mirror of
https://github.com/absmach/supermq.git
synced 2026-06-23 07:00:25 +00:00
b1ackd0t
b3e2f41194
* WIP: alarms service * fix(alarms): remove rule entity since it is not stored here Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * test(alarms): add tests cases for invalid alarms * feat(alarms): add authorization * feat(alarms): add docker deployment files Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix: update go mod file * feat(alarms): support filtering by resolved_by, updated_by and severity Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * style: fix linter errors Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): provide correct otel naming for create alarm Fixes https://github.com/absmach/magistrala/pull/106#discussion_r2030151971 Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): group routes appropriately Resolves https://github.com/absmach/magistrala/pull/106#discussion_r2030160891 Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): extract alarm id from url path rather than query params Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): add all status to help in decoding Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * style(alarms): maintain consistent import as naming for supermq api package Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * refactor(alarms): update supermq dependecy to the latest Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): Add domains gRPC service config to alarms service Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * test(alarms): all CRUD operations from the service Return empty results instead of nil This standardizes error responses across alarm endpoints to return empty result structs rather than nil. Also renames entityReq to alarmReq and adds HTTP status codes for created/deleted alarms. Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * test(alarms): fix failing tests due to introduction of context on sdk Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): remove channel id Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): standardize error handling across CRUD operations Updated error responses to use specific repository errors for consistency Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): add assignment fields to Alarm model and database Introduced AssignedAt and AssignedBy fields to the Alarm struct and updated the database schema accordingly. Enhanced the UpdateAlarm function to handle these new fields, ensuring proper assignment tracking in the alarms system. Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): enhance Alarm model with measurement attributes Updated the Alarm struct to include Measurement, Value, Unit, and Cause fields. Modified the validation logic to ensure these fields are present. Adjusted logging and tracing middleware to reflect the new attributes. Updated database schema and related functions to accommodate these changes, ensuring comprehensive alarm data management. Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): consume events from pubsub for creation of alarms Removed session dependencies from CreateAlarm method and enhanced alarm validation to ensure all required fields are present Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * style(alarms): add newline at the end of docker compose Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): Add assignee id and metadata fields when consuming messages Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): add acknowledged field Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): Add threshold value for the specific measurement Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): Add channel, thing, and subtopic fields to Alarm model This change adds required fields for tracking alarm sources and reorganizes alarm-related fields for better grouping. Alarms now track the channel, thing, and subtopic that triggered them, along with domain and rule info. Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * test(alarms): add service layer tests Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): consume created at from message rather than creating it Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): ready alarm as a gob encoded object Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): read alarms from alarms queue and remove transformer g Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): update version of supermq Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * feat(alarms): add gob transformer Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): rename thing id to client id Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): create alarms stream Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): check on logic to create new alarm create new alarm if severity, status, subtopic changes enhance logging with additional details for alarms management Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * remove conusmer and use pubsub Signed-off-by: Rodney Osodo <socials@rodneyosodo.com> * fix(alarms): use build tags for rabbitmq and nats * fix(alarms): add health and metrics endpoint * fix(magistrala): use supermq as build flags to see version and commit * fix(alarms): use js config * fix(alarms): remove validation when updating an alarm fix authorization too --------- Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
325 lines
9.9 KiB
Go
325 lines
9.9 KiB
Go
// Copyright (c) Abstract Machines
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package sdk
|
|
|
|
import (
|
|
"context"
|
|
"crypto/aes"
|
|
"crypto/cipher"
|
|
"crypto/rand"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"strings"
|
|
|
|
apiutil "github.com/absmach/supermq/api/http/util"
|
|
"github.com/absmach/supermq/pkg/errors"
|
|
smqSDK "github.com/absmach/supermq/pkg/sdk"
|
|
)
|
|
|
|
const (
|
|
configsEndpoint = "clients/configs"
|
|
bootstrapEndpoint = "clients/bootstrap"
|
|
whitelistEndpoint = "clients/state"
|
|
bootstrapCertsEndpoint = "clients/configs/certs"
|
|
bootstrapConnEndpoint = "clients/configs/connections"
|
|
secureEndpoint = "secure"
|
|
)
|
|
|
|
// BootstrapConfig represents Configuration entity. It wraps information about external entity
|
|
// as well as info about corresponding SuperMQ entities.
