npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

lwm2m-gw

v0.1.3

Published

[![Tests](https://github.com/zimbora/lwm2m-node/actions/workflows/test.yml/badge.svg)](https://github.com/zimbora/lwm2m-node/actions/workflows/test.yml) [![codecov](https://codecov.io/gh/zimbora/lwm2m-gw/graph/badge.svg?token=3WZ5SMDRTH)](https://codecov.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zimborazimbora

Keywords

Readme

LwM2M Node.js Library

Tests codecov CodeQL

npm version node license npm downloads types

ESLint code style: prettier Conventional Commits Release with Changesets

bundle size Known Vulnerabilities last commit issues PRs

A comprehensive Lightweight Machine to Machine (LwM2M) implementation in Node.js featuring both client and server components with support for CoAP, DTLS encryption, and full bootstrap capabilities.

⚡ Quick Demo

Complete Bootstrap Workflow

Experience the full LwM2M lifecycle from device provisioning to operation:

1. Launch Bootstrap Server

node server/examples/bootstrapServer.js | npx pino-pretty

Handles device provisioning and security configuration on port 5684

2. Launch Main LwM2M Server

node server/examples/server.js | npx pino-pretty

Manages registered devices and resource operations on port 5683

3. Launch Bootstrap Client

node client/examples/bootstrapClient.js | npx pino-pretty

Simulates a device going through the complete bootstrap process

4. Launch Standard Client

node client/examples/client.js | npx pino-pretty

Simulates a pre-configured device connecting directly

🔄 What Happens

The bootstrap client automatically:

  1. Connects to bootstrap server (port 5684)
  2. Receives security and server configuration objects
  3. Registers to main LwM2M server (port 5683)
  4. Begins normal LwM2M operations (observations, resource access)

🔒 Secure Demo (DTLS)

For encrypted communication:

# Generate certificates
openssl ecparam -name secp256r1 -genkey -noout -out ecdsa.key
openssl req -x509 -new -key ecdsa.key -out ecdsa.crt -days 365 \
  -subj "/C=US/ST=Test/L=Test/O=Test/OU=Test/CN=localhost"

# Launch secure server
node server/examples/dtlsServer.js

🌟 Key Features

  • 📱 Complete LwM2M Implementation: Full client and server with all standard objects
  • 🔐 Security First: DTLS encryption and comprehensive bootstrap provisioning
  • 🚀 Production Ready: Event-driven architecture with monitoring and analytics
  • 🔧 Developer Friendly: Extensive examples, tests, and documentation
  • 📊 Multiple Formats: Support for JSON, CBOR, TLV, and text data formats
  • 🔄 Real-time: Resource observations and asynchronous notifications
  • 📡 MQTT Integration: Bidirectional MQTT communication for device management

