static async Task Register(SecurityProviderTpmHsm security)
{
Console.WriteLine("Press ENTER when ready to execute Registration.");
Console.WriteLine("------------------");
Console.ReadLine();
using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
{
var client = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, _idScope, security, transport);
try
{
DeviceRegistrationResult result = await client.RegisterAsync().ConfigureAwait(false);
Console.ForegroundColor = ConsoleColor.Yellow;
Console.Write("\tAssigned Hub: : ");
Console.ForegroundColor = ConsoleColor.White;
Console.Write("{0} ", result.AssignedHub);
Console.WriteLine(Environment.NewLine);
Console.ForegroundColor = ConsoleColor.Yellow;
Console.Write("\tDeviceId: : ");
Console.ForegroundColor = ConsoleColor.White;
Console.Write("{0} ", result.DeviceId);
Console.WriteLine(Environment.NewLine);
}
catch (Exception)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("The registration has failed");
Console.ForegroundColor = ConsoleColor.White;
throw;
}
}
}
static void Main(string[] args)
{
string[] certFilePaths = Directory.GetFiles(ConfigurationManager.AppSettings["CertDirectory"], "*.pfx");
string plainTextPassword = ConfigurationManager.AppSettings["SecureString"];
foreach (string certFilePath in certFilePaths)
{
using (X509Certificate2 cert = new X509Certificate2(certFilePath, plainTextPassword, X509KeyStorageFlags.UserKeySet))
{
using (var security = new SecurityProviderX509Certificate(cert))
using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
{
ProvisioningDeviceClient provClient =
ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, IdScope, security, transport);
Console.WriteLine($"Registering device with RegistrationID = {security.GetRegistrationID()}");
DeviceRegistrationResult result = provClient.RegisterAsync().GetAwaiter().GetResult();
Console.WriteLine($"{result.Status}");
Console.WriteLine(
$"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
}
}
}
}
protected virtual async Task <DeviceRegistrationResult> RegisterDeviceAsync(
string dpsGlobalDeviceEndpoint,
string dpsIdScope)
{
DeviceRegistrationResult result = null;
using (var security =
new SecurityProviderX509Certificate(
this.HardwareSecurityModel.DeviceLeafCert))
using (var transport =
new ProvisioningTransportHandlerMqtt(
TransportFallbackType.TcpOnly))
{
ProvisioningDeviceClient provClient =
ProvisioningDeviceClient.Create(
dpsGlobalDeviceEndpoint,
dpsIdScope,
security,
transport);
result = await provClient.RegisterAsync().ConfigureAwait(false);
}
return(result);
}
private static IAuthenticationMethod GetAuthenticationMethod(DeviceRegistrationResult result, SecurityProvider security)
{
IAuthenticationMethod auth;
if (security is SecurityProviderTpm)
{
Console.WriteLine("Creating TPM DeviceClient authentication.");
auth = new DeviceAuthenticationWithTpm(result.DeviceId, security as SecurityProviderTpm);
}
else if (security is SecurityProviderX509)
{
Console.WriteLine("Creating X509 DeviceClient authentication.");
auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, (security as SecurityProviderX509).GetAuthenticationCertificate());
}
else if (security is SecurityProviderSymmetricKey)
{
Console.WriteLine("Creating Symmetric Key DeviceClient authenication");
auth = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (security as SecurityProviderSymmetricKey).GetPrimaryKey());
}
else
{
throw new NotSupportedException("Unknown authentication type.");
}
return(auth);
}
private static async Task <DeviceClient> SetupDeviceClientAsync(Parameters parameters, CancellationToken cancellationToken)
{
DeviceClient deviceClient;
switch (parameters.DeviceSecurityType.ToLowerInvariant())
{
case "dps":
s_logger.LogDebug($"Initializing via DPS");
DeviceRegistrationResult dpsRegistrationResult = await ProvisionDeviceAsync(parameters, cancellationToken);
var authMethod = new DeviceAuthenticationWithRegistrySymmetricKey(dpsRegistrationResult.DeviceId, parameters.DeviceSymmetricKey);
deviceClient = InitializeDeviceClient(dpsRegistrationResult.AssignedHub, authMethod);
break;
case "connectionstring":
s_logger.LogDebug($"Initializing via IoT Hub connection string");
deviceClient = InitializeDeviceClient(parameters.PrimaryConnectionString);
break;
default:
throw new ArgumentException($"Unrecognized value for device provisioning received: {parameters.DeviceSecurityType}." +
$" It should be either \"dps\" or \"connectionString\" (case-insensitive).");
}
return(deviceClient);
}
public static async Task RunSample(X509Certificate2 certificate)
{
using (var security = new SecurityClientX509(certificate))
using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
{
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(s_idScope, security, transport);
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync();
Console.WriteLine($"{result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
return;
}
IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate);
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth))
{
Console.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync();
Console.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage")));
Console.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync();
}
}
}
/// <summary>
/// Provisions a device to a starting hub, tries to open a connection, send telemetry,
/// and (if supported by the protocol) send a twin update. Then, this method updates the enrollment
/// to provision the device to a different hub. Based on the provided reprovisioning settings, this
/// method then checks that the device was/was not reprovisioned as expected, and that the device
/// did/did not migrate twin data as expected.