|
|
// MGClient represents corresponding SuperMQ Client ID.
|
|
// MGKey is key of corresponding SuperMQ Client.
|
|
// MGChannels is a list of SuperMQ Channels corresponding SuperMQ Client connects to.
|
|
type BootstrapConfig struct {
|
|
Channels interface{} `json:"channels,omitempty"`
|
|
ExternalID string `json:"external_id,omitempty"`
|
|
ExternalKey string `json:"external_key,omitempty"`
|
|
ClientID string `json:"client_id,omitempty"`
|
|
ClientSecret string `json:"client_secret,omitempty"`
|
|
Name string `json:"name,omitempty"`
|
|
ClientCert string `json:"client_cert,omitempty"`
|
|
ClientKey string `json:"client_key,omitempty"`
|
|
CACert string `json:"ca_cert,omitempty"`
|
|
Content string `json:"content,omitempty"`
|
|
State int `json:"state,omitempty"`
|
|
}
|
|
|
|
func (ts *BootstrapConfig) UnmarshalJSON(data []byte) error {
|
|
var rawData map[string]json.RawMessage
|
|
if err := json.Unmarshal(data, &rawData); err != nil {
|
|
return err
|
|
}
|
|
|
|
if channelData, ok := rawData["channels"]; ok {
|
|
var stringData []string
|
|
if err := json.Unmarshal(channelData, &stringData); err == nil {
|
|
ts.Channels = stringData
|
|
} else {
|
|
var channels []smqSDK.Channel
|
|
if err := json.Unmarshal(channelData, &channels); err == nil {
|
|
ts.Channels = channels
|
|
} else {
|
|
return fmt.Errorf("unsupported channel data type")
|
|
}
|
|
}
|
|
}
|
|
|
|
if err := json.Unmarshal(data, &struct {
|
|
ExternalID *string `json:"external_id,omitempty"`
|
|
ExternalKey *string `json:"external_key,omitempty"`
|
|
ClientID *string `json:"client_id,omitempty"`
|
|
ClientSecret *string `json:"client_secret,omitempty"`
|
|
Name *string `json:"name,omitempty"`
|
|
ClientCert *string `json:"client_cert,omitempty"`
|
|
ClientKey *string `json:"client_key,omitempty"`
|
|
CACert *string `json:"ca_cert,omitempty"`
|
|
Content *string `json:"content,omitempty"`
|
|
State *int `json:"state,omitempty"`
|
|
}{
|
|
ExternalID: &ts.ExternalID,
|
|
ExternalKey: &ts.ExternalKey,
|
|
ClientID: &ts.ClientID,
|
|
ClientSecret: &ts.ClientSecret,
|
|
Name: &ts.Name,
|
|
ClientCert: &ts.ClientCert,
|
|
ClientKey: &ts.ClientKey,
|
|
CACert: &ts.CACert,
|
|
Content: &ts.Content,
|
|
State: &ts.State,
|
|
}); err != nil {
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (sdk mgSDK) AddBootstrap(ctx context.Context, cfg BootstrapConfig, domainID, token string) (string, errors.SDKError) {
|
|
data, err := json.Marshal(cfg)
|
|
if err != nil {
|
|
return "", errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s/%s", sdk.bootstrapURL, domainID, configsEndpoint)
|
|
|
|
headers, _, sdkerr := sdk.processRequest(ctx, http.MethodPost, url, token, data, nil, http.StatusOK, http.StatusCreated)
|
|
if sdkerr != nil {
|
|
return "", sdkerr
|
|
}
|
|
|
|
id := strings.TrimPrefix(headers.Get("Location"), "/clients/configs/")
|
|
|
|
return id, nil
|
|
}
|
|
|
|
func (sdk mgSDK) Bootstraps(ctx context.Context, pm PageMetadata, domainID, token string) (BootstrapPage, errors.SDKError) {
|
|
endpoint := fmt.Sprintf("%s/%s", domainID, configsEndpoint)
|
|
url, err := sdk.withQueryParams(sdk.bootstrapURL, endpoint, pm)
|
|
if err != nil {
