def test_get_dps_conn_string(self, mocker, dpscount, targetdps, policy_name, rg_name, exp_success, why): def _build_dps(dps, name, rg=None): dps.name = name dps.properties.service_operations_host_name = "{}.{}".format( name, dps_suffix) dps.resourcegroup = rg client.config.subscription_id = mock_target['subscription'] return dps def _build_policy(policy, name): policy.key_name = name policy.primary_key = mock_target['primarykey'] policy.secondary_key = mock_target['secondarykey'] return policy client = mocker.MagicMock(name='dpsclient') dps_list = [] for i in range(0, dpscount): dps_list.append( _build_dps(mocker.MagicMock(), "dps{}".format(i), rg_name)) client.list_by_subscription.return_value = dps_list if why == "dps": client.iot_dps_resource.get.side_effect = ValueError else: client.iot_dps_resource.get.return_value = _build_dps( mocker.MagicMock(), targetdps, rg_name) if why == "policy": client.iot_dps_resource.list_keys_for_key_name.side_effect = ValueError else: client.iot_dps_resource.list_keys_for_key_name.return_value = _build_policy( mocker.MagicMock(), policy_name) from azext_iot.common.azure import get_iot_dps_connection_string if exp_success: result = get_iot_dps_connection_string(client, targetdps, rg_name, policy_name) expecting_dps = "{}.{}".format(targetdps, dps_suffix) assert result['entity'] == expecting_dps assert result['policy'] == policy_name assert result['subscription'] == mock_target['subscription'] assert result[ 'cs'] == "HostName={};SharedAccessKeyName={};SharedAccessKey={}".format( expecting_dps, policy_name, mock_target['primarykey']) client.iot_dps_resource.get.assert_called_with(targetdps, rg_name) client.iot_dps_resource.list_keys_for_key_name.assert_called_with( targetdps, policy_name, rg_name) else: with pytest.raises(CLIError): get_iot_dps_connection_string(client, targetdps, rg_name, policy_name)
def iot_dps_device_enrollment_get(client, enrollment_id, dps_name, resource_group_name): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) return m_sdk.device_enrollment.get(enrollment_id) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_registration_delete(client, dps_name, resource_group_name, registration_id): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) return m_sdk.registration_status.delete_registration_state( registration_id) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_device_enrollment_list(client, dps_name, resource_group_name, top=None): from azext_iot.dps_sdk.models.query_specification import QuerySpecification target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) query_command = "SELECT *" query = QuerySpecification(query_command) return execute_query(query, m_sdk.device_enrollment.query, errors, top) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_device_enrollment_group_create(client, enrollment_id, dps_name, resource_group_name, certificate_path=None, secondary_certificate_path=None, root_ca_name=None, secondary_root_ca_name=None, iot_hub_host_name=None, initial_twin_tags=None, initial_twin_properties=None, provisioning_status=None): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) if not certificate_path and not secondary_certificate_path: if not root_ca_name and not secondary_root_ca_name: raise CLIError('Please provide at least one certificate') if certificate_path or secondary_certificate_path: if root_ca_name or secondary_root_ca_name: raise CLIError( 'Please provide either certificate path or certficate name' ) attestation = _get_attestation_with_x509_signing_cert( certificate_path, secondary_certificate_path) if root_ca_name or secondary_root_ca_name: if certificate_path or secondary_certificate_path: raise CLIError( 'Please provide either certificate path or certficate name' ) attestation = _get_attestation_with_x509_ca_cert( root_ca_name, secondary_root_ca_name) initial_twin = _get_initial_twin(initial_twin_tags, initial_twin_properties) group_enrollment = EnrollmentGroup(enrollment_id, attestation, iot_hub_host_name, initial_twin, None, provisioning_status) return m_sdk.device_enrollment_group.create_or_update( enrollment_id, group_enrollment) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_device_enrollment_create(client, enrollment_id, attestation_type, dps_name, resource_group_name, endorsement_key=None, certificate_path=None, secondary_certificate_path=None, device_id=None, iot_hub_host_name=None, initial_twin_tags=None, initial_twin_properties=None, provisioning_status=None): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) if attestation_type == AttestationType.tpm.value: if not endorsement_key: raise CLIError('Endorsement key is requried') tpm = TpmAttestation(endorsement_key) attestation = AttestationMechanism(AttestationType.tpm.value, tpm) if attestation_type == AttestationType.x509.value: attestation = _get_attestation_with_x509_client_cert( certificate_path, secondary_certificate_path) initial_twin = _get_initial_twin(initial_twin_tags, initial_twin_properties) enrollment = IndividualEnrollment(enrollment_id, attestation, device_id, None, iot_hub_host_name, initial_twin, None, provisioning_status) return