Show EOL distros: 

Package Summary

Server side tools for authorization and authentication of ROS clients.

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

Package Summary

Server Side tools for Authorization and Authentication of ROS Clients

  • Maintainer status: maintained
  • Maintainer: Rein Appeldoorn <rein AT eurotec DOT com>
  • Author: Russell Toris <rctoris AT wpi DOT edu>
  • License: BSD

About

Rosauth is a dependency of rosbridge_suite, providing server side tools for authorization and authentication of ROS bridge clients.

Nodes

ros_mac_authentication

Server side MAC authentication

Services

authenticate (rosauth/Authentication)
  • Server side authentication request

Parameters

~allowed_time_delta (float, default: 5)
  • Allowed time delta from client to server (negative value means no time check)
~secret_file_location (string)
  • Path to authentication secret (should be 16 characters)

Usage rosbridge suite authenticated server client connection

Configure the rosbridge to use authentication:

roslaunch rosbridge_server rosbridge_websocket.launch authenticate:=true

Set-up the rosauth node (for example purposes we disable time delta checking):

echo "1234567890abcdef" > /tmp/secret.txt  # Example secret
rosrun rosauth ros_mac_authentication _secret_file_location:=/tmp/secret.txt _allowed_time_delta:=-1

In order to test whether your authentication works, generate a mac via the command line:

echo -n "1234567890abcdefclientdestrand0level0" | sha512sum

Call auth service via command line:

rosservice call /authenticate "mac: '19d9d2166799f1ffd6fee6379f957502aff8716bfebc8cc8b3bac57ade14441bb9678be89d0a7eec9c81291f854d754d7a4de2278bede56f162c2faeb468c68a'
client: 'client'
dest: 'dest'
rand: 'rand'
t: {secs: 0, nsecs: 0}
level: 'level'
end: {secs: 0, nsecs: 0}"

This will result in the following response:

authenticated: True

The rosbridge server is responsible for calling the /authenticate service on a request of the client. This can be done using the authenticate method of roslibjs: http://robotwebtools.org/jsdoc/roslibjs/current/Ros.html#authenticate

Example:

let secret = 'myawesomesecret1'
let dest = this.url
let rand = randomString(10)
let time = new Date().getTime() / 1000
let timeEnd = time + 1000
let level = "admin"
let mac = sha512(secret + client.getUA() + dest + rand + parseInt(time).toString() + level + parseInt(timeEnd).toString())  // using sha512 library js-sha512 and client library clientjs
this.authenticate(mac, client.getUA(), dest, rand, time, level, timeEnd)  // method from roslibjs

Wiki: rosauth (last edited 2020-03-12 19:59:29 by reinzor)