-
Notifications
You must be signed in to change notification settings - Fork 235
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Npatilsen/dps cert march #1687
base: preview
Are you sure you want to change the base?
Npatilsen/dps cert march #1687
Conversation
...ice-client/src/main/java/com/microsoft/azure/sdk/iot/provisioning/device/AdditionalData.java
Show resolved
Hide resolved
.../microsoft/azure/sdk/iot/provisioning/device/ProvisioningDeviceClientRegistrationResult.java
Outdated
Show resolved
Hide resolved
...com/microsoft/azure/sdk/iot/provisioning/device/internal/ProvisioningDeviceClientConfig.java
Outdated
Show resolved
Hide resolved
...rc/main/java/com/microsoft/azure/sdk/iot/provisioning/device/internal/task/RegisterTask.java
Outdated
Show resolved
Hide resolved
...om/microsoft/azure/sdk/iot/provisioning/service/configs/ClientCertificateIssuancePolicy.java
Outdated
Show resolved
Hide resolved
...main/java/com/microsoft/azure/sdk/iot/provisioning/service/configs/IndividualEnrollment.java
Show resolved
Hide resolved
Abhipsa had to upgrade the service API version to "2021-11-01-preview" FYI. You'll find this hardcoded in SDKUtils.java I think |
*/ | ||
@Getter | ||
@Setter | ||
public String operationalCertificateRequest; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The choice of variable name on the .NET SDK (we'd like to keep the variable name same across all languages so as to keep the user experience similar): https://github.com/Azure/azure-iot-sdk-csharp/blob/c3008205c68de5b8fede085533048987e15af1c9/provisioning/device/src/ProvisioningRegistrationAdditionalData.cs#L23
@@ -0,0 +1,47 @@ | |||
// Copyright (c) Microsoft. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was completing step ii
of the .NET implementation of this feature and though that it could be useful to make it a very small sample. My feelings on it are mixed since its presence without understanding its relationship to the main feature sample in the device client could cause confusion. I've added it into the pom.xml
for the time being and would love feedback on whether doing this step via a sample like this or just leaving it to the user would be better.
@@ -9,20 +9,22 @@ | |||
import com.microsoft.azure.sdk.iot.provisioning.device.AdditionalData; | |||
import com.microsoft.azure.sdk.iot.provisioning.device.internal.exceptions.ProvisioningDeviceClientException; | |||
import com.microsoft.azure.sdk.iot.provisioning.security.SecurityProvider; | |||
//import com.microsoft.azure.sdk.iot.provisioning.service; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove?
private static final String globalEndpoint = "[Your Provisioning Service Global Endpoint here]"; | ||
private static final ProvisioningDeviceClientTransportProtocol PROVISIONING_DEVICE_CLIENT_TRANSPORT_PROTOCOL = ProvisioningDeviceClientTransportProtocol.HTTPS; | ||
private static final String idScope = ""; | ||
private static final String globalEndpoint = ""; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
private static final String globalEndpoint = ""; | |
private static final String globalEndpoint = "global.azure-devices-provisioning.net"; |
This default value works for everyone who isn't on a govt. or private cloud instance, so we may as well fill it in for them
System.out.println("Failed to create directory for certificates."); | ||
throw new IOException(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
System.out.println("Failed to create directory for certificates."); | |
throw new IOException(); | |
throw new IOException("Failed to create directory for certificates."); |
* Link Individual Enrollment in DPS to a Certificate Authority (CA). Intended to be used with the | ||
* Provisioning Certificate Issuance Sample. | ||
*/ | ||
public class ServiceLinkEnrollmentToCASample |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe just "LinkEnrollmentToCASample" since "service" is implied by being in a provisioning service client sample folder?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/* | ||
* Details of the Provisioning. | ||
*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/* | |
* Details of the Provisioning. | |
*/ | |
// The connection string for your DPS instance. |
@@ -6,10 +6,10 @@ | |||
import lombok.Getter; | |||
import lombok.Setter; | |||
|
|||
/* Custom class for issuing client certificates. */ | |||
/** Custom class for issuing client certificates. */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/** Custom class for issuing client certificates. */ | |
/** | |
* Custom class for issuing client certificates. | |
*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same change below. Making this style of a comment a one liner is a bit awkward.
@@ -101,7 +101,8 @@ public void run(ResponseData responseData, Object context) throws ProvisioningDe | |||
throw new ProvisioningDeviceClientException(new IllegalArgumentException("authorization cannot be null")); | |||
} | |||
|
|||
//SRS_RegisterTask_25_001: [ Constructor shall save provisioningDeviceClientConfig , securityProvider, provisioningDeviceClientContract and authorization.] | |||
// check if using operational CSR | |||
this.operationalClientCertificateRequest = provisioningDeviceClientConfig.getOperationalCertificateRequest(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The comment above references some checking happening here, but the code doesn't have any checks in this part of the implementation. Is that pending, or is the comment out-of-date?
@@ -101,7 +101,8 @@ public void run(ResponseData responseData, Object context) throws ProvisioningDe | |||
throw new ProvisioningDeviceClientException(new IllegalArgumentException("authorization cannot be null")); | |||
} | |||
|
|||
//SRS_RegisterTask_25_001: [ Constructor shall save provisioningDeviceClientConfig , securityProvider, provisioningDeviceClientContract and authorization.] | |||
// check if using operational CSR | |||
this.operationalClientCertificateRequest = provisioningDeviceClientConfig.getOperationalCertificateRequest(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see the operational certificate being set from the additional data into the provisioning client config. Am I missing something?
It seems like the field should be set in here:
Lines 110 to 124 in 214a540
public void registerDevice(ProvisioningDeviceClientRegistrationCallback provisioningDeviceClientRegistrationCallback, Object context, AdditionalData additionalData) throws ProvisioningDeviceClientException | |
{ | |
if (provisioningDeviceClientRegistrationCallback == null) | |
{ | |
throw new IllegalArgumentException("registration callback cannot be null"); | |
} | |
this.provisioningDeviceClientConfig.setPayload(additionalData.getProvisioningPayload()); | |
this.provisioningDeviceClientConfig.setRegistrationCallback(provisioningDeviceClientRegistrationCallback, context); | |
log.debug("Starting provisioning thread..."); | |
ProvisioningTask provisioningTask = new ProvisioningTask(this.provisioningDeviceClientConfig, this.provisioningDeviceClientContract); | |
executor.submit(provisioningTask); | |
} |
@@ -47,6 +47,7 @@ class RegisterTask implements Callable<RegistrationOperationStatusParser> | |||
private final Authorization authorization; | |||
private final SecurityProvider securityProvider; | |||
private final ProvisioningDeviceClientConfig provisioningDeviceClientConfig; | |||
private final String operationalClientCertificateRequest; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This field isn't being referenced anywhere in this class. Is this required?
No description provided.