Pass client Identity in call to BootstrapStore.getBootstrap

[lhotari]

This is the example of the changed interface:

package org.eclipse.leshan.server.bootstrap;

import org.eclipse.leshan.core.request.Identity;

/**
 * A store containing the bootstrap information to be sent to the devices.
 */
public interface BootstrapStore {

    BootstrapConfig getBootstrap(String endpoint, Identity identity);

}

currently the BootstrapStore interface method only contains the String endpoint parameter.

• Identity information is useful for implementing a multi-tenant Bootstrap Server where the endpoint name isn't guaranteed to be unique across multiple tenants.

  • When the identity is provided, it is possible to implement a BootstrapStore that can use the autenticated client's information for looking up the correct information to be used for bootstrapping.

• In LwM2M 1.1, the endpoint name is optional in client initiated bootstrapping In 6.1.3.3. Client Initiated Bootstrap

  The LwM2M Client MAY omit "Endpoint Client Name" if it is equal to the identifier utilized in the security protocol.

  • changing the BootstrapStore interface will also prepare for LwM2M 1.1

[sbernard31]

I don't think the argument about the 1.1 is too strong as the spec say that it can be omitted only if it is equals to the identifier from security protocol. So in this case, we still have an endpoint value for the BootstrapStore API.

The LWM2M spec 1.0 propose severals format to ensure uniqueness of endpoint name :

UUID URN: Identify a device using a Universally Unique IDentifier (UUID). The UUID specifies a valid, hex digit character string as defined in [RFC4122]. The format of the URN is urn:uuid:########-####-####-############

OPS URN: Identify a device using the format "-"

"-" as defined in Section 3.4.4 of [TR-069]. The format of the URN is urn:dev:ops: "-" "-" . OS URN: Identify a device using the format "-" as defined in Section 3.4.4 of [TR-069]. The format of the URN is urn:dev:os: "-". IMEI URN: Identify a device using an International Mobile Equipment Identifiers [3GPP-TS_23.003]. The IMEI URN specifies a valid, 15 digit IMEI. The format of the URN is urn:imei:############### ESN URN: Identify a device using an Electronic Serial Number. The ESN specifies a valid, 8 digit ESN. The format of the URN is urn:esn:######## MEID URN: Identify a device using a Mobile Equipment Identifier. The MEID URN specifies a valid, 14 digit MEID. The format of the URN is urn:meid:############## IMEI-MSISDN URN: Identify a device using a combination of International Mobile Equipment Identifier [3GPP-TS_23.003] and MSISDN. IMEI is 15 digits and MSISDN is 15 digits. The format of the URN is urn:imei-msisdn: ###############-

Anyway, we could add identity to BootstrapStore, if this helps. But keep in mind that even if you will be able to have duplicated endpoint name, you will not be able to have duplicated security credentials. So maybe the benefits will not be so strong ?

Do you plan to provide a PR for this change ?

[lhotari]

The LwM2M 1.1. argument wasn't my actual reason to request this change. I just happened to think that it could be related and making this interface change before Leshan 1.0 could perhaps help in adding LwM2M 1.1 support later.

Yes, I'm aware of the proposals to ensure uniqueness of the endpoint names. In the multi-tenant bootstrap server use case it could be considered a security issue to start controlling the uniqueness of endpoint names across all tenants in the system. The minor threat that there would be is that another tenant could check if some other tenant has registered devices with a specific endpoint name.

It helps to add the Identity parameter to BootstrapStore since that would solve the issue that I am facing with my customer's development team.

Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)

[sbernard31]

Since this is a simple change and PRs cause some legal overhead with my customer, I unfortunately wasn't planning to provide a PR for this change of a few lines of code. (I'm sorry...)

You made several contributions by the past by opening issues. I would have enjoyed you level up by contributing a very small PR :wink:, but I understand your concern I would made the change myself soon.

[sbernard31]

I create a PR #549 for this.

If you have time to have a look ?

[lhotari]

Thanks @sbernard31, it looks good to me.

[sbernard31]

549 is integrated in master.