Converted Windows Cert PubSub to Windows Cert Connect

Also adjusted the README accordingly and fixed the connect samples using the wrong titles.

Author: TwistedTwigleg

samples/README.md

@@ -1,8 +1,10 @@
 # Sample apps for the AWS IoT Device SDK v2 for Python
 
 * [PubSub](#pubsub)
-* [PKCS#11 PubSub](#pkcs11-pubsub)
-* [Windows Certificate PubSub](#windows-certificate-pubsub)
+* [Basic Connect](#basic-connect)
+* [Websocket Connect](#websocket-connect)
+* [PKCS#11 Connect](#pkcs11-connect)
+* [Windows Certificate Connect](#windows-certificate-connect)
 * [Shadow](#shadow)
 * [Jobs](#jobs)
 * [Fleet Provisioning](#fleet-provisioning)
@@ -156,7 +158,7 @@ python3 websocket_connect.py --endpoint <endpoint> --ca_file <file> --signing_re
 
 Note that using Websockets will attempt to fetch the AWS credentials from your enviornment variables or local files. See the [authorizing direct AWS](https://docs.aws.amazon.com/iot/latest/developerguide/authorizing-direct-aws.html) page for documentation on how to get the AWS credentials, which then you can set to the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS`, and `AWS_SESSION_TOKEN` environment variables.
 
-## PKCS#11 PubSub
+## PKCS#11 Connect
 
 This sample is similar to the [Basic Connect](#basic-connect),
 but the private key for mutual TLS is stored on a PKCS#11 compatible smart card or Hardware Security Module (HSM)
@@ -165,6 +167,31 @@ WARNING: Unix only. Currently, TLS integration with PKCS#11 is only available on
 
 source: `samples/pkcs11_connect.py`
 
+Your Thing's
+[Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html)
+must provide privileges for this sample to connect, subscribe, publish,
+and receive.
+
+<details>
+<summary>(see sample policy)</summary>
+<pre>
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iot:Connect"
+      ],
+      "Resource": [
+        "arn:aws:iot:<b>region</b>:<b>account</b>:client/test-*"
+      ]
+    }
+  ]
+}
+</pre>
+</details>
+
 To run this sample using [SoftHSM2](https://www.opendnssec.org/softhsm/) as the PKCS#11 device:
 
 1)  Create an IoT Thing with a certificate and key if you haven't already.
@@ -209,11 +236,11 @@ To run this sample using [SoftHSM2](https://www.opendnssec.org/softhsm/) as the
     python3 pkcs11_connect.py --endpoint <xxxx-ats.iot.xxxx.amazonaws.com> --ca_file <AmazonRootCA1.pem> --cert <certificate.pem.crt> --pkcs11_lib <libsofthsm2.so> --pin <user-pin> --token_label <token-label> --key_label <key-label>
     ```
 
-## Windows Certificate PubSub
+## Windows Certificate Connect
 
 WARNING: Windows only
 
-This sample is similar to the basic [PubSub](#pubsub),
+This sample is similar to the basic [Connect](#basic-connect),
 but your certificate and private key are in a
 [Windows certificate store](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/certificate-stores),
 rather than simply being files on disk.
@@ -227,7 +254,32 @@ If your certificate and private key are in a
 [TPM](https://docs.microsoft.com/en-us/windows/security/information-protection/tpm/trusted-platform-module-overview),,
 you would use them by passing their certificate store path.
 
-source: `samples/windows_cert_pubsub.py`
+source: `samples/windows_cert_connect.py`
+
+Your Thing's
+[Policy](https://docs.aws.amazon.com/iot/latest/developerguide/iot-policies.html)
+must provide privileges for this sample to connect, subscribe, publish,
+and receive.
+
+<details>
+<summary>(see sample policy)</summary>
+<pre>
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Action": [
+        "iot:Connect"
+      ],
+      "Resource": [
+        "arn:aws:iot:<b>region</b>:<b>account</b>:client/test-*"
+      ]
+    }
+  ]
+}
+</pre>
+</details>
 
 To run this sample with a basic certificate from AWS IoT Core:
 
@@ -269,7 +321,7 @@ To run this sample with a basic certificate from AWS IoT Core:
 4) Now you can run the sample:
 
     ```sh
-    python3 windows_cert_pubsub.py --endpoint xxxx-ats.iot.xxxx.amazonaws.com --root-ca AmazonRootCA.pem --cert CurrentUser\My\A11F8A9B5DF5B98BA3508FBCA575D09570E0D2C6
+    python3 windows_cert_connect.py --endpoint xxxx-ats.iot.xxxx.amazonaws.com --ca_file AmazonRootCA.pem --cert CurrentUser\My\A11F8A9B5DF5B98BA3508FBCA575D09570E0D2C6
     ```
 
 ## Shadow

samples/basic_connect.py

@@ -8,7 +8,7 @@
 
 # Parse arguments
 import command_line_utils
-cmdUtils = command_line_utils.CommandLineUtils("PubSub - Send and recieve messages through an MQTT connection.")
+cmdUtils = command_line_utils.CommandLineUtils("Basic Connect - Make a MQTT connection.")
 cmdUtils.add_common_mqtt_commands()
 cmdUtils.add_common_proxy_commands()
 cmdUtils.add_common_logging_commands()

samples/pkcs11_connect.py

@@ -16,7 +16,7 @@
 
 # Parse arguments
 import command_line_utils
-cmdUtils = command_line_utils.CommandLineUtils("PubSub - Send and recieve messages through an MQTT connection.")
+cmdUtils = command_line_utils.CommandLineUtils("PKCS11 Connect - Make a MQTT connection using PKCS11.")
 cmdUtils.add_common_mqtt_commands()
 cmdUtils.add_common_proxy_commands()
 cmdUtils.add_common_logging_commands()

samples/websocket_connect.py

@@ -8,7 +8,7 @@
 
 # Parse arguments
 import command_line_utils
-cmdUtils = command_line_utils.CommandLineUtils("PubSub - Send and recieve messages through an MQTT connection.")
+cmdUtils = command_line_utils.CommandLineUtils("Websocket Connect - Make a websocket MQTT connection.")
 cmdUtils.add_common_mqtt_commands()
 cmdUtils.add_common_proxy_commands()
 cmdUtils.add_common_logging_commands()

samples/windows_cert_connect.py

@@ -0,0 +1,71 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0.
+
+from awsiot import mqtt_connection_builder
+from uuid import uuid4
+
+# This sample is similar to `samples/basic_connect.py` but the certificate
+# for mutual TLS is stored in a Windows certificate store.
+#
+# See `samples/README.md` for instructions on setting up your PC
+# to run this sample.
+#
+# WARNING: Windows only.
+
+# Parse arguments
+import command_line_utils
+cmdUtils = command_line_utils.CommandLineUtils("Windows Cert Connect - Make a MQTT connection using Windows Store Certificates.")
+cmdUtils.add_common_mqtt_commands()
+cmdUtils.add_common_logging_commands()
+cmdUtils.register_command("port", "<int>",
+                          "Connection port for direct connection. " +
+                          "AWS IoT supports 433 and 8883 (optional, default=8883).",
+                          False, int)
+cmdUtils.register_command("client_id", "<str>",
+                          "Client ID to use for MQTT connection (optional, default='test-*').",
+                          default="test-" + str(uuid4()))
+cmdUtils.register_command("cert", "<path>",
+                          "Path to certificate in Windows certificate store. " +
+                          "e.g. \"CurrentUser\\MY\\6ac133ac58f0a88b83e9c794eba156a98da39b4c\"",
+                          True, str)
+# Needs to be called so the command utils parse the commands
+cmdUtils.get_args()
+
+
+def on_connection_interrupted(connection, error, **kwargs):
+    # Callback when connection is accidentally lost.
+    print("Connection interrupted. error: {}".format(error))
+
+
+def on_connection_resumed(connection, return_code, session_present, **kwargs):
+    # Callback when an interrupted connection is re-established.
+    print("Connection resumed. return_code: {} session_present: {}".format(return_code, session_present))
+
+
+if __name__ == '__main__':
+    # Create MQTT connection
+    mqtt_connection = mqtt_connection_builder.mtls_with_windows_cert_store_path(
+        cert_store_path=cmdUtils.get_command_required("cert"),
+        endpoint=cmdUtils.get_command_required(cmdUtils.m_cmd_endpoint),
+        port=cmdUtils.get_command("port"),
+        ca_filepath=cmdUtils.get_command(cmdUtils.m_cmd_ca_file),
+        on_connection_interrupted=on_connection_interrupted,
+        on_connection_resumed=on_connection_resumed,
+        client_id=cmdUtils.get_command("client_id"),
+        clean_session=False,
+        keep_alive_secs=30)
+
+    print("Connecting to {} with client ID '{}'...".format(
+        cmdUtils.get_command(cmdUtils.m_cmd_endpoint), cmdUtils.get_command("client_id")))
+
+    connect_future = mqtt_connection.connect()
+
+    # Future.result() waits until a result is available
+    connect_future.result()
+    print("Connected!")
+
+    # Disconnect
+    print("Disconnecting...")
+    disconnect_future = mqtt_connection.disconnect()
+    disconnect_future.result()
+    print("Disconnected!")