Fix User Authentication with certificates from UAExpert. Relates to #430

UAExpert sends its application certificate as client certificate in the initial `CreateSessionRequest`. The user certificate is sent as `ua.X509IdentityToken` in the request body and has to be looked up there.
FreeOpcUa · Apr 19, 2022 · f2f7722 · f2f7722
1 parent 573a8a3
commit f2f7722
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/asyncua/server/internal_session.py b/asyncua/server/internal_session.py
@@ -90,6 +90,9 @@ def activate_session(self, params, peer_certificate):
         if self.iserver.user_manager is not None:
             if isinstance(id_token, ua.UserNameIdentityToken):
                 username, password = self.iserver.check_user_token(self, id_token)
+            elif isinstance(id_token, ua.X509IdentityToken):
+                peer_certificate = id_token.CertificateData
+                username, password = None, None
             else:
                 username, password = None, None