Changed mqtt connection expired behavior:

* Changed the exception in case a mqtt connection is expired to an AuthorizationException to have the correct error code in the error message to the device.
* Extended the list of terminal errors for mqtt and amqp messages with unauthorized error.

Signed-off-by: Matthias Kaemmer <[email protected]>

adapter-base/src/main/java/org/eclipse/hono/adapter/AbstractProtocolAdapterBase.java

@@ -1062,6 +1062,7 @@ public static ConnectionAttemptOutcome getOutcome(final Throwable e) {
      * <li>The adapter is disabled for the tenant that the client belongs to.</li>
      * <li>The authenticated device or gateway is disabled or not registered.</li>
      * <li>The tenant is disabled or does not exist.</li>
+     * <li>The authenticated device is not authorized anymore (e.g. the connection expired).</li>
      * </ul>
      *
      * @param error The error to be checked.
@@ -1096,7 +1097,8 @@ protected Future<Boolean> isTerminalError(final Throwable error, final String de
 
             return Future.succeededFuture(error instanceof AdapterDisabledException
                     || error instanceof GatewayDisabledOrNotRegisteredException
-                    || error instanceof TenantDisabledOrNotRegisteredException);
+                    || error instanceof TenantDisabledOrNotRegisteredException
+                    || error instanceof AuthorizationException);
         }
     }
 }

adapters/mqtt-base/src/main/java/org/eclipse/hono/adapter/mqtt/AbstractVertxBasedMqttProtocolAdapter.java

@@ -1310,6 +1310,7 @@ private Future<Void> checkTopic(final MqttContext context) {
 
         private boolean disconnectOnExpired() {
             if (authenticatedDevice != null && authenticatedDevice.expired()) {
+                log.debug("Connection with device {} has expired - Disconnecting device.", authenticatedDevice.getDeviceId());
                 endpoint.close();
                 return true;
             }
@@ -1318,7 +1319,7 @@ private boolean disconnectOnExpired() {
 
         private Future<Void> checkExpiration(final MqttContext context) {
             if (context.authenticatedDevice() != null && context.authenticatedDevice().expired()) {
-               return Future.failedFuture(new MqttConnectionException(MqttConnectReturnCode.CONNECTION_REFUSED_NOT_AUTHORIZED));
+               return Future.failedFuture(new AuthorizationException(context.tenant(), "Connection expired.", null));
             } else {
                return Future.succeededFuture();
             }

site/documentation/content/user-guide/amqp-adapter.md

@@ -135,6 +135,7 @@ are listed below.
 * The adapter is disabled for the tenant that the client belongs to.
 * The authenticated device or gateway is disabled or not registered.
 * The tenant is disabled or does not exist.
+* The authenticated device is not authorized anymore.
 
 ## Command-line Client
 

site/documentation/content/user-guide/mqtt-adapter.md

@@ -859,6 +859,7 @@ The error message's *code* field may contain the following HTTP status codes:
 | Code  | Description |
 | :---- | :---------- |
 | *400* | Bad Request, the request cannot be processed. A possible reason for this is an invalid *PUBLISH* topic. |
+| *401* | Unauthorized, the device connection is not authorized (e.g. the connection expired). |
 | *403* | Forbidden, the device's registration status cannot be asserted. |
 | *404* | Not Found, the device is disabled or does not exist. |
 | *413* | Request Entity Too Large, the request body exceeds the maximum supported size. |
@@ -890,6 +891,7 @@ terminal error happens. The errors that are classified as terminal are listed be
 * The adapter is disabled for the tenant that the client belongs to.
 * The authenticated device or gateway is disabled or not registered.
 * The tenant is disabled or does not exist.
+* The authenticated device is not authorized anymore (e.g. the connection expired).
 
 {{% notice info %}}
 When a terminal error occurs, the connection will always be closed irrespective of any *on-error* parameter or error