Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Access Token option addition to libcoap #1435

Open
Prashaanth06 opened this issue Jun 5, 2024 · 1 comment
Open

Access Token option addition to libcoap #1435

Prashaanth06 opened this issue Jun 5, 2024 · 1 comment

Comments

@Prashaanth06
Copy link

Is your feature request related to a problem? Please describe.

Right now I am trying to set the access token in client side so that I can use the same access token in server side and perform a curl request. When I investigated I found there is this api coap_pdu_get_token() results a token that will not be useful for me because in coap_pdu_t there are 2 member variables actual_token which is associated with coap_pdu_get_token but I want to access the uint_8 token member variable inside the coap pdu. I didn't find any option nor a api to do that.

Describe the solution you would like

If we add a option called COAP_OPTION_ACCESS_TOKEN which can be set in client side and used in server side would be a good fit.

Describe alternatives you have considered

I am trying to use the COAP_OPTION_URI_QUERY for this it should work but developers may get confused.

If there are any other existing alternative for this let me know.

@obgm
Copy link
Owner

obgm commented Jun 5, 2024

To clarify: The token in a CoAP message is used to match a CoAP response to the CoAP request that has triggered this reponse. By this, it is inherently tied to the CoAP messaging layer.
According to your description it seems that you want to try to pass an authorization token (sometimes inaccurately called access token) for some application protocol. This is transparent to CoAP and therefore, libcoap has no direct support for this (although you can retrieve the token in the CoAP PDU in the request handler to achieve what you are trying to do). Your scenario warrants for using a POST request to convey your token.

As a side note: There is a series of IETF specifications that detail how to use CoAP (or other REST-friendly transport protocols) to not only transfer authorization tokens but also create a security association between communication peers based on this token. This is described in RFC 9200 ff. There is also an implementation of the DTLS profile based on libcoap.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants