def __post_init__(self):
if not self.tls_ca_cert and self.tls_ca_cert_path:
with open(self.tls_ca_cert_path, 'rb') as inf:
self.tls_ca_cert = inf.read()
if not self.client_cert and self.client_cert_path:
with open(self.client_cert_path, 'rb') as inf:
self.client_cert = inf.read()
if not self.client_key and self.client_key_path:
with open(self.client_key_path, 'rb') as inf:
self.client_key = inf.read()
opts = [
("grpc.ssl_target_name_override", self.ssl_target_name)
] if self.ssl_target_name else []
# pylint: disable=attribute-defined-outside-init
# Create GRPC channel
if self.tls_ca_cert:
# Add client credentials if available
if self.client_cert and self.client_key:
creds = aiogrpc.ssl_channel_credentials(
self.tls_ca_cert,
private_key=self.client_key,
certificate_chain=self.client_cert
)
else:
creds = aiogrpc.ssl_channel_credentials(self.tls_ca_cert)
# Create secure channel
self._grpc_channel = aiogrpc.secure_channel(
self.endpoint, creds, opts
)
else:
# Create insecure channel if no cert
self._grpc_channel = aiogrpc.insecure_channel(self.endpoint, opts)
def _create_grpc_channel(self, endpoint, ssl=False,
ca_cert=None, cert_key=None, cert_cert=None, default_ca=False, options=None,
*, loop=None, executor=None):
credentials = None
if not ssl:
channel = aiogrpc.insecure_channel(endpoint, options=options, loop=loop, executor=executor,
standalone_pool_for_streaming=True)
else:
if default_ca:
ca_cert = None
else:
if ca_cert is None:
logger.warning("Certificate authority is not specified. Empty CA will be used. To use system CA set"
" `default_ca=True`")
ca_cert = ''
# to ensure ssl connect , set grpc env
# os.environ['GRPC_SSL_CIPHER_SUITES'] = 'ECDHE-ECDSA-AES256-GCM-SHA384'
credentials = aiogrpc.ssl_channel_credentials(ca_cert, cert_key, cert_cert)
channel = aiogrpc.secure_channel(endpoint, credentials, options=options,
loop=loop, executor=executor,
standalone_pool_for_streaming=True)
# Save parameters for auto-recreate
self._credentials = credentials
self._options = options
self._loop = channel._loop
self._executor = executor
return channel
def _connect(self, timeout: float, request_control: bool) -> None:
"""The function that runs on the connection thread. This will connect to Vector,
and establish the BehaviorControl stream.
"""
try:
if threading.main_thread() is threading.current_thread():
raise Exception("\n\nConnection._connect must be run outside of the main thread.")
self._loop = asyncio.new_event_loop()
asyncio.set_event_loop(self._loop)
self._done_signal = asyncio.Event()
self._control_events = _ControlEventManager(self._loop)
trusted_certs = None
with open(self.cert_file, 'rb') as cert:
trusted_certs = cert.read()
# Pin the robot certificate for opening the channel
channel_credentials = aiogrpc.ssl_channel_credentials(root_certificates=trusted_certs)
# Add authorization header for all the calls
call_credentials = aiogrpc.access_token_call_credentials(self._guid)
credentials = aiogrpc.composite_channel_credentials(channel_credentials, call_credentials)
self._logger.info(f"Connecting to {self.host} for {self.name} using {self.cert_file}")
self._channel = aiogrpc.secure_channel(self.host, credentials,
options=(("grpc.ssl_target_name_override", self.name,),))
# Verify the connection to Vector is able to be established (client-side)
try:
# Explicitly grab _channel._channel to test the underlying grpc channel directly
grpc.channel_ready_future(self._channel._channel).result(timeout=timeout) # pylint: disable=protected-access
except grpc.FutureTimeoutError as e:
raise exceptions.VectorNotFoundException() from e
self._interface = client.ExternalInterfaceStub(self._channel)
# Verify Vector and the SDK have compatible protocol versions
version = protocol.ProtocolVersionRequest(client_version=0, min_host_version=0)
protocol_version = self._loop.run_until_complete(self._interface.ProtocolVersion(version))
if protocol_version.result != protocol.ProtocolVersionResponse.SUCCESS: # pylint: disable=no-member
raise exceptions.VectorInvalidVersionException(version, protocol_version)
self._control_stream_task = self._loop.create_task(self._open_connections())
# WV -->--
if (request_control): self._loop.run_until_complete(self._request_control(timeout=timeout))
# WV --<--
except Exception as e: # pylint: disable=broad-except
# Propagate the errors to the calling thread
setattr(self._ready_signal, "exception", e)
return
finally:
self._ready_signal.set()
async def wait_until_done():
return await self._done_signal.wait()
self._loop.run_until_complete(wait_until_done())
def create_grpc_channel(target,
cert_file=None,
client_key=None,
client_cert=None,
opts=None):
"""Construct a grpc channel.
Args:
target: server address include host:port
cert_file: ssl/tls root cert file for the connection
opts: grpc channel options
grpc.default_authority: default authority
grpc.ssl_target_name_override: ssl target name override
Returns:
grpc channel
"""
root_cert = None
if cert_file:
if isinstance(cert_file, bytes):
root_cert = cert_file
else:
with open(cert_file, 'rb') as f:
root_cert = f.read()
if client_key:
if not isinstance(client_key, bytes):
with open(client_key, 'rb') as f:
client_key = f.read()
if client_cert:
if not isinstance(client_cert, bytes):
with open(client_cert, 'rb') as f:
client_cert = f.read()
if root_cert is None:
return aiogrpc.insecure_channel(target, opts)
else:
if client_cert and client_key:
creds = aiogrpc. \
ssl_channel_credentials(root_cert,
private_key=client_key,
certificate_chain=client_cert)
else:
creds = aiogrpc.ssl_channel_credentials(root_cert)
return aiogrpc.secure_channel(target, creds, opts)
def __connect(self):
"""Connect to the server"""
cert = open('grpc-server.crt').read().encode("utf8")
creds = grpc.ssl_channel_credentials(cert)
channel = grpc.secure_channel("139.59.47.250:443",
creds,
options=((
'grpc.ssl_target_name_override',
"localhost",
), ))
self.action_stub = DalalMessage_pb2_grpc.DalalActionServiceStub(
channel)
self.stream_stub = DalalMessage_pb2_grpc.DalalStreamServiceStub(
channel)
def _open_channel(self, rpc_server, rpc_port, cert_path, macaroon_path,
is_async) -> ChannelData:
try:
macaroon = ""
if macaroon_path is not None:
with open(macaroon_path, 'rb') as f:
macaroon_bytes = f.read()
macaroon = codecs.encode(macaroon_bytes, 'hex')
rpc_url = "{}:{}".format(rpc_server, rpc_port)
cert = open(cert_path, "rb").read()
except FileNotFoundError as file_error:
print(file_error)
return ChannelData(
channel=None,
macaroon=None,
error=ServerError(error_message=str(file_error)))
try:
if is_async:
creds = aiogrpc.ssl_channel_credentials(cert)
channel = aiogrpc.secure_channel(rpc_url, creds)
else:
creds = grpc.ssl_channel_credentials(cert)
channel = grpc.secure_channel(rpc_url, creds)
grpc.channel_ready_future(channel).result(timeout=2)
except grpc.RpcError as exc:
# pylint: disable=E1101
print(exc)
return ChannelData(
channel=None,
macaroon=None,
error=ServerError.generic_rpc_error(exc.code(), exc.details()))
except grpc.FutureTimeoutError as exc:
print(exc)
return ChannelData(
channel=None, macaroon=None, error=WalletInstanceNotRunning())
return ChannelData(channel=channel, macaroon=macaroon, error=None)
def __connect(self):
"""Connect to the server"""
try:
cert = open('grpc-server.crt').read().encode("utf8")
creds = grpc.ssl_channel_credentials(cert)
channel = grpc.secure_channel("localhost:8000",
creds,
options=((
'grpc.ssl_target_name_override',
"localhost",
), ))
self.action_stub = DalalMessage_pb2_grpc.DalalActionServiceStub(
channel)
self.stream_stub = DalalMessage_pb2_grpc.DalalStreamServiceStub(
channel)
except Exception as e:
error_traceback = ''.join(traceback.format_tb(e.__traceback__))
error_message = "Got error: {} @@@ {}".format(
str(e), error_traceback)
self.write_to_logs(-1, error_message)
def _connect(self, timeout: float) -> None:
"""The function that runs on the connection thread. This will connect to Vector,
and establish the BehaviorControl stream.
