def join(self):
from twisted.internet._sslverify import OpenSSLCertificateAuthorities
from OpenSSL import crypto
if self._proto:
raise Exception("Already connected")
# Own callbacks
callbacks = {'connected': [CalvinCB(self._connected)],
'disconnected': [CalvinCB(self._disconnected)],
'connection_failed': [CalvinCB(self._connection_failed)],
'data': [CalvinCB(self._data)],
'set_proto': [CalvinCB(self._set_proto)]}
self._factory = TCPClientFactory(callbacks) # addr="%s:%s" % (self._host_ip, self._host_port))
runtime_to_runtime_security = _conf.get("security","runtime_to_runtime_security")
if runtime_to_runtime_security=="tls":
_log.debug("TwistedCalvinTransport with TLS chosen")
trusted_ca_certs = []
try:
self._runtime_credentials = runtime_credentials.RuntimeCredentials(self._node_name)
ca_cert_list_str, ca_cert_list_x509, truststore = certificate.get_truststore(certificate.TRUSTSTORE_TRANSPORT)
for ca_cert in ca_cert_list_str:
trusted_ca_certs.append(crypto.load_certificate(crypto.FILETYPE_PEM, ca_cert))
ca_certs = OpenSSLCertificateAuthorities(trusted_ca_certs)
client_credentials_data =self._runtime_credentials.get_runtime_credentials()
client_credentials = ssl.PrivateCertificate.loadPEM(client_credentials_data)
except Exception as err:
_log.error("TwistedCalvinTransport: Failed to load client credentials, err={}".format(err))
raise
try:
options = ssl.optionsForClientTLS(self._server_node_name,
trustRoot=ca_certs,
clientCertificate=client_credentials)
except Exception as err:
_log.error("TwistedCalvinTransport: Failed to create optionsForClientTLS "
"\n\terr={}"
"\n\tself._server_node_name={}".format(err,
self._server_node_name))
raise
try:
endpoint = endpoints.SSL4ClientEndpoint(reactor,
self._host_ip,
int(self._host_port),
options)
except:
_log.error("TwistedCalvinTransport: Client failed connectSSL")
raise
try:
endpoint.connect(self._factory)
except Exception as e:
_log.error("TwistedCalvinTransport: Failed endpoint.connect, e={}".format(e))
raise
else:
reactor.connectTCP(self._host_ip, int(self._host_port), self._factory)
def _create_tls_client_context(config, cbdir, log):
"""
Create a CertificateOptions object for use with TLS listening endpoints.
"""
# server hostname: The expected name of the remote host.
hostname = config['hostname']
# explicit trust (certificate) root
ca_certs = None
if 'ca_certificates' in config:
log.info("TLS client using explicit trust ({cnt_certs} certificates)", cnt_certs=len(config['ca_certificates']))
ca_certs = []
for cert_fname in [os.path.abspath(os.path.join(cbdir, x)) for x in (config['ca_certificates'])]:
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read())
)
log.info("TLS client trust root CA certificate loaded from '{fname}'", fname=cert_fname)
ca_certs.append(cert)
ca_certs = OpenSSLCertificateAuthorities(ca_certs)
else:
log.info("TLS client using platform trust")
# client key/cert to use
client_cert = None
if 'key' in config:
if 'certificate' not in config:
raise Exception('TLS client key present, but certificate missing')
key_fname = os.path.abspath(os.path.join(cbdir, config['key']))
with open(key_fname, 'r') as f:
private_key = KeyPair.load(f.read(), format=crypto.FILETYPE_PEM)
log.info("Loaded client TLS key from '{key_fname}'", key_fname=key_fname)
cert_fname = os.path.abspath(os.path.join(cbdir, config['certificate']))
with open(cert_fname, 'r') as f:
cert = Certificate.loadPEM(f.read(),)
log.info("Loaded client TLS certificate from '{cert_fname}' (cn='{cert_cn}', sha256={cert_sha256}..)",
cert_fname=cert_fname,
cert_cn=cert.getSubject().CN,
cert_sha256=cert.digest('sha256')[:12])
client_cert = PrivateCertificate.fromCertificateAndKeyPair(cert, private_key)
else:
if 'certificate' in config:
log.warn('TLS client certificate present, but key is missing')
# create TLS client context
ctx = optionsForClientTLS(hostname, trustRoot=ca_certs, clientCertificate=client_cert)
return ctx
@inlineCallbacks
def onJoin(self, details):
counter = 0
while True:
print("publish: com.myapp.topic1", counter)
yield self.publish(u'com.myapp.topic1', counter)
counter += 1
yield sleep(1)
if __name__ == '__main__':
# load the self-signed cert the server is using
examples_dir = join(split(__file__)[0], '..', '..', '..', '..')
