Add mandatoryTags to YAML authorization file #2
Description
The ApplicationsAuthManager works as expected but the current implementation allows to forward messages everywhere using any credentials defined in the YAML authorization file.
For example its currently possible to forward messages to clients connected with the credentials of application1 with the credentials of application2.
applications:
-
key: application1
secret: 7UxuWw3ZcFBW85U2rdtjKZeStMHKVAzf8jpqkb5eAPBkd37F2sz4x3WS3GnMk7gq
authorizeOpen: true
- key: application2
secret: Kmrw5apmzmQMseAttckp6e7APeCDVtL58QzSPaKqqdHUF469hfhWyue3ns363kn5
authorizeOpen: falseTo prevent credentials of application2 to allows message sendings to clients connected with the credentials of application1 we propose a new mandatoryTags property.
Here is an example.
applications:
-
key: application1
secret: 7UxuWw3ZcFBW85U2rdtjKZeStMHKVAzf8jpqkb5eAPBkd37F2sz4x3WS3GnMk7gq
authorizeOpen: true
mandatoryTags:
-
applicationName: application1
- key: application2
secret: Kmrw5apmzmQMseAttckp6e7APeCDVtL58QzSPaKqqdHUF469hfhWyue3ns363kn5
authorizeOpen: falseThis will force clients using the first credentials to specify an applicationName tag with the application1 value, otherwise connection and message sending will fail.
Also the consequence will be that all the clients will be forced to use the same applicationName tag value and we can be sure the messages will always be forwarded only to the application1 clients.