Connection methods

samples/README.md

@@ -5,6 +5,10 @@
 * [Mqtt5 Pub-Sub](./mqtt5/mqtt5_pubsub/README.md)
 * [Mqtt5 Shared Subscription](./mqtt5/mqtt5_shared_subscription/README.md)
 * [Websocket Connect](./mqtt/websocket_connect/README.md)
+* [Websocket Connect/custom auth](./mqtt/websocket_connect/README_custom_auth.md)
+* [Websocket Connect/username and password](./mqtt/websocket_connect/README_username_password.md)
+* [Websocket Connect/proxy](./mqtt/websocket_connect/README_proxy.md)
+* [Websocket Connect/static credentials](./mqtt/websocket_connect/README_static_credentials.md)
 * [PKCS#11 Connect](./mqtt/pkcs11_connect/README.md)
 * [PKCS#12 Connect](./mqtt/pkcs12_connect/README.md)
 * [x509 Credentials Provider Connect](./mqtt/x509_credentials_provider_connect/README.md)

samples/mqtt/websocket_connect/README.md

@@ -2,7 +2,18 @@
 
 [**Return to main sample list**](../../README.md)
 
-This sample makes an MQTT connection via Websockets and then disconnects. On startup, the device connects to the server via Websockets and then disconnects right after. This sample is for reference on connecting via Websockets. This sample demonstrates the most straightforward way to connect via Websockets by querying the AWS credentials for the connection from the device's environment variables or local files.
+This sample makes an MQTT connection via Websockets and then disconnects.
+On startup, the device connects to the server via Websockets and then disconnects right after.
+This sample is for reference on connecting via Websockets.
+This sample demonstrates the most straightforward way to connect via Websockets by querying the AWS credentials for the connection from the device's environment variables or local files.
+
+If you want to use custom auth (or static creds, or basic auth, etc) instead,
+then you will need to replace part of the sample (connection\_setup function) with a code snippet we provided in its corresponding readme.
+
+* [Websocket Connect/custom auth](./README_custom_auth.md)
+* [Websocket Connect/username and password](./README_username_password.md)
+* [Websocket Connect/proxy](./README_proxy.md)
+* [Websocket Connect/static credentials](./README_static_credentials.md)
 
 Your IoT Core Thing's [Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) must provide privileges for this sample to connect. Below is a sample policy that can be used on your IoT Core Thing that will allow this sample to run as intended.
 

samples/mqtt/websocket_connect/README_custom_auth.md

@@ -0,0 +1,94 @@
+# Websocket Connect with Custom Authentication
+
+[**Return to main sample list**](../../README.md)
+
+This sample makes an MQTT connection via Websockets and then disconnects.
+On startup, the device connects to the server via Websockets then disconnects right after.
+This sample demonstrates connecting via custom auth authorizer username, 
+password and tokens
+
+If you want to use simple or custom auth (or static creds, or basic auth, etc) instead,
+then you will need to replace part of the sample (connection\_setup function) with a code snippet we provided in its corresponding readme.
+
+* [Websocket Connect/simple_auth](./README.md)
+* [Websocket Connect/username and password](./README_username_password.md)
+* [Websocket Connect/proxy](./README_proxy.md)
+* [Websocket Connect/static credentials](./README_static_credentials.md)
+
+Your IoT Core Thing's [Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) must provide privileges for this sample to connect. Below is a sample policy that can be used on your IoT Core Thing that will allow this sample to run as intended.
+
+<details>
+<summary>(see sample policy)</summary>
+<pre>
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iot:Connect"
+      ],
+      "Resource": [
+        "arn:aws:iot:<b>region</b>:<b>account</b>:client/test-*"
+      ]
+    }
+  ]
+}
+</pre>
+
+
+Replace with the following with the data from your AWS account:
+* `<region>`: The AWS IoT Core region where you created your AWS IoT Core thing you wish to use with this sample. For example `us-east-1`.
+* `<account>`: Your AWS IoT Core account ID. This is the set of numbers in the top right next to your AWS account name when using the AWS IoT Core website.
+
+Note that in a real application, you may want to avoid the use of wildcards in your ClientID or use them selectively. Please follow best practices when working with AWS on production applications using the SDK. Also, for the purposes of this sample, please make sure your policy allows a client ID of `test-*` to connect or use `--client_id <client ID here>` to send the client ID your policy supports.
+
+For this sample, using Websockets will attempt to connect using custom auth.
+
+</details>
+
+<details>
+<summary> (code snipet to replace similar section)</summary>
+<pre language="c++"> <code>
+void connection_setup(int argc, char *argv[], ApiHandle &apiHandle, Utils::cmdData &cmdData,
+    Aws::Iot::MqttClientConnectionConfigBuilder &clientConfigBuilder)
+{
+    cmdData = Utils::parseSampleInputCustomAuthorizerConnect(argc, argv, &apiHandle);
+
+    // Create the MQTT builder and populate it with data from cmdData.
+    Aws::Crt::Auth::CredentialsProviderChainDefaultConfig defaultConfig;
+    std::shared_ptr<Aws::Crt::Auth::ICredentialsProvider> provider =
+        Aws::Crt::Auth::CredentialsProvider::CreateCredentialsProviderChainDefault(defaultConfig);
+    Aws::Iot::WebsocketConfig websocketConfig((cmdData.input_signingRegion), provider);
+
+    clientConfigBuilder = Aws::Iot::MqttClientConnectionConfigBuilder(websocketConfig);
+    clientConfigBuilder.WithEndpoint((cmdData.input_endpoint));
+    clientConfigBuilder.WithCustomAuthorizer(
+        (cmdData.input_customAuthUsername),
+        (cmdData.input_customAuthorizerName),
+        (cmdData.input_customAuthorizerSignature),
+        (cmdData.input_customAuthPassword),
+        (cmdData.input_customTokenKeyName),
+        (cmdData.input_customTokenValue));
+}
+</code><pre>
+</details>
+
+## How to run
+
+Options for custom auth
+```
+--custom_auth_username <str>
+--custom_auth_authorizer_name <str>
+--custom_auth_authorizer_signature <str>
+--custom_auth_password <str>
+--custom_auth_token_name <str>
+--custom_auth_token_value <str>
+```
+
+To run the websocket connect use the following command:
+
+```
+./websocket-connect --endpoint <endpoint> --signing_region <signing region>
+```
+

