Created
March 18, 2020 16:03
-
-
Save nabam/657313df5aba4af29db09918636fe1c3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# Copyright 2017 Google Inc. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
"""Python sample for connecting to Google Cloud IoT Core via MQTT, using JWT. | |
This example connects to Google Cloud IoT Core via MQTT, using a JWT for device | |
authentication. After connecting, by default the device publishes 100 messages | |
to the device's MQTT topic at a rate of one per second, and then exits. | |
Before you run the sample, you must follow the instructions in the README | |
for this sample. | |
""" | |
# [START iot_mqtt_includes] | |
import argparse | |
import datetime | |
import logging | |
import os | |
import random | |
import ssl | |
import time | |
import jwt | |
import paho.mqtt.client as mqtt | |
# [END iot_mqtt_includes] | |
logging.getLogger('googleapiclient.discovery_cache').setLevel(logging.CRITICAL) | |
# The initial backoff time after a disconnection occurs, in seconds. | |
minimum_backoff_time = 1 | |
# The maximum backoff time before giving up, in seconds. | |
MAXIMUM_BACKOFF_TIME = 32 | |
# Whether to wait with exponential backoff before publishing. | |
should_backoff = False | |
# [START iot_mqtt_jwt] | |
def create_jwt(project_id, private_key_file, algorithm): | |
"""Creates a JWT (https://jwt.io) to establish an MQTT connection. | |
Args: | |
project_id: The cloud project ID this device belongs to | |
private_key_file: A path to a file containing either an RSA256 or | |
ES256 private key. | |
algorithm: The encryption algorithm to use. Either 'RS256' or 'ES256' | |
Returns: | |
A JWT generated from the given project_id and private key, which | |
expires in 20 minutes. After 20 minutes, your client will be | |
disconnected, and a new JWT will have to be generated. | |
Raises: | |
ValueError: If the private_key_file does not contain a known key. | |
""" | |
token = { | |
# The time that the token was issued at | |
'iat': datetime.datetime.utcnow(), | |
# The time the token expires. | |
'exp': datetime.datetime.utcnow() + datetime.timedelta(days=36500), | |
# The audience field should always be set to the GCP project id. | |
'aud': project_id | |
} | |
# Read the private key file. | |
with open(private_key_file, 'r') as f: | |
private_key = f.read() | |
print('Creating JWT using {} from private key file {}'.format( | |
algorithm, private_key_file)) | |
return jwt.encode(token, private_key, algorithm=algorithm) | |
# [END iot_mqtt_jwt] | |
def main(): | |
print(create_jwt("x4-supervisor-playground", "./rsa_private.pem", "RS256")) | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment