset.StandardCharsets;
+
+@Data
+public class LwM2MBootstrapConfig {
+    /**
+     * interface BootstrapSecurityConfig
+     *   servers: BootstrapServersSecurityConfig,
+     *   bootstrapServer: ServerSecurityConfig,
+     *   lwm2mServer: ServerSecurityConfig
+     * }
+     */
+    /** -servers
+     *   shortId: number,
+     *   lifetime: number,
+     *   defaultMinPeriod: number,
+     *   notifIfDisabled: boolean,
+     *   binding: string
+     * */
+    @Builder.Default
+    LwM2MBootstrapServers servers;
+
+    /** -bootstrapServer, lwm2mServer
+     * interface ServerSecurityConfig
+     *   host?: string,
+     *   port?: number,
+     *   isBootstrapServer?: boolean,
+     *   securityMode: string,
+     *   clientPublicKeyOrId?: string,
+     *   clientSecretKey?: string,
+     *   serverPublicKey?: string;
+     *   clientHoldOffTime?: number,
+     *   serverId?: number,
+     *   bootstrapServerAccountTimeout: number
+     * */
+    LwM2MServerBootstrap bootstrapServer;
+
+    LwM2MServerBootstrap lwm2mServer;
+
+    public BootstrapConfig getLwM2MBootstrapConfig() {
+        BootstrapConfig configBs = new BootstrapConfig();
+        /** Delete old security objects */
+        configBs.toDelete.add("/0");
+        configBs.toDelete.add("/1");
+        /** Server Configuration (object 1) as defined in LWM2M 1.0.x TS. */
+        BootstrapConfig.ServerConfig server0 = new BootstrapConfig.ServerConfig();
+        server0.shortId = servers.getShortId();
+        server0.lifetime = servers.getLifetime();
+        server0.defaultMinPeriod = servers.getDefaultMinPeriod();
+        server0.notifIfDisabled = servers.isNotifIfDisabled();
+        server0.binding = BindingMode.valueOf(servers.getBinding());
+        configBs.servers.put(0, server0);
+        /** Security Configuration (object 0) as defined in LWM2M 1.0.x TS. Bootstrap instance = 0 */
+        this.bootstrapServer.setBootstrapServerIs(true);
+        configBs.security.put(0, setServerSecuruty(this.bootstrapServer.getHost(), this.bootstrapServer.getPort(), this.bootstrapServer.isBootstrapServerIs(), this.bootstrapServer.getSecurityMode(), this.bootstrapServer.getClientPublicKeyOrId(), this.bootstrapServer.getServerPublicKey(), this.bootstrapServer.getClientSecretKey(), this.bootstrapServer.getServerId()));
+        /** Security Configuration (object 0) as defined in LWM2M 1.0.x TS. Server instance = 1 */
+        configBs.security.put(1, setServerSecuruty(this.lwm2mServer.getHost(), this.lwm2mServer.getPort(), this.lwm2mServer.isBootstrapServerIs(), this.lwm2mServer.getSecurityMode(), this.lwm2mServer.getClientPublicKeyOrId(), this.lwm2mServer.getServerPublicKey(), this.lwm2mServer.getClientSecretKey(), this.lwm2mServer.getServerId()));
+        return configBs;
+    }
+
+    private BootstrapConfig.ServerSecurity setServerSecuruty(String host, Integer port, boolean bootstrapServer, String securityMode, String clientPublicKey, String serverPublicKey, String secretKey, int serverId) {
+        BootstrapConfig.ServerSecurity serverSecurity = new BootstrapConfig.ServerSecurity();
+        serverSecurity.uri = "coaps://" + host + ":" + Integer.toString(port);
+        serverSecurity.bootstrapServer = bootstrapServer;
+        serverSecurity.securityMode = SecurityMode.valueOf(securityMode);
+        serverSecurity.publicKeyOrId = setPublicKeyOrId(clientPublicKey, securityMode);
+        serverSecurity.serverPublicKey = (serverPublicKey != null && !serverPublicKey.isEmpty()) ? Hex.decodeHex(serverPublicKey.toCharArray()) : new byte[]{};
+        serverSecurity.secretKey = (secretKey != null && !secretKey.isEmpty()) ? Hex.decodeHex(secretKey.toCharArray()) : new byte[]{};
+        serverSecurity.serverId = serverId;
+        return serverSecurity;
+    }
+
+    private byte[] setPublicKeyOrId(String publicKeyOrIdStr, String securityMode) {
+        byte[] publicKey = (publicKeyOrIdStr == null || publicKeyOrIdStr.isEmpty()) ? new byte[]{} :
+                SecurityMode.valueOf(securityMode).equals(SecurityMode.PSK) ? publicKeyOrIdStr.getBytes(StandardCharsets.UTF_8) :
+                        Hex.decodeHex(publicKeyOrIdStr.toCharArray());
+        return publicKey;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.gson.JsonObject;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.SecurityMode;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.core.util.SecurityUtil;
+import org.eclipse.leshan.server.bootstrap.BootstrapConfig;
+import org.eclipse.leshan.server.bootstrap.EditableBootstrapConfigStore;
+import org.eclipse.leshan.server.bootstrap.InvalidConfigurationException;
+import org.eclipse.leshan.server.security.BootstrapSecurityStore;
+import org.eclipse.leshan.server.security.SecurityInfo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MGetSecurityInfo;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+import org.thingsboard.server.transport.lwm2m.secure.ReadResultSecurityStore;
+import org.thingsboard.server.transport.lwm2m.utils.TypeServer;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.util.Arrays;
+import java.util.List;
+
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.*;
+
+@Slf4j
+@Component("LwM2MBootstrapSecurityStore")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' && '${transport.lwm2m.bootstrap.enable:false}'=='true') || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true' && '${transport.lwm2m.bootstrap.enable}'=='true')")
+public class LwM2MBootstrapSecurityStore implements BootstrapSecurityStore {
+
+    private final EditableBootstrapConfigStore bootstrapConfigStore;
+
+    @Autowired
+    LwM2MGetSecurityInfo lwM2MGetSecurityInfo;
+
+    public LwM2MBootstrapSecurityStore(EditableBootstrapConfigStore bootstrapConfigStore) {
+        this.bootstrapConfigStore = bootstrapConfigStore;
+    }
+
+    @Override
+    public List<SecurityInfo> getAllByEndpoint(String endPoint) {
+        String endPointKey = endPoint;
+        ReadResultSecurityStore store = lwM2MGetSecurityInfo.getSecurityInfo(endPointKey, TypeServer.BOOTSTRAP);
+        if (store.getBootstrapJsonCredential() != null) {
+            /** add value to store  from BootstrapJson */
+            this.setBootstrapConfigScurityInfo(store);
+            BootstrapConfig bsConfigNew = store.getBootstrapConfig();
+            if (bsConfigNew != null) {
+                try {
+                    for (String config : bootstrapConfigStore.getAll().keySet()) {
+                        if (config.equals(endPoint)) {
+                            bootstrapConfigStore.remove(config);
+                        }
+                    }
+                    bootstrapConfigStore.add(endPoint, bsConfigNew);
+                } catch (InvalidConfigurationException e) {
+                    e.printStackTrace();
+                }
+                return store.getSecurityInfo() == null ? null : Arrays.asList(store.getSecurityInfo());
+            }
+        }
+        return null;
+    }
+
+    @Override
+    public SecurityInfo getByIdentity(String identity) {
+        ReadResultSecurityStore store = lwM2MGetSecurityInfo.getSecurityInfo(identity, TypeServer.BOOTSTRAP);
+        /** add value to store  from BootstrapJson */
+        this.setBootstrapConfigScurityInfo(store);
+
+        if (store.getSecurityMode() < LwM2MSecurityMode.DEFAULT_MODE.code) {
+            BootstrapConfig bsConfig = store.getBootstrapConfig();
+            if (bsConfig.security != null) {
+                try {
+                    bootstrapConfigStore.add(store.getEndPoint(), bsConfig);
+                } catch (InvalidConfigurationException e) {
+                    e.printStackTrace();
+                }
+                return store.getSecurityInfo();
+            }
+        }
+        return null;
+    }
+
+    private void setBootstrapConfigScurityInfo(ReadResultSecurityStore store) {
+        /** BootstrapConfig */
+        LwM2MBootstrapConfig lwM2MBootstrapConfig = this.getParametersBootstrap(store);
+        if (lwM2MBootstrapConfig != null) {
+            /** Security info */
+            switch (SecurityMode.valueOf(lwM2MBootstrapConfig.getBootstrapServer().getSecurityMode())) {
+                /** Use RPK only */
+                case PSK:
+                    store.setSecurityInfo(SecurityInfo.newPreSharedKeyInfo(store.getEndPoint(),
+                            lwM2MBootstrapConfig.getBootstrapServer().getClientPublicKeyOrId(),
+                            Hex.decodeHex(lwM2MBootstrapConfig.getBootstrapServer().getClientSecretKey().toCharArray())));
+                    store.setSecurityMode(SecurityMode.PSK.code);
+                    break;
+                case RPK:
+                    try {
+                        store.setSecurityInfo(SecurityInfo.newRawPublicKeyInfo(store.getEndPoint(),
+                                SecurityUtil.publicKey.decode(Hex.decodeHex(lwM2MBootstrapConfig.getBootstrapServer().getClientPublicKeyOrId().toCharArray()))));
+                        store.setSecurityMode(SecurityMode.RPK.code);
+                        break;
+                    } catch (IOException | GeneralSecurityException e) {
+                        log.error("Unable to decode Client public key for [{}]  [{}]", store.getEndPoint(), e.getMessage());
+                    }
+                case X509:
+                    store.setSecurityInfo(SecurityInfo.newX509CertInfo(store.getEndPoint()));
+                    store.setSecurityMode(SecurityMode.X509.code);
+                    break;
+                case NO_SEC:
+                    store.setSecurityMode(SecurityMode.NO_SEC.code);
+                    store.setSecurityInfo(null);
+                    break;
+                default:
+            }
+            BootstrapConfig bootstrapConfig = lwM2MBootstrapConfig.getLwM2MBootstrapConfig();
+            store.setBootstrapConfig(bootstrapConfig);
+        }
+    }
+
+    private LwM2MBootstrapConfig getParametersBootstrap(ReadResultSecurityStore store) {
+        try {
+            JsonObject bootstrapJsonCredential = store.getBootstrapJsonCredential();
+            ObjectMapper mapper = new ObjectMapper();
+            LwM2MBootstrapConfig lwM2MBootstrapConfig = mapper.readValue(bootstrapJsonCredential.toString(), LwM2MBootstrapConfig.class);
+            JsonObject bootstrapObject = getBootstrapParametersFromThingsboard(store.getDeviceProfile());
+            lwM2MBootstrapConfig.servers = mapper.readValue(bootstrapObject.get(SERVERS).toString(), LwM2MBootstrapServers.class);
+            LwM2MServerBootstrap profileServerBootstrap = mapper.readValue(bootstrapObject.get(BOOTSTRAP_SERVER).toString(), LwM2MServerBootstrap.class);
+            LwM2MServerBootstrap profileLwm2mServer = mapper.readValue(bootstrapObject.get(LWM2M_SERVER).toString(), LwM2MServerBootstrap.class);
+            if (getValidatedSecurityMode(lwM2MBootstrapConfig.bootstrapServer, profileServerBootstrap, lwM2MBootstrapConfig.lwm2mServer, profileLwm2mServer)) {
+                lwM2MBootstrapConfig.bootstrapServer = new LwM2MServerBootstrap(lwM2MBootstrapConfig.bootstrapServer, profileServerBootstrap);
+                lwM2MBootstrapConfig.lwm2mServer = new LwM2MServerBootstrap(lwM2MBootstrapConfig.lwm2mServer, profileLwm2mServer);
+                return lwM2MBootstrapConfig;
+            }
+            else {
+                log.error(" [{}] Different values SecurityMode between of client and profile.", store.getEndPoint());
+                log.error(LOG_LW2M_ERROR + " getParametersBootstrap: [{}] Different values SecurityMode between of client and profile.", store.getEndPoint());
+                String logMsg = String.format(LOG_LW2M_ERROR + " getParametersBootstrap: %s Different values SecurityMode between of client and profile.", store.getEndPoint());
+//                sentLogsToThingsboard(logMsg, store.getEndPoint());
+                return null;
+            }
+        } catch (JsonProcessingException e) {
+            log.error("Unable to decode Json or Certificate for [{}]  [{}]", store.getEndPoint(), e.getMessage());
+            return null;
+        }
+    }
+
+    /**
+     * Bootstrap security have to sync between (bootstrapServer in credential and  bootstrapServer in profile)
+     * and (lwm2mServer  in credential and lwm2mServer  in profile
+     * @param bootstrapFromCredential - Bootstrap -> Security of bootstrapServer in credential
+     * @param profileServerBootstrap  - Bootstrap -> Security of bootstrapServer in profile
+     * @param lwm2mFromCredential     - Bootstrap -> Security of lwm2mServer in credential
+     * @param profileLwm2mServer      - Bootstrap -> Security of lwm2mServer in profile
+     * @return false if not sync between SecurityMode of Bootstrap credential and profile
+     */
+    private boolean getValidatedSecurityMode(LwM2MServerBootstrap bootstrapFromCredential, LwM2MServerBootstrap profileServerBootstrap, LwM2MServerBootstrap lwm2mFromCredential, LwM2MServerBootstrap profileLwm2mServer) {
+        return  (bootstrapFromCredential.getSecurityMode().equals(profileServerBootstrap.getSecurityMode()) &&
+                lwm2mFromCredential.getSecurityMode().equals(profileLwm2mServer.getSecurityMode()));
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+public class LwM2MBootstrapServers {
+    @Builder.Default
+    private Integer shortId = 123;
+    @Builder.Default
+    private Integer lifetime = 300;
+    @Builder.Default
+    private Integer defaultMinPeriod = 1;
+    @Builder.Default
+    private boolean notifIfDisabled = true;
+    @Builder.Default
+    private String binding = "U";
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.server.bootstrap.BootstrapConfig;
+import org.eclipse.leshan.server.bootstrap.InMemoryBootstrapConfigStore;
+import org.eclipse.leshan.server.bootstrap.InvalidConfigurationException;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import java.util.Map;
+import java.util.concurrent.locks.Lock;
+import java.util.concurrent.locks.ReadWriteLock;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+
+@Slf4j
+@Component("LwM2MInMemoryBootstrapConfigStore")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' && '${transport.lwm2m.bootstrap.enable:false}'=='true') || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true'&& '${transport.lwm2m.bootstrap.enable}'=='true')")
+public class LwM2MInMemoryBootstrapConfigStore extends InMemoryBootstrapConfigStore {
+    private final ReadWriteLock readWriteLock = new ReentrantReadWriteLock();
+    private final Lock readLock = readWriteLock.readLock();
+    private final Lock writeLock = readWriteLock.writeLock();
+
+    @Override
+    public Map<String, BootstrapConfig> getAll() {
+        readLock.lock();
+        try {
+            return super.getAll();
+        } finally {
+            readLock.unlock();
+        }
+    }
+
+    @Override
+    public void add(String endpoint, BootstrapConfig config) throws InvalidConfigurationException {
+        writeLock.lock();
+        try {
+            addToStore(endpoint, config);
+        } finally {
+            writeLock.unlock();
+        }
+    }
+
+    @Override
+    public BootstrapConfig remove(String enpoint) {
+        writeLock.lock();
+        try {
+            BootstrapConfig res = super.remove(enpoint);
+            return res;
+        } finally {
+            writeLock.unlock();
+        }
+    }
+
+    public void addToStore(String endpoint, BootstrapConfig config) throws InvalidConfigurationException {
+        super.add(endpoint, config);
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.Builder;
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.SecurityMode;
+
+@Slf4j
+@Data
+public class LwM2MServerBootstrap {
+
+    @Builder.Default
+    String clientPublicKeyOrId = "";
+    @Builder.Default
+    String clientSecretKey = "";
+    @Builder.Default
+    String serverPublicKey = "";
+    @Builder.Default
+    Integer clientHoldOffTime = 1;
+    @Builder.Default
+    Integer bootstrapServerAccountTimeout = 0;
+
+    @Builder.Default
+    String host = "0.0.0.0";
+    @Builder.Default
+    Integer port = 0;
+
+    @Builder.Default
+    String securityMode = SecurityMode.NO_SEC.name();
+
+    @Builder.Default
+    Integer serverId = 123;
+    @Builder.Default
+    boolean bootstrapServerIs = false;
+
+    public LwM2MServerBootstrap(){};
+
+    public LwM2MServerBootstrap(LwM2MServerBootstrap bootstrapFromCredential, LwM2MServerBootstrap profileServerBootstrap) {
+            this.clientPublicKeyOrId = bootstrapFromCredential.getClientPublicKeyOrId();
+            this.clientSecretKey = bootstrapFromCredential.getClientSecretKey();
+            this.serverPublicKey = profileServerBootstrap.getServerPublicKey();
+            this.clientHoldOffTime = profileServerBootstrap.getClientHoldOffTime();
+            this.bootstrapServerAccountTimeout = profileServerBootstrap.getBootstrapServerAccountTimeout();
+            this.host = (profileServerBootstrap.getHost().equals("0.0.0.0")) ? "localhost" : profileServerBootstrap.getHost();
+            this.port = profileServerBootstrap.getPort();
+            this.securityMode = profileServerBootstrap.getSecurityMode();
+            this.serverId = profileServerBootstrap.getServerId();
+            this.bootstrapServerIs = profileServerBootstrap.bootstrapServerIs;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.server.californium.bootstrap.LeshanBootstrapServerBuilder;