cert_fname = join(examples_dir, 'router', '.crossbar', 'server.crt')
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read())
)
# tell Twisted to use just the one certificate we loaded to verify connections
options = CertificateOptions(
trustRoot=OpenSSLCertificateAuthorities([cert]),
)
# ...which we pass as "ssl=" to ApplicationRunner (passed to SSL4ClientEndpoint)
runner = ApplicationRunner(
environ.get("AUTOBAHN_DEMO_ROUTER", u"wss://127.0.0.1:8083/ws"),
u"crossbardemo",
ssl=options, # try removing this, but still use self-signed cert
)
runner.run(Component)
# start logging
if args.debug:
txaio.start_logging(level='debug')
else:
txaio.start_logging(level='info')
# any extra info we want to forward to our ClientSession (in self.config.extra)
extra = {'auth': args.authentication}
if args.ssl:
st_cert=open(args.ca_cert_file, 'rt').read()
c=OpenSSL.crypto
ca_cert=c.load_certificate(c.FILETYPE_PEM, st_cert)
st_cert=open(args.intermediate_cert_file, 'rt').read()
intermediate_cert=c.load_certificate(c.FILETYPE_PEM, st_cert)
certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert])
ssl_con = CertificateOptions(trustRoot=certs)
# now actually run a WAMP client using our session class ClientSession
runner = ApplicationRunner(url=args.url, realm=args.realm, extra=extra, ssl=ssl_con)
else:
# now actually run a WAMP client using our session class ClientSession
runner = ApplicationRunner(url=args.url, realm=args.realm, extra=extra)
runner.run(AppSession, auto_reconnect=True)
last_t = t
if field_available:
field[name] = f
try:
timeline[f["timeline"]]["field"].append(name)
except KeyError:
timeline[f["timeline"]] = {
"interval": t - last_t,
"field": [name]
}
return field, timeline
if __name__ == "__main__":
# Give time for crossbar server to start
time.sleep(5)
# Because we're using a self-signed certificate, we need to tell Twisted
# that it is OK to trust it.
cert_fname = (".crossbar/server_cert.pem")
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read()))
opt = CertificateOptions(trustRoot=OpenSSLCertificateAuthorities([cert]))
# Start our component.
runner = ApplicationRunner("wss://%s:%d/ws" % (sisock.base.SISOCK_HOST, \
sisock.base.SISOCK_PORT), \
sisock.base.REALM, ssl=opt)
runner.run(apex_weather)
cert_options = optionsForClientTLS(
u'localhost',
trustRoot=trustRootFromCertificates([
Certificate.loadPEM(open(cert_fname).read()),
Certificate.loadPEM(open(inter_cert_fname).read()),
]))
if False:
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
open('.crossbar/server.crt', 'rb').read())
inter_cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
open('.crossbar/intermediate.cert.pem', 'rb').read())
ca_certs = OpenSSLCertificateAuthorities([cert, inter_cert])
cert_options = ssl.optionsForClientTLS(u'localhost',
trustRoot=ca_certs)
if False:
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
open('.crossbar/server.crt', 'rb').read())
inter_cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
open('.crossbar/intermediate.cert.pem', 'rb').read())
cert_options = CertificateOptions(verify=True,
requireCertificate=True,
caCerts=[cert],
}
from twisted.internet.ssl import Certificate
from twisted.internet.ssl import optionsForClientTLS
from twisted.internet._sslverify import OpenSSLCertificateAuthorities
from OpenSSL import crypto
import six
ca_certs = []
for cert_fname in [
'.crossbar/ca.cert.pem', '.crossbar/intermediate.cert.pem'
]:
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read()))
ca_certs.append(cert)
ca_certs = OpenSSLCertificateAuthorities(ca_certs)
ctx = optionsForClientTLS(u'localhost', trustRoot=ca_certs)
# for cert in ['.crossbar/ca.cert.pem', '.crossbar/intermediate.cert.pem']:
# with open(cert) as f:
# ca_cert = Certificate.loadPEM(f.read())
# ca_certs.append(ca_cert)
# ctx = optionsForClientTLS(u'localhost', trustRoot=ca_certs)
# connect to router and run ClientSession
runner = ApplicationRunner(url=options.url,
realm=options.realm,
extra=extra,
ssl=ctx,
debug=False,
debug_wamp=options.trace)
def __init__(self,
ssl=True,
debug=True,
authentication=True,
user=u"ffbo",
secret=u"",
url=u'wss://neuronlp.fruitflybrain.org:7777/ws',
realm=u'realm1',
ca_cert_file='isrgrootx1.pem',
intermediate_cert_file='letsencryptauthorityx3.pem',
FFBOLabcomm=None):
if os.path.exists(os.path.join(home, '.ffbolab', 'lib')):
print(
printHeader('FFBOLab Client') +
"Downloading the latest certificates.")
# CertificateDownloader = urllib.URLopener()
if not os.path.exists(os.path.join(home, '.ffbolab', 'lib')):
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini",
os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini'))
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem",
os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem'))
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem",
os.path.join(home, '.ffbolab', 'lib',
'intermediateCertFile.pem'))
config_file = os.path.join(home, '.ffbolab', 'config',
'FBLClient.ini')
ca_cert_file = os.path.join(home, '.ffbolab', 'lib',
'caCertFile.pem')
intermediate_cert_file = os.path.join(home, '.ffbolab', 'lib',
'intermediateCertFile.pem')
config = ConfigParser()
config.read(config_file)
user = config["ComponentInfo"]["user"]
secret = config["ComponentInfo"]["secret"]
url = config["ComponentInfo"]["url"]
self.FFBOLabcomm = FFBOLabcomm
self.NKSimState = 0
self.executionSettings = []
extra = {'auth': authentication}
self.lmsg = 0
st_cert = open(ca_cert_file, 'rt').read()
c = OpenSSL.crypto
ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
st_cert = open(intermediate_cert_file, 'rt').read()
intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert])
ssl_con = CertificateOptions(trustRoot=certs)
FFBOLABClient = AutobahnSync()
self.client = FFBOLABClient
@FFBOLABClient.on_challenge
def on_challenge(challenge):
if challenge.method == u"wampcra":
print("WAMP-CRA challenge received: {}".format(challenge))
if u'salt' in challenge.extra:
# salted secret
salted_key = auth.derive_key(secret,
challenge.extra['salt'],
challenge.extra['iterations'],
challenge.extra['keylen'])
salted_key = (salted_key).decode('utf-8')
print(salted_key)
#if user==u'ffbo':
# plain, unsalted secret
# salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE="
#print(salted_key)
# compute signature for challenge, using the key
signature = auth.compute_wcs(salted_key,
challenge.extra['challenge'])
# return the signature to the router for verification
return signature
else:
raise Exception("Invalid authmethod {}".format(
challenge.method))
FFBOLABClient.run(url=url,
authmethods=[u'wampcra'],
authid=user,
ssl=ssl_con)
self.client_data = []
self.data = []
@FFBOLABClient.register('ffbo.gfx.addMessage')
def add_message(message_name, message):
output = json.loads(message)
output = ast.literal_eval(json.dumps(output))
# self.log.info("add_message() returns {x}", x=output)
print('add_message returns', output)
if message_name == 'neurogist':
pass
return output
print("Procedure ffbo.gfx.addMessage Registered...")
