From a03bdc7616d61eb9217ff391c60b6ecd741b3a7f Mon Sep 17 00:00:00 2001 From: Craig Lutgen Date: Wed, 31 Jul 2019 13:04:03 -0500 Subject: [PATCH] Expose server certificate password and client certificate options to MqttServerOptionsBuilder --- .../Client/Options/MqttClientOptionsBuilder.cs | 7 +++++++ .../MQTTnet/Implementations/MqttTcpServerAdapter.cs | 2 +- Source/MQTTnet/Server/IMqttServerCredentials.cs | 6 ++++++ Source/MQTTnet/Server/MqttServerOptionsBuilder.cs | 13 +++++++++++-- .../Server/MqttServerTlsTcpEndpointOptions.cs | 2 ++ 5 files changed, 27 insertions(+), 3 deletions(-) create mode 100644 Source/MQTTnet/Server/IMqttServerCredentials.cs diff --git a/Source/MQTTnet/Client/Options/MqttClientOptionsBuilder.cs b/Source/MQTTnet/Client/Options/MqttClientOptionsBuilder.cs index a7aefd1..65a1ec9 100644 --- a/Source/MQTTnet/Client/Options/MqttClientOptionsBuilder.cs +++ b/Source/MQTTnet/Client/Options/MqttClientOptionsBuilder.cs @@ -139,6 +139,13 @@ namespace MQTTnet.Client.Options return this; } + public MqttClientOptionsBuilder WithCredentials(IMqttClientCredentials credentials) + { + _options.Credentials = credentials; + + return this; + } + public MqttClientOptionsBuilder WithExtendedAuthenticationExchangeHandler(IMqttExtendedAuthenticationExchangeHandler handler) { _options.ExtendedAuthenticationExchangeHandler = handler; diff --git a/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs b/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs index 0e28ad0..8ef8c51 100644 --- a/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs +++ b/Source/MQTTnet/Implementations/MqttTcpServerAdapter.cs @@ -48,7 +48,7 @@ namespace MQTTnet.Implementations throw new ArgumentException("TLS certificate is not set."); } - var tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate); + var tlsCertificate = new X509Certificate2(options.TlsEndpointOptions.Certificate, options.TlsEndpointOptions.Password.Password); if (!tlsCertificate.HasPrivateKey) { throw new InvalidOperationException("The certificate for TLS encryption must contain the private key."); diff --git a/Source/MQTTnet/Server/IMqttServerCredentials.cs b/Source/MQTTnet/Server/IMqttServerCredentials.cs new file mode 100644 index 0000000..5e75be9 --- /dev/null +++ b/Source/MQTTnet/Server/IMqttServerCredentials.cs @@ -0,0 +1,6 @@ +using System; + +public interface IMqttServerCredentials +{ + String Password { get; } +} diff --git a/Source/MQTTnet/Server/MqttServerOptionsBuilder.cs b/Source/MQTTnet/Server/MqttServerOptionsBuilder.cs index 1fcd981..de6b1a0 100644 --- a/Source/MQTTnet/Server/MqttServerOptionsBuilder.cs +++ b/Source/MQTTnet/Server/MqttServerOptionsBuilder.cs @@ -82,9 +82,10 @@ namespace MQTTnet.Server return this; } - public MqttServerOptionsBuilder WithEncryptionCertificate(byte[] value) + public MqttServerOptionsBuilder WithEncryptionCertificate(byte[] value, IMqttServerCredentials password = null) { _options.TlsEndpointOptions.Certificate = value; + _options.TlsEndpointOptions.Password = password; return this; } @@ -94,6 +95,14 @@ namespace MQTTnet.Server return this; } + public MqttServerOptionsBuilder WithClientCertificate(RemoteCertificateValidationCallback validationCallback = null, bool checkCertificateRevocation = false) + { + _options.TlsEndpointOptions.ClientCertificateRequired = true; + _options.TlsEndpointOptions.CheckCertificateRevocation = checkCertificateRevocation; + _options.TlsEndpointOptions.CertificateValidationCallback = validationCallback; + return this; + } + public MqttServerOptionsBuilder WithoutEncryptedEndpoint() { _options.TlsEndpointOptions.IsEnabled = false; @@ -107,7 +116,7 @@ namespace MQTTnet.Server return this; } #endif - + public MqttServerOptionsBuilder WithStorage(IMqttServerStorage value) { _options.Storage = value; diff --git a/Source/MQTTnet/Server/MqttServerTlsTcpEndpointOptions.cs b/Source/MQTTnet/Server/MqttServerTlsTcpEndpointOptions.cs index 282bef9..8d65230 100644 --- a/Source/MQTTnet/Server/MqttServerTlsTcpEndpointOptions.cs +++ b/Source/MQTTnet/Server/MqttServerTlsTcpEndpointOptions.cs @@ -12,6 +12,8 @@ namespace MQTTnet.Server public byte[] Certificate { get; set; } + public IMqttServerCredentials Password { get; set; } + public bool ClientCertificateRequired { get; set; } public bool CheckCertificateRevocation { get; set; }