Thanks to visit codestin.com
Credit goes to github.com

Skip to content

SMQ-3137 - Proxy CoAP using mgate #2222

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Oct 24, 2025
Merged

SMQ-3137 - Proxy CoAP using mgate #2222

merged 10 commits into from
Oct 24, 2025

Conversation

@felixgateru
Copy link
Contributor

@felixgateru felixgateru commented May 7, 2024
edited
Loading

What type of PR is this?

This is a feature because it updates the coap adapter to use mgate to procy plain udp traffic and dtls traffic.

What does this do?

This pr updates the coap adapter to use mgate for proxtying

Which issue(s) does this PR fix/relate to?

Have you included tests for your changes?

No

Did you document any new/modified feature?

No

Notes

@dborovcanin
Copy link
Collaborator

dborovcanin commented Jun 12, 2024

@felixgateru Please resolve conflicts.

@codecov
Copy link

codecov bot commented Sep 8, 2025
edited
Loading

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

Thanks for integrating Codecov - We've got you covered ☂️

@felixgateru felixgateru self-assigned this Sep 9, 2025
@felixgateru felixgateru moved this to 🚧 In Progress in SuperMQ Sep 9, 2025
@felixgateru felixgateru changed the title MG-1963 - Proxy CoAP using mproxy MG-1963 - Proxy CoAP using mgate Sep 9, 2025
@felixgateru felixgateru removed this from SuperMQ Sep 9, 2025
@felixgateru felixgateru changed the title MG-1963 - Proxy CoAP using mgate MG-3137 - Proxy CoAP using mgate Sep 9, 2025
@felixgateru felixgateru changed the title MG-3137 - Proxy CoAP using mgate SMQ-3137 - Proxy CoAP using mgate Sep 9, 2025
@felixgateru felixgateru force-pushed the MG1963-proxy_coap branch 3 times, most recently from e84d707 to c9dcaaa Compare September 18, 2025 13:36
@felixgateru felixgateru marked this pull request as ready for review September 18, 2025 13:49
@felixgateru felixgateru requested a review from a team as a code owner September 18, 2025 13:49
@absmach absmach deleted a comment from davidosodo Sep 23, 2025
@absmach absmach deleted a comment from davidosodo Sep 23, 2025
rodneyosodo
rodneyosodo requested changes Sep 23, 2025
View reviewed changes
docker/.env Outdated
SMQ_COAP_ADAPTER_PORT=5683
SMQ_COAP_ADAPTER_SERVER_CERT=
SMQ_COAP_ADAPTER_SERVER_KEY=
SMQ_COAP_ADAPTER_SERVER_CA_FILE=
Copy link
Contributor

@rodneyosodo rodneyosodo Sep 23, 2025
edited by felixgateru
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • DTLS certs are not mapped inside the container
  • DTLS certs are not correctly inputed
SMQ_COAP_ADAPTER_SERVER_CERT_FILE=""
  • On docker/ssl/Makefile, lets add this so that we can generate CoAP server certs
COAP_GRPC_SERVER_CONF_FILE_NAME=coap-server.conf
COAP_GRPC_SERVER_CN=coap
COAP_GRPC_SERVER_CRT_FILE_NAME=coap-server

coap_grpc_certs:
	$(call gen_grpc_cert,$(COAP_GRPC_SERVER_CRT_FILE_NAME),$(COAP_GRPC_SERVER_CN))
  • We should consider an env variable that enables COAP_DTLS same as GRPC_MTLS

rodneyosodo
rodneyosodo requested changes Sep 24, 2025
View reviewed changes
Copy link
Contributor

@rodneyosodo rodneyosodo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also consider updating the docs repo for this new feature

rodneyosodo
rodneyosodo previously approved these changes Sep 24, 2025
View reviewed changes
Copy link
Contributor

@rodneyosodo rodneyosodo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

arvindh123
arvindh123 requested changes Sep 30, 2025
View reviewed changes
coap/adapter.go
}

clientID := authnRes.GetId()
authzRes, err := svc.channels.Authorize(ctx, &grpcChannelsV1.AuthzReq{
Copy link
Contributor

@arvindh123 arvindh123 Sep 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to remove the channel authorization while unsubscribing ?

supermq/coap/adapter.go

Lines 116 to 128 in 69b849c

authzRes, err := svc.channels.Authorize(ctx, &grpcChannelsV1.AuthzReq{
DomainId: domainID,
ClientId: authnRes.GetId(),
ClientType: policies.ClientType,
Type: uint32(connections.Subscribe),
ChannelId: chanID,
})
if err != nil {
return errors.Wrap(svcerr.ErrAuthorization, err)
}
if !authzRes.Authorized {
return svcerr.ErrAuthorization
}

arvindh123
arvindh123 requested changes Sep 30, 2025
View reviewed changes
Copy link
Contributor

@arvindh123 arvindh123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we

@felixgateru felixgateru force-pushed the MG1963-proxy_coap branch 3 times, most recently from 5a2c870 to 549f259 Compare October 6, 2025 10:15
rodneyosodo
rodneyosodo previously approved these changes Oct 16, 2025
View reviewed changes
@drasko
Copy link
Contributor

drasko commented Oct 16, 2025

@dborovcanin, please review and let's merge

@felixgateru
feat: use mgate to proxy coap with dtls
3354e85 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
refactor: update with updates to mgate
771463a 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
refactor: add health check topic handling
c7e5578 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
feat: mount coap dtls certs to container
b3f8a0a 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
fix(Makefile): add coap_dtls_certs to make all target
5b257af 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
refactor: update tracing middleware
ff4ffec 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
fix(adapter.go): fix typo
1877e91 
Signed-off-by: Felix Gateru <[email protected]>
@felixgateru
refactor(adapter.go): remove channel authz on unsubscribe
073bf56 
Signed-off-by: Felix Gateru <[email protected]>
dborovcanin
dborovcanin requested changes Oct 24, 2025
View reviewed changes
coap/handler.go Outdated
Comment on lines 29 to 32
LogInfoSubscribed = "subscribed with client_id %s to topics %s"
LogInfoConnected = "connected with client_id %s"
LogInfoDisconnected = "disconnected client_id %s and username %s"
LogInfoPublished = "published with client_id %s to the topic %s"
Copy link
Collaborator

@dborovcanin dborovcanin Oct 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't export unless necessary. Also, add fmt suffix to indicate this is format. Like subscribedInfoFmt, connectedInfoFmt...

docker/ssl/.gitignore Outdated
*conf
client.crt
client.key
*coap-server*
Copy link
Collaborator

@dborovcanin dborovcanin Oct 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove.

@dborovcanin dborovcanin merged commit dc0df1c into absmach:main Oct 24, 2025
6 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dborovcanin dborovcanin dborovcanin requested changes

@arvindh123 arvindh123 arvindh123 requested changes

@rodneyosodo rodneyosodo rodneyosodo left review comments

Assignees

@felixgateru felixgateru

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature: Support for CoAP with DTLS

5 participants

@felixgateru @dborovcanin @drasko @rodneyosodo @arvindh123