From 630fc56bc190c16d954b4978af5e13ed9dab7fea Mon Sep 17 00:00:00 2001 From: SDKAuto Date: Sat, 25 Jan 2025 00:38:09 +0000 Subject: [PATCH] CodeGen from PR 32335 in Azure/azure-rest-api-specs Merge 1d4629f5519fdc33cec6e3fabd0f965ff540bbfb into ffa149a9e348ce22e5f50d607c768457a25c0022 --- .../azure-keyvault-certificates/MANIFEST.in | 8 +- .../azure-keyvault-certificates/_meta.json | 6 + .../azure/__init__.py | 4 - .../azure/keyvault/__init__.py | 4 - .../azure/keyvault/certificates/__init__.py | 80 +- .../azure/keyvault/certificates/_client.py | 1132 +---------- .../{_generated => }/_configuration.py | 35 +- .../azure/keyvault/certificates/_enums.py | 77 - .../certificates/_generated/__init__.py | 23 - .../certificates/_generated/_client.py | 89 - .../certificates/_generated/aio/__init__.py | 23 - .../certificates/_generated/aio/_client.py | 91 - .../_generated/models/__init__.py | 99 - .../certificates/_generated/models/_models.py | 1707 ----------------- .../keyvault/certificates/_generated/py.typed | 1 - .../keyvault/certificates/_model_base.py | 1175 ++++++++++++ .../azure/keyvault/certificates/_models.py | 1461 -------------- .../{_generated => }/_operations/__init__.py | 14 +- .../_operations/_operations.py | 1461 ++++++++------ .../{_generated => }/_operations/_patch.py | 0 .../certificates/{_generated => }/_patch.py | 0 .../azure/keyvault/certificates/_polling.py | 61 - .../keyvault/certificates/_sdk_moniker.py | 7 - .../{_generated => }/_serialization.py | 493 ++--- .../keyvault/certificates/_shared/__init__.py | 77 - .../keyvault/certificates/_shared/_polling.py | 142 -- .../certificates/_shared/_polling_async.py | 87 - .../_shared/async_challenge_auth_policy.py | 262 --- .../certificates/_shared/async_client_base.py | 115 -- .../_shared/challenge_auth_policy.py | 270 --- .../certificates/_shared/client_base.py | 158 -- .../certificates/_shared/http_challenge.py | 182 -- .../_shared/http_challenge_cache.py | 93 - .../certificates/{_generated => }/_vendor.py | 3 +- .../azure/keyvault/certificates/_version.py | 13 +- .../keyvault/certificates/aio/__init__.py | 33 +- .../keyvault/certificates/aio/_client.py | 1139 +---------- .../{_generated => }/aio/_configuration.py | 35 +- .../aio/_operations/__init__.py | 14 +- .../aio/_operations/_operations.py | 1394 ++++++++------ .../aio/_operations/_patch.py | 0 .../{_generated => }/aio/_patch.py | 0 .../certificates/aio/_polling_async.py | 63 - .../{_generated => }/aio/_vendor.py | 3 +- .../keyvault/certificates/models/__init__.py | 106 + .../{_generated => }/models/_enums.py | 50 +- .../keyvault/certificates/models/_models.py | 1453 ++++++++++++++ .../{_generated => }/models/_patch.py | 0 .../azure/keyvault/certificates/py.typed | 1 + .../backup_restore_operations_async.py | 4 +- .../samples/hello_world.py | 23 +- .../samples/hello_world_async.py | 6 +- .../samples/import_certificate_async.py | 2 + .../samples/issuers_async.py | 2 +- .../samples/parse_certificate.py | 7 +- .../samples/parse_certificate_async.py | 8 +- .../azure-keyvault-certificates/setup.py | 62 +- .../tests/_async_test_case.py | 13 +- .../tests/_shared/test_case_async.py | 1 - .../tests/_test_case.py | 12 +- .../tests/conftest.py | 1 + .../tests/test_certificates_client.py | 27 +- .../tests/test_certificates_client_async.py | 28 +- .../tests/test_examples_certificates.py | 4 +- .../tests/test_examples_certificates_async.py | 12 +- .../tests/test_merge_certificate_async.py | 2 +- .../tsp-location.yaml | 5 + 67 files changed, 5077 insertions(+), 8886 deletions(-) create mode 100644 sdk/keyvault/azure-keyvault-certificates/_meta.json rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_configuration.py (54%) delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_enums.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/__init__.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_client.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/__init__.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_client.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/__init__.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_models.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/py.typed create mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_model_base.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_models.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_operations/__init__.py (58%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_operations/_operations.py (71%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_operations/_patch.py (100%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_patch.py (100%) delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_polling.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_sdk_moniker.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_serialization.py (85%) delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/__init__.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling_async.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_client_base.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/client_base.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge.py delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge_cache.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/_vendor.py (88%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_configuration.py (54%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_operations/__init__.py (58%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_operations/_operations.py (66%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_operations/_patch.py (100%) rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_patch.py (100%) delete mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_polling_async.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/aio/_vendor.py (88%) create mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/__init__.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/models/_enums.py (62%) create mode 100644 sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_models.py rename sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/{_generated => }/models/_patch.py (100%) create mode 100644 sdk/keyvault/azure-keyvault-certificates/tsp-location.yaml diff --git a/sdk/keyvault/azure-keyvault-certificates/MANIFEST.in b/sdk/keyvault/azure-keyvault-certificates/MANIFEST.in index 310077f20ffa..c22abb8c0232 100644 --- a/sdk/keyvault/azure-keyvault-certificates/MANIFEST.in +++ b/sdk/keyvault/azure-keyvault-certificates/MANIFEST.in @@ -1,7 +1,7 @@ include *.md include LICENSE -include azure/__init__.py -include azure/keyvault/__init__.py -recursive-include samples *.py -recursive-include tests *.py include azure/keyvault/certificates/py.typed +recursive-include tests *.py +recursive-include samples *.py *.md +include azure/__init__.py +include azure/keyvault/__init__.py \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-certificates/_meta.json b/sdk/keyvault/azure-keyvault-certificates/_meta.json new file mode 100644 index 000000000000..a479f756683a --- /dev/null +++ b/sdk/keyvault/azure-keyvault-certificates/_meta.json @@ -0,0 +1,6 @@ +{ + "commit": "1ba5dd7a40742434101a1d705b537a71a7c585c5", + "repository_url": "https://github.com/Azure/azure-rest-api-specs", + "typespec_src": "specification/keyvault/Security.KeyVault.Certificates", + "@azure-tools/typespec-python": "0.38.1" +} \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/__init__.py index 679ab6995134..d55ccad1f573 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/__init__.py @@ -1,5 +1 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ __path__ = __import__("pkgutil").extend_path(__path__, __name__) # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/__init__.py index 679ab6995134..d55ccad1f573 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/__init__.py @@ -1,5 +1 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ __path__ = __import__("pkgutil").extend_path(__path__, __name__) # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/__init__.py index 3e8da4143494..4f7962408227 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/__init__.py @@ -1,56 +1,32 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -from ._client import CertificateClient -from ._enums import( - CertificatePolicyAction, - KeyCurveName, - KeyType, - CertificateContentType, - KeyUsageType, - WellKnownIssuerNames -) -from ._models import( - AdministratorContact, - CertificateContact, - CertificateIssuer, - CertificateOperation, - CertificateOperationError, - CertificatePolicy, - CertificateProperties, - DeletedCertificate, - IssuerProperties, - LifetimeAction, - KeyVaultCertificate, - KeyVaultCertificateIdentifier -) -from ._shared.client_base import ApiVersion +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +# pylint: disable=wrong-import-position -__all__ = [ - "ApiVersion", - "CertificatePolicyAction", - "AdministratorContact", - "CertificateClient", - "CertificateContact", - "CertificateIssuer", - "CertificateOperation", - "CertificateOperationError", - "CertificatePolicy", - "CertificateProperties", - "DeletedCertificate", - "IssuerProperties", - "KeyCurveName", - "KeyType", - "KeyVaultCertificate", - "KeyVaultCertificateIdentifier", - "KeyUsageType", - "LifetimeAction", - "CertificateContentType", - "WellKnownIssuerNames", - "CertificateIssuer", - "IssuerProperties" -] +from typing import TYPE_CHECKING + +if TYPE_CHECKING: + from ._patch import * # pylint: disable=unused-wildcard-import +from ._client import KeyVaultClient # type: ignore from ._version import VERSION + __version__ = VERSION + +try: + from ._patch import __all__ as _patch_all + from ._patch import * +except ImportError: + _patch_all = [] +from ._patch import patch_sdk as _patch_sdk + +__all__ = [ + "KeyVaultClient", +] +__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore + +_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_client.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_client.py index 4eefa0c736fe..600eb2cb2546 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_client.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_client.py @@ -1,1078 +1,100 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -# pylint:disable=too-many-lines,too-many-public-methods,bad-option-value,delete-operation-wrong-return-type -import base64 -from functools import partial -from typing import Any, Dict, List, Optional, Union +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- -from azure.core.polling import LROPoller -from azure.core.paging import ItemPaged -from azure.core.tracing.decorator import distributed_trace +from copy import deepcopy +from typing import Any, TYPE_CHECKING +from typing_extensions import Self -from ._shared import KeyVaultClientBase -from ._shared._polling import DeleteRecoverPollingMethod, KeyVaultOperationPoller -from ._models import ( - AdministratorContact, - KeyVaultCertificate, - CertificateProperties, - CertificatePolicy, - DeletedCertificate, - CertificateIssuer, - IssuerProperties, - CertificateContact, - CertificateOperation, -) -from ._polling import CreateCertificatePoller +from azure.core import PipelineClient +from azure.core.pipeline import policies +from azure.core.rest import HttpRequest, HttpResponse +from ._configuration import KeyVaultClientConfiguration +from ._operations import KeyVaultClientOperationsMixin +from ._serialization import Deserializer, Serializer -NO_SAN_OR_SUBJECT = "You need to set either subject or one of the subject alternative names parameters in the policy" +if TYPE_CHECKING: + from azure.core.credentials import TokenCredential -class CertificateClient(KeyVaultClientBase): - """A high-level interface for managing a vault's certificates. +class KeyVaultClient(KeyVaultClientOperationsMixin): + """The key vault client performs cryptographic key operations and vault operations against the Key + Vault service. - :param str vault_url: URL of the vault the client will access. This is also called the vault's "DNS Name". - You should validate that this URL references a valid Key Vault resource. See https://aka.ms/azsdk/blog/vault-uri - for details. - :param credential: An object which can provide an access token for the vault, such as a credential from - :mod:`azure.identity` + :param vault_base_url: Required. + :type vault_base_url: str + :param credential: Credential used to authenticate requests to the service. Required. :type credential: ~azure.core.credentials.TokenCredential - - :keyword api_version: Version of the service API to use. Defaults to the most recent. - :paramtype api_version: ~azure.keyvault.certificates.ApiVersion or str - :keyword bool verify_challenge_resource: Whether to verify the authentication challenge resource matches the Key - Vault domain. Defaults to True. - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START create_certificate_client] - :end-before: [END create_certificate_client] - :language: python - :caption: Create a new ``CertificateClient`` - :dedent: 4 + :keyword api_version: The API version to use for this operation. Default value is + "7.6-preview.1". Note that overriding this default value may result in unsupported behavior. + :paramtype api_version: str """ - # pylint:disable=protected-access - - @distributed_trace - def begin_create_certificate( - self, - certificate_name: str, - policy: CertificatePolicy, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> LROPoller[Union[KeyVaultCertificate, CertificateOperation]]: - """Creates a new certificate. - - If this is the first version, the certificate resource is created. This operation requires the - certificates/create permission. Waiting on the returned poller requires the certificates/get permission and - gives you the certificate if creation is successful, or the CertificateOperation if not -- otherwise, it raises - an :class:`~azure.core.exceptions.HttpResponseError`. - - :param str certificate_name: The name of the certificate. - :param policy: The management policy for the certificate. Either subject or one of the subject alternative - name properties are required. - :type policy: ~azure.keyvault.certificates.CertificatePolicy - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - - :returns: An LROPoller for the create certificate operation. Waiting on the poller gives you the certificate if - creation is successful, or the CertificateOperation if not. - :rtype: ~azure.core.polling.LROPoller[~azure.keyvault.certificates.KeyVaultCertificate or - ~azure.keyvault.certificates.CertificateOperation] - - :raises ValueError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate policy is invalid; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START create_certificate] - :end-before: [END create_certificate] - :language: python - :caption: Create a certificate - :dedent: 8 - """ - if not (policy.san_emails or policy.san_user_principal_names or policy.san_dns_names or policy.subject): - raise ValueError(NO_SAN_OR_SUBJECT) - - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 5 - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateCreateParameters( - certificate_policy=policy._to_certificate_policy_bundle(), - certificate_attributes=attributes, - tags=tags - ) - - pipeline_response, cert_bundle = self._client.create_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - parameters=parameters, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs, - ) - - create_certificate_operation = CertificateOperation._from_certificate_operation_bundle(cert_bundle) - - command = partial(self.get_certificate_operation, certificate_name=certificate_name, **kwargs) - - get_certificate_command = partial(self.get_certificate, certificate_name=certificate_name, **kwargs) - - create_certificate_polling = CreateCertificatePoller( - pipeline_response=pipeline_response, - get_certificate_command=get_certificate_command, - interval=polling_interval - ) - - def no_op(*_, **__) -> Any: # The deserialization callback is ignored based on polling implementation - pass - - return LROPoller(command, create_certificate_operation, no_op, create_certificate_polling) - - @distributed_trace - def get_certificate(self, certificate_name: str, **kwargs: Any) -> KeyVaultCertificate: - """Gets a certificate with its management policy attached. Requires certificates/get permission. - - Does not accept the version of the certificate as a parameter. To get a specific version of the - certificate, call :func:`get_certificate_version`. - - :param str certificate_name: The name of the certificate in the given vault. - - :returns: An instance of KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START get_certificate] - :end-before: [END get_certificate] - :language: python - :caption: Get a certificate - :dedent: 8 - """ - bundle = self._client.get_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, certificate_version="", **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def get_certificate_version(self, certificate_name: str, version: str, **kwargs: Any) -> KeyVaultCertificate: - """Gets a specific version of a certificate without returning its management policy. - - Requires certificates/get permission. To get the latest version of the certificate, or to get the certificate's - policy as well, call :func:`get_certificate`. - - :param str certificate_name: The name of the certificate in the given vault. - :param str version: The version of the certificate. - - :returns: An instance of KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START get_certificate_version] - :end-before: [END get_certificate_version] - :language: python - :caption: Get a certificate with a specific version - :dedent: 8 - """ - bundle = self._client.get_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, certificate_version=version, **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def begin_delete_certificate(self, certificate_name: str, **kwargs: Any) -> LROPoller[DeletedCertificate]: - """Delete all versions of a certificate. Requires certificates/delete permission. - - When this method returns Key Vault has begun deleting the certificate. Deletion may take several seconds in a - vault with soft-delete enabled. This method therefore returns a poller enabling you to wait for deletion to - complete. - - :param str certificate_name: The name of the certificate to delete. - - :returns: A poller for the delete certificate operation. The poller's `result` method returns the - :class:`~azure.keyvault.certificates.DeletedCertificate` without waiting for deletion to complete. If the - vault has soft-delete enabled and you want to immediately, permanently delete the certificate with - :func:`purge_deleted_certificate`, call the poller's `wait` method first. It will block until the deletion - is complete. The `wait` method requires certificates/get permission. - :rtype: ~azure.core.polling.LROPoller[~azure.keyvault.certificates.DeletedCertificate] - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START delete_certificate] - :end-before: [END delete_certificate] - :language: python - :caption: Delete a certificate - :dedent: 8 - """ - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 2 - pipeline_response, deleted_cert_bundle = self._client.delete_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs, - ) - deleted_cert = DeletedCertificate._from_deleted_certificate_bundle(deleted_cert_bundle) - - polling_method = DeleteRecoverPollingMethod( - # no recovery ID means soft-delete is disabled, in which case we initialize the poller as finished - finished=deleted_cert.recovery_id is None, - pipeline_response=pipeline_response, - command=partial(self.get_deleted_certificate, certificate_name=certificate_name, **kwargs), - final_resource=deleted_cert, - interval=polling_interval, - ) - - return KeyVaultOperationPoller(polling_method) - - @distributed_trace - def get_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> DeletedCertificate: - """Get a deleted certificate. Possible only in a vault with soft-delete enabled. - - Requires certificates/get permission. Retrieves the deleted certificate information plus its attributes, such as - retention interval, scheduled permanent deletion, and the current deletion recovery level. - - :param str certificate_name: The name of the certificate. - - :return: The deleted certificate - :rtype: ~azure.keyvault.certificates.DeletedCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START get_deleted_certificate] - :end-before: [END get_deleted_certificate] - :language: python - :caption: Get a deleted certificate - :dedent: 8 - """ - bundle = self._client.get_deleted_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return DeletedCertificate._from_deleted_certificate_bundle(deleted_certificate_bundle=bundle) - - @distributed_trace - def purge_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> None: - """Permanently deletes a deleted certificate. Possible only in vaults with soft-delete enabled. - - Requires certificates/purge permission. Performs an irreversible deletion of the specified certificate, without - possibility for recovery. The operation is not available if the - :py:attr:`~azure.keyvault.certificates.CertificateProperties.recovery_level` does not specify 'Purgeable'. - This method is only necessary for purging a certificate before its - :py:attr:`~azure.keyvault.certificates.DeletedCertificate.scheduled_purge_date`. - - :param str certificate_name: The name of the certificate - - :return: None - :rtype: None - - :raises ~azure.core.exceptions.HttpResponseError: - """ - self._client.purge_deleted_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - - @distributed_trace - def begin_recover_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> LROPoller[KeyVaultCertificate]: - """Recover a deleted certificate to its latest version. Possible only in a vault with soft-delete enabled. - - Requires certificates/recover permission. When this method returns Key Vault has begun recovering the - certificate. Recovery may take several seconds. This method therefore returns a poller enabling you to wait for - recovery to complete. Waiting is only necessary when you want to use the recovered certificate in another - operation immediately. - - :param str certificate_name: The name of the deleted certificate to recover - - :returns: A poller for the recovery operation. The poller's `result` method returns the recovered - :class:`~azure.keyvault.certificates.KeyVaultCertificate` without waiting for recovery to complete. If you - want to use the recovered certificate immediately, call the poller's `wait` method, which blocks until the - certificate is ready to use. The `wait` method requires certificate/get permission. - :rtype: ~azure.core.polling.LROPoller[~azure.keyvault.certificates.KeyVaultCertificate] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START recover_deleted_certificate] - :end-before: [END recover_deleted_certificate] - :language: python - :caption: Recover a deleted certificate - :dedent: 8 - """ - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 2 - - pipeline_response, recovered_cert_bundle = self._client.recover_deleted_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs, - ) - recovered_certificate = KeyVaultCertificate._from_certificate_bundle(recovered_cert_bundle) - command = partial(self.get_certificate, certificate_name=certificate_name, **kwargs) - polling_method = DeleteRecoverPollingMethod( - finished=False, - pipeline_response=pipeline_response, - command=command, - final_resource=recovered_certificate, - interval=polling_interval - ) - - return KeyVaultOperationPoller(polling_method) - - @distributed_trace - def import_certificate( - self, - certificate_name: str, - certificate_bytes: bytes, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - password: Optional[str] = None, - policy: Optional[CertificatePolicy] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Import a certificate created externally. Requires certificates/import permission. - - Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be - imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the - key as well as x509 certificates, and you must provide a ``policy`` with - :attr:`~azure.keyvault.certificates.CertificatePolicy.content_type` of - :attr:`~azure.keyvault.certificates.CertificateContentType.pem`. - - :param str certificate_name: The name of the certificate. - :param bytes certificate_bytes: Bytes of the certificate object to import. This certificate - needs to contain the private key. - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - :keyword str password: If the private key in the passed in certificate is encrypted, it - is the password used for encryption. - :keyword policy: The management policy for the certificate. Required if importing a PEM-format certificate, - with :attr:`~azure.keyvault.certificates.CertificatePolicy.content_type` set to - :attr:`~azure.keyvault.certificates.CertificateContentType.pem`. - :paramtype policy: ~azure.keyvault.certificates.CertificatePolicy - - :returns: The imported KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - base64_encoded_certificate = base64.b64encode(certificate_bytes).decode("utf-8") - - parameters = self._models.CertificateImportParameters( - base64_encoded_certificate=base64_encoded_certificate, - password=password, - certificate_policy=policy._to_certificate_policy_bundle() if policy else None, - certificate_attributes=attributes, - tags=tags, - ) - - bundle = self._client.import_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, parameters=parameters, **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def get_certificate_policy(self, certificate_name: str, **kwargs: Any) -> CertificatePolicy: - """Gets the policy for a certificate. Requires certificates/get permission. - - Returns the specified certificate policy resources in the key vault. - - :param str certificate_name: The name of the certificate in a given key vault. - - :return: The certificate policy - :rtype: ~azure.keyvault.certificates.CertificatePolicy - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = self._client.get_certificate_policy( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificatePolicy._from_certificate_policy_bundle(certificate_policy_bundle=bundle) - - @distributed_trace - def update_certificate_policy( - self, certificate_name: str, policy: CertificatePolicy, **kwargs: Any - ) -> CertificatePolicy: - """Updates the policy for a certificate. Requires certificates/update permission. - - Set specified members in the certificate policy. Leaves others as null. - - :param str certificate_name: The name of the certificate in the given vault. - :param policy: The policy for the certificate. - :type policy: ~azure.keyvault.certificates.CertificatePolicy - - :return: The certificate policy - :rtype: ~azure.keyvault.certificates.CertificatePolicy - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = self._client.update_certificate_policy( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_policy=policy._to_certificate_policy_bundle(), - **kwargs - ) - return CertificatePolicy._from_certificate_policy_bundle(certificate_policy_bundle=bundle) - - @distributed_trace - def update_certificate_properties( - self, - certificate_name: str, - version: Optional[str] = None, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Change a certificate's properties. Requires certificates/update permission. - - :param str certificate_name: The name of the certificate in the given key vault. - :param str version: The version of the certificate. - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - - :returns: The updated KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START update_certificate] - :end-before: [END update_certificate] - :language: python - :caption: Update a certificate's attributes - :dedent: 8 - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateUpdateParameters( - certificate_attributes=attributes, tags=tags - ) - - bundle = self._client.update_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_version=version or "", - parameters=parameters, - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def backup_certificate(self, certificate_name: str, **kwargs: Any) -> bytes: - """Back up a certificate in a protected form useable only by Azure Key Vault. - - Requires certificates/backup permission. This is intended to allow copying a certificate from one vault to - another. Both vaults must be owned by the same Azure subscription. Also, backup / restore cannot be performed - across geopolitical boundaries. For example, a backup from a vault in a USA region cannot be restored to a vault - in an EU region. - - :param str certificate_name: The name of the certificate. - - :return: The backup blob containing the backed up certificate. - :rtype: bytes - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START backup_certificate] - :end-before: [END backup_certificate] - :language: python - :caption: Get a certificate backup - :dedent: 8 - """ - backup_result = self._client.backup_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return backup_result.value - - @distributed_trace - def restore_certificate_backup(self, backup: bytes, **kwargs: Any) -> KeyVaultCertificate: - """Restore a certificate backup to the vault. Requires certificates/restore permission. - - This restores all versions of the certificate, with its name, attributes, and access control policies. If the - certificate's name is already in use, restoring it will fail. Also, the target vault must be owned by the same - Microsoft Azure subscription as the source vault. - - :param bytes backup: The backup blob associated with a certificate bundle. - - :return: The restored KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START restore_certificate] - :end-before: [END restore_certificate] - :language: python - :caption: Restore a certificate backup - :dedent: 8 - """ - bundle = self._client.restore_certificate( - vault_base_url=self.vault_url, - parameters=self._models.CertificateRestoreParameters(certificate_bundle_backup=backup), - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def list_deleted_certificates( - self, *, include_pending: Optional[bool] = None, **kwargs: Any - ) -> ItemPaged[DeletedCertificate]: - """Lists the currently-recoverable deleted certificates. Possible only if vault is soft-delete enabled. - - Requires certificates/get/list permission. Retrieves the certificates in the current vault which are in a - deleted state and ready for recovery or purging. This operation includes deletion-specific information. - - :keyword bool include_pending: Specifies whether to include certificates which are not completely deleted. - Only available for API versions v7.0 and up. If not provided, Key Vault treats this as False. - :paramtype include_pending: bool or None - - :return: An iterator-like instance of DeletedCertificate - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.DeletedCertificate] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START list_deleted_certificates] - :end-before: [END list_deleted_certificates] - :language: python - :caption: List all the deleted certificates - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - - if self.api_version == "2016-10-01": - if include_pending is not None: - raise NotImplementedError( - "The 'include_pending' parameter to `list_deleted_certificates` " - "is only available for API versions v7.0 and up" - ) - else: - kwargs.update({"include_pending": include_pending}) - - return self._client.get_deleted_certificates( - vault_base_url=self._vault_url, - maxresults=max_page_size, - cls=lambda objs: [ - DeletedCertificate._from_deleted_certificate_item(deleted_certificate_item=x) for x in objs - ], - **kwargs - ) - - @distributed_trace - def list_properties_of_certificates( - self, *, include_pending: Optional[bool] = None, **kwargs: Any - ) -> ItemPaged[CertificateProperties]: - """List identifiers and properties of all certificates in the vault. - - Requires certificates/list permission. - - :keyword include_pending: Specifies whether to include certificates which are not completely provisioned. - Only available for API versions v7.0 and up. If not provided, Key Vault treats this as False. - :paramtype include_pending: bool or None - - :returns: An iterator-like instance of CertificateProperties - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateProperties] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START list_properties_of_certificates] - :end-before: [END list_properties_of_certificates] - :language: python - :caption: List all certificates - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - - if self.api_version == "2016-10-01": - if include_pending is not None: - raise NotImplementedError( - "The 'include_pending' parameter to `list_properties_of_certificates` " - "is only available for API versions v7.0 and up" - ) - else: - kwargs.update({"include_pending": include_pending}) - - return self._client.get_certificates( - vault_base_url=self._vault_url, - maxresults=max_page_size, - cls=lambda objs: [CertificateProperties._from_certificate_item(certificate_item=x) for x in objs], - **kwargs - ) - - @distributed_trace - def list_properties_of_certificate_versions( - self, certificate_name: str, **kwargs: Any - ) -> ItemPaged[CertificateProperties]: - """List the identifiers and properties of a certificate's versions. - - Requires certificates/list permission. - - :param str certificate_name: The name of the certificate. - - :returns: An iterator-like instance of CertificateProperties - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateProperties] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START list_properties_of_certificate_versions] - :end-before: [END list_properties_of_certificate_versions] - :language: python - :caption: List all versions of a certificate - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - return self._client.get_certificate_versions( - vault_base_url=self._vault_url, - certificate_name=certificate_name, - maxresults=max_page_size, - cls=lambda objs: [CertificateProperties._from_certificate_item(certificate_item=x) for x in objs], - **kwargs - ) - - @distributed_trace - def set_contacts(self, contacts: "List[CertificateContact]", **kwargs: Any) -> "List[CertificateContact]": - """Sets the certificate contacts for the key vault. Requires certificates/managecontacts permission. - - :param contacts: The contact list for the vault certificates. - :type contacts: list[~azure.keyvault.certificates.CertificateContact] - - :returns: The created list of contacts - :rtype: list[~azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START set_contacts] - :end-before: [END set_contacts] - :language: python - :caption: Create contacts - :dedent: 8 - """ - new_contacts = self._client.set_certificate_contacts( - vault_base_url=self.vault_url, - contacts=self._models.Contacts(contact_list=[c._to_certificate_contacts_item() for c in contacts]), - **kwargs - ) - return [ - CertificateContact._from_certificate_contacts_item(contact_item=item) for item in new_contacts.contact_list - ] - - @distributed_trace - def get_contacts(self, **kwargs: Any) -> "List[CertificateContact]": - """Gets the certificate contacts for the key vault. Requires the certificates/managecontacts permission. - - :return: The certificate contacts for the key vault. - :rtype: list[~azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START get_contacts] - :end-before: [END get_contacts] - :language: python - :caption: Get contacts - :dedent: 8 - """ - contacts = self._client.get_certificate_contacts(vault_base_url=self._vault_url, **kwargs) - return [CertificateContact._from_certificate_contacts_item(contact_item=item) for item in contacts.contact_list] - - @distributed_trace - def delete_contacts(self, **kwargs: Any) -> "List[CertificateContact]": - """Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts permission. - - :return: The deleted contacts for the key vault. - :rtype: list[~azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START delete_contacts] - :end-before: [END delete_contacts] - :language: python - :caption: Delete contacts - :dedent: 8 - """ - contacts = self._client.delete_certificate_contacts(vault_base_url=self.vault_url, **kwargs) - return [CertificateContact._from_certificate_contacts_item(contact_item=item) for item in contacts.contact_list] - - @distributed_trace - def get_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Gets the creation operation of a certificate. Requires the certificates/get permission. - - :param str certificate_name: The name of the certificate. - - :returns: The created CertificateOperation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - """ - - bundle = self._client.get_certificate_operation( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace - def delete_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Deletes and stops the creation operation for a specific certificate. - - Requires the certificates/update permission. - - :param str certificate_name: The name of the certificate. - - :return: The deleted CertificateOperation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = self._client.delete_certificate_operation( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace - def cancel_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Cancels an in-progress certificate operation. Requires the certificates/update permission. - - :param str certificate_name: The name of the certificate. - - :returns: The cancelled certificate operation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = self._client.update_certificate_operation( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_operation=self._models.CertificateOperationUpdateParameter(cancellation_requested=True), - **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace - def merge_certificate( - self, - certificate_name: str, - x509_certificates: List[bytes], - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Merges a certificate or a certificate chain with a key pair existing on the server. - - Requires the certificates/create permission. Performs the merging of a certificate or certificate chain with a - key pair currently available in the service. Make sure when creating the certificate to merge using - :func:`begin_create_certificate` that you set its issuer to 'Unknown'. This way Key Vault knows that the - certificate will not be signed by an issuer known to it. - - :param str certificate_name: The name of the certificate - :param x509_certificates: The certificate or the certificate chain to merge. - :type x509_certificates: list[bytes] - - :keyword enabled: Whether the certificate is enabled for use. - :paramtype enabled: bool or None - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] or None - - :return: The merged certificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateMergeParameters( - x509_certificates=x509_certificates, certificate_attributes=attributes, tags=tags - ) - - bundle = self._client.merge_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, parameters=parameters, **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def get_issuer(self, issuer_name: str, **kwargs: Any) -> CertificateIssuer: - """Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers permission. - - :param str issuer_name: The name of the issuer. - - :return: The specified certificate issuer. - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the issuer doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START get_issuer] - :end-before: [END get_issuer] - :language: python - :caption: Get an issuer - :dedent: 8 - """ - issuer_bundle = self._client.get_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) - - @distributed_trace - def create_issuer( - self, - issuer_name: str, - provider: str, - *, - enabled: Optional[bool] = None, - account_id: Optional[str] = None, - password: Optional[str] = None, - organization_id: Optional[str] = None, - admin_contacts: Optional[List[AdministratorContact]] = None, - **kwargs: Any, - ) -> CertificateIssuer: - """Sets the specified certificate issuer. Requires certificates/setissuers permission. - - :param str issuer_name: The name of the issuer. - :param str provider: The issuer provider. - - :keyword bool enabled: Whether the issuer is enabled for use. - :keyword str account_id: The user name/account name/account id. - :keyword str password: The password/secret/account key. - :keyword str organization_id: Id of the organization - :keyword admin_contacts: Contact details of the organization administrators of the - certificate issuer. - :paramtype admin_contacts: list[~azure.keyvault.certificates.AdministratorContact] - - :returns: The created CertificateIssuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START create_issuer] - :end-before: [END create_issuer] - :language: python - :caption: Create an issuer - :dedent: 8 - """ - - if account_id or password: - issuer_credentials = self._models.IssuerCredentials(account_id=account_id, password=password) - else: - issuer_credentials = None - if admin_contacts: - admin_details: Optional[List[Any]] = [ - self._models.AdministratorDetails( - first_name=contact.first_name, - last_name=contact.last_name, - email_address=contact.email, - phone=contact.phone, - ) - for contact in admin_contacts - ] - else: - admin_details = None - if organization_id or admin_details: - organization_details = self._models.OrganizationDetails(id=organization_id, admin_details=admin_details) - else: - organization_details = None - if enabled is not None: - issuer_attributes = self._models.IssuerAttributes(enabled=enabled) - else: - issuer_attributes = None - - parameters = self._models.CertificateIssuerSetParameters( - provider=provider, - credentials=issuer_credentials, - organization_details=organization_details, - attributes=issuer_attributes, - ) - - issuer_bundle = self._client.set_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, parameter=parameters, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) - - @distributed_trace - def update_issuer( - self, - issuer_name: str, - *, - enabled: Optional[bool] = None, - provider: Optional[str] = None, - account_id: Optional[str] = None, - password: Optional[str] = None, - organization_id: Optional[str] = None, - admin_contacts: Optional[List[AdministratorContact]] = None, - **kwargs: Any, - ) -> CertificateIssuer: - """Updates the specified certificate issuer. Requires certificates/setissuers permission. - - :param str issuer_name: The name of the issuer. - - :keyword bool enabled: Whether the issuer is enabled for use. - :keyword