def init_with_bundle(self, info): """ Init the peer with given info dict :param info: Dict including all info, e.g., endpoint, grpc option :return: True or False """ if 'mspid' in info: self._mspid = info['mspid'] if 'peers' in info: self._peers = info['peers'] if 'orderers' in info: self._orderers = info['orderers'] if 'certificateAuthorities' in info: self._CAs = info['certificateAuthorities'] if 'users' in info: users = info['users'] for name in users: # maintain backward compatibility - wrap path and pem statements in 'private_key' and 'cert' objects try: key_pem = _handle_key_type(users[name].get('private_key')) cert_pem = _handle_key_type(users[name].get('cert')) except ValueError as e: _logger.error( "error happened initializing user via bundle: {}". format(e)) return False user = create_user(name, self._name, self._state_store, self._mspid, key_pem, cert_pem) self._users[name] = user return True
def get_orderer_org_user(org='example.com', user='******', state_store=None): """Loads the admin user for a given orderer org and returns an user object. Currently, orderer org only has Admin """ msp_path = os.path.join( os.getcwd(), 'test/fixtures/e2e_cli/crypto-config/ordererOrganizations/' 'example.com/users/[email protected]/msp/') key_path = os.path.join( msp_path, 'keystore/', E2E_CONFIG['test-network']['orderer']['users'][user]['private_key']) cert_path = os.path.join( msp_path, 'signcerts', E2E_CONFIG['test-network']['orderer']['users'][user]['cert']) msp_id = E2E_CONFIG['test-network']['orderer']['mspid'] with open(key_path, 'rb') as f: key_pem = f.read() with open(cert_path, 'rb') as f: cert_pem = f.read() return create_user(user, org, state_store, msp_id, key_pem, cert_pem)
def get_peer_org_user(org, user, state_store): """Loads the requested user for a given peer org and returns a user object. """ peer_user_base_path = os.path.join( os.getcwd(), 'test/fixtures/e2e_cli/crypto-config/peerOrganizations/{0}' '/users/{1}@{0}/msp/'.format(org, user)) key_path = os.path.join( peer_user_base_path, 'keystore/', E2E_CONFIG['test-network'][org]['users'][user]['private_key']) cert_path = os.path.join( peer_user_base_path, 'signcerts/', E2E_CONFIG['test-network'][org]['users'][user]['cert']) msp_id = E2E_CONFIG['test-network'][org]['mspid'] with open(key_path, 'rb') as f: key_pem = f.read() with open(cert_path, 'rb') as f: cert_pem = f.read() return create_user(user, org, state_store, msp_id, key_pem, cert_pem)
def wait(): with get_event_loop() as loop: channel_name = LEDGER['channel_name'] chaincode_name = LEDGER['chaincode_name'] peer = LEDGER['peer'] peer_port = peer["port"][os.environ.get('BACKEND_PEER_PORT', 'external')] client = Client() channel = client.new_channel(channel_name) target_peer = Peer(name=peer['name']) requestor_config = LEDGER['client'] target_peer.init_with_bundle({ 'url': f'{peer["host"]}:{peer_port}', 'grpcOptions': peer['grpcOptions'], 'tlsCACerts': { 'path': peer['tlsCACerts'] }, 'clientKey': { 'path': peer['clientKey'] }, 'clientCert': { 'path': peer['clientCert'] }, }) try: # can fail requestor = create_user( name=requestor_config['name'] + '_events', org=requestor_config['org'], state_store=FileKeyValueStore(requestor_config['state_store']), msp_id=requestor_config['msp_id'], key_path=glob.glob(requestor_config['key_path'])[0], cert_path=requestor_config['cert_path']) except BaseException: pass else: channel_event_hub = channel.newChannelEventHub( target_peer, requestor) # use chaincode event # uncomment this line if you want to replay blocks from the beginning for debugging purposes # stream = channel_event_hub.connect(start=0, filtered=False) stream = channel_event_hub.connect(filtered=False) channel_event_hub.registerChaincodeEvent(chaincode_name, 'tuples-updated', onEvent=on_tuples) loop.run_until_complete(stream)