/// </summary>
public async Task ProvisioningDeviceClient_ReprovisioningFlow(
Client.TransportType transportProtocol,
AttestationMechanismType attestationType,
EnrollmentType?enrollmentType,
bool setCustomProxy,
ReprovisionPolicy reprovisionPolicy,
AllocationPolicy allocationPolicy,
CustomAllocationDefinition customAllocationDefinition,
ICollection <string> iotHubsToStartAt,
ICollection <string> iotHubsToReprovisionTo,
string proxyServerAddress = null)
{
ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(s_proxyServerAddress);
string groupId = _devicePrefix + AttestationTypeToString(attestationType) + "-" + Guid.NewGuid();
bool twinOperationsAllowed = transportProtocol != Client.TransportType.Http1;
using ProvisioningTransportHandler transport = ProvisioningE2ETests.CreateTransportHandlerFromName(transportProtocol);
using SecurityProvider security = await CreateSecurityProviderFromName(
attestationType,
enrollmentType,
groupId,
reprovisionPolicy,
allocationPolicy,
customAllocationDefinition,
iotHubsToStartAt)
.ConfigureAwait(false);
//Check basic provisioning
if (ProvisioningE2ETests.ImplementsWebProxy(transportProtocol) && setCustomProxy)
{
transport.Proxy = (proxyServerAddress != null) ? new WebProxy(s_proxyServerAddress) : null;
}
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(
s_globalDeviceEndpoint,
Configuration.Provisioning.IdScope,
security,
transport);
using var cts = new CancellationTokenSource(PassingTimeoutMiliseconds);
DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false);
ValidateDeviceRegistrationResult(result);
Client.IAuthenticationMethod auth = CreateAuthenticationMethodFromSecurityProvider(security, result.DeviceId);
await ConfirmRegisteredDeviceWorks(result, auth, transportProtocol, twinOperationsAllowed).ConfigureAwait(false);
//Check reprovisioning
await UpdateEnrollmentToForceReprovision(enrollmentType, provisioningServiceClient, iotHubsToReprovisionTo, security, groupId).ConfigureAwait(false);
result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false);
ConfirmDeviceInExpectedHub(result, reprovisionPolicy, iotHubsToStartAt, iotHubsToReprovisionTo, allocationPolicy);
await ConfirmDeviceWorksAfterReprovisioning(result, auth, transportProtocol, reprovisionPolicy, twinOperationsAllowed).ConfigureAwait(false);
if (attestationType != AttestationMechanismType.X509) //x509 enrollments are hardcoded, should never be deleted
{
await ProvisioningE2ETests.DeleteCreatedEnrollmentAsync(enrollmentType, provisioningServiceClient, security, groupId).ConfigureAwait(false);
}
}
public static async Task RunSample(X509Certificate2 certificate)
{
using (var security = new SecurityProviderX509Certificate(certificate))
// using (var transport = new ProvisioningTransportHandlerHttp())
//using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly))
{
ProvisioningDeviceClient provClient =
ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, s_idScope, security, transport);
Console.WriteLine($"RegistrationID = {security.GetRegistrationID()}");
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync();
Console.WriteLine($"{result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
return;
}
IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate);
iotClient = DeviceClient.Create(result.AssignedHub, auth);
Console.WriteLine($"Now {deviceID} can start sending messages to assigned IoT Hub: {result.AssignedHub}");
await iotClient.OpenAsync();
SendDeviceToCloudMessagesAsync();
Console.ReadLine();
}
}
private async Task <bool> Init()
{
try
{
using (var security = new SecurityProviderSymmetricKey(_deviceID, _primaryKey, null))
{
DeviceRegistrationResult result = await RegisterDeviceAsync(security);
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
_logger.LogInformation("{time} - Failed to register device", DateTimeOffset.Now);
return(false);
}
IAuthenticationMethod auth = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (security as SecurityProviderSymmetricKey).GetPrimaryKey());
_deviceClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt);
}
await SendDevicePropertiesAsync();
}
catch (Exception ex)
{
_logger.LogError($"{DateTimeOffset.Now} - Error:{ex.Message}");
return(false);
}
return(true);
}
protected void InitializeDevice(DeviceRegistrationResult result)
{
this.deviceId = result.DeviceId;
this.assignedIoTHub = result.AssignedHub;
this.registrationStatus = result.Status;
this.ready = this.registrationStatus == ProvisioningRegistrationStatusType.Assigned;
}
public async Task ProvisioningDeviceClient_InvalidRegistrationId_TpmRegister_Fail(string transportType)
{
if (!ConfigurationFound())
{