+import org.eclipse.leshan.server.security.EditableSecurityStore;
+import org.thingsboard.server.transport.lwm2m.bootstrap.LwM2MTransportContextBootstrap;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+import org.thingsboard.server.transport.lwm2m.server.LwM2MTransportContextServer;
+
+import java.math.BigInteger;
+import java.security.AlgorithmParameters;
+import java.security.KeyStore;
+import java.security.PublicKey;
+import java.security.PrivateKey;
+import java.security.KeyFactory;
+import java.security.GeneralSecurityException;
+import java.security.KeyStoreException;
+import java.security.cert.X509Certificate;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.ECPoint;
+import java.security.spec.KeySpec;
+import java.security.spec.ECPrivateKeySpec;
+import java.util.Arrays;
+
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.NO_SEC;
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.X509;
+
+@Slf4j
+@Data
+public class LwM2MSetSecurityStoreBootstrap {
+
+    private KeyStore keyStore;
+    private PublicKey publicKey;
+    private PrivateKey privateKey;
+    private LwM2MTransportContextBootstrap contextBs;
+    private LwM2MTransportContextServer contextS;
+    private LeshanBootstrapServerBuilder builder;
+    EditableSecurityStore securityStore;
+
+    public LwM2MSetSecurityStoreBootstrap(LeshanBootstrapServerBuilder builder, LwM2MTransportContextBootstrap contextBs, LwM2MTransportContextServer contextS, LwM2MSecurityMode dtlsMode) {
+        this.builder = builder;
+        this.contextBs = contextBs;
+        this.contextS = contextS;
+        /** Set securityStore with new registrationStore */
+
+        switch (dtlsMode) {
+            /** Use No_Sec only */
+            case NO_SEC:
+                setServerWithX509Cert(NO_SEC.code);
+                break;
+            /** Use PSK/RPK  */
+            case PSK:
+            case RPK:
+                setRPK();
+                break;
+            case X509:
+                setServerWithX509Cert(X509.code);
+                break;
+            /** Use X509_EST only */
+            case X509_EST:
+                // TODO support sentinel pool and make pool configurable
+                break;
+            /** Use ather X509, PSK,  No_Sec ?? */
+            default:
+                break;
+        }
+    }
+
+    private void setRPK() {
+        try {
+            /** Get Elliptic Curve Parameter spec for secp256r1 */
+            AlgorithmParameters algoParameters = AlgorithmParameters.getInstance("EC");
+            algoParameters.init(new ECGenParameterSpec("secp256r1"));
+            ECParameterSpec parameterSpec = algoParameters.getParameterSpec(ECParameterSpec.class);
+            if (this.contextBs.getCtxBootStrap().getBootstrapPublicX() != null && !this.contextBs.getCtxBootStrap().getBootstrapPublicX().isEmpty() && this.contextBs.getCtxBootStrap().getBootstrapPublicY() != null && !this.contextBs.getCtxBootStrap().getBootstrapPublicY().isEmpty()) {
+                /** Get point values */
+                byte[] publicX = Hex.decodeHex(this.contextBs.getCtxBootStrap().getBootstrapPublicX().toCharArray());
+                byte[] publicY = Hex.decodeHex(this.contextBs.getCtxBootStrap().getBootstrapPublicY().toCharArray());
+                /** Create key specs */
+                KeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(new BigInteger(publicX), new BigInteger(publicY)),
+                        parameterSpec);
+                /** Get keys */
+                this.publicKey = KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
+            }
+            if (this.contextBs.getCtxBootStrap().getBootstrapPrivateS() != null && !this.contextBs.getCtxBootStrap().getBootstrapPrivateS().isEmpty()) {
+                /** Get point values */
+                byte[] privateS = Hex.decodeHex(this.contextBs.getCtxBootStrap().getBootstrapPrivateS().toCharArray());
+                /** Create key specs */
+                KeySpec privateKeySpec = new ECPrivateKeySpec(new BigInteger(privateS), parameterSpec);
+                /** Get keys */
+                this.privateKey = KeyFactory.getInstance("EC").generatePrivate(privateKeySpec);
+            }
+            if (this.publicKey != null && this.publicKey.getEncoded().length > 0 &&
+                    this.privateKey != null && this.privateKey.getEncoded().length > 0) {
+                this.builder.setPublicKey(this.publicKey);
+                this.builder.setPrivateKey(this.privateKey);
+                this.contextBs.getCtxBootStrap().setBootstrapPublicKey(this.publicKey);
+                getParamsRPK();
+            }
+        } catch (GeneralSecurityException | IllegalArgumentException e) {
+            log.error("[{}] Failed generate Server PSK/RPK", e.getMessage());
+            throw new RuntimeException(e);
+        }
+    }
+
+    private void setServerWithX509Cert(int securityModeCode) {
+        try {
+            if (this.contextS.getCtxServer().getKeyStoreValue() != null) {
+                KeyStore keyStoreServer = this.contextS.getCtxServer().getKeyStoreValue();
+                setBuilderX509();
+                X509Certificate rootCAX509Cert = (X509Certificate) keyStoreServer.getCertificate(this.contextS.getCtxServer().getRootAlias());
+                if (rootCAX509Cert != null && securityModeCode == X509.code) {
+                    X509Certificate[] trustedCertificates = new X509Certificate[1];
+                    trustedCertificates[0] = rootCAX509Cert;
+                    this.builder.setTrustedCertificates(trustedCertificates);
+                } else {
+                    /** by default trust all */
+                    this.builder.setTrustedCertificates(new X509Certificate[0]);
+                }
+            }
+            else {
+                /** by default trust all */
+                this.builder.setTrustedCertificates(new X509Certificate[0]);
+                log.error("Unable to load X509 files for BootStrapServer");
+            }
+        } catch (KeyStoreException ex) {
+            log.error("[{}] Unable to load X509 files server", ex.getMessage());
+        }
+
+    }
+
+    private void setBuilderX509() {
+        /**
+         * For deb => KeyStorePathFile == yml or commandline: KEY_STORE_PATH_FILE
+         * For idea => KeyStorePathResource == common/transport/lwm2m/src/main/resources/credentials: in LwM2MTransportContextServer: credentials/serverKeyStore.jks
+         */
+        try {
+            X509Certificate serverCertificate = (X509Certificate) this.contextS.getCtxServer().getKeyStoreValue().getCertificate(this.contextBs.getCtxBootStrap().getBootstrapAlias());
+            this.privateKey = (PrivateKey) this.contextS.getCtxServer().getKeyStoreValue().getKey(this.contextBs.getCtxBootStrap().getBootstrapAlias(), this.contextS.getCtxServer().getKeyStorePasswordServer() == null ? null : this.contextS.getCtxServer().getKeyStorePasswordServer().toCharArray());
+            if (this.privateKey != null && this.privateKey.getEncoded().length > 0) {
+                this.builder.setPrivateKey(this.privateKey);
+            }
+            if (serverCertificate != null) {
+                this.builder.setCertificateChain(new X509Certificate[]{serverCertificate});
+                this.contextBs.getCtxBootStrap().setBootstrapCertificate(serverCertificate);
+            }
+        } catch (Exception ex) {
+            log.error("[{}] Unable to load KeyStore  files server", ex.getMessage());
+        }
+    }
+
+    private void getParamsRPK() {
+        if (this.publicKey instanceof ECPublicKey) {
+            /** Get x coordinate */
+            byte[] x = ((ECPublicKey) this.publicKey).getW().getAffineX().toByteArray();
+            if (x[0] == 0)
+                x = Arrays.copyOfRange(x, 1, x.length);
+
+            /** Get Y coordinate */
+            byte[] y = ((ECPublicKey) this.publicKey).getW().getAffineY().toByteArray();
+            if (y[0] == 0)
+                y = Arrays.copyOfRange(y, 1, y.length);
+
+            /** Get Curves params */
+            String params = ((ECPublicKey) this.publicKey).getParams().toString();
+            log.info(
+                    " \nBootstrap uses RPK : \n Elliptic Curve parameters  : [{}] \n Public x coord : [{}] \n Public y coord : [{}] \n Public Key (Hex): [{}] \n Private Key (Hex): [{}]",
+                    params, Hex.encodeHexString(x), Hex.encodeHexString(y),
+                    Hex.encodeHexString(this.publicKey.getEncoded()),
+                    Hex.encodeHexString(this.privateKey.getEncoded()));
+        } else {
+            throw new IllegalStateException("Unsupported Public Key Format (only ECPublicKey supported).");
+        }
+    }
+
+//    private void getParamsX509() {
+//        try {
+//            log.info("BootStrap uses X509 : \n X509 Certificate (Hex): [{}] \n Private Key (Hex): [{}]",
+//                    Hex.encodeHexString(this.certificate.getEncoded()),
+//                    Hex.encodeHexString(this.privateKey.getEncoded()));
+//        } catch (CertificateEncodingException e) {
+//            e.printStackTrace();
+//        }
+//    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.bootstrap.secure;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.request.Identity;
+import org.eclipse.leshan.server.bootstrap.BootstrapSession;
+import org.eclipse.leshan.server.bootstrap.DefaultBootstrapSession;
+import org.eclipse.leshan.server.bootstrap.DefaultBootstrapSessionManager;
+import org.eclipse.leshan.server.security.BootstrapSecurityStore;
+import org.eclipse.leshan.server.security.SecurityChecker;
+import org.eclipse.leshan.server.security.SecurityInfo;
+
+import java.util.Arrays;
+import java.util.List;
+
+@Slf4j
+public class LwM2mDefaultBootstrapSessionManager extends DefaultBootstrapSessionManager {
+
+    private BootstrapSecurityStore bsSecurityStore;
+    private SecurityChecker securityChecker;
+
+    /**
+     * Create a {@link DefaultBootstrapSessionManager} using a default {@link SecurityChecker} to accept or refuse new
+     * {@link BootstrapSession}.
+     *
+     * @param bsSecurityStore the {@link BootstrapSecurityStore} used by default {@link SecurityChecker}.
+     */
+    public LwM2mDefaultBootstrapSessionManager(BootstrapSecurityStore bsSecurityStore) {
+        this(bsSecurityStore, new SecurityChecker());
+    }
+
+    public LwM2mDefaultBootstrapSessionManager(BootstrapSecurityStore bsSecurityStore, SecurityChecker securityChecker) {
+        super(bsSecurityStore);
+        this.bsSecurityStore = bsSecurityStore;
+        this.securityChecker = securityChecker;
+    }
+
+    @Override
+    public BootstrapSession begin(String endpoint, Identity clientIdentity) {
+        boolean authorized;
+        if (bsSecurityStore != null) {
+            List<SecurityInfo> securityInfos = (clientIdentity.getPskIdentity() != null && !clientIdentity.getPskIdentity().isEmpty()) ? Arrays.asList(bsSecurityStore.getByIdentity(clientIdentity.getPskIdentity())) : bsSecurityStore.getAllByEndpoint(endpoint);
+            log.info("Bootstrap session started securityInfos: [{}]", securityInfos);
+            authorized = securityChecker.checkSecurityInfos(endpoint, clientIdentity, securityInfos);
+        } else {
+            authorized = true;
+        }
+        DefaultBootstrapSession session = new DefaultBootstrapSession(endpoint, clientIdentity, authorized);
+        log.info("Bootstrap session started : {}", session);
+        return session;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.secure;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.util.Hex;
+import java.security.SecureRandom;
+import java.security.KeyPairGenerator;
+import java.security.KeyPair;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECGenParameterSpec;
+import java.util.Arrays;
+
+@Slf4j
+public class LWM2MGenerationPSkRPkECC {
+
+    public LWM2MGenerationPSkRPkECC(Integer dtlsMode) {
+        switch (LwM2MSecurityMode.fromSecurityMode(dtlsMode)) {
+            case PSK:
+                generationPSkKey();
+                break;
+            case RPK:
+                generationRPKECCKey();
+        }
+    }
+
+    public LWM2MGenerationPSkRPkECC() {
+        generationPSkKey();
+        generationRPKECCKey();
+    }
+
+    private void generationPSkKey() {
+        /** PSK */
+        int lenPSkKey = 32;
+        /** Start PSK
+         * Clients and Servers MUST support PSK keys of up to 64 bytes in length, as required by [RFC7925]
+         * SecureRandom object must be unpredictable, and all SecureRandom output sequences must be cryptographically strong, as described in [RFC4086]
+         * */
+        SecureRandom randomPSK = new SecureRandom();
+        byte bytesPSK[] = new byte[lenPSkKey];
+        randomPSK.nextBytes(bytesPSK);
+        log.info("\nCreating new PSK: \n for the next start PSK -> security key: [{}]", Hex.encodeHexString(bytesPSK));
+    }
+
+    private void generationRPKECCKey() {
+        /** RPK */
+        String algorithm = "EC";
+        String provider = "SunEC";
+        String nameParameterSpec = "secp256r1";
+
+        /** Start RPK
+         * Elliptic Curve parameters  : [secp256r1 [NIST P-256, X9.62 prime256v1] (1.2.840.10045.3.1.7)]
+         * */
+        KeyPairGenerator kpg = null;
+        try {
+            kpg = KeyPairGenerator.getInstance(algorithm, provider);
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (NoSuchProviderException e) {
+            e.printStackTrace();
+        }
+        ECGenParameterSpec ecsp = new ECGenParameterSpec(nameParameterSpec);
+        try {
+            kpg.initialize(ecsp);
+        } catch (InvalidAlgorithmParameterException e) {
+            e.printStackTrace();
+        }
+
+        KeyPair kp = kpg.genKeyPair();
+        PrivateKey privKey = kp.getPrivate();
+        PublicKey pubKey = kp.getPublic();
+
+        if (pubKey instanceof ECPublicKey) {
+            ECPublicKey ecPublicKey = (ECPublicKey) pubKey;
+            /** Get x coordinate */
+            byte[] x = ecPublicKey.getW().getAffineX().toByteArray();
+            if (x[0] == 0)
+                x = Arrays.copyOfRange(x, 1, x.length);
+
+            /** Get Y coordinate */
+            byte[] y = ecPublicKey.getW().getAffineY().toByteArray();
+            if (y[0] == 0)
+                y = Arrays.copyOfRange(y, 1, y.length);
+
+            /** Get Curves params */
+            String privHex = Hex.encodeHexString(privKey.getEncoded());
+            log.info("\nCreating new RPK for the next start... \n" +
+                    " Elliptic Curve parameters  : [{}] \n" +
+                    " public_x :  [{}] \n" +
+                    " public_y :  [{}] \n" +
+                    " private_s : [{}] \n" +
+                    " Public Key (Hex): [{}]\n" +
+                    " Private Key (Hex): [{}]",
+                    ecPublicKey.getParams().toString(),
+                    Hex.encodeHexString(x),
+                    Hex.encodeHexString(y),
+                    privHex.substring(privHex.length() - 64),
+                    Hex.encodeHexString(pubKey.getEncoded()),
+                    Hex.encodeHexString(privKey.getEncoded()));
+        }
+    }
+}
+

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.secure;
+
+import com.google.gson.JsonObject;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.core.util.SecurityUtil;
+import org.eclipse.leshan.server.security.SecurityInfo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.transport.TransportServiceCallback;
+import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceLwM2MCredentialsRequestMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceCredentialsResponseMsg;
+import org.thingsboard.server.transport.lwm2m.bootstrap.LwM2MTransportContextBootstrap;
+import org.thingsboard.server.transport.lwm2m.server.LwM2MTransportContextServer;
+import org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler;
+import org.thingsboard.server.transport.lwm2m.utils.TypeServer;
+
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.security.PublicKey;
+import java.util.Optional;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.*;
+
+@Slf4j
+@Component("LwM2MGetSecurityInfo")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' ) || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MGetSecurityInfo {
+
+    @Autowired
+    public LwM2MTransportContextServer contextS;
+
+    @Autowired
+    public LwM2MTransportContextBootstrap contextBS;
+
+
+    public ReadResultSecurityStore getSecurityInfo(String endPoint, TypeServer keyValue) {
+        CountDownLatch latch = new CountDownLatch(1);
+        final ReadResultSecurityStore[] resultSecurityStore = new ReadResultSecurityStore[1];
+        contextS.getTransportService().process(ValidateDeviceLwM2MCredentialsRequestMsg.newBuilder().setCredentialsId(endPoint).build(),
+                new TransportServiceCallback<ValidateDeviceCredentialsResponseMsg>() {
+                    @Override
+                    public void onSuccess(ValidateDeviceCredentialsResponseMsg msg) {
+                        String credentialsBody = msg.getCredentialsBody();
+                        resultSecurityStore[0] = putSecurityInfo(endPoint, msg.getDeviceInfo().getDeviceName(), credentialsBody, keyValue);
+                        resultSecurityStore[0].setMsg(msg);
+                        Optional<DeviceProfile> deviceProfileOpt = LwM2MTransportHandler.decode(msg.getProfileBody().toByteArray());
