async def srv_crypto_one_cert(request):
cert_user_manager = CertificateUserManager()
admin_peer_certificate = admin_peer_creds["certificate"]
user_peer_certificate = user_peer_creds["certificate"]
anonymous_peer_certificate = anonymous_peer_creds["certificate"]
key, cert = request.param
await cert_user_manager.add_admin(admin_peer_certificate, name='Admin')
await cert_user_manager.add_user(user_peer_certificate, name='User')
await cert_user_manager.add_role(anonymous_peer_certificate, name='Anonymous', user_role=UserRole.Anonymous)
srv = Server(user_manager=cert_user_manager)
srv.set_endpoint(uri_crypto_cert)
srv.set_security_policy([ua.SecurityPolicyType.Basic256Sha256_SignAndEncrypt],
permission_ruleset=SimpleRoleRuleset())
await srv.init()
await srv.load_certificate(cert)
await srv.load_private_key(key)
idx = 0
myobj = await srv.nodes.objects.add_object(idx, "MyObject")
myvar = await myobj.add_variable(idx, "MyVariable", 0.0)
await myvar.set_writable() # Set MyVariable to be writable by clients
await srv.start()
yield srv
# stop the server
await srv.stop()
async def main():
cert_user_manager = CertificateUserManager()
await cert_user_manager.add_user(
"certificates/peer-certificate-example-1.der", name='test_user')
server = Server(user_manager=cert_user_manager)
await server.init()
server.set_endpoint("opc.tcp://0.0.0.0:4840/freeopcua/server/")
server.set_security_policy(
[ua.SecurityPolicyType.Basic256Sha256_SignAndEncrypt],
permission_ruleset=SimpleRoleRuleset())
# load server certificate and private key. This enables endpoints
# with signing and encryption.
await server.load_certificate("certificate-example.der")
await server.load_private_key("private-key-example.pem")
idx = 0
# populating our address space
myobj = await server.nodes.objects.add_object(idx, "MyObject")
myvar = await myobj.add_variable(idx, "MyVariable", 0.0)
await myvar.set_writable() # Set MyVariable to be writable by clients
# starting!
async with server:
while True:
await asyncio.sleep(1)
current_val = await myvar.get_value()
count = current_val + 0.1
await myvar.write_value(count)
async def server_with_certificates(server_url,
server_certificate_path,
server_private_key_path,
certificates=None,
test=False):
"""
:param server_url:
:type server_url: str
:param server_certificate_path:
:type server_certificate_path: str
:param server_private_key_path:
:type server_private_key_path: str
:param certificates:
:type certificates: list
:return:
"""
# setup our serverclone_and_subscribe(client_node, server_node, sub_handler)
certificate_handler = CertificateUserManager()
if certificates is not None and test is not True:
for role_add in certificates:
certificate_path = role_add['certificate_path']
name = role_add['name']
role = role_add['role']
if role == 'admin':
await certificate_handler.add_admin(
certificate_path=certificate_path, name=name)
elif role == 'user':
await certificate_handler.add_user(
certificate_path=certificate_path, name=name)
else:
raise NotImplementedError
server = Server(user_manager=certificate_handler)
else:
server = Server()
await server.init()
server.set_endpoint(server_url)
security_policies = []
permission_ruleset = SimpleRoleRuleset()
if certificates is not None:
security_policies.append(
ua.SecurityPolicyType.Basic256Sha256_SignAndEncrypt)
if certificates is None or test:
security_policies.append(ua.SecurityPolicyType.NoSecurity)
server.set_security_policy(security_policies,
permission_ruleset=permission_ruleset)
if server_certificate_path:
await server.load_certificate(server_certificate_path)
await server.load_private_key(server_private_key_path)
return server, certificate_handler
async def srv_crypto_one_cert(request):
peer_certificate = peer_creds["certificate"]
user_manager = CertificateUserManager()
key, cert = request.param
await user_manager.add_admin(peer_certificate, 'test1')
srv = Server(user_manager=user_manager)
await srv.init()
srv.set_endpoint(uri_crypto_cert)
srv.set_security_policy([ua.SecurityPolicyType.Basic256Sha256_SignAndEncrypt])
await srv.load_certificate(cert)
await srv.load_private_key(key)
await srv.start()
yield srv, cert
# stop the server
await srv.stop()