|
|
return BootstrapPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
_, body, sdkerr := sdk.processRequest(ctx, http.MethodGet, url, token, nil, nil, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return BootstrapPage{}, sdkerr
|
|
}
|
|
|
|
var bb BootstrapPage
|
|
if err = json.Unmarshal(body, &bb); err != nil {
|
|
return BootstrapPage{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return bb, nil
|
|
}
|
|
|
|
func (sdk mgSDK) Whitelist(ctx context.Context, clientID string, state int, domainID, token string) errors.SDKError {
|
|
if clientID == "" {
|
|
return errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
|
|
data, err := json.Marshal(BootstrapConfig{State: state})
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, whitelistEndpoint, clientID)
|
|
|
|
_, _, sdkerr := sdk.processRequest(ctx, http.MethodPut, url, token, data, nil, http.StatusCreated, http.StatusOK)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mgSDK) ViewBootstrap(ctx context.Context, id, domainID, token string) (BootstrapConfig, errors.SDKError) {
|
|
if id == "" {
|
|
return BootstrapConfig{}, errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, configsEndpoint, id)
|
|
|
|
_, body, err := sdk.processRequest(ctx, http.MethodGet, url, token, nil, nil, http.StatusOK)
|
|
if err != nil {
|
|
return BootstrapConfig{}, err
|
|
}
|
|
|
|
var bc BootstrapConfig
|
|
if err := json.Unmarshal(body, &bc); err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return bc, nil
|
|
}
|
|
|
|
func (sdk mgSDK) UpdateBootstrap(ctx context.Context, cfg BootstrapConfig, domainID, token string) errors.SDKError {
|
|
if cfg.ClientID == "" {
|
|
return errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, configsEndpoint, cfg.ClientID)
|
|
|
|
data, err := json.Marshal(cfg)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
_, _, sdkerr := sdk.processRequest(ctx, http.MethodPut, url, token, data, nil, http.StatusOK)
|
|
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mgSDK) UpdateBootstrapCerts(ctx context.Context, id, clientCert, clientKey, ca, domainID, token string) (BootstrapConfig, errors.SDKError) {
|
|
if id == "" {
|
|
return BootstrapConfig{}, errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, bootstrapCertsEndpoint, id)
|
|
request := BootstrapConfig{
|
|
ClientCert: clientCert,
|
|
ClientKey: clientKey,
|
|
CACert: ca,
|
|
}
|
|
|
|
data, err := json.Marshal(request)
|
|
if err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
_, body, sdkerr := sdk.processRequest(ctx, http.MethodPatch, url, token, data, nil, http.StatusOK)
|
|
if sdkerr != nil {
|
|
return BootstrapConfig{}, sdkerr
|
|
}
|
|
|
|
var bc BootstrapConfig
|
|
if err := json.Unmarshal(body, &bc); err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return bc, nil
|
|
}
|
|
|
|
func (sdk mgSDK) UpdateBootstrapConnection(ctx context.Context, id string, channels []string, domainID, token string) errors.SDKError {
|
|
if id == "" {
|
|
return errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, bootstrapConnEndpoint, id)
|
|
request := map[string][]string{
|
|
"channels": channels,
|
|
}
|
|
data, err := json.Marshal(request)
