eclipse-uprotocol
diff --git a/‎DESIGN.adoc‎
Lines changed: 77 additions & 0 deletions b/‎DESIGN.adoc‎
Lines changed: 77 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 34 additions & 102 deletions b/‎README.md‎
Lines changed: 34 additions & 102 deletions
diff --git a/‎src/lib.rs‎
Lines changed: 61 additions & 7 deletions b/‎src/lib.rs‎
Lines changed: 61 additions & 7 deletions
@@ -0,0 +1,77 @@
+= Implementation Design
+:toc: preamble
+:sectnums:
+
+----
+SPDX-FileCopyrightText: 2024 Contributors to the Eclipse Foundation
+
+See the NOTICE file(s) distributed with this work for additional
+information regarding copyright ownership.
+
+This program and the accompanying materials are made available under
+the terms of the Apache License Version 2.0 which is available at
+https://www.apache.org/licenses/LICENSE-2.0
+ 
+SPDX-FileType: DOCUMENTATION
+SPDX-License-Identifier: Apache-2.0
+----
+
+== Overview
+
+This document contains information regarding some design decisions made for the implementation of the transport.
+
+[.specitem,oft-sid="dsn~utransport-send-ignore-priority~1",oft-covers="req~utransport-send-qos-mapping~1"]
+== Message Priority Mapping
+
+The MQTT 5 standard does not define any mechanism for message prioritization. All messages are being processed with the same priority.
+Consequently, the MQTT 5 transport provided by this crate simply ignores the service class set on a uProtocol message being sent.
+
+[.specitem,oft-sid="dsn~utransport-supported-message-delivery~1",oft-covers="req~utransport-delivery-methods~1",oft-needs="impl,utest"]
+== Message Delivery
+
+All messages are being received by means of subscribing to relevant topics on the MQTT broker and delivering the messages to listeners that have been registered via `up_rust::UTransport::register_listener`.
+The transport spawns a dedicated [tokio task](https://tokio.rs/tokio/tutorial/spawning#tasks) that listens for incoming messages and dispatches them to the registered listeners on the same thread that the message handling task runs on.
+
+Rationale:
+The MQTT 5 standard does not provide means to poll the broker for messages but only supports the push model by means of clients subscribing to topic filters.
+
+The transport requires a tokio runtime to execute but does not make any implicit assumption regarding the availability and size of thread pools. This provides for flexibility regarding the environment that the transport can be deployed to but also requires application developers to take care when implementing message listeners, making sure to not block the transport's incoming message handler when processing a dispatched message.
+
+[.specitem,oft-sid="dsn~mqtt5-transport-authorization~1",oft-covers="req~utransport-registerlistener-prevent-unauthorized-access~1,req~utransport-send-prevent-address-spoofing~1",oft-needs="impl,utest"]
+## Authorization
+
+This crate provides an implementation of the uProtocol Transport Layer API. This API can be used by client code (uEntities) for sending and/or receiving messages to/from other uEntities. In general, this crate **does not** impose any restrictions on a message's source and sink addresses when handling messages. In particular, the crate itself **does not** verify a uEntity's _identity_ nor checks a uEntity's _authority_ to send and/or receive messages using particular addresses (UUris).
+
+However, the transport implementation provided by this crate supports the configuration of client credentials (username/password and/or X.509 certificate) for authenticating to an MQTT 5 broker during connection establishment.
+
+When a uEntity using this transport tries to connect to a broker using invalid credentials, the broker will return an MQTT _CONNACK_ packet including a corresponding _Reason Code_ back to the client (see section 3.2.2.2 of the MQTT 5 specification for details). This transport's function for connecting to the broker will fail with a `UStatus` error having a `UCode` as defined in <<Mapping of MQTT 5 Reason Codes to UCodes>>.
+
+Most MQTT brokers allow the configuration of _Access Control Lists_ (ACL), which can be used to restrict a client identity's access to certain MQTT topic patterns only. Given a set of ACLs for a uEntity using this transport implementation:
+
+1. When the uEntity tries to send a message using a source and/or sink address which map to an MQTT topic that the client is not authorized to publish to, the broker will return an MQTT _PUBACK_ packet including a corresponding failure _Reason Code_ to the client (see section 3.4.2.1 of the MQTT 5 specification for details).
+2. When a uEntity tries to subscribe to messages using a source and/or sink address pattern which results in an MQTT topic that the client is not authorized to subscribe to, the broker will return a corresponding _Reason Code_ in its MQTT _SUBACK_ packet sent back to the client (see section 3.9.3 of the MQTT 5 specification for details).
