fix: Username may be required when MQTT cert authentication (#1215)

* fix: Username may be required when MQTT cert authentication Signed-off-by: ancientxu <ancientxu@gmail.com>
edgexfoundry · Nov 6, 2022 · 1bb3010 · 1bb3010
1 parent 69f97d0
commit 1bb3010
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/pkg/secure/mqttfactory.go b/pkg/secure/mqttfactory.go
@@ -82,9 +82,12 @@ func (factory MqttFactory) configureMQTTClientForAuth(secretData *messaging.Secr
 		InsecureSkipVerify: factory.skipCertVerify,
 		MinVersion:         tls.VersionTLS12,
 	}
+	// Username may be required when cert authentication
+	if secretData.Username != "" {
+		factory.opts.SetUsername(secretData.Username)
+	}
 	switch factory.authMode {
 	case messaging.AuthModeUsernamePassword:
-		factory.opts.SetUsername(secretData.Username)
 		factory.opts.SetPassword(secretData.Password)
 	case messaging.AuthModeCert:
 		cert, err = tls.X509KeyPair(secretData.CertPemBlock, secretData.KeyPemBlock)

diff --git a/pkg/secure/mqttfactory_test.go b/pkg/secure/mqttfactory_test.go
@@ -20,10 +20,10 @@
 package secure
 
 import (
+	mqtt "github.com/eclipse/paho.mqtt.golang"
 	"os"
 	"testing"
 
-	"github.com/eclipse/paho.mqtt.golang"
 	bootstrapContainer "github.com/edgexfoundry/go-mod-bootstrap/v2/bootstrap/container"
 	"github.com/edgexfoundry/go-mod-bootstrap/v2/bootstrap/messaging"
 	"github.com/edgexfoundry/go-mod-bootstrap/v2/di"
@@ -143,7 +143,7 @@ func TestConfigureMQTTClientForAuthWithCACert(t *testing.T) {
 
 	require.NoError(t, err)
 	assert.NotNil(t, target.opts.TLSConfig.RootCAs)
-	assert.Empty(t, target.opts.Username)
+	assert.Equal(t, target.opts.Username, "Username")
 	assert.Empty(t, target.opts.Password)
 	assert.Nil(t, target.opts.TLSConfig.Certificates)
 }
@@ -159,7 +159,7 @@ func TestConfigureMQTTClientForAuthWithClientCert(t *testing.T) {
 		CaPemBlock:   []byte(testCACert),
 	})
 	require.NoError(t, err)
-	assert.Empty(t, target.opts.Username)
+	assert.Equal(t, target.opts.Username, "Username")
 	assert.Empty(t, target.opts.Password)
 	assert.NotNil(t, target.opts.TLSConfig.Certificates)
 	assert.NotNil(t, target.opts.TLSConfig.RootCAs)
@@ -177,7 +177,7 @@ func TestConfigureMQTTClientForAuthWithClientCertNoCA(t *testing.T) {
 	})
 
 	require.NoError(t, err)
-	assert.Empty(t, target.opts.Username)
+	assert.Equal(t, target.opts.Username, messaging.SecretUsernameKey)
 	assert.Empty(t, target.opts.Password)
 	assert.NotNil(t, target.opts.TLSConfig.Certificates)
 	assert.Nil(t, target.opts.TLSConfig.RootCAs)