|
|
if err != nil {
|
|
return errors.NewSDKError(err)
|
|
}
|
|
|
|
_, _, sdkerr := sdk.processRequest(ctx, http.MethodPut, url, token, data, nil, http.StatusOK)
|
|
return sdkerr
|
|
}
|
|
|
|
func (sdk mgSDK) RemoveBootstrap(ctx context.Context, id, domainID, token string) errors.SDKError {
|
|
if id == "" {
|
|
return errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, domainID, configsEndpoint, id)
|
|
|
|
_, _, err := sdk.processRequest(ctx, http.MethodDelete, url, token, nil, nil, http.StatusNoContent)
|
|
return err
|
|
}
|
|
|
|
func (sdk mgSDK) Bootstrap(ctx context.Context, externalID, externalKey string) (BootstrapConfig, errors.SDKError) {
|
|
if externalID == "" {
|
|
return BootstrapConfig{}, errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s", sdk.bootstrapURL, bootstrapEndpoint, externalID)
|
|
|
|
_, body, err := sdk.processRequest(ctx, http.MethodGet, url, smqSDK.ClientPrefix+externalKey, nil, nil, http.StatusOK)
|
|
if err != nil {
|
|
return BootstrapConfig{}, err
|
|
}
|
|
|
|
var bc BootstrapConfig
|
|
if err := json.Unmarshal(body, &bc); err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return bc, nil
|
|
}
|
|
|
|
func (sdk mgSDK) BootstrapSecure(ctx context.Context, externalID, externalKey, cryptoKey string) (BootstrapConfig, errors.SDKError) {
|
|
if externalID == "" {
|
|
return BootstrapConfig{}, errors.NewSDKError(apiutil.ErrMissingID)
|
|
}
|
|
url := fmt.Sprintf("%s/%s/%s/%s", sdk.bootstrapURL, bootstrapEndpoint, secureEndpoint, externalID)
|
|
|
|
encExtKey, err := bootstrapEncrypt([]byte(externalKey), cryptoKey)
|
|
if err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
_, body, sdkErr := sdk.processRequest(ctx, http.MethodGet, url, smqSDK.ClientPrefix+encExtKey, nil, nil, http.StatusOK)
|
|
if sdkErr != nil {
|
|
return BootstrapConfig{}, sdkErr
|
|
}
|
|
|
|
decBody, decErr := bootstrapDecrypt(body, cryptoKey)
|
|
if decErr != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(decErr)
|
|
}
|
|
var bc BootstrapConfig
|
|
if err := json.Unmarshal(decBody, &bc); err != nil {
|
|
return BootstrapConfig{}, errors.NewSDKError(err)
|
|
}
|
|
|
|
return bc, nil
|
|
}
|
|
|
|
func bootstrapEncrypt(in []byte, cryptoKey string) (string, error) {
|
|
block, err := aes.NewCipher([]byte(cryptoKey))
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
ciphertext := make([]byte, aes.BlockSize+len(in))
|
|
iv := ciphertext[:aes.BlockSize]
|
|
|
|
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
|
|
return "", err
|
|
}
|
|
stream := cipher.NewCFBEncrypter(block, iv)
|
|
stream.XORKeyStream(ciphertext[aes.BlockSize:], in)
|
|
return hex.EncodeToString(ciphertext), nil
|
|
}
|
|
|
|
func bootstrapDecrypt(in []byte, cryptoKey string) ([]byte, error) {
|
|
ciphertext := in
|
|
|
|
block, err := aes.NewCipher([]byte(cryptoKey))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if len(ciphertext) < aes.BlockSize {
|
|
return nil, err
|
|
}
|
|
iv := ciphertext[:aes.BlockSize]
|
|
ciphertext = ciphertext[aes.BlockSize:]
|
|
stream := cipher.NewCFBDecrypter(block, iv)
|
|
stream.XORKeyStream(ciphertext, ciphertext)
|
|
return ciphertext, nil
|
|
}
|