✅ LwM2M Node.js Capabilities Overview

| Feature | 🌐 Client | 🖥️ Server | ✅ Auto Tests | |--------------------------------------|-----------------------------------|-------------------------------------|-----------------| | Bootstrap Server | | | | | Bootstrap Request Handling | ✅ Supports bootstrap requests | ✅ Handles /bs endpoint | ✅ Covered | | Security Object Provisioning | ✅ Receives provisioned config | ✅ Creates security instances | ✅ Covered | | Server Object Provisioning | ✅ Receives provisioned config | ✅ Creates server instances | ✅ Covered | | Bootstrap Finish | ✅ Sends finish notification | ✅ Handles /bs-finish endpoint | ✅ Covered | | Configuration Management | 🕐 Planned | ✅ Per-endpoint configuration | 🟡 Partial | | | | | | | Server | | | | | LwM2M Registration (/rd) | ✅ Sends registration | ✅ Handles registration | ✅ Covered | | Registration Update (/rd/{id}) | ✅ Supports | ✅ Handles update | ✅ Covered | | Deregistration | ✅ Sends | ✅ Handles deregistration | ✅ Covered | | Error Detection / Retry | ✅ Logs failures | ✅ Detects connection loss | 🛑 Not Covered | | Event-Driven Responses | 🕐 Planned | ✅ Emits payload per request | 🟡 server | | | | | | | Object Model / Discovery | | | | | Built-in Objects (0–6 + 3303) | ✅ Fully implemented | 🕐 Used via client introspection | 🛑 Not Covered | | Well-Known Core Discovery | ✅ Responds with </x/y/z>;attr | ✅ Parses and lists resources | 🟡 server | | Resource Metadata (R/W/X/Obs/Units) | ✅ Defined per object | ✅ Discoverable via /core | 🛑 Not Covered | | Multiple Instances | 🕐 Planned | 🕐 Planned | 🛑 Not Covered | | | | | | | Resource Access | | | | | Resource Read | ✅ Responds with value | ✅ Sends GET request | ✅ Covered | | Resource Write | ✅ Accepts PUT | ✅ Sends PUT | ✅ Covered | | Resource Execute | ✅ Handles function call | ✅ Sends POST | ✅ Covered | | Resource Observation | ✅ Manages and sends notifications| ✅ Sends GET with Observe=0 | ✅ Covered | | Resource Write attribute | 🟡 Partially | 🛑 Not yet | 🛑 Not Covered | | Object,InstanceId Create | 🟡 Partially | 🛑 Not yet | 🛑 Not Covered | | Object,InstaceId Delete | 🟡 Partially | 🛑 Not yet | 🛑 Not Covered | | Manual Notification Push | ✅ Interval-based observe | ✅ Receives notifications | 🛑 Not Covered | | | | | | | Data Formats | | | | | Text Format (Content-Format: 0) | ✅ Default/fallback | ✅ Default/fallback | ✅ Covered | | Link Format (Content-Format: 40) | ✅ Encode/decode (⚠️ untested) | ✅ Encode/decode | ✅ Covered | | JSON Format (Content-Format: 50) | ✅ Encode/decode (⚠️ untested) | ✅ Encode/decode | ✅ Covered | | TLV LwM2M (Content-Format: 60) | ✅ Encode/decode (⚠️ untested) | ✅ Encode/decode | ✅ Covered | | JSON LwM2M (Content-Format: 61) | ✅ Encode/decode (⚠️ untested) | ✅ Encode/decode | ✅ Covered | | CBOR LwM2M (Content-Format: 62) | ✅ Encode/decode (⚠️ untested) | ✅ Encode/decode | ✅ Covered | | | | | | | Transport Layers | | | | | COAP | ✅ Default | ✅ Default | 🛑 Not Covered | | MQTT | ✅ Client support | ✅ Server support | ✅ Covered | | MQTT Request Handling | 🛑 Not applicable | ✅ Bidirectional communication | ✅ Covered | | Bridge COAP/MQTT | ✅ Implemented | ✅ Implemented | 🛑 Not Covered | | | | | | | Fota | | | | | UDP | 🕐 Planned | 🕐 Planned | 🛑 Not Covered | | HTTP | 🛑 Not yet | 🛑 Not yet | 🛑 Not Covered | | | | | | | Extra Features | | | | | Object 3303 Temperature (Simulated) | ✅ Periodic updates | ✅ Observes value | 🛑 Not Covered | | Security: DTLS, OSCORE | 🛑 OSCORE not yet | ✅ DTLS implemented | 🛑 Not Covered | | Persistant Storage | 🛑 Not yet | 🛑 Not yet | 🛑 Not Covered |

🔒 DTLS Security (Server-Side)

This library implements DTLS (Datagram Transport Layer Security) for secure CoAP communication on the server side. DTLS provides encryption, authentication, and message integrity for LwM2M communications.

