in iothub/device/iot-device-client/src/main/java/com/microsoft/azure/sdk/iot/device/ModuleClient.java [189:359]
public static ModuleClient createFromEnvironment(UnixDomainSocketChannel unixDomainSocketChannel, IotHubClientProtocol protocol, ClientOptions clientOptions) throws IotHubClientException
{
log.info("Creating module client from environment with protocol {}...", protocol);
Map<String, String> envVariables = System.getenv();
log.debug("Checking for an edgehub connection string...");
String connectionString = envVariables.get(EdgehubConnectionstringVariableName);
if (connectionString == null)
{
log.debug("No edgehub connection string was configured, checking for an IoT hub connection string...");
connectionString = envVariables.get(IothubConnectionstringVariableName);
}
// First try to create from connection string and if env variable for connection string is not found try to create from edgedUri
if (connectionString != null)
{
log.debug("Creating module client with the provided connection string");
//Check for a different default cert to be used
String alternativeDefaultTrustedCert = envVariables.get(EdgeCaCertificateFileVariableName);
SSLContext sslContext;
if (alternativeDefaultTrustedCert != null && !alternativeDefaultTrustedCert.isEmpty())
{
log.debug("Configuring module client to use the configured alternative trusted certificate");
try
{
sslContext = IotHubSSLContext.getSSLContextFromFile(alternativeDefaultTrustedCert);
}
catch (CertificateException | IOException | KeyStoreException | NoSuchAlgorithmException | KeyManagementException e)
{
throw new IotHubClientException(IotHubStatusCode.ERROR, "Failed to create an SSLContext instance from the provided trusted cert file path", e);
}
}
else
{
sslContext = new IotHubSSLContext().getSSLContext();
}
if (clientOptions != null && clientOptions.getSslContext() == null)
{
// Clone the existing client options, but with the new SSLContext
clientOptions = clientOptions.toBuilder().sslContext(sslContext)
.build();
}
else if (clientOptions == null)
{
// only override the client options completely if the user didn't provide any
clientOptions = ClientOptions.builder().sslContext(sslContext).build();
}
else
{
log.debug("Ignoring trusted certs saved in {} environment variable because custom SSLContext was provided in client options.", EdgeCaCertificateFileVariableName);
}
return new ModuleClient(connectionString, protocol, clientOptions);
}
else
{
log.info("No connection string was configured for this module, so it will get its credentials from the edgelet");
String edgedUri = envVariables.get(IotEdgedUriVariableName);
String deviceId = envVariables.get(DeviceIdVariableName);
String moduleId = envVariables.get(ModuleIdVariableName);
String hostname = envVariables.get(IotHubHostnameVariableName);
String authScheme = envVariables.get(AuthSchemeVariableName);
String gatewayHostname = envVariables.get(GatewayHostnameVariableName);
String generationId = envVariables.get(ModuleGenerationIdVariableName);
if (edgedUri == null)
{
throw new IllegalStateException("Environment variable " + IotEdgedUriVariableName + " is required.");
}
if (deviceId == null)
{
throw new IllegalStateException("Environment variable " + DeviceIdVariableName + " is required.");
}
if (moduleId == null)
{
throw new IllegalStateException("Environment variable " + ModuleIdVariableName + " is required.");
}
if (hostname == null)
{
throw new IllegalStateException("Environment variable " + IotHubHostnameVariableName + " is required.");
}
if (authScheme == null)
{
throw new IllegalStateException("Environment variable " + AuthSchemeVariableName + " is required.");
}
if (generationId == null)
{
throw new IllegalStateException("Environment variable " + ModuleGenerationIdVariableName + " is required");
}
if (!authScheme.equalsIgnoreCase(SasTokenAuthScheme))
{
throw new IllegalStateException("Unsupported authentication scheme. Supported scheme is " + SasTokenAuthScheme + ".");
}
SignatureProvider signatureProvider;
try
{
signatureProvider = new HttpHsmSignatureProvider(edgedUri, DEFAULT_API_VERSION, unixDomainSocketChannel);
}
catch (NoSuchAlgorithmException | URISyntaxException e)
{
throw new IotHubClientException(IotHubStatusCode.ERROR, "Could not use Hsm Signature Provider", e);
}
try
{
SSLContext sslContext;
if (gatewayHostname != null && !gatewayHostname.isEmpty())
{
TrustBundleProvider trustBundleProvider = new HttpsHsmTrustBundleProvider();
String trustCertificates = trustBundleProvider.getTrustBundleCerts(edgedUri, DEFAULT_API_VERSION, unixDomainSocketChannel);
sslContext = IotHubSSLContext.getSSLContextFromString(trustCertificates);
}
else
{
sslContext = new IotHubSSLContext().getSSLContext();
}
IotHubAuthenticationProvider iotHubAuthenticationProvider =
IotHubSasTokenHsmAuthenticationProvider
.create(
signatureProvider,
deviceId,
moduleId,
hostname,
gatewayHostname,
generationId,
DEFAULT_SAS_TOKEN_TIME_TO_LIVE_SECONDS,
DEFAULT_SAS_TOKEN_BUFFER_PERCENTAGE,
sslContext);
if (clientOptions != null && clientOptions.getSslContext() == null)
{
// Clone the existing client options, but with the new SSLContext
clientOptions = clientOptions.toBuilder().sslContext(sslContext)
.build();
}
else if (clientOptions == null)
{
// only override the client options completely if the user didn't provide any
clientOptions = ClientOptions.builder().sslContext(sslContext).build();
}
else
{
log.debug("Ignoring trusted certs received from edgelet because custom SSLContext was provided in client options.");
}
return new ModuleClient(iotHubAuthenticationProvider, protocol, clientOptions);
}
catch (URISyntaxException | CertificateException | NoSuchAlgorithmException | KeyStoreException | KeyManagementException e)
{
throw new IotHubClientException(IotHubStatusCode.ERROR, "Failed to handle the provided certificates", e);
}
catch (TransportException e)
{
throw e.toIotHubClientException();
}
catch (IOException e)
{
throw new IotHubClientException(IotHubStatusCode.IO_ERROR, e);
}
}
}