這是 Arduino IoT Cloud 的 Python 用戶端,可在 CPython 和 MicroPython 上運作。用戶端支援基本和高級身份驗證方法、同步和非同步模式,並提供用戶友好的API,允許用戶連接到雲端,只需幾行程式碼即可建立本地物件並將其連結到雲端物件。
以下基本範例展示如何使用基本使用者名稱和密碼驗證連接到 Arduino IoT 雲,並從儀表板的開關小工具控制 LED。
from secrets import DEVICE_ID
from secrets import SECRET_KEY
# Switch callback, toggles the LED.
def on_switch_changed ( client , value ):
# Note the client object passed to this function can be used to access
# and modify any registered cloud object. The following line updates
# the LED value.
client [ "led" ] = value
# 1. Create a client object, which is used to connect to the IoT cloud and link local
# objects to cloud objects. Note a username and password can be used for basic authentication
# on both CPython and MicroPython. For more advanced authentication methods, please see the examples.
client = ArduinoCloudClient ( device_id = DEVICE_ID , username = DEVICE_ID , password = SECRET_KEY )
# 2. Register cloud objects.
# Note: The following objects must be created first in the dashboard and linked to the device.
# When the switch is toggled from the dashboard, the on_switch_changed function is called with
# the client object and new value args.
client . register ( "sw1" , value = None , on_write = on_switch_changed )
# The LED object is updated in the switch's on_write callback.
client . register ( "led" , value = None )
# 3. Start the Arduino cloud client.
client . start ()
您的secrets.py
檔案應如下所示:
WIFI_SSID = "" # WiFi network SSID (for MicroPython)
WIFI_PASS = "" # WiFi network key (for MicroPython)
DEVICE_ID = "" # Provided by Arduino cloud when creating a device.
SECRET_KEY = "" # Provided by Arduino cloud when creating a device.
請注意,預設情況下,客戶端以非同步模式運作。在此模式下,用戶端會執行非同步循環來更新任務和記錄、輪詢網路事件等。若要以同步模式執行用戶端,請在建立用戶端物件時傳遞sync_mode=True
,並在連線後定期呼叫client.update()
。例如:
# Run the client in synchronous mode.
client = ArduinoCloudClient ( device_id = DEVICE_ID , ..., sync_mode = True )
....
client . register ( "led" , value = None )
....
# In synchronous mode, this function returns immediately after connecting to the cloud.
client . start ()
# Update the client periodically.
while True :
client . update ()
time . sleep ( 0.100 )
有關更詳細的範例和進階 API 功能,請參閱範例。
用戶端支援使用使用者名稱和密碼進行基本驗證,以及儲存在檔案系統或加密裝置中的更高級的金鑰/憑證對。若要測試此功能,可以使用下列步驟在 Linux 上使用 SoftHSM 模擬加密裝置(如果不可用)。
使用第一個可用插槽,在本例中為 0
softhsm2-util --init-token --slot 0 --label " arduino " --pin 1234 --so-pin 1234
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --write " pkcs11:token=arduino " --load-privkey key.pem --label " Mykey "
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --write " pkcs11:token=arduino " --load-certificate cert.pem --label " Mykey "
這應該會列印密鑰和證書
p11tool --provider=/usr/lib/softhsm/libsofthsm2.so --login --set-pin=1234 --list-all pkcs11:token=arduino
Object 0:
URL: pkcs11:model=SoftHSM%20v2 ; manufacturer=SoftHSM%20project ; serial=841b431f98150134 ; token=arduino ; id=%67%A2%AD%13%53%B1%CE%4F%0E%CB%74%34%B8%C6%1C%F3%33%EA%67%31 ; object=mykey ; type=private
Type: Private key (EC/ECDSA)
Label: mykey
Flags: CKA_WRAP/UNWRAP ; CKA_PRIVATE ; CKA_SENSITIVE ;
ID: 67:a2:ad:13:53:b1:ce:4f:0e:cb:74:34:b8:c6:1c:f3:33:ea:67:31
Object 1:
URL: pkcs11:model=SoftHSM%20v2 ; manufacturer=SoftHSM%20project ; serial=841b431f98150134 ; token=arduino ; id=%67%A2%AD%13%53%B1%CE%4F%0E%CB%74%34%B8%C6%1C%F3%33%EA%67%31 ; object=Mykey ; type=cert
Type: X.509 Certificate (EC/ECDSA-SECP256R1)
Expires: Sat May 31 12:00:00 2053
Label: Mykey
ID: 67:a2:ad:13:53:b1:ce:4f:0e:cb:74:34:b8:c6:1c:f3:33:ea:67:31
使用完令牌後,可以使用以下命令將其刪除:
softhsm2-util --delete-token --token " arduino "
examples/example.py
中設定KEY_PATH
、 CERT_PATH
和DEVICE_ID
。ca-root.pem
文件中提供 CA 證書,或將CA_PATH
設定為None
如果未使用)。pin
並在ssl_params
中提供ENGINE_PATH
和MODULE_PATH
。python examples/example.py
MicroPython 支援兩種驗證模式:基本模式(使用使用者名稱和密碼)和 mTLS(金鑰和憑證儲存在檔案系統或安全元件(對於配置的板)上)。若要使用儲存在檔案系統上的金鑰和憑證文件,必須先將它們轉換為 DER 格式。以下命令可用於從 PEM 轉換為 DER:
openssl ec -in key.pem -out key.der -outform DER
openssl x509 -in cert.pem -out cert.der -outform DER
在這種情況下, KEY_PATH
、 CERT_PATH
可以分別設定為金鑰和憑證 DER 路徑:
KEY_PATH = "path/to/key.der"
CERT_PATH = "path/to/cert.der"
或者,如果金鑰和憑證儲存在 SE 上,則可以按以下格式指定它們的 URI:
KEY_PATH = "se05x:token=0x00000064"
CERT_PATH = "se05x:token=0x00000065"
設定金鑰和憑證後,可以使用以下命令執行此範例examples/micropython_advanced.py