public static async Task ProvisioningServiceClient_GroupEnrollments_Create_Ok(string proxyServerAddress, AttestationType attestationType, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs) { string groupId = "some-valid-group-id-" + attestationTypeToString(attestationType) + "-" + Guid.NewGuid(); using (ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(proxyServerAddress)) { EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroup(provisioningServiceClient, attestationType, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs).ConfigureAwait(false); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.GetEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); Assert.AreEqual(enrollmentGroupResult.ProvisioningStatus, ProvisioningStatus.Enabled); if (reprovisionPolicy != null) { Assert.AreEqual(reprovisionPolicy.MigrateDeviceData, enrollmentGroupResult.ReprovisionPolicy.MigrateDeviceData); Assert.AreEqual(reprovisionPolicy.UpdateHubAssignment, enrollmentGroupResult.ReprovisionPolicy.UpdateHubAssignment); } if (customAllocationDefinition != null) { Assert.AreEqual(customAllocationDefinition.WebhookUrl, enrollmentGroupResult.CustomAllocationDefinition.WebhookUrl); Assert.AreEqual(customAllocationDefinition.ApiVersion, enrollmentGroupResult.CustomAllocationDefinition.ApiVersion); } Assert.AreEqual(allocationPolicy, enrollmentGroup.AllocationPolicy); await provisioningServiceClient.DeleteEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); } }
public static async Task<EnrollmentGroup> CreateEnrollmentGroup(ProvisioningServiceClient provisioningServiceClient, AttestationMechanismType attestationType, string groupId, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection<string> iothubs, DeviceCapabilities capabilities) { Attestation attestation; switch (attestationType) { case AttestationMechanismType.Tpm: throw new NotSupportedException("Group enrollments do not support tpm attestation"); case AttestationMechanismType.SymmetricKey: string primaryKey = CryptoKeyGenerator.GenerateKey(32); string secondaryKey = CryptoKeyGenerator.GenerateKey(32); attestation = new SymmetricKeyAttestation(primaryKey, secondaryKey); break; case AttestationMechanismType.X509: default: throw new NotSupportedException("Test code has not been written for testing this attestation type yet"); } var enrollmentGroup = new EnrollmentGroup(groupId, attestation) { Capabilities = capabilities, ReprovisionPolicy = reprovisionPolicy, AllocationPolicy = allocationPolicy, CustomAllocationDefinition = customAllocationDefinition, IotHubs = iothubs, }; return await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); }
public static async Task ProvisioningServiceClient_GroupEnrollments_Create_Ok(string proxyServerAddress, AttestationMechanismType attestationType, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection<string> iothubs) { string groupId = s_devicePrefix + AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); using (ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(proxyServerAddress)) { EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroup(provisioningServiceClient, attestationType, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs, null).ConfigureAwait(false); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.GetEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); Assert.AreEqual(enrollmentGroupResult.ProvisioningStatus, ProvisioningStatus.Enabled); if (reprovisionPolicy != null) { Assert.AreEqual(reprovisionPolicy.MigrateDeviceData, enrollmentGroupResult.ReprovisionPolicy.MigrateDeviceData); Assert.AreEqual(reprovisionPolicy.UpdateHubAssignment, enrollmentGroupResult.ReprovisionPolicy.UpdateHubAssignment); } if (customAllocationDefinition != null) { Assert.AreEqual(customAllocationDefinition.WebhookUrl, enrollmentGroupResult.CustomAllocationDefinition.WebhookUrl); Assert.AreEqual(customAllocationDefinition.ApiVersion, enrollmentGroupResult.CustomAllocationDefinition.ApiVersion); } Assert.AreEqual(allocationPolicy, enrollmentGroup.AllocationPolicy); try { await provisioningServiceClient.DeleteEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); } catch (Exception ex) { Console.WriteLine($"Cleanup of enrollment group failed due to {ex}"); } } }
public void EnrollmentGroupConstructorJSONSucceedOnMinimumJSON() { // arrange string minJson = "{\n" + " \"enrollmentGroupId\":\"" + SampleEnrollmentGroupId + "\",\n" + " \"attestation\":{\n" + " \"type\":\"x509\",\n" + " \"x509\":{\n" + " \"signingCertificates\":{\n" + " \"primary\":{\n" + " \"info\": {\n" + " \"subjectName\": \"CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US\",\n" + " \"sha1Thumbprint\": \"0000000000000000000000000000000000\",\n" + " \"sha256Thumbprint\": \"" + SampleEnrollmentGroupId + "\",\n" + " \"issuerName\": \"CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US\",\n" + " \"notBeforeUtc\": \"2017-11-14T12:34:18Z\",\n" + " \"notAfterUtc\": \"2017-11-20T12:34:18Z\",\n" + " \"serialNumber\": \"000000000000000000\",\n" + " \"version\": 3\n" + " }\n" + " }\n" + " }\n" + " }\n" + " },\n" + " \"etag\": \"" + SampleEtag + "\"\n" + "}"; EnrollmentGroup enrollmentGroup = Newtonsoft.Json.JsonConvert.DeserializeObject <EnrollmentGroup>(minJson); // act - assert Assert.IsNotNull(enrollmentGroup); Assert.AreEqual(SampleEnrollmentGroupId, enrollmentGroup.EnrollmentGroupId); Assert.IsTrue(enrollmentGroup.Attestation is X509Attestation); Assert.AreEqual(SampleEtag, enrollmentGroup.ETag); }
public async Task <(string primaryKey, string secondaryKey)> CreateEnrollementGroup(string enrollName) { var primaryKey = Base64Encode(RandomString(50)); var secondaryKey = Base64Encode(RandomString(50)); var attestation = new SymmetricKeyAttestation(primaryKey, secondaryKey); var enrollementGroup = new EnrollmentGroup(enrollName, attestation); var tags = new TwinCollection(); tags["group-Enrollment"] = enrollName; var properties = new TwinCollection() { }; enrollementGroup.InitialTwinState = new TwinState(tags, properties); enrollementGroup.IotHubs = new List <string>(); enrollementGroup.IotHubs.Add("CowHub.azure-devices.net"); enrollementGroup.AllocationPolicy = AllocationPolicy.Hashed; enrollementGroup.ProvisioningStatus = ProvisioningStatus.Enabled; enrollementGroup.ReprovisionPolicy = new ReprovisionPolicy() { MigrateDeviceData = true, UpdateHubAssignment = true }; await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollementGroup); return(primaryKey, secondaryKey); }
private static async Task CreateOrUpdateEnrollmentGroupAsync() { using (var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(dpsConnectionString)) { Console.WriteLine("Connected to sample provisioning service successfully."); Console.WriteLine(); Console.WriteLine("Creating a new enrollmentGroup..."); Attestation attestation = new SymmetricKeyAttestation(string.Empty, string.Empty); EnrollmentGroup enrollmentGroup = new EnrollmentGroup(enrollmentGroupId, attestation) { ProvisioningStatus = ProvisioningStatus.Enabled }; Console.WriteLine(enrollmentGroup); // Create the enrollmentGroup Console.WriteLine("Adding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("EnrollmentGroup created :"); Console.WriteLine(enrollmentGroupResult); } }
public static async Task SetGroupRegistrationDataAsync() { Console.WriteLine("Starting SetGroupRegistrationData"); using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(ServiceConnectionString)) { Console.WriteLine("\nCreating a new enrollmentGroup..."); var certificate = new X509Certificate2(X509RootCertPathVar); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup(SampleEnrollmentGroupId, attestation); Console.WriteLine(enrollmentGroup); Console.WriteLine("\nAdding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("\nEnrollmentGroup created with success."); Console.WriteLine(enrollmentGroupResult); } }
public async Task <bool> AddDpsGroupEnrollment(StringBuilder certContents) { try { byte[] byteArray = ASCIIEncoding.ASCII.GetBytes(certContents.ToString()); var certificate = new X509Certificate2(byteArray); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup( "Test", attestation) { ProvisioningStatus = ProvisioningStatus.Enabled }; EnrollmentGroup enrollmentGroupResult = await _provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); return(true); } catch (Exception e) { _logger.LogError($"Exception in DeleteDpsEnrollment() : {e.Message}"); } return(false); }