samples/mqtt/websocket_connect/README_proxy.md

@@ -0,0 +1,108 @@
+# Websocket Connect with Proxy
+
+[**Return to main sample list**](../../README.md)
+
+This sample makes an MQTT connection via Websockets and then disconnects.
+On startup, the device connects to the server via Websockets and then disconnects right after.
+This sample is for reference on connecting via Websockets using a proxy.
+This sample demonstrates conneting via Websockets using a proxy serverb.
+
+If you want to use simple or custom auth (or static creds, or basic auth, etc) instead,
+then you will need to replace part of the sample (connection\_setup function) with a code snippet we provided in its corresponding readme.
+
+* [Websocket Connect/simple_auth](./README.md)
+* [Websocket Connect/custom auth](./README_custom_auth.md)
+* [Websocket Connect/username and password](./README_username_password.md)
+* [Websocket Connect/static credentials](./README_static_credentials.md)
+
+Your IoT Core Thing's [Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) must provide privileges for this sample to connect. Below is a sample policy that can be used on your IoT Core Thing that will allow this sample to run as intended.
+
+<details>
+<summary>(see sample policy)</summary>
+<pre>
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iot:Connect"
+      ],
+      "Resource": [
+        "arn:aws:iot:<b>region</b>:<b>account</b>:client/test-*"
+      ]
+    }
+  ]
+}
+</pre>
+
+Replace with the following with the data from your AWS account:
+* `<region>`: The AWS IoT Core region where you created your AWS IoT Core thing you wish to use with this sample. For example `us-east-1`.
+* `<account>`: Your AWS IoT Core account ID. This is the set of numbers in the top right next to your AWS account name when using the AWS IoT Core website.
+
+Note that in a real application, you may want to avoid the use of wildcards in your ClientID or use them selectively. Please follow best practices when working with AWS on production applications using the SDK. Also, for the purposes of this sample, please make sure your policy allows a client ID of `test-*` to connect or use `--client_id <client ID here>` to send the client ID your policy supports.
+
+For this sample, using Websockets will attempt to fetch the AWS credentials to authorize the connection from a proxy server.
+
+</details>
+
+<details>
+<summary> (code snipet to replace the connection_setup function)</summary>
+<pre language="c++"> <code>
+void connection_setup(int argc, char *argv[], ApiHandle &apiHandle, Utils::cmdData &cmdData,
+             Aws::Iot::MqttClientConnectionConfigBuilder &clientConfigBuilder)
+{
+    Utils::cmdData cmdData = Utils::parseSampleInputWebsocketConnect(argc, argv, &apiHandle);
+
+    std::shared_ptr<Aws::Crt::Auth::ICredentialsProvider> provider = nullptr;
+    Aws::Crt::Auth::CredentialsProviderChainDefaultConfig defaultConfig;
+    provider = Aws::Crt::Auth::CredentialsProvider::CreateCredentialsProviderChainDefault(defaultConfig);
+    if (!provider)
+    {
+        fprintf(stderr, "Failure to create credentials provider!\n");
+        exit(-1);
+    }
+    Aws::Iot::WebsocketConfig config(cmdData.input_signingRegion, provider);
+    clientConfigBuilder = Aws::Iot::MqttClientConnectionConfigBuilder(config);
+    if (cmdData.input_ca != "")
+    {
+        clientConfigBuilder.WithCertificateAuthority(cmdData.input_ca.c_str());
+    }
+    if (cmdData.input_proxyHost == "")
+    {
+        fprintf(stderr, "proxy address missing!\n");
+        exit(-1);
+    }
+    Aws::Crt::Http::HttpClientConnectionProxyOptions proxyOptions;
+    proxyOptions.HostName = cmdData.input_proxyHost;
+    proxyOptions.Port = static_cast<uint16_t>(cmdData.input_proxyPort);
+    proxyOptions.AuthType = Aws::Crt::Http::AwsHttpProxyAuthenticationType::None;
+    clientConfigBuilder.WithHttpProxyOptions(proxyOptions);
+
+    if (cmdData.input_port != 0)
+    {
+        clientConfigBuilder.WithPortOverride(static_cast<uint16_t>(cmdData.input_port));
+    }
+    clientConfigBuilder.WithEndpoint(cmdData.input_endpoint);
+}
+</code>
+</pre>
+</details>
+
+## How to run
+
+Options for connecting through an HTTP proxy
+```
+--proxy_host <str>
+--proxy_port <int>
+```
+
+To run the websocket connect use the following command:
+
+``` sh
+./websocket-connect --endpoint <endpoint> --signing_region <signing region>
+```
+
+
+
+

