device-connect-server 0.2.2__tar.gz → 0.2.4__tar.gz

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: device-connect-server
-Version: 0.2.2
+Version: 0.2.4
 Summary: Device Connect — edge device runtime with Zenoh/NATS messaging, D2D communication, and IoT orchestration
 Author-email: Arm <opensource@arm.com>
 License: Apache-2.0

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/__init__.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Device Connect Server — infrastructure extensions for Device Connect.
 
 Device-side logic (DeviceRuntime, DeviceDriver, messaging, types) lives in

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/devctl/__init__.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Device control CLI for Device Connect.
 
 This module provides a command-line interface for interacting with

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/devctl/__main__.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Entry point for running devctl as a module.
 
 Usage:

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/devctl/cli.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """CLI for Device Connect device control.
 
 This module provides the command-line interface for device operations:
@@ -570,9 +574,20 @@ def create_parser() -> argparse.ArgumentParser:
     p_reg.add_argument("--broker", default=None, help="Broker URL")
     p_reg.add_argument("--keepalive", action="store_true", help="Start heartbeat loop")
 
-    # discover command
-    p_discover = sub.add_parser("discover", help="Discover uncommissioned devices")
-    p_discover.add_argument("--timeout", type=int, default=5, help="Timeout in seconds")
+    # mdns-scan: discover uncommissioned devices on the local network.
+    # Renamed from the historical ``discover`` verb so the selector-driven
+    # ``discover`` below (which queries the fleet, not the local network)
+    # can take the natural name.
+    p_scan = sub.add_parser(
+        "mdns-scan", help="Discover uncommissioned devices via mDNS",
+        aliases=["scan"],
+    )
+    p_scan.add_argument("--timeout", type=int, default=5, help="Timeout in seconds")
+
+    # Selector-driven fleet discovery (new). Registers ``discover`` and
+    # ``discover-labels`` as parser entries.
+    from device_connect_server.devctl import selector_cli
+    selector_cli.register_subparsers(sub)
 
     # commission command
     p_commission = sub.add_parser("commission", help="Commission a device with PIN")
@@ -613,9 +628,17 @@ def main(argv: Optional[List[str]] = None) -> None:
                 loop.stop()
                 print("\nbye!")
 
-    elif args.cmd == "discover":
+    elif args.cmd in ("mdns-scan", "scan"):
         asyncio.run(discover_devices(timeout=args.timeout))
 
+    elif args.cmd == "discover":
+        from device_connect_server.devctl import selector_cli
+        sys.exit(selector_cli.run_discover(args))
+
+    elif args.cmd == "discover-labels":
+        from device_connect_server.devctl import selector_cli
+        sys.exit(selector_cli.run_discover_labels(args))
+
     elif args.cmd == "commission":
         asyncio.run(
             commission_device(