@FFBOLABClient.register('ffbo.gfx.updateFileList')
def updateFileList():
self.files = [
f for f in listdir(_FFBOLabDataPath)
if isfile(join(_FFBOLabDataPath, f))
]
output = ast.literal_eval(json.dumps(self.files))
print('updateFileList returns', output)
#self.log.info("return_files() returns {x}", x=output)
self.data = {}
self.data['data'] = output
self.data['messageType'] = 'updateFileList'
return self.data
print("Procedure ffbo.gfx.updateFileList Registered...")
registerOptions = RegisterOptions(details_arg='details')
@FFBOLABClient.register('ffbo.gfx.startExecution',
options=registerOptions)
def start_execution(settings, details=None):
self.NKSimState = 1
settings['userID'] = details.caller
self.executionSettings.append(settings)
return True
print("Procedure ffbo.gfx.startExecution Registered...")
registerOptions = RegisterOptions(details_arg='details')
@FFBOLABClient.register('ffbo.gfx.loadResults',
options=registerOptions)
def loadResults(details=None):
userID = details.caller
filename = 'neuroballad_temp_model_output.h5'
G = nx.read_gexf('neuroballad_temp_model.gexf.gz')
name_dict = {}
for n, d in G.nodes(data=True):
name_dict[n] = d['name']
print(name_dict)
f = h5py.File(filename, 'r')
json_data = {}
for variable_name in f.keys():
if variable_name != 'metadata':
print(variable_name)
data = list(f[variable_name].values())[0][:]
labels = list(f[variable_name].values())[1][:]
print(labels)
labels = list(filter(lambda k: b'auto' not in k, labels))
labels = list(filter(lambda k: b'input' not in k, labels))
print(labels)
for i in range(min(5000, len(labels))):
str_key = variable_name + '/' + name_dict[
labels[i].decode('utf8')]
str_key = ''.join(i for i in str_key if ord(i) < 128)
data_to_send = data[:, i]
data_to_send[data_to_send >= 1E3] = 0
data_to_send[data_to_send <= -1E3] = 0
data_to_send = np.nan_to_num(data_to_send)
data_to_send = np.clip(data_to_send, -1000., 1000.)
json_data[str_key] = data_to_send.astype(
np.float32).tolist()
no_keys = int(math.ceil(float(len(json_data.keys())) / 5.0))
json_out = json.dumps(json_data, ensure_ascii=True)
text_file = open("Output.txt", "w")
text_file.write(json_out)
text_file.close()
# Switch with calls
# yield self.publish(u'com.example.clear_results', [])
a = {}
a['widget'] = 'GFX'
a['messageType'] = 'clearResults'
a['data'] = {}
res = self.client.session.call(
u'ffbo.ui.receive_gfx.' + str(userID), a)
for i in range(no_keys):
dicttosend = dict(
(k, json_data[k])
for k in list(json_data.keys())[i * 5:(i + 1) * 5]
if k in list(json_data.keys()))
#try:
# yield self.publish(u'com.example.load_results', [dicttosend])
print('Sending data...')
a = {}
a['widget'] = 'GFX'
a['messageType'] = 'loadResults'
a['data'] = dicttosend
res = self.client.session.call(
u'ffbo.ui.receive_gfx.' + str(userID), a)
#except:
# print('Data sending failed...')
# pass
# Switch with calls
a = {}
a['widget'] = 'GFX'
a['messageType'] = 'showServerMessage'
a['data'] = [
"[GFX] Simulation results successfully obtained.", 1, 2
]
res = self.client.session.call(
u'ffbo.ui.receive_gfx.' + str(userID), a)
# yield self.publish(u'com.example.server_message', ["Results acquired...",1,2])
print("Results sent...")
# print(str(data[:,i].shape))
# print(data)
# print(str(no_keys))
# print(str(len(json_data.keys())))
# print(details.caller)
NK_sim_state = 0
return True
print("Procedure ffbo.gfx.loadSimResults Registered...")
@FFBOLABClient.register('ffbo.gfx.createDiagram')
def create_diagram(diagram):
self.log.info("create_diagram() called with {x}", x=diagram)
output = diagram_generator(json.loads(diagram), self.log)
return json.dumps(output)
print("Procedure ffbo.gfx.createDiagram Registered...")
