public async Task ProvisioningServiceClient_GroupEnrollments_Create_Ok( string proxyServerAddress, AttestationMechanismType attestationType, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs) { string groupId = s_devicePrefix + AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); using (ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(proxyServerAddress)) { EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroupAsync( provisioningServiceClient, attestationType, groupId, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iothubs, null, Logger).ConfigureAwait(false); EnrollmentGroup enrollmentGroupResult = null; await RetryOperationHelper .RetryOperationsAsync( async() => { enrollmentGroupResult = await provisioningServiceClient.GetEnrollmentGroupAsync(enrollmentGroup.EnrollmentGroupId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (enrollmentGroupResult == null) { throw new ArgumentException($"The enrollment group with group Id {enrollmentGroup.EnrollmentGroupId} could not retrieved, exiting test."); } Assert.AreEqual(enrollmentGroupResult.ProvisioningStatus, ProvisioningStatus.Enabled); if (reprovisionPolicy != null) { Assert.AreEqual(reprovisionPolicy.MigrateDeviceData, enrollmentGroupResult.ReprovisionPolicy.MigrateDeviceData); Assert.AreEqual(reprovisionPolicy.UpdateHubAssignment, enrollmentGroupResult.ReprovisionPolicy.UpdateHubAssignment); } if (customAllocationDefinition != null) { Assert.AreEqual(customAllocationDefinition.WebhookUrl, enrollmentGroupResult.CustomAllocationDefinition.WebhookUrl); Assert.AreEqual(customAllocationDefinition.ApiVersion, enrollmentGroupResult.CustomAllocationDefinition.ApiVersion); } Assert.AreEqual(allocationPolicy, enrollmentGroup.AllocationPolicy); await DeleteCreatedEnrollmentAsync(EnrollmentType.Group, "", enrollmentGroup.EnrollmentGroupId, Logger).ConfigureAwait(false); } }
public static async Task <EnrollmentGroup> CreateEnrollmentGroupAsync( ProvisioningServiceClient provisioningServiceClient, AttestationMechanismType attestationType, string groupId, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iothubs, DeviceCapabilities capabilities, MsTestLogger logger) { Attestation attestation; switch (attestationType) { case AttestationMechanismType.Tpm: throw new NotSupportedException("Group enrollments do not support tpm attestation"); case AttestationMechanismType.SymmetricKey: string primaryKey = CryptoKeyGenerator.GenerateKey(32); string secondaryKey = CryptoKeyGenerator.GenerateKey(32); attestation = new SymmetricKeyAttestation(primaryKey, secondaryKey); break; case AttestationMechanismType.X509: default: throw new NotSupportedException("Test code has not been written for testing this attestation type yet"); } var enrollmentGroup = new EnrollmentGroup(groupId, attestation) { Capabilities = capabilities, ReprovisionPolicy = reprovisionPolicy, AllocationPolicy = allocationPolicy, CustomAllocationDefinition = customAllocationDefinition, IotHubs = iothubs, }; EnrollmentGroup createdEnrollmentGroup = null; await RetryOperationHelper .RetryOperationsAsync( async() => { createdEnrollmentGroup = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(enrollmentGroup).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); if (createdEnrollmentGroup == null) { throw new ArgumentException($"The enrollment entry with group Id {groupId} could not be created, exiting test."); } return(createdEnrollmentGroup); }
public static async Task DeleteCreatedEnrollmentAsync( EnrollmentType?enrollmentType, string registrationId, string groupId, MsTestLogger logger) { using ProvisioningServiceClient dpsClient = CreateProvisioningService(); try { if (enrollmentType == EnrollmentType.Individual) { await RetryOperationHelper .RetryOperationsAsync( async() => { await dpsClient.DeleteIndividualEnrollmentAsync(registrationId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); } else if (enrollmentType == EnrollmentType.Group) { await RetryOperationHelper .RetryOperationsAsync( async() => { await dpsClient.DeleteEnrollmentGroupAsync(groupId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); } } catch (Exception ex) { Console.WriteLine($"Cleanup of enrollment failed due to {ex}."); } }
public async Task ProvisioningServiceClient_GetEnrollmentGroupAttestation(AttestationMechanismType attestationType) { using var provisioningServiceClient = ProvisioningServiceClient.CreateFromConnectionString(TestConfiguration.Provisioning.ConnectionString); string groupId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); EnrollmentGroup enrollmentGroup = await CreateEnrollmentGroupAsync(provisioningServiceClient, attestationType, groupId, null, AllocationPolicy.Static, null, null, null, Logger); AttestationMechanism attestationMechanism = null; await RetryOperationHelper .RetryOperationsAsync( async() => { attestationMechanism = await provisioningServiceClient.GetEnrollmentGroupAttestationAsync(enrollmentGroup.EnrollmentGroupId); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (attestationMechanism == null) { throw new ArgumentException($"The attestation mechanism for enrollment with group Id {enrollmentGroup.EnrollmentGroupId} could not retrieved, exiting test."); } // Note that tpm is not a supported attestation type for group enrollments if (attestationType == AttestationMechanismType.SymmetricKey) { attestationMechanism.Type.Should().Be(AttestationMechanismType.SymmetricKey); var symmetricKeyAttestation = (SymmetricKeyAttestation)attestationMechanism.GetAttestation(); symmetricKeyAttestation.PrimaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).PrimaryKey); symmetricKeyAttestation.SecondaryKey.Should().Be(((SymmetricKeyAttestation)enrollmentGroup.Attestation).SecondaryKey); } else if (attestationType == AttestationMechanismType.X509) { attestationMechanism.Type.Should().Be(AttestationMechanismType.X509); var x509Attestation = (X509Attestation)attestationMechanism.GetAttestation(); x509Attestation.GetPrimaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetPrimaryX509CertificateInfo().SHA1Thumbprint); x509Attestation.GetSecondaryX509CertificateInfo().SHA1Thumbprint.Should().Be(((X509Attestation)enrollmentGroup.Attestation).GetSecondaryX509CertificateInfo().SHA1Thumbprint); } }
public static async Task <IndividualEnrollment> CreateIndividualEnrollmentAsync( ProvisioningServiceClient provisioningServiceClient, string registrationId, AttestationMechanismType attestationType, X509Certificate2 authenticationCertificate, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iotHubsToProvisionTo, DeviceCapabilities capabilities, MsTestLogger logger) { Attestation attestation; IndividualEnrollment individualEnrollment; IndividualEnrollment createdEnrollment = null; switch (attestationType) { case AttestationMechanismType.Tpm: using (var tpmSim = new SecurityProviderTpmSimulator(registrationId)) { string base64Ek = Convert.ToBase64String(tpmSim.GetEndorsementKey()); individualEnrollment = new IndividualEnrollment(registrationId, new TpmAttestation(base64Ek)) { Capabilities = capabilities, AllocationPolicy = allocationPolicy, ReprovisionPolicy = reprovisionPolicy, CustomAllocationDefinition = customAllocationDefinition, IotHubs = iotHubsToProvisionTo }; IndividualEnrollment temporaryCreatedEnrollment = null; await RetryOperationHelper .RetryOperationsAsync( async() => { temporaryCreatedEnrollment = await provisioningServiceClient.CreateOrUpdateIndividualEnrollmentAsync(individualEnrollment).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); if (temporaryCreatedEnrollment == null) { throw new ArgumentException($"The enrollment entry with registration Id {registrationId} could not be created, exiting test."); } attestation = new TpmAttestation(base64Ek); temporaryCreatedEnrollment.Attestation = attestation; await RetryOperationHelper .RetryOperationsAsync( async() => { createdEnrollment = await provisioningServiceClient.CreateOrUpdateIndividualEnrollmentAsync(temporaryCreatedEnrollment).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); if (createdEnrollment == null) { throw new ArgumentException($"The enrollment entry with registration Id {registrationId} could not be updated, exiting test."); } return(createdEnrollment); } case AttestationMechanismType.SymmetricKey: string primaryKey = CryptoKeyGenerator.GenerateKey(32); string secondaryKey = CryptoKeyGenerator.GenerateKey(32); attestation = new SymmetricKeyAttestation(primaryKey, secondaryKey); break; case AttestationMechanismType.X509: attestation = X509Attestation.CreateFromClientCertificates(authenticationCertificate); break; default: throw new NotSupportedException("Test code has not been written for testing this attestation type yet"); } individualEnrollment = new IndividualEnrollment(registrationId, attestation) { Capabilities = capabilities, AllocationPolicy = allocationPolicy, ReprovisionPolicy = reprovisionPolicy, CustomAllocationDefinition = customAllocationDefinition, IotHubs = iotHubsToProvisionTo, }; await RetryOperationHelper .RetryOperationsAsync( async() => { createdEnrollment = await provisioningServiceClient.CreateOrUpdateIndividualEnrollmentAsync(individualEnrollment).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, logger) .ConfigureAwait(false); if (createdEnrollment == null) { throw new ArgumentException($"The enrollment entry with registration Id {registrationId} could not be created, exiting test."); } return(createdEnrollment); }
