the “+/temperature” would be possible if you implement a SubscriptionAuthorizer
and register it with the securityRegistry
mentioned by @michael_w
one important thing is, that you prevent the subscribe itself, as MQTT will handle this subscribe as a wildcard subscribe for “any/temperature”.
Here is an example how the prevention could be accomplished followed by adding subscriptions where the client has access to:
...
final List<String> topicsIHaveAccessTo = new ArrayList<>();
topicsIHaveAccessTo.add("myClientId/temperature");
topicsIHaveAccessTo.add("clientIdOfAFriend/temperature");
topicsIHaveAccessTo.add("clientIdOfAnotherFriend/temperature");
final SubscriptionAuthorizer subAuthor = new SubscriptionAuthorizer() {
@Override
public void authorizeSubscribe(final @NotNull SubscriptionAuthorizerInput input, final @NotNull SubscriptionAuthorizerOutput output) {
final String topic = input.getSubscription().getTopicFilter();
final Qos qos = input.getSubscription().getQos();
final String clientId = input.getClientInformation().getClientId();
if(topic.startsWith("+/")){
//first let the original subscription fail.
output.failAuthorization();
//then add subscriptions through the store
for (final String topicWithAccess : topicsIHaveAccessTo) {
final TopicSubscription topicSubscription = Builders.topicSubscription()
.topicFilter(topicWithAccess)
.qos(qos)
.build();
Services.subscriptionStore().addSubscription(clientId, topicSubscription);
}
}
}
};
Services.securityRegistry().setAuthorizerProvider(new AuthorizerProvider() {
@Override
public Authorizer getAuthorizer(final @NotNull AuthorizerProviderInput authorizerProviderInput) {
return subAuthor;
}
});
I hope this could help.
Kind regards,
Flo