Features

  • Certificate-based Authentication: X.509 certificate support
  • Encrypted Communication: All CoAP messages encrypted via DTLS
  • Standard Port Support: Uses CoAPS port 5684
  • Full LwM2M Protocol Support: Registration, updates, observations, and resource operations over DTLS

Quick Start

1. Generate SSL Certificates

# Generate ECDSA private key
openssl ecparam -name secp256r1 -genkey -noout -out ecdsa.key

# Generate self-signed certificate
openssl req -x509 -new -key ecdsa.key -out ecdsa.crt -days 365 \
  -subj "/C=US/ST=Test/L=Test/O=Test/OU=Test/CN=localhost"

2. Start DTLS Server

const { startLwM2MDTLSCoapServer } = require('./server/resourceClient');

// Validation function for client registration
const validation = (ep, payload) => {
  console.log(`Validating client: ${ep}`);
  return Promise.resolve(true);
};

// DTLS server options
const options = {
  port: 5684,              // Standard CoAPS (DTLS) port
  keyPath: './ecdsa.key',   // Path to private key
  certPath: './ecdsa.crt',  // Path to certificate
};

// Start the secure server
const server = startLwM2MDTLSCoapServer(validation, options);

3. Run Example DTLS Server

node server/examples/dtlsServer.js

Configuration Options

| Option | Type | Default | Description | |--------|------|---------|-------------| | port | number | 5684 | DTLS server port (standard CoAPS) | | keyPath | string | './server.key' | Path to RSA/ECDSA private key | | certPath | string | './server.crt' | Path to X.509 certificate |

Supported Operations

All standard LwM2M operations are supported over DTLS:

  • Registration: /rd endpoint with encrypted client information
  • Registration Update: /rd/{location} with secure updates
  • Deregistration: Secure client disconnection
  • Resource Operations: GET, PUT, POST operations on resources
  • Observations: Encrypted notification delivery
  • Bootstrap: Secure provisioning of client configurations

Security Considerations

  • Certificate Management: Use proper CA-signed certificates in production
  • Key Protection: Secure private key storage and access control
  • Client Authentication: Implement proper client certificate validation
  • Regular Updates: Keep certificates current and rotate keys periodically

Events

DTLS server emits the same events as the standard CoAP server:

const sharedEmitter = require('./server/transport/sharedEmitter');

sharedEmitter.on('registration', ({ protocol, ep, location }) => {
  console.log(`[${protocol}] Client ${ep} registered at ${location}`);
});

sharedEmitter.on('update', ({ protocol, ep, location }) => {
  console.log(`[${protocol}] Client ${ep} updated registration`);
});

sharedEmitter.on('deregistration', ({ protocol, ep }) => {
  console.log(`[${protocol}] Client ${ep} deregistered`);
});

🚀 Bootstrap Server Details

The Bootstrap Server is a critical component that provides initial configuration and security provisioning for LwM2M devices. It follows the OMA LwM2M specification for bootstrap procedures.

Core Bootstrap Workflow

1. [Client] ──── POST /bs?ep=device-id ────► [Bootstrap Server]
2. [Client] ◄─── Delete Security Objects ─── [Bootstrap Server]  
3. [Client] ◄─── Delete Server Objects ───── [Bootstrap Server]
4. [Client] ◄─── Write Security Instance ─── [Bootstrap Server]
5. [Client] ◄─── Write Server Instance ───── [Bootstrap Server]
6. [Client] ──── POST /bs-finish ──────────► [Bootstrap Server]
7. [Client] ──── Register to LwM2M Server ─► [Main LwM2M Server]

Bootstrap Objects

Security Object (ID: 0)

Provisioned with server connection details:

{
  instanceId: 0,
  serverUri: 'coap://localhost:5683',  // Main LwM2M server URI
  isBootstrap: false,                  // This is for main server
  securityMode: 3,                     // 0=PSK, 1=RPK, 2=Cert, 3=NoSec
  shortServerId: 123,                  // Server ID reference
  publicKey: 'client-identity',        // PSK identity or certificate
  secretKey: 'shared-secret'           // PSK key or private key
}

Server Object (ID: 1)

Operational parameters for the main server:

{
  instanceId: 0,
  shortServerId: 123,                  // Must match Security Object
  lifetime: 300,                       // Registration lifetime (seconds)
  binding: 'U',                        // UDP binding
  notificationStoring: true            // Store notifications when offline
}