+                        deviceProfileOpt.ifPresent(profile -> resultSecurityStore[0].setDeviceProfile(profile));
+                        latch.countDown();
+                    }
+
+                    @Override
+                    public void onError(Throwable e) {
+                        log.trace("[{}] Failed to process credentials PSK: {}", endPoint, e);
+                        resultSecurityStore[0] = putSecurityInfo(endPoint, null, null, null);
+                        latch.countDown();
+                    }
+                });
+        try {
+            latch.await(contextS.getCtxServer().getTimeout(), TimeUnit.MILLISECONDS);
+        } catch (InterruptedException e) {
+            e.printStackTrace();
+        }
+        return resultSecurityStore[0];
+    }
+
+    private ReadResultSecurityStore putSecurityInfo(String endPoint, String deviceName, String jsonStr, TypeServer keyValue) {
+        ReadResultSecurityStore result = new ReadResultSecurityStore();
+        JsonObject objectMsg = LwM2MTransportHandler.validateJson(jsonStr);
+        if (objectMsg != null && !objectMsg.isJsonNull()) {
+            JsonObject object = (objectMsg.has(keyValue.type) && !objectMsg.get(keyValue.type).isJsonNull()) ? objectMsg.get(keyValue.type).getAsJsonObject() : null;
+            /**
+             * Only PSK
+             */
+            String endPointPsk = (objectMsg.has("client")
+                    && objectMsg.get("client").getAsJsonObject().has("endpoint")
+                    && objectMsg.get("client").getAsJsonObject().get("endpoint").isJsonPrimitive()) ? objectMsg.get("client").getAsJsonObject().get("endpoint").getAsString() : null;
+            endPoint = (endPointPsk == null || endPointPsk.isEmpty()) ? endPoint : endPointPsk;
+            if (object != null && !object.isJsonNull()) {
+                if (keyValue.equals(TypeServer.BOOTSTRAP)) {
+                    result.setBootstrapJsonCredential(object);
+                    result.setEndPoint(endPoint);
+                } else {
+                    LwM2MSecurityMode lwM2MSecurityMode = LwM2MSecurityMode.fromSecurityMode(object.get("securityConfigClientMode").getAsString().toLowerCase());
+                    switch (lwM2MSecurityMode) {
+                        case NO_SEC:
+                            getClientSecurityInfoNoSec(result);
+                            break;
+                        case PSK:
+                            getClientSecurityInfoPSK(result, endPoint, object);
+                            break;
+                        case RPK:
+                            getClientSecurityInfoRPK(result, endPoint, object);
+                            break;
+                        case X509:
+                            getClientSecurityInfoX509(result, endPoint);
+                            break;
+                        default:
+                            break;
+                    }
+                }
+            }
+        }
+        return result;
+    }
+
+    private void getClientSecurityInfoNoSec(ReadResultSecurityStore result) {
+        result.setSecurityInfo(null);
+        result.setSecurityMode(NO_SEC.code);
+    }
+
+    private void getClientSecurityInfoPSK(ReadResultSecurityStore result, String endPoint, JsonObject object) {
+        /** PSK Deserialization */
+        String identity = (object.has("identity") && object.get("identity").isJsonPrimitive()) ? object.get("identity").getAsString() : null;
+        if (identity != null && !identity.isEmpty()) {
+            try {
+                byte[] key = (object.has("key") && object.get("key").isJsonPrimitive()) ? Hex.decodeHex(object.get("key").getAsString().toCharArray()) : null;
+                if (key != null && key.length > 0) {
+                    if (endPoint != null && !endPoint.isEmpty()) {
+                        result.setSecurityInfo(SecurityInfo.newPreSharedKeyInfo(endPoint, identity, key));
+                        result.setSecurityMode(PSK.code);
+                    }
+                }
+            } catch (IllegalArgumentException e) {
+                log.error("Missing PSK key: " + e.getMessage());
+            }
+        } else {
+            log.error("Missing PSK identity");
+        }
+    }
+
+    private void getClientSecurityInfoRPK(ReadResultSecurityStore result, String endpoint, JsonObject object) {
+        try {
+            if (object.has("key") && object.get("key").isJsonPrimitive()) {
+                byte[] rpkkey = Hex.decodeHex(object.get("key").getAsString().toLowerCase().toCharArray());
+                PublicKey key = SecurityUtil.publicKey.decode(rpkkey);
+                result.setSecurityInfo(SecurityInfo.newRawPublicKeyInfo(endpoint, key));
+                result.setSecurityMode(RPK.code);
+            } else {
+                log.error("Missing RPK key");
+            }
+        } catch (IllegalArgumentException | IOException | GeneralSecurityException e) {
+            log.error("RPK: Invalid security info content: " + e.getMessage());
+        }
+    }
+
+    private void getClientSecurityInfoX509(ReadResultSecurityStore result, String endpoint) {
+        result.setSecurityInfo(SecurityInfo.newX509CertInfo(endpoint));
+        result.setSecurityMode(X509.code);
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.secure;
+
+public enum LwM2MSecurityMode {
+
+    PSK(0, "psk"),
+    RPK(1, "rpk"),
+    X509(2, "x509"),
+    NO_SEC(3, "no_sec"),
+    X509_EST(4, "x509_est"),
+    REDIS(7, "redis"),
+    DEFAULT_MODE(255, "default_mode");
+
+    public int code;
+    public String  subEndpoint;
+
+    LwM2MSecurityMode(int code, String subEndpoint) {
+        this.code = code;
+        this.subEndpoint = subEndpoint;
+    }
+
+    public static LwM2MSecurityMode fromSecurityMode(long code) {
+        return fromSecurityMode((int) code);
+    }
+
+    public static LwM2MSecurityMode fromSecurityMode(int code) {
+        for (LwM2MSecurityMode sm : LwM2MSecurityMode.values()) {
+            if (sm.code == code) {
+                return sm;
+            }
+        }
+        throw new IllegalArgumentException(String.format("Unsupported security code : %d", code));
+    }
+
+
+    public static LwM2MSecurityMode fromSecurityMode(String  subEndpoint) {
+        for (LwM2MSecurityMode sm : LwM2MSecurityMode.values()) {
+            if (sm.subEndpoint.equals(subEndpoint)) {
+                return sm;
+            }
+        }
+        throw new IllegalArgumentException(String.format("Unsupported security subEndpoint : %d", subEndpoint));
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.secure;
+
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.util.Hex;
+import java.math.BigInteger;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.AlgorithmParameters;
+import java.security.KeyFactory;
+import java.security.GeneralSecurityException;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.KeySpec;
+import java.security.spec.ECPrivateKeySpec;
+import java.security.spec.ECPoint;
+import java.util.List;
+
+@Slf4j
+@Data
+public class LwM2mRPkCredentials {
+    private PublicKey serverPublicKey;
+    private PrivateKey serverPrivateKey;
+    private X509Certificate certificate;
+    private List<Certificate> trustStore;
+
+    /**
+     * create All key RPK credentials
+     * @param publX
+     * @param publY
+     * @param privS
+     */
+    public LwM2mRPkCredentials(String publX, String publY, String privS) {
+        generatePublicKeyRPK(publX, publY, privS);
+    }
+
+    private void generatePublicKeyRPK(String publX, String publY, String privS) {
+        try {
+            /**Get Elliptic Curve Parameter spec for secp256r1 */
+            AlgorithmParameters algoParameters = AlgorithmParameters.getInstance("EC");
+            algoParameters.init(new ECGenParameterSpec("secp256r1"));
+            ECParameterSpec parameterSpec = algoParameters.getParameterSpec(ECParameterSpec.class);
+             if (publX != null && !publX.isEmpty() && publY != null && !publY.isEmpty()) {
+                // Get point values
+                byte[] publicX = Hex.decodeHex(publX.toCharArray());
+                byte[] publicY = Hex.decodeHex(publY.toCharArray());
+                /** Create key specs */
+                KeySpec publicKeySpec = new ECPublicKeySpec(new ECPoint(new BigInteger(publicX), new BigInteger(publicY)),
+                        parameterSpec);
+                /** Get keys */
+                this.serverPublicKey = KeyFactory.getInstance("EC").generatePublic(publicKeySpec);
+            }
+            if (privS != null && !privS.isEmpty()) {
+                /** Get point values */
+                byte[] privateS = Hex.decodeHex(privS.toCharArray());
+                /** Create key specs */
+                KeySpec privateKeySpec = new ECPrivateKeySpec(new BigInteger(privateS), parameterSpec);
+                /** Get keys */
+                this.serverPrivateKey = KeyFactory.getInstance("EC").generatePrivate(privateKeySpec);
+            }
+        } catch (GeneralSecurityException | IllegalArgumentException e) {
+            log.error("[{}] Failed generate Server KeyRPK", e.getMessage());
+            throw new RuntimeException(e);
+        }
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.secure;
+
+import com.google.gson.JsonObject;
+import lombok.Builder;
+import lombok.Data;
+import org.eclipse.leshan.server.bootstrap.BootstrapConfig;
+import org.eclipse.leshan.server.security.SecurityInfo;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceCredentialsResponseMsg;
+
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.DEFAULT_MODE;
+
+@Data
+public class ReadResultSecurityStore {
+    private ValidateDeviceCredentialsResponseMsg msg;
+    private SecurityInfo securityInfo;
+    @Builder.Default
+    private int securityMode = DEFAULT_MODE.code;
+
+    /** bootstrap */
+    DeviceProfile deviceProfile;
+    JsonObject bootstrapJsonCredential;
+    String endPoint;
+    BootstrapConfig bootstrapConfig;
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import io.netty.util.concurrent.Future;
+import io.netty.util.concurrent.GenericFutureListener;
+import lombok.extern.slf4j.Slf4j;
+import org.thingsboard.server.common.data.Device;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.transport.SessionMsgListener;
+import org.thingsboard.server.gen.transport.TransportProtos;
+import org.thingsboard.server.gen.transport.TransportProtos.GetAttributeResponseMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.AttributeUpdateNotificationMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.SessionCloseNotificationProto;
+import org.thingsboard.server.gen.transport.TransportProtos.ToDeviceRpcRequestMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.ToServerRpcResponseMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.ToTransportUpdateCredentialsProto;
+
+import java.util.Optional;
+
+@Slf4j
+public class LwM2MSessionMsgListener implements GenericFutureListener<Future<? super Void>>, SessionMsgListener {
+    private LwM2MTransportService service;
+    private TransportProtos.SessionInfoProto sessionInfo;
+
+    LwM2MSessionMsgListener(LwM2MTransportService service, TransportProtos.SessionInfoProto sessionInfo) {
+        this.service = service;
+        this.sessionInfo = sessionInfo;
+    }
+
+    @Override
+    public void onGetAttributesResponse(GetAttributeResponseMsg getAttributesResponse) {
+        log.info("[{}] attributesResponse", getAttributesResponse);
+    }
+
+    @Override
+    public void onAttributeUpdate(AttributeUpdateNotificationMsg attributeUpdateNotification) {
+        this.service.onAttributeUpdate(attributeUpdateNotification, this.sessionInfo);
+     }
+
+    @Override
+    public void onRemoteSessionCloseCommand(SessionCloseNotificationProto sessionCloseNotification) {
+        log.info("[{}] sessionCloseNotification", sessionCloseNotification);
+    }
+
+    @Override
+    public void onToTransportUpdateCredentials(ToTransportUpdateCredentialsProto updateCredentials) {
+        this.service.onToTransportUpdateCredentials(updateCredentials);
+    }
+
+    @Override
+    public void onDeviceProfileUpdate(TransportProtos.SessionInfoProto sessionInfo, DeviceProfile deviceProfile) {
+        this.service.onDeviceProfileUpdate(sessionInfo, deviceProfile);
+    }
+
+    @Override
+    public void onDeviceUpdate(TransportProtos.SessionInfoProto sessionInfo, Device device, Optional<DeviceProfile> deviceProfileOpt) {
+        this.service.onDeviceUpdate(sessionInfo, device, deviceProfileOpt);
+    }
+
+    @Override
+    public void onToDeviceRpcRequest(ToDeviceRpcRequestMsg toDeviceRequest) {
+        log.info("[{}] toDeviceRpcRequest", toDeviceRequest);
+    }
+
+    @Override
+    public void onToServerRpcResponse(ToServerRpcResponseMsg toServerResponse) {
+        log.info("[{}] toServerRpcResponse", toServerResponse);
+    }
+
+    @Override
+    public void operationComplete(Future<? super Void> future) throws Exception {
+        log.info("[{}]  operationComplete", future);
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.transport.TransportContext;
+import org.thingsboard.server.common.transport.lwm2m.LwM2MTransportConfigServer;
+
+import javax.annotation.PostConstruct;
+
+@Slf4j
+@Component
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true') || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportContextServer extends TransportContext {
+
+    private LwM2MTransportConfigServer ctxServer;
+
+    @Autowired
+    LwM2MTransportConfigServer lwM2MTransportConfigServer;
+
+    @PostConstruct
+    public void init() {
+        this.ctxServer = lwM2MTransportConfigServer;
+    }
+
+    public LwM2MTransportConfigServer getCtxServer () {
+        return this.ctxServer;
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.gson.Gson;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import com.google.gson.JsonSyntaxException;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.eclipse.californium.core.network.config.NetworkConfig;
+import org.eclipse.leshan.core.model.ResourceModel;
+import org.eclipse.leshan.core.node.LwM2mNode;
+import org.eclipse.leshan.core.node.LwM2mObject;
+import org.eclipse.leshan.core.node.LwM2mObjectInstance;
+import org.eclipse.leshan.core.node.LwM2mSingleResource;
+import org.eclipse.leshan.core.node.LwM2mMultipleResource;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.eclipse.leshan.server.californium.LeshanServerBuilder;
+import org.nustaq.serialization.FSTConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Component;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.data.device.profile.Lwm2mDeviceProfileTransportConfiguration;
+import org.thingsboard.server.transport.lwm2m.server.client.AttrTelemetryObserveValue;
+
+import javax.annotation.PostConstruct;
+import java.io.File;
+import java.io.IOException;
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Optional;
+import java.util.Map;
+import java.util.Arrays;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.LinkedList;
+import java.util.Collections;
+
+@Slf4j
+@Component("LwM2MTransportHandler")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' )|| ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportHandler{
+
+    // We choose a default timeout a bit higher to the MAX_TRANSMIT_WAIT(62-93s) which is the time from starting to
+    // send a Confirmable message to the time when an acknowledgement is no longer expected.
+    public static final long DEFAULT_TIMEOUT = 2 * 60 * 1000l; // 2min in ms
+    public static final String OBSERVE_ATTRIBUTE_TELEMETRY = "observeAttr";
+    public static final String KEYNAME = "keyName";
+    public static final String ATTRIBUTE = "attribute";
+    public static final String TELEMETRY = "telemetry";
+    public static final String OBSERVE = "observe";
+    public static final String BOOTSTRAP = "bootstrap";
+    public static final String SERVERS = "servers";
+    public static final String LWM2M_SERVER = "lwm2mServer";
+    public static final String BOOTSTRAP_SERVER = "bootstrapServer";
+    public static final String BASE_DEVICE_API_TOPIC = "v1/devices/me";
+    public static final String DEVICE_ATTRIBUTES_TOPIC = BASE_DEVICE_API_TOPIC + "/attributes";
+    public static final String DEVICE_TELEMETRY_TOPIC = BASE_DEVICE_API_TOPIC + "/telemetry";
+    public static final String LOG_LW2M_TELEMETRY = "logLwm2m";
+    public static final String LOG_LW2M_INFO = "info";
+    public static final String LOG_LW2M_ERROR = "error";
+    public static final String LOG_LW2M_WARN = "warn";
+
+
+    public static final String CLIENT_NOT_AUTHORIZED = "Client not authorized";
+
+    public static final String GET_TYPE_OPER_READ = "read";
+    public static final String GET_TYPE_OPER_DISCOVER = "discover";
+    public static final String GET_TYPE_OPER_OBSERVE = "observe";
+    public static final String POST_TYPE_OPER_OBSERVE_CANCEL = "observeCancel";
+    public static final String POST_TYPE_OPER_EXECUTE = "execute";
+    /**
+     * Replaces the Object Instance or the Resource(s) with the new value provided in the “Write” operation. (see
+     * section 5.3.3 of the LW M2M spec).
+     */
+    public static final String POST_TYPE_OPER_WRITE_REPLACE = "replace";
+    /**
+     * Adds or updates Resources provided in the new value and leaves other existing Resources unchanged. (see section
+     * 5.3.3 of the LW M2M spec).
+     */
+    public static final String PUT_TYPE_OPER_WRITE_UPDATE = "update";
+    public static final String PUT_TYPE_OPER_WRITE_ATTRIBUTES = "wright-attributes";
+
+    public static final String EVENT_AWAKE = "AWAKE";
+
+    private static Gson gson = null;
+
+    @Autowired
+    @Qualifier("LeshanServerCert")
+    private LeshanServer lhServerCert;
+
+    @Autowired
+    @Qualifier("leshanServerNoSecPskRpk")
+    private LeshanServer lhServerNoSecPskRpk;
+
+    @Autowired
+    private LwM2MTransportService service;
+
+
+    @PostConstruct
+    public void init() {
+        LwM2mServerListener lwM2mServerListener = new LwM2mServerListener(lhServerCert, service);
+        this.lhServerCert.getRegistrationService().addListener(lwM2mServerListener.registrationListener);
+        this.lhServerCert.getPresenceService().addListener(lwM2mServerListener.presenceListener);
+        this.lhServerCert.getObservationService().addListener(lwM2mServerListener.observationListener);
+        lwM2mServerListener = new LwM2mServerListener(lhServerNoSecPskRpk, service);
+        this.lhServerNoSecPskRpk.getRegistrationService().addListener(lwM2mServerListener.registrationListener);
+        this.lhServerNoSecPskRpk.getPresenceService().addListener(lwM2mServerListener.presenceListener);
+        this.lhServerNoSecPskRpk.getObservationService().addListener(lwM2mServerListener.observationListener);
+    }
+
+    public static NetworkConfig getCoapConfig() {
+        NetworkConfig coapConfig;
+        File configFile = new File(NetworkConfig.DEFAULT_FILE_NAME);
+        if (configFile.isFile()) {
+            coapConfig = new NetworkConfig();
+            coapConfig.load(configFile);
+        } else {
+            coapConfig = LeshanServerBuilder.createDefaultNetworkConfig();
+            coapConfig.store(configFile);
+        }
+        return coapConfig;
+    }
+
+    public static String getValueTypeToString (Object value, ResourceModel.Type type) {
+        switch (type) {
+            case STRING:    // String
+            case OBJLNK:    // ObjectLink
+                return value.toString();
+            case INTEGER:   // Long
+                return Long.toString((long) value);
+            case BOOLEAN:   // Boolean
+                return Boolean.toString((Boolean) value);
+            case FLOAT:     // Double
+                return Double.toString((Float)value);
+            case TIME:      // Date
+                String DATE_FORMAT = "MMM d, yyyy HH:mm a";
+                DateFormat formatter = new SimpleDateFormat(DATE_FORMAT);
+                return formatter.format(new Date((Long) Integer.toUnsignedLong(Integer.valueOf((Integer) value))));
+            case OPAQUE:    // byte[] value, base64
+                return Hex.encodeHexString((byte[])value);
+            default:
+                return null;
+        }
+    }
+
+    public static LwM2mNode getLvM2mNodeToObject(LwM2mNode content) {
+        if (content instanceof LwM2mObject) {
+            return (LwM2mObject) content;
+        } else if (content instanceof LwM2mObjectInstance) {
+            return (LwM2mObjectInstance) content;
+        } else if (content instanceof LwM2mSingleResource) {
+            return (LwM2mSingleResource) content;
+        } else if (content instanceof LwM2mMultipleResource) {
+            return (LwM2mMultipleResource) content;
+        }
+        return null;
+    }
+
+    public static AttrTelemetryObserveValue getNewProfileParameters(JsonObject profilesConfigData) {
+        AttrTelemetryObserveValue attrTelemetryObserveValue = new AttrTelemetryObserveValue();
+        attrTelemetryObserveValue.setPostKeyNameProfile(profilesConfigData.get(KEYNAME).getAsJsonObject());
+        attrTelemetryObserveValue.setPostAttributeProfile(profilesConfigData.get(ATTRIBUTE).getAsJsonArray());
+        attrTelemetryObserveValue.setPostTelemetryProfile(profilesConfigData.get(TELEMETRY).getAsJsonArray());
+        attrTelemetryObserveValue.setPostObserveProfile(profilesConfigData.get(OBSERVE).getAsJsonArray());
+        return  attrTelemetryObserveValue;
+    }
+
+    /**
+
+     * @return deviceProfileBody with Observe&Attribute&Telemetry From Thingsboard
+     * Example: with pathResource (use only pathResource)
+     * property: "observeAttr"
+     * {"keyName": {
+     *       "/3/0/1": "modelNumber",
+     *       "/3/0/0": "manufacturer",
+     *       "/3/0/2": "serialNumber"
+     *       },
+     * "attribute":["/2/0/1","/3/0/9"],
+     * "telemetry":["/1/0/1","/2/0/1","/6/0/1"],
+     * "observe":["/2/0","/2/0/0","/4/0/2"]}
+     */
+    public static JsonObject getObserveAttrTelemetryFromThingsboard(DeviceProfile deviceProfile) {
+        if (deviceProfile != null && ((Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration()).getProperties().size() > 0) {
+            Lwm2mDeviceProfileTransportConfiguration lwm2mDeviceProfileTransportConfiguration = (Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration();
+            Object observeAttr = ((Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration()).getProperties();
+            try {
+                ObjectMapper mapper = new ObjectMapper();
+                String observeAttrStr = mapper.writeValueAsString(observeAttr);
+                JsonObject objectMsg = (observeAttrStr != null) ? validateJson(observeAttrStr) : null;
+                return (getValidateCredentialsBodyFromThingsboard(objectMsg)) ? objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject() : null;
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+        return null;
+    }
+
+    public static JsonObject getBootstrapParametersFromThingsboard(DeviceProfile deviceProfile) {
+        if (deviceProfile != null && ((Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration()).getProperties().size() > 0) {
+            Lwm2mDeviceProfileTransportConfiguration lwm2mDeviceProfileTransportConfiguration = (Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration();
+            Object bootstrap = ((Lwm2mDeviceProfileTransportConfiguration) deviceProfile.getProfileData().getTransportConfiguration()).getProperties();
+            try {
+                ObjectMapper mapper = new ObjectMapper();
+                String bootstrapStr = mapper.writeValueAsString(bootstrap);
+                JsonObject objectMsg = (bootstrapStr != null) ? validateJson(bootstrapStr) : null;
+                return (getValidateBootstrapProfileFromThingsboard(objectMsg)) ? objectMsg.get(BOOTSTRAP).getAsJsonObject() : null;
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+        return null;
+    }
+
+    private static boolean getValidateCredentialsBodyFromThingsboard(JsonObject objectMsg) {
+        return (objectMsg != null &&
+                !objectMsg.isJsonNull() &&
+                objectMsg.has(OBSERVE_ATTRIBUTE_TELEMETRY) &&
+                !objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).isJsonNull() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).isJsonObject() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().has(KEYNAME) &&
+                !objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(KEYNAME).isJsonNull() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(KEYNAME).isJsonObject() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().has(ATTRIBUTE) &&
+                !objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(ATTRIBUTE).isJsonNull() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(ATTRIBUTE).isJsonArray() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().has(TELEMETRY) &&
+                !objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(TELEMETRY).isJsonNull() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(TELEMETRY).isJsonArray() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().has(OBSERVE) &&
+                !objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(OBSERVE).isJsonNull() &&
+                objectMsg.get(OBSERVE_ATTRIBUTE_TELEMETRY).getAsJsonObject().get(OBSERVE).isJsonArray());
+    }
+
+    private static boolean getValidateBootstrapProfileFromThingsboard(JsonObject objectMsg) {
+        return (objectMsg != null &&
+                !objectMsg.isJsonNull() &&
+                objectMsg.has(BOOTSTRAP) &&
+                objectMsg.get(BOOTSTRAP).isJsonObject() &&
+                !objectMsg.get(BOOTSTRAP).isJsonNull() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().has(SERVERS) &&
+                !objectMsg.get(BOOTSTRAP).getAsJsonObject().get(SERVERS).isJsonNull() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().get(SERVERS).isJsonObject() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().has(BOOTSTRAP_SERVER) &&
+                !objectMsg.get(BOOTSTRAP).getAsJsonObject().get(BOOTSTRAP_SERVER).isJsonNull() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().get(BOOTSTRAP_SERVER).isJsonObject() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().has(LWM2M_SERVER) &&
+                !objectMsg.get(BOOTSTRAP).getAsJsonObject().get(LWM2M_SERVER).isJsonNull() &&
+                objectMsg.get(BOOTSTRAP).getAsJsonObject().get(LWM2M_SERVER).isJsonObject());
+    }
+
+
+    public static JsonObject validateJson(String jsonStr) {
+        JsonObject object = null;
+        if (jsonStr != null && !jsonStr.isEmpty()) {
+            String jsonValidFlesh = jsonStr.replaceAll("\\\\", "");
+            jsonValidFlesh = jsonValidFlesh.replaceAll("\n", "");
+            jsonValidFlesh = jsonValidFlesh.replaceAll("\t", "");
+            jsonValidFlesh = jsonValidFlesh.replaceAll(" ", "");
+            String jsonValid = (jsonValidFlesh.substring(0, 1).equals("\"") && jsonValidFlesh.substring(jsonValidFlesh.length() - 1).equals("\"")) ? jsonValidFlesh.substring(1, jsonValidFlesh.length() - 1) : jsonValidFlesh;
+            try {
+                object = new JsonParser().parse(jsonValid).getAsJsonObject();
+            } catch (JsonSyntaxException e) {
+                log.error("[{}] Fail validateJson [{}]", jsonStr, e.getMessage());
+            }
+        }
+        return object;
+    }
+
+    public static <T> Optional<T> decode(byte[] byteArray) {
+        try {
+            FSTConfiguration config = FSTConfiguration.createDefaultConfiguration();;
+            T msg = (T) config.asObject(byteArray);
+            return Optional.ofNullable(msg);
+        } catch (IllegalArgumentException e) {
+            log.error("Error during deserialization message, [{}]", e.getMessage());
+            return Optional.empty();
+        }
+    }
+
+    /**
+     * Equals to Map for values
+     * @param map1
+     * @param map2
+     * @param <V>
+     * @return
+     */
+    public static <V extends Comparable<V>>  boolean mapsEquals(Map<?,V> map1, Map<?,V> map2) {
+        List<V> values1 = new ArrayList<V>(map1.values());
+        List<V> values2 = new ArrayList<V>(map2.values());
+        Collections.sort(values1);
+        Collections.sort(values2);
+        return values1.equals(values2);
+    }
+
+    public static String convertCamelCase (String str) {
+        str = str.toLowerCase().replace("/[^a-z ]+/g", " ");
+        str = str.replace("/^(.)|\\s(.)/g", "$1");
+        str = str.replace("/[^a-zA-Z]+/g", "");
+        return str;
+    }
+
+    public static String splitCamelCaseString(String s){
+        LinkedList<String> linkedListOut = new LinkedList<String>();
+        LinkedList<String> linkedList = new LinkedList<String>((Arrays.asList(s.split(" "))));
+        linkedList.stream().forEach(str-> {
+            String strOut = str.replaceAll("\\W", "").replaceAll("_", "").toUpperCase();
+            if (strOut.length()>1) linkedListOut.add(strOut.substring(0, 1) + strOut.substring(1).toLowerCase());
+            else linkedListOut.add(strOut);
+        });
+        linkedListOut.set(0, (linkedListOut.get(0).substring(0, 1).toLowerCase() + linkedListOut.get(0).substring(1)));
+        return StringUtils.join(linkedListOut, "");
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.californium.core.coap.Response;
+import org.eclipse.leshan.core.attributes.Attribute;
+import org.eclipse.leshan.core.attributes.AttributeSet;
+import org.eclipse.leshan.core.model.ResourceModel;
+import org.eclipse.leshan.core.node.LwM2mSingleResource;
+import org.eclipse.leshan.core.node.ObjectLink;
+import org.eclipse.leshan.core.observation.Observation;
+import org.eclipse.leshan.core.request.ContentFormat;
+import org.eclipse.leshan.core.request.WriteRequest;
+import org.eclipse.leshan.core.request.DiscoverRequest;
+import org.eclipse.leshan.core.request.DownlinkRequest;
+import org.eclipse.leshan.core.request.ObserveRequest;
+import org.eclipse.leshan.core.request.CancelObservationRequest;
+import org.eclipse.leshan.core.request.ReadRequest;
+import org.eclipse.leshan.core.request.ExecuteRequest;
+import org.eclipse.leshan.core.request.WriteAttributesRequest;
+import org.eclipse.leshan.core.response.ResponseCallback;
+import org.eclipse.leshan.core.response.LwM2mResponse;
+import org.eclipse.leshan.core.response.ObserveResponse;
+import org.eclipse.leshan.core.response.ReadResponse;
+import org.eclipse.leshan.core.response.CancelObservationResponse;
+import org.eclipse.leshan.core.response.DeleteResponse;
+import org.eclipse.leshan.core.response.ExecuteResponse;
+import org.eclipse.leshan.core.response.DiscoverResponse;
+import org.eclipse.leshan.core.response.WriteAttributesResponse;
+import org.eclipse.leshan.core.response.WriteResponse;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.core.util.NamedThreadFactory;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.eclipse.leshan.server.registration.Registration;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.transport.lwm2m.server.client.LwM2MClient;
+
+import javax.annotation.PostConstruct;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+
+import static org.eclipse.californium.core.coap.CoAP.ResponseCode.isSuccess;
+import static org.eclipse.leshan.core.attributes.Attribute.MINIMUM_PERIOD;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.DEFAULT_TIMEOUT;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.GET_TYPE_OPER_DISCOVER;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.GET_TYPE_OPER_OBSERVE;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.GET_TYPE_OPER_READ;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.PUT_TYPE_OPER_WRITE_ATTRIBUTES;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.PUT_TYPE_OPER_WRITE_UPDATE;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.POST_TYPE_OPER_EXECUTE;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.POST_TYPE_OPER_OBSERVE_CANCEL;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.POST_TYPE_OPER_WRITE_REPLACE;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.LOG_LW2M_ERROR;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.LOG_LW2M_INFO;
+
+@Slf4j
+@Service("LwM2MTransportRequest")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' ) || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportRequest {
+    private final ExecutorService executorService;
+    private static final String RESPONSE_CHANNEL = "THINGSBOARD_RESP";
+
+    @Autowired
+    LwM2MTransportService service;
+
+    public LwM2MTransportRequest() {
+        executorService = Executors.newCachedThreadPool(
+                new NamedThreadFactory(String.format("LwM2M %s channel response", RESPONSE_CHANNEL)));
+    }
+
+
+    @PostConstruct
+    public void init() {
+    }
+
+    public Collection<Registration> doGetRegistrations(LeshanServer lwServer) {
+        Collection<Registration> registrations = new ArrayList<>();
+        for (Iterator<Registration> iterator = lwServer.getRegistrationService().getAllRegistrations(); iterator
+                .hasNext(); ) {
+            registrations.add(iterator.next());
+        }
+        return registrations;
+    }
+
+    /**
+     * Device management and service enablement, including Read, Write, Execute, Discover, Create, Delete and Write-Attributes
+     *
+     * @param lwServer
+     * @param registration
+     * @param target
+     * @param typeOper
+     * @param contentFormatParam
+     * @param lwM2MClient
+     * @param observation
+     */
+    public void sendAllRequest(LeshanServer lwServer, Registration registration, String target, String typeOper,
+                               String contentFormatParam, LwM2MClient lwM2MClient, Observation observation, Object params, long timeoutInMs) {
+        ResultIds resultIds = new ResultIds(target);
+        if (registration != null && resultIds.getObjectId() >= 0) {
+            DownlinkRequest request = null;
+            ContentFormat contentFormat = contentFormatParam != null ? ContentFormat.fromName(contentFormatParam.toUpperCase()) : null;
+            ResourceModel resource = (resultIds.resourceId >= 0) ? (lwM2MClient != null) ?
+                    lwM2MClient.getModelObjects().get(resultIds.getObjectId()).getObjectModel().resources.get(resultIds.resourceId) : null : null;
+            ResourceModel.Type resType = (resource == null) ? null : resource.type;
+            boolean resMultiple = (resource == null) ? false : resource.multiple;
+            timeoutInMs = timeoutInMs > 0 ? timeoutInMs : DEFAULT_TIMEOUT;
+            switch (typeOper) {
+                case GET_TYPE_OPER_READ:
+                    request = new ReadRequest(contentFormat, target);
+                    break;
+                case GET_TYPE_OPER_DISCOVER:
+                    request = new DiscoverRequest(target);
+                    break;
+                case GET_TYPE_OPER_OBSERVE:
+                    if (resultIds.getResourceId() >= 0) {
+                        request = new ObserveRequest(resultIds.getObjectId(), resultIds.getInstanceId(), resultIds.getResourceId());
+                    } else if (resultIds.getInstanceId() >= 0) {
+                        request = new ObserveRequest(resultIds.getObjectId(), resultIds.getInstanceId());
+                    } else if (resultIds.getObjectId() >= 0) {
+                        request = new ObserveRequest(resultIds.getObjectId());
+                    }
+                    break;
+                case POST_TYPE_OPER_OBSERVE_CANCEL:
+                    request = new CancelObservationRequest(observation);
+                    break;
+                case POST_TYPE_OPER_EXECUTE:
+                    if (params != null && !resMultiple) {
+                        request = new ExecuteRequest(target, LwM2MTransportHandler.getValueTypeToString(params, resType));
+                    } else {
+                        request = new ExecuteRequest(target);
+                    }
+                    break;
+                case POST_TYPE_OPER_WRITE_REPLACE:
+                    // Request to write a <b>String Single-Instance Resource</b> using the TLV content format.
+                    if (contentFormat.equals(ContentFormat.TLV) && !resMultiple) {
+                        request = this.getWriteRequestSingleResource(null, resultIds.getObjectId(), resultIds.getInstanceId(), resultIds.getResourceId(), params, resType);
+                    }
+                    // Mode.REPLACE && Request to write a <b>String Single-Instance Resource</b> using the given content format (TEXT, TLV, JSON)
+                    else if (!contentFormat.equals(ContentFormat.TLV) && !resMultiple) {
+                        request = this.getWriteRequestSingleResource(contentFormat, resultIds.getObjectId(), resultIds.getInstanceId(), resultIds.getResourceId(), params, resType);
+                    }
+                    break;
+                case PUT_TYPE_OPER_WRITE_UPDATE:
+                    if (resultIds.getResourceId() >= 0) {
+                        ResourceModel resourceModel = lwServer.getModelProvider().getObjectModel(registration).getObjectModel(resultIds.getObjectId()).resources.get(resultIds.getResourceId());
+                        ResourceModel.Type typeRes = resourceModel.type;
+//                        request = getWriteRequestResource(resultIds.getObjectId(), resultIds.getInstanceId(), resultIds.getResourceId(), params, typeRes);
+                    }
+                    break;
+                case PUT_TYPE_OPER_WRITE_ATTRIBUTES:
+                    /**
+                     * As example:
+                     * a)Write-Attributes/3/0/9?pmin=1 means the Battery Level value will be notified
+                     * to the Server with a minimum interval of 1sec;
+                     * this value is set at theResource level.
+                     * b)Write-Attributes/3/0/9?pmin means the Battery Level will be notified
+                     * to the Server with a minimum value (pmin) given by the default one
+                     * (resource 2 of Object Server ID=1),
+                     * or with another value if this Attribute has been set at another level
+                     * (Object or Object Instance: see section5.1.1).