str provider: The issuer provider - :keyword str account_id: The user name/account name/account id. - :keyword str password: The password/secret/account key. - :keyword str organization_id: Id of the organization - :keyword admin_contacts: Contact details of the organization administrators of the certificate issuer - :paramtype admin_contacts: list[~azure.keyvault.certificates.AdministratorContact] - - :return: The updated issuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: - """ - - if account_id or password: - issuer_credentials = self._models.IssuerCredentials(account_id=account_id, password=password) - else: - issuer_credentials = None - if admin_contacts: - admin_details: Optional[List[Any]] = [ - self._models.AdministratorDetails( - first_name=contact.first_name, - last_name=contact.last_name, - email_address=contact.email, - phone=contact.phone, - ) - for contact in admin_contacts + def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None: + _endpoint = "{vaultBaseUrl}" + self._config = KeyVaultClientConfiguration(vault_base_url=vault_base_url, credential=credential, **kwargs) + _policies = kwargs.pop("policies", None) + if _policies is None: + _policies = [ + policies.RequestIdPolicy(**kwargs), + self._config.headers_policy, + self._config.user_agent_policy, + self._config.proxy_policy, + policies.ContentDecodePolicy(**kwargs), + self._config.redirect_policy, + self._config.retry_policy, + self._config.authentication_policy, + self._config.custom_hook_policy, + self._config.logging_policy, + policies.DistributedTracingPolicy(**kwargs), + policies.SensitiveHeaderCleanupPolicy(**kwargs) if self._config.redirect_policy else None, + self._config.http_logging_policy, ] - else: - admin_details = None - if organization_id or admin_details: - organization_details = self._models.OrganizationDetails(id=organization_id, admin_details=admin_details) - else: - organization_details = None - if enabled is not None: - issuer_attributes = self._models.IssuerAttributes(enabled=enabled) - else: - issuer_attributes = None - - parameters = self._models.CertificateIssuerUpdateParameters( - provider=provider, - credentials=issuer_credentials, - organization_details=organization_details, - attributes=issuer_attributes, - ) + self._client: PipelineClient = PipelineClient(base_url=_endpoint, policies=_policies, **kwargs) - issuer_bundle = self._client.update_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, parameter=parameters, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) + self._serialize = Serializer() + self._deserialize = Deserializer() + self._serialize.client_side_validation = False - @distributed_trace - def delete_issuer(self, issuer_name: str, **kwargs: Any) -> CertificateIssuer: - """Deletes the specified certificate issuer. + def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse: + """Runs the network request through the client's chained policies. - Requires certificates/manageissuers/deleteissuers permission. + >>> from azure.core.rest import HttpRequest + >>> request = HttpRequest("GET", "https://www.example.org/") + + >>> response = client.send_request(request) + - :param str issuer_name: The name of the issuer. + For more information on this code flow, see https://aka.ms/azsdk/dpcodegen/python/send_request - :return: CertificateIssuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START delete_issuer] - :end-before: [END delete_issuer] - :language: python - :caption: Delete an issuer - :dedent: 8 + :param request: The network request you want to make. Required. + :type request: ~azure.core.rest.HttpRequest + :keyword bool stream: Whether the response payload will be streamed. Defaults to False. + :return: The response of your network call. Does not do error handling on your response. + :rtype: ~azure.core.rest.HttpResponse """ - issuer_bundle = self._client.delete_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) - - @distributed_trace - def list_properties_of_issuers(self, **kwargs: Any) -> ItemPaged[IssuerProperties]: - """Lists properties of the certificate issuers for the key vault. - Requires the certificates/manageissuers/getissuers permission. + request_copy = deepcopy(request) + path_format_arguments = { + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), + } - :return: An iterator-like instance of Issuers - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateIssuer] + request_copy.url = self._client.format_url(request_copy.url, **path_format_arguments) + return self._client.send_request(request_copy, stream=stream, **kwargs) # type: ignore - :raises ~azure.core.exceptions.HttpResponseError: + def close(self) -> None: + self._client.close() - Example: - .. literalinclude:: ../tests/test_examples_certificates.py - :start-after: [START list_properties_of_issuers] - :end-before: [END list_properties_of_issuers] - :language: python - :caption: List issuers of a vault - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - return self._client.get_certificate_issuers( - vault_base_url=self.vault_url, - maxresults=max_page_size, - cls=lambda objs: [IssuerProperties._from_issuer_item(issuer_item=x) for x in objs], - **kwargs - ) - - def __enter__(self) -> "CertificateClient": + def __enter__(self) -> Self: self._client.__enter__() return self + + def __exit__(self, *exc_details: Any) -> None: + self._client.__exit__(*exc_details) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_configuration.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_configuration.py similarity index 54% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_configuration.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_configuration.py index c7b4428506e3..2c376d0c1e1a 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_configuration.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_configuration.py @@ -2,15 +2,18 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -from typing import Any +from typing import Any, TYPE_CHECKING from azure.core.pipeline import policies -VERSION = "unknown" +from ._version import VERSION + +if TYPE_CHECKING: + from azure.core.credentials import TokenCredential class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attributes @@ -19,16 +22,28 @@ class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attribut Note that all parameters used to create this instance are saved as instance attributes. - :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default - value may result in unsupported behavior. + :param vault_base_url: Required. + :type vault_base_url: str + :param credential: Credential used to authenticate requests to the service. Required. + :type credential: ~azure.core.credentials.TokenCredential + :keyword api_version: The API version to use for this operation. Default value is + "7.6-preview.1". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str """ - def __init__(self, **kwargs: Any) -> None: - api_version: str = kwargs.pop("api_version", "7.5") + def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None: + api_version: str = kwargs.pop("api_version", "7.6-preview.1") + + if vault_base_url is None: + raise ValueError("Parameter 'vault_base_url' must not be None.") + if credential is None: + raise ValueError("Parameter 'credential' must not be None.") + self.vault_base_url = vault_base_url + self.credential = credential self.api_version = api_version - kwargs.setdefault("sdk_moniker", "keyvault/{}".format(VERSION)) + self.credential_scopes = kwargs.pop("credential_scopes", ["https://vault.azure.net/.default"]) + kwargs.setdefault("sdk_moniker", "keyvault-certificates/{}".format(VERSION)) self.polling_interval = kwargs.get("polling_interval", 30) self._configure(**kwargs) @@ -42,3 +57,7 @@ def _configure(self, **kwargs: Any) -> None: self.redirect_policy = kwargs.get("redirect_policy") or policies.RedirectPolicy(**kwargs) self.retry_policy = kwargs.get("retry_policy") or policies.RetryPolicy(**kwargs) self.authentication_policy = kwargs.get("authentication_policy") + if self.credential and not self.authentication_policy: + self.authentication_policy = policies.BearerTokenCredentialPolicy( + self.credential, *self.credential_scopes, **kwargs + ) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_enums.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_enums.py deleted file mode 100644 index 6913db4755d7..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_enums.py +++ /dev/null @@ -1,77 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ - -# pylint: disable=enum-must-be-uppercase - -from enum import Enum - -from azure.core import CaseInsensitiveEnumMeta - - -class CertificatePolicyAction(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """The supported action types for the lifetime of a certificate""" - - email_contacts = "EmailContacts" - auto_renew = "AutoRenew" - - -class CertificateContentType(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Content type of the secrets as specified in Certificate Policy""" - - pkcs12 = "application/x-pkcs12" - pem = "application/x-pem-file" - - -class KeyUsageType(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """The supported types of key usages""" - - digital_signature = "digitalSignature" - non_repudiation = "nonRepudiation" - key_encipherment = "keyEncipherment" - data_encipherment = "dataEncipherment" - key_agreement = "keyAgreement" - key_cert_sign = "keyCertSign" - crl_sign = "cRLSign" - encipher_only = "encipherOnly" - decipher_only = "decipherOnly" - - -class KeyType(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Supported key types""" - - ec = "EC" #: Elliptic Curve - ec_hsm = "EC-HSM" #: Elliptic Curve with a private key which is not exportable from the HSM - rsa = "RSA" #: RSA (https://tools.ietf.org/html/rfc3447) - rsa_hsm = "RSA-HSM" #: RSA with a private key which is not exportable from the HSM - oct = "oct" #: Octet sequence (used to represent symmetric keys) - oct_hsm = "oct-HSM" #: Octet sequence with a private key which is not exportable from the HSM - - @classmethod - def _missing_(cls, value): - for member in cls: - if member.value.lower() == value.lower(): - return member - raise ValueError(f"{value} is not a valid KeyType") - - -class KeyCurveName(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Supported elliptic curves""" - - p_256 = "P-256" #: The NIST P-256 elliptic curve, AKA SECG curve SECP256R1. - p_384 = "P-384" #: The NIST P-384 elliptic curve, AKA SECG curve SECP384R1. - p_521 = "P-521" #: The NIST P-521 elliptic curve, AKA SECG curve SECP521R1. - p_256_k = "P-256K" #: The SECG SECP256K1 elliptic curve. - - -class WellKnownIssuerNames(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Collection of well-known issuer names""" - - self = "Self" #: Use this issuer for a self-signed certificate - unknown = "Unknown" - """ - If you use this issuer, you must manually get an x509 certificate from the issuer of your choice. - You must then call :func:`~azure.keyvault.certificates.CertificateClient.merge_certificate` to - merge the public x509 certificate with your key vault certificate pending object to complete creation. - """ diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/__init__.py deleted file mode 100644 index 1e535724e551..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/__init__.py +++ /dev/null @@ -1,23 +0,0 @@ -# coding=utf-8 -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -from ._client import KeyVaultClient - -try: - from ._patch import __all__ as _patch_all - from ._patch import * # pylint: disable=unused-wildcard-import -except ImportError: - _patch_all = [] -from ._patch import patch_sdk as _patch_sdk - -__all__ = [ - "KeyVaultClient", -] -__all__.extend([p for p in _patch_all if p not in __all__]) - -_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_client.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_client.py deleted file mode 100644 index 28ee625036e6..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_client.py +++ /dev/null @@ -1,89 +0,0 @@ -# coding=utf-8 -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -from copy import deepcopy -from typing import Any - -from azure.core import PipelineClient -from azure.core.pipeline import policies -from azure.core.rest import HttpRequest, HttpResponse - -from . import models as _models -from ._configuration import KeyVaultClientConfiguration -from ._operations import KeyVaultClientOperationsMixin -from ._serialization import Deserializer, Serializer - - -class KeyVaultClient(KeyVaultClientOperationsMixin): # pylint: disable=client-accepts-api-version-keyword - """The key vault client performs cryptographic key operations and vault operations against the Key - Vault service. - - :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default - value may result in unsupported behavior. - :paramtype api_version: str - """ - - def __init__(self, **kwargs: Any) -> None: # pylint: disable=missing-client-constructor-parameter-credential - _endpoint = "{vaultBaseUrl}" - self._config = KeyVaultClientConfiguration(**kwargs) - _policies = kwargs.pop("policies", None) - if _policies is None: - _policies = [ - policies.RequestIdPolicy(**kwargs), - self._config.headers_policy, - self._config.user_agent_policy, - self._config.proxy_policy, - policies.ContentDecodePolicy(**kwargs), - self._config.redirect_policy, - self._config.retry_policy, - self._config.authentication_policy, - self._config.custom_hook_policy, - self._config.logging_policy, - policies.DistributedTracingPolicy(**kwargs), - policies.SensitiveHeaderCleanupPolicy(**kwargs) if self._config.redirect_policy else None, - self._config.http_logging_policy, - ] - self._client: PipelineClient = PipelineClient(base_url=_endpoint, policies=_policies, **kwargs) - - client_models = {k: v for k, v in _models._models.__dict__.items() if isinstance(v, type)} - client_models.update({k: v for k, v in _models.__dict__.items() if isinstance(v, type)}) - self._serialize = Serializer(client_models) - self._deserialize = Deserializer(client_models) - self._serialize.client_side_validation = False - - def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse: - """Runs the network request through the client's chained policies. - - >>> from azure.core.rest import HttpRequest - >>> request = HttpRequest("GET", "https://www.example.org/") - - >>> response = client.send_request(request) - - - For more information on this code flow, see https://aka.ms/azsdk/dpcodegen/python/send_request - - :param request: The network request you want to make. Required. - :type request: ~azure.core.rest.HttpRequest - :keyword bool stream: Whether the response payload will be streamed. Defaults to False. - :return: The response of your network call. Does not do error handling on your response. - :rtype: ~azure.core.rest.HttpResponse - """ - - request_copy = deepcopy(request) - request_copy.url = self._client.format_url(request_copy.url) - return self._client.send_request(request_copy, stream=stream, **kwargs) # type: ignore - - def close(self) -> None: - self._client.close() - - def __enter__(self) -> "KeyVaultClient": - self._client.__enter__() - return self - - def __exit__(self, *exc_details: Any) -> None: - self._client.__exit__(*exc_details) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/__init__.py deleted file mode 100644 index 1e535724e551..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/__init__.py +++ /dev/null @@ -1,23 +0,0 @@ -# coding=utf-8 -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -from ._client import KeyVaultClient - -try: - from ._patch import __all__ as _patch_all - from ._patch import * # pylint: disable=unused-wildcard-import -except ImportError: - _patch_all = [] -from ._patch import patch_sdk as _patch_sdk - -__all__ = [ - "KeyVaultClient", -] -__all__.extend([p for p in _patch_all if p not in __all__]) - -_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_client.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_client.py deleted file mode 100644 index f017310ad823..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_client.py +++ /dev/null @@ -1,91 +0,0 @@ -# coding=utf-8 -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -from copy import deepcopy -from typing import Any, Awaitable - -from azure.core import AsyncPipelineClient -from azure.core.pipeline import policies -from azure.core.rest import AsyncHttpResponse, HttpRequest - -from .. import models as _models -from .._serialization import Deserializer, Serializer -from ._configuration import KeyVaultClientConfiguration -from ._operations import KeyVaultClientOperationsMixin - - -class KeyVaultClient(KeyVaultClientOperationsMixin): # pylint: disable=client-accepts-api-version-keyword - """The key vault client performs cryptographic key operations and vault operations against the Key - Vault service. - - :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default - value may result in unsupported behavior. - :paramtype api_version: str - """ - - def __init__(self, **kwargs: Any) -> None: # pylint: disable=missing-client-constructor-parameter-credential - _endpoint = "{vaultBaseUrl}" - self._config = KeyVaultClientConfiguration(**kwargs) - _policies = kwargs.pop("policies", None) - if _policies is None: - _policies = [ - policies.RequestIdPolicy(**kwargs), - self._config.headers_policy, - self._config.user_agent_policy, - self._config.proxy_policy, - policies.ContentDecodePolicy(**kwargs), - self._config.redirect_policy, - self._config.retry_policy, - self._config.authentication_policy, - self._config.custom_hook_policy, - self._config.logging_policy, - policies.DistributedTracingPolicy(**kwargs), - policies.SensitiveHeaderCleanupPolicy(**kwargs) if self._config.redirect_policy else None, - self._config.http_logging_policy, - ] - self._client: AsyncPipelineClient = AsyncPipelineClient(base_url=_endpoint, policies=_policies, **kwargs) - - client_models = {k: v for k, v in _models._models.__dict__.items() if isinstance(v, type)} - client_models.update({k: v for k, v in _models.__dict__.items() if isinstance(v, type)}) - self._serialize = Serializer(client_models) - self._deserialize = Deserializer(client_models) - self._serialize.client_side_validation = False - - def send_request( - self, request: HttpRequest, *, stream: bool = False, **kwargs: Any - ) -> Awaitable[AsyncHttpResponse]: - """Runs the network request through the client's chained policies. - - >>> from azure.core.rest import HttpRequest - >>> request = HttpRequest("GET", "https://www.example.org/") - - >>> response = await client.send_request(request) - - - For more information on this code flow, see https://aka.ms/azsdk/dpcodegen/python/send_request - - :param request: The network request you want to make. Required. - :type request: ~azure.core.rest.HttpRequest - :keyword bool stream: Whether the response payload will be streamed. Defaults to False. - :return: The response of your network call. Does not do error handling on your response. - :rtype: ~azure.core.rest.AsyncHttpResponse - """ - - request_copy = deepcopy(request) - request_copy.url = self._client.format_url(request_copy.url) - return self._client.send_request(request_copy, stream=stream, **kwargs) # type: ignore - - async def close(self) -> None: - await self._client.close() - - async def __aenter__(self) -> "KeyVaultClient": - await self._client.__aenter__() - return self - - async def __aexit__(self, *exc_details: Any) -> None: - await self._client.__aexit__(*exc_details) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/__init__.py deleted file mode 100644 index 1e114ae06f4d..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/__init__.py +++ /dev/null @@ -1,99 +0,0 @@ -# coding=utf-8 -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -from ._models import Action -from ._models import AdministratorDetails -from ._models import Attributes -from ._models import BackupCertificateResult -from ._models import CertificateAttributes -from ._models import CertificateBundle -from ._models import CertificateCreateParameters -from ._models import CertificateImportParameters -from ._models import CertificateIssuerItem -from ._models import CertificateIssuerSetParameters -from ._models import CertificateIssuerUpdateParameters -from ._models import CertificateItem -from ._models import CertificateMergeParameters -from ._models import CertificateOperation -from ._models import CertificateOperationUpdateParameter -from ._models import CertificatePolicy -from ._models import CertificateRestoreParameters -from ._models import CertificateUpdateParameters -from ._models import Contact -from ._models import Contacts -from ._models import DeletedCertificateBundle -from ._models import DeletedCertificateItem -from ._models import Error -from ._models import IssuerAttributes -from ._models import IssuerBundle -from ._models import IssuerCredentials -from ._models import IssuerParameters -from ._models import KeyProperties -from ._models import KeyVaultError -from ._models import LifetimeAction -from ._models import OrganizationDetails -from ._models import PendingCertificateSigningRequestResult -from ._models import SecretProperties -from ._models import SubjectAlternativeNames -from ._models import Trigger -from ._models import X509CertificateProperties - -from ._enums import ActionType -from ._enums import DeletionRecoveryLevel -from ._enums import JsonWebKeyCurveName -from ._enums import JsonWebKeyType -from ._enums import KeyUsageType -from ._patch import __all__ as _patch_all -from ._patch import * # pylint: disable=unused-wildcard-import -from ._patch import patch_sdk as _patch_sdk - -__all__ = [ - "Action", - "AdministratorDetails", - "Attributes", - "BackupCertificateResult", - "CertificateAttributes", - "CertificateBundle", - "CertificateCreateParameters", - "CertificateImportParameters", - "CertificateIssuerItem", - "CertificateIssuerSetParameters", - "CertificateIssuerUpdateParameters", - "CertificateItem", - "CertificateMergeParameters", - "CertificateOperation", - "CertificateOperationUpdateParameter", - "CertificatePolicy", - "CertificateRestoreParameters", - "CertificateUpdateParameters", - "Contact", - "Contacts", - "DeletedCertificateBundle", - "DeletedCertificateItem", - "Error", - "IssuerAttributes", - "IssuerBundle", - "IssuerCredentials", - "IssuerParameters", - "KeyProperties", - "KeyVaultError", - "LifetimeAction", - "OrganizationDetails", - "PendingCertificateSigningRequestResult", - "SecretProperties", - "SubjectAlternativeNames", - "Trigger", - "X509CertificateProperties", - "ActionType", - "DeletionRecoveryLevel", - "JsonWebKeyCurveName", - "JsonWebKeyType", - "KeyUsageType", -] -__all__.extend([p for p in _patch_all if p not in __all__]) -_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_models.