Bootstrap Configuration

Per-Device Configuration

const { setBootstrapConfiguration } = require('./server/handleBootstrap');

// Configure specific device
setBootstrapConfiguration('device-001', {
  securityInstances: [{
    instanceId: 0,
    serverUri: 'coaps://production-server.com:5684',
    isBootstrap: false,
    securityMode: 2,  // Certificate-based security
    shortServerId: 999,
    publicKey: 'device-001-cert.pem',
    secretKey: 'device-001-key.pem'
  }],
  serverInstances: [{
    instanceId: 0,
    shortServerId: 999,
    lifetime: 3600,    // 1 hour lifetime
    binding: 'U',
    notificationStoring: true
  }]
});

Bulk Configuration

// Configure multiple devices with similar settings
const devices = ['device-001', 'device-002', 'device-003'];
devices.forEach(deviceId => {
  setBootstrapConfiguration(deviceId, {
    securityInstances: [{
      instanceId: 0,
      serverUri: 'coap://fleet-server.example.com:5683',
      isBootstrap: false,
      securityMode: 1,  // PSK mode
      shortServerId: 100,
      publicKey: deviceId,
      secretKey: generatePSK(deviceId)  // Your PSK generation logic
    }],
    serverInstances: [{
      instanceId: 0,
      shortServerId: 100,
      lifetime: 86400,  // 24 hours
      binding: 'U',
      notificationStoring: true
    }]
  });
});

Bootstrap Server Events

Monitor bootstrap process with detailed events:

const sharedEmitter = require('./server/transport/sharedEmitter');

// Client requested bootstrap
sharedEmitter.on('bootstrap-request', ({ protocol, ep }) => {
  console.log(`Bootstrap requested by ${ep} via ${protocol}`);
  // Log for security monitoring
  // Update device status in database
});

// Client completed bootstrap
sharedEmitter.on('bootstrap-finish', ({ protocol, ep }) => {
  console.log(`Bootstrap completed for ${ep}`);
  // Mark device as ready for operations
  // Trigger any post-bootstrap actions
});

Security Modes

| Mode | Value | Description | Use Case | |------|--------|-------------|----------| | PSK | 0 | Pre-Shared Key | Simple deployments, shared secrets | | RPK | 1 | Raw Public Key | Certificate-less PKI | | Certificate | 2 | X.509 Certificates | Full PKI infrastructure | | NoSec | 3 | No Security | Development, testing only |

Production Deployment

Security Best Practices

// Production bootstrap configuration
const productionConfig = {
  securityInstances: [{
    instanceId: 0,
    serverUri: 'coaps://lwm2m.yourcompany.com:5684',
    isBootstrap: false,
    securityMode: 2,  // Use certificates in production
    shortServerId: 1,
    publicKey: './certs/device-cert.pem',
    secretKey: './certs/device-key.pem'
  }],
  serverInstances: [{
    instanceId: 0,
    shortServerId: 1,
    lifetime: 3600,      // Reasonable lifetime
    binding: 'U',
    notificationStoring: true
  }]
};

Monitoring and Logging

// Enhanced bootstrap logging
sharedEmitter.on('bootstrap-request', ({ protocol, ep, timestamp }) => {
  // Security logging
  auditLog.info('Bootstrap attempt', {
    endpoint: ep,
    protocol: protocol,
    timestamp: timestamp,
    sourceIp: req.connection.remoteAddress
  });
  
  // Rate limiting check
  if (isRateLimited(ep)) {
    throw new Error('Too many bootstrap attempts');
  }
});

Usage

Usage

Standard LwM2M Server

Start a basic CoAP server for device registration and management:

const { startLwM2MCoapServer } = require('./server/resourceClient');

// Validation function for client registration
const validation = (ep, payload) => {
  console.log(`Registering device: ${ep}`);
  // Add custom validation logic here
  return Promise.resolve(true);
};

// Start server on default port 5683
const server = startLwM2MCoapServer(validation);

Or run the example server:

node server/server.js | npx pino-pretty

Bootstrap-Enabled Deployment

For production deployments with device provisioning:

# Terminal 1: Start Bootstrap Server
node server/bootstrapServer.js | npx pino-pretty

# Terminal 2: Start Main LwM2M Server  
node server/server.js | npx pino-pretty

# Terminal 3: Start Bootstrap Client
node client/bootstrapClient.js | npx pino-pretty

Secure DTLS Deployment

For encrypted communication:

# Generate certificates first
openssl ecparam -name secp256r1 -genkey -noout -out ecdsa.key
openssl req -x509 -new -key ecdsa.key -out ecdsa.crt -days 365 \
  -subj "/C=US/ST=Test/L=Test/O=Test/OU=Test/CN=localhost"

# Start DTLS server
node server/examples/dtlsServer.js

Client Operations

Resource Discovery

# Discover available resources
coap-cli get coap://localhost:5683/.well-known/core

Resource Operations

const { sendCoapRequest } = require('./server/transport/coapClient');

// Read device manufacturer (Object 3, Instance 0, Resource 0)
const response = await sendCoapRequest('localhost', 5683, 'GET', '/3/0/0');
console.log('Manufacturer:', response.payload.toString());

// Write firmware update URL (Object 5, Instance 0, Resource 1)
await sendCoapRequest('localhost', 5683, 'PUT', '/5/0/1', {
  payload: Buffer.from('https://example.com/firmware.bin')
});

// Execute firmware update (Object 5, Instance 0, Resource 2)
await sendCoapRequest('localhost', 5683, 'POST', '/5/0/2');

Observations

// Start observing a resource
await sendCoapRequest('localhost', 5683, 'GET', '/3303/0/5700', {
  observe: true,
  confirmable: true
});

// Listen for notifications
const sharedEmitter = require('./server/transport/sharedEmitter');
sharedEmitter.on('notification', ({ ep, path, payload }) => {
  console.log(`${ep} ${path}: ${payload.toString()}`);
});

Event Monitoring

Monitor all LwM2M server events:

const sharedEmitter = require('./server/transport/sharedEmitter');

// Device lifecycle events
sharedEmitter.on('registration', ({ protocol, ep, location }) => {
  console.log(`[${protocol}] Device ${ep} registered at ${location}`);
});

sharedEmitter.on('update', ({ protocol, ep, location }) => {
  console.log(`[${protocol}] Device ${ep} updated registration`);
});

sharedEmitter.on('deregistration', ({ protocol, ep }) => {
  console.log(`[${protocol}] Device ${ep} disconnected`);
});

// Resource events
sharedEmitter.on('notification', ({ protocol, ep, path, payload }) => {
  console.log(`[${protocol}] ${ep} notification ${path}: ${payload.toString()}`);
});

// Bootstrap events
sharedEmitter.on('bootstrap-request', ({ protocol, ep }) => {
  console.log(`[${protocol}] Bootstrap requested by ${ep}`);
});

sharedEmitter.on('bootstrap-finish', ({ protocol, ep }) => {
  console.log(`[${protocol}] Bootstrap completed for ${ep}`);
});

Resource Server (Client-Side)

For device simulation and testing:

const { startResourceServer } = require('./client/resourceServer');

// Start client resource server with temperature sensor simulation
const server = startResourceServer(56831);

// Server automatically provides:
// - Device object (ID 3) with manufacturer, model, etc.
// - Connectivity monitoring (ID 4) 
// - Temperature sensor (ID 3303) with simulated values
  • Start the client to simulate a device with observable resources.
  • Run the server to manage registrations, handle resource operations, and observe notifications.
  • Explore .well-known/core for resource discovery.
  • Utilize CBOR or TLV encoding/decoding for efficient payload exchange.