+                     * c)Write-Attributes/3/0?pmin=10 means that all Resources of Instance 0 of the Object ‘Device (ID:3)’
+                     * will be notified to the Server with a minimum interval of 10 sec;
+                     * this value is set at the Object Instance level.
+                     * d)Write-Attributes /3/0/9?gt=45&st=10 means the Battery Level will be notified to the Server
+                     * when:
+                     * a.old value is 20 and new value is 35 due to step condition
+                     * b.old value is 45 and new value is 50 due to gt condition
+                     * c.old value is 50 and new value is 40 due to both gt and step conditions
+                     * d.old value is 35 and new value is 20 due to step conditione)
+                     * Write-Attributes /3/0/9?lt=20&gt=85&st=10 means the Battery Level will be notified to the Server
+                     * when:
+                     * a.old value is 17 and new value is 24 due to lt condition
+                     * b.old value is 75 and new value is 90 due to both gt and step conditions
+                     *   String uriQueries = "pmin=10&pmax=60";
+                     *   AttributeSet attributes = AttributeSet.parse(uriQueries);
+                     *   WriteAttributesRequest request = new WriteAttributesRequest(target, attributes);
+                     *   Attribute gt = new Attribute(GREATER_THAN, Double.valueOf("45"));
+                     *   Attribute st = new Attribute(LESSER_THAN, Double.valueOf("10"));
+                     *   Attribute pmax = new Attribute(MAXIMUM_PERIOD, "60");
+                     *   Attribute [] attrs = {gt, st};
+                     */
+                    Attribute pmin = new Attribute(MINIMUM_PERIOD, Integer.toUnsignedLong(Integer.valueOf("1")));
+                    Attribute[] attrs = {pmin};
+                    AttributeSet attrSet = new AttributeSet(attrs);
+                    if (resultIds.getResourceId() >= 0) {
+                        request = new WriteAttributesRequest(resultIds.getObjectId(), resultIds.getInstanceId(), resultIds.getResourceId(), attrSet);
+                    } else if (resultIds.getInstanceId() >= 0) {
+                        request = new WriteAttributesRequest(resultIds.getObjectId(), resultIds.getInstanceId(), attrSet);
+                    } else if (resultIds.getObjectId() >= 0) {
+                        request = new WriteAttributesRequest(resultIds.getObjectId(), attrSet);
+                    }
+                    break;
+                default:
+            }
+            if (request != null) sendRequest(lwServer, registration, request, lwM2MClient, timeoutInMs);
+        }
+    }
+
+    /**
+     *
+     * @param lwServer
+     * @param registration
+     * @param request
+     * @param lwM2MClient
+     * @param timeoutInMs
+     */
+    private void sendRequest(LeshanServer lwServer, Registration registration, DownlinkRequest request, LwM2MClient lwM2MClient, long timeoutInMs) {
+        lwServer.send(registration, request, timeoutInMs, (ResponseCallback<?>) response -> {
+            if  (isSuccess(((Response)response.getCoapResponse()).getCode())) {
+                this.handleResponse(registration, request.getPath().toString(), response, request, lwM2MClient);
+                if (request instanceof WriteRequest && ((WriteRequest) request).isReplaceRequest()) {
+                    String msg = String.format(LOG_LW2M_INFO + " sendRequest Replace: CoapCde - %s Lwm2m code - %d name - %s Resource path - %s value - %s SendRequest to Client",
+                            ((Response)response.getCoapResponse()).getCode(), response.getCode().getCode(), response.getCode().getName(), request.getPath().toString(),
+                            ((LwM2mSingleResource)((WriteRequest) request).getNode()).getValue().toString());
+                    service.sentLogsToThingsboard(msg, registration.getId());
+                    log.info("[{}] - [{}] [{}] [{}] Update SendRequest", ((Response)response.getCoapResponse()).getCode(), response.getCode(),  request.getPath().toString(), ((LwM2mSingleResource)((WriteRequest) request).getNode()).getValue());
+                }
+            }
+            else {
+                String msg = String.format(LOG_LW2M_ERROR + " sendRequest: CoapCde - %s Lwm2m code - %d name - %s Resource path - %s  SendRequest to Client",
+                        ((Response)response.getCoapResponse()).getCode(), response.getCode().getCode(), response.getCode().getName(), request.getPath().toString());
+                service.sentLogsToThingsboard(msg, registration.getId());
+                log.error("[{}] - [{}] [{}] error SendRequest", ((Response)response.getCoapResponse()).getCode(), response.getCode(),  request.getPath().toString());
+            }
+        }, e -> {
+            String msg = String.format(LOG_LW2M_ERROR + " sendRequest: Resource path - %s msg error - %s  SendRequest to Client",
+                    request.getPath().toString(), e.toString());
+            service.sentLogsToThingsboard(msg, registration.getId());
+            log.error("[{}] - [{}] error SendRequest",  request.getPath().toString(), e.toString());
+        });
+    }
+
+    private WriteRequest getWriteRequestSingleResource(ContentFormat contentFormat, Integer objectId, Integer instanceId, Integer resourceId, Object value, ResourceModel.Type type) {
+        try {
+            switch (type) {
+                case STRING:    // String
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, value.toString()) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, value.toString());
+                case INTEGER:   // Long
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, Integer.toUnsignedLong(Integer.valueOf(value.toString()))) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, Integer.toUnsignedLong(Integer.valueOf(value.toString())));
+                case OBJLNK:    // ObjectLink
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, ObjectLink.fromPath(value.toString())) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, ObjectLink.fromPath(value.toString()));
+                case BOOLEAN:   // Boolean
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, Boolean.valueOf(value.toString())) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, Boolean.valueOf(value.toString()));
+                case FLOAT:     // Double
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, Double.valueOf(value.toString())) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, Double.valueOf(value.toString()));
+                case TIME:      // Date
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, new Date((Long) Integer.toUnsignedLong(Integer.valueOf(value.toString())))) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, new Date((Long) Integer.toUnsignedLong(Integer.valueOf(value.toString()))));
+                case OPAQUE:    // byte[] value, base64
+                    return (contentFormat == null) ? new WriteRequest(objectId, instanceId, resourceId, Hex.decodeHex(value.toString().toCharArray())) : new WriteRequest(contentFormat, objectId, instanceId, resourceId, Hex.decodeHex(value.toString().toCharArray()));
+                default:
+            }
+            return null;
+        } catch (NumberFormatException e) {
+            String patn = "/" + objectId + "/" +  instanceId + "/" +  resourceId;
+            log.error("Path: [{}] type: [{}] value: [{}] errorMsg: [{}]]",   patn, type, value, e.toString());
+            return  null;
+        }
+    }
+
+    private void handleResponse(Registration registration, final String path, LwM2mResponse response, DownlinkRequest request, LwM2MClient lwM2MClient) {
+        executorService.submit(new Runnable() {
+            @Override
+            public void run() {
+
+                try {
+                    sendResponse(registration, path, response, request, lwM2MClient);
+                } catch (RuntimeException t) {
+                    log.error("[{}] endpoint [{}] path [{}] error Unable to after send response.", registration.getEndpoint(), path, t.toString());
+                }
+            }
+        });
+    }
+
+    /**
+     * processing a response from a client
+     * @param registration -
+     * @param path -
+     * @param response -
+     * @param lwM2MClient -
+     */
+    private void sendResponse(Registration registration, String path, LwM2mResponse response, DownlinkRequest request, LwM2MClient lwM2MClient) {
+        if (response instanceof ObserveResponse) {
+            service.onObservationResponse(registration, path, (ReadResponse) response);
+        } else if (response instanceof CancelObservationResponse) {
+            log.info("[{}] Path [{}] CancelObservationResponse 3_Send", path, response);
+        } else if (response instanceof ReadResponse) {
+            /**
+             * Use only at the first start after registration
+             * Fill with data -> Model client
+             */
+            if (lwM2MClient != null) {
+                if (lwM2MClient.getPendingRequests().size() > 0) {
+                    lwM2MClient.onSuccessHandler(path, response);
+                }
+            }
+            /**
+             * Use after registration on request
+             */
+            else {
+                service.onObservationResponse(registration, path, (ReadResponse) response);
+            }
+        } else if (response instanceof DeleteResponse) {
+            log.info("[{}] Path [{}] DeleteResponse 5_Send", path, response);
+        } else if (response instanceof DiscoverResponse) {
+            log.info("[{}] Path [{}] DiscoverResponse 6_Send", path, response);
+        } else if (response instanceof ExecuteResponse) {
+            log.info("[{}] Path [{}] ExecuteResponse  7_Send", path, response);
+        } else if (response instanceof WriteAttributesResponse) {
+            log.info("[{}] Path [{}] WriteAttributesResponse 8_Send", path, response);
+        } else if (response instanceof WriteResponse) {
+            log.info("[{}] Path [{}] WriteAttributesResponse 9_Send", path, response);
+            service.onAttributeUpdateOk(registration, path, (WriteRequest) request);
+        }
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
+import org.eclipse.leshan.core.node.codec.DefaultLwM2mNodeDecoder;
+import org.eclipse.leshan.core.node.codec.DefaultLwM2mNodeEncoder;
+import org.eclipse.leshan.core.node.codec.LwM2mNodeDecoder;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.eclipse.leshan.server.californium.LeshanServerBuilder;
+import org.eclipse.leshan.server.model.LwM2mModelProvider;
+import org.eclipse.leshan.server.model.VersionedModelProvider;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+import org.thingsboard.server.transport.lwm2m.server.secure.LwM2MSetSecurityStoreServer;
+import org.thingsboard.server.transport.lwm2m.server.secure.LwM2mInMemorySecurityStore;
+import org.thingsboard.server.transport.lwm2m.utils.LwM2mValueConverterImpl;
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.X509;
+import static org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode.RPK;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.getCoapConfig;
+
+
+@Slf4j
+@ComponentScan("org.thingsboard.server.transport.lwm2m.server")
+@ComponentScan("org.thingsboard.server.transport.lwm2m.utils")
+@Configuration("LwM2MTransportServerConfiguration")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' ) || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportServerConfiguration {
+
+    @Autowired
+    private LwM2MTransportContextServer context;
+
+    @Autowired
+    private LwM2mInMemorySecurityStore lwM2mInMemorySecurityStore;
+
+    @Primary
+    @Bean(name = "LeshanServerCert")
+    public LeshanServer getLeshanServerCert() {
+        log.info("Starting LwM2M transport ServerCert... PostConstruct");
+        return getLeshanServer(this.context.getCtxServer().getServerPortCert(), this.context.getCtxServer().getServerSecurePortCert(), X509);
+    }
+
+    @Bean(name = "leshanServerNoSecPskRpk")
+    public LeshanServer getLeshanServerNoSecPskRpk() {
+        log.info("Starting LwM2M transport ServerNoSecPskRpk... PostConstruct");
+        return getLeshanServer(this.context.getCtxServer().getServerPort(), this.context.getCtxServer().getServerSecurePort(), RPK);
+    }
+
+    private LeshanServer getLeshanServer(Integer serverPort, Integer serverSecurePort, LwM2MSecurityMode dtlsMode) {
+
+        LeshanServerBuilder builder = new LeshanServerBuilder();
+        builder.setLocalAddress(this.context.getCtxServer().getServerHost(), serverPort);
+        builder.setLocalSecureAddress(this.context.getCtxServer().getServerSecureHost(), serverSecurePort);
+        builder.setEncoder(new DefaultLwM2mNodeEncoder());
+        LwM2mNodeDecoder decoder = new DefaultLwM2mNodeDecoder();
+        builder.setDecoder(decoder);
+        builder.setEncoder(new DefaultLwM2mNodeEncoder(new LwM2mValueConverterImpl()));
+
+        /** Create CoAP Config */
+        builder.setCoapConfig(getCoapConfig());
+
+        /** Define model provider (Create Models )*/
+        LwM2mModelProvider modelProvider = new VersionedModelProvider(this.context.getCtxServer().getModelsValue());
+        builder.setObjectModelProvider(modelProvider);
+
+        /** Create DTLS Config */
+        DtlsConnectorConfig.Builder dtlsConfig = new DtlsConnectorConfig.Builder();
+        dtlsConfig.setRecommendedCipherSuitesOnly(this.context.getCtxServer().isSupportDeprecatedCiphersEnable());
+        /** Set DTLS Config */
+        builder.setDtlsConfig(dtlsConfig);
+
+        /** Use a magic converter to support bad type send by the UI. */
+        builder.setEncoder(new DefaultLwM2mNodeEncoder(new LwM2mValueConverterImpl()));
+
+        /**  Create DTLS security mode
+         * There can be only one DTLS security mode
+         */
+        new LwM2MSetSecurityStoreServer(builder, context, lwM2mInMemorySecurityStore, dtlsMode);
+
+        /** Create LWM2M server */
+        return builder.build();
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.transport.lwm2m.secure.LWM2MGenerationPSkRPkECC;
+import org.thingsboard.server.transport.lwm2m.secure.LwM2MSecurityMode;
+import javax.annotation.PostConstruct;
+import javax.annotation.PreDestroy;
+
+@Slf4j
+@Service("LwM2MTransportServerInitializer")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' ) || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportServerInitializer {
+
+    @Autowired
+    @Qualifier("LeshanServerCert")
+    private LeshanServer lhServerCert;
+
+    @Autowired
+    @Qualifier("leshanServerNoSecPskRpk")
+    private LeshanServer lhServerNoSecPskRpk;
+
+    @Autowired
+    private LwM2MTransportContextServer context;
+
+    @PostConstruct
+    public void init() {
+        if (this.context.getCtxServer().getEnableGenPskRpk()) new LWM2MGenerationPSkRPkECC();
+        if (this.context.getCtxServer().isServerStartAll()) {
+            this.lhServerCert.start();
+            this.lhServerNoSecPskRpk.start();
+        }
+        else {
+            if (this.context.getCtxServer().getServerDtlsMode() == LwM2MSecurityMode.X509.code) {
+                this.lhServerCert.start();
+            }
+            else {
+                this.lhServerNoSecPskRpk.start();
+            }
+        }
+    }
+
+    @PreDestroy
+    public void shutdown() {
+        log.info("Stopping LwM2M transport Server!");
+        try {
+            lhServerCert.destroy();
+            lhServerNoSecPskRpk.destroy();
+        } finally {
+        }
+        log.info("LwM2M transport Server stopped!");
+    }
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import com.google.gson.*;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.model.ResourceModel;
+import org.eclipse.leshan.core.node.LwM2mMultipleResource;
+import org.eclipse.leshan.core.node.LwM2mObject;
+import org.eclipse.leshan.core.node.LwM2mObjectInstance;
+import org.eclipse.leshan.core.node.LwM2mSingleResource;
+import org.eclipse.leshan.core.node.LwM2mResource;
+import org.eclipse.leshan.core.node.LwM2mPath;
+import org.eclipse.leshan.core.observation.Observation;
+import org.eclipse.leshan.core.request.ContentFormat;
+import org.eclipse.leshan.core.request.WriteRequest;
+import org.eclipse.leshan.core.response.ReadResponse;
+import org.eclipse.leshan.core.util.Hex;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.eclipse.leshan.server.registration.Registration;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.stereotype.Service;
+import org.thingsboard.server.common.data.Device;
+import org.thingsboard.server.common.data.DeviceProfile;
+import org.thingsboard.server.common.transport.TransportService;
+import org.thingsboard.server.common.transport.TransportServiceCallback;
+import org.thingsboard.server.common.transport.adaptor.AdaptorException;
+import org.thingsboard.server.common.transport.adaptor.JsonConverter;
+import org.thingsboard.server.common.transport.service.DefaultTransportService;
+import org.thingsboard.server.gen.transport.TransportProtos;
+import org.thingsboard.server.gen.transport.TransportProtos.ToTransportUpdateCredentialsProto;
+import org.thingsboard.server.gen.transport.TransportProtos.SessionEvent;
+import org.thingsboard.server.gen.transport.TransportProtos.SessionInfoProto;
+import org.thingsboard.server.gen.transport.TransportProtos.ValidateDeviceCredentialsResponseMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.PostTelemetryMsg;
+import org.thingsboard.server.gen.transport.TransportProtos.PostAttributeMsg;
+import org.thingsboard.server.transport.lwm2m.server.adaptors.LwM2MJsonAdaptor;
+import org.thingsboard.server.transport.lwm2m.server.client.AttrTelemetryObserveValue;
+import org.thingsboard.server.transport.lwm2m.server.client.LwM2MClient;
+import org.thingsboard.server.transport.lwm2m.server.client.ModelObject;
+import org.thingsboard.server.transport.lwm2m.server.client.ResultsAnalyzerParameters;
+import org.thingsboard.server.transport.lwm2m.server.client.ResourceValue;
+import org.thingsboard.server.transport.lwm2m.server.secure.LwM2mInMemorySecurityStore;
+
+import javax.annotation.PostConstruct;
+import java.util.Collection;
+import java.util.UUID;
+import java.util.Random;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.Arrays;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.NoSuchElementException;
+import java.util.Optional;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import static org.eclipse.leshan.core.model.ResourceModel.Type.OPAQUE;
+import static org.thingsboard.server.transport.lwm2m.server.LwM2MTransportHandler.*;
+
+@Slf4j
+@Service("LwM2MTransportService")
+@ConditionalOnExpression("('${service.type:null}'=='tb-transport' && '${transport.lwm2m.enabled:false}'=='true' ) || ('${service.type:null}'=='monolith' && '${transport.lwm2m.enabled}'=='true')")
+public class LwM2MTransportService {
+
+    @Autowired
+    private LwM2MJsonAdaptor adaptor;
+
+    @Autowired
+    private TransportService transportService;
+
+    @Autowired
+    public LwM2MTransportContextServer context;
+
+    @Autowired
+    private LwM2MTransportRequest lwM2MTransportRequest;
+
+    @Autowired
+    LwM2mInMemorySecurityStore lwM2mInMemorySecurityStore;
+
+
+    @PostConstruct
+    public void init() {
+        context.getScheduler().scheduleAtFixedRate(() -> checkInactivityAndReportActivity(), new Random().nextInt((int) context.getCtxServer().getSessionReportTimeout()), context.getCtxServer().getSessionReportTimeout(), TimeUnit.MILLISECONDS);
+    }
+
+    /**
+     * Start registration device
+     * Create session: Map<String <registrationId >, LwM2MClient>
+     * 1. replaceNewRegistration -> (solving the problem of incorrect termination of the previous session with this endpoint)
+     * 1.1 When we initialize the registration, we register the session by endpoint.