private async Task <EnrollmentGroup> TryGetEnrollmentGroupAsync() { EnrollmentGroup enrollmentGroupResult = null; using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(this.DPSConnStr)) { try { // Get the enrollmentGroup enrollmentGroupResult = await provisioningServiceClient .GetEnrollmentGroupAsync( this.DPSEnrollmentGroup) .ConfigureAwait(false); } catch (ProvisioningServiceClientHttpException ex) { // not found is ok if (!ex.ErrorMessage.Equals("Not Found", StringComparison. InvariantCultureIgnoreCase)) { throw; } } } return(enrollmentGroupResult); }
/********************************************************************************** * Upload CA for proof of possession *********************************************************************************/ public async Task <bool> AddDpsGroupEnrollment(string certPath) { try { var certificate = new X509Certificate2(certPath); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup( "Test", attestation) { ProvisioningStatus = ProvisioningStatus.Enabled }; EnrollmentGroup enrollmentGroupResult = await _provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); return(true); } catch (Exception e) { _logger.LogError($"Exception in DeleteDpsEnrollment() : {e.Message}"); } return(false); }
private static async Task CreateOrUpdateEnrollmentGroupAsync() { using (var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(dpsConnectionString)) { Console.WriteLine("Connected to sample provisioning service successfully."); Console.WriteLine(); // Create a new enrollmentGroup config Console.WriteLine("Creating a new enrollmentGroup..."); var certificate = new X509Certificate2(x509RootCertPath); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup(enrollmentGroupId, attestation) { ProvisioningStatus = ProvisioningStatus.Enabled, }; Console.WriteLine(enrollmentGroup); // Create the enrollmentGroup Console.WriteLine("Adding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("EnrollmentGroup created :"); Console.WriteLine(enrollmentGroupResult); } }
public static async Task RunSample() { Console.WriteLine("Starting sample..."); using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(ProvisioningConnectionString)) { #region Create a new enrollmentGroup config Console.WriteLine("\nCreating a new enrollmentGroup..."); var certificate = new X509Certificate2(X509RootCertPath); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup( EnrollmentGroupId, attestation) { ProvisioningStatus = ProvisioningStatus.Enabled }; Console.WriteLine(enrollmentGroup); #endregion #region Create the enrollmentGroup Console.WriteLine("\nAdding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("\nEnrollmentGroup created with success."); Console.WriteLine(enrollmentGroupResult); #endregion } }
public static PSEnrollmentGroup ToPSEnrollmentGroup(EnrollmentGroup enrollment) { PSEnrollmentGroup psEnrollmentGroup = ConvertObject <EnrollmentGroup, PSEnrollmentGroup>(enrollment); psEnrollmentGroup.Attestation = GetAttestationMechanism(enrollment.Attestation); return(psEnrollmentGroup); }
public async Task ProvisioningServiceClient_GroupEnrollments_Create_Ok( string proxyServerAddress, AttestationMechanismType attestationType, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs) { string groupId = s_devicePrefix + AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); using (ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(proxyServerAddress)) { EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroupAsync( provisioningServiceClient, attestationType, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs, null, Logger).ConfigureAwait(false); EnrollmentGroup enrollmentGroupResult = null; await RetryOperationHelper .RetryOperationsAsync( async() => { enrollmentGroupResult = await provisioningServiceClient.GetEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (enrollmentGroupResult == null) { throw new ArgumentException($"The enrollment group with group Id {enrollmentGroup.EnrollmentGroupId} could not retrieved, exiting test."); } Assert.AreEqual(enrollmentGroupResult.ProvisioningStatus, ProvisioningStatus.Enabled); if (reprovisionPolicy != null) { Assert.AreEqual(reprovisionPolicy.MigrateDeviceData, enrollmentGroupResult.ReprovisionPolicy.MigrateDeviceData); Assert.AreEqual(reprovisionPolicy.UpdateHubAssignment, enrollmentGroupResult.ReprovisionPolicy.UpdateHubAssignment); } if (customAllocationDefinition != null) { Assert.AreEqual(customAllocationDefinition.WebhookUrl, enrollmentGroupResult.CustomAllocationDefinition.WebhookUrl); Assert.AreEqual(customAllocationDefinition.ApiVersion, enrollmentGroupResult.CustomAllocationDefinition.ApiVersion); } Assert.AreEqual(allocationPolicy, enrollmentGroup.AllocationPolicy); await DeleteCreatedEnrollmentAsync(EnrollmentType.Group, "", enrollmentGroup.EnrollmentGroupId, Logger).ConfigureAwait(false); } }
public async Task GetEnrollmentGroupInfoAsync() { Console.WriteLine("\nGetting the enrollmentGroup information..."); EnrollmentGroup getResult = await _provisioningServiceClient.GetEnrollmentGroupAsync(EnrollmentGroupId).ConfigureAwait(false); Console.WriteLine(getResult); }
public static async Task RunSample() { Console.WriteLine("Starting sample..."); using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(_provisioningConnectionString)) { #region Create a new enrollmentGroup config Console.WriteLine("\nCreating a new enrollmentGroup..."); string certificatePassword = ReadCertificatePassword(); var certificate = new X509Certificate2(_x509RootCertPath, certificatePassword); Attestation attestation = X509Attestation.CreateFromRootCertificates(certificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup( _enrollmentGroupId, attestation); Console.WriteLine(enrollmentGroup); #endregion #region Create the enrollmentGroup Console.WriteLine("\nAdding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("\nEnrollmentGroup created with success."); Console.WriteLine(enrollmentGroupResult); #endregion #region Get info of enrollmentGroup Console.WriteLine("\nGetting the enrollmentGroup information..."); EnrollmentGroup getResult = await provisioningServiceClient.GetEnrollmentGroupAsync(SampleEnrollmentGroupId).ConfigureAwait(false); Console.WriteLine(getResult); #endregion #region Query info of enrollmentGroup doc Console.WriteLine("\nCreating a query for enrollmentGroups..."); QuerySpecification querySpecification = new QuerySpecification("SELECT * FROM enrollmentGroups"); using (Query query = provisioningServiceClient.CreateEnrollmentGroupQuery(querySpecification)) { while (query.HasNext()) { Console.WriteLine("\nQuerying the next enrollmentGroups..."); QueryResult queryResult = await query.NextAsync().ConfigureAwait(false); Console.WriteLine(queryResult); } } #endregion #region Delete info of enrollmentGroup Console.WriteLine("\nDeleting the enrollmentGroup..."); await provisioningServiceClient.DeleteEnrollmentGroupAsync(getResult).ConfigureAwait(false); #endregion } }
public void EnrollmentGroupConstructorSucceed() { // arrange - act EnrollmentGroup individualEnrollment = new EnrollmentGroup(SampleEnrollmentGroupId, SampleX509RootAttestation); // assert Assert.AreEqual(SampleEnrollmentGroupId, individualEnrollment.EnrollmentGroupId); Assert.AreEqual(SamplePublicKeyCertificateString, ((X509Attestation)individualEnrollment.Attestation).RootCertificates.Primary.Certificate); }