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_models.py deleted file mode 100644 index 52b773d33b03..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_models.py +++ /dev/null @@ -1,1707 +0,0 @@ -# coding=utf-8 -# pylint: disable=too-many-lines -# -------------------------------------------------------------------------- -# Copyright (c) Microsoft Corporation. All rights reserved. -# Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. -# Changes may cause incorrect behavior and will be lost if the code is regenerated. -# -------------------------------------------------------------------------- - -import datetime -from typing import Any, Dict, List, Optional, TYPE_CHECKING, Union - -from .. import _serialization - -if TYPE_CHECKING: - # pylint: disable=unused-import,ungrouped-imports - from .. import models as _models - - -class Action(_serialization.Model): - """The action that will be executed. - - :ivar action_type: The type of the action. Known values are: "EmailContacts" and "AutoRenew". - :vartype action_type: str or ~azure.keyvault.v7_5.models.ActionType - """ - - _attribute_map = { - "action_type": {"key": "action_type", "type": "str"}, - } - - def __init__(self, *, action_type: Optional[Union[str, "_models.ActionType"]] = None, **kwargs: Any) -> None: - """ - :keyword action_type: The type of the action. Known values are: "EmailContacts" and - "AutoRenew". - :paramtype action_type: str or ~azure.keyvault.v7_5.models.ActionType - """ - super().__init__(**kwargs) - self.action_type = action_type - - -class AdministratorDetails(_serialization.Model): - """Details of the organization administrator of the certificate issuer. - - :ivar first_name: First name. - :vartype first_name: str - :ivar last_name: Last name. - :vartype last_name: str - :ivar email_address: Email address. - :vartype email_address: str - :ivar phone: Phone number. - :vartype phone: str - """ - - _attribute_map = { - "first_name": {"key": "first_name", "type": "str"}, - "last_name": {"key": "last_name", "type": "str"}, - "email_address": {"key": "email", "type": "str"}, - "phone": {"key": "phone", "type": "str"}, - } - - def __init__( - self, - *, - first_name: Optional[str] = None, - last_name: Optional[str] = None, - email_address: Optional[str] = None, - phone: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword first_name: First name. - :paramtype first_name: str - :keyword last_name: Last name. - :paramtype last_name: str - :keyword email_address: Email address. - :paramtype email_address: str - :keyword phone: Phone number. - :paramtype phone: str - """ - super().__init__(**kwargs) - self.first_name = first_name - self.last_name = last_name - self.email_address = email_address - self.phone = phone - - -class Attributes(_serialization.Model): - """The object attributes managed by the KeyVault service. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar enabled: Determines whether the object is enabled. - :vartype enabled: bool - :ivar not_before: Not before date in UTC. - :vartype not_before: ~datetime.datetime - :ivar expires: Expiry date in UTC. - :vartype expires: ~datetime.datetime - :ivar created: Creation time in UTC. - :vartype created: ~datetime.datetime - :ivar updated: Last updated time in UTC. - :vartype updated: ~datetime.datetime - """ - - _validation = { - "created": {"readonly": True}, - "updated": {"readonly": True}, - } - - _attribute_map = { - "enabled": {"key": "enabled", "type": "bool"}, - "not_before": {"key": "nbf", "type": "unix-time"}, - "expires": {"key": "exp", "type": "unix-time"}, - "created": {"key": "created", "type": "unix-time"}, - "updated": {"key": "updated", "type": "unix-time"}, - } - - def __init__( - self, - *, - enabled: Optional[bool] = None, - not_before: Optional[datetime.datetime] = None, - expires: Optional[datetime.datetime] = None, - **kwargs: Any - ) -> None: - """ - :keyword enabled: Determines whether the object is enabled. - :paramtype enabled: bool - :keyword not_before: Not before date in UTC. - :paramtype not_before: ~datetime.datetime - :keyword expires: Expiry date in UTC. - :paramtype expires: ~datetime.datetime - """ - super().__init__(**kwargs) - self.enabled = enabled - self.not_before = not_before - self.expires = expires - self.created = None - self.updated = None - - -class BackupCertificateResult(_serialization.Model): - """The backup certificate result, containing the backup blob. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar value: The backup blob containing the backed up certificate. - :vartype value: bytes - """ - - _validation = { - "value": {"readonly": True}, - } - - _attribute_map = { - "value": {"key": "value", "type": "base64"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.value = None - - -class CertificateAttributes(Attributes): - """The certificate management attributes. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar enabled: Determines whether the object is enabled. - :vartype enabled: bool - :ivar not_before: Not before date in UTC. - :vartype not_before: ~datetime.datetime - :ivar expires: Expiry date in UTC. - :vartype expires: ~datetime.datetime - :ivar created: Creation time in UTC. - :vartype created: ~datetime.datetime - :ivar updated: Last updated time in UTC. - :vartype updated: ~datetime.datetime - :ivar recoverable_days: softDelete data retention days. Value should be >=7 and <=90 when - softDelete enabled, otherwise 0. - :vartype recoverable_days: int - :ivar recovery_level: Reflects the deletion recovery level currently in effect for certificates - in the current vault. If it contains 'Purgeable', the certificate can be permanently deleted by - a privileged user; otherwise, only the system can purge the certificate, at the end of the - retention interval. Known values are: "Purgeable", "Recoverable+Purgeable", "Recoverable", - "Recoverable+ProtectedSubscription", "CustomizedRecoverable+Purgeable", - "CustomizedRecoverable", and "CustomizedRecoverable+ProtectedSubscription". - :vartype recovery_level: str or ~azure.keyvault.v7_5.models.DeletionRecoveryLevel - """ - - _validation = { - "created": {"readonly": True}, - "updated": {"readonly": True}, - "recoverable_days": {"readonly": True}, - "recovery_level": {"readonly": True}, - } - - _attribute_map = { - "enabled": {"key": "enabled", "type": "bool"}, - "not_before": {"key": "nbf", "type": "unix-time"}, - "expires": {"key": "exp", "type": "unix-time"}, - "created": {"key": "created", "type": "unix-time"}, - "updated": {"key": "updated", "type": "unix-time"}, - "recoverable_days": {"key": "recoverableDays", "type": "int"}, - "recovery_level": {"key": "recoveryLevel", "type": "str"}, - } - - def __init__( - self, - *, - enabled: Optional[bool] = None, - not_before: Optional[datetime.datetime] = None, - expires: Optional[datetime.datetime] = None, - **kwargs: Any - ) -> None: - """ - :keyword enabled: Determines whether the object is enabled. - :paramtype enabled: bool - :keyword not_before: Not before date in UTC. - :paramtype not_before: ~datetime.datetime - :keyword expires: Expiry date in UTC. - :paramtype expires: ~datetime.datetime - """ - super().__init__(enabled=enabled, not_before=not_before, expires=expires, **kwargs) - self.recoverable_days = None - self.recovery_level = None - - -class CertificateBundle(_serialization.Model): - """A certificate bundle consists of a certificate (X509) plus its attributes. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: The certificate id. - :vartype id: str - :ivar kid: The key id. - :vartype kid: str - :ivar sid: The secret id. - :vartype sid: str - :ivar x509_thumbprint: Thumbprint of the certificate. - :vartype x509_thumbprint: bytes - :ivar policy: The management policy. - :vartype policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :ivar cer: CER contents of x509 certificate. - :vartype cer: bytes - :ivar content_type: The content type of the secret. eg. 'application/x-pem-file' or - 'application/x-pkcs12',. - :vartype content_type: str - :ivar attributes: The certificate attributes. - :vartype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - """ - - _validation = { - "id": {"readonly": True}, - "kid": {"readonly": True}, - "sid": {"readonly": True}, - "x509_thumbprint": {"readonly": True}, - "policy": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "kid": {"key": "kid", "type": "str"}, - "sid": {"key": "sid", "type": "str"}, - "x509_thumbprint": {"key": "x5t", "type": "base64"}, - "policy": {"key": "policy", "type": "CertificatePolicy"}, - "cer": {"key": "cer", "type": "bytearray"}, - "content_type": {"key": "contentType", "type": "str"}, - "attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - } - - def __init__( - self, - *, - cer: Optional[bytes] = None, - content_type: Optional[str] = None, - attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword cer: CER contents of x509 certificate. - :paramtype cer: bytes - :keyword content_type: The content type of the secret. eg. 'application/x-pem-file' or - 'application/x-pkcs12',. - :paramtype content_type: str - :keyword attributes: The certificate attributes. - :paramtype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - """ - super().__init__(**kwargs) - self.id = None - self.kid = None - self.sid = None - self.x509_thumbprint = None - self.policy = None - self.cer = cer - self.content_type = content_type - self.attributes = attributes - self.tags = tags - - -class CertificateCreateParameters(_serialization.Model): - """The certificate create parameters. - - :ivar certificate_policy: The management policy for the certificate. - :vartype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :ivar certificate_attributes: The attributes of the certificate (optional). - :vartype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - """ - - _attribute_map = { - "certificate_policy": {"key": "policy", "type": "CertificatePolicy"}, - "certificate_attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - } - - def __init__( - self, - *, - certificate_policy: Optional["_models.CertificatePolicy"] = None, - certificate_attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword certificate_policy: The management policy for the certificate. - :paramtype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :keyword certificate_attributes: The attributes of the certificate (optional). - :paramtype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - """ - super().__init__(**kwargs) - self.certificate_policy = certificate_policy - self.certificate_attributes = certificate_attributes - self.tags = tags - - -class CertificateImportParameters(_serialization.Model): - """The certificate import parameters. - - All required parameters must be populated in order to send to server. - - :ivar base64_encoded_certificate: Base64 encoded representation of the certificate object to - import. This certificate needs to contain the private key. Required. - :vartype base64_encoded_certificate: str - :ivar password: If the private key in base64EncodedCertificate is encrypted, the password used - for encryption. - :vartype password: str - :ivar certificate_policy: The management policy for the certificate. - :vartype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :ivar certificate_attributes: The attributes of the certificate (optional). - :vartype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - """ - - _validation = { - "base64_encoded_certificate": {"required": True}, - } - - _attribute_map = { - "base64_encoded_certificate": {"key": "value", "type": "str"}, - "password": {"key": "pwd", "type": "str"}, - "certificate_policy": {"key": "policy", "type": "CertificatePolicy"}, - "certificate_attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - } - - def __init__( - self, - *, - base64_encoded_certificate: str, - password: Optional[str] = None, - certificate_policy: Optional["_models.CertificatePolicy"] = None, - certificate_attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword base64_encoded_certificate: Base64 encoded representation of the certificate object to - import. This certificate needs to contain the private key. Required. - :paramtype base64_encoded_certificate: str - :keyword password: If the private key in base64EncodedCertificate is encrypted, the password - used for encryption. - :paramtype password: str - :keyword certificate_policy: The management policy for the certificate. - :paramtype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :keyword certificate_attributes: The attributes of the certificate (optional). - :paramtype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - """ - super().__init__(**kwargs) - self.base64_encoded_certificate = base64_encoded_certificate - self.password = password - self.certificate_policy = certificate_policy - self.certificate_attributes = certificate_attributes - self.tags = tags - - -class CertificateIssuerItem(_serialization.Model): - """The certificate issuer item containing certificate issuer metadata. - - :ivar id: Certificate Identifier. - :vartype id: str - :ivar provider: The issuer provider. - :vartype provider: str - """ - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "provider": {"key": "provider", "type": "str"}, - } - - def __init__( - self, - *, - id: Optional[str] = None, # pylint: disable=redefined-builtin - provider: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword id: Certificate Identifier. - :paramtype id: str - :keyword provider: The issuer provider. - :paramtype provider: str - """ - super().__init__(**kwargs) - self.id = id - self.provider = provider - - -class CertificateIssuerListResult(_serialization.Model): - """The certificate issuer list result. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar value: A response message containing a list of certificate issuers in the key vault along - with a link to the next page of certificate issuers. - :vartype value: list[~azure.keyvault.v7_5.models.CertificateIssuerItem] - :ivar next_link: The URL to get the next set of certificate issuers. - :vartype next_link: str - """ - - _validation = { - "value": {"readonly": True}, - "next_link": {"readonly": True}, - } - - _attribute_map = { - "value": {"key": "value", "type": "[CertificateIssuerItem]"}, - "next_link": {"key": "nextLink", "type": "str"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.value = None - self.next_link = None - - -class CertificateIssuerSetParameters(_serialization.Model): - """The certificate issuer set parameters. - - All required parameters must be populated in order to send to server. - - :ivar provider: The issuer provider. Required. - :vartype provider: str - :ivar credentials: The credentials to be used for the issuer. - :vartype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :ivar organization_details: Details of the organization as provided to the issuer. - :vartype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :ivar attributes: Attributes of the issuer object. - :vartype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - - _validation = { - "provider": {"required": True}, - } - - _attribute_map = { - "provider": {"key": "provider", "type": "str"}, - "credentials": {"key": "credentials", "type": "IssuerCredentials"}, - "organization_details": {"key": "org_details", "type": "OrganizationDetails"}, - "attributes": {"key": "attributes", "type": "IssuerAttributes"}, - } - - def __init__( - self, - *, - provider: str, - credentials: Optional["_models.IssuerCredentials"] = None, - organization_details: Optional["_models.OrganizationDetails"] = None, - attributes: Optional["_models.IssuerAttributes"] = None, - **kwargs: Any - ) -> None: - """ - :keyword provider: The issuer provider. Required. - :paramtype provider: str - :keyword credentials: The credentials to be used for the issuer. - :paramtype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :keyword organization_details: Details of the organization as provided to the issuer. - :paramtype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :keyword attributes: Attributes of the issuer object. - :paramtype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - super().__init__(**kwargs) - self.provider = provider - self.credentials = credentials - self.organization_details = organization_details - self.attributes = attributes - - -class CertificateIssuerUpdateParameters(_serialization.Model): - """The certificate issuer update parameters. - - :ivar provider: The issuer provider. - :vartype provider: str - :ivar credentials: The credentials to be used for the issuer. - :vartype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :ivar organization_details: Details of the organization as provided to the issuer. - :vartype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :ivar attributes: Attributes of the issuer object. - :vartype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - - _attribute_map = { - "provider": {"key": "provider", "type": "str"}, - "credentials": {"key": "credentials", "type": "IssuerCredentials"}, - "organization_details": {"key": "org_details", "type": "OrganizationDetails"}, - "attributes": {"key": "attributes", "type": "IssuerAttributes"}, - } - - def __init__( - self, - *, - provider: Optional[str] = None, - credentials: Optional["_models.IssuerCredentials"] = None, - organization_details: Optional["_models.OrganizationDetails"] = None, - attributes: Optional["_models.IssuerAttributes"] = None, - **kwargs: Any - ) -> None: - """ - :keyword provider: The issuer provider. - :paramtype provider: str - :keyword credentials: The credentials to be used for the issuer. - :paramtype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :keyword organization_details: Details of the organization as provided to the issuer. - :paramtype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :keyword attributes: Attributes of the issuer object. - :paramtype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - super().__init__(**kwargs) - self.provider = provider - self.credentials = credentials - self.organization_details = organization_details - self.attributes = attributes - - -class CertificateItem(_serialization.Model): - """The certificate item containing certificate metadata. - - :ivar id: Certificate identifier. - :vartype id: str - :ivar attributes: The certificate management attributes. - :vartype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - :ivar x509_thumbprint: Thumbprint of the certificate. - :vartype x509_thumbprint: bytes - """ - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - "x509_thumbprint": {"key": "x5t", "type": "base64"}, - } - - def __init__( - self, - *, - id: Optional[str] = None, # pylint: disable=redefined-builtin - attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - x509_thumbprint: Optional[bytes] = None, - **kwargs: Any - ) -> None: - """ - :keyword id: Certificate identifier. - :paramtype id: str - :keyword attributes: The certificate management attributes. - :paramtype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - :keyword x509_thumbprint: Thumbprint of the certificate. - :paramtype x509_thumbprint: bytes - """ - super().__init__(**kwargs) - self.id = id - self.attributes = attributes - self.tags = tags - self.x509_thumbprint = x509_thumbprint - - -class CertificateListResult(_serialization.Model): - """The certificate list result. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar value: A response message containing a list of certificates in the key vault along with a - link to the next page of certificates. - :vartype value: list[~azure.keyvault.v7_5.models.CertificateItem] - :ivar next_link: The URL to get the next set of certificates. - :vartype next_link: str - """ - - _validation = { - "value": {"readonly": True}, - "next_link": {"readonly": True}, - } - - _attribute_map = { - "value": {"key": "value", "type": "[CertificateItem]"}, - "next_link": {"key": "nextLink", "type": "str"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.value = None - self.next_link = None - - -class CertificateMergeParameters(_serialization.Model): - """The certificate merge parameters. - - All required parameters must be populated in order to send to server. - - :ivar x509_certificates: The certificate or the certificate chain to merge. Required. - :vartype x509_certificates: list[bytes] - :ivar certificate_attributes: The attributes of the certificate (optional). - :vartype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - """ - - _validation = { - "x509_certificates": {"required": True}, - } - - _attribute_map = { - "x509_certificates": {"key": "x5c", "type": "[bytearray]"}, - "certificate_attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - } - - def __init__( - self, - *, - x509_certificates: List[bytes], - certificate_attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword x509_certificates: The certificate or the certificate chain to merge. Required. - :paramtype x509_certificates: list[bytes] - :keyword certificate_attributes: The attributes of the certificate (optional). - :paramtype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - """ - super().__init__(**kwargs) - self.x509_certificates = x509_certificates - self.certificate_attributes = certificate_attributes - self.tags = tags - - -class CertificateOperation(_serialization.Model): - """A certificate operation is returned in case of asynchronous requests. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: The certificate id. - :vartype id: str - :ivar issuer_parameters: Parameters for the issuer of the X509 component of a certificate. - :vartype issuer_parameters: ~azure.keyvault.v7_5.models.IssuerParameters - :ivar csr: The certificate signing request (CSR) that is being used in the certificate - operation. - :vartype csr: bytes - :ivar cancellation_requested: Indicates if cancellation was requested on the certificate - operation. - :vartype cancellation_requested: bool - :ivar status: Status of the certificate operation. - :vartype status: str - :ivar status_details: The status details of the certificate operation. - :vartype status_details: str - :ivar error: Error encountered, if any, during the certificate operation. - :vartype error: ~azure.keyvault.v7_5.models.Error - :ivar target: Location which contains the result of the certificate operation. - :vartype target: str - :ivar request_id: Identifier for the certificate operation. - :vartype request_id: str - """ - - _validation = { - "id": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "issuer_parameters": {"key": "issuer", "type": "IssuerParameters"}, - "csr": {"key": "csr", "type": "bytearray"}, - "cancellation_requested": {"key": "cancellation_requested", "type": "bool"}, - "status": {"key": "status", "type": "str"}, - "status_details": {"key": "status_details", "type": "str"}, - "error": {"key": "error", "type": "Error"}, - "target": {"key": "target", "type": "str"}, - "request_id": {"key": "request_id", "type": "str"}, - } - - def __init__( - self, - *, - issuer_parameters: Optional["_models.IssuerParameters"] = None, - csr: Optional[bytes] = None, - cancellation_requested: Optional[bool] = None, - status: Optional[str] = None, - status_details: Optional[str] = None, - error: Optional["_models.Error"] = None, - target: Optional[str] = None, - request_id: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword issuer_parameters: Parameters for the issuer of the X509 component of a certificate. - :paramtype issuer_parameters: ~azure.keyvault.v7_5.models.IssuerParameters - :keyword csr: The certificate signing request (CSR) that is being used in the certificate - operation. - :paramtype csr: bytes - :keyword cancellation_requested: Indicates if cancellation was requested on the certificate - operation. - :paramtype cancellation_requested: bool - :keyword status: Status of the certificate operation. - :paramtype status: str - :keyword status_details: The status details of the certificate operation. - :paramtype status_details: str - :keyword error: Error encountered, if any, during the certificate operation. - :paramtype error: ~azure.keyvault.v7_5.models.Error - :keyword target: Location which contains the result of the certificate operation. - :paramtype target: str - :keyword request_id: Identifier for the certificate operation. - :paramtype request_id: str - """ - super().__init__(**kwargs) - self.id = None - self.issuer_parameters = issuer_parameters - self.csr = csr - self.cancellation_requested = cancellation_requested - self.status = status - self.status_details = status_details - self.error = error - self.target = target - self.request_id = request_id - - -class CertificateOperationUpdateParameter(_serialization.Model): - """The certificate operation update parameters. - - All required parameters must be populated in order to send to server. - - :ivar cancellation_requested: Indicates if cancellation was requested on the certificate - operation. Required. - :vartype cancellation_requested: bool - """ - - _validation = { - "cancellation_requested": {"required": True}, - } - - _attribute_map = { - "cancellation_requested": {"key": "cancellation_requested", "type": "bool"}, - } - - def __init__(self, *, cancellation_requested: bool, **kwargs: Any) -> None: - """ - :keyword cancellation_requested: Indicates if cancellation was requested on the certificate - operation. Required. - :paramtype cancellation_requested: bool - """ - super().__init__(**kwargs) - self.cancellation_requested = cancellation_requested - - -class CertificatePolicy(_serialization.Model): - """Management policy for a certificate. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: The certificate id. - :vartype id: str - :ivar key_properties: Properties of the key backing a certificate. - :vartype key_properties: ~azure.keyvault.v7_5.models.KeyProperties - :ivar secret_properties: Properties of the secret backing a certificate. - :vartype secret_properties: ~azure.keyvault.v7_5.models.SecretProperties - :ivar x509_certificate_properties: Properties of the X509 component of a certificate. - :vartype x509_certificate_properties: ~azure.keyvault.v7_5.models.X509CertificateProperties - :ivar lifetime_actions: Actions that will be performed by Key Vault over the lifetime of a - certificate. - :vartype lifetime_actions: list[~azure.keyvault.v7_5.models.LifetimeAction] - :ivar issuer_parameters: Parameters for the issuer of the X509 component of a certificate. - :vartype issuer_parameters: ~azure.keyvault.v7_5.models.IssuerParameters - :ivar attributes: The certificate attributes. - :vartype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - """ - - _validation = { - "id": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "key_properties": {"key": "key_props", "type": "KeyProperties"}, - "secret_properties": {"key": "secret_props", "type": "SecretProperties"}, - "x509_certificate_properties": {"key": "x509_props", "type": "X509CertificateProperties"}, - "lifetime_actions": {"key": "lifetime_actions", "type": "[LifetimeAction]"}, - "issuer_parameters": {"key": "issuer", "type": "IssuerParameters"}, - "attributes": {"key": "attributes", "type": "CertificateAttributes"}, - } - - def __init__( - self, - *, - key_properties: Optional["_models.KeyProperties"] = None, - secret_properties: Optional["_models.SecretProperties"] = None, - x509_certificate_properties: Optional["_models.X509CertificateProperties"] = None, - lifetime_actions: Optional[List["_models.LifetimeAction"]] = None, - issuer_parameters: Optional["_models.IssuerParameters"] = None, - attributes: Optional["_models.CertificateAttributes"] = None, - **kwargs: Any - ) -> None: - """ - :keyword key_properties: Properties of the key backing a certificate. - :paramtype key_properties: ~azure.keyvault.v7_5.models.KeyProperties - :keyword secret_properties: Properties of the secret backing a certificate. - :paramtype secret_properties: ~azure.keyvault.v7_5.models.SecretProperties - :keyword x509_certificate_properties: Properties of the X509 component of a certificate. - :paramtype x509_certificate_properties: ~azure.keyvault.v7_5.models.X509CertificateProperties - :keyword lifetime_actions: Actions that will be performed by Key Vault over the lifetime of a - certificate. - :paramtype lifetime_actions: list[~azure.keyvault.v7_5.models.LifetimeAction] - :keyword issuer_parameters: Parameters for the issuer of the X509 component of a certificate. - :paramtype issuer_parameters: ~azure.keyvault.v7_5.models.IssuerParameters - :keyword attributes: The certificate attributes. - :paramtype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - """ - super().__init__(**kwargs) - self.id = None - self.key_properties = key_properties - self.secret_properties = secret_properties - self.x509_certificate_properties = x509_certificate_properties - self.lifetime_actions = lifetime_actions - self.issuer_parameters = issuer_parameters - self.attributes = attributes - - -class CertificateRestoreParameters(_serialization.Model): - """The certificate restore parameters. - - All required parameters must be populated in order to send to server. - - :ivar certificate_bundle_backup: The backup blob associated with a certificate bundle. - Required. - :vartype certificate_bundle_backup: bytes - """ - - _validation = { - "certificate_bundle_backup": {"required": True}, - } - - _attribute_map = { - "certificate_bundle_backup": {"key": "value", "type": "base64"}, - } - - def __init__(self, *, certificate_bundle_backup: bytes, **kwargs: Any) -> None: - """ - :keyword certificate_bundle_backup: The backup blob associated with a certificate bundle. - Required. - :paramtype certificate_bundle_backup: bytes - """ - super().__init__(**kwargs) - self.certificate_bundle_backup = certificate_bundle_backup - - -class CertificateUpdateParameters(_serialization.Model): - """The certificate update parameters. - - :ivar certificate_policy: The management policy for the certificate. - :vartype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :ivar certificate_attributes: The attributes of the certificate (optional). - :vartype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - """ - - _attribute_map = { - "certificate_policy": {"key": "policy", "type": "CertificatePolicy"}, - "certificate_attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - } - - def __init__( - self, - *, - certificate_policy: Optional["_models.CertificatePolicy"] = None, - certificate_attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword certificate_policy: The management policy for the certificate. - :paramtype certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :keyword certificate_attributes: The attributes of the certificate (optional). - :paramtype certificate_attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - """ - super().__init__(**kwargs) - self.certificate_policy = certificate_policy - self.certificate_attributes = certificate_attributes - self.tags = tags - - -class Contact(_serialization.Model): - """The contact information for the vault certificates. - - :ivar email_address: Email address. - :vartype email_address: str - :ivar name: Name. - :vartype name: str - :ivar phone: Phone number. - :vartype phone: str - """ - - _attribute_map = { - "email_address": {"key": "email", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "phone": {"key": "phone", "type": "str"}, - } - - def __init__( - self, - *, - email_address: Optional[str] = None, - name: Optional[str] = None, - phone: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword email_address: Email address. - :paramtype email_address: str - :keyword name: Name. - :paramtype name: str - :keyword phone: Phone number. - :paramtype phone: str - """ - super().__init__(**kwargs) - self.email_address = email_address - self.name = name - self.phone = phone - - -class Contacts(_serialization.Model): - """The contacts for the vault certificates. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: Identifier for the contacts collection. - :vartype id: str - :ivar contact_list: The contact list for the vault certificates. - :vartype contact_list: list[~azure.keyvault.v7_5.models.Contact] - """ - - _validation = { - "id": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "contact_list": {"key": "contacts", "type": "[Contact]"}, - } - - def __init__(self, *, contact_list: Optional[List["_models.Contact"]] = None, **kwargs: Any) -> None: - """ - :keyword contact_list: The contact list for the vault certificates. - :paramtype contact_list: list[~azure.keyvault.v7_5.models.Contact] - """ - super().__init__(**kwargs) - self.id = None - self.contact_list = contact_list - - -class DeletedCertificateBundle(CertificateBundle): # pylint: disable=too-many-instance-attributes - """A Deleted Certificate consisting of its previous id, attributes and its tags, as well as - information on when it will be purged. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: The certificate id. - :vartype id: str - :ivar kid: The key id. - :vartype kid: str - :ivar sid: The secret id. - :vartype sid: str - :ivar x509_thumbprint: Thumbprint of the certificate. - :vartype x509_thumbprint: bytes - :ivar policy: The management policy. - :vartype policy: ~azure.keyvault.v7_5.models.CertificatePolicy - :ivar cer: CER contents of x509 certificate. - :vartype cer: bytes - :ivar content_type: The content type of the secret. eg. 'application/x-pem-file' or - 'application/x-pkcs12',. - :vartype content_type: str - :ivar attributes: The certificate attributes. - :vartype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - :ivar recovery_id: The url of the recovery object, used to identify and recover the deleted - certificate. - :vartype recovery_id: str - :ivar scheduled_purge_date: The time when the certificate is scheduled to be purged, in UTC. - :vartype scheduled_purge_date: ~datetime.datetime - :ivar deleted_date: The time when the certificate was deleted, in UTC. - :vartype deleted_date: ~datetime.datetime - """ - - _validation = { - "id": {"readonly": True}, - "kid": {"readonly": True}, - "sid": {"readonly": True}, - "x509_thumbprint": {"readonly": True}, - "policy": {"readonly": True}, - "scheduled_purge_date": {"readonly": True}, - "deleted_date": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "kid": {"key": "kid", "type": "str"}, - "sid": {"key": "sid", "type": "str"}, - "x509_thumbprint": {"key": "x5t", "type": "base64"}, - "policy": {"key": "policy", "type": "CertificatePolicy"}, - "cer": {"key": "cer", "type": "bytearray"}, - "content_type": {"key": "contentType", "type": "str"}, - "attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - "recovery_id": {"key": "recoveryId", "type": "str"}, - "scheduled_purge_date": {"key": "scheduledPurgeDate", "type": "unix-time"}, - "deleted_date": {"key": "deletedDate", "type": "unix-time"}, - } - - def __init__( - self, - *, - cer: Optional[bytes] = None, - content_type: Optional[str] = None, - attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - recovery_id: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword cer: CER contents of x509 certificate. - :paramtype cer: bytes - :keyword content_type: The content type of the secret. eg. 'application/x-pem-file' or - 'application/x-pkcs12',. - :paramtype content_type: str - :keyword attributes: The certificate attributes. - :paramtype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - :keyword recovery_id: The url of the recovery object, used to identify and recover the deleted - certificate. - :paramtype recovery_id: str - """ - super().__init__(cer=cer, content_type=content_type, attributes=attributes, tags=tags, **kwargs) - self.recovery_id = recovery_id - self.scheduled_purge_date = None - self.deleted_date = None - - -class DeletedCertificateItem(CertificateItem): - """The deleted certificate item containing metadata about the deleted certificate. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: Certificate identifier. - :vartype id: str - :ivar attributes: The certificate management attributes. - :vartype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :ivar tags: Application specific metadata in the form of key-value pairs. - :vartype tags: dict[str, str] - :ivar x509_thumbprint: Thumbprint of the certificate. - :vartype x509_thumbprint: bytes - :ivar recovery_id: The url of the recovery object, used to identify and recover the deleted - certificate. - :vartype recovery_id: str - :ivar scheduled_purge_date: The time when the certificate is scheduled to be purged, in UTC. - :vartype scheduled_purge_date: ~datetime.datetime - :ivar deleted_date: The time when the certificate was deleted, in UTC. - :vartype deleted_date: ~datetime.datetime - """ - - _validation = { - "scheduled_purge_date": {"readonly": True}, - "deleted_date": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "attributes": {"key": "attributes", "type": "CertificateAttributes"}, - "tags": {"key": "tags", "type": "{str}"}, - "x509_thumbprint": {"key": "x5t", "type": "base64"}, - "recovery_id": {"key": "recoveryId", "type": "str"}, - "scheduled_purge_date": {"key": "scheduledPurgeDate", "type": "unix-time"}, - "deleted_date": {"key": "deletedDate", "type": "unix-time"}, - } - - def __init__( - self, - *, - id: Optional[str] = None, # pylint: disable=redefined-builtin - attributes: Optional["_models.CertificateAttributes"] = None, - tags: Optional[Dict[str, str]] = None, - x509_thumbprint: Optional[bytes] = None, - recovery_id: Optional[str] = None, - **kwargs: Any - ) -> None: - """ - :keyword id: Certificate identifier. - :paramtype id: str - :keyword attributes: The certificate management attributes. - :paramtype attributes: ~azure.keyvault.v7_5.models.CertificateAttributes - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - :keyword x509_thumbprint: Thumbprint of the certificate. - :paramtype x509_thumbprint: bytes - :keyword recovery_id: The url of the recovery object, used to identify and recover the deleted - certificate. - :paramtype recovery_id: str - """ - super().__init__(id=id, attributes=attributes, tags=tags, x509_thumbprint=x509_thumbprint, **kwargs) - self.recovery_id = recovery_id - self.scheduled_purge_date = None - self.deleted_date = None - - -class DeletedCertificateListResult(_serialization.Model): - """A list of certificates that have been deleted in this vault. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar value: A response message containing a list of deleted certificates in the vault along - with a link to the next page of deleted certificates. - :vartype value: list[~azure.keyvault.v7_5.models.DeletedCertificateItem] - :ivar next_link: The URL to get the next set of deleted certificates. - :vartype next_link: str - """ - - _validation = { - "value": {"readonly": True}, - "next_link": {"readonly": True}, - } - - _attribute_map = { - "value": {"key": "value", "type": "[DeletedCertificateItem]"}, - "next_link": {"key": "nextLink", "type": "str"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.value = None - self.next_link = None - - -class Error(_serialization.Model): - """The key vault server error. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar code: The error code. - :vartype code: str - :ivar message: The error message. - :vartype message: str - :ivar inner_error: The key vault server error. - :vartype inner_error: ~azure.keyvault.v7_5.models.Error - """ - - _validation = { - "code": {"readonly": True}, - "message": {"readonly": True}, - "inner_error": {"readonly": True}, - } - - _attribute_map = { - "code": {"key": "code", "type": "str"}, - "message": {"key": "message", "type": "str"}, - "inner_error": {"key": "innererror", "type": "Error"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.code = None - self.message = None - self.inner_error = None - - -class IssuerAttributes(_serialization.Model): - """The attributes of an issuer managed by the Key Vault service. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar enabled: Determines whether the issuer is enabled. - :vartype enabled: bool - :ivar created: Creation time in UTC. - :vartype created: ~datetime.datetime - :ivar updated: Last updated time in UTC. - :vartype updated: ~datetime.datetime - """ - - _validation = { - "created": {"readonly": True}, - "updated": {"readonly": True}, - } - - _attribute_map = { - "enabled": {"key": "enabled", "type": "bool"}, - "created": {"key": "created", "type": "unix-time"}, - "updated": {"key": "updated", "type": "unix-time"}, - } - - def __init__(self, *, enabled: Optional[bool] = None, **kwargs: Any) -> None: - """ - :keyword enabled: Determines whether the issuer is enabled. - :paramtype enabled: bool - """ - super().__init__(**kwargs) - self.enabled = enabled - self.created = None - self.updated = None - - -class IssuerBundle(_serialization.Model): - """The issuer for Key Vault certificate. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: Identifier for the issuer object. - :vartype id: str - :ivar provider: The issuer provider. - :vartype provider: str - :ivar credentials: The credentials to be used for the issuer. - :vartype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :ivar organization_details: Details of the organization as provided to the issuer. - :vartype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :ivar attributes: Attributes of the issuer object. - :vartype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - - _validation = { - "id": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "provider": {"key": "provider", "type": "str"}, - "credentials": {"key": "credentials", "type": "IssuerCredentials"}, - "organization_details": {"key": "org_details", "type": "OrganizationDetails"}, - "attributes": {"key": "attributes", "type": "IssuerAttributes"}, - } - - def __init__( - self, - *, - provider: Optional[str] = None, - credentials: Optional["_models.IssuerCredentials"] = None, - organization_details: Optional["_models.OrganizationDetails"] = None, - attributes: Optional["_models.IssuerAttributes"] = None, - **kwargs: Any - ) -> None: - """ - :keyword provider: The issuer provider. - :paramtype provider: str - :keyword credentials: The credentials to be used for the issuer. - :paramtype credentials: ~azure.keyvault.v7_5.models.IssuerCredentials - :keyword organization_details: Details of the organization as provided to the issuer. - :paramtype organization_details: ~azure.keyvault.v7_5.models.OrganizationDetails - :keyword attributes: Attributes of the issuer object. - :paramtype attributes: ~azure.keyvault.v7_5.models.IssuerAttributes - """ - super().__init__(**kwargs) - self.id = None - self.provider = provider - self.credentials = credentials - self.organization_details = organization_details - self.attributes = attributes - - -class IssuerCredentials(_serialization.Model): - """The credentials to be used for the certificate issuer. - - :ivar account_id: The user name/account name/account id. - :vartype account_id: str - :ivar password: The password/secret/account key. - :vartype password: str - """ - - _attribute_map = { - "account_id": {"key": "account_id", "type": "str"}, - "password": {"key": "pwd", "type": "str"}, - } - - def __init__(self, *, account_id: Optional[str] = None, password: Optional[str] = None, **kwargs: Any) -> None: - """ - :keyword account_id: The user name/account name/account id. - :paramtype account_id: str - :keyword password: The password/secret/account key. - :paramtype password: str - """ - super().__init__(**kwargs) - self.account_id = account_id - self.password = password - - -class IssuerParameters(_serialization.Model): - """Parameters for the issuer of the X509 component of a certificate. - - :ivar name: Name of the referenced issuer object or reserved names; for example, 'Self' or - 'Unknown'. - :vartype name: str - :ivar certificate_type: Certificate type as supported by the provider (optional); for example - 'OV-SSL', 'EV-SSL'. - :vartype certificate_type: str - :ivar certificate_transparency: Indicates if the certificates generated under this policy - should be published to certificate transparency logs. - :vartype certificate_transparency: bool - """ - - _attribute_map = { - "name": {"key": "name", "type": "str"}, - "certificate_type": {"key": "cty", "type": "str"}, - "certificate_transparency": {"key": "cert_transparency", "type": "bool"}, - } - - def __init__( - self, - *, - name: Optional[str] = None, - certificate_type: Optional[str] = None, - certificate_transparency: Optional[bool] = None, - **kwargs: Any - ) -> None: - """ - :keyword name: Name of the referenced issuer object or reserved names; for example, 'Self' or - 'Unknown'. - :paramtype name: str - :keyword certificate_type: Certificate type as supported by the provider (optional); for - example 'OV-SSL', 'EV-SSL'. - :paramtype certificate_type: str - :keyword certificate_transparency: Indicates if the certificates generated under this policy - should be published to certificate transparency logs. - :paramtype certificate_transparency: bool - """ - super().__init__(**kwargs) - self.name = name - self.certificate_type = certificate_type - self.certificate_transparency = certificate_transparency - - -class KeyProperties(_serialization.Model): - """Properties of the key pair backing a certificate. - - :ivar exportable: Indicates if the private key can be exported. Release policy must be provided - when creating the first version of an exportable key. - :vartype exportable: bool - :ivar key_type: The type of key pair to be used for the certificate. Known values are: "EC", - "EC-HSM", "RSA", "RSA-HSM", "oct", and "oct-HSM". - :vartype key_type: str or ~azure.keyvault.v7_5.models.JsonWebKeyType - :ivar key_size: The key size in bits. For example: 2048, 3072, or 4096 for RSA. - :vartype key_size: int - :ivar reuse_key: Indicates if the same key pair will be used on certificate renewal. - :vartype reuse_key: bool - :ivar curve: Elliptic curve name. For valid values, see JsonWebKeyCurveName. Known values are: - "P-256", "P-384", "P-521", and "P-256K". - :vartype curve: str or ~azure.keyvault.v7_5.models.JsonWebKeyCurveName - """ - - _attribute_map = { - "exportable": {"key": "exportable", "type": "bool"}, - "key_type": {"key": "kty", "type": "str"}, - "key_size": {"key": "key_size", "type": "int"}, - "reuse_key": {"key": "reuse_key", "type": "bool"}, - "curve": {"key": "crv", "type": "str"}, - } - - def __init__( - self, - *, - exportable: Optional[bool] = None, - key_type: Optional[Union[str, "_models.JsonWebKeyType"]] = None, - key_size: Optional[int] = None, - reuse_key: Optional[bool] = None, - curve: Optional[Union[str, "_models.JsonWebKeyCurveName"]] = None, - **kwargs: Any - ) -> None: - """ - :keyword exportable: Indicates if the private key can be exported. Release policy must be - provided when creating the first version of an exportable key. - :paramtype exportable: bool - :keyword key_type: The type of key pair to be used for the certificate. Known values are: "EC", - "EC-HSM", "RSA", "RSA-HSM", "oct", and "oct-HSM". - :paramtype key_type: str or ~azure.keyvault.v7_5.models.JsonWebKeyType - :keyword key_size: The key size in bits. For example: 2048, 3072, or 4096 for RSA. - :paramtype key_size: int - :keyword reuse_key: Indicates if the same key pair will be used on certificate renewal. - :paramtype reuse_key: bool - :keyword curve: Elliptic curve name. For valid values, see JsonWebKeyCurveName. Known values - are: "P-256", "P-384", "P-521", and "P-256K". - :paramtype curve: str or ~azure.keyvault.v7_5.models.JsonWebKeyCurveName - """ - super().__init__(**kwargs) - self.exportable = exportable - self.key_type = key_type - self.key_size = key_size - self.reuse_key = reuse_key - self.curve = curve - - -class KeyVaultError(_serialization.Model): - """The key vault error exception. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar error: The key vault server error. - :vartype error: ~azure.keyvault.v7_5.models.Error - """ - - _validation = { - "error": {"readonly": True}, - } - - _attribute_map = { - "error": {"key": "error", "type": "Error"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.error = None - - -class LifetimeAction(_serialization.Model): - """Action and its trigger that will be performed by Key Vault over the lifetime of a certificate. - - :ivar trigger: The condition that will execute the action. - :vartype trigger: ~azure.keyvault.v7_5.models.Trigger - :ivar action: The action that will be executed. - :vartype action: ~azure.keyvault.v7_5.models.Action - """ - - _attribute_map = { - "trigger": {"key": "trigger", "type": "Trigger"}, - "action": {"key": "action", "type": "Action"}, - } - - def __init__( - self, *, trigger: Optional["_models.Trigger"] = None, action: Optional["_models.Action"] = None, **kwargs: Any - ) -> None: - """ - :keyword trigger: The condition that will execute the action. - :paramtype trigger: ~azure.keyvault.v7_5.models.Trigger - :keyword action: The action that will be executed. - :paramtype action: ~azure.keyvault.v7_5.models.Action - """ - super().__init__(**kwargs) - self.trigger = trigger - self.action = action - - -class OrganizationDetails(_serialization.Model): - """Details of the organization of the certificate issuer. - - :ivar id: Id of the organization. - :vartype id: str - :ivar admin_details: Details of the organization administrator. - :vartype admin_details: list[~azure.keyvault.v7_5.models.AdministratorDetails] - """ - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "admin_details": {"key": "admin_details", "type": "[AdministratorDetails]"}, - } - - def __init__( - self, - *, - id: Optional[str] = None, # pylint: disable=redefined-builtin - admin_details: Optional[List["_models.AdministratorDetails"]] = None, - **kwargs: Any - ) -> None: - """ - :keyword id: Id of the organization. - :paramtype id: str - :keyword admin_details: Details of the organization administrator. - :paramtype admin_details: list[~azure.keyvault.v7_5.models.AdministratorDetails] - """ - super().__init__(**kwargs) - self.id = id - self.admin_details = admin_details - - -class PendingCertificateSigningRequestResult(_serialization.Model): - """The pending certificate signing request result. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar value: The pending certificate signing request as Base64 encoded string. - :vartype value: str - """ - - _validation = { - "value": {"readonly": True}, - } - - _attribute_map = { - "value": {"key": "value", "type": "str"}, - } - - def __init__(self, **kwargs: Any) -> None: - """ """ - super().__init__(**kwargs) - self.value = None - - -class SecretProperties(_serialization.Model): - """Properties of the key backing a certificate. - - :ivar content_type: The media type (MIME type). - :vartype content_type: str - """ - - _attribute_map = { - "content_type": {"key": "contentType", "type": "str"}, - } - - def __init__(self, *, content_type: Optional[str] = None, **kwargs: Any) -> None: - """ - :keyword content_type: The media type (MIME type). - :paramtype content_type: str - """ - super().__init__(**kwargs) - self.content_type = content_type - - -class SubjectAlternativeNames(_serialization.Model): - """The subject alternate names of a X509 object. - - :ivar emails: Email addresses. - :vartype emails: list[str] - :ivar dns_names: Domain names. - :vartype dns_names: list[str] - :ivar upns: User principal names. - :vartype upns: list[str] - """ - - _attribute_map = { - "emails": {"key": "emails", "type": "[str]"}, - "dns_names": {"key": "dns_names", "type": "[str]"}, - "upns": {"key": "upns", "type": "[str]"}, - } - - def __init__( - self, - *, - emails: Optional[List[str]] = None, - dns_names: Optional[List[str]] = None, - upns: Optional[List[str]] = None, - **kwargs: Any - ) -> None: - """ - :keyword emails: Email addresses. - :paramtype emails: list[str] - :keyword dns_names: Domain names. - :paramtype dns_names: list[str] - :keyword upns: User principal names. - :paramtype upns: list[str] - """ - super().__init__(**kwargs) - self.emails = emails - self.dns_names = dns_names - self.upns = upns - - -class Trigger(_serialization.Model): - """A condition to be satisfied for an action to be executed. - - :ivar lifetime_percentage: Percentage of lifetime at which to trigger. Value should be between - 1 and 99. - :vartype lifetime_percentage: int - :ivar days_before_expiry: Days before expiry to attempt renewal. Value should be between 1 and - validity_in_months multiplied by 27. If validity_in_months is 36, then value should be between - 1 and 972 (36 * 27). - :vartype days_before_expiry: int - """ - - _validation = { - "lifetime_percentage": {"maximum": 99, "minimum": 1}, - } - - _attribute_map = { - "lifetime_percentage": {"key": "lifetime_percentage", "type": "int"}, - "days_before_expiry": {"key": "days_before_expiry", "type": "int"}, - } - - def __init__( - self, *, lifetime_percentage: Optional[int] = None, days_before_expiry: Optional[int] = None, **kwargs: Any - ) -> None: - """ - :keyword lifetime_percentage: Percentage of lifetime at which to trigger. Value should be - between 1 and 99. - :paramtype lifetime_percentage: int - :keyword days_before_expiry: Days before expiry to attempt renewal. Value should be between 1 - and validity_in_months multiplied by 27. If validity_in_months is 36, then value should be - between 1 and 972 (36 * 27). - :paramtype days_before_expiry: int - """ - super().__init__(**kwargs) - self.lifetime_percentage = lifetime_percentage - self.days_before_expiry = days_before_expiry - - -class X509CertificateProperties(_serialization.Model): - """Properties of the X509 component of a certificate. - - :ivar subject: The subject name. Should be a valid X509 distinguished Name. - :vartype subject: str - :ivar ekus: The enhanced key usage. - :vartype ekus: list[str] - :ivar subject_alternative_names: The subject alternative names. - :vartype subject_alternative_names: ~azure.keyvault.v7_5.models.SubjectAlternativeNames - :ivar key_usage: Defines how the certificate's key may be used. - :vartype key_usage: list[str or ~azure.keyvault.v7_5.models.KeyUsageType] - :ivar validity_in_months: The duration that the certificate is valid in months. - :vartype validity_in_months: int - """ - - _validation = { - "validity_in_months": {"minimum": 0}, - } - - _attribute_map = { - "subject": {"key": "subject", "type": "str"}, - "ekus": {"key": "ekus", "type": "[str]"}, - "subject_alternative_names": {"key": "sans", "type": "SubjectAlternativeNames"}, - "key_usage": {"key": "key_usage", "type": "[str]"}, - "validity_in_months": {"key": "validity_months", "type": "int"}, - } - - def __init__( - self, - *, - subject: Optional[str] = None, - ekus: Optional[List[str]] = None, - subject_alternative_names: Optional["_models.SubjectAlternativeNames"] = None, - key_usage: Optional[List[Union[str, "_models.KeyUsageType"]]] = None, - validity_in_months: Optional[int] = None, - **kwargs: Any - ) -> None: - """ - :keyword subject: The subject name. Should be a valid X509 distinguished Name. - :paramtype subject: str - :keyword ekus: The enhanced key usage. - :paramtype ekus: list[str] - :keyword subject_alternative_names: The subject alternative names. - :paramtype subject_alternative_names: ~azure.keyvault.v7_5.models.SubjectAlternativeNames - :keyword key_usage: Defines how the certificate's key may be used. - :paramtype key_usage: list[str or ~azure.keyvault.v7_5.models.KeyUsageType] - :keyword validity_in_months: The duration that the certificate is valid in months. - :paramtype validity_in_months: int - """ - super().__init__(**kwargs) - self.subject = subject - self.ekus = ekus - self.subject_alternative_names = subject_alternative_names - self.key_usage = key_usage - self.validity_in_months = validity_in_months diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/py.typed b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/py.typed deleted file mode 100644 index e5aff4f83af8..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/py.typed +++ /dev/null @@ -1 +0,0 @@ -# Marker file for PEP 561. \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_model_base.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_model_base.py new file mode 100644 index 000000000000..7f73b97b23ef --- /dev/null +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_model_base.py @@ -0,0 +1,1175 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# -------------------------------------------------------------------------- +# pylint: disable=protected-access, broad-except + +import copy +import calendar +import decimal +import functools +import sys +import logging +import base64 +import re +import typing +import enum +import email.utils +from datetime import datetime, date, time, timedelta, timezone +from json import JSONEncoder +import xml.etree.ElementTree as ET +from typing_extensions import Self +import isodate +from azure.core.exceptions import DeserializationError +from azure.core import CaseInsensitiveEnumMeta +from azure.core.pipeline import PipelineResponse +from azure.core.serialization import _Null + +if sys.version_info >= (3, 9): + from collections.abc import MutableMapping +else: + from typing import MutableMapping + +_LOGGER = logging.getLogger(__name__) + +__all__ = ["SdkJSONEncoder", "Model", "rest_field", "rest_discriminator"] + +TZ_UTC = timezone.utc +_T = typing.TypeVar("_T") + + +def _timedelta_as_isostr(td: timedelta) -> str: + """Converts a datetime.timedelta object into an ISO 8601 formatted string, e.g. 'P4DT12H30M05S' + + Function adapted from the Tin Can Python project: https://github.com/RusticiSoftware/TinCanPython + + :param timedelta td: The timedelta to convert + :rtype: str + :return: ISO8601 version of this timedelta + """ + + # Split seconds to larger units + seconds = td.total_seconds() + minutes, seconds = divmod(seconds, 60) + hours, minutes = divmod(minutes, 60) + days, hours = divmod(hours, 24) + + days, hours, minutes = list(map(int, (days, hours, minutes))) + seconds = round(seconds, 6) + + # Build date + date_str = "" + if days: + date_str = "%sD" % days + + if hours or minutes or seconds: + # Build time + time_str = "T" + + # Hours + bigger_exists = date_str or hours + if bigger_exists: + time_str += "{:02}H".format(hours) + + # Minutes + bigger_exists = bigger_exists or minutes + if bigger_exists: + time_str += "{:02}M".format(minutes) + + # Seconds + try: + if seconds.is_integer(): + seconds_string = "{:02}".format(int(seconds)) + else: + # 9 chars long w/ leading 0, 6 digits after decimal + seconds_string = "%09.6f" % seconds + # Remove trailing zeros + seconds_string = seconds_string.rstrip("0") + except AttributeError: # int.is_integer() raises + seconds_string = "{:02}".format(seconds) + + time_str += "{}S".format(seconds_string) + else: + time_str = "" + + return "P" + date_str + time_str + + +def _serialize_bytes(o, format: typing.Optional[str] = None) -> str: + encoded = base64.b64encode(o).decode() + if format == "base64url": + return encoded.strip("=").replace("+", "-").replace("/", "_") + return encoded + + +def _serialize_datetime(o, format: typing.Optional[str] = None): + if hasattr(o, "year") and hasattr(o, "hour"): + if format == "rfc7231": + return email.utils.format_datetime(o, usegmt=True) + if format == "unix-timestamp": + return int(calendar.timegm(o.utctimetuple())) + + # astimezone() fails for naive times in Python 2.7, so make make sure o is aware (tzinfo is set) + if not o.tzinfo: + iso_formatted = o.replace(tzinfo=TZ_UTC).isoformat() + else: + iso_formatted = o.astimezone(TZ_UTC).isoformat() + # Replace the trailing "+00:00" UTC offset with "Z" (RFC 3339: https://www.ietf.org/rfc/rfc3339.txt) + return iso_formatted.replace("+00:00", "Z") + # Next try datetime.date or datetime.time + return o.isoformat() + + +def _is_readonly(p): + try: + return p._visibility == ["read"] + except AttributeError: + return False + + +class SdkJSONEncoder(JSONEncoder): + """A JSON encoder that's capable of serializing datetime objects and bytes.""" + + def __init__(self, *args, exclude_readonly: bool = False, format: typing.Optional[str] = None, **kwargs): + super().__init__(*args, **kwargs) + self.exclude_readonly = exclude_readonly + self.format = format + + def default(self, o): # pylint: disable=too-many-return-statements + if _is_model(o): + if self.exclude_readonly: + readonly_props = [p._rest_name for p in o._attr_to_rest_field.values() if _is_readonly(p)] + return {k: v for k, v in o.items() if k not in readonly_props} + return dict(o.items()) + try: + return super(SdkJSONEncoder, self).default(o) + except TypeError: + if isinstance(o, _Null): + return None + if isinstance(o, decimal.Decimal): + return float(o) + if isinstance(o, (bytes, bytearray)): + return _serialize_bytes(o, self.format) + try: + # First try datetime.datetime + return _serialize_datetime(o, self.format) + except AttributeError: + pass + # Last, try datetime.timedelta + try: + return _timedelta_as_isostr(o) + except AttributeError: + # This will be raised when it hits value.total_seconds in the method above + pass + return super(SdkJSONEncoder, self).default(o) + + +_VALID_DATE = re.compile(r"\d{4}[-]\d{2}[-]\d{2}T\d{2}:\d{2}:\d{2}" + r"\.?\d*Z?[-+]?[\d{2}]?:?