+     * 1.2 If the server has incomplete requests (canceling the registration of the previous session),
+     * delete the previous session only by the previous registration.getId
+     * 1.2 Add Model (Entity) for client (from registration & observe) by registration.getId
+     * 1.2 Remove from sessions Model by enpPoint
+     * Next ->  Create new LwM2MClient for current session -> setModelClient...
+     *
+     * @param lwServer             - LeshanServer
+     * @param registration         - Registration LwM2M Client
+     * @param previousObsersations - may be null
+     */
+    public void onRegistered(LeshanServer lwServer, Registration registration, Collection<Observation> previousObsersations) {
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(lwServer, registration);
+        if (lwM2MClient != null) {
+            lwM2MClient.setLwM2MTransportService(this);
+            lwM2MClient.setLwM2MTransportService(this);
+            lwM2MClient.setSessionUuid(UUID.randomUUID());
+            this.setLwM2MClient(lwServer, registration, lwM2MClient);
+            SessionInfoProto sessionInfo = this.getValidateSessionInfo(registration.getId());
+            if (sessionInfo != null) {
+                lwM2MClient.setDeviceUuid(new UUID(sessionInfo.getDeviceIdMSB(), sessionInfo.getDeviceIdLSB()));
+                lwM2MClient.setProfileUuid(new UUID(sessionInfo.getDeviceProfileIdMSB(), sessionInfo.getDeviceProfileIdLSB()));
+                lwM2MClient.setDeviceName(sessionInfo.getDeviceName());
+                lwM2MClient.setDeviceProfileName(sessionInfo.getDeviceType());
+                transportService.registerAsyncSession(sessionInfo, new LwM2MSessionMsgListener(this, sessionInfo));
+                transportService.process(sessionInfo, DefaultTransportService.getSessionEventMsg(SessionEvent.OPEN), null);
+                transportService.process(sessionInfo, TransportProtos.SubscribeToAttributeUpdatesMsg.newBuilder().build(), null);
+                this.sentLogsToThingsboard(LOG_LW2M_INFO + ": Client registration", registration.getId());
+            } else {
+                log.error("Client: [{}] onRegistered [{}] name  [{}] sessionInfo ", registration.getId(), registration.getEndpoint(), sessionInfo);
+            }
+        } else {
+            log.error("Client: [{}] onRegistered [{}] name  [{}] lwM2MClient ", registration.getId(), registration.getEndpoint(), lwM2MClient);
+        }
+    }
+
+    /**
+     * @param lwServer     - LeshanServer
+     * @param registration - Registration LwM2M Client
+     */
+    public void updatedReg(LeshanServer lwServer, Registration registration) {
+        SessionInfoProto sessionInfo = this.getValidateSessionInfo(registration.getId());
+        if (sessionInfo != null) {
+            log.info("Client: [{}] updatedReg [{}] name  [{}] profile ", registration.getId(), registration.getEndpoint(), sessionInfo.getDeviceType());
+        } else {
+            log.error("Client: [{}] updatedReg [{}] name  [{}] sessionInfo ", registration.getId(), registration.getEndpoint(), sessionInfo);
+        }
+    }
+
+    /**
+     * @param registration - Registration LwM2M Client
+     * @param observations - All paths observations before unReg
+     *                     !!! Warn: if have not finishing unReg, then this operation will be finished on next Client`s connect
+     */
+    public void unReg(Registration registration, Collection<Observation> observations) {
+        this.sentLogsToThingsboard(LOG_LW2M_INFO + ": Client unRegistration", registration.getId());
+        this.closeClientSession(registration);
+    }
+
+    private void closeClientSession(Registration registration) {
+        SessionInfoProto sessionInfo = this.getValidateSessionInfo(registration.getId());
+        if (sessionInfo != null) {
+            transportService.deregisterSession(sessionInfo);
+            this.doCloseSession(sessionInfo);
+            lwM2mInMemorySecurityStore.delRemoveSessionAndListener(registration.getId());
+            if (lwM2mInMemorySecurityStore.getProfiles().size() > 0) {
+                this.syncSessionsAndProfiles();
+            }
+            log.info("Client: [{}] unReg [{}] name  [{}] profile ", registration.getId(), registration.getEndpoint(), sessionInfo.getDeviceType());
+        } else {
+            log.error("Client: [{}] unReg [{}] name  [{}] sessionInfo ", registration.getId(), registration.getEndpoint(), sessionInfo);
+        }
+    }
+
+    public void onSleepingDev(Registration registration) {
+        log.info("[{}] [{}] Received endpoint Sleeping version event", registration.getId(), registration.getEndpoint());
+        //TODO: associate endpointId with device information.
+    }
+
+    /**
+     * Those methods are called by the protocol stage thread pool, this means that execution MUST be done in a short delay,
+     * * if you need to do long time processing use a dedicated thread pool.
+     *
+     * @param registration
+     */
+
+    public void onAwakeDev(Registration registration) {
+        log.info("[{}] [{}] Received endpoint Awake version event", registration.getId(), registration.getEndpoint());
+        //TODO: associate endpointId with device information.
+    }
+
+    /**
+     * This method is used to sync with sessions
+     * Removes a profile if not used in sessions
+     */
+    private void syncSessionsAndProfiles() {
+        Map<UUID, AttrTelemetryObserveValue> profilesClone = lwM2mInMemorySecurityStore.getProfiles().entrySet()
+                .stream()
+                .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
+        profilesClone.forEach((k, v) -> {
+            String registrationId = lwM2mInMemorySecurityStore.getSessions().entrySet()
+                    .stream()
+                    .filter(e -> e.getValue().getProfileUuid().equals(k))
+                    .findFirst()
+                    .map(Map.Entry::getKey) // return the key of the matching entry if found
+                    .orElse("");
+            if (registrationId.isEmpty()) {
+                lwM2mInMemorySecurityStore.getProfiles().remove(k);
+            }
+        });
+    }
+
+    /**
+     * Create new LwM2MClient for current session -> setModelClient...
+     * #1   Add all ObjectLinks (instance) to control the process of executing requests to the client
+     * to get the client model with current values
+     * #2   Get the client model with current values. Analyze the response in -> lwM2MTransportRequest.sendResponse
+     *
+     * @param lwServer     - LeshanServer
+     * @param registration - Registration LwM2M Client
+     * @param lwM2MClient  - object with All parameters off client
+     */
+    private void setLwM2MClient(LeshanServer lwServer, Registration registration, LwM2MClient lwM2MClient) {
+        // #1
+        Arrays.stream(registration.getObjectLinks()).forEach(url -> {
+            ResultIds pathIds = new ResultIds(url.getUrl());
+            if (pathIds.instanceId > -1 && pathIds.resourceId == -1) {
+                lwM2MClient.getPendingRequests().add(url.getUrl());
+            }
+        });
+        // #2
+        Arrays.stream(registration.getObjectLinks()).forEach(url -> {
+            ResultIds pathIds = new ResultIds(url.getUrl());
+            if (pathIds.instanceId > -1 && pathIds.resourceId == -1) {
+                lwM2MTransportRequest.sendAllRequest(lwServer, registration, url.getUrl(), GET_TYPE_OPER_READ,
+                        ContentFormat.TLV.getName(), lwM2MClient, null, null, this.context.getCtxServer().getTimeout());
+            }
+        });
+    }
+
+    /**
+     * @param registrationId - Id of Registration LwM2M Client
+     * @return - sessionInfo after access connect client
+     */
+    private SessionInfoProto getValidateSessionInfo(String registrationId) {
+        SessionInfoProto sessionInfo = null;
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(registrationId);
+        if (lwM2MClient != null) {
+            ValidateDeviceCredentialsResponseMsg msg = lwM2MClient.getCredentialsResponse();
+            if (msg == null || msg.getDeviceInfo() == null) {
+                log.error("[{}] [{}]", lwM2MClient.getEndPoint(), CLIENT_NOT_AUTHORIZED);
+                this.closeClientSession(lwM2MClient.getRegistration());
+            } else {
+                sessionInfo = SessionInfoProto.newBuilder()
+                        .setNodeId(this.context.getNodeId())
+                        .setSessionIdMSB(lwM2MClient.getSessionUuid().getMostSignificantBits())
+                        .setSessionIdLSB(lwM2MClient.getSessionUuid().getLeastSignificantBits())
+                        .setDeviceIdMSB(msg.getDeviceInfo().getDeviceIdMSB())
+                        .setDeviceIdLSB(msg.getDeviceInfo().getDeviceIdLSB())
+                        .setTenantIdMSB(msg.getDeviceInfo().getTenantIdMSB())
+                        .setTenantIdLSB(msg.getDeviceInfo().getTenantIdLSB())
+                        .setDeviceName(msg.getDeviceInfo().getDeviceName())
+                        .setDeviceType(msg.getDeviceInfo().getDeviceType())
+                        .setDeviceProfileIdLSB(msg.getDeviceInfo().getDeviceProfileIdLSB())
+                        .setDeviceProfileIdMSB(msg.getDeviceInfo().getDeviceProfileIdMSB())
+                        .build();
+            }
+        }
+        return sessionInfo;
+    }
+
+    /**
+     * Add attribute/telemetry information from Client and credentials/Profile to client model and start observe
+     * !!! if the resource has an observation, but no telemetry or attribute - the observation will not use
+     * #1 Client`s starting info  to  send to thingsboard
+     * #2 Sending Attribute Telemetry with value to thingsboard only once at the start of the connection
+     * #3 Start observe
+     *
+     * @param lwServer     - LeshanServer
+     * @param registration - Registration LwM2M Client
+     */
+
+    public void updatesAndSentModelParameter(LeshanServer lwServer, Registration registration) {
+        // #1
+//        this.setParametersToModelClient(registration, modelClient, deviceProfile);
+        // #2
+        this.updateAttrTelemetry(registration, true, null);
+        // #3
+        this.onSentObserveToClient(lwServer, registration);
+    }
+
+
+    /**
+     * Sent Attribute and Telemetry to Thingsboard
+     * #1 - get AttrName/TelemetryName with value:
+     * #1.1 from Client
+     * #1.2 from LwM2MClient:
+     * -- resourceId == path from AttrTelemetryObserveValue.postAttributeProfile/postTelemetryProfile/postObserveProfile
+     * -- AttrName/TelemetryName == resourceName from ModelObject.objectModel, value from ModelObject.instance.resource(resourceId)
+     * #2 - set Attribute/Telemetry
+     *
+     * @param registration - Registration LwM2M Client
+     */
+    private void updateAttrTelemetry(Registration registration, boolean start, Set<String> paths) {
+        JsonObject attributes = new JsonObject();
+        JsonObject telemetrys = new JsonObject();
+        if (start) {
+            // #1.1
+            JsonObject attributeClient = this.getAttributeClient(registration);
+            if (attributeClient != null) {
+                attributeClient.entrySet().forEach(p -> {
+                    attributes.add(p.getKey(), p.getValue());
+                });
+            }
+        }
+        // #1.2
+        CountDownLatch cancelLatch = new CountDownLatch(1);
+        this.getParametersFromProfile(attributes, telemetrys, registration, paths);
+        cancelLatch.countDown();
+        try {
+            cancelLatch.await(DEFAULT_TIMEOUT, TimeUnit.MILLISECONDS);
+        } catch (InterruptedException e) {
+            log.error("[{}] updateAttrTelemetry", e.toString());
+        }
+        if (attributes.getAsJsonObject().entrySet().size() > 0)
+            this.updateParametersOnThingsboard(attributes, DEVICE_ATTRIBUTES_TOPIC, registration.getId());
+        if (telemetrys.getAsJsonObject().entrySet().size() > 0)
+            this.updateParametersOnThingsboard(telemetrys, DEVICE_TELEMETRY_TOPIC, registration.getId());
+    }
+
+    /**
+     * get AttrName/TelemetryName with value from Client
+     *
+     * @param registration -
+     * @return - JsonObject, format: {name: value}}
+     */
+    private JsonObject getAttributeClient(Registration registration) {
+        if (registration.getAdditionalRegistrationAttributes().size() > 0) {
+            JsonObject resNameValues = new JsonObject();
+            registration.getAdditionalRegistrationAttributes().entrySet().forEach(entry -> {
+                resNameValues.addProperty(entry.getKey(), entry.getValue());
+            });
+            return resNameValues;
+        }
+        return null;
+    }
+
+    /**
+     * @param attributes   - new JsonObject
+     * @param telemetry    - new JsonObject
+     * @param registration - Registration LwM2M Client
+     *                     result: add to JsonObject those resources to which the user is subscribed and they have a value
+     *                     if path==null add All resources else only one
+     *                     (attributes/telemetry): new {name(Attr/Telemetry):value}
+     */
+    private void getParametersFromProfile(JsonObject attributes, JsonObject telemetry, Registration registration, Set<String> path) {
+        AttrTelemetryObserveValue attrTelemetryObserveValue = lwM2mInMemorySecurityStore.getProfiles().get(lwM2mInMemorySecurityStore.getSessions().get(registration.getId()).getProfileUuid());
+        attrTelemetryObserveValue.getPostAttributeProfile().forEach(p -> {
+            ResultIds pathIds = new ResultIds(p.getAsString().toString());
+            if (pathIds.getResourceId() > -1) {
+                if (path == null || path.contains(p.getAsString())) {
+                    this.addParameters(pathIds, p.getAsString().toString(), attributes, registration);
+                }
+            }
+        });
+        attrTelemetryObserveValue.getPostTelemetryProfile().forEach(p -> {
+            ResultIds pathIds = new ResultIds(p.getAsString().toString());
+            if (pathIds.getResourceId() > -1) {
+                if (path == null || path.contains(p.getAsString())) {
+                    this.addParameters(pathIds, p.getAsString().toString(), telemetry, registration);
+                }
+            }
+        });
+    }
+
+    /**
+     * @param pathIds      - path resource
+     * @param parameters   - JsonObject attributes/telemetry
+     * @param registration - Registration LwM2M Client
+     */
+    private void addParameters(ResultIds pathIds, String path, JsonObject parameters, Registration registration) {
+        ModelObject modelObject = lwM2mInMemorySecurityStore.getSessions().get(registration.getId()).getModelObjects().get(pathIds.getObjectId());
+        JsonObject names = lwM2mInMemorySecurityStore.getProfiles().get(lwM2mInMemorySecurityStore.getSessions().get(registration.getId()).getProfileUuid()).getPostKeyNameProfile();
+        String resName = String.valueOf(names.get(path));
+        if (modelObject != null && resName != null && !resName.isEmpty()) {
+            String resValue = this.getResourceValue(modelObject, pathIds);
+            if (resValue != null) {
+                parameters.addProperty(resName, resValue);
+            }
+        }
+    }
+
+    /**
+     * @param modelObject - ModelObject of Client
+     * @param pathIds     - path resource
+     * @return - value of Resource or null
+     */
+    private String getResourceValue(ModelObject modelObject, ResultIds pathIds) {
+        String resValue = null;
+        if (modelObject.getInstances().get(pathIds.getInstanceId()) != null) {
+            LwM2mObjectInstance instance = modelObject.getInstances().get(pathIds.getInstanceId());
+            if (instance.getResource(pathIds.getResourceId()) != null) {
+                resValue = instance.getResource(pathIds.getResourceId()).getType() == OPAQUE ?
+                        Hex.encodeHexString((byte[]) instance.getResource(pathIds.getResourceId()).getValue()).toLowerCase() :
+                        (instance.getResource(pathIds.getResourceId()).isMultiInstances()) ?
