Azure IoT
Microsoft Azure IoTHub client libraries
Dependents: sht15_remote_monitoring RobotArmDemo iothub_client_sample_amqp f767zi_mqtt ... more
This library implements the Microsoft Azure IoTHub client library. The code is replicated from https://github.com/Azure/azure-iot-sdks
Diff: iothub_client_authorization.c
- Revision:
- 75:86205ca63a59
- Parent:
- 63:1bf1c2d60aab
- Child:
- 76:943524fee0b7
--- a/iothub_client_authorization.c Fri Aug 25 11:22:43 2017 -0700
+++ b/iothub_client_authorization.c Mon Sep 11 09:22:55 2017 -0700
@@ -10,6 +10,11 @@
#include "azure_c_shared_utility/xlogging.h"
#include "azure_c_shared_utility/strings.h"
#include "azure_c_shared_utility/sastoken.h"
+#include "azure_c_shared_utility/shared_util_options.h"
+
+#ifdef USE_DPS_MODULE
+#include "azure_hub_modules/iothub_device_auth.h"
+#endif
#include "iothub_client_authorization.h"
@@ -23,6 +28,9 @@
char* device_id;
size_t token_expiry_time_sec;
IOTHUB_CREDENTIAL_TYPE cred_type;
+#ifdef USE_DPS_MODULE
+ IOTHUB_SECURITY_HANDLE device_auth_handle;
+#endif
} IOTHUB_AUTHORIZATION_DATA;
static int get_seconds_since_epoch(size_t* seconds)
@@ -32,7 +40,7 @@
if ((current_time = get_time(NULL)) == INDEFINITE_TIME)
{
LogError("Failed getting the current local time (get_time() failed)");
- result = __LINE__;
+ result = __FAILURE__;
}
else
{
@@ -48,7 +56,7 @@
/* Codes_SRS_IoTHub_Authorization_07_001: [if device_id is NULL IoTHubClient_Auth_Create, shall return NULL. ] */
if (device_id == NULL)
{
- LogError("Invalid Parameter device_id: %p", device_key, device_id);
+ LogError("Invalid Parameter device_id: %p", device_id);
result = NULL;
}
else
@@ -114,6 +122,60 @@
return result;
}
+IOTHUB_AUTHORIZATION_HANDLE IoTHubClient_Auth_CreateFromDeviceAuth(const char* device_id)
+{
+ IOTHUB_AUTHORIZATION_DATA* result;
+ if (device_id == NULL)
+ {
+ LogError("Invalid Parameter device_id: %p", device_id);
+ result = NULL;
+ }
+ else
+ {
+#ifdef USE_DPS_MODULE
+ result = (IOTHUB_AUTHORIZATION_DATA*)malloc(sizeof(IOTHUB_AUTHORIZATION_DATA));
+ if (result == NULL)
+ {
+ LogError("Failed allocating IOTHUB_AUTHORIZATION_DATA");
+ result = NULL;
+ }
+ else
+ {
+ memset(result, 0, sizeof(IOTHUB_AUTHORIZATION_DATA));
+
+ result->device_auth_handle = iothub_device_auth_create();
+ if (result->device_auth_handle == NULL)
+ {
+ LogError("Failed allocating IOTHUB_AUTHORIZATION_DATA");
+ free(result);
+ result = NULL;
+ }
+ else if (mallocAndStrcpy_s(&result->device_id, device_id) != 0)
+ {
+ LogError("Failed allocating device_key");
+ iothub_device_auth_destroy(result->device_auth_handle);
+ free(result);
+ result = NULL;
+ }
+ else
+ {
+ if (iothub_device_auth_get_auth_type(result->device_auth_handle) == AUTH_TYPE_SAS)
+ {
+ result->cred_type = IOTHUB_CREDENTIAL_TYPE_DEVICE_AUTH;
+ }
+ else
+ {
+ result->cred_type = IOTHUB_CREDENTIAL_TYPE_X509_ECC;
+ }
+ }
+ }
+#else
+ LogError("Failed DPS module is not supported");
+ result = NULL;
+#endif
+ }
+ return result;
+}
void IoTHubClient_Auth_Destroy(IOTHUB_AUTHORIZATION_HANDLE handle)
{
@@ -121,6 +183,9 @@
if (handle != NULL)
{
/* Codes_SRS_IoTHub_Authorization_07_006: [ IoTHubClient_Auth_Destroy shall free all resources associated with the IOTHUB_AUTHORIZATION_HANDLE handle. ] */
+#ifdef USE_DPS_MODULE
+ iothub_device_auth_destroy(handle->device_auth_handle);
