def join(self): from twisted.internet._sslverify import OpenSSLCertificateAuthorities from OpenSSL import crypto if self._proto: raise Exception("Already connected") # Own callbacks callbacks = {'connected': [CalvinCB(self._connected)], 'disconnected': [CalvinCB(self._disconnected)], 'connection_failed': [CalvinCB(self._connection_failed)], 'data': [CalvinCB(self._data)], 'set_proto': [CalvinCB(self._set_proto)]} self._factory = TCPClientFactory(callbacks) # addr="%s:%s" % (self._host_ip, self._host_port)) runtime_to_runtime_security = _conf.get("security","runtime_to_runtime_security") if runtime_to_runtime_security=="tls": _log.debug("TwistedCalvinTransport with TLS chosen") trusted_ca_certs = [] try: self._runtime_credentials = runtime_credentials.RuntimeCredentials(self._node_name) ca_cert_list_str, ca_cert_list_x509, truststore = certificate.get_truststore(certificate.TRUSTSTORE_TRANSPORT) for ca_cert in ca_cert_list_str: trusted_ca_certs.append(crypto.load_certificate(crypto.FILETYPE_PEM, ca_cert)) ca_certs = OpenSSLCertificateAuthorities(trusted_ca_certs) client_credentials_data =self._runtime_credentials.get_runtime_credentials() client_credentials = ssl.PrivateCertificate.loadPEM(client_credentials_data) except Exception as err: _log.error("TwistedCalvinTransport: Failed to load client credentials, err={}".format(err)) raise try: options = ssl.optionsForClientTLS(self._server_node_name, trustRoot=ca_certs, clientCertificate=client_credentials) except Exception as err: _log.error("TwistedCalvinTransport: Failed to create optionsForClientTLS " "\n\terr={}" "\n\tself._server_node_name={}".format(err, self._server_node_name)) raise try: endpoint = endpoints.SSL4ClientEndpoint(reactor, self._host_ip, int(self._host_port), options) except: _log.error("TwistedCalvinTransport: Client failed connectSSL") raise try: endpoint.connect(self._factory) except Exception as e: _log.error("TwistedCalvinTransport: Failed endpoint.connect, e={}".format(e)) raise else: reactor.connectTCP(self._host_ip, int(self._host_port), self._factory)
def _create_tls_client_context(config, cbdir, log): """ Create a CertificateOptions object for use with TLS listening endpoints. """ # server hostname: The expected name of the remote host. hostname = config['hostname'] # explicit trust (certificate) root ca_certs = None if 'ca_certificates' in config: log.info("TLS client using explicit trust ({cnt_certs} certificates)", cnt_certs=len(config['ca_certificates'])) ca_certs = [] for cert_fname in [os.path.abspath(os.path.join(cbdir, x)) for x in (config['ca_certificates'])]: cert = crypto.load_certificate( crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read()) ) log.info("TLS client trust root CA certificate loaded from '{fname}'", fname=cert_fname) ca_certs.append(cert) ca_certs = OpenSSLCertificateAuthorities(ca_certs) else: log.info("TLS client using platform trust") # client key/cert to use client_cert = None if 'key' in config: if 'certificate' not in config: raise Exception('TLS client key present, but certificate missing') key_fname = os.path.abspath(os.path.join(cbdir, config['key'])) with open(key_fname, 'r') as f: private_key = KeyPair.load(f.read(), format=crypto.FILETYPE_PEM) log.info("Loaded client TLS key from '{key_fname}'", key_fname=key_fname) cert_fname = os.path.abspath(os.path.join(cbdir, config['certificate'])) with open(cert_fname, 'r') as f: cert = Certificate.loadPEM(f.read(),) log.info("Loaded client TLS certificate from '{cert_fname}' (cn='{cert_cn}', sha256={cert_sha256}..)", cert_fname=cert_fname, cert_cn=cert.getSubject().CN, cert_sha256=cert.digest('sha256')[:12]) client_cert = PrivateCertificate.fromCertificateAndKeyPair(cert, private_key) else: if 'certificate' in config: log.warn('TLS client certificate present, but key is missing') # create TLS client context ctx = optionsForClientTLS(hostname, trustRoot=ca_certs, clientCertificate=client_cert) return ctx
@inlineCallbacks def onJoin(self, details): counter = 0 while True: print("publish: com.myapp.topic1", counter) yield self.publish(u'com.myapp.topic1', counter) counter += 1 yield sleep(1) if __name__ == '__main__': # load the self-signed cert the server is using examples_dir = join(split(__file__)[0], '..', '..', '..', '..') cert_fname = join(examples_dir, 'router', '.crossbar', 'server.crt') cert = crypto.load_certificate( crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read()) ) # tell Twisted to use just the one certificate we loaded to verify connections options = CertificateOptions( trustRoot=OpenSSLCertificateAuthorities([cert]), ) # ...which we pass as "ssl=" to ApplicationRunner (passed to SSL4ClientEndpoint) runner = ApplicationRunner( environ.get("AUTOBAHN_DEMO_ROUTER", u"wss://127.0.0.1:8083/ws"), u"crossbardemo", ssl=options, # try removing this, but still use self-signed cert ) runner.run(Component)