device_connect_server-0.2.4/device_connect_server/devctl/selector_cli.py

@@ -0,0 +1,103 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""``devctl`` selector-driven discovery verbs.
+
+Thin wrappers around ``device_connect_agent_tools.discover`` and
+``discover_labels`` so operators can drive the same selector grammar
+from a shell.
+"""
+from __future__ import annotations
+
+import json
+import os
+from typing import Any
+
+
+def _connect(broker: str | None) -> None:
+    """Best-effort connect to the messaging backend.
+
+    Reuses ``DEVICE_CONNECT_*`` and ``NATS_URL`` env vars when ``broker`` is
+    not given. Kept as a thin wrapper so all CLI verbs share the same
+    connect-or-fail semantics.
+    """
+    from device_connect_agent_tools import connect
+
+    if broker:
+        connect(nats_url=broker)
+    else:
+        nats_url = os.getenv("NATS_URL") or os.getenv("DEVICE_CONNECT_NATS_URL")
+        if nats_url:
+            connect(nats_url=nats_url)
+        else:
+            connect()
+
+
+def _pretty(data: Any) -> str:
+    """Render a JSON payload for terminal output."""
+    return json.dumps(data, indent=2, sort_keys=True, default=str)
+
+
+def run_discover(args: Any) -> int:
+    """Execute ``devctl discover "<selector>"``."""
+    from device_connect_agent_tools import disconnect, discover
+
+    _connect(getattr(args, "broker", None))
+    try:
+        result = discover(
+            args.selector,
+            offset=int(args.offset or 0),
+            limit=int(args.limit or 200),
+        )
+        print(_pretty(result))
+        return 0 if "error" not in result else 1
+    finally:
+        try:
+            disconnect()
+        except Exception:  # pragma: no cover
+            pass
+
+
+def run_discover_labels(args: Any) -> int:
+    """Execute ``devctl discover-labels [--key K]``."""
+    from device_connect_agent_tools import disconnect, discover_labels
+
+    _connect(getattr(args, "broker", None))
+    try:
+        result = discover_labels(
+            key=args.key,
+            offset=int(args.offset or 0),
+            limit=int(args.limit or 50),
+        )
+        print(_pretty(result))
+        return 0 if "error" not in result else 1
+    finally:
+        try:
+            disconnect()
+        except Exception:  # pragma: no cover
+            pass
+
+
+def register_subparsers(sub: Any) -> None:
+    """Attach the discover / discover-labels subparsers to a devctl parser."""
+    p = sub.add_parser(
+        "discover",
+        help="Resolve a selector to devices, functions, or events",
+    )
+    p.add_argument("selector", help="Selector expression (e.g. 'device(category:camera)')")
+    p.add_argument("--broker", default=None, help="Messaging broker URL")
+    p.add_argument("--offset", type=int, default=0, help="Pagination offset")
+    p.add_argument("--limit", type=int, default=200, help="Page size")
+
+    p = sub.add_parser(
+        "discover-labels",
+        help="Browse fleet label vocabulary",
+    )
+    p.add_argument(
+        "--key", default=None,
+        help="Axis-qualified label key (e.g. 'device.location') for per-key pagination",
+    )
+    p.add_argument("--broker", default=None, help="Messaging broker URL")
+    p.add_argument("--offset", type=int, default=0, help="Pagination offset")
+    p.add_argument("--limit", type=int, default=50, help="Page size")

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/logging/__init__.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Logging framework for Device Connect.
 
 This module provides pluggable audit logging with multiple backend support.

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/logging/base.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Abstract base class for audit logging.
 
 This module defines the AuditLogger interface for pluggable logging

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/logging/mongo.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """MongoDB implementation of the AuditLogger.
 
 This module provides MongoAuditLogger, which stores audit logs in

device_connect_server-0.2.4/device_connect_server/portal/__init__.py

@@ -0,0 +1,5 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""Device Connect Tenant Management Portal."""

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/portal/__main__.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Entry point: python -m device_connect_server.portal"""
 