@FFBOLABClient.register('ffbo.gfx.sendSVG')
def send_svg(X):
self.log.info("send_svg() called with {x}", x=X)
X = json.loads(X)
name = X['name']
G = X['svg']
with open(_FFBOLabDataPath + name + '_visual.svg', "w") as file:
file.write(G)
output = {}
output['success'] = True
self.log.info("send_svg() responded with {x}", x=output)
return json.dumps(output)
print("Procedure ffbo.gfx.sendSVG Registered...")
@FFBOLABClient.register('ffbo.gfx.sendCircuit')
def send_circuit(X):
name = X['name']
G = binascii.unhexlify(X['graph'].encode())
with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'),
"wb") as file:
file.write(G)
G = nx.read_gexf(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'))
nx.write_gexf(G, os.path.join(_FFBOLabDataPath, name + '.gexf'))
return True
print("Procedure ffbo.gfx.sendCircuit Registered...")
@FFBOLABClient.register('ffbo.gfx.getCircuit')
def get_circuit(X):
name = X
with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'),
'rb') as file:
data = file.read()
a = {}
a['data'] = binascii.hexlify(data).decode()
a['name'] = name
return a
print("Procedure ffbo.gfx.getCircuit Registered...")
@FFBOLABClient.register('ffbo.gfx.getExperiment')
def get_experiment(X):
name = X
with open(os.path.join(_FFBOLabDataPath, name + '.json'),
"r") as file:
experimentInputsJson = file.read()
experimentInputsJson = json.loads(experimentInputsJson)
a = {}
a['data'] = experimentInputsJson
a['name'] = name
return a
print("Procedure ffbo.gfx.getExperiment Registered...")
@FFBOLABClient.register('ffbo.gfx.getSVG')
def get_svg(X):
name = X
with open(os.path.join(_FFBOLabDataPath, name + '.svg'),
"rb") as file:
data = file.read()
#experimentInputsJson = json.loads(experimentInputsJson)
a = {}
a['data'] = binascii.hexlify(data).decode()
a['name'] = name
return a
print("Procedure ffbo.gfx.getSVG Registered...")
@FFBOLABClient.register('ffbo.gfx.sendExperiment')
def send_experiment(X):
print(printHeader('FFBOLab Client GFX') + "sendExperiment called.")
#X = json.loads(X)
name = X['name']
data = json.dumps(X['experiment'])
with open(os.path.join(_FFBOLabDataPath, name + '.json'),
"w") as file:
file.write(data)
output = {}
output['success'] = True
print(
printHeader('FFBOLab Client GFX') +
"Experiment save successful.")
return True
print("Procedure ffbo.gfx.ffbolab.sendExperiment Registered...")
@FFBOLABClient.register('ffbo.gfx.queryDB')
def query_db(message):
output = json.loads(message)
self.log.info("query_db() called with {x}", x=output)
return output
print("Procedure ffbo.gfx.queryDB Registered...")
@FFBOLABClient.register('ffbo.gfx.NKSim')
def NK_sim(message):
output = json.loads(message)
self.log.info("NK_sim() called with {x}", x=output)
self.NK_sim_state = 1
return output
print("Procedure ffbo.gfx.NKSim Registered...")
@FFBOLABClient.register('ffbo.gfx.loadNeurogist')
def load_neurogist(message):
pass
output = client.command(message)
self.log.info(str(len(output)))
#self.log.info(str((output[0].value)))
self.log.info(str(json.dumps((output[0].oRecordData))))
all_out = ""
queries = []
for i in output:
if "tags" in i.oRecordData:
b = json.dumps(i.oRecordData)
queries.append(i.oRecordData)
self.log.info("load_neurogist() was called: returns {x}",
x=b)
all_out = all_out + "\n" + str(b)
return json.dumps(queries, indent=2)
print("Procedure ffbo.gfx.loadNeurogist Registered...")
@FFBOLABClient.register('ffbo.gfx.loadNeurobeholder')
def load_neurobeholder(message):
output = client.command(message)
self.log.info(str(len(output)))
#self.log.info(str((output[0].value)))
self.log.info(str(json.dumps((output[0].oRecordData))))
all_out = ""
queries = []
for i in output:
if "tags" not in i.oRecordData:
b = json.dumps(i.oRecordData)
queries.append(i.oRecordData)
self.log.info(
"load_neurobeholder() was called: returns {x}", x=b)
all_out = all_out + "\n" + str(b)
return json.dumps(queries, indent=2)
print("Procedure ffbo.gfx.loadNeurobeholder Registered...")
@FFBOLABClient.register('ffbo.gfx.loadNeuroscepter')
def load_neurospecter(message):
output = json.loads(message)
self.log.info("load_neurospecter() called with {x}", x=output)
return output
print("Procedure ffbo.gfx.loadNeuroscepter Registered...")
res = FFBOLABClient.session.call(u'ffbo.processor.server_information')
for i in res['na']:
if 'na' in res['na'][i]['name']:
print('Found working NA Server: ' + res['na'][i]['name'])
self.naServerID = i
for i in res['nlp']:
self.nlpServerID = i
def __init__(self,
ssl=True,
debug=True,
authentication=True,
user=u"ffbo",
secret=u"",
url=u'wss://neuronlp.fruitflybrain.org:7777/ws',
realm=u'realm1',
ca_cert_file='isrgrootx1.pem',
intermediate_cert_file='letsencryptauthorityx3.pem',
FFBOLabcomm=None):
if os.path.exists(os.path.join(home, '.ffbolab', 'lib')):
print(
printHeader('FFBOLab Client') +
"Downloading the latest certificates.")