# start logging if args.debug: txaio.start_logging(level='debug') else: txaio.start_logging(level='info') # any extra info we want to forward to our ClientSession (in self.config.extra) extra = {'auth': args.authentication} if args.ssl: st_cert=open(args.ca_cert_file, 'rt').read() c=OpenSSL.crypto ca_cert=c.load_certificate(c.FILETYPE_PEM, st_cert) st_cert=open(args.intermediate_cert_file, 'rt').read() intermediate_cert=c.load_certificate(c.FILETYPE_PEM, st_cert) certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert]) ssl_con = CertificateOptions(trustRoot=certs) # now actually run a WAMP client using our session class ClientSession runner = ApplicationRunner(url=args.url, realm=args.realm, extra=extra, ssl=ssl_con) else: # now actually run a WAMP client using our session class ClientSession runner = ApplicationRunner(url=args.url, realm=args.realm, extra=extra) runner.run(AppSession, auto_reconnect=True)
last_t = t if field_available: field[name] = f try: timeline[f["timeline"]]["field"].append(name) except KeyError: timeline[f["timeline"]] = { "interval": t - last_t, "field": [name] } return field, timeline if __name__ == "__main__": # Give time for crossbar server to start time.sleep(5) # Because we're using a self-signed certificate, we need to tell Twisted # that it is OK to trust it. cert_fname = (".crossbar/server_cert.pem") cert = crypto.load_certificate(crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read())) opt = CertificateOptions(trustRoot=OpenSSLCertificateAuthorities([cert])) # Start our component. runner = ApplicationRunner("wss://%s:%d/ws" % (sisock.base.SISOCK_HOST, \ sisock.base.SISOCK_PORT), \ sisock.base.REALM, ssl=opt) runner.run(apex_weather)
cert_options = optionsForClientTLS( u'localhost', trustRoot=trustRootFromCertificates([ Certificate.loadPEM(open(cert_fname).read()), Certificate.loadPEM(open(inter_cert_fname).read()), ])) if False: cert = crypto.load_certificate( crypto.FILETYPE_PEM, open('.crossbar/server.crt', 'rb').read()) inter_cert = crypto.load_certificate( crypto.FILETYPE_PEM, open('.crossbar/intermediate.cert.pem', 'rb').read()) ca_certs = OpenSSLCertificateAuthorities([cert, inter_cert]) cert_options = ssl.optionsForClientTLS(u'localhost', trustRoot=ca_certs) if False: cert = crypto.load_certificate( crypto.FILETYPE_PEM, open('.crossbar/server.crt', 'rb').read()) inter_cert = crypto.load_certificate( crypto.FILETYPE_PEM, open('.crossbar/intermediate.cert.pem', 'rb').read()) cert_options = CertificateOptions(verify=True, requireCertificate=True, caCerts=[cert],
} from twisted.internet.ssl import Certificate from twisted.internet.ssl import optionsForClientTLS from twisted.internet._sslverify import OpenSSLCertificateAuthorities from OpenSSL import crypto import six ca_certs = [] for cert_fname in [ '.crossbar/ca.cert.pem', '.crossbar/intermediate.cert.pem' ]: cert = crypto.load_certificate(crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read())) ca_certs.append(cert) ca_certs = OpenSSLCertificateAuthorities(ca_certs) ctx = optionsForClientTLS(u'localhost', trustRoot=ca_certs) # for cert in ['.crossbar/ca.cert.pem', '.crossbar/intermediate.cert.pem']: # with open(cert) as f: # ca_cert = Certificate.loadPEM(f.read()) # ca_certs.append(ca_cert) # ctx = optionsForClientTLS(u'localhost', trustRoot=ca_certs) # connect to router and run ClientSession runner = ApplicationRunner(url=options.url, realm=options.realm, extra=extra, ssl=ctx, debug=False, debug_wamp=options.trace)
def __init__(self, ssl=True, debug=True, authentication=True, user=u"ffbo", secret=u"", url=u'wss://neuronlp.fruitflybrain.org:7777/ws', realm=u'realm1', ca_cert_file='isrgrootx1.pem', intermediate_cert_file='letsencryptauthorityx3.pem', FFBOLabcomm=None): if os.path.exists(os.path.join(home, '.ffbolab', 'lib')): print( printHeader('FFBOLab Client') + "Downloading the latest certificates.") # CertificateDownloader = urllib.URLopener() if not os.path.exists(os.path.join(home, '.ffbolab', 'lib')): urlRetriever( "https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini", os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini')) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem", os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem')) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem", os.path.join(home, '.ffbolab', 'lib', 'intermediateCertFile.pem')) config_file = os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini') ca_cert_file = os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem') intermediate_cert_file = os.path.join(home, '.ffbolab', 'lib', 'intermediateCertFile.pem') config = ConfigParser() config.read(config_file) user = config["ComponentInfo"]["user"] secret = config["ComponentInfo"]["secret"] url = config["ComponentInfo"]["url"] self.FFBOLabcomm = FFBOLabcomm self.NKSimState = 0 self.executionSettings = [] extra = {'auth': authentication} self.lmsg = 0 st_cert = open(ca_cert_file, 'rt').read() c = OpenSSL.crypto ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) st_cert = open(intermediate_cert_file, 'rt').read() intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert]) ssl_con = CertificateOptions(trustRoot=certs) FFBOLABClient = AutobahnSync() self.client = FFBOLABClient @FFBOLABClient.on_challenge def on_challenge(challenge): if challenge.method == u"wampcra": print("WAMP-CRA challenge received: {}".format(challenge)) if u'salt' in challenge.extra: # salted secret salted_key = auth.derive_key(secret, challenge.extra['salt'], challenge.extra['iterations'], challenge.extra['keylen']) salted_key = (salted_key).decode('utf-8') print(salted_key) #if user==u'ffbo': # plain, unsalted secret # salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE=" #print(salted_key) # compute signature for challenge, using the key signature = auth.compute_wcs(salted_key, challenge.extra['challenge']) # return the signature to the router for verification return signature else: raise Exception("Invalid authmethod {}".format( challenge.method)) FFBOLABClient.run(url=url, authmethods=[u'wampcra'], authid=user, ssl=ssl_con) self.client_data = [] self.data = [] @FFBOLABClient.register('ffbo.gfx.addMessage') def add_message(message_name, message): output = json.loads(message) output = ast.literal_eval(json.dumps(output)) # self.log.info("add_message() returns {x}", x=output) print('add_message returns', output) if message_name == 'neurogist': pass return output print("Procedure ffbo.gfx.addMessage Registered...") @FFBOLABClient.register('ffbo.gfx.updateFileList') def updateFileList(): self.files = [ f for f in listdir(_FFBOLabDataPath) if isfile(join(_FFBOLabDataPath, f)) ] output = ast.literal_eval(json.dumps(self.files)) print('updateFileList returns', output) #self.log.info("return_files() returns {x}", x=output) self.data = {} self.data['data'] = output self.data['messageType'] = 'updateFileList' return self.data print("Procedure ffbo.gfx.updateFileList Registered...") registerOptions = RegisterOptions(details_arg='details') @FFBOLABClient.register('ffbo.gfx.startExecution', options=registerOptions) def start_execution(settings, details=None): self.NKSimState = 1 settings['userID'] = details.caller self.executionSettings.append(settings) return True print("Procedure ffbo.gfx.startExecution Registered...") registerOptions = RegisterOptions(details_arg='details') @FFBOLABClient.register('ffbo.gfx.loadResults', options=registerOptions) def loadResults(details=None): userID = details.caller filename = 'neuroballad_temp_model_output.h5' G = nx.read_gexf('neuroballad_temp_model.gexf.gz') name_dict = {} for n, d in G.nodes(data=True): name_dict[n] = d['name'] print(name_dict) f = h5py.File(filename, 'r') json_data = {} for variable_name in f.keys(): if variable_name != 'metadata': print(variable_name) data = list(f[variable_name].values())[0][:] labels = list(f[variable_name].values())[1][:] print(labels) labels = list(filter(lambda k: b'auto' not in k, labels)) labels = list(filter(lambda k: b'input' not in k, labels)) print(labels) for i in range(min(5000, len(labels))): str_key = variable_name + '/' + name_dict[ labels[i].decode('utf8')] str_key = ''.join(i for i in str_key if ord(i) < 128) data_to_send = data[:, i] data_to_send[data_to_send >= 1E3] = 0 data_to_send[data_to_send <= -1E3] = 0 data_to_send = np.nan_to_num(data_to_send) data_to_send = np.clip(data_to_send, -1000., 1000.) json_data[str_key] = data_to_send.astype( np.float32).tolist() no_keys = int(math.ceil(float(len(json_data.keys())) / 5.0)) json_out = json.dumps(json_data, ensure_ascii=True) text_file = open("Output.txt", "w") text_file.write(json_out) text_file.close() # Switch with calls # yield self.publish(u'com.example.clear_results', []) a = {} a['widget'] = 'GFX' a['messageType'] = 'clearResults' a['data'] = {} res = self.client.session.call( u'ffbo.ui.receive_gfx.' + str(userID), a) for i in range(no_keys): dicttosend = dict( (k, json_data[k]) for k in list(json_data.keys())[i * 5:(i + 1) * 5] if k in list(json_data.keys())) #try: # yield self.publish(u'com.example.load_results', [dicttosend]) print('Sending data...') a = {} a['widget'] = 'GFX' a['messageType'] = 'loadResults' a['data'] = dicttosend res = self.client.session.call( u'ffbo.ui.receive_gfx.' + str(userID), a) #except: # print('Data sending failed...') # pass # Switch with calls a = {} a['widget'] = 'GFX' a['messageType'] = 'showServerMessage' a['data'] = [ "[GFX] Simulation results successfully obtained.", 1, 2 ] res = self.client.session.call( u'ffbo.ui.receive_gfx.' + str(userID), a) # yield self.publish(u'com.example.server_message', ["Results acquired...",1,2]) print("Results sent...") # print(str(data[:,i].shape)) # print(data) # print(str(no_keys)) # print(str(len(json_data.keys()))) # print(details.caller) NK_sim_state = 0 return True print("Procedure ffbo.gfx.loadSimResults Registered...") @FFBOLABClient.register('ffbo.gfx.createDiagram') def create_diagram(diagram): self.log.info("create_diagram() called with {x}", x=diagram) output = diagram_generator(json.loads(diagram), self.log) return json.dumps(output) print("Procedure ffbo.gfx.createDiagram