 import logging

device_connect_server-0.2.4/device_connect_server/portal/app.py

@@ -0,0 +1,227 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+"""aiohttp application factory with session middleware and route registration."""
+
+import base64
+import logging
+from pathlib import Path
+
+import aiohttp_jinja2
+import jinja2
+from aiohttp import web
+
+from . import config
+
+logger = logging.getLogger(__name__)
+
+TEMPLATE_DIR = Path(__file__).parent / "templates"
+STATIC_DIR = Path(__file__).parent / "static"
+
+# Routes that don't require authentication
+PUBLIC_ROUTES = {"/", "/login", "/signup", "/api/login", "/api/signup"}
+
+# Agent API namespace — Bearer-token authenticated, JSON-only errors.
+AGENT_API_PREFIX = "/api/agent/v1/"
+
+# Subpaths under the agent API that are intentionally public (no Bearer required).
+# These power the browser-mediated CLI login flow.
+AGENT_API_PUBLIC_SUBPATHS = ("auth/cli/init", "auth/cli/poll")
+
+
+def _json_error(status: int, code: str, message: str) -> web.Response:
+    return web.json_response(
+        {"success": False, "error": {"code": code, "message": message}},
+        status=status,
+    )
+
+
+@web.middleware
+async def auth_middleware(request: web.Request, handler):
+    """Authenticate browser sessions via cookie, agent API via Bearer token."""
+    path = request.path
+
+    # Allow public routes and static files
+    if path in PUBLIC_ROUTES or path.startswith("/static"):
+        return await handler(request)
+
+    # Agent API: Bearer token, JSON 401/403 — never HTML, never redirects.
+    if path.startswith(AGENT_API_PREFIX):
+        suffix = path[len(AGENT_API_PREFIX):]
+        if any(suffix == p or suffix.startswith(p + "/") for p in AGENT_API_PUBLIC_SUBPATHS):
+            return await handler(request)
+
+        from .services import tokens as tokens_svc
+
+        auth_header = request.headers.get("Authorization", "")
+        if not auth_header.startswith("Bearer "):
+            return _json_error(401, "missing_token", "Authorization: Bearer <token> required")
+        token = auth_header[len("Bearer "):].strip()
+        record = tokens_svc.verify_token(token)
+        if not record:
+            return _json_error(401, "invalid_token", "Token is invalid, revoked, or expired")
+        request["token"] = record
+        request["user"] = {
+            "username": record["username"],
+            "tenant": record["tenant"],
+            "role": record["role"],
+        }
+        return await handler(request)
+
+    # Browser session path
+    session = await _get_session(request)
+    if not session.get("username"):
+        # Preserve the requested URL so post-login redirect lands the user
+        # back on (e.g.) the CLI approval page — but only for top-level
+        # HTML navigations. Background htmx polls and JSON fetches under
+        # /api/ return HTML fragments or JSON, not full pages, so using
+        # them as the post-login destination dumps the user onto a
+        # chrome-less fragment. The dashboard's 10s poll on
+        # /api/devices/live was the original repro: portal restart ->
+        # session lost -> next poll redirected to /login with the poll
+        # URL as ``next`` -> after login the user landed on the raw
+        # fragment instead of the dashboard.
+        is_htmx = request.headers.get("HX-Request") == "true"
+        is_api = path.startswith("/api/")
+        if is_htmx:
+            # htmx swaps response bodies into the page, so a 302 to the
+            # login page would be injected as a fragment. Use htmx's own
+            # client-side redirect header instead.
+            resp = web.Response(status=200)
+            resp.headers["HX-Redirect"] = "/login"
+            return resp
+        if is_api:
+            # Background browser fetches (the JSON poll, row-html,
+            # live-detail, invoke) are raw fetch() calls that follow
+            # redirects: a 302 to /login resolves to the login page with
+            # r.ok === true and gets injected into a fragment slot. Return
+            # a real 401 so the client can never mistake the login page
+            # for fragment data; the client bounces the tab through the
+            # top-level login flow when it sees this.
+            return _json_error(401, "session_expired", "Session expired; log in again")
+        next_url = path
+        if request.query_string:
+            next_url = f"{path}?{request.query_string}"
+        from urllib.parse import quote
+        login_url = "/login?next=" + quote(next_url, safe="") if path != "/login" else "/login"
+        raise web.HTTPFound(login_url)
+
+    request["user"] = session
