feat: add support for certificate authentication #12
Conversation
README.md
Outdated
| "", | ||
| "", | ||
| "path/to/client/crt.pem", | ||
| "path/to/client/key.pem", |
There was a problem hiding this comment.
looks like the indenting might be off here? or it's just Github rendering being flaky.
There was a problem hiding this comment.
Ah good catch, thanks!
README.md
Outdated
| "COAP_PSK_ID", | ||
| "COAP_PSK", | ||
| "path/to/client/crt.pem", | ||
| "path/to/client/key.pem", |
coap/coap.go
Outdated
| } | ||
|
|
||
| // Only ECDSA keys are currently supported. | ||
| if !goja.IsUndefined(cc.Argument(3)) && !goja.IsUndefined(cc.Argument(4)) { |
There was a problem hiding this comment.
i take it cc.Argument(3) and cc.Argument(4) are the PSK and PSK-ID? would be nice if this could be an enum or a const that was more human-readable, e.g. ARG_PSK, ARG_PSK_ID or similar.
There was a problem hiding this comment.
Good call -- I'll move all the arg indices up to const 👍🏻
coap/coap.go
Outdated
|
|
||
| // Only ECDSA keys are currently supported. | ||
| if !goja.IsUndefined(cc.Argument(3)) && !goja.IsUndefined(cc.Argument(4)) { | ||
| pemCert, err := os.ReadFile(filepath.Clean(cc.Argument(3).String())) |
There was a problem hiding this comment.
might be worth considering getting the absolute path of the file using filepath.Abs(). i tend to use that to avoid errors related to not found errors related to relative paths.
There was a problem hiding this comment.
hmm what is filepath.Abs() giving us here that filepath.Clean() is not? If provided path is not already absolute it will ultimately just concatenate with the working directory and clean and given that we aren't restricting any file paths here then I don't think that it will actually prevent any errors (i.e. if the relative path supplied is invalid the absolute one will be also).
Updates `xk6-coap` with support for certificate authentication. Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
Updates .gitignore to ignore PEM files to avoid accidentally leaking certs and keys. Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
Updates the simple.js example to specify the now required PSK env vars. Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
Updates README.md to specify the supported authentication mechanisms. Signed-off-by: Daniel Mangum <georgedanielmangum@gmail.com>
hasheddan
force-pushed
the
feat/cert-auth
branch
from
a3706f8
to
a5fbc92
Compare
Updates
xk6-coapwith support for certificate authentication.Signed-off-by: Daniel Mangum georgedanielmangum@gmail.com
Fixes #8