dohertj2/lmxopcua
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(probe): OpcUaClient Test-Connect does a GetEndpoints discovery handshake

Browse Source 
Replace the bare TCP-connect return in OpcUaClientDriverProbe with a real
OPC UA GetEndpoints discovery handshake (mirroring SelectMatchingEndpointAsync
in the driver). TCP preflight still fast-fails closed ports; the handshake
confirms the remote is actually an OPC UA server, so a live-but-rejecting
non-OPC-UA process now reads RED instead of a false-healthy green.
This commit is contained in:
Joseph Doherty
2026-06-16 06:39:27 -04:00
parent 9a8336ff6e
commit 957a63cfdb
2 changed files with 204 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/Drivers/ZB.MOM.WW.OtOpcUa.Driver.OpcUaClient/OpcUaClientDriverProbe.cs
+67 -15
View File
@@ -2,18 +2,19 @@ using System.Diagnostics;
using System.Net.Sockets;
using System.Text.Json;
using System.Text.Json.Serialization;
using Opc.Ua;
using ZB.MOM.WW.OtOpcUa.Core.Abstractions;
namespace ZB.MOM.WW.OtOpcUa.Driver.OpcUaClient;
/// <summary>
/// Cheap TCP-connect probe for the <see cref="OpcUaClientDriverOptions"/>-shaped driver config.
/// Parses the first endpoint URL (from <see cref="OpcUaClientDriverOptions.EndpointUrls"/> or
/// the convenience <see cref="OpcUaClientDriverOptions.EndpointUrl"/> fallback), opens a
/// socket to the OPC UA server host + port and closes immediately. Surfaces a green tick +
/// latency on success; red chip + SocketError on failure; "timed out" on the caller's
/// cancellation. Does NOT open an OPC UA session — a richer session-open probe is a
/// documented follow-up.
/// Probe for the <see cref="OpcUaClientDriverOptions"/>-shaped driver config. Parses the
/// first endpoint URL (from <see cref="OpcUaClientDriverOptions.EndpointUrls"/> or the
/// convenience <see cref="OpcUaClientDriverOptions.EndpointUrl"/> fallback), performs a
/// TCP-connect preflight to detect closed ports quickly, then executes a real OPC UA
/// <c>GetEndpoints</c> discovery handshake (mirroring the driver's
/// <c>SelectMatchingEndpointAsync</c>) to confirm the remote process is actually an OPC UA
/// server. No session is opened and no authentication is required.
/// </summary>
public sealed class OpcUaClientDriverProbe : IDriverProbe
{
@@ -38,17 +39,19 @@ public sealed class OpcUaClientDriverProbe : IDriverProbe
catch (Exception ex) { return new(false, $"Config JSON is invalid: {ex.Message}", null); }
if (opts is null) return new(false, "Config JSON deserialized to null.", null);
var (host, port) = ExtractTarget(opts);
var (host, port, endpointUrl) = ExtractTarget(opts);
if (string.IsNullOrWhiteSpace(host) || port <= 0)
return new(false, "Config has no host/port to probe.", null);
// --- TCP preflight: fast-fail for closed ports / unreachable hosts ---
var sw = Stopwatch.StartNew();
try
{
using var socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
using var socket = new Socket(AddressFamily.InterNetworkV6, SocketType.Stream, ProtocolType.Tcp)
{
DualMode = true,
};
await socket.ConnectAsync(host, port, ct);
sw.Stop();
return new(true, null, sw.Elapsed);
}
catch (SocketException ex)
{
@@ -62,21 +65,70 @@ public sealed class OpcUaClientDriverProbe : IDriverProbe
{
return new(false, ex.Message, null);
}
// --- OPC UA discovery handshake: confirm the remote is an OPC UA server ---
// Mirrors OpcUaClientDriver.SelectMatchingEndpointAsync exactly:
// DiscoveryClient.CreateAsync(appConfig, new Uri(endpointUrl), DiagnosticsMasks.None, ct)
// GetEndpoints needs no session, no application certificate, and no authentication.
try
{
var appConfig = BuildMinimalAppConfig();
using var client = await DiscoveryClient.CreateAsync(
appConfig, new Uri(endpointUrl), DiagnosticsMasks.None, ct).ConfigureAwait(false);
var endpoints = await client.GetEndpointsAsync(null, ct).ConfigureAwait(false);
sw.Stop();
if (endpoints is { Count: > 0 })
return new(true, $"OPC UA: {endpoints.Count} endpoint(s)", sw.Elapsed);
return new(false,
$"Reachable at {host}:{port} but OPC UA handshake failed: server published 0 endpoints",
null);
}
catch (OperationCanceledException)
{
return new(false, $"Probe timed out after {timeout.TotalSeconds:F0}s.", null);
}
catch (Exception ex)
{
return new(false,
$"Reachable at {host}:{port} but OPC UA handshake failed: {ex.Message}",
null);
}
}
private static (string host, int port) ExtractTarget(OpcUaClientDriverOptions opts)
/// <summary>
/// Builds a minimal <see cref="ApplicationConfiguration"/> suitable for unauthenticated
/// discovery (GetEndpoints). No PKI stores, no session certificate — discovery traffic
/// is plain-text and does not require a client certificate.
/// </summary>
private static ApplicationConfiguration BuildMinimalAppConfig() =>
new()
{
ApplicationName = "OtOpcUa.Probe",
ApplicationType = ApplicationType.Client,
SecurityConfiguration = new SecurityConfiguration
{
AutoAcceptUntrustedCertificates = true,
},
TransportQuotas = new TransportQuotas(),
ClientConfiguration = new ClientConfiguration(),
DisableHiResClock = true,
};
private static (string host, int port, string endpointUrl) ExtractTarget(OpcUaClientDriverOptions opts)
{
// EndpointUrls wins over the convenience EndpointUrl when both are set.
var endpointUrl = opts.EndpointUrls.FirstOrDefault()
?? (string.IsNullOrWhiteSpace(opts.EndpointUrl) ? null : opts.EndpointUrl);
if (endpointUrl is null) return (string.Empty, 0);
if (endpointUrl is null) return (string.Empty, 0, string.Empty);
// Parse as a URI — opc.tcp://host:port is a valid URI.
if (!Uri.TryCreate(endpointUrl, UriKind.Absolute, out var uri))
return (string.Empty, 0);
return (string.Empty, 0, string.Empty);
var host = uri.Host;
var port = uri.IsDefaultPort ? 4840 : uri.Port;
return (host, port);
return (host, port, endpointUrl);
}
}