_log.WriteLine("Provisioning test configuration not found. Result inconclusive.");
return;
}
using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, TransportFallbackType.TcpOnly))
using (SecurityProvider security = new SecurityProviderTpmSimulator("invalidregistrationid"))
{
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(
s_globalDeviceEndpoint,
Configuration.Provisioning.IdScope,
security,
transport);
var cts = new CancellationTokenSource(FailingTimeoutMiliseconds);
_log.WriteLine("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false);
_log.WriteLine($"{result.Status}");
Assert.AreEqual(ProvisioningRegistrationStatusType.Failed, result.Status);
Assert.IsNull(result.AssignedHub);
Assert.IsNull(result.DeviceId);
Assert.AreEqual("Not Found", result.ErrorMessage);
Assert.AreEqual(0x00062ae9, result.ErrorCode);
}
}
// https://github.com/Azure-Samples/azure-iot-samples-csharp/blob/master/provisioning/Samples/device/SymmetricKeySample/Program.cs
// Azure IoT Central Client
static async Task Main(string[] args)
{
IAuthenticationMethod auth;
using (var security = new SecurityProviderSymmetricKey(registrationId, primaryKey, secondaryKey))
using (var transport = new ProvisioningTransportHandlerHttp())
{
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(GlobalDeviceEndpoint, idScope, security, transport);
DeviceRegistrationResult result = await provClient.RegisterAsync();
auth = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (security as SecurityProviderSymmetricKey).GetPrimaryKey());
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt))
{
while (true)
{
if (_temperature.IsAvailable)
{
try
{
Console.WriteLine($"The CPU temperature is {Math.Round(_temperature.Temperature.Celsius, 2)}");
await SendMsgIotHub(iotClient, _temperature.Temperature.Celsius);
}
catch (Exception ex)
{
Console.WriteLine("exception msg: " + ex.Message);
}
}
Thread.Sleep(10000); // sleep for 10 seconds
}
}
}
}
private static JObject RegisterDevice()
{
if (string.IsNullOrEmpty(thumbPrint))
{
throw new Exception("No thumbprint in config or given as parameter");
}
if (string.IsNullOrEmpty(dpsScopeId))
{
throw new Exception("DPS Scope ID not given");
}
if (deviceCert == null)
{
deviceCert = deviceIdentity.GetCert(thumbPrint);
}
DeviceRegistrationResult deviceRegisterResult = deviceIdentity.RegisterDevice(deviceCert, dpsScopeId).GetAwaiter().GetResult();
if (deviceRegisterResult.Status != ProvisioningRegistrationStatusType.Assigned)
{
throw new Exception(String.Format("Device enrollment failed with code {0}", deviceRegisterResult.Status.ToString()));
}
registerDevice = false;
deviceId = deviceRegisterResult.DeviceId;
deviceIotHub = deviceRegisterResult.AssignedHub;
if (deviceTwinProperties == null)
{
deviceTwinProperties = new TwinCollection("{ samplingFrequency: 5, temperatureAlertThreshold: 35 }");
}
return(GetConfig());
}
public static async Task RunAsync(ProvisioningDeviceClient provisioningDeviceClient, SecurityProvider security)
{
Console.WriteLine($"RegistrationID = {security.GetRegistrationID()}");
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provisioningDeviceClient.RegisterAsync().ConfigureAwait(false);
Console.WriteLine($"{result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
if (result.Status == ProvisioningRegistrationStatusType.Assigned)
{
X509Certificate2 certificate = (security as SecurityProviderX509).GetAuthenticationCertificate();
Console.WriteLine($"Registration certificate thumbprint: {certificate.Thumbprint}");
IAuthenticationMethod auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, certificate);
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Amqp))
{
Console.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync().ConfigureAwait(false);
Console.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false);
Console.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync().ConfigureAwait(false);
}
}
}
public async Task RunSampleAsync()
{
// When registering with a symmetric key using a group enrollment, the provided key will not
// work for a specific device, rather it must be computed based on two values: the group enrollment
// key and the desired device Id.
if (_parameters.EnrollmentType == EnrollmentType.Group)
{
_parameters.PrimaryKey = ComputeDerivedSymmetricKey(_parameters.PrimaryKey, _parameters.Id);
}
Console.WriteLine($"Initializing the device provisioning client...");
// For individual enrollments, the first parameter must be the registration Id, where in the enrollment
// the device Id is already chosen. However, for group enrollments the device Id can be requested by
// the device, as long as the key has been computed using that value.
