gRPC M0: probe (R0.4, live-verified) + system-param (R0.3) + shared handshake

Roadmap docs/plans/hcal-roadmap.md, milestone M0 (gRPC parity for the DONE surface). Now unblocked for live verification by a reachable 2023 R2 server. - R0.4 Probe over gRPC: new HistorianGrpcProbe calls History/Retrieval/Status GetInterfaceVersion (unauthenticated). ProbeAsync routes over gRPC when Transport==RemoteGrpc. LIVE-VERIFIED against a real 2023 R2 server — needs no credentials (runs before the auth loop), so it works despite the auth blocker. - R0.3 System parameter over gRPC: new HistorianGrpcStatusClient calls StatusService.GetSystemParameter over the authenticated session; routed in the dialect. Built + unit-tested (request/response field mapping pinned). Live-verification pending an auth fix (see below). - Extracted the proven auth handshake from HistorianGrpcReadOrchestrator into shared Grpc/HistorianGrpcHandshake (reused by read + status + future browse/metadata). Repointed the IL structural guardrail test to it. - Diagnostics: round-failure now decodes the native server error + hex/ASCII preview (HistorianNativeHandshake.DescribeError). This surfaced the live auth blocker as SEC_E_LOGON_DENIED (0x8009030C) at NTLM round 1 — framing is correct, the credential did not validate. Probable cause: stale file password or NAM-domain NTLM restriction (Kerberos/RDP works, NTLM denied; no SPN path over the tunnel). 216 unit tests pass; live gRPC probe passes. Sanitization scan clean. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01B6mcaT2PjRFKcogzp9UkfC
2026-06-21 13:32:04 -04:00
parent 22e9c5e5f8
commit c4b8d0dde4
11 changed files with 293 additions and 56 deletions
@@ -0,0 +1,74 @@
+using Google.Protobuf;
+using Grpc.Core;
+using AVEVA.Historian.Client.Wcf;
+using GrpcHistory = ArchestrA.Grpc.Contract.History;
+using GrpcStorage = ArchestrA.Grpc.Contract.Storage;
+
+namespace AVEVA.Historian.Client.Grpc;
+
+/// <summary>
+/// Shared 2023 R2 gRPC authentication handshake. Opens an authenticated History session over an
+/// existing <see cref="HistorianGrpcConnection"/> and returns the transient client handle used by
+/// the Retrieval/Status services. Extracted from <see cref="HistorianGrpcReadOrchestrator"/> so the
+/// read, status, and (future) browse/metadata gRPC paths all drive the identical chain:
+/// <c>HistoryService.GetInterfaceVersion → StorageService.ValidateClientCredential (token loop) →
+/// HistoryService.OpenConnection</c>. The byte payloads (OpenConnection3 v6 request, NTLM token
+/// framing) are the proven 2020 protocol and transfer unchanged inside protobuf <c>bytes</c> fields.
+///
+/// See <see cref="HistorianGrpcReadOrchestrator"/> for the op-routing rationale (the Negotiate loop
+/// belongs on StorageService.ValidateClientCredential, NOT HistoryService.ExchangeKey).
+/// </summary>
+internal static class HistorianGrpcHandshake
+{
+    public static uint OpenAuthenticatedConnection(
+        HistorianGrpcConnection connection,
+        HistorianClientOptions options,
+        CancellationToken cancellationToken)
+    {
+        DateTime Deadline() => DateTime.UtcNow.Add(options.RequestTimeout);
+
+        Guid contextKey = Guid.NewGuid();
+        var historyClient = new GrpcHistory.HistoryService.HistoryServiceClient(connection.Channel);
+
+        GrpcHistory.GetInterfaceVersionResponse historyVersion = historyClient.GetInterfaceVersion(
+            new GrpcHistory.GetInterfaceVersionRequest(), connection.Metadata, Deadline(), cancellationToken);
+        HistorianServerVersionGate.Validate(HistorianServiceInterface.History, historyVersion.UiVersion, options);
+
+        var storageClient = new GrpcStorage.StorageService.StorageServiceClient(connection.Channel);
+        HistorianNativeHandshake.RunTokenRounds(
+            (handle, wrapped, _) =>
+            {
+                GrpcStorage.ValidateClientCredentialResponse response = storageClient.ValidateClientCredential(
+                    new GrpcStorage.ValidateClientCredentialRequest { Handle = handle, InBuff = ByteString.CopyFrom(wrapped) },
+                    connection.Metadata,
+                    Deadline(),
+                    cancellationToken);
+                byte[] serverOutput = response.OutBuff?.ToByteArray() ?? [];
+                byte[] error = response.Status?.BtError?.ToByteArray() ?? [];
+                bool success = response.Status?.BSuccess ?? false;
+                return new HistorianNativeHandshake.TokenExchangeResult(success, serverOutput, error);
+            },
+            contextKey,
+            options,
+            cancellationToken);
+
+        byte[] open2Request = HistorianNativeHandshake.BuildOpenConnection3Request(
+            options.Host, contextKey, HistorianWcfAuthChainHelper.NativeIntegratedReadOnlyConnectionMode);
+
+        GrpcHistory.OpenConnectionResponse open2 = historyClient.OpenConnection(
+            new GrpcHistory.OpenConnectionRequest { BtConnectionRequest = ByteString.CopyFrom(open2Request) },
+            connection.Metadata,
+            Deadline(),
+            cancellationToken);
+
+        byte[] open2Response = open2.BtConnectionResponse?.ToByteArray() ?? [];
+        if (!(open2.Status?.BSuccess ?? false))
+        {
+            byte[] err = open2.Status?.BtError?.ToByteArray() ?? [];
+            throw new InvalidOperationException($"gRPC OpenConnection failed (errorLen={err.Length}, responseLen={open2Response.Length}).");
+        }
+
+        (uint clientHandle, _) = HistorianNativeHandshake.ParseOpenConnectionResponse(open2Response);
+        return clientHandle;
+    }
+}