def create_user(self, enrollment_id, org, msp_id, state_store=None): """ Returns an instance of a user whose identity is stored in the FileSystemWallet """ if not self.exists(enrollment_id): raise AttributeError('"user" does not exist') state_store = FileKeyValueStore(self._path) cert_path = self._path + '/' + enrollment_id + '/' + 'private_sk' key_path = self._path + '/' + enrollment_id + '/' + 'enrollmentCert.pem' user = create_user(enrollment_id, org, state_store, msp_id, key_path, cert_path) return user
def create_user(self, enrollment_id, org, msp_id, state_store=None): """Returns an instance of a user whose identity is stored in the FileSystemWallet :param enrollment_id: enrollment id :param org: organization :param msp_id: MSP id :param state_store: state store (Default value = None) :return: a user instance """ if not self.exists(enrollment_id): raise AttributeError('"user" does not exist') state_store = FileKeyValueStore(self._path) key_path = self._path + '/' + enrollment_id + '/' + 'private_sk' cert_path = self._path + '/' + enrollment_id + '/' + 'enrollmentCert.pem' user = create_user(enrollment_id, org, state_store, msp_id, key_path, cert_path) return user
def init_with_bundle(self, info): """ Init the peer with given info dict :param info: Dict including all info, e.g., endpoint, grpc option :return: True or False """ try: self._mspid = info['mspid'] self._peers = info['peers'] self._CAs = info['certificateAuthorities'] users = info['users'] for name in users: user = create_user(name, self._name, self._state_store, self._mspid, users[name].get('private_key'), users[name].get('cert')) self._users[name] = user except KeyError: return False return True
def get_peer_org_user(org, user, state_store): """Loads the requested user for a given peer org and returns a user object. """ peer_user_base_path = os.path.join( os.getcwd(), 'test/fixtures/trustas/crypto-config/peerOrganizations/{0}' '/users/{1}@{0}/msp/'.format(org, user)) key_path = os.path.join(peer_user_base_path, 'keystore/', NET_CONFIG[org]['users'][user]['private_key']) cert_path = os.path.join(peer_user_base_path, 'signcerts/', NET_CONFIG[org]['users'][user]['cert']) msp_id = NET_CONFIG[org]['mspid'] return create_user(user, org, state_store, msp_id, key_path, cert_path)
def get_orderer_org_user(org='example.com', user='******', state_store=None): """Loads the admin user for a given orderer org and returns an user object. Currently, orderer org only has Admin """ msp_path = os.path.join( os.getcwd(), 'test/fixtures/trustas/crypto-config/ordererOrganizations/' 'example.com/users/[email protected]/msp/') key_path = os.path.join( msp_path, 'keystore/', NET_CONFIG['orderer']['users'][user]['private_key']) cert_path = os.path.join(msp_path, 'signcerts', NET_CONFIG['orderer']['users'][user]['cert']) msp_id = NET_CONFIG['orderer']['mspid'] return create_user(user, org, state_store, msp_id, key_path, cert_path)
} peer1_owkin = create_peer(endpoint=peer_config['url'], tls_cacerts=peer_config['tlsCACerts']['path'], client_key=peer_config['clientKey']['path'], client_cert=peer_config['clientServer']['path'], opts=[(k, v) for k, v in peer_config['grpcOptions'].items() ]) key_path = glob.glob('/substra/data/orgs/owkin/admin/msp/keystore/*')[0] cert_path = '/substra/data/orgs/owkin/admin/msp/signcerts/cert.pem' admin_owkin = create_user(name='admin', org='owkin', state_store=FileKeyValueStore('/tmp/kvs/'), msp_id='owkinMSP', key_path=key_path, cert_path=cert_path) client = Client() print(client.query_peers(admin_owkin, peer1_owkin)) print( client.query_peers(admin_owkin, peer1_owkin, channel='mychannel', local=False)) client.init_with_discovery(admin_owkin, peer1_owkin, 'mychannel') response = Channel('', '')._discovery(admin_owkin,