samples/mqtt/websocket_connect/README_static_credentials.md

@@ -0,0 +1,93 @@
+# Websocket Connect with static credentials
+
+[**Return to main sample list**](../../README.md)
+
+This sample makes an MQTT connection via Websockets and then disconnects. On startup, the device connects to the server via Websockets and then disconnects right after. This sample is for reference on connecting via Websockets. This sample demonstrates the most straightforward way to connect via Websockets by querying the AWS credentials for the connection from the device's environment variables or local files.
+
+This sample makes an MQTT connection via Websockets and then disconnects.
+On startup, the device connects to the server via Websockets then disconnects right after.
+This sample demonstrates connecting via static credentials.
+
+If you want to use simple or custom auth (or static creds, or basic auth, etc) instead,
+then you will need to replace part of the sample (connection\_setup function) with a code snippet we provided in its corresponding readme.
+
+* [Websocket Connect/simple_auth](./README.md)
+* [Websocket Connect/username and password](./README_username_password.md)
+* [Websocket Connect/proxy](./README_proxy.md)
+* [Websocket Connect/custom auth](./README_custom_auth.md)
+
+Your IoT Core Thing's [Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html) must provide privileges for this sample to connect. Below is a sample policy that can be used on your IoT Core Thing that will allow this sample to run as intended.
+
+<details>
+<summary>(see sample policy)</summary>
+<pre>
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iot:Connect"
+      ],
+      "Resource": [
+        "arn:aws:iot:<b>region</b>:<b>account</b>:client/test-*"
+      ]
+    }
+  ]
+}
+</pre>
+
+Replace with the following with the data from your AWS account:
+* `<region>`: The AWS IoT Core region where you created your AWS IoT Core thing you wish to use with this sample. For example `us-east-1`.
+* `<account>`: Your AWS IoT Core account ID. This is the set of numbers in the top right next to your AWS account name when using the AWS IoT Core website.
+
+Note that in a real application, you may want to avoid the use of wildcards in your ClientID or use them selectively. Please follow best practices when working with AWS on production applications using the SDK. Also, for the purposes of this sample, please make sure your policy allows a client ID of `test-*` to connect or use `--client_id <client ID here>` to send the client ID your policy supports.
+
+For this sample, using Websockets will attempt to fetch the AWS credentials to authorize the connection from static credentials.
+
+</details>
+
+
+<details>
+<summary> (code snipet to replace similar section)</summary>
+<pre>
+<pre language="c++"> <code>
+void connection_setup(int argc, char *argv[], ApiHandle &apiHandle, Utils::cmdData &cmdData,
+    Aws::Iot::MqttClientConnectionConfigBuilder &clientConfigBuilder)
+{
+    cmdData = Utils::parseSampleInputWebsocketStaticCredentialsConnect(argc, argv, &apiHandle);
+
+    Aws::Crt::Auth::CredentialsProviderChainDefaultConfig defaultConfig;
+
+    std::shared_ptr<Aws::Crt::Auth::ICredentialsProvider> provider = nullptr;
+    Aws::Crt::Auth::CredentialsProviderStaticConfig providerConfig;
+
+    providerConfig.AccessKeyId = aws_byte_cursor_from_c_str((cmdData.input_accessKeyId.c_str()));
+    providerConfig.SecretAccessKey = aws_byte_cursor_from_c_str((cmdData.input_secretAccessKey.c_str()));
+    providerConfig.SessionToken = aws_byte_cursor_from_c_str((cmdData.input_sessionToken.c_str()));
+
+    provider = Aws::Crt::Auth::CredentialsProvider::CreateCredentialsProviderStatic(providerConfig);
+    Aws::Iot::WebsocketConfig config(cmdData.input_signingRegion, provider);
+
+    clientConfigBuilder = Aws::Iot::MqttClientConnectionConfigBuilder(config);
+    clientConfigBuilder.WithEndpoint((cmdData.input_endpoint));
+}
+</code>
+</pre>
+</details>
+
+## How to run
+
+Options for static credentials
+```
+--access_key_id <str>
+--secret_access_key <str>
+--session_token <str>
+```
+
+To run the websocket connect use the following command:
+
+``` sh
+./websocket-connect --endpoint <endpoint> --signing_region <signing region>
+```
+