public async Task TestGetModulesIdentity_WithUpdatedModules_AuthTypeNotSas_ShouldUpdateIdentities()
{
const string Name = "test-filters";
string primaryKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("primarySymmetricKey"));
string secondaryKey = Convert.ToBase64String(Encoding.UTF8.GetBytes("secondarySymmetricKey"));
var serviceModuleIdentity = new Module("device1", Name);
serviceModuleIdentity.Authentication = new AuthenticationMechanism();
serviceModuleIdentity.Authentication.Type = AuthenticationType.CertificateAuthority;
var thumbprint = new X509Thumbprint();
thumbprint.PrimaryThumbprint = primaryKey;
thumbprint.SecondaryThumbprint = secondaryKey;
serviceModuleIdentity.Authentication.X509Thumbprint = thumbprint;
var serviceClient = new Mock <IServiceClient>();
string hostname = "hostname.fake.com";
string deviceId = "deviceId";
string gatewayHostName = "localhost";
Module[] serviceIdentities = { serviceModuleIdentity };
serviceClient.Setup(sc => sc.GetModules()).Returns(Task.FromResult(serviceIdentities.AsEnumerable()));
serviceClient.Setup(sc => sc.UpdateModules(It.IsAny <IEnumerable <Module> >())).Callback(
(IEnumerable <Module> modules) =>
{
foreach (Module m in modules)
{
m.Authentication.SymmetricKey = new SymmetricKey();
m.Authentication.SymmetricKey.PrimaryKey = primaryKey;
}
}).Returns(Task.FromResult(serviceIdentities));
var module = new TestModule(Name, "v1", "test", ModuleStatus.Running, new TestConfig("image"), RestartPolicy.OnUnhealthy, ImagePullPolicy.OnCreate, DefaultConfigurationInfo, EnvVars);
IImmutableDictionary <string, IModuleIdentity> modulesIdentities = await new ModuleIdentityLifecycleManager(serviceClient.Object, hostname, deviceId, gatewayHostName)
.GetModuleIdentitiesAsync(ModuleSet.Create(new IModule[] { module }), ModuleSet.Empty);
serviceClient.Verify(sc => sc.UpdateModules(It.IsAny <IEnumerable <Module> >()), Times.Once());
Assert.True(modulesIdentities.Count() == 1);
var creds = modulesIdentities.First().Value.Credentials as ConnectionStringCredentials;
Assert.NotNull(creds);
IotHubConnectionStringBuilder connectionString = IotHubConnectionStringBuilder.Create(creds.ConnectionString);
Assert.NotNull(connectionString.SharedAccessKey);
}
public static async Task <EdgeDevice> GetOrCreateIdentityAsync(
string deviceId,
IotHub iotHub,
AuthenticationType authType,
X509Thumbprint x509Thumbprint,
CancellationToken token)
{
Option <EdgeDevice> device = await GetIdentityAsync(deviceId, iotHub, token);
return(await device.Match(
d =>
{
Log.Information(
"Device '{Device}' already exists on hub '{IotHub}'",
d.Id,
iotHub.Hostname);
return Task.FromResult(d);
},
() => CreateIdentityAsync(deviceId, iotHub, authType, x509Thumbprint, token)));
}
public static Task <EdgeDevice> CreateIdentityAsync(
string deviceId,
IotHub iotHub,
AuthenticationType authType,
X509Thumbprint x509Thumbprint,
CancellationToken token)
{
if (authType == AuthenticationType.SelfSigned && x509Thumbprint == null)
{
throw new ArgumentException("A device created with self-signed mechanism must provide an x509 thumbprint.");
}
return(Profiler.Run(
async() =>
{
Device device = await iotHub.CreateEdgeDeviceIdentityAsync(deviceId, authType, x509Thumbprint, token);
return new EdgeDevice(device, true, iotHub);
},
"Created edge device '{Device}' on hub '{IotHub}'",
deviceId,
iotHub.Hostname));
}
public async Task <Device> CreateEdgeDeviceIdentityAsync(string deviceId, Option <string> parentDeviceId, AuthenticationType authType, X509Thumbprint x509Thumbprint, CancellationToken token)
{
Log.Information($"Creating edge device {deviceId} with parentId: {parentDeviceId.GetOrElse("NO PARENT")}");
Device edge = await parentDeviceId.Match(
async p =>
{
Device parentDevice = await this.GetDeviceIdentityAsync(p, token);
string parentDeviceScope = parentDevice == null ? string.Empty : parentDevice.Scope;
Log.Information($"Parent scope: {parentDeviceScope}");
return(new Device(deviceId)
{
Authentication = new AuthenticationMechanism()
{
Type = authType,
X509Thumbprint = x509Thumbprint
},
Capabilities = new DeviceCapabilities()
{
IotEdge = true
},
ParentScopes = new[] { parentDeviceScope }
});
},
() =>
{
return(Task.FromResult(new Device(deviceId)
{
Authentication = new AuthenticationMechanism()
{
Type = authType,
X509Thumbprint = x509Thumbprint
},
Capabilities = new DeviceCapabilities()
{
IotEdge = true
}
}));
});
return(await this.CreateDeviceIdentityAsync(edge, token));
}
public async Task <Device> CreateEdgeDeviceIdentityAsync(string deviceId, Option <string> parentDeviceId, AuthenticationType authType, X509Thumbprint x509Thumbprint, CancellationToken token)
{
Device edge = await parentDeviceId.Match(
async p =>
{
Device parentDevice = await this.GetDeviceIdentityAsync(p, token);
string parentDeviceScope = parentDevice == null ? string.Empty : parentDevice.Scope;
Log.Verbose($"Parent scope: {parentDeviceScope}");
var result = new Device(deviceId)
{
Authentication = new AuthenticationMechanism()
{
Type = authType,
X509Thumbprint = x509Thumbprint
},
Capabilities = new DeviceCapabilities()
{
IotEdge = true
}
};
result.ParentScopes.Add(parentDeviceScope);
return(result);
},
() =>
{
return(Task.FromResult(new Device(deviceId)
{
Authentication = new AuthenticationMechanism()
{
Type = authType,
X509Thumbprint = x509Thumbprint
},
Capabilities = new DeviceCapabilities()
{
IotEdge = true
}
}));
});
return(await this.CreateDeviceIdentityAsync(edge, token));
}
public Task <Device> CreateEdgeDeviceIdentityAsync(string deviceId, AuthenticationType authType, X509Thumbprint x509Thumbprint, CancellationToken token)
{
Device edge = new Device(deviceId)
{
Authentication = new AuthenticationMechanism()
{
Type = authType,
X509Thumbprint = x509Thumbprint
},
Capabilities = new DeviceCapabilities()
{
IotEdge = true
}
};
return(this.CreateDeviceIdentityAsync(edge, token));
}
internal AuthenticationMechanism(SymmetricKey symmetricKey, X509Thumbprint x509Thumbprint, AuthenticationMechanismType?type)
{
SymmetricKey = symmetricKey;
X509Thumbprint = x509Thumbprint;
Type = type;
}