# CertificateDownloader = urllib.URLopener()
if not os.path.exists(os.path.join(home, '.ffbolab', 'lib')):
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini",
os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini'))
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem",
os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem'))
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem",
os.path.join(home, '.ffbolab', 'lib',
'intermediateCertFile.pem'))
config_file = os.path.join(home, '.ffbolab', 'config',
'FBLClient.ini')
ca_cert_file = os.path.join(home, '.ffbolab', 'lib',
'caCertFile.pem')
intermediate_cert_file = os.path.join(home, '.ffbolab', 'lib',
'intermediateCertFile.pem')
config = ConfigParser()
config.read(config_file)
# user = config["ComponentInfo"]["user"]
# secret = config["ComponentInfo"]["secret"]
# url = config["ComponentInfo"]["url"]
self.FFBOLabcomm = FFBOLabcomm
self.NKSimState = 0
self.executionSettings = []
extra = {'auth': authentication}
self.lmsg = 0
st_cert = open(ca_cert_file, 'rt').read()
c = OpenSSL.crypto
ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
st_cert = open(intermediate_cert_file, 'rt').read()
intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert])
ssl_con = CertificateOptions(trustRoot=certs)
FFBOLABClient = AutobahnSync()
self.client = FFBOLABClient
@FFBOLABClient.on_challenge
def on_challenge(challenge):
if challenge.method == u"wampcra":
print("WAMP-CRA challenge received: {}".format(challenge))
if u'salt' in challenge.extra:
# salted secret
salted_key = auth.derive_key(secret,
challenge.extra['salt'],
challenge.extra['iterations'],
challenge.extra['keylen'])
salted_key = (salted_key).decode('utf-8')
print(salted_key)
#if user==u'ffbo':
# plain, unsalted secret
# salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE="
#print(salted_key)
# compute signature for challenge, using the key
signature = auth.compute_wcs(salted_key,
challenge.extra['challenge'])
# return the signature to the router for verification
return signature
else:
raise Exception("Invalid authmethod {}".format(
challenge.method))
FFBOLABClient.run(url=url,
authmethods=[u'wampcra'],
authid=user,
ssl=ssl_con)
self.client_data = []
self.data = []
self.launch_queue = []
@FFBOLABClient.register('ffbo.nk.launch.' +
str(FFBOLABClient._async_session._session_id))
def nk_launch_progressive(task, details=None):
# print(task['user'])
user_id = str(task['user'])
self.launch_queue.append((user_id, task))
def mock_result():
result = {u'ydomain': 1, u'xdomain': 1, u'dt': 10, u'data': {}}
"""
res = {u'ydomain': 1,
u'xdomain': 1,
u'dt': 10,
u'data': {}}
print(task['forward'])
res_to_processor = yield self.call(six.u(task['forward']), res)
"""
return result, result
res = mock_result()
return res
# res = server.launch(user_id, task)
# returnValue(res)
print("Procedure nk_launch_progressive Registered...")
res = FFBOLABClient.session.call(
u'ffbo.server.register', FFBOLABClient._async_session._session_id,
'nk', 'nk_server')
print("Registered self...")
def main(reactor):
# Because we're using a self-signed certificate, we need to tell Twisted
# that it is OK to trust it.
cert_fname = (".crossbar/server_cert.pem")
cert = crypto.load_certificate(crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read()))
opt = ssl.CertificateOptions(\
trustRoot=OpenSSLCertificateAuthorities([cert]))
# Set up our sisock component.
component = Component(
transports=[{
u"type": u"websocket",
u"url": sisock.base.WAMP_URI,
u"endpoint": {
u"type": u"tcp",
u"host": sisock.base.SISOCK_HOST,
u"port": sisock.base.SISOCK_PORT,
u"tls": opt
}
}],
authentication={
u"wampcra": {
u"authid": u"simonsobs",
u"secret": u"yW4V2T^bPD&rGFwy"
}
},
realm=sisock.base.REALM,
)
# Create our klein webserver, and then our datasource (which also connects
# our component to the WAMP server).
app = Klein()
GrafanaSisockDatasrc(app, component)
# Have our webserver listen for Grafana requests.
# TODO: use SSL and authentication.
site = Site(app.resource())
#server_ep = SSL4ServerEndpoint(reactor, klein_port, opt)
server_ep = TCP4ServerEndpoint(reactor, klein_port)
port = yield server_ep.listen(site)
print("Web application on {}".format(port))
# We don't *have* to hand over control of the reactor to
# component.run -- if we don't want to, we call .start()
# The Deferred it returns fires when the component is "completed"
# (or errbacks on any problems).
comp_d = component.start(reactor)
# When not using run() we also must start logging ourselves.
txaio.start_logging(level=environ.get("LOGLEVEL", "info"))
# If the Component raises an exception we want to exit. Note that
# things like failing to connect will be swallowed by the
# re-connection mechanisms already so won't reach here.
def _failed(f):
print("Component failed: {}".format(f))
done.errback(f)
comp_d.addErrback(_failed)
# Wait forever (unless the Component raises an error).
done = Deferred()
yield done
def __init__(self,
ssl=True,
debug=True,
authentication=True,
user='******',
secret='guestpass',
url=u'wss://neuronlp.fruitflybrain.org:7777/ws',
realm=u'realm1',
ca_cert_file='isrgrootx1.pem',
intermediate_cert_file='letsencryptauthorityx3.pem',
FFBOLabcomm=None):
"""Initialization function for the ffbolabClient class.