public static async Task <EnrollmentGroup> CreateEnrollmentGroupAsync( ProvisioningServiceClient provisioningServiceClient, AttestationMechanismType attestationType, string groupId, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs, DeviceCapabilities capabilities, MsTestLogger logger) { Attestation attestation; switch (attestationType) { case AttestationMechanismType.Tpm: throw new NotSupportedException("Group enrollments do not support tpm attestation"); case AttestationMechanismType.SymmetricKey: string primaryKey = CryptoKeyGenerator.GenerateKey(32); string secondaryKey = CryptoKeyGenerator.GenerateKey(32); attestation = new SymmetricKeyAttestation(primaryKey, secondaryKey); break; case AttestationMechanismType.X509: default: throw new NotSupportedException("Test code has not been written for testing this attestation type yet"); } var enrollmentGroup = new EnrollmentGroup(groupId, attestation) { Capabilities = capabilities, ReprovisionPolicy = reprovisionPolicy, AllocationPolicy = allocationPolicy, CustomAllocationDefinition = customAllocationDefinition, IotHubs = iothubs, }; EnrollmentGroup createdEnrollmentGroup = null; await RetryOperationHelper .RetryOperationsAsync( async() => { createdEnrollmentGroup = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); if (createdEnrollmentGroup == null) { throw new ArgumentException($"The enrollment entry with group Id {groupId} could not be created, exiting test."); } return(createdEnrollmentGroup); }
public void EnrollmentGroupConstructorJSONSucceed() { // arrange EnrollmentGroup enrollmentGroup = Newtonsoft.Json.JsonConvert.DeserializeObject <EnrollmentGroup>(SampleEnrollmentGroupJson); // act - assert Assert.IsNotNull(enrollmentGroup); Assert.AreEqual(SampleEnrollmentGroupId, enrollmentGroup.EnrollmentGroupId); Assert.IsTrue(enrollmentGroup.Attestation is X509Attestation); Assert.AreEqual(SampleIotHubHostName, enrollmentGroup.IotHubHostName); Assert.IsNotNull(enrollmentGroup.InitialTwinState); Assert.AreEqual(SampleProvisioningStatus, enrollmentGroup.ProvisioningStatus); Assert.AreEqual(SampleCreateDateTimeUTC, enrollmentGroup.CreatedDateTimeUtc); Assert.AreEqual(SampleLastUpdatedDateTimeUTC, enrollmentGroup.LastUpdatedDateTimeUtc); Assert.AreEqual(SampleEtag, enrollmentGroup.ETag); }
/// <summary> /// Update the enrollment under test such that it forces it to reprovision to the hubs within <paramref name="iotHubsToReprovisionTo"/> /// </summary> private async Task UpdateEnrollmentToForceReprovision(EnrollmentType?enrollmentType, ProvisioningServiceClient provisioningServiceClient, ICollection <String> iotHubsToReprovisionTo, SecurityProvider security, string groupId) { if (enrollmentType == EnrollmentType.Individual) { IndividualEnrollment individualEnrollment = await provisioningServiceClient.GetIndividualEnrollmentAsync(security.GetRegistrationID()).ConfigureAwait(false); individualEnrollment.IotHubs = iotHubsToReprovisionTo; IndividualEnrollment individualEnrollmentResult = await provisioningServiceClient.CreateOrUpdateIndividualEnrollmentAsync(individualEnrollment).ConfigureAwait(false); } else { EnrollmentGroup enrollmentGroup = await provisioningServiceClient.GetEnrollmentGroupAsync(groupId).ConfigureAwait(false); enrollmentGroup.IotHubs = iotHubsToReprovisionTo; EnrollmentGroup enrollmentGroupResult = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); } }
public async Task <bool> CleanUpAndCreateEnrollmentGroupAsync( Attestation attestation) { EnrollmentGroup enrollmentGroup = await TryGetEnrollmentGroupAsync() .ConfigureAwait(false); if (enrollmentGroup != null) { await TryDeleteEnrollmentGroupAsync(enrollmentGroup) .ConfigureAwait(false); } var result = await CreateEnrollmentGroupAsync(attestation) .ConfigureAwait(false); return(CheckReadiness(result)); }
public async Task CreateEnrollmentGroupAsync() { Console.WriteLine("\nCreating a new enrollmentGroup..."); Attestation attestation = X509Attestation.CreateFromRootCertificates(_groupIssuerCertificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup( EnrollmentGroupId, attestation); Console.WriteLine(enrollmentGroup); Console.WriteLine("\nAdding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await _provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); Console.WriteLine("\nEnrollmentGroup created with success."); Console.WriteLine(enrollmentGroupResult); }