"""
try:
if threading.main_thread() is threading.current_thread():
raise Exception(
"\n\nConnection._connect must be run outside of the main thread."
)
self._loop = asyncio.new_event_loop()
asyncio.set_event_loop(self._loop)
self._done_signal = asyncio.Event()
if not self._requires_behavior_control:
self._control_events = _ControlEventManager(self._loop)
else:
self._control_events = _ControlEventManager(
self._loop,
priority=CONTROL_PRIORITY_LEVEL.TOP_PRIORITY_AI)
trusted_certs = None
with open(self.cert_file, 'rb') as cert:
trusted_certs = cert.read()
# Pin the robot certificate for opening the channel
channel_credentials = aiogrpc.ssl_channel_credentials(
root_certificates=trusted_certs)
# Add authorization header for all the calls
call_credentials = aiogrpc.access_token_call_credentials(
self._guid)
credentials = aiogrpc.composite_channel_credentials(
channel_credentials, call_credentials)
self._logger.info(
f"Connecting to {self.host} for {self.name} using {self.cert_file}"
)
self._channel = aiogrpc.secure_channel(
self.host,
credentials,
options=((
"grpc.ssl_target_name_override",
self.name,
), ))
# Verify the connection to Vector is able to be established (client-side)
try:
# Explicitly grab _channel._channel to test the underlying grpc channel directly
grpc.channel_ready_future(self._channel._channel).result(
timeout=timeout) # pylint: disable=protected-access
except grpc.FutureTimeoutError as e:
raise VectorNotFoundException() from e
self._interface = client.ExternalInterfaceStub(self._channel)
# Verify Vector and the SDK have compatible protocol versions
version = protocol.ProtocolVersionRequest(
client_version=CLIENT_VERSION,
min_host_version=MIN_HOST_VERSION)
protocol_version = self._loop.run_until_complete(
self._interface.ProtocolVersion(version))
if protocol_version.result != protocol.ProtocolVersionResponse.SUCCESS or MIN_HOST_VERSION > protocol_version.host_version: # pylint: disable=no-member
raise VectorInvalidVersionException(version, protocol_version)
self._control_stream_task = self._loop.create_task(
self._open_connections())
# Initialze SDK
sdk_module_version = __version__
python_version = platform.python_version()
python_implementation = platform.python_implementation()
os_version = platform.platform()
cpu_version = platform.machine()
initialize = protocol.SDKInitializationRequest(
sdk_module_version=sdk_module_version,
python_version=python_version,
python_implementation=python_implementation,
os_version=os_version,
cpu_version=cpu_version)
self._loop.run_until_complete(
self._interface.SDKInitialization(initialize))
if self._requires_behavior_control:
self._loop.run_until_complete(
self._request_control(timeout=timeout))
except Exception as e: # pylint: disable=broad-except
# Propagate the errors to the calling thread
setattr(self._ready_signal, "exception", e)
self._loop.close()
return
finally:
self._ready_signal.set()
try:
async def wait_until_done():
return await self._done_signal.wait()
self._loop.run_until_complete(wait_until_done())
finally:
self._loop.close()