def wait(channel_name): def on_channel_event(cc_event, block_number, tx_id, tx_status): on_event(channel_name, cc_event, block_number, tx_id, tx_status) with get_event_loop() as loop: client = Client() channel = client.new_channel(channel_name) target_peer = Peer(name=settings.LEDGER_PEER_NAME) target_peer.init_with_bundle({ 'url': f'{settings.LEDGER_PEER_HOST}:{settings.LEDGER_PEER_PORT}', 'grpcOptions': ledger_grpc_options(settings.LEDGER_PEER_HOST), 'tlsCACerts': { 'path': settings.LEDGER_PEER_TLS_CA_CERTS }, 'clientKey': { 'path': settings.LEDGER_PEER_TLS_CLIENT_KEY }, 'clientCert': { 'path': settings.LEDGER_PEER_TLS_CLIENT_CERT }, }) try: # can fail requestor = create_user(name=f'{settings.LEDGER_USER_NAME}_events', org=settings.ORG_NAME, state_store=FileKeyValueStore( settings.LEDGER_CLIENT_STATE_STORE), msp_id=settings.LEDGER_MSP_ID, key_path=glob.glob( settings.LEDGER_CLIENT_KEY_PATH)[0], cert_path=settings.LEDGER_CLIENT_CERT_PATH) except BaseException: pass else: # Note: # We do a loop to connect to the channel event hub because grpc may disconnect and create an exception # Since we're in a django app of backend, an exception here will not crash the server (if the "ready" # method has already returned "true"). # It makes it difficult to reconnect automatically because we need to kill the server # to trigger the connexion. # So we catch this exception (RPC error) and retry to connect to the event loop. while True: # use chaincode event channel_event_hub = channel.newChannelEventHub( target_peer, requestor) try: # We want to replay blocks from the beginning (start=0) if channel event hub was disconnected during # events emission stream = channel_event_hub.connect(start=0, filtered=False) channel_event_hub.registerChaincodeEvent( settings.LEDGER_CHANNELS[channel_name]['chaincode'] ['name'], 'chaincode-updates', onEvent=on_channel_event) logger.info( f'Connect to Channel Event Hub ({channel_name})') loop.run_until_complete(stream) except Exception as e: logger.error( f'Channel Event Hub failed for {channel_name} ({type(e)}): {e} re-connecting in 5s' ) time.sleep(5)
'LEDGER_CONFIG_FILE', f'{SUBSTRA_FOLDER}/conf/{ORG}/substra-backend/conf.json') LEDGER = json.load(open(LEDGER_CONFIG_FILE, 'r')) LEDGER_SYNC_ENABLED = True LEDGER_CALL_RETRY = True LEDGER_MAX_RETRY_TIMEOUT = 5 PEER_PORT = LEDGER['peer']['port'][os.environ.get('BACKEND_PEER_PORT', 'external')] LEDGER['requestor'] = create_user( name=LEDGER['client']['name'], org=LEDGER['client']['org'], state_store=FileKeyValueStore(LEDGER['client']['state_store']), msp_id=LEDGER['client']['msp_id'], key_path=glob.glob(LEDGER['client']['key_path'])[0], cert_path=LEDGER['client']['cert_path']) def get_hfc_client(): loop = asyncio.new_event_loop() asyncio.set_event_loop(loop) client = Client() # Add peer from backend ledger config file peer = Peer(name=LEDGER['peer']['name']) peer.init_with_bundle({
def _get_hfc(channel_name): global user loop = asyncio.new_event_loop() asyncio.set_event_loop(loop) if not user: with user_lock: # Only call `create_user` once in the lifetime of the application. # Calling `create_user` twice breaks thread-safety (bug in fabric-sdk-py) user = create_user(name=settings.LEDGER_USER_NAME, org=settings.ORG_NAME, state_store=FileKeyValueStore( settings.LEDGER_CLIENT_STATE_STORE), msp_id=settings.LEDGER_MSP_ID, key_path=glob.glob( settings.LEDGER_CLIENT_KEY_PATH)[0], cert_path=settings.LEDGER_CLIENT_CERT_PATH) client = Client() # Add peer from backend ledger config file peer = Peer(name=settings.LEDGER_PEER_NAME) peer.init_with_bundle({ 