Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide more specific error for failures during MQTT WS handshake #562

Open
1 of 2 tasks
NickDarvey opened this issue Apr 26, 2024 · 3 comments · Fixed by #563
Open
1 of 2 tasks

Provide more specific error for failures during MQTT WS handshake #562

NickDarvey opened this issue Apr 26, 2024 · 3 comments · Fixed by #563
Labels
CRT/IoT feature-request A feature should be added or improved. p2 This is a standard priority issue

Comments

@NickDarvey
Copy link

Describe the feature

mqtt5_client_builder.websockets_with_default_aws_signing(...) raises a AWS_ERROR_HTTP_CALLBACK_FAILURE for both network errors and misconfiguration.

Use Case

For example, if I have a misconfigured client (like I connect with invalid client TLS details, or with a client identifier which I'm not authorized), I'd like to know about it so I can terminate the process because it's never going to connect. If it's a network issue, I'd like to let the MQTT client continue retrying to connect.

Proposed Solution

aws-crt-python/source/mqtt5_client.c

Lines 720 to 721 in c11a554

/* TODO: Translate Python exception to aws error. In the meantime here's a catch-all. */
error_code = AWS_ERROR_HTTP_CALLBACK_FAILURE;

:)

Using AwsCredentialProvider.get_credentials(...) I get AWS_IO_TLS_ERROR_NEGOTIATION_FAILURE and AWS_AUTH_CREDENTIALS_PROVIDER_HTTP_STATUS_FAILURE for the misconfigurations mentioned above, and AWS_IO_DNS_QUERY_FAILED and AWS_IO_DNS_INVALID_NAME for network issues.

Other Information

No response

Acknowledgements

  • I may be able to implement this feature request
  • This feature might incur a breaking change
@NickDarvey NickDarvey added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Apr 26, 2024
@jmklix jmklix added the CRT/IoT label Apr 29, 2024
@bretambrose bretambrose mentioned this issue Apr 29, 2024
Merged
@jmklix jmklix added p2 This is a standard priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Apr 29, 2024
@jmklix jmklix linked a pull request Apr 29, 2024 that will close this issue
Pass CRT error, if it exists, into completion function #563
Merged
@NickDarvey
Copy link
Author

@bretambrose, I've updated to awscrt==0.20.10; awsiotsdk==1.21.5.

Unfortunately, I still get just one kind of error, though it's a different one now!

AWS_AUTH_SIGNING_NO_CREDENTIALS: Attempt to sign an http request without credentials

I get this error if I have no internet, but I also get the same error if I use an invalid client_id with mqtt_builder.websockets_with_default_aws_signing (that is a client_id for which I don't have the right IAM permissions).

Should I open a new issue for this?

@bretambrose
Copy link
Contributor

That is the expected error that will be returned with any failure to source credentials for websocket handshake signing. I dont think it should be returned on a IAM policy failure though; I'll look into that when I can.

@bretambrose bretambrose reopened this May 24, 2024
@bretambrose
Copy link
Contributor

I am not able to repro:

If I remove connect permissions from my IAM policy, the connection attempt fails with AWS_ERROR_MQTT5_CONNACK_CONNECTION_REFUSED: Remote endpoint rejected the CONNECT attempt by returning an unsuccessful CONNACK

If I use good credentials but target the wrong account, the connection attempt fails with AWS_ERROR_HTTP_WEBSOCKET_UPGRADE_FAILURE: Failed to upgrade HTTP connection to Websocket

Both of these are accurate/expected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
CRT/IoT feature-request A feature should be added or improved. p2 This is a standard priority issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Pass CRT error, if it exists, into completion function awslabs/aws-crt-python
3 participants
@bretambrose @jmklix @NickDarvey