// Also, the secondary could could be included, but was left out for the simplicity of this sample.
using var security = new SecurityProviderSymmetricKey(
_parameters.Id,
_parameters.PrimaryKey,
null);
using var transportHandler = GetTransportHandler();
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(
_parameters.GlobalDeviceEndpoint,
_parameters.IdScope,
security,
transportHandler);
Console.WriteLine($"Initialized for registration Id {security.GetRegistrationID()}.");
Console.WriteLine("Registering with the device provisioning service...");
DeviceRegistrationResult result = await provClient.RegisterAsync();
Console.WriteLine($"Registration status: {result.Status}.");
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
Console.WriteLine($"Registration status did not assign a hub, so exiting this sample.");
return;
}
Console.WriteLine($"Device {result.DeviceId} registered to {result.AssignedHub}.");
Console.WriteLine("Creating symmetric key authentication for IoT Hub...");
IAuthenticationMethod auth = new DeviceAuthenticationWithRegistrySymmetricKey(
result.DeviceId,
security.GetPrimaryKey());
Console.WriteLine($"Testing the provisioned device with IoT Hub...");
using DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, _parameters.TransportType);
Console.WriteLine("Sending a telemetry message...");
using var message = new Message(Encoding.UTF8.GetBytes("TestMessage"));
await iotClient.SendEventAsync(message);
Console.WriteLine("Finished.");
}
public static async Task RunTest(string scopeId, string sasToken, string deviceId, string dpsEndpoint)
{
Console.WriteLine("Starting DPS client tests.");
int successes = 0;
int failures = 0;
var security = new SecurityProviderSymmetricKey(deviceId, sasToken, null);
var transportHandlers = new List <(ProvisioningTransportHandler, string)>();
transportHandlers.Add((new ProvisioningTransportHandlerHttp(), "default"));
foreach (var transportFallbackType in _transportFallbackTypes)
{
transportHandlers.Add((new ProvisioningTransportHandlerAmqp(transportFallbackType), transportFallbackType.ToString()));
transportHandlers.Add((new ProvisioningTransportHandlerMqtt(transportFallbackType), transportFallbackType.ToString()));
}
foreach ((ProvisioningTransportHandler, string)transportHandler in transportHandlers)
{
try
{
Console.WriteLine($"Registering with {transportHandler.Item1.GetType().Name}/{transportHandler.Item2}");
var provClient = ProvisioningDeviceClient.Create(
dpsEndpoint,
scopeId,
security,
transportHandler.Item1);
DeviceRegistrationResult provResult = await provClient.RegisterAsync().ConfigureAwait(false);
if (provResult.Status != ProvisioningRegistrationStatusType.Assigned)
{
Console.WriteLine($"Failed to connect due to {provResult.ErrorCode}: {provResult.ErrorMessage}.");
continue;
}
Console.WriteLine("Succeeded.\n");
successes++;
}
catch (Exception ex)
{
// Print all the relevant reasons for failing, without printing out the entire exception information
var reason = new StringBuilder();
Exception next = ex;
do
{
reason.AppendFormat($" - {next.GetType()}: {next.Message}\n");
next = next.InnerException;
}while (next != null);
Console.WriteLine($"Failed for {transportHandler} due to:\n{reason}");
failures++;
}
}
Console.WriteLine($"DPS client tests finished with {successes} successes and {failures} failures.");
}
public async Task <ActionResult <DeviceRegistrationResult> > RegisterDevice([FromBody] DeviceRegistrationInput registrationInput, CancellationToken cancellationToken)
{
if (this.ModelState.IsValid)
{
var result = new DeviceRegistrationResult();
try
{
if (registrationInput == null)
{
return(BadRequest());
}
var push = new PushUri();
push.UserId = UserId;
push.PlatformType = registrationInput.Plt;
if (!String.IsNullOrWhiteSpace(registrationInput.Uri))
{
push.PushLocation = HttpUtility.UrlDecode(registrationInput.Uri);
}
else if (registrationInput.Plt == (int)Platforms.Android)
{
push.PushLocation = "Android";
}
else if (registrationInput.Plt == (int)Platforms.iPhone || registrationInput.Plt == (int)Platforms.iPad)
{
push.PushLocation = "Apple";
}
push.DeviceId = registrationInput.Did;
push.Uuid = registrationInput.Id;
push.DepartmentId = DepartmentId;
CqrsEvent registerUnitPushEvent = new CqrsEvent();
registerUnitPushEvent.Type = (int)CqrsEventTypes.PushRegistration;
registerUnitPushEvent.Data = ObjectSerialization.Serialize(push);