+#endif
free(handle->device_key);
free(handle->device_id);
free(handle->device_sas_token);
@@ -160,6 +225,54 @@
return result;
}
+int IoTHubClient_Auth_Set_xio_Certificate(IOTHUB_AUTHORIZATION_HANDLE handle, XIO_HANDLE xio)
+{
+ int result;
+ if (handle == NULL || xio == NULL)
+ {
+ LogError("Invalid Parameter handle: %p xio: %p", handle, xio);
+ result = __FAILURE__;
+ }
+ else if (handle->cred_type != IOTHUB_CREDENTIAL_TYPE_X509_ECC)
+ {
+ LogError("Invalid credential types for this operation");
+ result = __FAILURE__;
+ }
+ else
+ {
+#ifdef USE_DPS_MODULE
+ CREDENTIAL_RESULT* cred_result = iothub_device_auth_generate_credentials(handle->device_auth_handle, NULL);
+ if (cred_result == NULL)
+ {
+ LogError("Failure generating credentials");
+ result = __FAILURE__;
+ }
+ else
+ {
+ if (xio_setoption(xio, OPTION_X509_ECC_CERT, cred_result->auth_cred_result.x509_result.x509_cert) != 0)
+ {
+ LogError("Failure setting x509 cert on xio");
+ result = __FAILURE__;
+ }
+ else if (xio_setoption(xio, OPTION_X509_ECC_KEY, cred_result->auth_cred_result.x509_result.x509_alias_key) != 0)
+ {
+ LogError("Failure setting x509 key on xio");
+ result = __FAILURE__;
+ }
+ else
+ {
+ result = 0;
+ }
+ free(cred_result);
+ }
+#else
+ LogError("Failed DPS module is not supported");
+ result = __FAILURE__;
+#endif
+ }
+ return result;
+}
+
IOTHUB_CREDENTIAL_TYPE IoTHubClient_Auth_Get_Credential_Type(IOTHUB_AUTHORIZATION_HANDLE handle)
{
IOTHUB_CREDENTIAL_TYPE result;
@@ -188,57 +301,113 @@
}
else
{
- /* Codes_SRS_IoTHub_Authorization_07_021: [If the device_sas_token is NOT NULL IoTHubClient_Auth_Get_SasToken shall return a copy of the device_sas_token. ] */
- if (handle->device_sas_token != NULL)
+ if (handle->cred_type == IOTHUB_CREDENTIAL_TYPE_DEVICE_AUTH)
{
- if (mallocAndStrcpy_s(&result, handle->device_sas_token) != 0)
- {
- LogError("failure allocating sas token", scope);
- result = NULL;
- }
- }
- /* Codes_SRS_IoTHub_Authorization_07_009: [ if handle or scope are NULL, IoTHubClient_Auth_Get_SasToken shall return NULL. ] */
- else if (scope == NULL)
- {
- LogError("Invalid Parameter scope: %p", scope);
- result = NULL;
- }
- else
- {
- const char* key_name = "";
- STRING_HANDLE sas_token;
+#ifdef USE_DPS_MODULE
+ DEVICE_AUTH_CREDENTIAL_INFO dev_auth_cred;
size_t sec_since_epoch;
- /* Codes_SRS_IoTHub_Authorization_07_010: [ IoTHubClient_Auth_Get_ConnString shall construct the expiration time using the expire_time. ] */
if (get_seconds_since_epoch(&sec_since_epoch) != 0)
{
- /* Codes_SRS_IoTHub_Authorization_07_020: [ If any error is encountered IoTHubClient_Auth_Get_ConnString shall return NULL. ] */
LogError("failure getting seconds from epoch");
result = NULL;
}
else
{
- /* Codes_SRS_IoTHub_Authorization_07_011: [ IoTHubClient_Auth_Get_ConnString shall call SASToken_CreateString to construct the sas token. ] */
size_t expiry_time = sec_since_epoch+expire_time;
- if ( (sas_token = SASToken_CreateString(handle->device_key, scope, key_name, expiry_time)) == NULL)
+ dev_auth_cred.sas_info.expiry_seconds = expiry_time;
+ dev_auth_cred.sas_info.token_scope = scope;
+ dev_auth_cred.dev_auth_type = AUTH_TYPE_SAS;
+
+ CREDENTIAL_RESULT* cred_result = iothub_device_auth_generate_credentials(handle->device_auth_handle, &dev_auth_cred);
+ if (cred_result == NULL)