+
+The transport implementation will fail the invoked function with a `UStatus` error having a `UCode` as defined in <<Mapping of MQTT 5 Reason Codes to UCodes>>.
+
+[#reason-code-mapping]
+[.specitem,oft-sid="dsn~mapping-of-reason-codes~1",oft-needs="impl,utest"]
+## Mapping of MQTT 5 Reason Codes to UCodes
+
+This transport maps Reason Codes from MQTT 5 packets to uProtocol `UCode`s as follows
+
+[width="50%",cols="1,2"]
+|===
+| Reason Code | UCode
+
+|`0x86`|`UNAUTHENTICATED`
+|`0x87`|`PERMISSION_DENIED`
+|`0x88`|`UNAVAILABLE`
+|`0x89`|`UNAVAILABLE`
+|`0x8C`|`UNAUTHENTICATED`
+|`0x96`|`RESOURCE_EXHAUSTED`
+|`0x97`|`RESOURCE_EXHAUSTED`
+|`0x9F`|`RESOURCE_EXHAUSTED`
+|`0xA0`|`RESOURCE_EXHAUSTED`
+|===
+
+All other (error) reason codes > 0x80 are mapped to `INTERNAL`.
@@ -4,6 +4,18 @@ This library provides a Rust based implementation of the [MQTT 5 uProtocol Trans
 
 ## Getting Started
 
+Add the following to the `[dependencies]` section of your `Cargo.toml` file:
+
+```toml
+[dependencies]
+up-rust = { version = "0.9" }
+up-transport-mqtt5 = { version = "0.4" }
+```
+
+Please refer to [the crate's Rust Docs](https://docs.rs/up-transport-mqtt5/) and the [examples](./examples/) folder to see how to configure and use the transport.
+
+## Building from Source
+
 ### Clone the Repository
 
 ```sh
@@ -34,116 +46,36 @@ cargo test
 
 ### Running the Examples
 
-The example shows how the transport can be used to publish uProtocol messages from one uEntity and consume these messages on another uEntity.
+The examples show how the transport can be used to publish uProtocol messages from one uEntity and consume these messages on another uEntity.
 
 1. Start the Eclipse Mosquitto MQTT broker using Docker Compose:
 
-```bash
-docker compose -f tests/mosquitto/docker-compose.yaml up --detach
-```
-
-2. Run the Subscriber
-
-The Subscriber supports configuration via command line options and/or environment variables:
-
-```bash
-cargo run --example subscriber_example -- --help
-```
-
-Run the Subscriber with options appropriate for your MQTT broker. When using the Mosquitto broker started via Docker Compose, then the defaults should work:
-
-```bash
-cargo run --example subscriber_example
-```
-
-3. Run the Publisher
-
-The Publisher supports configuration via command line options and/or environment variables:
-
-```bash
-cargo run --example publisher_example -- --help
-```
-
-Run the Publisher with options appropriate for your MQTT broker. When using the Mosquitto broker started via Docker Compose, then the defaults should work:
-
-```bash
-cargo run --example publisher_example
-```
-
-## Using the Library
-
-Most developers will want to create an instance of the *Mqtt5Transport* struct and use it with the Communication Level API and its default implementation
-which are provided by the *up-rust* library.
-
-The libraries need to be added to the `[dependencies]` section of the `Cargo.toml` file:
-
-```toml
-[dependencies]
-up-rust = { version = "0.9" }
-up-transport-mqtt5 = { version = "0.4" }
-```
-
-Please refer to the [publisher_example](./examples/publisher_example.rs) and [subscriber_example](./examples/subscriber_example.rs) to see how to initialize and use the transport.
-
-The library contains the following modules:
-
-| Module    | uProtocol Specification                                                                                 | Purpose                                                                                                   |
-| --------- | ------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
-| transport | [uP-L1 Specifications](https://github.com/eclipse-uprotocol/up-spec/blob/v1.6.0-alpha.7/up-l1/README.adoc) | Implementation of MQTT5 uTransport client used for bidirectional point-2-point communication between uEs. |
-
-### Supported Message Priority Levels
-`uman~utransport-send-ignore-priority~1`
-
-The `Mqtt5Transport::send` function always uses a standard MQTT 5 PUBLISH packet to transfer the message to the MQTT broker regardless of the service class set on a uProtocol message.
-
-Covers:
-- req~utransport-send-qos-mapping~1
-
-### Supported Message Delivery Methods
-`uman~utransport-supported-message-delivery~1`
-
-The MQTT 5 transport provided by this crate supports the [push delivery method](https://github.com/eclipse-uprotocol/up-spec/blob/v1.6.0-alpha.7/up-l1/README.adoc#5-message-delivery) only.