await _cqrsProvider.EnqueueCqrsEventAsync(registerUnitPushEvent);
result.Sfl = true;
result.Id = push.PushUriId;
return(result);
}
catch (Exception ex)
{
result.Sfl = false;
Framework.Logging.LogException(ex);
return(result);
}
}
return(BadRequest());
}
public async Task <ResultCommand> ProvisionDevice(RequestCommandProvisionDevice requestProvisionDevice, string password)
{
try
{
DeviceCertificateModel certificateInfo = requestProvisionDevice.DeviceCertificateInformation;
//Load certificate chain
var(deviceCertificate, collectionCertificates) =
LoadCertificateFromPfx(Convert.FromBase64String(certificateInfo.Certificate), password);
//Save certificate in store
if (!await SaveCertificateInStore(deviceCertificate))
{
return(ResultCommand.CreateFailedCommand($"Error while saving User Certificate in Store."));
}
using (var securityProvider = new SecurityProviderX509Certificate(deviceCertificate, collectionCertificates))
{
using (var transport = new ProvisioningTransportHandlerHttp())
{
ProvisioningDeviceClient provClient =
ProvisioningDeviceClient.Create(certificateInfo.DpsInstance, certificateInfo.DpsIdScope, securityProvider, transport);
DeviceRegistrationResult result = await provClient.RegisterAsync();
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
DebugHelper.LogError($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
return(ResultCommand.CreateFailedCommand($"Error during registration: {result.Status}, {result.ErrorMessage}"));
}
//Test the connection
if (!await TestDeviceConnection(result.DeviceId, result.AssignedHub, deviceCertificate))
{
return(ResultCommand.CreateFailedCommand($"Error while testing the device connection."));
}
//Persist provision in TPM/HSM
SimulatedDevice.ProvisionDevice(result.AssignedHub, result.DeviceId);
//Provisioned!
SimulatedDevice.IsProvisioned = true;
}
}
if (deviceCertificate != null)
{
deviceCertificate.Dispose();
}
return(ResultCommand.CreateSuccessCommand());
}
catch (Exception e)
{
DebugHelper.LogError($"Error ProvisionDevice: {e.Message}.");
return(ResultCommand.CreateFailedCommand($"Error ProvisionDevice: {e.Message}."));
}
}
public async Task RunSampleAsync()
{
try
{
Console.WriteLine($"RegistrationID = {_security.GetRegistrationID()}");
VerifyRegistrationIdFormat(_security.GetRegistrationID());
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await _provClient.RegisterAsync().ConfigureAwait(false);
Console.WriteLine($"{result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
return;
}
Microsoft.Azure.Devices.Client.IAuthenticationMethod auth;
if (_security is SecurityProviderTpm)
{
Console.WriteLine("Creating TPM DeviceClient authentication.");
auth = new DeviceAuthenticationWithTpm(result.DeviceId, _security as SecurityProviderTpm);
}
else if (_security is SecurityProviderX509)
{
Console.WriteLine("Creating X509 DeviceClient authentication.");
auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, (_security as SecurityProviderX509).GetAuthenticationCertificate());
}
else if (_security is SecurityProviderSymmetricKey)
{
Console.WriteLine("Creating Symmetric Key DeviceClient authenication");
auth = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (_security as SecurityProviderSymmetricKey).GetPrimaryKey());
}
else
{
throw new NotSupportedException("Unknown authentication type.");
}
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, Microsoft.Azure.Devices.Client.TransportType.Amqp))
{
Console.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync().ConfigureAwait(false);
Console.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(new Microsoft.Azure.Devices.Client.Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false);
Console.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync().ConfigureAwait(false);
}
}
catch (Exception)
{
throw;
}
}
/// <summary>
/// Assert that the device registration result has not errors, and that it was assigned to a hub and has a device id
/// </summary>
private void ValidateDeviceRegistrationResult(DeviceRegistrationResult result)
{
Assert.IsNotNull(result);
_log.WriteLine($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})");
_log.WriteLine($"ProvisioningDeviceClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
Assert.AreEqual(ProvisioningRegistrationStatusType.Assigned, result.Status);
Assert.IsNotNull(result.AssignedHub);
Assert.IsNotNull(result.DeviceId);
}