🏗️ Server Architecture

The LwM2M server implementation provides a comprehensive device management platform with the following components:

Core Server Components

1. Resource Client (server/resourceClient.js)

  • CoAP Server: Standard LwM2M server on port 5683
  • DTLS Server: Secure LwM2M server on port 5684
  • Protocol Support: CoAP and DTLS transport layers
  • Event Emission: Real-time server events via shared emitter

2. Client Registry (server/clientRegistry.js)

  • Device Registration: Tracks connected devices and their metadata
  • Location Management: Maps registration locations to device endpoints
  • Connection State: Monitors device connectivity and lifecycle

3. Observation Registry (server/observationRegistry.js)

  • Resource Observations: Manages active resource observations
  • Token Management: Tracks observation tokens and associated resources
  • Notification Routing: Routes notifications to correct observers

4. Bootstrap Server (server/bootstrap.js)

  • Device Provisioning: Provides initial configuration to devices
  • Security Management: Provisions security objects and credentials
  • Configuration Storage: Per-device bootstrap configurations

Server-Side Features

| Component | Feature | Description | |-----------|---------|-------------| | Client Management | Registration Handling | Processes device registration requests | | | Lifecycle Tracking | Monitors device connect/disconnect events | | | Metadata Storage | Stores device information and capabilities | | Security | DTLS Support | Encrypted communication with certificate validation | | | Bootstrap Security | Secure device provisioning and credential management | | | Authentication | Configurable client validation functions | | Resource Operations | Read Operations | Handle GET requests for device resources | | | Write Operations | Handle PUT requests to update device state | | | Execute Operations | Handle POST requests for device actions | | | Discovery | Support for .well-known/core resource discovery | | Observations | Resource Monitoring | Real-time monitoring of device resources | | | Notification Delivery | Asynchronous notification handling | | | Token Management | Secure observation token tracking | | Data Formats | Content Negotiation | Support for multiple data formats | | | Format Conversion | Automatic encoding/decoding based on Accept headers | | | Binary Support | Efficient binary data handling |

Event-Driven Architecture

The server uses an event-driven architecture for real-time device management:

const sharedEmitter = require('./server/transport/sharedEmitter');

// Available server events:
// - 'registration': Device registered
// - 'update': Registration updated  
// - 'deregistration': Device disconnected
// - 'notification': Resource notification received
// - 'bootstrap-request': Bootstrap requested
// - 'bootstrap-finish': Bootstrap completed

Configuration and Deployment

Production Server Setup

const { startLwM2MCoapServer } = require('./server/resourceClient');

// Custom validation for production
const productionValidation = async (ep, payload) => {
  // Implement authentication logic
  const isAuthorized = await checkDeviceAuthorization(ep);
  if (!isAuthorized) {
    throw new Error(`Unauthorized device: ${ep}`);
  }
  
  // Validate device capabilities
  const capabilities = parseRegistrationPayload(payload);
  if (!isValidCapabilities(capabilities)) {
    throw new Error(`Invalid capabilities for device: ${ep}`);
  }
  
  return true;
};

// Start production server
const server = startLwM2MCoapServer(productionValidation, 5683);

Monitoring and Analytics

// Real-time device monitoring
const deviceMetrics = new Map();

sharedEmitter.on('registration', ({ ep, location }) => {
  deviceMetrics.set(ep, {
    registeredAt: Date.now(),
    lastSeen: Date.now(),
    location: location,
    notificationCount: 0
  });
});

sharedEmitter.on('notification', ({ ep, path, payload }) => {
  const metrics = deviceMetrics.get(ep);
  if (metrics) {
    metrics.lastSeen = Date.now();
    metrics.notificationCount++;
    deviceMetrics.set(ep, metrics);
  }
});

// Health check endpoint
setInterval(() => {
  const activeDevices = deviceMetrics.size;
  const totalNotifications = Array.from(deviceMetrics.values())
    .reduce((sum, device) => sum + device.notificationCount, 0);
  
  console.log(`Active devices: ${activeDevices}, Total notifications: ${totalNotifications}`);
}, 30000);

📡 MQTT Integration

The LwM2M server provides comprehensive MQTT integration for bidirectional communication with IoT devices and external systems.