{
- /* Codes_SRS_IoTHub_Authorization_07_020: [ If any error is encountered IoTHubClient_Auth_Get_ConnString shall return NULL. ] */
- LogError("Failed creating sas_token");
+ LogError("failure getting credentials from device auth module");
result = NULL;
}
else
{
- /* Codes_SRS_IoTHub_Authorization_07_012: [ On success IoTHubClient_Auth_Get_ConnString shall allocate and return the sas token in a char*. ] */
- if (mallocAndStrcpy_s(&result, STRING_c_str(sas_token) ) != 0)
+ if (mallocAndStrcpy_s(&result, cred_result->auth_cred_result.sas_result.sas_token) != 0)
+ {
+ LogError("failure allocating Sas Token");
+ result = NULL;
+ }
+ free(cred_result->auth_cred_result.sas_result.sas_token);
+ free(cred_result);
+ }
+ }
+#else
+ LogError("Failed DPS module is not supported");
+ result = NULL;
+#endif
+ }
+ else if (handle->cred_type == IOTHUB_CREDENTIAL_TYPE_SAS_TOKEN)
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_021: [If the device_sas_token is NOT NULL IoTHubClient_Auth_Get_SasToken shall return a copy of the device_sas_token. ] */
+ if (handle->device_sas_token != NULL)
+ {
+ if (mallocAndStrcpy_s(&result, handle->device_sas_token) != 0)
+ {
+ LogError("failure allocating sas token");
+ result = NULL;
+ }
+ }
+ else
+ {
+ LogError("failure device sas token is NULL");
+ result = NULL;
+ }
+ }
+ else if (handle->cred_type == IOTHUB_CREDENTIAL_TYPE_DEVICE_KEY)
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_009: [ if handle or scope are NULL, IoTHubClient_Auth_Get_SasToken shall return NULL. ] */
+ if (scope == NULL)
+ {
+ LogError("Invalid Parameter scope: %p", scope);
+ result = NULL;
+ }
+ else
+ {
+ const char* key_name = "";
+ STRING_HANDLE sas_token;
+ size_t sec_since_epoch;
+
+ /* Codes_SRS_IoTHub_Authorization_07_010: [ IoTHubClient_Auth_Get_ConnString shall construct the expiration time using the expire_time. ] */
+ if (get_seconds_since_epoch(&sec_since_epoch) != 0)
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_020: [ If any error is encountered IoTHubClient_Auth_Get_ConnString shall return NULL. ] */
+ LogError("failure getting seconds from epoch");
+ result = NULL;
+ }
+ else
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_011: [ IoTHubClient_Auth_Get_ConnString shall call SASToken_CreateString to construct the sas token. ] */
+ size_t expiry_time = sec_since_epoch+expire_time;
+ if ( (sas_token = SASToken_CreateString(handle->device_key, scope, key_name, expiry_time)) == NULL)
{
/* Codes_SRS_IoTHub_Authorization_07_020: [ If any error is encountered IoTHubClient_Auth_Get_ConnString shall return NULL. ] */
- LogError("Failed copying result");
+ LogError("Failed creating sas_token");
result = NULL;
}
- STRING_delete(sas_token);
+ else
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_012: [ On success IoTHubClient_Auth_Get_ConnString shall allocate and return the sas token in a char*. ] */
+ if (mallocAndStrcpy_s(&result, STRING_c_str(sas_token) ) != 0)
+ {
+ /* Codes_SRS_IoTHub_Authorization_07_020: [ If any error is encountered IoTHubClient_Auth_Get_ConnString shall return NULL. ] */
+ LogError("Failed copying result");
+ result = NULL;
+ }
+ STRING_delete(sas_token);
+ }
}
}
}
+ else
+ {
+ LogError("Failed getting sas token invalid credential type");
+ result = NULL;
+ }
}
return result;
}