static async Task <DeviceRegistrationResult> GetDeviceRegistrationResultAsync(ProvisioningDeviceClient provClient, SecurityProviderX509 security)
{
DeviceRegistrationResult result = await provClient.RegisterAsync().ConfigureAwait(false);
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
throw new Exception("Device not assigned");
}
return(result);
}
/// <summary>
/// Assert that the device registration result has not errors, and that it was assigned to a hub and has a device id
/// </summary>
private void ValidateDeviceRegistrationResult(DeviceRegistrationResult result)
{
result.Should().NotBeNull();
Logger.Trace($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})");
Logger.Trace($"ProvisioningDeviceClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
result.Status.Should().Be(ProvisioningRegistrationStatusType.Assigned, $"Unexpected provisioning status, substatus: {result.Substatus}, error code: {result.ErrorCode}, error message: {result.ErrorMessage}");
result.AssignedHub.Should().NotBeNull();
result.DeviceId.Should().NotBeNull();
}
/// <summary>
/// Assert that the device registration result has not errors, and that it was assigned to a hub and has a device id
/// </summary>
private void ValidateDeviceRegistrationResult(DeviceRegistrationResult result)
{
Assert.IsNotNull(result);
Logger.Trace($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})");
Logger.Trace($"ProvisioningDeviceClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
Assert.AreEqual(ProvisioningRegistrationStatusType.Assigned, result.Status, $"Unexpected provisioning status, substatus: {result.Substatus}, error code: {result.ErrorCode}, error message: {result.ErrorMessage}");
Assert.IsNotNull(result.AssignedHub);
Assert.IsNotNull(result.DeviceId);
}
public static async Task RunSample()
{
// Replace the following type with SecurityClientTpm() to use a real TPM2.0 device.
Console.WriteLine("Starting TPM simulator.");
SecurityClientTpmSimulator.StartSimulatorProcess();
using (var security = new SecurityClientTpmSimulator(RegistrationId))
using (var transport = new ProvisioningTransportHandlerHttp())
{
// Note that the TPM simulator will create a NVChip file containing the simulated TPM state.
Console.WriteLine("Extracting endorsement key.");
string base64EK = Convert.ToBase64String(security.GetEndorsementKey());
Console.WriteLine(
"In your Azure Device Provisioning Service please go to 'Manage enrollments' and select " +
"'Individual Enrollments'. Select 'Add' then fill in the following:");
Console.WriteLine("\tMechanism: TPM");
Console.WriteLine($"\tRegistration ID: {RegistrationId}");
Console.WriteLine($"\tEndorsement key: {base64EK}");
Console.WriteLine("\tDevice ID: iothubtpmdevice1 (or any other valid DeviceID)");
Console.WriteLine();
Console.WriteLine("Press ENTER when ready.");
Console.ReadLine();
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(s_idScope, security, transport);
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync();
Console.WriteLine($"{result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
return;
}
var auth = new DeviceAuthenticationWithTpm(result.DeviceId, security);
// TODO: Temporary workaround until IoTHub DeviceClient gets Token refresh support.
await auth.GetTokenAsync(result.AssignedHub);
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Mqtt))
{
Console.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync();
Console.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(new Message(Encoding.UTF8.GetBytes("TestMessage")));
Console.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync();
}
}
}
//Provision the Device
static void ProvisionDevice()
{
Console.WriteLine("Provisioning process starting..");
Console.WriteLine("Fetching secrets..");
var secrets = ReadSecrets();
if (secrets == null)
{
Console.WriteLine("No secrets found!");
return;
}
Console.WriteLine("Secrets found!");
string dpsServiceEndpoint = secrets.serviceEndpoint;
string idScope = secrets.idScope;
string registrationId = secrets.registrationId;
string primaryDeviceKey = secrets.primaryDerivedKey;
string secondaryDeviceKey = secrets.secondaryDerivedKey;
using (var security = new SecurityProviderSymmetricKey(registrationId, primaryDeviceKey, secondaryDeviceKey))
{
// Select one of the available transports:
// To optimize for size, reference only the protocols used by your application.
