Пример #1
0
        private async Task ConsoleGlobalDiscoveryServer(
            OpcVaultApiOptions opcVaultOptions,
            OpcVaultAzureADOptions azureADOptions)
        {
            ApplicationInstance.MessageDlg = new ApplicationMessageDlg();
            ApplicationInstance application = new ApplicationInstance
            {
                ApplicationName   = Program.Name,
                ApplicationType   = ApplicationType.Server,
                ConfigSectionName = "Microsoft.Azure.IIoT.OpcUa.Modules.Vault"
            };

            // load the application configuration.
            ApplicationConfiguration config = await application.LoadApplicationConfiguration(false);

            // check the application certificate.
            bool haveAppCertificate = await application.CheckApplicationInstanceCertificate(false, 0);

            if (!haveAppCertificate)
            {
                throw new Exception("Application instance certificate invalid!");
            }

            if (!config.SecurityConfiguration.AutoAcceptUntrustedCertificates)
            {
                config.CertificateValidator.CertificateValidation += new CertificateValidationEventHandler(CertificateValidator_CertificateValidation);
            }

            // get the DatabaseStorePath configuration parameter.
            GlobalDiscoveryServerConfiguration opcVaultConfiguration = config.ParseExtension <GlobalDiscoveryServerConfiguration>();

            // extract appId and vault name from database storage path
            string[] keyVaultConfig = opcVaultConfiguration.DatabaseStorePath?.Split(',');
            if (keyVaultConfig != null)
            {
                if (String.IsNullOrEmpty(opcVaultOptions.BaseAddress))
                {
                    // try configuration using XML config
                    opcVaultOptions.BaseAddress = keyVaultConfig[0];
                }

                if (String.IsNullOrEmpty(opcVaultOptions.ResourceId))
                {
                    if (keyVaultConfig.Length > 1 && !String.IsNullOrEmpty(keyVaultConfig[1]))
                    {
                        opcVaultOptions.ResourceId = keyVaultConfig[1];
                    }
                }

                if (String.IsNullOrEmpty(azureADOptions.ClientId))
                {
                    if (keyVaultConfig.Length > 2 && !String.IsNullOrEmpty(keyVaultConfig[2]))
                    {
                        azureADOptions.ClientId = keyVaultConfig[2];
                    }
                }

                if (String.IsNullOrEmpty(azureADOptions.ClientSecret))
                {
                    if (keyVaultConfig.Length > 3 && !String.IsNullOrEmpty(keyVaultConfig[3]))
                    {
                        azureADOptions.ClientSecret = keyVaultConfig[3];
                    }
                }

                if (String.IsNullOrEmpty(azureADOptions.TenantId))
                {
                    if (keyVaultConfig.Length > 4 && !String.IsNullOrEmpty(keyVaultConfig[4]))
                    {
                        azureADOptions.TenantId = keyVaultConfig[4];
                    }
                }

                if (String.IsNullOrEmpty(azureADOptions.Authority))
                {
                    if (keyVaultConfig.Length > 5 && !String.IsNullOrEmpty(keyVaultConfig[5]))
                    {
                        azureADOptions.Authority = keyVaultConfig[5];
                    }
                }
            }

            var       serviceClient         = new OpcVaultLoginCredentials(opcVaultOptions, azureADOptions);
            IOpcVault opcVaultServiceClient = new Microsoft.Azure.IIoT.OpcUa.Api.Vault.OpcVault(new Uri(opcVaultOptions.BaseAddress), serviceClient);
            var       opcVaultHandler       = new OpcVaultClientHandler(opcVaultServiceClient);

            // read configurations from OpcVault secret
            opcVaultConfiguration.CertificateGroups = await opcVaultHandler.GetCertificateConfigurationGroupsAsync(opcVaultConfiguration.BaseCertificateGroupStorePath);

            UpdateGDSConfigurationDocument(config.Extensions, opcVaultConfiguration);

            var certGroup = new OpcVaultCertificateGroup(opcVaultHandler);
            var requestDB = new OpcVaultCertificateRequest(opcVaultServiceClient);
            var appDB     = new OpcVaultApplicationsDatabase(opcVaultServiceClient);

            requestDB.Initialize();
            // for UNITTEST set auto approve true
            server = new OpcVaultGlobalDiscoveryServer(appDB, requestDB, certGroup, false);

            // start the server.
            await application.Start(server);