Args:
ssl (bool): Whether the FFBO server uses SSL.
debug (bool) : Whether debugging should be enabled.
authentication (bool): Whether authentication is enabled.
user (str): Username for establishing communication with FFBO components.
secret (str): Password for establishing communication with FFBO components.
url (str): URL of the WAMP server with the FFBO Processor component.
realm (str): Realm to be connected to.
ca_cert_file (str): Path to the certificate for establishing connection.
intermediate_cert_file (str): Path to the intermediate certificate for establishing connection.
FFBOLabcomm (obj) Communications object for the frontend.
"""
self.FFBOLabcomm = FFBOLabcomm # Current Communications Object
self.C = None # The Neuroballd Circuit object describing the loaded neural circuit
self.dataPath = _FFBOLabDataPath
extra = {'auth': authentication}
self.lmsg = 0
self.experimentInputs = [] # List of current experiment inputs
self.compiled = False # Whether the current circuit has been compiled into a NetworkX Graph
self.sendDataToGFX = True # Shall we send the received simulation data to GFX Component?
self.executionSuccessful = False # Used to wait for data loading
self.experimentQueue = [] # A queue for experiments
self.simData = {
} # Locally loaded simulation data obtained from server
self.clientData = [] # Servers list
self.data = [
] # A buffer for data from backend; used in multiple functions so needed
st_cert = open(ca_cert_file, 'rt').read()
c = OpenSSL.crypto
ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
st_cert = open(intermediate_cert_file, 'rt').read()
intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert])
ssl_con = CertificateOptions(trustRoot=certs)
FFBOLABClient = AutobahnSync()
@FFBOLABClient.on_challenge
def on_challenge(challenge):
"""The On Challenge function that computes the user signature for verification.
Args:
challenge (obj): The challenge object received.
Returns:
str: The signature sent to the router for verification.
"""
print(printHeader('FFBOLab Client') + 'Initiating authentication.')
if challenge.method == u"wampcra":
print(
printHeader('FFBOLab Client') +
"WAMP-CRA challenge received: {}".format(challenge))
print(challenge.extra['salt'])
if u'salt' in challenge.extra:
# Salted secret
print(printHeader('FFBOLab Client') + 'Deriving key...')
salted_key = auth.derive_key(secret,
challenge.extra['salt'],
challenge.extra['iterations'],
challenge.extra['keylen'])
print(salted_key.decode('utf-8'))
if user == 'guest':
# A plain, unsalted secret for the guest account
salted_key = u"C5/c598Gme4oALjmdhVC2H25OQPK0M2/tu8yrHpyghA="
# compute signature for challenge, using the key
signature = auth.compute_wcs(salted_key,
challenge.extra['challenge'])
# return the signature to the router for verification
return signature
else:
raise Exception("Invalid authmethod {}".format(
challenge.method))
FFBOLABClient.run(
url=url, authmethods=[u'wampcra'], authid='guest',
ssl=ssl_con) # Initialize the communication right now!
@FFBOLABClient.subscribe('ffbo.server.update.' +
str(FFBOLABClient._async_session._session_id))
def updateServers(data):
"""Updates available servers.
Args:
data (obj): Obtained servers list.
"""
self.clientData.append(data)
print("Updated the Servers")
print("Subscribed to topic 'ffbo.server.update'")
@FFBOLABClient.register('ffbo.ui.receive_cmd.' +
str(FFBOLABClient._async_session._session_id))
def receiveCommand(data):
"""The Receive Command function that receives commands and sends them to the frontend.
Args:
data (dict): Data to be sent to the frontend
Returns:
bool: Whether the data has been received.
"""
self.clientData.append('Received Command')
a = {}
a['data'] = data
a['messageType'] = 'Command'
a['widget'] = 'NLP'
self.data.append(a)
print(printHeader('FFBOLab Client NLP') + "Received a command.")
self.tryComms(a)
return True
print(
printHeader('FFBOLab Client') +
"Procedure ffbo.ui.receive_cmd Registered...")
@FFBOLABClient.register('ffbo.ui.receive_gfx.' +
str(FFBOLABClient._async_session._session_id))
def receiveGFX(data):
"""The Receive GFX function that receives commands and sends them to the GFX frontend.
Args:
data (dict): Data to be sent to the frontend.
Returns:
bool: Whether the data has been received.
"""
self.clientData.append('Received GFX Data')
self.data.append(data)
print(
printHeader('FFBOLab Client GFX') +
"Received a message for GFX.")
if self.sendDataToGFX == True:
self.tryComms(data)
else:
if 'messageType' in data.keys():
if data['messageType'] == 'showServerMessage':
print(
printHeader('FFBOLab Client GFX') +
"Execution successful for GFX.")
if len(self.experimentQueue) > 0:
print(
printHeader('FFBOLab Client GFX') +
"Next execution now underway. Remaining simulations: "
+ str(len(self.experimentQueue)))
a = self.experimentQueue.pop(0)
res = self.client.session.call(
'ffbo.gfx.sendExperiment', a)
res = self.client.session.call(
'ffbo.gfx.startExecution', {'name': a['name']})
else:
self.executionSuccessful = True
self.parseSimResults()
print(
printHeader('FFBOLab Client GFX') +
"GFX results successfully parsed.")
return True
print(
printHeader('FFBOLab Client') +
"Procedure ffbo.ui.receive_gfx Registered...")