'url': f'{settings.LEDGER_PEER_HOST}:{settings.LEDGER_PEER_PORT}', 'grpcOptions': ledger_grpc_options(settings.LEDGER_PEER_HOST), 'tlsCACerts': { 'path': settings.LEDGER_PEER_TLS_CA_CERTS }, 'clientKey': { 'path': settings.LEDGER_PEER_TLS_CLIENT_KEY }, 'clientCert': { 'path': settings.LEDGER_PEER_TLS_CLIENT_CERT }, }) client._peers[settings.LEDGER_PEER_NAME] = peer # Check peer has joined channel response = loop.run_until_complete( client.query_channels(requestor=user, peers=[peer], decode=True)) channels = [ch.channel_id for ch in response.channels] if channel_name not in channels: raise Exception(f'Peer has not joined channel: {channel_name}') channel = client.new_channel(channel_name) # This part is commented because `query_committed_chaincodes` is not implemented in # the last version of fabric-sdk-py # chaincode_name = settings.LEDGER_CHANNELS[channel_name]['chaincode']['name'] # /!\ New chaincode lifecycle. # Check chaincode is committed in the channel # responses = loop.run_until_complete( # client.query_committed_chaincodes( # requestor=user, # channel_name=channel_name, # peers=[peer], # decode=True # ) # ) # chaincodes = [cc.name # for resp in responses # for cc in resp.chaincode_definitions] # if chaincode_name not in chaincodes: # raise Exception(f'Chaincode : {chaincode_name}' # f' is not committed in the channel : {channel_name}') # Discover orderers and peers from channel discovery results = loop.run_until_complete( channel._discovery(user, peer, config=True, local=False, interests=[{ 'chaincodes': [{ 'name': "_lifecycle" }] }])) results = _deserialize_discovery(results) _validate_channels(channel_name, results) _update_client_with_discovery(client, results) return loop, client, user
def update_cli(cli, orgs): for org in orgs: # add organization cli._organizations.update( {org['name']: create_org(org['name'], org, cli.state_store)}) # register users except rca boostrap admin for user_name in org['users'].keys(): org_user = org['users'][user_name] org_user_home = org_user['home'] org_user_msp_dir = os.path.join(org_user_home, 'msp') # register user user_cert_path = os.path.join(org_user_msp_dir, 'signcerts', 'cert.pem') user_key_path = os.path.join(org_user_msp_dir, 'keystore', 'key.pem') user = create_user(name=org_user['name'], org=org['name'], state_store=cli.state_store, msp_id=org['mspid'], cert_path=user_cert_path, key_path=user_key_path) cli._organizations[org['name']]._users.update( {org_user['name']: user}) # register orderer if 'orderers' in org: for o in org['orderers']: tls_orderer_client_dir = os.path.join( o['tls']['dir']['external'], o['tls']['client']['dir']) orderer = Orderer( o['name'], endpoint=f"{o['host']}:{o['port']['internal']}", tls_ca_cert_file=os.path.join(tls_orderer_client_dir, o['tls']['client']['ca']), client_cert_file=os.path.join(tls_orderer_client_dir, o['tls']['client']['cert']), client_key_file=os.path.join(tls_orderer_client_dir, o['tls']['client']['key']), ) cli._orderers.update({o['name']: orderer}) # register peers if 'peers' in org: for peer in org['peers']: tls_peer_client_dir = os.path.join( peer['tls']['dir']['external'], peer['tls']['client']['dir']) port = peer['port'][os.environ.get('ENV', 'external')] p = Peer( name=peer['name'], endpoint=f"{peer['host']}:{port}", tls_ca_cert_file=os.path.join(tls_peer_client_dir, peer['tls']['client']['ca']), client_cert_file=os.path.join( tls_peer_client_dir, peer['tls']['client']['cert']), client_key_file=os.path.join(tls_peer_client_dir, peer['tls']['client']['key'])) cli._peers.update({peer['name']: p}) # register system channel system_channel_name = org['misc']['system_channel_name'] if not cli.get_channel(system_channel_name): cli.new_channel(system_channel_name) return cli