m_sdk.device_enrollment.create_or_update( enrollment_id, enrollment) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_device_enrollment_group_update(client, enrollment_id, dps_name, resource_group_name, etag=None, certificate_path=None, secondary_certificate_path=None, root_ca_name=None, secondary_root_ca_name=None, remove_certificate=None, remove_secondary_certificate=None, iot_hub_host_name=None, initial_twin_tags=None, initial_twin_properties=None, provisioning_status=None): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) enrollment_record = m_sdk.device_enrollment_group.get(enrollment_id) # Verify etag if etag and 'etag' in enrollment_record and etag != enrollment_record[ 'etag'].replace('"', ''): raise LookupError("enrollment etag doesn't match.") if not etag: etag = enrollment_record['etag'].replace('"', '') # Update enrollment information if not certificate_path and not secondary_certificate_path: if not root_ca_name and not secondary_root_ca_name: # Check if certificate can be safely removed while no new certificate has been provided if remove_certificate and remove_secondary_certificate: raise CLIError('Please provide at least one certificate') if not _can_remove_primary_certificate( remove_certificate, enrollment_record['attestation']): raise CLIError( 'Please provide at least one certificate while removing the only primary certificate' ) if not _can_remove_secondary_certificate( remove_secondary_certificate, enrollment_record['attestation']): raise CLIError( 'Please provide at least one certificate while removing the only secondary certificate' ) if certificate_path or secondary_certificate_path: if root_ca_name or secondary_root_ca_name: raise CLIError( 'Please provide either certificate path or certficate name' ) enrollment_record[ 'attestation'] = _get_updated_attestation_with_x509_signing_cert( enrollment_record['attestation'], certificate_path, secondary_certificate_path, remove_certificate, remove_secondary_certificate) if root_ca_name or secondary_root_ca_name: if certificate_path or secondary_certificate_path: raise CLIError( 'Please provide either certificate path or certficate name' ) enrollment_record[ 'attestation'] = _get_updated_attestation_with_x509_ca_cert( enrollment_record['attestation'], root_ca_name, secondary_root_ca_name, remove_certificate, remove_secondary_certificate) if iot_hub_host_name: enrollment_record['iotHubHostName'] = iot_hub_host_name if provisioning_status: enrollment_record['provisioningStatus'] = provisioning_status enrollment_record['initialTwin'] = _get_updated_inital_twin( enrollment_record, initial_twin_tags, initial_twin_properties) return m_sdk.device_enrollment_group.create_or_update( enrollment_id, enrollment_record, etag) except errors.ErrorDetailsException as e: raise CLIError(e)
def iot_dps_device_enrollment_update(client, enrollment_id, dps_name, resource_group_name, etag=None, endorsement_key=None, certificate_path=None, secondary_certificate_path=None, remove_certificate=None, remove_secondary_certificate=None, device_id=None, iot_hub_host_name=None, initial_twin_tags=None, initial_twin_properties=None, provisioning_status=None): target = get_iot_dps_connection_string(client, dps_name, resource_group_name) try: m_sdk, errors = _bind_sdk(target, SdkType.dps_sdk) enrollment_record = m_sdk.device_enrollment.get(enrollment_id) # Verify etag if etag and 'etag' in enrollment_record and etag != enrollment_record[ 'etag'].replace('"', ''): raise LookupError("enrollment etag doesn't match.") if not etag: etag = enrollment_record['etag'].replace('"', '') # Verify and update attestation information attestation_type = enrollment_record['attestation']['type'] if attestation_type == AttestationType.tpm.value: if certificate_path or secondary_certificate_path: raise CLIError( 'Cannot update certificate while enrollment is using tpm attestation mechanism' ) if remove_certificate or remove_secondary_certificate: raise CLIError( 'Cannot remove certificate while enrollment is using tpm attestation mechanism' ) if endorsement_key: enrollment_record['attestation']['tpm'][ 'endorsement_key'] = endorsement_key else: if endorsement_key: raise CLIError( 'Cannot update endorsement key while enrollment is using x509 attestation mechanism' ) enrollment_record[ 'attestation'] = _get_updated_attestation_with_x509_client_cert( enrollment_record['attestation'], certificate_path, secondary_certificate_path, remove_certificate, remove_secondary_certificate) # Update enrollment information if iot_hub_host_name: enrollment_record['iotHubHostName'] = iot_hub_host_name if device_id: enrollment_record['deviceId'] = device_id if provisioning_status: enrollment_record['provisioningStatus'] = provisioning_status enrollment_record['registrationState'] = None enrollment_record['initialTwin'] = _get_updated_inital_twin( enrollment_record, initial_twin_tags, initial_twin_properties) return m_sdk.device_enrollment.create_or_update( enrollment_id, enrollment_record, etag) except errors.ErrorDetailsException as e: raise CLIError(e)