+                                instance.getResource(pathIds.getResourceId()).getValues().toString() :
+                                instance.getResource(pathIds.getResourceId()).getValue().toString();
+            }
+        }
+        return resValue;
+    }
+
+    /**
+     * Prepare Sent to Thigsboard callback - Attribute or Telemetry
+     *
+     * @param msg            - JsonArray: [{name: value}]
+     * @param topicName      - Api Attribute or Telemetry
+     * @param registrationId - Id of Registration LwM2M Client
+     */
+    public void updateParametersOnThingsboard(JsonElement msg, String topicName, String registrationId) {
+        SessionInfoProto sessionInfo = this.getValidateSessionInfo(registrationId);
+        if (sessionInfo != null) {
+            try {
+                if (topicName.equals(LwM2MTransportHandler.DEVICE_ATTRIBUTES_TOPIC)) {
+                    PostAttributeMsg postAttributeMsg = adaptor.convertToPostAttributes(msg);
+                    TransportServiceCallback call = this.getPubAckCallbackSentAttrTelemetry(-1, postAttributeMsg);
+                    transportService.process(sessionInfo, postAttributeMsg, call);
+                } else if (topicName.equals(LwM2MTransportHandler.DEVICE_TELEMETRY_TOPIC)) {
+                    PostTelemetryMsg postTelemetryMsg = adaptor.convertToPostTelemetry(msg);
+                    TransportServiceCallback call = this.getPubAckCallbackSentAttrTelemetry(-1, postTelemetryMsg);
+                    transportService.process(sessionInfo, postTelemetryMsg, this.getPubAckCallbackSentAttrTelemetry(-1, call));
+                }
+            } catch (AdaptorException e) {
+                log.error("[{}] Failed to process publish msg [{}]", topicName, e);
+                log.info("[{}] Closing current session due to invalid publish", topicName);
+            }
+        } else {
+            log.error("Client: [{}] updateParametersOnThingsboard [{}] sessionInfo ", registrationId, sessionInfo);
+        }
+    }
+
+    /**
+     * Sent to Thingsboard Attribute || Telemetry
+     *
+     * @param msgId - always == -1
+     * @param msg   - JsonObject: [{name: value}]
+     * @return - dummy
+     */
+    private <T> TransportServiceCallback<Void> getPubAckCallbackSentAttrTelemetry(final int msgId, final T msg) {
+        return new TransportServiceCallback<Void>() {
+            @Override
+            public void onSuccess(Void dummy) {
+                log.trace("Success to publish msg: {}, dummy: {}", msg, dummy);
+            }
+
+            @Override
+            public void onError(Throwable e) {
+                log.trace("[{}] Failed to publish msg: {}", msg, e);
+            }
+        };
+    }
+
+
+    /**
+     * Start observe
+     * #1 - Analyze:
+     * #1.1 path in observe == (attribute or telemetry)
+     * #1.2 recourseValue notNull
+     * #2 Analyze after sent request (response):
+     * #2.1 First: lwM2MTransportRequest.sendResponse -> ObservationListener.newObservation
+     * #2.2 Next: ObservationListener.onResponse     *
+     *
+     * @param lwServer     - LeshanServer
+     * @param registration - Registration LwM2M Client
+     */
+    private void onSentObserveToClient(LeshanServer lwServer, Registration registration) {
+        if (lwServer.getObservationService().getObservations(registration).size() > 0) {
+            this.setCancelObservations(lwServer, registration);
+        }
+        UUID profileUUid = lwM2mInMemorySecurityStore.getSessions().get(registration.getId()).getProfileUuid();
+        AttrTelemetryObserveValue attrTelemetryObserveValue = lwM2mInMemorySecurityStore.getProfiles().get(profileUUid);
+        attrTelemetryObserveValue.getPostObserveProfile().forEach(p -> {
+            // #1.1
+            String target = (getValidateObserve(attrTelemetryObserveValue.getPostAttributeProfile(), p.getAsString().toString())) ?
+                    p.getAsString().toString() : (getValidateObserve(attrTelemetryObserveValue.getPostTelemetryProfile(), p.getAsString().toString())) ?
+                    p.getAsString().toString() : null;
+            if (target != null) {
+                // #1.2
+                ResultIds pathIds = new ResultIds(target);
+                ModelObject modelObject = lwM2mInMemorySecurityStore.getSessions().get(registration.getId()).getModelObjects().get(pathIds.getObjectId());
+                // #2
+                if (modelObject != null) {
+                    if (getResourceValue(modelObject, pathIds) != null) {
+                        lwM2MTransportRequest.sendAllRequest(lwServer, registration, target, GET_TYPE_OPER_OBSERVE,
+                                null, null, null, null, this.context.getCtxServer().getTimeout());
+                    }
+                }
+            }
+        });
+    }
+
+    public void setCancelObservations(LeshanServer lwServer, Registration registration) {
+        if (registration != null) {
+            Set<Observation> observations = lwServer.getObservationService().getObservations(registration);
+            observations.forEach(observation -> {
+                this.setCancelObservationRecourse(lwServer, registration, observation.getPath().toString());
+            });
+        }
+    }
+
+    /**
+     * lwM2MTransportRequest.sendAllRequest(lwServer, registration, path, POST_TYPE_OPER_OBSERVE_CANCEL, null, null, null, null, context.getTimeout());
+     * At server side this will not remove the observation from the observation store, to do it you need to use
+     * {@code ObservationService#cancelObservation()}
+     */
+    public void setCancelObservationRecourse(LeshanServer lwServer, Registration registration, String path) {
+        CountDownLatch cancelLatch = new CountDownLatch(1);
+        lwServer.getObservationService().cancelObservations(registration, path);
+        cancelLatch.countDown();
+        try {
+            cancelLatch.await(DEFAULT_TIMEOUT, TimeUnit.MILLISECONDS);
+        } catch (InterruptedException e) {
+        }
+    }
+
+    /**
+     * @param parameters - JsonArray postAttributeProfile/postTelemetryProfile
+     * @param path       - recourse from postObserveProfile
+     * @return rez - true if path observe is in attribute/telemetry
+     */
+    private boolean getValidateObserve(JsonElement parameters, String path) {
+        AtomicBoolean rez = new AtomicBoolean(false);
+        if (parameters.isJsonArray()) {
+            parameters.getAsJsonArray().forEach(p -> {
+                        if (p.getAsString().toString().equals(path)) rez.set(true);
+                    }
+            );
+        } else if (parameters.isJsonObject()) {
+            rez.set((parameters.getAsJsonObject().entrySet()).stream().map(json -> json.toString())
+                    .filter(path::equals).findAny().orElse(null) != null);
+        }
+        return rez.get();
+    }
+
+    /**
+     * Sending observe value to thingsboard from ObservationListener.onResponse: object, instance, SingleResource or MultipleResource
+     *
+     * @param registration - Registration LwM2M Client
+     * @param path         - observe
+     * @param response     - observe
+     */
+    @SneakyThrows
+    public void onObservationResponse(Registration registration, String path, ReadResponse response) {
+        if (response.getContent() != null) {
+            if (response.getContent() instanceof LwM2mObject) {
+                LwM2mObject content = (LwM2mObject) response.getContent();
+                String target = "/" + content.getId();
+            } else if (response.getContent() instanceof LwM2mObjectInstance) {
+                LwM2mObjectInstance content = (LwM2mObjectInstance) response.getContent();
+            } else if (response.getContent() instanceof LwM2mSingleResource) {
+                LwM2mSingleResource content = (LwM2mSingleResource) response.getContent();
+                this.onObservationSetResourcesValue(registration, content.getValue(), null, path);
+            } else if (response.getContent() instanceof LwM2mMultipleResource) {
+                LwM2mSingleResource content = (LwM2mSingleResource) response.getContent();
+                this.onObservationSetResourcesValue(registration, null, content.getValues(), path);
+            }
+        }
+    }
+
+    /**
+     * Sending observe value of resources to thingsboard
+     * #1 Return old Resource from ModelObject
+     * #2 Create new Resource with value from observation
+     * #3 Create new Resources from old Resources
+     * #4 Update new Resources (replace old Resource on new Resource)
+     * #5 Remove old Instance from modelClient
+     * #6 Create new Instance with new Resources values
+     * #7 Update modelClient.getModelObjects(idObject) (replace old Instance on new Instance)
+     *
+     * @param registration - Registration LwM2M Client
+     * @param value        - LwM2mSingleResource response.getContent()
+     * @param values       - LwM2mSingleResource response.getContent()
+     * @param path         - resource
+     */
+    private void onObservationSetResourcesValue(Registration registration, Object value, Map<Integer, ?> values, String path) {
+        ResultIds resultIds = new ResultIds(path);
+        // #1
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(registration.getId());
+        ModelObject modelObject = lwM2MClient.getModelObjects().get(resultIds.getObjectId());
+        Map<Integer, LwM2mObjectInstance> instancesModelObject = modelObject.getInstances();
+        LwM2mObjectInstance instanceOld = (instancesModelObject.get(resultIds.instanceId) != null) ? instancesModelObject.get(resultIds.instanceId) : null;
+        Map<Integer, LwM2mResource> resourcesOld = (instanceOld != null) ? instanceOld.getResources() : null;
+        LwM2mResource resourceOld = (resourcesOld != null && resourcesOld.get(resultIds.getResourceId()) != null) ? resourcesOld.get(resultIds.getResourceId()) : null;
+        // #2
+        LwM2mResource resourceNew;
+        if (resourceOld.isMultiInstances()) {
+            resourceNew = LwM2mMultipleResource.newResource(resultIds.getResourceId(), values, resourceOld.getType());
+        } else {
+            resourceNew = LwM2mSingleResource.newResource(resultIds.getResourceId(), value, resourceOld.getType());
+        }
+        //#3
+        Map<Integer, LwM2mResource> resourcesNew = new HashMap<>(resourcesOld);
+        // #4
+        resourcesNew.remove(resourceOld);
+        // #5
+        resourcesNew.put(resultIds.getResourceId(), resourceNew);
+        // #6
+        LwM2mObjectInstance instanceNew = new LwM2mObjectInstance(resultIds.instanceId, resourcesNew.values());
+        // #7
+        CountDownLatch respLatch = new CountDownLatch(1);
+        lwM2MClient.getModelObjects().get(resultIds.getObjectId()).removeInstance(resultIds.instanceId);
+        instancesModelObject.put(resultIds.instanceId, instanceNew);
+        respLatch.countDown();
+        try {
+            respLatch.await(DEFAULT_TIMEOUT, TimeUnit.MILLISECONDS);
+        } catch (InterruptedException ex) {
+        }
+        Set<String> paths = new HashSet<String>();
+        paths.add(path);
+        this.updateAttrTelemetry(registration, false, paths);
+    }
+
+    /**
+     * @param updateCredentials - Credentials include config only security Client (without config attr/telemetry...)
+     *                          config attr/telemetry... in profile
+     */
+    public void onToTransportUpdateCredentials(ToTransportUpdateCredentialsProto updateCredentials) {
+        log.info("[{}] idList [{}] valueList updateCredentials", updateCredentials.getCredentialsIdList(), updateCredentials.getCredentialsValueList());
+    }
+
+    /**
+     * Update - sent request in change value resources in Client (path to resources from profile by keyName)
+     * Only fo resources  W
+     * Delete - nothing
+     *
+     * @param msg         -
+     * @param sessionInfo -
+     */
+    public void onAttributeUpdate(TransportProtos.AttributeUpdateNotificationMsg msg, SessionInfoProto sessionInfo) {
+        if (msg.getSharedUpdatedCount() > 0) {
+            JsonElement el = JsonConverter.toJson(msg);
+            el.getAsJsonObject().entrySet().forEach(de -> {
+                String profilePath = lwM2mInMemorySecurityStore.getProfiles().get(new UUID(sessionInfo.getDeviceProfileIdMSB(), sessionInfo.getDeviceProfileIdLSB()))
+                        .getPostKeyNameProfile().getAsJsonObject().entrySet().stream()
+                        .filter(e -> e.getValue().getAsString().equals(de.getKey())).findFirst().map(Map.Entry::getKey)
+                        .orElse("");
+                String path = !profilePath.isEmpty() ? profilePath : this.getPathAttributeUpdate(sessionInfo, de.getKey());
+                if (path != null) {
+                    ResultIds resultIds = new ResultIds(path);
+                    LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getSession(new UUID(sessionInfo.getSessionIdMSB(), sessionInfo.getSessionIdLSB())).entrySet().iterator().next().getValue();
+                    ResourceModel.Operations operations = lwM2MClient.getModelObjects().get(resultIds.getObjectId()).getObjectModel().resources.get(resultIds.getResourceId()).operations;
+                    String value = ((JsonPrimitive) de.getValue()).getAsString();
+                    if (operations.isWritable()) {
+                        lwM2MTransportRequest.sendAllRequest(lwM2MClient.getLwServer(), lwM2MClient.getRegistration(), path, POST_TYPE_OPER_WRITE_REPLACE,
+                                ContentFormat.TLV.getName(), lwM2MClient, null, value, this.context.getCtxServer().getTimeout());
+                        log.info("[{}] path onAttributeUpdate", path);
+                    }
+                    else {
+                        log.error(LOG_LW2M_ERROR + ": Resource path - [{}] value - [{}] is not Writable and cannot be updated", path, value);
+                        String logMsg = String.format(LOG_LW2M_ERROR + " attributeUpdate: Resource path - %s value - %s is not Writable and cannot be updated", path, value);
+                        this.sentLogsToThingsboard(logMsg, lwM2MClient.getRegistration().getId());
+                    }
+                }
+            });
+        } else if (msg.getSharedDeletedCount() > 0) {
+            log.info("[{}] delete [{}]  onAttributeUpdate", msg.getSharedDeletedList(), sessionInfo);
+        }
+    }
+
+    private String getPathAttributeUpdate(SessionInfoProto sessionInfo, String keyName) {
+        try {
+            LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getSession(new UUID(sessionInfo.getSessionIdMSB(), sessionInfo.getSessionIdLSB())).entrySet().iterator().next().getValue();
+            Predicate<Map.Entry<Integer, ResourceModel>> predicateRes = res -> keyName.equals(splitCamelCaseString(res.getValue().name));
+            Predicate<Map.Entry<Integer, ModelObject>> predicateObj = (obj -> {
+                return obj.getValue().getObjectModel().resources.entrySet().stream().filter(predicateRes).findFirst().isPresent();
+            });
+            Stream<Map.Entry<Integer, ModelObject>> objectStream = lwM2MClient.getModelObjects().entrySet().stream().filter(predicateObj);
+            Predicate<Map.Entry<Integer, ResourceModel>> predicateResFinal = (objectStream.count() > 0) ? predicateRes : res -> keyName.equals(res.getValue().name);
+            Predicate<Map.Entry<Integer, ModelObject>> predicateObjFinal = (obj -> {
+                return obj.getValue().getObjectModel().resources.entrySet().stream().filter(predicateResFinal).findFirst().isPresent();
+            });
+            Map.Entry<Integer, ModelObject> object = lwM2MClient.getModelObjects().entrySet().stream().filter(predicateObjFinal).findFirst().get();
+            ModelObject modelObject = object.getValue();
+            LwM2mObjectInstance instance = modelObject.getInstances().entrySet().stream().findFirst().get().getValue();
+            ResourceModel resource = modelObject.getObjectModel().resources.entrySet().stream().filter(predicateResFinal).findFirst().get().getValue();
+            return new LwM2mPath(object.getKey(), instance.getId(), resource.id).toString();
+        } catch (NoSuchElementException e) {
+            log.error("[{}] keyName [{}]", keyName, e.toString());
+            return null;
+        }
+    }
+
+    public void onAttributeUpdateOk(Registration registration, String path, WriteRequest request) {
+        ResultIds resultIds = new ResultIds(path);
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(registration.getId());
+        LwM2mResource resource = lwM2MClient.getModelObjects().get(resultIds.getObjectId()).getInstances().get(resultIds.getInstanceId()).getResource(resultIds.getResourceId());
+        if (resource.isMultiInstances()) {
+            this.onObservationSetResourcesValue(registration, null, ((LwM2mSingleResource) request.getNode()).getValues(), path);
+        } else {
+            this.onObservationSetResourcesValue(registration, ((LwM2mSingleResource) request.getNode()).getValue(), null, path);
+        }
+    }
+
+    /**
+     * @param sessionInfo   -
+     * @param deviceProfile -
+     */
+    public void onDeviceProfileUpdate(TransportProtos.SessionInfoProto sessionInfo, DeviceProfile deviceProfile) {
+        String registrationId = lwM2mInMemorySecurityStore.getSessions().entrySet()
+                .stream()
+                .filter(e -> e.getValue().getDeviceUuid().equals(new UUID(sessionInfo.getDeviceIdMSB(), sessionInfo.getDeviceIdLSB())))
+                .findFirst()
+                .map(Map.Entry::getKey)
+                .orElse("");
+        if (!registrationId.isEmpty()) {
+            this.onDeviceUpdateChangeProfile(registrationId, deviceProfile);
+        }
+    }
+
+    /**
+     * @param sessionInfo      -
+     * @param device           -
+     * @param deviceProfileOpt -
+     */
+    public void onDeviceUpdate(TransportProtos.SessionInfoProto sessionInfo, Device device, Optional<DeviceProfile> deviceProfileOpt) {
+        Optional<String> registrationIdOpt = lwM2mInMemorySecurityStore.getSessions().entrySet().stream()
+                .filter(e -> device.getUuidId().equals(e.getValue().getDeviceUuid()))
+                .map(Map.Entry::getKey)
+                .findFirst();
+        registrationIdOpt.ifPresent(registrationId -> this.onDeviceUpdateLwM2MClient(registrationId, device, deviceProfileOpt));
+    }
+
+    /**
+     * Update parameters device in LwM2MClient
+     * If new deviceProfile != old deviceProfile => update deviceProfile
+     *
+     * @param registrationId -
+     * @param device         -
+     */
+    private void onDeviceUpdateLwM2MClient(String registrationId, Device device, Optional<DeviceProfile> deviceProfileOpt) {