using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
// using (var transport = new ProvisioningTransportHandlerHttp())
// using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.TcpOnly))
// using (var transport = new ProvisioningTransportHandlerMqtt(TransportFallbackType.WebSocketOnly))
{
try
{
Console.WriteLine("Creating provisioning client");
ProvisioningDeviceClient provClient =
ProvisioningDeviceClient.Create(dpsServiceEndpoint, idScope, security, transport);
Console.WriteLine("Starting attestation..");
DeviceRegistrationResult registrationResult = provClient.RegisterAsync().GetAwaiter().GetResult();
Console.WriteLine("Device successfully provisioned");
Console.WriteLine("Storing primary and secondary connection strings in settings file!");
Console.WriteLine("Primary Connection string: Hostname={0};DeviceId={1};SharedAccessKey={2}", registrationResult.AssignedHub, registrationId, primaryDeviceKey);
Console.WriteLine("Secondary Connection string: Hostname={0};DeviceId={1};SharedAccessKey={2}", registrationResult.AssignedHub, registrationId, secondaryDeviceKey);
string primaryConnectionString = "Hostname=" + registrationResult.AssignedHub + ";DeviceId=" + registrationResult.DeviceId + ";SharedAccessKey=" + primaryDeviceKey;
string secondaryConnectionString = "Hostname=" + registrationResult.AssignedHub + ";DeviceId=" + registrationResult.DeviceId + ";SharedAccessKey=" + secondaryDeviceKey;
WriteSettings(primaryConnectionString, secondaryConnectionString);
}
catch (Exception ex)
{
Console.WriteLine(ex.Message + ": " + ex.InnerException.Message);
}
}
}
}
public async Task ProvisioningDeviceClient_ValidRegistrationId_Register_Ok(
string transportType,
string securityType,
X509EnrollmentType?x509EnrollmentType,
TransportFallbackType?transportFallback,
bool setCustomProxy,
string proxyServerAddress = null)
{
using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, transportFallback))
using (SecurityProvider security = await CreateSecurityProviderFromName(securityType, x509EnrollmentType).ConfigureAwait(false))
{
_verboseLog.WriteLine("Creating device");
if (ImplementsWebProxy(transportType, transportFallback) && setCustomProxy)
{
transport.Proxy = (proxyServerAddress != null) ? new WebProxy(proxyServerAddress) : null;
}
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(
s_globalDeviceEndpoint,
Configuration.Provisioning.IdScope,
security,
transport);
var cts = new CancellationTokenSource(PassingTimeoutMiliseconds);
_log.WriteLine("ProvisioningDeviceClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false);
Assert.IsNotNull(result);
_log.WriteLine($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})");
_log.WriteLine($"ProvisioningDeviceClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
Assert.AreEqual(ProvisioningRegistrationStatusType.Assigned, result.Status);
Assert.IsNotNull(result.AssignedHub);
Assert.IsNotNull(result.DeviceId);
Client.IAuthenticationMethod auth = CreateAuthenticationMethodFromSecurityProvider(security, result.DeviceId);
// TODO: #591 - ProvisioningClient and DeviceClient should use the same protocol.
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, Client.TransportType.Http1))
{
_log.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync().ConfigureAwait(false);
_log.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(
new Client.Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false);
_log.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync().ConfigureAwait(false);
}
}
}
public async Task ProvisionAsync(string dpsGlobalDeviceEndpoint,
string dpsIdScope)
{
DeviceRegistrationResult result =
await this.RegisterDeviceAsync(
dpsGlobalDeviceEndpoint,
dpsIdScope)
.ConfigureAwait(false);
this.InitializeDevice(result);
}
static async Task <DeviceClient> DeviceRegistration(string applicationId, string deviceId, int port)
{
string deviceKey;
// See if AzureIoT hub connections string has been configured
string connectionString = ApplicationConfiguration.ConnectionStringResolve(applicationId, port);
if (!String.IsNullOrEmpty(connectionString))
{
return(DeviceClient.CreateFromConnectionString(connectionString, deviceId));
}
// See if Azure DPS has been configured
using (var hmac = new HMACSHA256(Convert.FromBase64String(ApplicationConfiguration.DpsEnrollmentGroupSymmetricKeyResolve(applicationId, port))))
{
deviceKey = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(deviceId)));
}
using (var securityProvider = new SecurityProviderSymmetricKey(deviceId, deviceKey, null))
{
using (var transport = new ProvisioningTransportHandlerAmqp(TransportFallbackType.TcpOnly))
{
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(ApplicationConfiguration.DpsGlobaDeviceEndpointResolve(),