@FFBOLABClient.register('ffbo.ui.get_circuit.' +
str(FFBOLABClient._async_session._session_id))
def get_circuit(X):
"""Obtain a circuit and save it to the local FFBOLab folder.
Args:
X (str): Name of the circuit.
Returns:
bool: Whether the process has been successful.
"""
name = X['name']
G = binascii.unhexlify(X['graph'].encode())
with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'),
"wb") as file:
file.write(G)
return True
print("Procedure ffbo.ui.get_circuit Registered...")
@FFBOLABClient.register('ffbo.ui.get_experiment' +
str(FFBOLABClient._async_session._session_id))
def get_experiment(X):
"""Obtain an experiment and save it to the local FFBOLab folder.
Args:
X (str): Name of the experiment.
Returns:
bool: Whether the process has been successful.
"""
print(printHeader('FFBOLab Client GFX') + "get_experiment called.")
name = X['name']
data = json.dumps(X['experiment'])
with open(os.path.join(_FFBOLabDataPath, name + '.json'),
"w") as file:
file.write(data)
output = {}
output['success'] = True
print(
printHeader('FFBOLab Client GFX') +
"Experiment save successful.")
return True
print("Procedure ffbo.ui.get_experiment Registered...")
@FFBOLABClient.register('ffbo.ui.receive_data.' +
str(FFBOLABClient._async_session._session_id))
def receiveData(data):
"""The Receive Data function that receives commands and sends them to the NLP frontend.
Args:
data (dict): Data from the backend.
Returns:
bool: Whether the process has been successful.
"""
self.clientData.append('Received Data')
a = {}
a['data'] = data
a['messageType'] = 'Data'
a['widget'] = 'NLP'
self.data.append(a)
print(printHeader('FFBOLab Client NLP') + "Received data.")
self.tryComms(a)
return True
print(
printHeader('FFBOLab Client') +
"Procedure ffbo.ui.receive_data Registered...")
@FFBOLABClient.register('ffbo.ui.receive_msg.' +
str(FFBOLABClient._async_session._session_id))
def receiveMessage(data):
"""The Receive Message function that receives commands and sends them to the NLP frontend.
Args:
data (dict): Data from the backend.
Returns:
bool: Whether the process has been successful.
"""
self.clientData.append('Received Message')
a = {}
a['data'] = data
a['messageType'] = 'Message'
a['widget'] = 'NLP'
self.data.append(a)
print(printHeader('FFBOLab Client NLP') + "Received a message.")
self.tryComms(a)
return True
print(
printHeader('FFBOLab Client') +
"Procedure ffbo.ui.receive_msg Registered...")
self.client = FFBOLABClient # Set current client to the FFBOLAB Client
self.findServerIDs() # Get current server IDs
def __init__(
self,
ssl=True,
debug=True,
authentication=True,
user=u"ffbo",
secret=u"",
url=u"wss://neuronlp.fruitflybrain.org:7777/ws",
realm=u"realm1",
ca_cert_file="isrgrootx1.pem",
intermediate_cert_file="letsencryptauthorityx3.pem",
FFBOLabcomm=None,
FBLcomm=None,
server_name='nk',
):
if FBLcomm is None and FFBOLabcomm is not None:
FBLcomm = FFBOLabcomm
if os.path.exists(os.path.join(home, ".ffbo", "lib")):
print(
printHeader("FBL Client") +
"Downloading the latest certificates.")
# CertificateDownloader = urllib.URLopener()
if not os.path.exists(os.path.join(home, ".ffbo", "lib")):
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini",
os.path.join(home, ".ffbo", "config", "FBLClient.ini"),
)
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem",
os.path.join(home, ".ffbo", "lib", "caCertFile.pem"),
)
urlRetriever(
"https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem",
os.path.join(home, ".ffbo", "lib", "intermediateCertFile.pem"),
)
config_file = os.path.join(home, ".ffbo", "config",
"FBLClient.ini")
ca_cert_file = os.path.join(home, ".ffbo", "lib", "caCertFile.pem")
intermediate_cert_file = os.path.join(home, ".ffbo", "lib",
"intermediateCertFile.pem")
config = ConfigParser()
config.read(config_file)
# user = config["ComponentInfo"]["user"]
# secret = config["ComponentInfo"]["secret"]
# url = config["ComponentInfo"]["url"]
self.FBLcomm = FBLcomm
self.NKSimState = 0
self.executionSettings = []
extra = {"auth": authentication}
self.lmsg = 0
st_cert = open(ca_cert_file, "rt").read()
c = OpenSSL.crypto
ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
st_cert = open(intermediate_cert_file, "rt").read()
intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert)
certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert])
ssl_con = CertificateOptions(trustRoot=certs)
FBLClient = AutobahnSync()
self.client = FBLClient
@FBLClient.on_challenge
def on_challenge(challenge):
if challenge.method == u"wampcra":
print("WAMP-CRA challenge received: {}".format(challenge))
if u"salt" in challenge.extra:
# salted secret
salted_key = auth.derive_key(secret,
challenge.extra['salt'],
challenge.extra['iterations'],
challenge.extra['keylen'])
salted_key = (salted_key).decode('utf-8')
#if user==u'ffbo':
# plain, unsalted secret
# salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE="
# print(salted_key)
# compute signature for challenge, using the key
signature = auth.compute_wcs(salted_key,
challenge.extra["challenge"])
# return the signature to the router for verification
return signature
else:
raise Exception("Invalid authmethod {}".format(
challenge.method))
if ssl:
FBLClient.run(url=url,
authmethods=[u'wampcra'],
authid=user,
ssl=ssl_con)
else:
FBLClient.run(url=url, authmethods=[u'wampcra'], authid=user)
setProtocolOptions(FBLClient._async_session._transport,
maxFramePayloadSize=0,
maxMessagePayloadSize=0,
autoFragmentSize=65536)
self.client_data = []
self.data = []
self.launch_queue = []
@FBLClient.register("ffbo.nk.launch." +
str(FBLClient._async_session._session_id))
def nk_launch_progressive(task, details=None):
# print(task['user'])
user_id = str(task["user"])
self.launch_queue.append((user_id, task))
def mock_result():
result = {u"ydomain": 1, u"xdomain": 1, u"dt": 10, u"data": {}}
"""
res = {u'ydomain': 1,
u'xdomain': 1,
u'dt': 10,
u'data': {}}
print(task['forward'])
res_to_processor = yield self.call(six.u(task['forward']), res)
"""
return result, result
res = mock_result()
return res
# res = server.launch(user_id, task)
# returnValue(res)
print("Procedure nk_launch_progressive Registered...")