+    return await handler(request)
+
+
+@web.middleware
+async def admin_middleware(request: web.Request, handler):
+    """Block non-admin users from /admin/* routes."""
+    if request.path.startswith("/admin") or request.path.startswith("/api/admin"):
+        session = await _get_session(request)
+        if session.get("role") != "admin":
+            raise web.HTTPForbidden(text="Admin access required")
+    return await handler(request)
+
+
+async def _get_session(request: web.Request) -> dict:
+    """Simple cookie-based session. Stores JSON in a signed cookie."""
+    import hashlib
+    import hmac
+    import json
+
+    cookie = request.cookies.get("portal_session", "")
+    if not cookie:
+        return {}
+
+    try:
+        parts = cookie.split(".", 1)
+        if len(parts) != 2:
+            return {}
+        payload_b64, sig = parts
+        # Verify signature
+        expected_sig = hmac.new(
+            config.SESSION_SECRET.encode(), payload_b64.encode(), hashlib.sha256
+        ).hexdigest()
+        if not hmac.compare_digest(sig, expected_sig):
+            return {}
+        payload = base64.b64decode(payload_b64).decode()
+        return json.loads(payload)
+    except Exception:
+        return {}
+
+
+def set_session(response: web.Response, data: dict):
+    """Set session cookie on response."""
+    import hashlib
+    import hmac
+    import json
+
+    payload = base64.b64encode(json.dumps(data).encode()).decode()
+    sig = hmac.new(
+        config.SESSION_SECRET.encode(), payload.encode(), hashlib.sha256
+    ).hexdigest()
+    cookie_value = f"{payload}.{sig}"
+    response.set_cookie(
+        "portal_session", cookie_value,
+        httponly=True, samesite="Lax", max_age=86400,
+        secure=config.SESSION_SECURE_COOKIE or None,
+    )
+
+
+def clear_session(response: web.Response):
+    """Clear session cookie."""
+    response.del_cookie("portal_session")
+
+
+def create_app() -> web.Application:
+    """Create and configure the portal application."""
+    app = web.Application(middlewares=[auth_middleware, admin_middleware])
+
+    # Setup Jinja2 templates
+    import json as _json
+    env = aiohttp_jinja2.setup(
+        app,
+        loader=jinja2.FileSystemLoader(str(TEMPLATE_DIR)),
+    )
+    env.filters["tojson_pretty"] = lambda v: _json.dumps(v, indent=2, default=str)
+
+    # Static files
+    app.router.add_static("/static", STATIC_DIR, name="static")
+
+    # Register routes
+    from .views import (
+        auth, dashboard, devices, admin, agent_api,
+        cli_auth as cli_auth_view, coding_agents,
+    )
+    auth.setup_routes(app)
+    dashboard.setup_routes(app)
+    devices.setup_routes(app)
+    admin.setup_routes(app)
+    agent_api.setup_routes(app)
+    cli_auth_view.setup_routes(app)
+    coding_agents.setup_routes(app)
+
+    # Seed admin on startup
+    app.on_startup.append(_on_startup)
+    # Close the cached NATS invoke client on shutdown. Without this the
+    # socket leaks at graceful exit because the client is module-level
+    # state in nats_rpc, not tied to the aiohttp Application lifecycle.
+    app.on_cleanup.append(_on_cleanup)
+
+    return app
+
+
+async def _on_startup(app: web.Application):
+    """Seed admin account on startup."""
+    try:
+        from .services.users import ensure_admin
+        ensure_admin()
+    except Exception as e:
+        logger.warning("Could not seed admin account (etcd may not be ready): %s", e)
+
+
+async def _on_cleanup(app: web.Application):
+    """Release long-lived resources held at module scope."""
+    try:
+        from .services.nats_rpc import close_invoke_client
+        await close_invoke_client()
+    except Exception as e:
+        logger.warning("Error closing cached NATS invoke client: %s", e)

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/portal/config.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Portal configuration — paths, env vars, defaults."""
 
 import os

device_connect_server-0.2.4/device_connect_server/portal/services/__init__.py

@@ -0,0 +1,4 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/portal/services/backend.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Messaging backend abstraction — strategy pattern for NATS, Zenoh, and MQTT.
 
 The admin selects a backend during bootstrap. All portal services

{device_connect_server-0.2.2 → device_connect_server-0.2.4}/device_connect_server/portal/services/bundles.py

@@ -1,3 +1,7 @@
+# Copyright (c) 2024-2026, Arm Limited and Contributors. All rights reserved.
+#
+# SPDX-License-Identifier: Apache-2.0
+
 """Create and serve tenant credential bundles (.zip)."""
 
 import io