-The `Mqtt5Transport::receive` function therefore always returns `UCode::UNIMPLEMENTED`.
-
-Covers:
-- `req~utransport-delivery-methods~1`
-
-### Maximum number of listeners
-`uman~max-listeners-configuration~1`
-
-The MQTT 5 transport provided by this crate can be configured with the maximum number of filter patterns that listeners can be registered for by means of the `MqttTransportOptions` struct that is being passed into `Mqtt5Transport::new`.
-Please refer to the [API Documentation](https://docs.rs/up-transport-mqtt5/) for details.
-
-Covers:
-- `req~utransport-registerlistener-max-listeners~1`
-
-### Known Limitations
-
-The crate currently does not use the proper UCode to indicate authorization problems when sending messages or registering listeners.
-
-## Design
-
-### Message Priority Mapping
-`dsn~utransport-send-ignore-priority~1`
+   ```bash
+   docker compose -f tests/mosquitto/docker-compose.yaml up --detach
+   ```
 
-The MQTT 5 standard does not define any mechanism for message prioritization. All messages are being processed with the same priority.
-Consequently, the MQTT 5 transport provided by this crate simply ignores the service class set on a uProtocol message being sent.
+2. Run the Subscriber with options appropriate for your MQTT broker.
+   When using the Mosquitto broker started via Docker Compose, then the defaults should work:
 
-Covers:
-- `req~utransport-send-qos-mapping~1`
+   ```bash
+   cargo run --example subscriber_example
+   ```
 
-### Message Delivery
-`dsn~utransport-supported-message-delivery~1`
+   The Subscriber also supports configuration via command line options and/or environment variables:
 
-All messages are being received by means of subscribing to relevant topics on the MQTT broker and delivering the messages to listeners that have been registered via `up_rust::UTransport::register_listener`.
-The transport spawns a dedicated [tokio task](https://tokio.rs/tokio/tutorial/spawning#tasks) that listens for incoming messages and dispatches them to the registered listeners on the same thread that the message handling task runs on.
+   ```bash
+   cargo run --example subscriber_example -- --help
+   ```
 
-Rationale:
-The MQTT 5 standard does not provide means to poll the broker for messages but only supports the push model by means of clients subscribing to topic filters.
+3. Run the Publisher with options appropriate for your MQTT broker.
+   When using the Mosquitto broker started via Docker Compose, then the defaults should work:
 
-The transport requires a tokio runtime to execute but does not make any implicit assumption regarding the availability and size of thread pools. This provides for flexibility regarding the environment that the transport can be deployed to but also requires application developers to take care when implementing message listeners, making sure to not block the transport's incoming message handler when processing a dispatched message.
+   ```bash
+   cargo run --example publisher_example
+   ```
 
-Covers:
-- `req~utransport-delivery-methods~1`
+   The Publisher also supports configuration via command line options and/or environment variables:
 
-Needs: impl, utest
+   ```bash
+   cargo run --example publisher_example -- --help
+   ```
@@ -12,7 +12,7 @@
  ********************************************************************************/
 
 /*!
-This crate provides an implementation of the MQTT 5 uProtocol Transport.
+This crate provides an implementation of the [uProtocol MQTT 5 Transport v1.6.0-alpha.7](https://github.com/eclipse-uprotocol/up-spec/blob/v1.6.0-alpha.7/up-l1/mqtt_5.adoc).
 
 The transport requires an MQTT 5 broker to connect to and uses MQTT 5 `PUBLISH`
 packets to transfer uProtocol messages between uEntities.
@@ -27,8 +27,23 @@ processing requirements of the use case at hand. The transport does
 not make any implicit assumptions about the number of threads available
 and does not spawn any threads itself.
 
+## Using the Library
+
+Most developers will want to create an instance of the [Mqtt5Transport] struct and use it with uProtocol's Communication Layer API and its default implementation which are provided by the *up-rust* library. The crate also provides an implementation of [uProtocol's Transport & Session Layer API](up_rust::UTransport) which can be used to send and receive arbitrary (uProtocol) messages regardless of any message exchange patterns as imposed by the Communication Layer API.
+
+The libraries need to be added to the `[dependencies]` section of the `Cargo.toml` file:
+
+```toml
+[dependencies]
+up-rust = { version = "0.9" }
+up-transport-mqtt5 = { version = "0.4" }
+```
+
+Please refer to the [examples](https://github.com/eclipse-uprotocol/up-transport-mqtt5-rust/tree/v0.4.0/examples) folder to see how to initialize and use the transport.