public async Task ProvisioningServiceClient_GetEnrollmentGroupAttestation(AttestationMechanismType attestationType) { using var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(TestConfiguration.Provisioning.ConnectionString); string groupId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroupAsync(provisioningServiceClient, attestationType, groupId, null, AllocationPolicy.Static, null, null, null, Logger); AttestationMechanism attestationMechanism = null; await RetryOperationHelper .RetryOperationsAsync( async() => { attestationMechanism = await provisioningServiceClient.GetEnrollmentGroupAttestationAsync(enrollmentGroup.EnrollmentGroupId); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (attestationMechanism == null) { throw new ArgumentException($"The attestation mechanism for enrollment with group Id {enrollmentGroup.EnrollmentGroupId} could not retrieved, exiting test."); } // Note that tpm is not a supported attestation type for group enrollments if (attestationType == AttestationMechanismType.SymmetricKey) { attestationMechanism.Type.Should().Be(AttestationMechanismType.SymmetricKey); var symmetricKeyAttestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); symmetricKeyAttestation.PrimaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).PrimaryKey); symmetricKeyAttestation.SecondaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).SecondaryKey); } else if (attestationType == AttestationMechanismType.X509) { attestationMechanism.Type.Should().Be(AttestationMechanismType.X509); var x509Attestation = (X509Attestation)attestationMechanism.GetAttestation(); x509Attestation.GetPrimaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetPrimaryX509CertificateInfo().SHA1Thumbprint); x509Attestation.GetSecondaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetSecondaryX509CertificateInfo().SHA1Thumbprint); } }
private async Task <EnrollmentGroup> CreateEnrollmentGroupAsync(Attestation attestation) { EnrollmentGroup enrollmentGroupResult = null; using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString( this.DPSConnStr)) { EnrollmentGroup enrollmentGroup = new EnrollmentGroup( this.DPSEnrollmentGroup, attestation); enrollmentGroup.ProvisioningStatus = ProvisioningStatus.Enabled; // Create the enrollmentGroup enrollmentGroupResult = await provisioningServiceClient .CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup) .ConfigureAwait(false); } return(enrollmentGroupResult); }
public override void ExecuteCmdlet() { ProvisioningServiceDescription provisioningServiceDescription; if (ParameterSetName.Equals(InputObjectParameterSet)) { this.ResourceGroupName = this.DpsObject.ResourceGroupName; this.DpsName = this.DpsObject.Name; provisioningServiceDescription = IotDpsUtils.ConvertObject <PSProvisioningServiceDescription, ProvisioningServiceDescription>(this.DpsObject); } else { if (ParameterSetName.Equals(ResourceIdParameterSet)) { this.ResourceGroupName = IotDpsUtils.GetResourceGroupName(this.ResourceId); this.DpsName = IotDpsUtils.GetIotDpsName(this.ResourceId); } provisioningServiceDescription = GetIotDpsResource(this.ResourceGroupName, this.DpsName); } IEnumerable <SharedAccessSignatureAuthorizationRuleAccessRightsDescription> authPolicies = this.IotDpsClient.IotDpsResource.ListKeys(this.DpsName, this.ResourceGroupName); SharedAccessSignatureAuthorizationRuleAccessRightsDescription policy = IotDpsUtils.GetPolicy(authPolicies, PSAccessRightsDescription.EnrollmentWrite); PSIotDpsConnectionString psIotDpsConnectionString = IotDpsUtils.ToPSIotDpsConnectionString(policy, provisioningServiceDescription.Properties.ServiceOperationsHostName); ProvisioningServiceClient client = ProvisioningServiceClient.CreateFromConnectionString(psIotDpsConnectionString.PrimaryConnectionString); if (this.Name != null) { EnrollmentGroup result = client.GetEnrollmentGroupAsync(this.Name).GetAwaiter().GetResult(); this.WriteObject(IotDpsUtils.ToPSEnrollmentGroup(result)); } else { QueryResult enrollments = client.CreateEnrollmentGroupQuery(new QuerySpecification("select * from enrollments")).NextAsync().GetAwaiter().GetResult(); this.WriteObject(IotDpsUtils.ToPSEnrollmentGroups(enrollments.Items), true); } }