res = FBLClient.session.call(
u"ffbo.server.register",
FBLClient._async_session._session_id,
"nk",
{
"name": server_name,
"version": 1.05
},
)
print("Registered self...")
def create_connecting_endpoint_from_config(config, cbdir, reactor):
"""
Create a Twisted stream client endpoint from a Crossbar.io transport configuration.
See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamClientEndpoint.html
:param config: The transport configuration.
:type config: dict
:param cbdir: Crossbar.io node directory (we need this for Unix domain socket paths and TLS key/certificates).
:type cbdir: str
:param reactor: The reactor to use for endpoint creation.
:type reactor: obj
:returns obj -- An instance implementing IStreamClientEndpoint
"""
endpoint = None
log = make_logger()
# a TCP endpoint
#
if config['type'] == 'tcp':
# the TCP protocol version (v4 or v6)
#
version = int(config.get('version', 4))
# the host to connect to
#
host = str(config['host'])
# the port to connect to
#
port = int(config['port'])
# connection timeout in seconds
#
timeout = int(config.get('timeout', 10))
if 'tls' in config:
if _HAS_TLS:
# if the config specified any CA certificates, we use those (only!)
if 'ca_certificates' in config['tls']:
ca_certs = []
for cert_fname in config['tls']['ca_certificates']:
cert = crypto.load_certificate(
crypto.FILETYPE_PEM,
six.u(open(cert_fname, 'r').read()))
log.info("Loaded CA certificate '{fname}'",
fname=cert_fname)
ca_certs.append(cert)
client_cert = None
if 'key' in config['tls']:
with open(config['tls']['certificate'], 'r') as f:
cert = Certificate.loadPEM(f.read(), )
log.info(
"{fname}: CN={subj.CN}, sha={sha}",
fname=config['tls']['certificate'],
subj=cert.getSubject(),
sha=cert.digest('sha'),
)
with open(config['tls']['key'], 'r') as f:
private_key = KeyPair.load(
f.read(),
format=crypto.FILETYPE_PEM,
)
log.info(
"{fname}: {key}",
fname=config['tls']['key'],
key=private_key.inspect(),
)
client_cert = PrivateCertificate.fromCertificateAndKeyPair(
cert, private_key)
# XXX OpenSSLCertificateAuthorities is a "private"
# class, in _sslverify, so we shouldn't really be
# using it. However, while you can pass a single
# Certificate as trustRoot= there's no way to pass
# multiple ones.
# XXX ...but maybe the config should only allow
# the user to configure a single cert to trust
# here anyway?
options = optionsForClientTLS(
config['tls']['hostname'],
trustRoot=OpenSSLCertificateAuthorities(ca_certs),
clientCertificate=client_cert,
)
else:
options = optionsForClientTLS(config['tls']['hostname'])
# create a TLS client endpoint
#
if version == 4:
endpoint = SSL4ClientEndpoint(
reactor,
host,
port,
options,
timeout=timeout,
)
elif version == 6:
raise Exception("TLS on IPv6 not implemented")
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
else:
raise Exception(
"TLS transport requested, but TLS packages not available:\n{}"
.format(_LACKS_TLS_MSG))
else:
# create a non-TLS client endpoint
#
if version == 4:
endpoint = TCP4ClientEndpoint(reactor,
host,
port,
timeout=timeout)
elif version == 6:
endpoint = TCP6ClientEndpoint(reactor,
host,
port,
timeout=timeout)
else:
raise Exception(
"invalid TCP protocol version {}".format(version))
# a Unix Domain Socket endpoint
#
elif config['type'] == 'unix':
# the path
#
path = abspath(join(cbdir, config['path']))
# connection timeout in seconds
#
timeout = int(config.get('timeout', 10))
# create the endpoint
#
endpoint = UNIXClientEndpoint(reactor, path, timeout=timeout)
else:
raise Exception("invalid endpoint type '{}'".format(config['type']))
return endpoint