+
 [tokio `Runtime`]: https://docs.rs/tokio/latest/tokio/runtime/index.html
 */
+
 use std::collections::HashSet;
 use std::sync::Arc;
 
@@ -42,6 +57,8 @@ use mqtt_client::MqttClientOperations;
 pub use mqtt_client::{MqttClientOptions, SslOptions};
 use paho_mqtt::{self as mqtt, Message, QOS_1};
 use tokio::{sync::RwLock, task::JoinHandle};
+#[allow(unused_imports)]
+use up_rust::UTransport;
 use up_rust::{ComparableListener, UAttributes, UCode, UMessage, UStatus, UUri, UUriError};
 
 mod listener_registry;
@@ -311,17 +328,50 @@ fn verify_authority_name<S: Into<String>>(authority: S) -> Result<String, UStatu
 ///
 /// The transport spawns a dedicated tokio task that listens for incoming messages
 /// and dispatches them to the listeners that have been registered using
-/// `up_rust::UTransport::register_listener`.
+/// [up_rust::UTransport::register_listener].
 ///
 /// <div class="warning">
 ///
 /// The registered listeners are being invoked sequentially on the **same thread**
 /// that the message handling task runs on. Implementers of listeners are therefore
 /// **strongly advised** to move non-trivial processing logic to **another/dedicated
-/// thread**, if necessary. Please refer to the `subscriber_example` in the
-/// examples directory for how this could be done.
+/// thread**, if necessary. Please refer to the *subscriber_example* in the
+/// *examples* folder for how this could be done.
 ///
 /// </div>
+///
+/// ### Supported Message Priority Levels
+///
+/// The [Self::send] function always uses a standard MQTT 5 PUBLISH packet to transfer the message
+/// to the MQTT broker regardless of the service class (priority) set on a uProtocol message.
+///
+/// ### Supported Message Delivery Methods
+///
+/// The transport supports the [push delivery method](https://github.com/eclipse-uprotocol/up-spec/blob/v1.6.0-alpha.7/up-l1/README.adoc#5-message-delivery) only.
+/// The [Self::receive] function therefore always returns [UCode::UNIMPLEMENTED].
+///
+/// ### Maximum number of listeners
+///
+/// The transport can be configured with the maximum number of filter patterns that listeners can
+/// be registered for by means of the [Mqtt5TransportOptions] struct that is being passed into [Self::new].
+///
+/// ### Authentication & Authorization
+///
+/// The transport can be configured with credentials that the transport will provide to the MQTT 5
+/// broker during connection establishment. A _username_ and _password_ and/or an X.509 client certificate
+/// can be specified as part of the [Mqtt5TransportOptions] that are passed into the [Self::new] function
+/// for creating a transport instance.
+///
+/// The mechanism for configuring access to topics is specific to the particular MQTT 5 broker at hand.
+/// The code in the [integration tests folder](https://github.com/eclipse-uprotocol/up-transport-mqtt5-rust/tree/v0.4.0/tests)
+/// illustrates, how ACLs can be used with an Eclipse Mosquitto MQTT broker to restrict a client's
+/// authority to publish messages and subscribe to topics.
+///
+// [uman->req~utransport-send-qos-mapping~1]
+// [uman->req~utransport-delivery-methods~1]
+// [uman->req~utransport-registerlistener-max-listeners~1]
+// [uman->req~utransport-send-prevent-address-spoofing~1]
+// [uman->req~utransport-registerlistener-prevent-unauthorized-access~1]
 pub struct Mqtt5Transport {
     /// Client instance for connecting to mqtt broker.
     mqtt_client: Arc<dyn MqttClientOperations>,
@@ -339,16 +389,20 @@ impl Mqtt5Transport {
     /// Creates a new transport.
     ///
     /// The connection to the MQTT broker needs to be established by means of the
-    /// [`Self::connect`] function. This allows for clients to implement any particular
+    /// [Self::connect] function. This allows for clients to implement any particular
     /// connection strategy using e.g. an exponential backoff for subsequent connection
     /// attempts.
     ///
     /// # Arguments
     /// * `options` - Configuration options for the transport.
-    /// * `authority_name` - Authority name of the local uEntity.
+    /// * `authority_name` - The (logical) name to use for the host that the local uEntity runs on.
+    ///   This name will be used as part of the origin and destination addresses of uProtocol messages.
+    ///   It is important to use a meaningful authority name here and make sure that it is unique across all
+    ///   uEntities in the same deployment, otherwise message filtering will not work correctly.
     ///
     /// # Errors
-    /// Will return an error if the creation of the Paho client fails, or if the given authority name is invalid.
+    /// Will return an error if the creation of the underlying Paho MQTT client fails, or if the given authority
+    /// name is invalid.
     pub async fn new<S: Into<String>>(
         options: Mqtt5TransportOptions,
         authority_name: S,