            // print endpoint info
            var endpoints = application.Server.GetEndpoints().Select(e => e.EndpointUrl).Distinct();

            foreach (var endpoint in endpoints)
            {
                Console.WriteLine(endpoint);
            }

            // start the status thread
            status = Task.Run(new Action(StatusThread));

            // print notification on session events
            server.CurrentInstance.SessionManager.SessionActivated += EventStatus;
            server.CurrentInstance.SessionManager.SessionClosing   += EventStatus;
            server.CurrentInstance.SessionManager.SessionCreated   += EventStatus;
        }
Пример #2
0
        /// <summary>
        /// Updates the config extension with the new configuration information.
        /// </summary>
        private static void UpdateGDSConfigurationDocument(XmlElementCollection extensions, GlobalDiscoveryServerConfiguration gdsConfiguration)
        {
            XmlDocument   gdsDoc        = new XmlDocument();
            var           qualifiedName = EncodeableFactory.GetXmlName(typeof(GlobalDiscoveryServerConfiguration));
            XmlSerializer gdsSerializer = new XmlSerializer(typeof(GlobalDiscoveryServerConfiguration), qualifiedName.Namespace);

            using (XmlWriter writer = gdsDoc.CreateNavigator().AppendChild())
            {
                gdsSerializer.Serialize(writer, gdsConfiguration);
            }

            foreach (var extension in extensions)
            {
                if (extension.Name == qualifiedName.Name)
                {
                    extension.InnerXml = gdsDoc.DocumentElement.InnerXml;
                }
            }
        }
Пример #3
0
        /// <summary>
        /// Initializes the node manager.
        /// </summary>
        public ApplicationsNodeManager(
            IServerInternal server,
            ApplicationConfiguration configuration,
            IApplicationsDatabase database,
            ICertificateGroupProvider certificateGroupProvider
            )
            : base(server, configuration)
        {
            List <string> namespaceUris = new List <string>
            {
                "http://opcfoundation.org/UA/GDS/applications/",
                Opc.Ua.Gds.Namespaces.OpcUaGds
            };

            NamespaceUris = namespaceUris;

            SystemContext.NodeIdFactory = this;

            // get the configuration for the node manager.
            m_configuration = configuration.ParseExtension <GlobalDiscoveryServerConfiguration>();

            // use suitable defaults if no configuration exists.
            if (m_configuration == null)
            {
                m_configuration = new GlobalDiscoveryServerConfiguration();
            }

            if (!String.IsNullOrEmpty(m_configuration.DefaultSubjectNameContext))
            {
                if (m_configuration.DefaultSubjectNameContext[0] != ',')
                {
                    m_configuration.DefaultSubjectNameContext = "," + m_configuration.DefaultSubjectNameContext;
                }
            }

            DefaultApplicationGroupId = ExpandedNodeId.ToNodeId(Opc.Ua.Gds.ObjectIds.Directory_CertificateGroups_DefaultApplicationGroup, Server.NamespaceUris);
            DefaultHttpsGroupId       = ExpandedNodeId.ToNodeId(Opc.Ua.Gds.ObjectIds.Directory_CertificateGroups_DefaultHttpsGroup, Server.NamespaceUris);
            DefaultUserTokenGroupId   = ExpandedNodeId.ToNodeId(Opc.Ua.Gds.ObjectIds.Directory_CertificateGroups_DefaultUserTokenGroup, Server.NamespaceUris);

            m_autoApprove = true;
            m_database    = database;
            m_certificateGroupProvider = certificateGroupProvider;
            m_certificateGroups        = new Dictionary <NodeId, CertificateGroup>();

            try
            {
                var results = m_database.QueryServers(0, 5, null, null, null, null, out DateTime lastResetTime);
                Utils.Trace("QueryServers Returned: {0} records", results.Length);

                foreach (var result in results)
                {
                    Utils.Trace("Server Found at {0}", result.DiscoveryUrl);
                }
            }
            catch (Exception e)
            {
                Utils.Trace(e, "Could not connect to the Database!");

                var ie = e.InnerException;

                while (ie != null)
                {
                    Utils.Trace(ie, "");
                    ie = ie.InnerException;
                }

                Utils.Trace("Initialize Database tables!");
                m_database.Initialize();

                Utils.Trace("Database Initialized!");
            }

            Server.MessageContext.Factory.AddEncodeableTypes(typeof(Opc.Ua.Gds.ObjectIds).GetTypeInfo().Assembly);
        }