Registered...") @FFBOLABClient.register('ffbo.gfx.sendSVG') def send_svg(X): self.log.info("send_svg() called with {x}", x=X) X = json.loads(X) name = X['name'] G = X['svg'] with open(_FFBOLabDataPath + name + '_visual.svg', "w") as file: file.write(G) output = {} output['success'] = True self.log.info("send_svg() responded with {x}", x=output) return json.dumps(output) print("Procedure ffbo.gfx.sendSVG Registered...") @FFBOLABClient.register('ffbo.gfx.sendCircuit') def send_circuit(X): name = X['name'] G = binascii.unhexlify(X['graph'].encode()) with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'), "wb") as file: file.write(G) G = nx.read_gexf(os.path.join(_FFBOLabDataPath, name + '.gexf.gz')) nx.write_gexf(G, os.path.join(_FFBOLabDataPath, name + '.gexf')) return True print("Procedure ffbo.gfx.sendCircuit Registered...") @FFBOLABClient.register('ffbo.gfx.getCircuit') def get_circuit(X): name = X with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'), 'rb') as file: data = file.read() a = {} a['data'] = binascii.hexlify(data).decode() a['name'] = name return a print("Procedure ffbo.gfx.getCircuit Registered...") @FFBOLABClient.register('ffbo.gfx.getExperiment') def get_experiment(X): name = X with open(os.path.join(_FFBOLabDataPath, name + '.json'), "r") as file: experimentInputsJson = file.read() experimentInputsJson = json.loads(experimentInputsJson) a = {} a['data'] = experimentInputsJson a['name'] = name return a print("Procedure ffbo.gfx.getExperiment Registered...") @FFBOLABClient.register('ffbo.gfx.getSVG') def get_svg(X): name = X with open(os.path.join(_FFBOLabDataPath, name + '.svg'), "rb") as file: data = file.read() #experimentInputsJson = json.loads(experimentInputsJson) a = {} a['data'] = binascii.hexlify(data).decode() a['name'] = name return a print("Procedure ffbo.gfx.getSVG Registered...") @FFBOLABClient.register('ffbo.gfx.sendExperiment') def send_experiment(X): print(printHeader('FFBOLab Client GFX') + "sendExperiment called.") #X = json.loads(X) name = X['name'] data = json.dumps(X['experiment']) with open(os.path.join(_FFBOLabDataPath, name + '.json'), "w") as file: file.write(data) output = {} output['success'] = True print( printHeader('FFBOLab Client GFX') + "Experiment save successful.") return True print("Procedure ffbo.gfx.ffbolab.sendExperiment Registered...") @FFBOLABClient.register('ffbo.gfx.queryDB') def query_db(message): output = json.loads(message) self.log.info("query_db() called with {x}", x=output) return output print("Procedure ffbo.gfx.queryDB Registered...") @FFBOLABClient.register('ffbo.gfx.NKSim') def NK_sim(message): output = json.loads(message) self.log.info("NK_sim() called with {x}", x=output) self.NK_sim_state = 1 return output print("Procedure ffbo.gfx.NKSim Registered...") @FFBOLABClient.register('ffbo.gfx.loadNeurogist') def load_neurogist(message): pass output = client.command(message) self.log.info(str(len(output))) #self.log.info(str((output[0].value))) self.log.info(str(json.dumps((output[0].oRecordData)))) all_out = "" queries = [] for i in output: if "tags" in i.oRecordData: b = json.dumps(i.oRecordData) queries.append(i.oRecordData) self.log.info("load_neurogist() was called: returns {x}", x=b) all_out = all_out + "\n" + str(b) return json.dumps(queries, indent=2) print("Procedure ffbo.gfx.loadNeurogist Registered...") @FFBOLABClient.register('ffbo.gfx.loadNeurobeholder') def load_neurobeholder(message): output = client.command(message) self.log.info(str(len(output))) #self.log.info(str((output[0].value))) self.log.info(str(json.dumps((output[0].oRecordData)))) all_out = "" queries = [] for i in output: if "tags" not in i.oRecordData: b = json.dumps(i.oRecordData) queries.append(i.oRecordData) self.log.info( "load_neurobeholder() was called: returns {x}", x=b) all_out = all_out + "\n" + str(b) return json.dumps(queries, indent=2) print("Procedure ffbo.gfx.loadNeurobeholder Registered...") @FFBOLABClient.register('ffbo.gfx.loadNeuroscepter') def load_neurospecter(message): output = json.loads(message) self.log.info("load_neurospecter() called with {x}", x=output) return output print("Procedure ffbo.gfx.loadNeuroscepter Registered...") res = FFBOLABClient.session.call(u'ffbo.processor.server_information') for i in res['na']: if 'na' in res['na'][i]['name']: print('Found working NA Server: ' + res['na'][i]['name']) self.naServerID = i for i in res['nlp']: self.nlpServerID = i