Features

  • 🔄 Bidirectional Communication: Send requests to devices via MQTT and receive responses
  • 📊 Real-time Data Streaming: Device sensor data published to MQTT topics
  • 🎯 Device Lifecycle Events: Registration, updates, and deregistration events via MQTT
  • 🛠️ Complete LwM2M Operations: Support for GET, PUT, POST, DELETE, DISCOVER, and OBSERVE operations
  • 🔧 Flexible Topic Structure: Organized topic hierarchy for easy subscription management

Quick Start

1. Start Enhanced MQTT Gateway

const MqttRequestHandler = require('./server/mqttRequestHandler');

// Start bidirectional MQTT gateway
node server/examples/serverMqttBidirectional.js

2. Send Requests via MQTT

# Read device manufacturer
mosquitto_pub -h localhost -t "lwm2m/requests/device001/GET/3/0/0" -m "{}"

# Write temperature threshold  
mosquitto_pub -h localhost -t "lwm2m/requests/device001/PUT/3303/0/5601" -m '{"payload": "-10.0"}'

# Start observing temperature
mosquitto_pub -h localhost -t "lwm2m/requests/device001/OBSERVE/3303/0/5700" -m "{}"

3. Subscribe to Responses and Data

# Listen to device responses
mosquitto_sub -h localhost -t "lwm2m/responses/+/+/+"

# Listen to sensor data
mosquitto_sub -h localhost -t "lwm2m/+/sensor/+"

# Listen to device events
mosquitto_sub -h localhost -t "lwm2m/+/registered"

MQTT Topic Structure

| Purpose | Topic Pattern | Example | |---------|---------------|---------| | Inbound Requests | {project}/requests/{endpoint}/{method}{path} | lwm2m/requests/device001/GET/3/0/0 | | Outbound Responses | {project}/responses/{endpoint}/{method}{path} | lwm2m/responses/device001/GET/3/0/0 | | Device Data | {project}/{endpoint}/sensor{path} | lwm2m/device001/sensor/3303/0/5700 | | Lifecycle Events | {project}/{endpoint}/{event} | lwm2m/device001/registered |

Supported Operations

| Method | Description | Payload Required | Example | |--------|-------------|------------------|---------| | GET | Read resource value | No | Read device manufacturer | | PUT | Write resource value | Yes | Update configuration | | POST | Execute resource | Optional | Trigger device reboot | | DELETE | Delete object instance | No | Remove configuration | | DISCOVER | Discover available resources | No | List all resources | | OBSERVE | Start observing resource | No | Monitor temperature | | CANCEL-OBSERVE | Stop observing resource | No | Stop monitoring |

Programming Examples

Using the MQTT Request Handler

const MqttRequestHandler = require('./server/mqttRequestHandler');

const handler = new MqttRequestHandler({
  project: 'lwm2m',
  host: 'localhost', 
  port: 1883,
  username: 'user',
  password: 'pass'
});

await handler.connect();

Integration with Existing Gateway

// server/examples/serverMqttBidirectional.js includes:
// - Existing outbound data publishing
// - New inbound request handling  
// - Unified configuration
// - Event correlation

Demo Client

# Run interactive demo
node server/examples/mqttDemo.js

For detailed documentation, see MQTT Request Handler Documentation.

TODO

Planned Enhancements

  • OSCORE Security: Implement Object Security for CoAP (RFC 8613)
  • Client-Side DTLS: Add DTLS support for LwM2M clients
  • Persistent Storage: Database backend for device state and configurations
  • Error Recovery: Enhanced error handling and automatic retry mechanisms
  • Performance Optimization: Connection pooling and resource caching
  • Advanced Analytics: Device behavior analytics and reporting dashboards
  • Bulk Operations: Firmware update campaigns and mass device configuration
  • Protocol Extensions: SMS binding and other transport alternatives

Testing Improvements

  • Integration Tests: End-to-end bootstrap and registration workflows
  • Performance Tests: Load testing with multiple concurrent devices
  • Security Tests: Penetration testing and vulnerability assessments
  • Compatibility Tests: Interoperability with other LwM2M implementations

Contributing

Feel free to open issues or submit pull requests to improve this library!

Made with ❤️ for LwM2M enthusiasts.