def stage_base_configuration(self, stage, mocker):
"""
This fixture configures the stage for testing. This is automatically
applied, so it will be called before your test runs, but it's not
guaranteed to be called before any other fixtures run. If you have
a fixture that needs to rely on the stage being configured, then
you have to add a manual dependency inside that fixture (like we do in
next_stage_succeeds_all_ops below)
"""
class NextStageForTest(pipeline_stages_base.PipelineStage):
def _execute_op(self, op):
pass
next = NextStageForTest()
root = (pipeline_stages_base.PipelineRootStage(
config.BasePipelineConfig()).append_stage(stage).append_stage(next)
)
mocker.spy(stage, "_execute_op")
mocker.spy(stage, "run_op")
mocker.spy(next, "_execute_op")
mocker.spy(next, "run_op")
return root
def create_from_connection_string(cls,
connection_string,
ca_cert=None,
**kwargs):
"""
Instantiate the client from a IoTHub device or module connection string.
:param str connection_string: The connection string for the IoTHub you wish to connect to.
:param str ca_cert: The trusted certificate chain. Only necessary when using a
connection string with a GatewayHostName parameter.
:param bool websockets: Default is False. Set to true if using MQTT over websockets.
:raises: ValueError if given an invalid connection_string.
:returns: An instance of an IoTHub client that uses a connection string for authentication.
"""
# TODO: Make this device/module specific and reject non-matching connection strings.
# This will require refactoring of the auth package to use common objects (e.g. ConnectionString)
# in order to differentiate types of connection strings.
authentication_provider = auth.SymmetricKeyAuthenticationProvider.parse(
connection_string)
authentication_provider.ca_cert = ca_cert # TODO: make this part of the instantiation
pipeline_configuration = config.BasePipelineConfig(**kwargs)
iothub_pipeline = pipeline.IoTHubPipeline(authentication_provider,
pipeline_configuration)
return cls(iothub_pipeline)
def create_from_x509_certificate(cls, x509, hostname, device_id, module_id,
**kwargs):
"""
Instantiate a client which using X509 certificate authentication.
:param str hostname: Host running the IotHub.
Can be found in the Azure portal in the Overview tab as the string hostname.
:param x509: The complete x509 certificate object.
To use the certificate the enrollment object needs to contain cert
(either the root certificate or one of the intermediate CA certificates).
If the cert comes from a CER file, it needs to be base64 encoded.
:type x509: :class:`azure.iot.device.X509`
:param str device_id: The ID used to uniquely identify a device in the IoTHub
:param str module_id: The ID used to uniquely identify a module on a device on the IoTHub.
:param bool websockets: Default is False. Set to true if using MQTT over websockets.
:returns: An instance of an IoTHub client that uses an X509 certificate for authentication.
"""
authentication_provider = auth.X509AuthenticationProvider(
x509=x509,
hostname=hostname,
device_id=device_id,
module_id=module_id)
pipeline_configuration = config.BasePipelineConfig(**kwargs)
iothub_pipeline = pipeline.IoTHubPipeline(authentication_provider,
pipeline_configuration)
return cls(iothub_pipeline)
def test_receives_correct_config(self, stage, transport, mocker, op_set_connection_args):
stage.pipeline_root = pipeline_stages_base.PipelineRootStage(
config.BasePipelineConfig(websockets="__fake_boolean__")
)
stage.run_op(op_set_connection_args)
assert transport.call_args == mocker.call(
client_id=fake_client_id,
hostname=fake_hostname,
username=fake_username,
ca_cert=fake_ca_cert,
x509_cert=fake_certificate,
websockets="__fake_boolean__",
)
def create_from_shared_access_signature(cls, sas_token, **kwargs):
"""
Instantiate the client from a Shared Access Signature (SAS) token.
This method of instantiation is not recommended for general usage.
:param str sas_token: The string representation of a SAS token.
:param bool websockets: Default is False. Set to true if using MQTT over websockets.