public async Task ProvisioningServiceClient_GetEnrollmentGroupAttestation(AttestationMechanismType attestationType) { ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(Configuration.Provisioning.ConnectionString); string groupId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroup(provisioningServiceClient, attestationType, groupId, null, AllocationPolicy.Static, null, null, null); AttestationMechanism attestationMechanism = await provisioningServiceClient.GetEnrollmentGroupAttestationAsync(enrollmentGroup.EnrollmentGroupId); // Note that tpm is not a supported attestation type for group enrollments if (attestationType == AttestationMechanismType.SymmetricKey) { Assert.AreEqual(AttestationMechanismType.SymmetricKey, attestationMechanism.Type); SymmetricKeyAttestation symmetricKeyAttestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); Assert.AreEqual(((SymmetricKeyAttestation)enrollmentGroup.Attestation).PrimaryKey, symmetricKeyAttestation.PrimaryKey); Assert.AreEqual(((SymmetricKeyAttestation)enrollmentGroup.Attestation).SecondaryKey, symmetricKeyAttestation.SecondaryKey); } else if (attestationType == AttestationMechanismType.X509) { Assert.AreEqual(AttestationMechanismType.X509, attestationMechanism.Type); X509Attestation x509Attestation = (X509Attestation)attestationMechanism.GetAttestation(); Assert.AreEqual(((X509Attestation)enrollmentGroup.Attestation).GetPrimaryX509CertificateInfo().SHA1Thumbprint, x509Attestation.GetPrimaryX509CertificateInfo().SHA1Thumbprint); Assert.AreEqual(((X509Attestation)enrollmentGroup.Attestation).GetSecondaryX509CertificateInfo().SHA1Thumbprint, x509Attestation.GetSecondaryX509CertificateInfo().SHA1Thumbprint); } }
private async Task TryDeleteEnrollmentGroupAsync(EnrollmentGroup enrollmentGroup) { using (ProvisioningServiceClient provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(this.DPSConnStr)) { try { // Delete the enrollmentGroup await provisioningServiceClient .DeleteEnrollmentGroupAsync(enrollmentGroup) .ConfigureAwait(false); } catch (ProvisioningServiceClientHttpException ex) { // not found is ok if (!ex.ErrorMessage.Equals("Not Found", StringComparison. InvariantCultureIgnoreCase)) { throw; } } } }
public async Task CreateDpsEnrollmentGroupAsync( string enrollmentGroupId, X509Certificate2 pemCertificate) { _logger.LogInformation("Starting CreateDpsEnrollmentGroupAsync..."); _logger.LogInformation("Creating a new enrollmentGroup..."); Attestation attestation = X509Attestation.CreateFromRootCertificates(pemCertificate); EnrollmentGroup enrollmentGroup = new EnrollmentGroup(enrollmentGroupId, attestation) { ProvisioningStatus = ProvisioningStatus.Enabled, ReprovisionPolicy = new ReprovisionPolicy { MigrateDeviceData = false, UpdateHubAssignment = true }, Capabilities = new DeviceCapabilities { IotEdge = false }, InitialTwinState = new TwinState( new TwinCollection("{ \"updatedby\":\"" + "damien" + "\", \"timeZone\":\"" + TimeZoneInfo.Local.DisplayName + "\" }"), new TwinCollection("{ }") ) }; _logger.LogInformation($"{enrollmentGroup}"); _logger.LogInformation($"Adding new enrollmentGroup..."); EnrollmentGroup enrollmentGroupResult = await _provisioningServiceClient .CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup) .ConfigureAwait(false); _logger.LogInformation($"EnrollmentGroup created with success."); _logger.LogInformation($"{enrollmentGroupResult}"); }
public async Task EnumerateRegistrationsInGroup(QuerySpecification querySpecification, EnrollmentGroup group) { _logger.LogInformation($"Creating a query for registrations within group '{group.EnrollmentGroupId}'..."); using (Query registrationQuery = _provisioningServiceClient.CreateEnrollmentGroupRegistrationStateQuery(querySpecification, group.EnrollmentGroupId)) { _logger.LogInformation($"Querying the next registrations within group '{group.EnrollmentGroupId}'..."); QueryResult registrationQueryResult = await registrationQuery.NextAsync().ConfigureAwait(false); _logger.LogInformation($"{registrationQueryResult}"); } }