def __init__(self, ssl=True, debug=True, authentication=True, user=u"ffbo", secret=u"", url=u'wss://neuronlp.fruitflybrain.org:7777/ws', realm=u'realm1', ca_cert_file='isrgrootx1.pem', intermediate_cert_file='letsencryptauthorityx3.pem', FFBOLabcomm=None): if os.path.exists(os.path.join(home, '.ffbolab', 'lib')): print( printHeader('FFBOLab Client') + "Downloading the latest certificates.") # CertificateDownloader = urllib.URLopener() if not os.path.exists(os.path.join(home, '.ffbolab', 'lib')): urlRetriever( "https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini", os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini')) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem", os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem')) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem", os.path.join(home, '.ffbolab', 'lib', 'intermediateCertFile.pem')) config_file = os.path.join(home, '.ffbolab', 'config', 'FBLClient.ini') ca_cert_file = os.path.join(home, '.ffbolab', 'lib', 'caCertFile.pem') intermediate_cert_file = os.path.join(home, '.ffbolab', 'lib', 'intermediateCertFile.pem') config = ConfigParser() config.read(config_file) # user = config["ComponentInfo"]["user"] # secret = config["ComponentInfo"]["secret"] # url = config["ComponentInfo"]["url"] self.FFBOLabcomm = FFBOLabcomm self.NKSimState = 0 self.executionSettings = [] extra = {'auth': authentication} self.lmsg = 0 st_cert = open(ca_cert_file, 'rt').read() c = OpenSSL.crypto ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) st_cert = open(intermediate_cert_file, 'rt').read() intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert]) ssl_con = CertificateOptions(trustRoot=certs) FFBOLABClient = AutobahnSync() self.client = FFBOLABClient @FFBOLABClient.on_challenge def on_challenge(challenge): if challenge.method == u"wampcra": print("WAMP-CRA challenge received: {}".format(challenge)) if u'salt' in challenge.extra: # salted secret salted_key = auth.derive_key(secret, challenge.extra['salt'], challenge.extra['iterations'], challenge.extra['keylen']) salted_key = (salted_key).decode('utf-8') print(salted_key) #if user==u'ffbo': # plain, unsalted secret # salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE=" #print(salted_key) # compute signature for challenge, using the key signature = auth.compute_wcs(salted_key, challenge.extra['challenge']) # return the signature to the router for verification return signature else: raise Exception("Invalid authmethod {}".format( challenge.method)) FFBOLABClient.run(url=url, authmethods=[u'wampcra'], authid=user, ssl=ssl_con) self.client_data = [] self.data = [] self.launch_queue = [] @FFBOLABClient.register('ffbo.nk.launch.' + str(FFBOLABClient._async_session._session_id)) def nk_launch_progressive(task, details=None): # print(task['user']) user_id = str(task['user']) self.launch_queue.append((user_id, task)) def mock_result(): result = {u'ydomain': 1, u'xdomain': 1, u'dt': 10, u'data': {}} """ res = {u'ydomain': 1, u'xdomain': 1, u'dt': 10, u'data': {}} print(task['forward']) res_to_processor = yield self.call(six.u(task['forward']), res) """ return result, result res = mock_result() return res # res = server.launch(user_id, task) # returnValue(res) print("Procedure nk_launch_progressive Registered...") res = FFBOLABClient.session.call( u'ffbo.server.register', FFBOLABClient._async_session._session_id, 'nk', 'nk_server') print("Registered self...")
def main(reactor): # Because we're using a self-signed certificate, we need to tell Twisted # that it is OK to trust it. cert_fname = (".crossbar/server_cert.pem") cert = crypto.load_certificate(crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read())) opt = ssl.CertificateOptions(\ trustRoot=OpenSSLCertificateAuthorities([cert])) # Set up our sisock component. component = Component( transports=[{ u"type": u"websocket", u"url": sisock.base.WAMP_URI, u"endpoint": { u"type": u"tcp", u"host": sisock.base.SISOCK_HOST, u"port": sisock.base.SISOCK_PORT, u"tls": opt } }], authentication={ u"wampcra": { u"authid": u"simonsobs", u"secret": u"yW4V2T^bPD&rGFwy" } }, realm=sisock.base.REALM, ) # Create our klein webserver, and then our datasource (which also connects # our component to the WAMP server). app = Klein() GrafanaSisockDatasrc(app, component) # Have our webserver listen for Grafana requests. # TODO: use SSL and authentication. site = Site(app.resource()) #server_ep = SSL4ServerEndpoint(reactor, klein_port, opt) server_ep = TCP4ServerEndpoint(reactor, klein_port) port = yield server_ep.listen(site) print("Web application on {}".format(port)) # We don't *have* to hand over control of the reactor to # component.run -- if we don't want to, we call .start() # The Deferred it returns fires when the component is "completed" # (or errbacks on any problems). comp_d = component.start(reactor) # When not using run() we also must start logging ourselves. txaio.start_logging(level=environ.get("LOGLEVEL", "info")) # If the Component raises an exception we want to exit. Note that # things like failing to connect will be swallowed by the # re-connection mechanisms already so won't reach here. def _failed(f): print("Component failed: {}".format(f)) done.errback(f) comp_d.addErrback(_failed) # Wait forever (unless the Component raises an error). done = Deferred() yield done
