public class EnrollmentGroup extends Serializable
This object is used to send EnrollmentGroup information to the provisioning service, or receive EnrollmentGroup information from the provisioning service.
To create or update an EnrollmentGroup on the provisioning service you should fill this object and call the
public API ProvisioningServiceClient.createOrUpdateEnrollmentGroup(EnrollmentGroup)
.
The minimum information required by the provisioning service is the enrollmentGroupId
and the
attestation
.
To provision a device using EnrollmentGroup, it must contain a X509 chip with a signingCertificate for the
X509Attestation
mechanism, or use SymmetricKeyAttestation
mechanism.
The content of this class will be serialized in a JSON format and sent as a body of the rest API to the provisioning service.
When serialized, an EnrollmentGroup will look like the following example:
{
"enrollmentGroupId":"validEnrollmentGroupId",
"attestation":{
"type":"x509",
"signingCertificates":{
"primary":{
"certificate":"[valid certificate]"
}
}
},
"iotHubHostName":"ContosoIoTHub.azure-devices.net",
"provisioningStatus":"enabled"
}
The content of this class can be filled by a JSON, received from the provisioning service, as result of a EnrollmentGroup operation like create, update, or query EnrollmentGroup.
The following JSON is a sample of the EnrollmentGroup response, received from the provisioning service.
{
"enrollmentGroupId":"validEnrollmentGroupId",
"attestation":{
"type":"x509",
"signingCertificates":{
"primary":{
"certificate":"[valid certificate]",
"info": {
"subjectName": "CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US",
"sha1Thumbprint": "0000000000000000000000000000000000",
"sha256Thumbprint": "validEnrollmentGroupId",
"issuerName": "CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US",
"notBeforeUtc": "2017-11-14T12:34:18Z",
"notAfterUtc": "2017-11-20T12:34:18Z",
"serialNumber": "000000000000000000",
"version": 3
}
}
}
},
"iotHubHostName":"ContosoIoTHub.azure-devices.net",
"provisioningStatus":"enabled",
"createdDateTimeUtc": "2017-09-28T16:29:42.3447817Z",
"lastUpdatedDateTimeUtc": "2017-09-28T16:29:42.3447817Z",
"etag": "\"00000000-0000-0000-0000-00000000000\""
}
Constructor and Description |
---|
EnrollmentGroup(String json)
CONSTRUCTOR
|
EnrollmentGroup(String enrollmentGroupId,
Attestation attestation)
CONSTRUCTOR
|
Modifier and Type | Method and Description |
---|---|
Attestation |
getAttestation()
Getter for the attestation mechanism.
|
void |
setAttestation(Attestation attestation)
Setter for the attestation.
|
protected void |
setAttestation(AttestationMechanism attestationMechanism)
Setter for the attestation.
|
com.google.gson.JsonElement |
toJsonElement()
Serializer
|
toJson, toString
public EnrollmentGroup(String enrollmentGroupId, Attestation attestation)
This constructor creates an instance of the enrollment group with the minimum set of information required by the provisioning service.
When serialized, an EnrollmentGroup will look like the following example:
{
"enrollmentGroupId":"validEnrollmentGroupId",
"attestation":{
"type":"x509",
"signingCertificates":{
"primary":{
"certificate":"[valid certificate]"
}
}
}
}
enrollmentGroupId
- the String
with an unique id for this enrollment group.attestation
- the Attestation
mechanism that shall be signedCertificate
of X509Attestation
or symmetricKey
of SymmetricKeyAttestation
IllegalArgumentException
- If one of the provided parameters is not correct.public EnrollmentGroup(String json)
This constructor creates an instance of the enrollment group filling the class with the information provided in the JSON.
The following JSON is a sample of the EnrollmentGroup response, received from the provisioning service.
{
"enrollmentGroupId":"validEnrollmentGroupId",
"attestation":{
"type":"x509",
"signingCertificates":{
"primary":{
"certificate":"[valid certificate]",
"info": {
"subjectName": "CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US",
"sha1Thumbprint": "0000000000000000000000000000000000",
"sha256Thumbprint": "validEnrollmentGroupId",
"issuerName": "CN=ROOT_00000000-0000-0000-0000-000000000000, OU=Azure IoT, O=MSFT, C=US",
"notBeforeUtc": "2017-11-14T12:34:18Z",
"notAfterUtc": "2017-11-20T12:34:18Z",
"serialNumber": "000000000000000000",
"version": 3
}
}
}
},
"iotHubHostName":"ContosoIoTHub.azure-devices.net",
"provisioningStatus":"enabled"
"createdDateTimeUtc": "2017-09-28T16:29:42.3447817Z",
"lastUpdatedDateTimeUtc": "2017-09-28T16:29:42.3447817Z",
"etag": "\"00000000-0000-0000-0000-00000000000\""
}
json
- the String
with the JSON received from the provisioning service.IllegalArgumentException
- If the provided JSON is null, empty, or invalid.public com.google.gson.JsonElement toJsonElement()
Creates a JsonElement
, which the content represents
the information in this class and its subclasses in a JSON format.
This is useful if the caller will integrate this JSON with jsons from
other classes to generate a consolidated JSON.
toJsonElement
in class Serializable
JsonElement
with the content of this class.public Attestation getAttestation() throws ProvisioningServiceClientException
Attestation
with the attestation content. It cannot be null
.ProvisioningServiceClientException
- If the type of the attestation mechanism is unknown.protected final void setAttestation(AttestationMechanism attestationMechanism)
Attestation mechanism is mandatory parameter that provides the mechanism type and the necessary keys/certificates
attestationMechanism
- the AttestationMechanism
with the new attestation mechanism. It can be `tpm`, `x509` or 'symmetricKey'.IllegalArgumentException
- If the provided attestation mechanism is null
.
public void setAttestation(Attestation attestation)
Attestation mechanism is mandatory parameter that provides the mechanism type and the necessary certificates.
EnrollmentGroup only accept X509Attestation
with the RootCertificates, or SymmetricKeyAttestation
with Primary and Secondary Keys. You can create an X509Attestation
by providing the .pem content to
X509Attestation.createFromRootCertificates(String, String)
. You can create a SymmetricKeyAttestation
by providing the Primary and Secondary Keys in Base64 format.
attestation
- the Attestation
with the new attestation mechanism. It shall be X509Attestation
or SymmetricKeyAttestation
IllegalArgumentException
- If the provided attestation mechanism is null
or invalid.Attestation
,
X509Attestation
,
SymmetricKeyAttestation
Copyright © 2022. All rights reserved.