diff --git a/boot_manager.py b/boot_manager.py index 761989e..3d303d4 100644 --- a/boot_manager.py +++ b/boot_manager.py @@ -164,45 +164,46 @@ def connect_wifi(cfg, timeout=30): def do_checkin(cfg): _show_state('CHECKIN', '') - import urequests - from identity_iot_aes import aes_cbc_encrypt, aes_cbc_decrypt + from identity_iot import IdentityIoT - key = cfg['comm_key'].encode() if isinstance(cfg['comm_key'], str) else cfg['comm_key'] - iv = cfg['comm_iv'].encode() if isinstance(cfg['comm_iv'], str) else cfg['comm_iv'] - - sn = ubinascii.hexlify(machine.unique_id()).decode() - - payload = ujson.dumps({ - 'request': 'it_node_checkin', - 'node_id': cfg['node_id'], - 'tenant_id': cfg['tenant_id'], - 'node_type': cfg['node_type'], - 'node_sn': sn, - }) - - cipher = aes_cbc_encrypt(payload, key, iv) - body = ujson.dumps({'data': cipher}) + identity = IdentityIoT( + base_url = cfg['base_url'], + node_type = cfg.get('node_type', 'access_control'), + node_label = cfg.get('node_label', ''), + tenant_id = cfg['tenant_id'], + comm_key = cfg['comm_key'].encode() if isinstance(cfg['comm_key'], str) else cfg['comm_key'], + comm_iv = cfg['comm_iv'].encode() if isinstance(cfg['comm_iv'], str) else cfg['comm_iv'], + wifi_ssid = cfg['wifi_ssid'], + wifi_pass = cfg['wifi_pass'], + ) + # Register (idempotent) + _show_state('CHECKIN', 'Registering...') for attempt in range(3): try: - resp = urequests.post( - cfg['base_url'], - headers={'Content-Type': 'application/json'}, - data=body, - timeout=20, - ) - outer = ujson.loads(resp.text) - resp.close() - clear = aes_cbc_decrypt(outer['data'], key, iv) - result = ujson.loads(clear) - if result.get('status') == 'ok': - print('[checkin] ok') - _show_state('CHECKIN OK', cfg['node_label']) - utime.sleep(1) - return result - raise Exception('checkin status: ' + str(result.get('status'))) + identity.ensure_registered() + break except Exception as e: - print('[checkin] attempt', attempt + 1, ':', e) + print('[checkin] register attempt', attempt + 1, ':', e) + if attempt == 2: + raise + utime.sleep(3) + + # Authenticate + _show_state('CHECKIN', 'Signing...') + for attempt in range(3): + try: + token = identity.authenticate() + if token: + print('[checkin] ok — JWT issued') + _show_state('CHECKIN OK', cfg.get('node_label', '')) + utime.sleep(1) + return {'status': 'ok', 'token': token, 'identity': identity} + raise Exception('no token') + except Exception as e: + print('[checkin] auth attempt', attempt + 1, ':', e) + if attempt == 2: + raise utime.sleep(3) raise Exception('checkin failed after 3 attempts') @@ -282,7 +283,8 @@ def run(): # ------------------------------------------------------------------ elif state == 'CHECKIN': try: - do_checkin(cfg) + checkin_result = do_checkin(cfg) + identity = checkin_result.get('identity') state = 'OPERATIONAL' except Exception as e: print('[checkin] error:', e) @@ -316,4 +318,4 @@ def run(): elif state == 'ERROR': _show_state('ERROR', 'halted') utime.sleep(60) - machine.reset() + machine.reset() \ No newline at end of file