def create_session(self):
"""
send a CreateSessionRequest to server with reasonable parameters.
If you want o modify settings look at code of this methods
and make your own
"""
desc = ua.ApplicationDescription()
desc.ApplicationUri = self.application_uri
desc.ProductUri = self.product_uri
desc.ApplicationName = ua.LocalizedText(self.name)
desc.ApplicationType = ua.ApplicationType.Client
params = ua.CreateSessionParameters()
# at least 32 random bytes for server to prove possession of private key (specs part 4, 5.6.2.2)
nonce = utils.create_nonce(32)
params.ClientNonce = nonce
params.ClientCertificate = self.security_policy.client_certificate
params.ClientDescription = desc
params.EndpointUrl = self.server_url.geturl()
params.SessionName = self.description + " Session" + str(
self._session_counter)
params.RequestedSessionTimeout = self.session_timeout
params.MaxResponseMessageSize = 0 # means no max size
response = self.uaclient.create_session(params)
if self.security_policy.client_certificate is None:
data = nonce
else:
data = self.security_policy.client_certificate + nonce
self.security_policy.asymmetric_cryptography.verify(
data, response.ServerSignature.Signature)
self._server_nonce = response.ServerNonce
if not self.security_policy.server_certificate:
self.security_policy.server_certificate = response.ServerCertificate
elif self.security_policy.server_certificate != response.ServerCertificate:
raise ua.UaError("Server certificate mismatch")
# remember PolicyId's: we will use them in activate_session()
ep = Client.find_endpoint(response.ServerEndpoints,
self.security_policy.Mode,
self.security_policy.URI)
self._policy_ids = ep.UserIdentityTokens
if self.session_timeout != response.RevisedSessionTimeout:
_logger.warning(
"Requested session timeout to be %dms, got %dms instead",
self.secure_channel_timeout, response.RevisedSessionTimeout)
self.session_timeout = response.RevisedSessionTimeout
self.keepalive = KeepAlive(
self,
min(self.session_timeout, self.secure_channel_timeout) *
0.7) # 0.7 is from spec
self.keepalive.start()
return response
def create_session(self):
desc = ua.ApplicationDescription()
desc.ApplicationUri = self.application_uri
desc.ProductUri = self.product_uri
desc.ApplicationName = ua.LocalizedText(self.name)
desc.ApplicationType = ua.ApplicationType.Client
params = ua.CreateSessionParameters()
nonce = utils.create_nonce(
32
) # at least 32 random bytes for server to prove possession of private key (specs part 4, 5.6.2.2)
params.ClientNonce = nonce
params.ClientCertificate = self.security_policy.client_certificate
params.ClientDescription = desc
params.EndpointUrl = self.server_url.geturl()
params.SessionName = self.description + " Session" + str(
self._session_counter)
params.RequestedSessionTimeout = 3600000
params.MaxResponseMessageSize = 0 # means no max size
response = self.bclient.create_session(params)
self.security_policy.asymmetric_cryptography.verify(
self.security_policy.client_certificate + nonce,
response.ServerSignature.Signature)
self._server_nonce = response.ServerNonce
if not self.security_policy.server_certificate:
self.security_policy.server_certificate = response.ServerCertificate
elif self.security_policy.server_certificate != response.ServerCertificate:
raise Exception("Server certificate mismatch")
# remember PolicyId's: we will use them in activate_session()
ep = Client.find_endpoint(response.ServerEndpoints,
self.security_policy.Mode,
self.security_policy.URI)
self._policy_ids = ep.UserIdentityTokens
self.session_timeout = response.RevisedSessionTimeout
self.keepalive = KeepAlive(
self,
min(self.session_timeout, self.secure_channel_timeout) *
0.7) # 0.7 is from spec
self.keepalive.start()
return response