:raises: ValueError if given an invalid sas_token
:returns: An instance of an IoTHub client that uses a SAS token for authentication.
"""
authentication_provider = auth.SharedAccessSignatureAuthenticationProvider.parse(
sas_token)
pipeline_configuration = config.BasePipelineConfig(**kwargs)
iothub_pipeline = pipeline.IoTHubPipeline(authentication_provider,
pipeline_configuration)
return cls(iothub_pipeline)
def create_from_edge_environment(cls, **kwargs):
"""
Instantiate the client from the IoT Edge environment.
This method can only be run from inside an IoT Edge container, or in a debugging
environment configured for Edge development (e.g. Visual Studio, Visual Studio Code)
:param bool websockets: Default is False. Set to true if using MQTT over websockets.
:raises: OSError if the IoT Edge container is not configured correctly.
:raises: ValueError if debug variables are invalid
:returns: An instance of an IoTHub client that uses the IoT Edge environment for
authentication.
"""
# First try the regular Edge container variables
try:
hostname = os.environ["IOTEDGE_IOTHUBHOSTNAME"]
device_id = os.environ["IOTEDGE_DEVICEID"]
module_id = os.environ["IOTEDGE_MODULEID"]
gateway_hostname = os.environ["IOTEDGE_GATEWAYHOSTNAME"]
module_generation_id = os.environ["IOTEDGE_MODULEGENERATIONID"]
workload_uri = os.environ["IOTEDGE_WORKLOADURI"]
api_version = os.environ["IOTEDGE_APIVERSION"]
except KeyError:
# As a fallback, try the Edge local dev variables for debugging.
# These variables are set by VS/VS Code in order to allow debugging
# of Edge application code in a non-Edge dev environment.
try:
connection_string = os.environ["EdgeHubConnectionString"]
ca_cert_filepath = os.environ["EdgeModuleCACertificateFile"]
except KeyError as e:
new_err = OSError(
"IoT Edge environment not configured correctly")
new_err.__cause__ = e
raise new_err
# TODO: variant ca_cert file vs data object that would remove the need for this fopen
# Read the certificate file to pass it on as a string
try:
with io.open(ca_cert_filepath, mode="r") as ca_cert_file:
ca_cert = ca_cert_file.read()
except (OSError, IOError) as e:
# In Python 2, a non-existent file raises IOError, and an invalid file raises an IOError.
# In Python 3, a non-existent file raises FileNotFoundError, and an invalid file raises an OSError.
# However, FileNotFoundError inherits from OSError, and IOError has been turned into an alias for OSError,
# thus we can catch the errors for both versions in this block.
# Unfortunately, we can't distinguish cause of error from error type, so the raised ValueError has a generic
# message. If, in the future, we want to add detail, this could be accomplished by inspecting the e.errno
# attribute
new_err = ValueError("Invalid CA certificate file")
new_err.__cause__ = e
raise new_err
# Use Symmetric Key authentication for local dev experience.
try:
authentication_provider = auth.SymmetricKeyAuthenticationProvider.parse(
connection_string)
except ValueError:
raise
authentication_provider.ca_cert = ca_cert
else:
# Use an HSM for authentication in the general case
try:
authentication_provider = auth.IoTEdgeAuthenticationProvider(
hostname=hostname,
device_id=device_id,
module_id=module_id,
gateway_hostname=gateway_hostname,
module_generation_id=module_generation_id,
workload_uri=workload_uri,
api_version=api_version,
)
except auth.IoTEdgeError as e:
new_err = OSError("Unexpected failure in IoTEdge")
new_err.__cause__ = e
raise new_err
pipeline_configuration = config.BasePipelineConfig(**kwargs)
iothub_pipeline = pipeline.IoTHubPipeline(authentication_provider,
pipeline_configuration)
edge_pipeline = pipeline.EdgePipeline(authentication_provider)
return cls(iothub_pipeline, edge_pipeline=edge_pipeline)