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getSessions().get(registrationId);
+        lwM2MClient.setDeviceName(device.getName());
+        if (!lwM2MClient.getProfileUuid().equals(device.getDeviceProfileId().getId())) {
+            deviceProfileOpt.ifPresent(deviceProfile -> this.onDeviceUpdateChangeProfile(registrationId, deviceProfile));
+        }
+    }
+
+    /**
+     * #1 Read new, old Value (Attribute, Telemetry, Observe, KeyName)
+     * #2 Update in lwM2MClient: ...Profile
+     * #3 Equivalence test: old <> new Value (Attribute, Telemetry, Observe, KeyName)
+     * #3.1 Attribute isChange (add&del)
+     * #3.2 Telemetry isChange (add&del)
+     * #3.3 KeyName isChange (add)
+     * #4 update
+     * #4.1 add If #3 isChange, then analyze and update Value in Transport form Client and sent Value ti thingsboard
+     * #4.2 del
+     * -- if  add attributes includes del telemetry - result del for observe
+     * #5
+     * #5.1 Observe isChange (add&del)
+     * #5.2 Observe.add
+     * -- path Attr/Telemetry includes newObserve and does not include oldObserve: sent Request observe to Client
+     * #5.3 Observe.del
+     * -- different between newObserve and oldObserve: sent Request cancel observe to client
+     *
+     * @param registrationId -
+     * @param deviceProfile  -
+     */
+    public void onDeviceUpdateChangeProfile(String registrationId, DeviceProfile deviceProfile) {
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(registrationId);
+        AttrTelemetryObserveValue attrTelemetryObserveValueOld = lwM2mInMemorySecurityStore.getProfiles().get(lwM2MClient.getProfileUuid());
+        if (lwM2mInMemorySecurityStore.addUpdateProfileParameters(deviceProfile)) {
+            LeshanServer lwServer = lwM2MClient.getLwServer();
+            Registration registration = lwM2mInMemorySecurityStore.getByRegistration(registrationId);
+            // #1
+            JsonArray attributeOld = attrTelemetryObserveValueOld.getPostAttributeProfile();
+            Set<String> attributeSetOld = new Gson().fromJson(attributeOld, Set.class);
+            JsonArray telemetryOld = attrTelemetryObserveValueOld.getPostTelemetryProfile();
+            Set<String> telemetrySetOld = new Gson().fromJson(telemetryOld, Set.class);
+            JsonArray observeOld = attrTelemetryObserveValueOld.getPostObserveProfile();
+            JsonObject keyNameOld = attrTelemetryObserveValueOld.getPostKeyNameProfile();
+
+            AttrTelemetryObserveValue attrTelemetryObserveValueNew = lwM2mInMemorySecurityStore.getProfiles().get(deviceProfile.getUuidId());
+            JsonArray attributeNew = attrTelemetryObserveValueNew.getPostAttributeProfile();
+            Set<String> attributeSetNew = new Gson().fromJson(attributeNew, Set.class);
+            JsonArray telemetryNew = attrTelemetryObserveValueNew.getPostTelemetryProfile();
+            Set<String> telemetrySetNew = new Gson().fromJson(telemetryNew, Set.class);
+            JsonArray observeNew = attrTelemetryObserveValueNew.getPostObserveProfile();
+            JsonObject keyNameNew = attrTelemetryObserveValueNew.getPostKeyNameProfile();
+            // #2
+            lwM2MClient.setDeviceProfileName(deviceProfile.getName());
+            lwM2MClient.setProfileUuid(deviceProfile.getUuidId());
+
+            // #3
+            ResultsAnalyzerParameters sentAttrToThingsboard = new ResultsAnalyzerParameters();
+            // #3.1
+            if (!attributeOld.equals(attributeNew)) {
+                ResultsAnalyzerParameters postAttributeAnalyzer = this.getAnalyzerParameters(new Gson().fromJson(attributeOld, Set.class), attributeSetNew);
+                sentAttrToThingsboard.getPathPostParametersAdd().addAll(postAttributeAnalyzer.getPathPostParametersAdd());
+                sentAttrToThingsboard.getPathPostParametersDel().addAll(postAttributeAnalyzer.getPathPostParametersDel());
+            }
+            // #3.2
+            if (!attributeOld.equals(attributeNew)) {
+                ResultsAnalyzerParameters postTelemetryAnalyzer = this.getAnalyzerParameters(new Gson().fromJson(telemetryOld, Set.class), telemetrySetNew);
+                sentAttrToThingsboard.getPathPostParametersAdd().addAll(postTelemetryAnalyzer.getPathPostParametersAdd());
+                sentAttrToThingsboard.getPathPostParametersDel().addAll(postTelemetryAnalyzer.getPathPostParametersDel());
+            }
+            // #3.3
+            if (!keyNameOld.equals(keyNameNew)) {
+                ResultsAnalyzerParameters keyNameChange = this.getAnalyzerKeyName(new Gson().fromJson(keyNameOld.toString(), ConcurrentHashMap.class),
+                        new Gson().fromJson(keyNameNew.toString(), ConcurrentHashMap.class));
+                sentAttrToThingsboard.getPathPostParametersAdd().addAll(keyNameChange.getPathPostParametersAdd());
+            }
+
+            // #4.1 add
+            if (sentAttrToThingsboard.getPathPostParametersAdd().size() > 0) {
+                // update value in Resources
+                this.updateResourceValueObserve(lwServer, registration, lwM2MClient, sentAttrToThingsboard.getPathPostParametersAdd(), GET_TYPE_OPER_READ);
+                // sent attr/telemetry to tingsboard for new path
+                this.updateAttrTelemetry(registration, false, sentAttrToThingsboard.getPathPostParametersAdd());
+            }
+            // #4.2 del
+            if (sentAttrToThingsboard.getPathPostParametersDel().size() > 0) {
+                ResultsAnalyzerParameters sentAttrToThingsboardDel = this.getAnalyzerParameters(sentAttrToThingsboard.getPathPostParametersAdd(), sentAttrToThingsboard.getPathPostParametersDel());
+                sentAttrToThingsboard.setPathPostParametersDel(sentAttrToThingsboardDel.getPathPostParametersDel());
+            }
+
+            // #5.1
+            if (!observeOld.equals(observeNew)) {
+                Set<String> observeSetOld = new Gson().fromJson(observeOld, Set.class);
+                Set<String> observeSetNew = new Gson().fromJson(observeNew, Set.class);
+                //#5.2 add
+                //  path Attr/Telemetry includes newObserve
+                attributeSetOld.addAll(telemetrySetOld);
+                ResultsAnalyzerParameters sentObserveToClientOld = this.getAnalyzerParametersIn(attributeSetOld, observeSetOld); // add observe
+                attributeSetNew.addAll(telemetrySetNew);
+                ResultsAnalyzerParameters sentObserveToClientNew = this.getAnalyzerParametersIn(attributeSetNew, observeSetNew); // add observe
+                // does not include oldObserve
+                ResultsAnalyzerParameters postObserveAnalyzer = this.getAnalyzerParameters(sentObserveToClientOld.getPathPostParametersAdd(), sentObserveToClientNew.getPathPostParametersAdd());
+                //  sent Request observe to Client
+                this.updateResourceValueObserve(lwServer, registration, lwM2MClient, postObserveAnalyzer.getPathPostParametersAdd(), GET_TYPE_OPER_OBSERVE);
+                // 5.3 del
+                //  sent Request cancel observe to Client
+                this.cancelObserveIsValue(lwServer, registration, postObserveAnalyzer.getPathPostParametersDel());
+            }
+        }
+    }
+
+    /**
+     * Compare old list with new list  after change AttrTelemetryObserve in config Profile
+     *
+     * @param parametersOld -
+     * @param parametersNew -
+     * @return ResultsAnalyzerParameters: add && new
+     */
+    private ResultsAnalyzerParameters getAnalyzerParameters(Set<String> parametersOld, Set<String> parametersNew) {
+        ResultsAnalyzerParameters analyzerParameters = null;
+        if (!parametersOld.equals(parametersNew)) {
+            analyzerParameters = new ResultsAnalyzerParameters();
+            analyzerParameters.setPathPostParametersAdd(parametersNew
+                    .stream().filter(p -> !parametersOld.contains(p)).collect(Collectors.toSet()));
+            analyzerParameters.setPathPostParametersDel(parametersOld
+                    .stream().filter(p -> !parametersNew.contains(p)).collect(Collectors.toSet()));
+        }
+        return analyzerParameters;
+    }
+
+    private ResultsAnalyzerParameters getAnalyzerKeyName(ConcurrentMap<String, String> keyNameOld, ConcurrentMap<String, String> keyNameNew) {
+        ResultsAnalyzerParameters analyzerParameters = new ResultsAnalyzerParameters();
+        Set<String> paths = keyNameNew.entrySet()
+                .stream()
+                .filter(e -> !e.getValue().equals(keyNameOld.get(e.getKey())))
+                .collect(Collectors.toMap(map -> map.getKey(), map -> map.getValue())).keySet();
+        analyzerParameters.setPathPostParametersAdd(paths);
+        return analyzerParameters;
+    }
+
+    private ResultsAnalyzerParameters getAnalyzerParametersIn(Set<String> parametersObserve, Set<String> parameters) {
+        ResultsAnalyzerParameters analyzerParameters = new ResultsAnalyzerParameters();
+        analyzerParameters.setPathPostParametersAdd(parametersObserve
+                .stream().filter(p -> parameters.contains(p)).collect(Collectors.toSet()));
+        return analyzerParameters;
+    }
+
+    /**
+     * Update Resource value after change RezAttrTelemetry in config Profile
+     * sent response Read to Client and add path to pathResAttrTelemetry in LwM2MClient.getAttrTelemetryObserveValue()
+     *
+     * @param lwServer     - LeshanServer
+     * @param registration - Registration LwM2M Client
+     * @param lwM2MClient  - object with All parameters off client
+     * @param targets      - path Resources == [ "/2/0/0", "/2/0/1"]
+     */
+    private void updateResourceValueObserve(LeshanServer lwServer, Registration registration, LwM2MClient lwM2MClient, Set<String> targets, String typeOper) {
+        targets.stream().forEach(target -> {
+            ResultIds pathIds = new ResultIds(target);
+            if (pathIds.resourceId >= 0 && lwM2MClient.getModelObjects().get(pathIds.getObjectId())
+                    .getInstances().get(pathIds.getInstanceId()).getResource(pathIds.getResourceId()).getValue() != null) {
+                if (GET_TYPE_OPER_READ.equals(typeOper)) {
+                    lwM2MTransportRequest.sendAllRequest(lwServer, registration, target, typeOper,
+                            ContentFormat.TLV.getName(), null, null, null, this.context.getCtxServer().getTimeout());
+                } else if (GET_TYPE_OPER_OBSERVE.equals(typeOper)) {
+                    lwM2MTransportRequest.sendAllRequest(lwServer, registration, target, typeOper,
+                            null, null, null, null, this.context.getCtxServer().getTimeout());
+                }
+            }
+        });
+    }
+
+    private void cancelObserveIsValue(LeshanServer lwServer, Registration registration, Set<String> paramAnallyzer) {
+        LwM2MClient lwM2MClient = lwM2mInMemorySecurityStore.getlwM2MClient(registration.getId());
+        paramAnallyzer.forEach(p -> {
+                    if (this.getResourceValue(lwM2MClient, p) != null) {
+                        this.setCancelObservationRecourse(lwServer, registration, p);
+                    }
+                }
+        );
+    }
+
+    private ResourceValue getResourceValue(LwM2MClient lwM2MClient, String path) {
+        ResourceValue resourceValue = null;
+        ResultIds pathIds = new ResultIds(path);
+        if (pathIds.getResourceId() > -1) {
+            LwM2mResource resource = lwM2MClient.getModelObjects().get(pathIds.getObjectId()).getInstances().get(pathIds.getInstanceId()).getResource(pathIds.getResourceId());
+            if (resource.isMultiInstances()) {
+                Map<Integer, ?> values = resource.getValues();
+                if (resource.getValues().size() > 0) {
+                    resourceValue = new ResourceValue();
+                    resourceValue.setMultiInstances(resource.isMultiInstances());
+                    resourceValue.setValues(resource.getValues());
+                }
+            } else {
+                if (resource.getValue() != null) {
+                    resourceValue = new ResourceValue();
+                    resourceValue.setMultiInstances(resource.isMultiInstances());
+                    resourceValue.setValue(resource.getValue());
+                }
+            }
+        }
+        return resourceValue;
+    }
+
+    /**
+     * Trigger Server path = "/1/0/8"
+     *
+     * Trigger bootStrap path = "/1/0/9" - have to implemented on client
+     */
+    public void doTrigger(LeshanServer lwServer, Registration registration, String path) {
+        lwM2MTransportRequest.sendAllRequest(lwServer, registration, path, POST_TYPE_OPER_EXECUTE,
+                ContentFormat.TLV.getName(), null, null, null, this.context.getCtxServer().getTimeout());
+    }
+
+    /**
+     * Session device in thingsboard is closed
+     *
+     * @param sessionInfo - lwm2m client
+     */
+    private void doCloseSession(SessionInfoProto sessionInfo) {
+        TransportProtos.SessionEvent event = SessionEvent.CLOSED;
+        TransportProtos.SessionEventMsg msg = TransportProtos.SessionEventMsg.newBuilder()
+                .setSessionType(TransportProtos.SessionType.ASYNC)
+                .setEvent(event).build();
+        transportService.process(sessionInfo, msg, null);
+    }
+
+    /**
+     * Deregister session in transport
+     * @param sessionInfo - lwm2m client
+     */
+    private void doDisconnect(SessionInfoProto sessionInfo) {
+        transportService.process(sessionInfo, DefaultTransportService.getSessionEventMsg(SessionEvent.CLOSED), null);
+        transportService.deregisterSession(sessionInfo);
+    }
+
+    private void checkInactivityAndReportActivity() {
+        lwM2mInMemorySecurityStore.getSessions().forEach((key, value) -> transportService.reportActivity(this.getValidateSessionInfo(key)));
+    }
+
+    public void sentLogsToThingsboard(String msg, String registrationId) {
+        if (msg != null) {
+            JsonObject telemetrys = new JsonObject();
+            telemetrys.addProperty(LOG_LW2M_TELEMETRY, msg);
+            this.updateParametersOnThingsboard(telemetrys, LwM2MTransportHandler.DEVICE_TELEMETRY_TOPIC, registrationId);
+        }
+    }
+
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import lombok.extern.slf4j.Slf4j;
+import org.eclipse.leshan.core.observation.Observation;
+import org.eclipse.leshan.core.response.ObserveResponse;
+import org.eclipse.leshan.server.californium.LeshanServer;
+import org.eclipse.leshan.server.observation.ObservationListener;
+import org.eclipse.leshan.server.queue.PresenceListener;
+import org.eclipse.leshan.server.registration.Registration;
+import org.eclipse.leshan.server.registration.RegistrationListener;
+import org.eclipse.leshan.server.registration.RegistrationUpdate;
+
+import java.util.Collection;
+
+@Slf4j
+public class LwM2mServerListener {
+    private LeshanServer lhServer;
+    private LwM2MTransportService service;
+
+    public LwM2mServerListener(LeshanServer lhServer, LwM2MTransportService service) {
+        this.lhServer = lhServer;
+        this.service = service;
+    }
+
+    public final RegistrationListener registrationListener = new RegistrationListener() {
+        /**
+         * Register – запрос, представленный в виде POST /rd?…
+         */
+        @Override
+        public void registered(Registration registration, Registration previousReg,
+                               Collection<Observation> previousObsersations) {
+
+            service.onRegistered(lhServer, registration, previousObsersations);
+        }
+
+        /**
+         * Update – представляет из себя CoAP POST запрос на URL, полученный в ответ на Register.
+         */
+        @Override
+        public void updated(RegistrationUpdate update, Registration updatedRegistration,
+                            Registration previousRegistration) {
+            service.updatedReg(lhServer, updatedRegistration);
+        }
+
+        /**
+         * De-register (CoAP DELETE) – отправляется клиентом в случае инициирования процедуры выключения.
+         */
+        @Override
+        public void unregistered(Registration registration, Collection<Observation> observations, boolean expired,
+                                 Registration newReg) {
+            service.unReg(registration, observations);
+        }
+
+    };
+
+    public final PresenceListener presenceListener = new PresenceListener() {
+        @Override
+        public void onSleeping(Registration registration) {
+            service.onSleepingDev(registration);
+        }
+
+        @Override
+        public void onAwake(Registration registration) {
+            service.onAwakeDev(registration);
+        }
+    };
+
+    public final ObservationListener observationListener = new ObservationListener() {
+
+        @Override
+        public void cancelled(Observation observation) {
+            log.info("Received notification cancelled from [{}] ", observation.getPath());
+        }
+
+        @Override
+        public void onResponse(Observation observation, Registration registration, ObserveResponse response) {
+            if (registration != null) {
+                try {
+                    service.onObservationResponse(registration, observation.getPath().toString(), response);
+                } catch (java.lang.NullPointerException e) {
+                    log.error(e.toString());
+                }
+            }
+        }
+
+        @Override
+        public void onError(Observation observation, Registration registration, Exception error) {
+            log.error(String.format("Unable to handle notification of [%s:%s]", observation.getRegistrationId(), observation.getPath()), error);
+        }
+
+        @Override
+        public void newObservation(Observation observation, Registration registration) {
+            log.info("Received newObservation from [{}] endpoint  [{}] ", observation.getPath(), registration.getEndpoint());
+        }
+    };
+}

+/**
+ * Copyright © 2016-2020 The Thingsboard Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.thingsboard.server.transport.lwm2m.server;
+
+import lombok.Builder;
+import lombok.Data;
+
+@Data
+public class ResultIds {
+    @Builder.Default
+    int objectId = -1;
+    @Builder.Default
+    int instanceId = -1;
+    @Builder.Default
+    int resourceId = -1;
+
+    public ResultIds (String path) {
+        String[] paths = path.split("/");
+        if (paths != null && paths.length > 1) {
+            this.objectId = (paths.length > 1) ? Integer.parseInt(paths[1]) :  this.objectId;
+            this.instanceId = (paths.length > 2) ? Integer.parseInt(paths[2]) : this.instanceId;
+            this.resourceId = (paths.length > 3) ? Integer.parseInt(paths[3]) : this.resourceId;
+        }
+    }
+}