这是 Arduino IoT Cloud 的 Python 客户端,可在 CPython 和 MicroPython 上运行。客户端支持基本和高级身份验证方法、同步和异步模式,并提供用户友好的API,允许用户连接到云端,只需几行代码即可创建本地对象并将其链接到云端对象。
以下基本示例展示了如何使用基本用户名和密码身份验证连接到 Arduino IoT 云,并从仪表板的开关小部件控制 LED。
from secrets import DEVICE_ID
from secrets import SECRET_KEY
# Switch callback, toggles the LED.
def on_switch_changed ( client , value ):
# Note the client object passed to this function can be used to access
# and modify any registered cloud object. The following line updates
# the LED value.
client [ "led" ] = value
# 1. Create a client object, which is used to connect to the IoT cloud and link local
# objects to cloud objects. Note a username and password can be used for basic authentication
# on both CPython and MicroPython. For more advanced authentication methods, please see the examples.
client = ArduinoCloudClient ( device_id = DEVICE_ID , username = DEVICE_ID , password = SECRET_KEY )
# 2. Register cloud objects.
# Note: The following objects must be created first in the dashboard and linked to the device.
# When the switch is toggled from the dashboard, the on_switch_changed function is called with
# the client object and new value args.
client . register ( "sw1" , value = None , on_write = on_switch_changed )
# The LED object is updated in the switch's on_write callback.
client . register ( "led" , value = None )
# 3. Start the Arduino cloud client.
client . start ()
您的secrets.py
文件应如下所示:
WIFI_SSID = "" # WiFi network SSID (for MicroPython)
WIFI_PASS = "" # WiFi network key (for MicroPython)
DEVICE_ID = "" # Provided by Arduino cloud when creating a device.
SECRET_KEY = "" # Provided by Arduino cloud when creating a device.
请注意,默认情况下,客户端以异步模式运行。在此模式下,客户端运行异步循环来更新任务和记录、轮询网络事件等。客户端还支持同步模式,该模式需要定期客户端轮询。要以同步模式运行客户端,请在创建客户端对象时传递sync_mode=True
,并在连接后定期调用client.update()
。例如:
# Run the client in synchronous mode.
client = ArduinoCloudClient ( device_id = DEVICE_ID , ..., sync_mode = True )
....
client . register ( "led" , value = None )
....
# In synchronous mode, this function returns immediately after connecting to the cloud.
client . start ()
# Update the client periodically.
while True :
client . update ()
time . sleep ( 0.100 )
有关更详细的示例和高级 API 功能,请参阅示例。
客户端支持使用用户名和密码进行基本身份验证,以及存储在文件系统或加密设备中的更高级的密钥/证书对。要测试此功能,可以使用以下步骤在 Linux 上使用 SoftHSM 模拟加密设备(如果不可用)。
使用第一个可用插槽,在本例中为 0
softhsm2-util --init-token --slot 0 --label " arduino " --pin 1234 --so-pin 1234
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --write " pkcs11:token=arduino " --load-privkey key.pem --label " Mykey "
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --write " pkcs11:token=arduino " --load-certificate cert.pem --label " Mykey "
这应该打印密钥和证书
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --list-all pkcs11:token=arduino
Object 0:
URL: pkcs11:model=SoftHSM%20v2 ; manufacturer=SoftHSM%20project ; serial=841b431f98150134 ; token=arduino ; id=%67%A2%AD%13%53%B1%CE%4F%0E%CB%74%34%B8%C6%1C%F3%33%EA%67%31 ; object=mykey ; type=private
Type: Private key (EC/ECDSA)
Label: mykey
Flags: CKA_WRAP/UNWRAP ; CKA_PRIVATE ; CKA_SENSITIVE ;
ID: 67:a2:ad:13:53:b1:ce:4f:0e:cb:74:34:b8:c6:1c:f3:33:ea:67:31
Object 1:
URL: pkcs11:model=SoftHSM%20v2 ; manufacturer=SoftHSM%20project ; serial=841b431f98150134 ; token=arduino ; id=%67%A2%AD%13%53%B1%CE%4F%0E%CB%74%34%B8%C6%1C%F3%33%EA%67%31 ; object=Mykey ; type=cert
Type: X.509 Certificate (EC/ECDSA-SECP256R1)
Expires: Sat May 31 12:00:00 2053
Label: Mykey
ID: 67:a2:ad:13:53:b1:ce:4f:0e:cb:74:34:b8:c6:1c:f3:33:ea:67:31
使用完令牌后,可以使用以下命令将其删除:
softhsm2-util --delete-token --token " arduino "
examples/example.py
中设置KEY_PATH
、 CERT_PATH
和DEVICE_ID
。ca-root.pem
文件中提供 CA 证书,或者将CA_PATH
设置为None
如果未使用)。pin
并在ssl_params
中提供ENGINE_PATH
和MODULE_PATH
。python examples/example.py
MicroPython 支持两种身份验证模式:基本模式(使用用户名和密码)和 mTLS(密钥和证书存储在文件系统或安全元件(对于配置的板)上)。要使用存储在文件系统上的密钥和证书文件,必须首先将它们转换为 DER 格式。以下命令可用于从 PEM 转换为 DER:
openssl ec -in key.pem -out key.der -outform DER
openssl x509 -in cert.pem -out cert.der -outform DER
在这种情况下, KEY_PATH
、 CERT_PATH
可以分别设置为密钥和证书 DER 路径:
KEY_PATH = "path/to/key.der"
CERT_PATH = "path/to/cert.der"
或者,如果密钥和证书存储在 SE 上,则可以按以下格式指定它们的 URI:
KEY_PATH = "se05x:token=0x00000064"
CERT_PATH = "se05x:token=0x00000065"
设置密钥和证书后,可以使用以下命令运行该示例examples/micropython_advanced.py