/// <summary> /// Create from service model /// </summary> /// <param name="model"></param> public EndpointActivationFilterApiModel(EndpointActivationFilterModel model) { if (model == null) { throw new ArgumentNullException(nameof(model)); } SecurityPolicies = model.SecurityPolicies; SecurityPolicies = model.SecurityPolicies; SecurityMode = model.SecurityMode; }
/// <summary> /// Apply activation filter /// </summary> /// <param name="filter"></param> /// <param name="registration"></param> /// <param name="context"></param> /// <param name="ct"></param> /// <returns></returns> private async Task <string> ApplyActivationFilterAsync( EndpointActivationFilterModel filter, EndpointRegistration registration, RegistryOperationContextModel context, CancellationToken ct = default) { if (filter == null || registration == null) { return(null); } // TODO: Get trust list entry and validate endpoint.Certificate var mode = registration.SecurityMode ?? SecurityMode.None; if (!mode.MatchesFilter(filter.SecurityMode ?? SecurityMode.Best)) { return(null); } var policy = registration.SecurityPolicy; if (filter.SecurityPolicies != null) { if (!filter.SecurityPolicies.Any(p => p.EqualsIgnoreCase(registration.SecurityPolicy))) { return(null); } } try { // Ensure device scope for the registration before getting the secret. // Changing device's scope regenerates the secret. await EnsureDeviceScopeForRegistrationAsync(registration, ct); // Get endpoint twin secret var secret = await _iothub.GetPrimaryKeyAsync(registration.DeviceId, null, ct); var endpoint = registration.ToServiceModel(); // Try activate endpoint - if possible... await _activator.ActivateEndpointAsync(endpoint.Registration, secret, ct); // Mark in supervisor await SetSupervisorTwinSecretAsync(registration.SupervisorId, registration.DeviceId, secret, ct); registration.Activated = true; await _broker.NotifyAllAsync( l => l.OnEndpointActivatedAsync(context, endpoint)); return(secret); } catch (Exception ex) { _logger.Information(ex, "Failed activating {eeviceId} based off " + "filter. Manual activation required.", registration.DeviceId); return(null); } }
/// <summary> /// Create from service model /// </summary> /// <param name="model"></param> public static EndpointActivationFilterApiModel ToApiModel( this EndpointActivationFilterModel model) { if (model == null) { return(null); } return(new EndpointActivationFilterApiModel { TrustLists = model.TrustLists, SecurityPolicies = model.SecurityPolicies, SecurityMode = (IIoT.OpcUa.Api.Core.Models.SecurityMode?)model.SecurityMode }); }