Mosquitto Firebase Auth
This is an auth plugin for Mosquitto which uses mosquito_pyauth to load a python module which uses the firebase_admin library to authenticate users submitting messages to mosquitto instance via Google Firebase.
Getting started.
-
Pull this repository.
-
Build the mosquitto_pyauth image.
-
Build the mosquitto-firebase-auth image.
docker build . --tag mosquitto-firebase-auth
-
Generate and download a new firebase service account private key by following the "Inistialize the SDK" step here You'll likely want to save it into the
mosquitto
directory as.firebase-service-account.json
. -
Run the docker container!
docker run -v ${PWD}/mosquitto:/etc/mosquitto -e PYTHONPATH=/etc/mosquitto -p 1883:1883 -p 1884:1884 mosquitto-firebase-auth
- Run it with docker compose!
# docker-compose.yml
version: "3.9"
services:
mosquitto:
image: mosquitto-pyauth
environment:
- PYTHONPATH=/etc/mosquitto/
volumes:
- ./mosquitto:/etc/mosquitto
ports:
- "1883:1883"
- "1884:1884"
docker-compose up
Authenticating with mosquitto-firebase-auth
You will need to pass the JWT provided by the firebase authentication api into the password
of a mqtt connection. You can put what ever information you like into the username
field, it is unused though it seems handy to identify your users when connecting with it!
Notes:
- We're not handling Access Controll Lists (ACL's) at all in this plugin yet. You'll want to make some changes to the
mosquitto/mosquitto_firebase_auth.py
file if you need them. - I have no idea what
def psk_key_get(identity, hint)
does so it currently does nothing.