def __init__(self, ssl=True, debug=True, authentication=True, user='******', secret='guestpass', url=u'wss://neuronlp.fruitflybrain.org:7777/ws', realm=u'realm1', ca_cert_file='isrgrootx1.pem', intermediate_cert_file='letsencryptauthorityx3.pem', FFBOLabcomm=None): """Initialization function for the ffbolabClient class. Args: ssl (bool): Whether the FFBO server uses SSL. debug (bool) : Whether debugging should be enabled. authentication (bool): Whether authentication is enabled. user (str): Username for establishing communication with FFBO components. secret (str): Password for establishing communication with FFBO components. url (str): URL of the WAMP server with the FFBO Processor component. realm (str): Realm to be connected to. ca_cert_file (str): Path to the certificate for establishing connection. intermediate_cert_file (str): Path to the intermediate certificate for establishing connection. FFBOLabcomm (obj) Communications object for the frontend. """ self.FFBOLabcomm = FFBOLabcomm # Current Communications Object self.C = None # The Neuroballd Circuit object describing the loaded neural circuit self.dataPath = _FFBOLabDataPath extra = {'auth': authentication} self.lmsg = 0 self.experimentInputs = [] # List of current experiment inputs self.compiled = False # Whether the current circuit has been compiled into a NetworkX Graph self.sendDataToGFX = True # Shall we send the received simulation data to GFX Component? self.executionSuccessful = False # Used to wait for data loading self.experimentQueue = [] # A queue for experiments self.simData = { } # Locally loaded simulation data obtained from server self.clientData = [] # Servers list self.data = [ ] # A buffer for data from backend; used in multiple functions so needed st_cert = open(ca_cert_file, 'rt').read() c = OpenSSL.crypto ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) st_cert = open(intermediate_cert_file, 'rt').read() intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert]) ssl_con = CertificateOptions(trustRoot=certs) FFBOLABClient = AutobahnSync() @FFBOLABClient.on_challenge def on_challenge(challenge): """The On Challenge function that computes the user signature for verification. Args: challenge (obj): The challenge object received. Returns: str: The signature sent to the router for verification. """ print(printHeader('FFBOLab Client') + 'Initiating authentication.') if challenge.method == u"wampcra": print( printHeader('FFBOLab Client') + "WAMP-CRA challenge received: {}".format(challenge)) print(challenge.extra['salt']) if u'salt' in challenge.extra: # Salted secret print(printHeader('FFBOLab Client') + 'Deriving key...') salted_key = auth.derive_key(secret, challenge.extra['salt'], challenge.extra['iterations'], challenge.extra['keylen']) print(salted_key.decode('utf-8')) if user == 'guest': # A plain, unsalted secret for the guest account salted_key = u"C5/c598Gme4oALjmdhVC2H25OQPK0M2/tu8yrHpyghA=" # compute signature for challenge, using the key signature = auth.compute_wcs(salted_key, challenge.extra['challenge']) # return the signature to the router for verification return signature else: raise Exception("Invalid authmethod {}".format( challenge.method)) FFBOLABClient.run( url=url, authmethods=[u'wampcra'], authid='guest', ssl=ssl_con) # Initialize the communication right now! @FFBOLABClient.subscribe('ffbo.server.update.' + str(FFBOLABClient._async_session._session_id)) def updateServers(data): """Updates available servers. Args: data (obj): Obtained servers list. """ self.clientData.append(data) print("Updated the Servers") print("Subscribed to topic 'ffbo.server.update'") @FFBOLABClient.register('ffbo.ui.receive_cmd.' + str(FFBOLABClient._async_session._session_id)) def receiveCommand(data): """The Receive Command function that receives commands and sends them to the frontend. Args: data (dict): Data to be sent to the frontend Returns: bool: Whether the data has been received. """ self.clientData.append('Received Command') a = {} a['data'] = data a['messageType'] = 'Command' a['widget'] = 'NLP' self.data.append(a) print(printHeader('FFBOLab Client NLP') + "Received a command.") self.tryComms(a) return True print( printHeader('FFBOLab Client') + "Procedure ffbo.ui.receive_cmd Registered...") @FFBOLABClient.register('ffbo.ui.receive_gfx.' + str(FFBOLABClient._async_session._session_id)) def receiveGFX(data): """The Receive GFX function that receives commands and sends them to the GFX frontend. Args: data (dict): Data to be sent to the frontend. Returns: bool: Whether the data has been received. """ self.clientData.append('Received GFX Data') self.data.append(data) print( printHeader('FFBOLab Client GFX') + "Received a message for GFX.") if self.sendDataToGFX == True: self.tryComms(data) else: if 'messageType' in data.keys(): if data['messageType'] == 'showServerMessage': print( printHeader('FFBOLab Client GFX') + "Execution successful for GFX.") if len(self.experimentQueue) > 0: print( printHeader('FFBOLab Client GFX') + "Next execution now underway. Remaining simulations: " + str(len(self.experimentQueue))) a = self.experimentQueue.pop(0) res = self.client.session.call( 'ffbo.gfx.sendExperiment', a) res = self.client.session.call( 'ffbo.gfx.startExecution', {'name': a['name']}) else: self.executionSuccessful = True self.parseSimResults() print( printHeader('FFBOLab Client GFX') + "GFX results successfully parsed.") return True print( printHeader('FFBOLab Client') + "Procedure ffbo.ui.receive_gfx Registered...") @FFBOLABClient.register('ffbo.ui.get_circuit.' + str(FFBOLABClient._async_session._session_id)) def get_circuit(X): """Obtain a circuit and save it to the local FFBOLab folder. Args: X (str): Name of the circuit. Returns: bool: Whether the process has been successful. """ name = X['name'] G = binascii.unhexlify(X['graph'].encode()) with open(os.path.join(_FFBOLabDataPath, name + '.gexf.gz'), "wb") as file: file.write(G) return True print("Procedure ffbo.ui.get_circuit Registered...") @FFBOLABClient.register('ffbo.ui.get_experiment' + str(FFBOLABClient._async_session._session_id)) def get_experiment(X): """Obtain an experiment and save it to the local FFBOLab folder. Args: X (str): Name of the experiment. Returns: bool: Whether the process has been successful. """ print(printHeader('FFBOLab Client GFX') + "get_experiment called.") name = X['name'] data = json.dumps(X['experiment']) with open(os.path.join(_FFBOLabDataPath, name + '.json'), "w") as file: file.write(data) output = {} output['success'] = True print( printHeader('FFBOLab Client GFX') + "Experiment save successful.") return True print("Procedure ffbo.ui.get_experiment Registered...") @FFBOLABClient.register('ffbo.ui.receive_data.' + str(FFBOLABClient._async_session._session_id)) def receiveData(data): """The Receive Data function that receives commands and sends them to the NLP frontend. Args: data (dict): Data from the backend. Returns: bool: Whether the process has been successful. """ self.clientData.append('Received Data') a = {} a['data'] = data a['messageType'] = 'Data' a['widget'] = 'NLP' self.data.append(a) print(printHeader('FFBOLab Client NLP') + "Received data.") self.tryComms(a) return True print( printHeader('FFBOLab Client') + "Procedure ffbo.ui.receive_data Registered...") @FFBOLABClient.register('ffbo.ui.receive_msg.' + str(FFBOLABClient._async_session._session_id)) def receiveMessage(data): """The Receive Message function that receives commands and sends them to the NLP frontend. Args: data (dict): Data from the backend. Returns: bool: Whether the process has been successful. """ self.clientData.append('Received Message') a = {} a['data'] = data a['messageType'] = 'Message' a['widget'] = 'NLP' self.data.append(a) print(printHeader('FFBOLab Client NLP') + "Received a message.") self.tryComms(a) return True print( printHeader('FFBOLab Client') + "Procedure ffbo.ui.receive_msg Registered...") self.client = FFBOLABClient # Set current client to the FFBOLAB Client self.findServerIDs() # Get current server IDs
def __init__( self, ssl=True, debug=True, authentication=True, user=u"ffbo", secret=u"", url=u"wss://neuronlp.fruitflybrain.org:7777/ws", realm=u"realm1", ca_cert_file="isrgrootx1.pem", intermediate_cert_file="letsencryptauthorityx3.pem", FFBOLabcomm=None, FBLcomm=None, server_name='nk', ): if FBLcomm is None and FFBOLabcomm is not None: FBLcomm = FFBOLabcomm if os.path.exists(os.path.join(home, ".ffbo", "lib")): print( printHeader("FBL Client") + "Downloading the latest certificates.") # CertificateDownloader = urllib.URLopener() if not os.path.exists(os.path.join(home, ".ffbo", "lib")): urlRetriever( "https://data.flybrainlab.fruitflybrain.org/config/FBLClient.ini", os.path.join(home, ".ffbo", "config", "FBLClient.ini"), ) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/isrgrootx1.pem", os.path.join(home, ".ffbo", "lib", "caCertFile.pem"), ) urlRetriever( "https://data.flybrainlab.fruitflybrain.org/lib/letsencryptauthorityx3.pem", os.path.join(home, ".ffbo", "lib", "intermediateCertFile.pem"), ) config_file = os.path.join(home, ".ffbo", "config", "FBLClient.ini") ca_cert_file = os.path.join(home, ".ffbo", "lib", "caCertFile.pem") intermediate_cert_file = os.path.join(home, ".ffbo", "lib", "intermediateCertFile.pem") config = ConfigParser() config.read(config_file) # user = config["ComponentInfo"]["user"] # secret = config["ComponentInfo"]["secret"] # url = config["ComponentInfo"]["url"] self.FBLcomm = FBLcomm self.NKSimState = 0 self.executionSettings = [] extra = {"auth": authentication} self.lmsg = 0 st_cert = open(ca_cert_file, "rt").read() c = OpenSSL.crypto ca_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) st_cert = open(intermediate_cert_file, "rt").read() intermediate_cert = c.load_certificate(c.FILETYPE_PEM, st_cert) certs = OpenSSLCertificateAuthorities([ca_cert, intermediate_cert]) ssl_con = CertificateOptions(trustRoot=certs) FBLClient = AutobahnSync() self.client = FBLClient @FBLClient.on_challenge def on_challenge(challenge): if challenge.method == u"wampcra": print("WAMP-CRA challenge received: {}".format(challenge)) if u"salt" in challenge.extra: # salted secret salted_key = auth.derive_key(secret, challenge.extra['salt'], challenge.extra['iterations'], challenge.extra['keylen']) salted_key = (salted_key).decode('utf-8') #if user==u'ffbo': # plain, unsalted secret # salted_key = u"kMU73GH4GS1WGUpEaSdDYwN57bdLdB58PK1Brb25UCE=" # print(salted_key) # compute signature for challenge, using the key signature = auth.compute_wcs(salted_key, challenge.extra["challenge"]) # return the signature to the router for verification return signature else: raise Exception("Invalid authmethod {}".format( challenge.method)) if ssl: FBLClient.run(url=url, authmethods=[u'wampcra'], authid=user, ssl=ssl_con) else: FBLClient.run(url=url, authmethods=[u'wampcra'], authid=user) setProtocolOptions(FBLClient._async_session._transport, maxFramePayloadSize=0, maxMessagePayloadSize=0, autoFragmentSize=65536) self.client_data = [] self.data = [] self.launch_queue = [] @FBLClient.register("ffbo.nk.launch." + str(FBLClient._async_session._session_id)) def nk_launch_progressive(task, details=None): # print(task['user']) user_id = str(task["user"]) self.launch_queue.append((user_id, task)) def mock_result(): result = {u"ydomain": 1, u"xdomain": 1, u"dt": 10, u"data": {}} """ res = {u'ydomain': 1, u'xdomain': 1, u'dt': 10, u'data': {}} print(task['forward']) res_to_processor = yield self.call(six.u(task['forward']), res) """ return result, result res = mock_result() return res # res = server.launch(user_id, task) # returnValue(res) print("Procedure nk_launch_progressive Registered...") res = FBLClient.session.call( u"ffbo.server.register", FBLClient._async_session._session_id, "nk", { "name": server_name, "version": 1.05 }, ) print("Registered self...")
def create_connecting_endpoint_from_config(config, cbdir, reactor): """ Create a Twisted stream client endpoint from a Crossbar.io transport configuration. See: https://twistedmatrix.com/documents/current/api/twisted.internet.interfaces.IStreamClientEndpoint.html :param config: The transport configuration. :type config: dict :param cbdir: Crossbar.io node directory (we need this for Unix domain socket paths and TLS key/certificates). :type cbdir: str :param reactor: The reactor to use for endpoint creation. :type reactor: obj :returns obj -- An instance implementing IStreamClientEndpoint """ endpoint = None log = make_logger() # a TCP endpoint # if config['type'] == 'tcp': # the TCP protocol version (v4 or v6) # version = int(config.get('version', 4)) # the host to connect to # host = str(config['host']) # the port to connect to # port = int(config['port']) # connection timeout in seconds # timeout = int(config.get('timeout', 10)) if 'tls' in config: if _HAS_TLS: # if the config specified any CA certificates, we use those (only!) if 'ca_certificates' in config['tls']: ca_certs = [] for cert_fname in config['tls']['ca_certificates']: cert = crypto.load_certificate( crypto.FILETYPE_PEM, six.u(open(cert_fname, 'r').read())) log.info("Loaded CA certificate '{fname}'", fname=cert_fname) ca_certs.append(cert) client_cert = None if 'key' in config['tls']: with open(config['tls']['certificate'], 'r') as f: cert = Certificate.loadPEM(f.read(), ) log.info( "{fname}: CN={subj.CN}, sha={sha}", fname=config['tls']['certificate'], subj=cert.getSubject(), sha=cert.digest('sha'), ) with open(config['tls']['key'], 'r') as f: private_key = KeyPair.load( f.read(), format=crypto.FILETYPE_PEM, ) log.info( "{fname}: {key}", fname=config['tls']['key'], key=private_key.inspect(), ) client_cert = PrivateCertificate.fromCertificateAndKeyPair( cert, private_key) # XXX OpenSSLCertificateAuthorities is a "private" # class, in _sslverify, so we shouldn't really be # using it. However, while you can pass a single # Certificate as trustRoot= there's no way to pass # multiple ones. # XXX ...but maybe the config should only allow # the user to configure a single cert to trust # here anyway? options = optionsForClientTLS( config['tls']['hostname'], trustRoot=OpenSSLCertificateAuthorities(ca_certs), clientCertificate=client_cert, ) else: options = optionsForClientTLS(config['tls']['hostname']) # create a TLS client endpoint # if version == 4: endpoint = SSL4ClientEndpoint( reactor, host, port, options, timeout=timeout, ) elif version == 6: raise Exception("TLS on IPv6 not implemented") else: raise Exception( "invalid TCP protocol version {}".format(version)) else: raise Exception( "TLS transport requested, but TLS packages not available:\n{}" .format(_LACKS_TLS_MSG)) else: # create a non-TLS client endpoint # if version == 4: endpoint = TCP4ClientEndpoint(reactor, host, port, timeout=timeout) elif version == 6: endpoint = TCP6ClientEndpoint(reactor, host, port, timeout=timeout) else: raise Exception( "invalid TCP protocol version {}".format(version)) # a Unix Domain Socket endpoint # elif config['type'] == 'unix': # the path # path = abspath(join(cbdir, config['path'])) # connection timeout in seconds # timeout = int(config.get('timeout', 10)) # create the endpoint # endpoint = UNIXClientEndpoint(reactor, path, timeout=timeout) else: raise Exception("invalid endpoint type '{}'".format(config['type'])) return endpoint