auth: move PSK handling to samples

- move system settings into samples - add PSK support to hardcoded_credentials module - remove PSK handling in system_client - update samples to use the same auth for consistency Signed-off-by: Sam Friedman <[email protected]>
golioth · Jul 16, 2023 · 2fd3874 · 2fd3874
1 parent 200b4fb
commit 2fd3874
Show file tree

Hide file tree

Showing 30 changed files with 1,090 additions and 344 deletions.
diff --git a/.github/workflows/twister_dfu_nrf52840dk.yml b/.github/workflows/twister_dfu_nrf52840dk.yml
@@ -44,8 +44,8 @@ jobs:
   # For item 5, the file needs to have contents like (use base64 encoding):
   #
   # export GOLIOTH_SYSTEM_SERVER_HOST=coap.golioth.dev
-  # export GOLIOTH_SYSTEM_CLIENT_PSK_ID=device_psk_id@ci
-  # export GOLIOTH_SYSTEM_CLIENT_PSK=device_psk
+  # export GOLIOTH_SAMPLE_HARDCODED_PSK_ID=device_psk_id@ci
+  # export GOLIOTH_SAMPLE_HARDCODED_PSK=device_psk
   # export GOLIOTH_SAMPLE_WIFI_SSID=golioth-runner-xxx
   # export GOLIOTH_SAMPLE_WIFI_PSK=password_for_wifi
   # export GOLIOTH_DEVICE_NAME=nrf52840dk

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -118,14 +118,14 @@ pre-commit:
 # - GOLIOTH_SYSTEM_SERVER_HOST: used to setup 'golioth' Python script (in this job script) and by device firmware
 # - GOLIOTH_SYSTEM_SERVER_API_PORT: used to setup 'golioth' Python script (in this job script)
 #
-# - GOLIOTH_SYSTEM_CLIENT_PSK_ID: used by device firmware
-# - GOLIOTH_SYSTEM_CLIENT_PSK: used by device firmware
+# - GOLIOTH_SAMPLE_HARDCODED_PSK_ID: used by device firmware
+# - GOLIOTH_SAMPLE_HARDCODED_PSK: used by device firmware
 #
 # It is also assumed that a self-hosted goliothd is used and there is no authentication required by
 # 'golioth' Python script at api URL http://${GOLIOTH_SYSTEM_SERVER_HOST}:${GOLIOTH_SYSTEM_SERVER_API_PORT}.
 #
 # Project with id ${GOLIOTH_PROJECT_ID} needs to exist and device with ${GOLIOTH_DEVICE_NAME} name
-# needs to be provisioned with ${GOLIOTH_SYSTEM_CLIENT_PSK_ID} and ${GOLIOTH_SYSTEM_CLIENT_PSK} as
+# needs to be provisioned with ${GOLIOTH_SAMPLE_HARDCODED_PSK_ID} and ${GOLIOTH_SAMPLE_HARDCODED_PSK} as
 # DTLS credentials.
 #
 twister-qemu-goliothd:

diff --git a/include/net/golioth/system_client.h b/include/net/golioth/system_client.h
@@ -27,6 +27,11 @@ void golioth_system_client_start(void);
  */
 void golioth_system_client_stop(void);
 
+/**
+ * @brief Restart Golioth system client
+ */
+void golioth_system_client_request_reconnect(void);
+
 /**
  * @brief Get pointer to Golioth system client instance
  */

diff --git a/net/golioth/Kconfig b/net/golioth/Kconfig
@@ -242,22 +242,6 @@ config GOLIOTH_SYSTEM_SERVER_PORT
 	help
 	  Defines port number of Golioth server.
 
-if GOLIOTH_AUTH_METHOD_PSK
-
-config GOLIOTH_SYSTEM_CLIENT_PSK_ID
-	string "PSK ID"
-	depends on !GOLIOTH_SYSTEM_SETTINGS
-	help
-	  Defines PSK ID used during DTLS handshake with Golioth server.
-
-config GOLIOTH_SYSTEM_CLIENT_PSK
-	string "PSK"
-	depends on !GOLIOTH_SYSTEM_SETTINGS
-	help
-	  Defines PSK used during DTLS handshake with Golioth server.
-
-endif # GOLIOTH_AUTH_METHOD_PSK
-
 if GOLIOTH_AUTH_METHOD_CERT
 
 config GOLIOTH_SYSTEM_CLIENT_CA_PATH
@@ -303,15 +287,6 @@ config GOLIOTH_SYSTEM_CLIENT_RX_BUF_SIZE
 	  Size of receive buffer, which is used for reading data from network
 	  socket.
 
-config GOLIOTH_SYSTEM_SETTINGS
-	bool "Load credentials from persistent settings"
-	default y
-	depends on GOLIOTH_AUTH_METHOD_PSK
-	depends on SETTINGS
-	help
-	  When selected, Golioth credentials will be loaded from settings
-	  subsystem.
-
 endif # GOLIOTH_SYSTEM_CLIENT
 
 endif # GOLIOTH