public async Task ProvisioningServiceClient_IndividualEnrollments_Create_Ok( string proxyServerAddress, AttestationMechanismType attestationType, ReprovisionPolicy reprovisionPolicy, AllocationPolicy allocationPolicy, CustomAllocationDefinition customAllocationDefinition, ICollection <string> iotHubsToProvisionTo) { using (ProvisioningServiceClient provisioningServiceClient = CreateProvisioningService(proxyServerAddress)) { string registrationId = AttestationTypeToString(attestationType) + "-" + Guid.NewGuid(); IndividualEnrollment individualEnrollment = await CreateIndividualEnrollmentAsync( provisioningServiceClient, registrationId, attestationType, null, reprovisionPolicy, allocationPolicy, customAllocationDefinition, iotHubsToProvisionTo, null, Logger).ConfigureAwait(false); IndividualEnrollment individualEnrollmentResult = null; await RetryOperationHelper .RetryOperationsAsync( async() => { individualEnrollmentResult = await provisioningServiceClient.GetIndividualEnrollmentAsync(individualEnrollment.RegistrationId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (individualEnrollmentResult == null) { throw new ArgumentException($"The individual enrollment with registration Id {individualEnrollment.RegistrationId} could not retrieved, exiting test."); } Assert.AreEqual(individualEnrollmentResult.ProvisioningStatus, ProvisioningStatus.Enabled); if (reprovisionPolicy != null) { Assert.AreEqual(reprovisionPolicy.UpdateHubAssignment, individualEnrollmentResult.ReprovisionPolicy.UpdateHubAssignment); Assert.AreEqual(reprovisionPolicy.MigrateDeviceData, individualEnrollmentResult.ReprovisionPolicy.MigrateDeviceData); } if (customAllocationDefinition != null) { Assert.AreEqual(customAllocationDefinition.WebhookUrl, individualEnrollmentResult.CustomAllocationDefinition.WebhookUrl); Assert.AreEqual(customAllocationDefinition.ApiVersion, individualEnrollmentResult.CustomAllocationDefinition.ApiVersion); } //allocation policy is never null Assert.AreEqual(allocationPolicy, individualEnrollmentResult.AllocationPolicy); await DeleteCreatedEnrollmentAsync(EnrollmentType.Individual, individualEnrollment.RegistrationId, null, Logger); } }
/// <summary> /// Update the enrollment under test such that it forces it to reprovision to the hubs within <paramref name="iotHubsToReprovisionTo"/> /// </summary> private async Task UpdateEnrollmentToForceReprovision(EnrollmentType? enrollmentType, ProvisioningServiceClient provisioningServiceClient, ICollection<String> iotHubsToReprovisionTo, SecurityProvider security, string groupId) { if (enrollmentType == EnrollmentType.Individual) { IndividualEnrollment retrievedEnrollment = null; await RetryOperationHelper .RetryOperationsAsync( async () => { retrievedEnrollment = await provisioningServiceClient.GetIndividualEnrollmentAsync(security.GetRegistrationID()).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (retrievedEnrollment == null) { throw new ArgumentException($"The individual enrollment entry with registration Id {security.GetRegistrationID()} could not be retrieved, exiting test."); } retrievedEnrollment.IotHubs = iotHubsToReprovisionTo; IndividualEnrollment updatedEnrollment = null; await RetryOperationHelper .RetryOperationsAsync( async () => { updatedEnrollment = await provisioningServiceClient.CreateOrUpdateIndividualEnrollmentAsync(retrievedEnrollment).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (updatedEnrollment == null) { throw new ArgumentException($"The individual enrollment entry with registration Id {security.GetRegistrationID()} could not be updated, exiting test."); } } else { EnrollmentGroup retrievedEnrollmentGroup = null; await RetryOperationHelper .RetryOperationsAsync( async () => { retrievedEnrollmentGroup = await provisioningServiceClient.GetEnrollmentGroupAsync(groupId).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (retrievedEnrollmentGroup == null) { throw new ArgumentException($"The enrollment group entry with group Id {groupId} could not be retrieved, exiting test."); } retrievedEnrollmentGroup.IotHubs = iotHubsToReprovisionTo; EnrollmentGroup updatedEnrollmentGroup = null; await RetryOperationHelper .RetryOperationsAsync( async () => { updatedEnrollmentGroup = await provisioningServiceClient.CreateOrUpdateEnrollmentGroupAsync(retrievedEnrollmentGroup).ConfigureAwait(false); }, s_provisioningServiceRetryPolicy, s_retryableExceptions, Logger) .ConfigureAwait(false); if (updatedEnrollmentGroup == null) { throw new ArgumentException($"The enrollment group entry with group Id {groupId} could not be updated, exiting test."); } } }