[\d{2}]?") +_VALID_RFC7231 = re.compile( + r"(Mon|Tue|Wed|Thu|Fri|Sat|Sun),\s\d{2}\s" + r"(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s\d{4}\s\d{2}:\d{2}:\d{2}\sGMT" +) + + +def _deserialize_datetime(attr: typing.Union[str, datetime]) -> datetime: + """Deserialize ISO-8601 formatted string into Datetime object. + + :param str attr: response string to be deserialized. + :rtype: ~datetime.datetime + :returns: The datetime object from that input + """ + if isinstance(attr, datetime): + # i'm already deserialized + return attr + attr = attr.upper() + match = _VALID_DATE.match(attr) + if not match: + raise ValueError("Invalid datetime string: " + attr) + + check_decimal = attr.split(".") + if len(check_decimal) > 1: + decimal_str = "" + for digit in check_decimal[1]: + if digit.isdigit(): + decimal_str += digit + else: + break + if len(decimal_str) > 6: + attr = attr.replace(decimal_str, decimal_str[0:6]) + + date_obj = isodate.parse_datetime(attr) + test_utc = date_obj.utctimetuple() + if test_utc.tm_year > 9999 or test_utc.tm_year < 1: + raise OverflowError("Hit max or min date") + return date_obj + + +def _deserialize_datetime_rfc7231(attr: typing.Union[str, datetime]) -> datetime: + """Deserialize RFC7231 formatted string into Datetime object. + + :param str attr: response string to be deserialized. + :rtype: ~datetime.datetime + :returns: The datetime object from that input + """ + if isinstance(attr, datetime): + # i'm already deserialized + return attr + match = _VALID_RFC7231.match(attr) + if not match: + raise ValueError("Invalid datetime string: " + attr) + + return email.utils.parsedate_to_datetime(attr) + + +def _deserialize_datetime_unix_timestamp(attr: typing.Union[float, datetime]) -> datetime: + """Deserialize unix timestamp into Datetime object. + + :param str attr: response string to be deserialized. + :rtype: ~datetime.datetime + :returns: The datetime object from that input + """ + if isinstance(attr, datetime): + # i'm already deserialized + return attr + return datetime.fromtimestamp(attr, TZ_UTC) + + +def _deserialize_date(attr: typing.Union[str, date]) -> date: + """Deserialize ISO-8601 formatted string into Date object. + :param str attr: response string to be deserialized. + :rtype: date + :returns: The date object from that input + """ + # This must NOT use defaultmonth/defaultday. Using None ensure this raises an exception. + if isinstance(attr, date): + return attr + return isodate.parse_date(attr, defaultmonth=None, defaultday=None) # type: ignore + + +def _deserialize_time(attr: typing.Union[str, time]) -> time: + """Deserialize ISO-8601 formatted string into time object. + + :param str attr: response string to be deserialized. + :rtype: datetime.time + :returns: The time object from that input + """ + if isinstance(attr, time): + return attr + return isodate.parse_time(attr) + + +def _deserialize_bytes(attr): + if isinstance(attr, (bytes, bytearray)): + return attr + return bytes(base64.b64decode(attr)) + + +def _deserialize_bytes_base64(attr): + if isinstance(attr, (bytes, bytearray)): + return attr + padding = "=" * (3 - (len(attr) + 3) % 4) # type: ignore + attr = attr + padding # type: ignore + encoded = attr.replace("-", "+").replace("_", "/") + return bytes(base64.b64decode(encoded)) + + +def _deserialize_duration(attr): + if isinstance(attr, timedelta): + return attr + return isodate.parse_duration(attr) + + +def _deserialize_decimal(attr): + if isinstance(attr, decimal.Decimal): + return attr + return decimal.Decimal(str(attr)) + + +def _deserialize_int_as_str(attr): + if isinstance(attr, int): + return attr + return int(attr) + + +_DESERIALIZE_MAPPING = { + datetime: _deserialize_datetime, + date: _deserialize_date, + time: _deserialize_time, + bytes: _deserialize_bytes, + bytearray: _deserialize_bytes, + timedelta: _deserialize_duration, + typing.Any: lambda x: x, + decimal.Decimal: _deserialize_decimal, +} + +_DESERIALIZE_MAPPING_WITHFORMAT = { + "rfc3339": _deserialize_datetime, + "rfc7231": _deserialize_datetime_rfc7231, + "unix-timestamp": _deserialize_datetime_unix_timestamp, + "base64": _deserialize_bytes, + "base64url": _deserialize_bytes_base64, +} + + +def get_deserializer(annotation: typing.Any, rf: typing.Optional["_RestField"] = None): + if annotation is int and rf and rf._format == "str": + return _deserialize_int_as_str + if rf and rf._format: + return _DESERIALIZE_MAPPING_WITHFORMAT.get(rf._format) + return _DESERIALIZE_MAPPING.get(annotation) # pyright: ignore + + +def _get_type_alias_type(module_name: str, alias_name: str): + types = { + k: v + for k, v in sys.modules[module_name].__dict__.items() + if isinstance(v, typing._GenericAlias) # type: ignore + } + if alias_name not in types: + return alias_name + return types[alias_name] + + +def _get_model(module_name: str, model_name: str): + models = {k: v for k, v in sys.modules[module_name].__dict__.items() if isinstance(v, type)} + module_end = module_name.rsplit(".", 1)[0] + models.update({k: v for k, v in sys.modules[module_end].__dict__.items() if isinstance(v, type)}) + if isinstance(model_name, str): + model_name = model_name.split(".")[-1] + if model_name not in models: + return model_name + return models[model_name] + + +_UNSET = object() + + +class _MyMutableMapping(MutableMapping[str, typing.Any]): # pylint: disable=unsubscriptable-object + def __init__(self, data: typing.Dict[str, typing.Any]) -> None: + self._data = data + + def __contains__(self, key: typing.Any) -> bool: + return key in self._data + + def __getitem__(self, key: str) -> typing.Any: + return self._data.__getitem__(key) + + def __setitem__(self, key: str, value: typing.Any) -> None: + self._data.__setitem__(key, value) + + def __delitem__(self, key: str) -> None: + self._data.__delitem__(key) + + def __iter__(self) -> typing.Iterator[typing.Any]: + return self._data.__iter__() + + def __len__(self) -> int: + return self._data.__len__() + + def __ne__(self, other: typing.Any) -> bool: + return not self.__eq__(other) + + def keys(self) -> typing.KeysView[str]: + return self._data.keys() + + def values(self) -> typing.ValuesView[typing.Any]: + return self._data.values() + + def items(self) -> typing.ItemsView[str, typing.Any]: + return self._data.items() + + def get(self, key: str, default: typing.Any = None) -> typing.Any: + try: + return self[key] + except KeyError: + return default + + @typing.overload + def pop(self, key: str) -> typing.Any: ... + + @typing.overload + def pop(self, key: str, default: _T) -> _T: ... + + @typing.overload + def pop(self, key: str, default: typing.Any) -> typing.Any: ... + + def pop(self, key: str, default: typing.Any = _UNSET) -> typing.Any: + if default is _UNSET: + return self._data.pop(key) + return self._data.pop(key, default) + + def popitem(self) -> typing.Tuple[str, typing.Any]: + return self._data.popitem() + + def clear(self) -> None: + self._data.clear() + + def update(self, *args: typing.Any, **kwargs: typing.Any) -> None: + self._data.update(*args, **kwargs) + + @typing.overload + def setdefault(self, key: str, default: None = None) -> None: ... + + @typing.overload + def setdefault(self, key: str, default: typing.Any) -> typing.Any: ... + + def setdefault(self, key: str, default: typing.Any = _UNSET) -> typing.Any: + if default is _UNSET: + return self._data.setdefault(key) + return self._data.setdefault(key, default) + + def __eq__(self, other: typing.Any) -> bool: + try: + other_model = self.__class__(other) + except Exception: + return False + return self._data == other_model._data + + def __repr__(self) -> str: + return str(self._data) + + +def _is_model(obj: typing.Any) -> bool: + return getattr(obj, "_is_model", False) + + +def _serialize(o, format: typing.Optional[str] = None): # pylint: disable=too-many-return-statements + if isinstance(o, list): + return [_serialize(x, format) for x in o] + if isinstance(o, dict): + return {k: _serialize(v, format) for k, v in o.items()} + if isinstance(o, set): + return {_serialize(x, format) for x in o} + if isinstance(o, tuple): + return tuple(_serialize(x, format) for x in o) + if isinstance(o, (bytes, bytearray)): + return _serialize_bytes(o, format) + if isinstance(o, decimal.Decimal): + return float(o) + if isinstance(o, enum.Enum): + return o.value + if isinstance(o, int): + if format == "str": + return str(o) + return o + try: + # First try datetime.datetime + return _serialize_datetime(o, format) + except AttributeError: + pass + # Last, try datetime.timedelta + try: + return _timedelta_as_isostr(o) + except AttributeError: + # This will be raised when it hits value.total_seconds in the method above + pass + return o + + +def _get_rest_field( + attr_to_rest_field: typing.Dict[str, "_RestField"], rest_name: str +) -> typing.Optional["_RestField"]: + try: + return next(rf for rf in attr_to_rest_field.values() if rf._rest_name == rest_name) + except StopIteration: + return None + + +def _create_value(rf: typing.Optional["_RestField"], value: typing.Any) -> typing.Any: + if not rf: + return _serialize(value, None) + if rf._is_multipart_file_input: + return value + if rf._is_model: + return _deserialize(rf._type, value) + if isinstance(value, ET.Element): + value = _deserialize(rf._type, value) + return _serialize(value, rf._format) + + +class Model(_MyMutableMapping): + _is_model = True + # label whether current class's _attr_to_rest_field has been calculated + # could not see _attr_to_rest_field directly because subclass inherits it from parent class + _calculated: typing.Set[str] = set() + + def __init__(self, *args: typing.Any, **kwargs: typing.Any) -> None: + class_name = self.__class__.__name__ + if len(args) > 1: + raise TypeError(f"{class_name}.__init__() takes 2 positional arguments but {len(args) + 1} were given") + dict_to_pass = { + rest_field._rest_name: rest_field._default + for rest_field in self._attr_to_rest_field.values() + if rest_field._default is not _UNSET + } + if args: # pylint: disable=too-many-nested-blocks + if isinstance(args[0], ET.Element): + existed_attr_keys = [] + model_meta = getattr(self, "_xml", {}) + + for rf in self._attr_to_rest_field.values(): + prop_meta = getattr(rf, "_xml", {}) + xml_name = prop_meta.get("name", rf._rest_name) + xml_ns = prop_meta.get("ns", model_meta.get("ns", None)) + if xml_ns: + xml_name = "{" + xml_ns + "}" + xml_name + + # attribute + if prop_meta.get("attribute", False) and args[0].get(xml_name) is not None: + existed_attr_keys.append(xml_name) + dict_to_pass[rf._rest_name] = _deserialize(rf._type, args[0].get(xml_name)) + continue + + # unwrapped element is array + if prop_meta.get("unwrapped", False): + # unwrapped array could either use prop items meta/prop meta + if prop_meta.get("itemsName"): + xml_name = prop_meta.get("itemsName") + xml_ns = prop_meta.get("itemNs") + if xml_ns: + xml_name = "{" + xml_ns + "}" + xml_name + items = args[0].findall(xml_name) # pyright: ignore + if len(items) > 0: + existed_attr_keys.append(xml_name) + dict_to_pass[rf._rest_name] = _deserialize(rf._type, items) + continue + + # text element is primitive type + if prop_meta.get("text", False): + if args[0].text is not None: + dict_to_pass[rf._rest_name] = _deserialize(rf._type, args[0].text) + continue + + # wrapped element could be normal property or array, it should only have one element + item = args[0].find(xml_name) + if item is not None: + existed_attr_keys.append(xml_name) + dict_to_pass[rf._rest_name] = _deserialize(rf._type, item) + + # rest thing is additional properties + for e in args[0]: + if e.tag not in existed_attr_keys: + dict_to_pass[e.tag] = _convert_element(e) + else: + dict_to_pass.update( + {k: _create_value(_get_rest_field(self._attr_to_rest_field, k), v) for k, v in args[0].items()} + ) + else: + non_attr_kwargs = [k for k in kwargs if k not in self._attr_to_rest_field] + if non_attr_kwargs: + # actual type errors only throw the first wrong keyword arg they see, so following that. + raise TypeError(f"{class_name}.__init__() got an unexpected keyword argument '{non_attr_kwargs[0]}'") + dict_to_pass.update( + { + self._attr_to_rest_field[k]._rest_name: _create_value(self._attr_to_rest_field[k], v) + for k, v in kwargs.items() + if v is not None + } + ) + super().__init__(dict_to_pass) + + def copy(self) -> "Model": + return Model(self.__dict__) + + def __new__(cls, *args: typing.Any, **kwargs: typing.Any) -> Self: + if f"{cls.__module__}.{cls.__qualname__}" not in cls._calculated: + # we know the last nine classes in mro are going to be 'Model', '_MyMutableMapping', 'MutableMapping', + # 'Mapping', 'Collection', 'Sized', 'Iterable', 'Container' and 'object' + mros = cls.__mro__[:-9][::-1] # ignore parents, and reverse the mro order + attr_to_rest_field: typing.Dict[str, _RestField] = { # map attribute name to rest_field property + k: v for mro_class in mros for k, v in mro_class.__dict__.items() if k[0] != "_" and hasattr(v, "_type") + } + annotations = { + k: v + for mro_class in mros + if hasattr(mro_class, "__annotations__") + for k, v in mro_class.__annotations__.items() + } + for attr, rf in attr_to_rest_field.items(): + rf._module = cls.__module__ + if not rf._type: + rf._type = rf._get_deserialize_callable_from_annotation(annotations.get(attr, None)) + if not rf._rest_name_input: + rf._rest_name_input = attr + cls._attr_to_rest_field: typing.Dict[str, _RestField] = dict(attr_to_rest_field.items()) + cls._calculated.add(f"{cls.__module__}.{cls.__qualname__}") + + return super().__new__(cls) # pylint: disable=no-value-for-parameter + + def __init_subclass__(cls, discriminator: typing.Optional[str] = None) -> None: + for base in cls.__bases__: + if hasattr(base, "__mapping__"): + base.__mapping__[discriminator or cls.__name__] = cls # type: ignore + + @classmethod + def _get_discriminator(cls, exist_discriminators) -> typing.Optional["_RestField"]: + for v in cls.__dict__.values(): + if isinstance(v, _RestField) and v._is_discriminator and v._rest_name not in exist_discriminators: + return v + return None + + @classmethod + def _deserialize(cls, data, exist_discriminators): + if not hasattr(cls, "__mapping__"): + return cls(data) + discriminator = cls._get_discriminator(exist_discriminators) + if discriminator is None: + return cls(data) + exist_discriminators.append(discriminator._rest_name) + if isinstance(data, ET.Element): + model_meta = getattr(cls, "_xml", {}) + prop_meta = getattr(discriminator, "_xml", {}) + xml_name = prop_meta.get("name", discriminator._rest_name) + xml_ns = prop_meta.get("ns", model_meta.get("ns", None)) + if xml_ns: + xml_name = "{" + xml_ns + "}" + xml_name + + if data.get(xml_name) is not None: + discriminator_value = data.get(xml_name) + else: + discriminator_value = data.find(xml_name).text # pyright: ignore + else: + discriminator_value = data.get(discriminator._rest_name) + mapped_cls = cls.__mapping__.get(discriminator_value, cls) # pyright: ignore + return mapped_cls._deserialize(data, exist_discriminators) + + def as_dict(self, *, exclude_readonly: bool = False) -> typing.Dict[str, typing.Any]: + """Return a dict that can be turned into json using json.dump. + + :keyword bool exclude_readonly: Whether to remove the readonly properties. + :returns: A dict JSON compatible object + :rtype: dict + """ + + result = {} + readonly_props = [] + if exclude_readonly: + readonly_props = [p._rest_name for p in self._attr_to_rest_field.values() if _is_readonly(p)] + for k, v in self.items(): + if exclude_readonly and k in readonly_props: # pyright: ignore + continue + is_multipart_file_input = False + try: + is_multipart_file_input = next( + rf for rf in self._attr_to_rest_field.values() if rf._rest_name == k + )._is_multipart_file_input + except StopIteration: + pass + result[k] = v if is_multipart_file_input else Model._as_dict_value(v, exclude_readonly=exclude_readonly) + return result + + @staticmethod + def _as_dict_value(v: typing.Any, exclude_readonly: bool = False) -> typing.Any: + if v is None or isinstance(v, _Null): + return None + if isinstance(v, (list, tuple, set)): + return type(v)(Model._as_dict_value(x, exclude_readonly=exclude_readonly) for x in v) + if isinstance(v, dict): + return {dk: Model._as_dict_value(dv, exclude_readonly=exclude_readonly) for dk, dv in v.items()} + return v.as_dict(exclude_readonly=exclude_readonly) if hasattr(v, "as_dict") else v + + +def _deserialize_model(model_deserializer: typing.Optional[typing.Callable], obj): + if _is_model(obj): + return obj + return _deserialize(model_deserializer, obj) + + +def _deserialize_with_optional(if_obj_deserializer: typing.Optional[typing.Callable], obj): + if obj is None: + return obj + return _deserialize_with_callable(if_obj_deserializer, obj) + + +def _deserialize_with_union(deserializers, obj): + for deserializer in deserializers: + try: + return _deserialize(deserializer, obj) + except DeserializationError: + pass + raise DeserializationError() + + +def _deserialize_dict( + value_deserializer: typing.Optional[typing.Callable], + module: typing.Optional[str], + obj: typing.Dict[typing.Any, typing.Any], +): + if obj is None: + return obj + if isinstance(obj, ET.Element): + obj = {child.tag: child for child in obj} + return {k: _deserialize(value_deserializer, v, module) for k, v in obj.items()} + + +def _deserialize_multiple_sequence( + entry_deserializers: typing.List[typing.Optional[typing.Callable]], + module: typing.Optional[str], + obj, +): + if obj is None: + return obj + return type(obj)(_deserialize(deserializer, entry, module) for entry, deserializer in zip(obj, entry_deserializers)) + + +def _deserialize_sequence( + deserializer: typing.Optional[typing.Callable], + module: typing.Optional[str], + obj, +): + if obj is None: + return obj + if isinstance(obj, ET.Element): + obj = list(obj) + return type(obj)(_deserialize(deserializer, entry, module) for entry in obj) + + +def _sorted_annotations(types: typing.List[typing.Any]) -> typing.List[typing.Any]: + return sorted( + types, + key=lambda x: hasattr(x, "__name__") and x.__name__.lower() in ("str", "float", "int", "bool"), + ) + + +def _get_deserialize_callable_from_annotation( # pylint: disable=too-many-return-statements, too-many-branches + annotation: typing.Any, + module: typing.Optional[str], + rf: typing.Optional["_RestField"] = None, +) -> typing.Optional[typing.Callable[[typing.Any], typing.Any]]: + if not annotation: + return None + + # is it a type alias? + if isinstance(annotation, str): + if module is not None: + annotation = _get_type_alias_type(module, annotation) + + # is it a forward ref / in quotes? + if isinstance(annotation, (str, typing.ForwardRef)): + try: + model_name = annotation.__forward_arg__ # type: ignore + except AttributeError: + model_name = annotation + if module is not None: + annotation = _get_model(module, model_name) # type: ignore + + try: + if module and _is_model(annotation): + if rf: + rf._is_model = True + + return functools.partial(_deserialize_model, annotation) # pyright: ignore + except Exception: + pass + + # is it a literal? + try: + if annotation.__origin__ is typing.Literal: # pyright: ignore + return None + except AttributeError: + pass + + # is it optional? + try: + if any(a for a in annotation.__args__ if a == type(None)): # pyright: ignore + if len(annotation.__args__) <= 2: # pyright: ignore + if_obj_deserializer = _get_deserialize_callable_from_annotation( + next(a for a in annotation.__args__ if a != type(None)), module, rf # pyright: ignore + ) + + return functools.partial(_deserialize_with_optional, if_obj_deserializer) + # the type is Optional[Union[...]], we need to remove the None type from the Union + annotation_copy = copy.copy(annotation) + annotation_copy.__args__ = [a for a in annotation_copy.__args__ if a != type(None)] # pyright: ignore + return _get_deserialize_callable_from_annotation(annotation_copy, module, rf) + except AttributeError: + pass + + # is it union? + if getattr(annotation, "__origin__", None) is typing.Union: + # initial ordering is we make `string` the last deserialization option, because it is often them most generic + deserializers = [ + _get_deserialize_callable_from_annotation(arg, module, rf) + for arg in _sorted_annotations(annotation.__args__) # pyright: ignore + ] + + return functools.partial(_deserialize_with_union, deserializers) + + try: + if annotation._name == "Dict": # pyright: ignore + value_deserializer = _get_deserialize_callable_from_annotation( + annotation.__args__[1], module, rf # pyright: ignore + ) + + return functools.partial( + _deserialize_dict, + value_deserializer, + module, + ) + except (AttributeError, IndexError): + pass + try: + if annotation._name in ["List", "Set", "Tuple", "Sequence"]: # pyright: ignore + if len(annotation.__args__) > 1: # pyright: ignore + entry_deserializers = [ + _get_deserialize_callable_from_annotation(dt, module, rf) + for dt in annotation.__args__ # pyright: ignore + ] + return functools.partial(_deserialize_multiple_sequence, entry_deserializers, module) + deserializer = _get_deserialize_callable_from_annotation( + annotation.