private async Task <SecurityProvider> CreateSecurityProviderFromName(AttestationType attestationType, EnrollmentType?enrollmentType, string groupId, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs, DeviceCapabilities capabilities = null) { _verboseLog.WriteLine($"{nameof(CreateSecurityProviderFromName)}({attestationType})"); var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(Configuration.Provisioning.ConnectionString); switch (attestationType) { case AttestationType.Tpm: string registrationId = AttestationTypeToString(attestationType) + "-registration-id-" + Guid.NewGuid(); var tpmSim = new SecurityProviderTpmSimulator(registrationId); string base64Ek = Convert.ToBase64String(tpmSim.GetEndorsementKey()); var provisioningService = ProvisioningServiceClient.CreateFromConnectionString(Configuration.Provisioning.ConnectionString); _log.WriteLine($"Getting enrollment: RegistrationID = {registrationId}"); IndividualEnrollment individualEnrollment = new IndividualEnrollment(registrationId, new TpmAttestation(base64Ek)) { AllocationPolicy = allocationPolicy, ReprovisionPolicy = reprovisionPolicy, IotHubs = iothubs, CustomAllocationDefinition = customAllocationDefinition, Capabilities = capabilities }; IndividualEnrollment enrollment = await provisioningService.CreateOrUpdateIndividualEnrollmentAsync(individualEnrollment).ConfigureAwait(false); var attestation = new TpmAttestation(base64Ek); enrollment.Attestation = attestation; _log.WriteLine($"Updating enrollment: RegistrationID = {registrationId} EK = '{base64Ek}'"); await provisioningService.CreateOrUpdateIndividualEnrollmentAsync(enrollment).ConfigureAwait(false); return(tpmSim); case AttestationType.x509: X509Certificate2 certificate = null; X509Certificate2Collection collection = null; switch (enrollmentType) { case EnrollmentType.Individual: certificate = Configuration.Provisioning.GetIndividualEnrollmentCertificate(); break; case EnrollmentType.Group: certificate = Configuration.Provisioning.GetGroupEnrollmentCertificate(); collection = Configuration.Provisioning.GetGroupEnrollmentChain(); break; default: throw new NotSupportedException($"Unknown X509 type: '{enrollmentType}'"); } return(new SecurityProviderX509Certificate(certificate, collection)); case AttestationType.SymmetricKey: switch (enrollmentType) { case EnrollmentType.Group: EnrollmentGroup symmetricKeyEnrollmentGroup = await CreateEnrollmentGroup(provisioningServiceClient, AttestationType.SymmetricKey, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs, capabilities).ConfigureAwait(false); Assert.IsTrue(symmetricKeyEnrollmentGroup.Attestation is SymmetricKeyAttestation); SymmetricKeyAttestation symmetricKeyAttestation = (SymmetricKeyAttestation)symmetricKeyEnrollmentGroup.Attestation; string registrationIdSymmetricKey = IdPrefix + Guid.NewGuid(); string primaryKeyEnrollmentGroup = symmetricKeyAttestation.PrimaryKey; string secondaryKeyEnrollmentGroup = symmetricKeyAttestation.SecondaryKey; string primaryKeyIndividual = ProvisioningE2ETests.ComputeDerivedSymmetricKey(Convert.FromBase64String(primaryKeyEnrollmentGroup), registrationIdSymmetricKey); string secondaryKeyIndividual = ProvisioningE2ETests.ComputeDerivedSymmetricKey(Convert.FromBase64String(secondaryKeyEnrollmentGroup), registrationIdSymmetricKey); return(new SecurityProviderSymmetricKey(registrationIdSymmetricKey, primaryKeyIndividual, secondaryKeyIndividual)); case EnrollmentType.Individual: IndividualEnrollment symmetricKeyEnrollment = await CreateIndividualEnrollment(provisioningServiceClient, AttestationType.SymmetricKey, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs, capabilities).ConfigureAwait(false); Assert.IsTrue(symmetricKeyEnrollment.Attestation is SymmetricKeyAttestation); symmetricKeyAttestation = (SymmetricKeyAttestation)symmetricKeyEnrollment.Attestation; registrationIdSymmetricKey = symmetricKeyEnrollment.RegistrationId; string primaryKey = symmetricKeyAttestation.PrimaryKey; string secondaryKey = symmetricKeyAttestation.SecondaryKey; return(new SecurityProviderSymmetricKey(registrationIdSymmetricKey, primaryKey, secondaryKey)); default: throw new NotSupportedException("Unrecognized enrollment type"); } default: throw new NotSupportedException("Unrecognized attestation type"); } throw new NotSupportedException($"Unknown security type: '{attestationType}'."); }