Support storing application level info with authenticated peer's principal #1014
Conversation
Signed-off-by: Kai Hudalla <kai.hudalla@bosch-si.com>
|
@boaks please wait with merging, I need to check something first ... |
3728107 to
d6921b0
Compare
|
@boaks ok, all set. I forgot to commit my latest changes ;-) |
| @@ -1,5 +1,5 @@ | |||
| /******************************************************************************* | |||
| * Copyright (c) 2015, 2018 Institute for Pervasive Computing, ETH Zurich and others. | |||
| * Copyright (c) 2015, 2019 Institute for Pervasive Computing, ETH Zurich and others. | |||
There was a problem hiding this comment.
I feel this class should not be modified but you find a unused import so why not :)
| @@ -984,6 +991,7 @@ protected final void handshakeStarted() throws HandshakeException { | |||
| } | |||
|
|
|||
| protected final void sessionEstablished() throws HandshakeException { | |||
| amendPeerPrincipal(); | |||
There was a problem hiding this comment.
I don't kown if amendPeerPrincipal shoud be in or out the if block 🤔
| import java.security.PrivateKey; | ||
| import java.security.PublicKey; | ||
| import java.security.cert.X509Certificate; | ||
| import java.util.ArrayList; | ||
| import java.util.Collections; |
| @@ -984,6 +991,7 @@ protected final void handshakeStarted() throws HandshakeException { | |||
| } | |||
|
|
|||
| protected final void sessionEstablished() throws HandshakeException { | |||
| amendPeerPrincipal(); | |||
There was a problem hiding this comment.
I assume, that amendPeerPrincipal should only be called once per handshake. To ensure that, consider to move it after
if (!sessionEstablished) {
sessionEstablished = true;
There was a problem hiding this comment.
just out of curiosity: under what circumstances will sessionEstablished be already be true when this method is invoked?
There was a problem hiding this comment.
Your right. It was introduced to ensure, that this doesn't happen accidentally (may be in the future).
May be we convert that into an exception, but after 2.0.0-M16 .
There was a problem hiding this comment.
Does this mean that I should keep the method invocation at its current position?
There was a problem hiding this comment.
If you want, you could keep it there.
I would still prefer to move it.
|
Is there a intended use-case, which requires the public |
No, there isn't. Thanks for pointing this out. I will make them private or remove them altogether ... |
|
The most could be removed, only one private with the most parameter is required. |
d6921b0 to
1f096de
Compare
The Principal instances created by Scandium when a client has been authenticated contain only the authentication identifier used by the client, e.g. the PSK identity or the client cert subject DN. However, applications will often map the (technical) authentication identifier used at the DTLS level to a logical application level identifier which is used to refer to the client. The ApplicationLevelInfoSupplier can be implemented by applications to provide additional application level information for the (technical) Principal created by Scandium. This additional information can then used when processing CoAP requests in applications. Signed-off-by: Kai Hudalla <kai.hudalla@bosch-si.com>
1f096de to
5aa226e
Compare
|
@boaks I have moved the amendPeerPrincipal method ... |
No description provided.