ApplicationConfiguration.DpsIdScopeResolve(applicationId, port),
securityProvider,
transport);
DeviceRegistrationResult result = await provClient.RegisterAsync();
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
throw new ApplicationException($"DevID:{deviceId} Status:{result.Status} RegisterAsync failed");
}
IAuthenticationMethod authentication = new DeviceAuthenticationWithRegistrySymmetricKey(result.DeviceId, (securityProvider as SecurityProviderSymmetricKey).GetPrimaryKey());
return(DeviceClient.Create(result.AssignedHub,
authentication,
new ITransportSettings[]
{
new AmqpTransportSettings(TransportType.Amqp_Tcp_Only)
{
PrefetchCount = 0,
AmqpConnectionPoolSettings = new AmqpConnectionPoolSettings()
{
Pooling = true,
}
}
}
));
}
}
}
public async Task RunAsync()
{
Console.WriteLine($"RegistrationID = {security.GetRegistrationID()}");
// Register the Device with DPS
Console.Write("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync().ConfigureAwait(false);
Console.WriteLine($"Device Registration Status: {result.Status}");
Console.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
deviceId = result.DeviceId;
// Verify Device Registration Status
if (result.Status != ProvisioningRegistrationStatusType.Assigned)
{
throw new Exception($"DeviceRegistrationResult.Status is NOT 'Assigned'");
}
// Create x509 DeviceClient Authentication
Console.WriteLine("Creating X509 DeviceClient authentication.");
var auth = new DeviceAuthenticationWithX509Certificate(result.DeviceId, (security as SecurityProviderX509).GetAuthenticationCertificate());
Console.WriteLine("Simulated Device. Ctrl-C to exit.");
using (iotClient = DeviceClient.Create(result.AssignedHub, auth, TransportType.Amqp))
{
// Explicitly open DeviceClient to communicate with Azure IoT Hub
Console.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync().ConfigureAwait(false);
// TODO 1: Setup OnDesiredPropertyChanged Event Handling to receive Desired Properties changes
Console.WriteLine("Connecting SetDesiredPropertyUpdateCallbackAsync event handler...");
await iotClient.SetDesiredPropertyUpdateCallbackAsync(OnDesiredPropertyChanged, null).ConfigureAwait(false);
// TODO 2: Load Device Twin Properties since device is just starting up
Console.WriteLine("Loading Device Twin Properties...");
var twin = await iotClient.GetTwinAsync().ConfigureAwait(false);
// Use OnDesiredPropertyChanged event handler to set the loaded Device Twin Properties (re-use!)
await OnDesiredPropertyChanged(twin.Properties.Desired, null);
// Start reading and sending device telemetry
Console.WriteLine("Start reading and sending device telemetry...");
await SendDeviceToCloudMessagesAsync(iotClient);
// Explicitly close DeviceClient
Console.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync().ConfigureAwait(false);
}
}
public async Task ProvisioningDeviceClient_ValidRegistrationId_Register_Ok(
string transportType,
string securityType,
X509EnrollmentType?x509EnrollmentType,
TransportFallbackType?transportFallback)
{
if (!ConfigurationFound())
{
_log.WriteLine("Provisioning test configuration not found. Result inconclusive.");
return;
}
using (ProvisioningTransportHandler transport = CreateTransportHandlerFromName(transportType, transportFallback))
using (SecurityProvider security = CreateSecurityProviderFromName(securityType, x509EnrollmentType))
{
_verboseLog.WriteLine("Creating device");
ProvisioningDeviceClient provClient = ProvisioningDeviceClient.Create(
s_globalDeviceEndpoint,
Configuration.Provisioning.IdScope,
security,
transport);
var cts = new CancellationTokenSource(PassingTimeoutMiliseconds);
_log.WriteLine("ProvisioningClient RegisterAsync . . . ");
DeviceRegistrationResult result = await provClient.RegisterAsync(cts.Token).ConfigureAwait(false);
Assert.IsNotNull(result);
_log.WriteLine($"{result.Status} (Error Code: {result.ErrorCode}; Error Message: {result.ErrorMessage})");
_log.WriteLine($"ProvisioningClient AssignedHub: {result.AssignedHub}; DeviceID: {result.DeviceId}");
Assert.AreEqual(ProvisioningRegistrationStatusType.Assigned, result.Status);
Assert.IsNotNull(result.AssignedHub);
Assert.IsNotNull(result.DeviceId);
Client.IAuthenticationMethod auth = CreateAuthenticationMethodFromSecurityProvider(security, result.DeviceId);
using (DeviceClient iotClient = DeviceClient.Create(result.AssignedHub, auth, Client.TransportType.Mqtt_Tcp_Only))
{
_log.WriteLine("DeviceClient OpenAsync.");
await iotClient.OpenAsync().ConfigureAwait(false);
_log.WriteLine("DeviceClient SendEventAsync.");
await iotClient.SendEventAsync(
new Client.Message(Encoding.UTF8.GetBytes("TestMessage"))).ConfigureAwait(false);
_log.WriteLine("DeviceClient CloseAsync.");
await iotClient.CloseAsync().ConfigureAwait(false);
}
}
}