__args__[0], module, rf # pyright: ignore + ) + + return functools.partial(_deserialize_sequence, deserializer, module) + except (TypeError, IndexError, AttributeError, SyntaxError): + pass + + def _deserialize_default( + deserializer, + obj, + ): + if obj is None: + return obj + try: + return _deserialize_with_callable(deserializer, obj) + except Exception: + pass + return obj + + if get_deserializer(annotation, rf): + return functools.partial(_deserialize_default, get_deserializer(annotation, rf)) + + return functools.partial(_deserialize_default, annotation) + + +def _deserialize_with_callable( + deserializer: typing.Optional[typing.Callable[[typing.Any], typing.Any]], + value: typing.Any, +): # pylint: disable=too-many-return-statements + try: + if value is None or isinstance(value, _Null): + return None + if isinstance(value, ET.Element): + if deserializer is str: + return value.text or "" + if deserializer is int: + return int(value.text) if value.text else None + if deserializer is float: + return float(value.text) if value.text else None + if deserializer is bool: + return value.text == "true" if value.text else None + if deserializer is None: + return value + if deserializer in [int, float, bool]: + return deserializer(value) + if isinstance(deserializer, CaseInsensitiveEnumMeta): + try: + return deserializer(value) + except ValueError: + # for unknown value, return raw value + return value + if isinstance(deserializer, type) and issubclass(deserializer, Model): + return deserializer._deserialize(value, []) + return typing.cast(typing.Callable[[typing.Any], typing.Any], deserializer)(value) + except Exception as e: + raise DeserializationError() from e + + +def _deserialize( + deserializer: typing.Any, + value: typing.Any, + module: typing.Optional[str] = None, + rf: typing.Optional["_RestField"] = None, + format: typing.Optional[str] = None, +) -> typing.Any: + if isinstance(value, PipelineResponse): + value = value.http_response.json() + if rf is None and format: + rf = _RestField(format=format) + if not isinstance(deserializer, functools.partial): + deserializer = _get_deserialize_callable_from_annotation(deserializer, module, rf) + return _deserialize_with_callable(deserializer, value) + + +def _failsafe_deserialize( + deserializer: typing.Any, + value: typing.Any, + module: typing.Optional[str] = None, + rf: typing.Optional["_RestField"] = None, + format: typing.Optional[str] = None, +) -> typing.Any: + try: + return _deserialize(deserializer, value, module, rf, format) + except DeserializationError: + _LOGGER.warning( + "Ran into a deserialization error. Ignoring since this is failsafe deserialization", exc_info=True + ) + return None + + +class _RestField: + def __init__( + self, + *, + name: typing.Optional[str] = None, + type: typing.Optional[typing.Callable] = None, # pylint: disable=redefined-builtin + is_discriminator: bool = False, + visibility: typing.Optional[typing.List[str]] = None, + default: typing.Any = _UNSET, + format: typing.Optional[str] = None, + is_multipart_file_input: bool = False, + xml: typing.Optional[typing.Dict[str, typing.Any]] = None, + ): + self._type = type + self._rest_name_input = name + self._module: typing.Optional[str] = None + self._is_discriminator = is_discriminator + self._visibility = visibility + self._is_model = False + self._default = default + self._format = format + self._is_multipart_file_input = is_multipart_file_input + self._xml = xml if xml is not None else {} + + @property + def _class_type(self) -> typing.Any: + return getattr(self._type, "args", [None])[0] + + @property + def _rest_name(self) -> str: + if self._rest_name_input is None: + raise ValueError("Rest name was never set") + return self._rest_name_input + + def __get__(self, obj: Model, type=None): # pylint: disable=redefined-builtin + # by this point, type and rest_name will have a value bc we default + # them in __new__ of the Model class + item = obj.get(self._rest_name) + if item is None: + return item + if self._is_model: + return item + return _deserialize(self._type, _serialize(item, self._format), rf=self) + + def __set__(self, obj: Model, value) -> None: + if value is None: + # we want to wipe out entries if users set attr to None + try: + obj.__delitem__(self._rest_name) + except KeyError: + pass + return + if self._is_model: + if not _is_model(value): + value = _deserialize(self._type, value) + obj.__setitem__(self._rest_name, value) + return + obj.__setitem__(self._rest_name, _serialize(value, self._format)) + + def _get_deserialize_callable_from_annotation( + self, annotation: typing.Any + ) -> typing.Optional[typing.Callable[[typing.Any], typing.Any]]: + return _get_deserialize_callable_from_annotation(annotation, self._module, self) + + +def rest_field( + *, + name: typing.Optional[str] = None, + type: typing.Optional[typing.Callable] = None, # pylint: disable=redefined-builtin + visibility: typing.Optional[typing.List[str]] = None, + default: typing.Any = _UNSET, + format: typing.Optional[str] = None, + is_multipart_file_input: bool = False, + xml: typing.Optional[typing.Dict[str, typing.Any]] = None, +) -> typing.Any: + return _RestField( + name=name, + type=type, + visibility=visibility, + default=default, + format=format, + is_multipart_file_input=is_multipart_file_input, + xml=xml, + ) + + +def rest_discriminator( + *, + name: typing.Optional[str] = None, + type: typing.Optional[typing.Callable] = None, # pylint: disable=redefined-builtin + visibility: typing.Optional[typing.List[str]] = None, + xml: typing.Optional[typing.Dict[str, typing.Any]] = None, +) -> typing.Any: + return _RestField(name=name, type=type, is_discriminator=True, visibility=visibility, xml=xml) + + +def serialize_xml(model: Model, exclude_readonly: bool = False) -> str: + """Serialize a model to XML. + + :param Model model: The model to serialize. + :param bool exclude_readonly: Whether to exclude readonly properties. + :returns: The XML representation of the model. + :rtype: str + """ + return ET.tostring(_get_element(model, exclude_readonly), encoding="unicode") # type: ignore + + +def _get_element( + o: typing.Any, + exclude_readonly: bool = False, + parent_meta: typing.Optional[typing.Dict[str, typing.Any]] = None, + wrapped_element: typing.Optional[ET.Element] = None, +) -> typing.Union[ET.Element, typing.List[ET.Element]]: + if _is_model(o): + model_meta = getattr(o, "_xml", {}) + + # if prop is a model, then use the prop element directly, else generate a wrapper of model + if wrapped_element is None: + wrapped_element = _create_xml_element( + model_meta.get("name", o.__class__.__name__), + model_meta.get("prefix"), + model_meta.get("ns"), + ) + + readonly_props = [] + if exclude_readonly: + readonly_props = [p._rest_name for p in o._attr_to_rest_field.values() if _is_readonly(p)] + + for k, v in o.items(): + # do not serialize readonly properties + if exclude_readonly and k in readonly_props: + continue + + prop_rest_field = _get_rest_field(o._attr_to_rest_field, k) + if prop_rest_field: + prop_meta = getattr(prop_rest_field, "_xml").copy() + # use the wire name as xml name if no specific name is set + if prop_meta.get("name") is None: + prop_meta["name"] = k + else: + # additional properties will not have rest field, use the wire name as xml name + prop_meta = {"name": k} + + # if no ns for prop, use model's + if prop_meta.get("ns") is None and model_meta.get("ns"): + prop_meta["ns"] = model_meta.get("ns") + prop_meta["prefix"] = model_meta.get("prefix") + + if prop_meta.get("unwrapped", False): + # unwrapped could only set on array + wrapped_element.extend(_get_element(v, exclude_readonly, prop_meta)) + elif prop_meta.get("text", False): + # text could only set on primitive type + wrapped_element.text = _get_primitive_type_value(v) + elif prop_meta.get("attribute", False): + xml_name = prop_meta.get("name", k) + if prop_meta.get("ns"): + ET.register_namespace(prop_meta.get("prefix"), prop_meta.get("ns")) # pyright: ignore + xml_name = "{" + prop_meta.get("ns") + "}" + xml_name # pyright: ignore + # attribute should be primitive type + wrapped_element.set(xml_name, _get_primitive_type_value(v)) + else: + # other wrapped prop element + wrapped_element.append(_get_wrapped_element(v, exclude_readonly, prop_meta)) + return wrapped_element + if isinstance(o, list): + return [_get_element(x, exclude_readonly, parent_meta) for x in o] # type: ignore + if isinstance(o, dict): + result = [] + for k, v in o.items(): + result.append( + _get_wrapped_element( + v, + exclude_readonly, + { + "name": k, + "ns": parent_meta.get("ns") if parent_meta else None, + "prefix": parent_meta.get("prefix") if parent_meta else None, + }, + ) + ) + return result + + # primitive case need to create element based on parent_meta + if parent_meta: + return _get_wrapped_element( + o, + exclude_readonly, + { + "name": parent_meta.get("itemsName", parent_meta.get("name")), + "prefix": parent_meta.get("itemsPrefix", parent_meta.get("prefix")), + "ns": parent_meta.get("itemsNs", parent_meta.get("ns")), + }, + ) + + raise ValueError("Could not serialize value into xml: " + o) + + +def _get_wrapped_element( + v: typing.Any, + exclude_readonly: bool, + meta: typing.Optional[typing.Dict[str, typing.Any]], +) -> ET.Element: + wrapped_element = _create_xml_element( + meta.get("name") if meta else None, meta.get("prefix") if meta else None, meta.get("ns") if meta else None + ) + if isinstance(v, (dict, list)): + wrapped_element.extend(_get_element(v, exclude_readonly, meta)) + elif _is_model(v): + _get_element(v, exclude_readonly, meta, wrapped_element) + else: + wrapped_element.text = _get_primitive_type_value(v) + return wrapped_element + + +def _get_primitive_type_value(v) -> str: + if v is True: + return "true" + if v is False: + return "false" + if isinstance(v, _Null): + return "" + return str(v) + + +def _create_xml_element(tag, prefix=None, ns=None): + if prefix and ns: + ET.register_namespace(prefix, ns) + if ns: + return ET.Element("{" + ns + "}" + tag) + return ET.Element(tag) + + +def _deserialize_xml( + deserializer: typing.Any, + value: str, +) -> typing.Any: + element = ET.fromstring(value) # nosec + return _deserialize(deserializer, element) + + +def _convert_element(e: ET.Element): + # dict case + if len(e.attrib) > 0 or len({child.tag for child in e}) > 1: + dict_result: typing.Dict[str, typing.Any] = {} + for child in e: + if dict_result.get(child.tag) is not None: + if isinstance(dict_result[child.tag], list): + dict_result[child.tag].append(_convert_element(child)) + else: + dict_result[child.tag] = [dict_result[child.tag], _convert_element(child)] + else: + dict_result[child.tag] = _convert_element(child) + dict_result.update(e.attrib) + return dict_result + # array case + if len(e) > 0: + array_result: typing.List[typing.Any] = [] + for child in e: + array_result.append(_convert_element(child)) + return array_result + # primitive case + return e.text diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_models.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_models.py deleted file mode 100644 index 8c0b38554454..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_models.py +++ /dev/null @@ -1,1461 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -# pylint: disable=too-many-lines,too-many-public-methods -from datetime import datetime -from typing import Any, Dict, Optional, Union, List - -from ._generated import models -from ._shared import parse_key_vault_id -from ._enums import( - CertificatePolicyAction, - KeyUsageType, - KeyCurveName, - KeyType, - CertificateContentType, - WellKnownIssuerNames -) - - -class AdministratorContact(object): - """Details of the organization administrator of the certificate issuer. - - :param first_name: First name of the issuer. - :type first_name: str or None - :param last_name: Last name of the issuer. - :type last_name: str or None - :param email: email of the issuer. - :type email: str or None - :param phone: phone number of the issuer. - :type phone: str or None - """ - - def __init__( - self, - first_name: Optional[str] = None, - last_name: Optional[str] = None, - email: Optional[str] = None, - phone: Optional[str] = None, - ) -> None: - self._first_name = first_name - self._last_name = last_name - self._phone = phone - self._email = email - - def __repr__(self) -> str: - result = ( - f"AdministratorContact(first_name={self.first_name}, last_name={self.last_name}, " - + f"email={self.email}, phone={self.phone})" - ) - return result[:1024] - - @classmethod - def _from_admin_detail(cls, admin_detail: models.AdministratorDetails) -> "AdministratorContact": - return cls( - email=admin_detail.email_address, - first_name=admin_detail.first_name, - last_name=admin_detail.last_name, - phone=admin_detail.phone, - ) - - @property - def email(self) -> Optional[str]: - """:rtype: str or None""" - return self._email - - @property - def first_name(self) -> Optional[str]: - """:rtype: str or None""" - return self._first_name - - @property - def last_name(self) -> Optional[str]: - """:rtype: str or None""" - return self._last_name - - @property - def phone(self) -> Optional[str]: - """:rtype: str or None""" - return self._phone - - -class CertificateOperationError(object): - """The key vault server error. - - :param str code: The error code. - :param str message: The error message. - :param inner_error: The error object itself - :type inner_error: ~azure.keyvault.certificates.CertificateOperationError - """ - - def __init__(self, code: str, message: str, inner_error: "CertificateOperationError") -> None: - self._code = code - self._message = message - self._inner_error = inner_error - - def __repr__(self) -> str: - return f"CertificateOperationError({self.code}, {self.message}, {self.inner_error})"[:1024] - - @classmethod - def _from_error_bundle(cls, error_bundle: models.Error) -> "CertificateOperationError": - return cls( - code=error_bundle.code, # type: ignore - message=error_bundle.message, # type: ignore - inner_error=cls._from_error_bundle(error_bundle.inner_error) # type: ignore - ) - - @property - def code(self) -> str: - """The error code. - - :returns: The error code. - :rtype: str - """ - return self._code - - @property - def message(self) -> str: - """The error message. - - :returns: The error message. - :rtype: str - """ - return self._message - - @property - def inner_error(self) -> "CertificateOperationError": - """The error itself. - - :returns: The error itself. - :rtype: ~azure.keyvault.certificates.CertificateOperationError - """ - return self._inner_error - - -class CertificateProperties(object): - """Certificate properties consists of a certificates metadata.""" - - def __init__(self, **kwargs: Any) -> None: - self._attributes = kwargs.pop("attributes", None) - self._id = kwargs.pop("cert_id", None) - self._vault_id = KeyVaultCertificateIdentifier(self._id) - self._x509_thumbprint = kwargs.pop("x509_thumbprint", None) - self._tags = kwargs.pop("tags", None) - - def __repr__(self) -> str: - return f""[:1024] - - @classmethod - def _from_certificate_item( - cls, certificate_item: Union[models.CertificateItem, models.CertificateBundle] - ) -> "CertificateProperties": - return cls( - attributes=certificate_item.attributes, - cert_id=certificate_item.id, - x509_thumbprint=certificate_item.x509_thumbprint, - tags=certificate_item.tags, - ) - - @property - def id(self) -> str: - """The certificate identifier. - - :returns: The certificate identifier. - :rtype: str - """ - return self._id - - @property - def name(self) -> str: - """The name of the certificate. - - :returns: The name of the certificate. - :rtype: str - """ - return self._vault_id.name - - @property - def enabled(self) -> Optional[bool]: - """Whether the certificate is enabled or not. - - :returns: True if the certificate is enabled; False otherwise. - :rtype: bool or None - """ - return self._attributes.enabled if self._attributes else None - - @property - def not_before(self) -> Optional[datetime]: - """The datetime before which the certificate is not valid. - - :returns: A datetime representing the point in time when the certificate becomes valid. - :rtype: ~datetime.datetime or None - """ - return self._attributes.not_before if self._attributes else None - - @property - def expires_on(self) -> Optional[datetime]: - """The datetime when the certificate expires. - - :returns: A datetime representing the point in time when the certificate expires. - :rtype: ~datetime.datetime or None - """ - return self._attributes.expires if self._attributes else None - - @property - def created_on(self) -> Optional[datetime]: - """The datetime when the certificate is created. - - :returns: A datetime representing the certificate's creation time. - :rtype: ~datetime.datetime or None - """ - return self._attributes.created if self._attributes else None - - @property - def updated_on(self) -> Optional[datetime]: - """The datetime when the certificate was last updated. - - :returns: A datetime representing the time of the certificate's most recent update. - :rtype: ~datetime.datetime or None - """ - return self._attributes.updated if self._attributes else None - - @property - def recoverable_days(self) -> Optional[int]: - """The number of days the certificate is retained before being deleted from a soft-delete enabled Key Vault. - - :returns: The number of days remaining where the certificate can be restored. - :rtype: int or None - """ - # recoverable_days was added in 7.1-preview - if self._attributes and hasattr(self._attributes, "recoverable_days"): - return self._attributes.recoverable_days - return None - - @property - def recovery_level(self) -> Optional[models.DeletionRecoveryLevel]: - """The deletion recovery level currently in effect for the certificate. - - :returns: The deletion recovery level currently in effect for the certificate. - :rtype: models.DeletionRecoveryLevel or None - """ - return self._attributes.recovery_level if self._attributes else None - - @property - def vault_url(self) -> str: - """The URL of the vault containing the certificate. - - :returns: The URL of the vault containing the certificate. - :rtype: str - """ - return self._vault_id.vault_url - - @property - def x509_thumbprint(self) -> bytes: - """The certificate's thumbprint, in bytes. - - To get the thumbprint as a hexadecimal string, call ``.hex()`` on this property. - - :return: The certificate's thumbprint, in bytes. - :rtype: bytes - """ - return self._x509_thumbprint - - @property - def tags(self) -> Optional[Dict[str, str]]: - """Application specific metadata in the form of key-value pairs. - - :returns: A dictionary of tags attached to the certificate. - :rtype: dict[str, str] or None - """ - return self._tags - - @property - def version(self) -> Optional[str]: - """The version of the certificate. - - :returns: The version of the certificate. - :rtype: str or None - """ - return self._vault_id.version - - -class KeyVaultCertificate(object): - """Consists of a certificate and its attributes - - :param policy: The management policy for the certificate. - :type policy: ~azure.keyvault.certificates.CertificatePolicy or None - :param properties: The certificate's properties. - :type properties: ~azure.keyvault.certificates.CertificateProperties or None - :param cer: CER contents of the X509 certificate. - :type cer: bytearray or None - """ - - def __init__( - self, - policy: "Optional[CertificatePolicy]" = None, - properties: Optional[CertificateProperties] = None, - cer: Optional[bytearray] = None, - **kwargs: Any, - ) -> None: - self._properties = properties - self._key_id = kwargs.get("key_id", None) - self._secret_id = kwargs.get("secret_id", None) - self._policy = policy - self._cer = cer - - def __repr__(self) -> str: - return f""[:1024] - - @classmethod - def _from_certificate_bundle(cls, certificate_bundle: models.CertificateBundle) -> "KeyVaultCertificate": - # pylint:disable=protected-access - - if certificate_bundle.policy: - policy: Optional[CertificatePolicy] = CertificatePolicy._from_certificate_policy_bundle( - certificate_bundle.policy - ) - else: - policy = None - - return cls( - properties=CertificateProperties._from_certificate_item(certificate_bundle), - key_id=certificate_bundle.kid, - secret_id=certificate_bundle.sid, - policy=policy, - cer=certificate_bundle.cer, # type: ignore - ) - - @property - def id(self) -> Optional[str]: - """The certificate identifier. - - :returns: The certificate identifier. - :rtype: str or None - """ - return self._properties.id if self._properties else None - - @property - def name(self) -> Optional[str]: - """The name of the certificate. - - :returns: The name of the certificate. - :rtype: str or None - """ - return self._properties.name if self._properties else None - - @property - def properties(self) -> Optional[CertificateProperties]: - """The certificate's properties. - - :returns: The certificate's properties. - :rtype: ~azure.keyvault.certificates.CertificateProperties or None - """ - return self._properties - - @property - def key_id(self) -> Optional[str]: - """The ID of the key associated with the certificate. - - :returns: The ID of the key associated with the certificate. - :rtype: str or None - """ - return self._key_id - - @property - def secret_id(self) -> Optional[str]: - """The ID of the secret associated with the certificate. - - :returns: The ID of the secret associated with the certificate. - :rtype: str or None - """ - return self._secret_id - - @property - def policy(self) -> "Optional[CertificatePolicy]": - """The management policy of the certificate. - - :returns: The management policy of the certificate. - :rtype: ~azure.keyvault.certificates.CertificatePolicy or None - """ - return self._policy - - @property - def cer(self) -> Optional[bytearray]: - """The CER contents of the certificate. - - :returns: The CER contents of the certificate. - :rtype: bytearray or None - """ - return self._cer - - -class KeyVaultCertificateIdentifier(object): - """Information about a KeyVaultCertificate parsed from a certificate ID. - - :param str source_id: the full original identifier of a certificate - - :raises ValueError: if the certificate ID is improperly formatted - - Example: - .. literalinclude:: ../tests/test_parse_id.py - :start-after: [START parse_key_vault_certificate_id] - :end-before: [END parse_key_vault_certificate_id] - :language: python - :caption: Parse a certificate's ID - :dedent: 8 - """ - - def __init__(self, source_id: str) -> None: - self._resource_id = parse_key_vault_id(source_id) - - @property - def source_id(self) -> str: - return self._resource_id.source_id - - @property - def vault_url(self) -> str: - return self._resource_id.vault_url - - @property - def name(self) -> str: - return self._resource_id.name - - @property - def version(self) -> Optional[str]: - return self._resource_id.version - - -class CertificateOperation(object): - # pylint:disable=too-many-instance-attributes - """A certificate operation is returned in case of long running requests. - - :param cert_operation_id: The certificate id. - :type cert_operation_id: str or None - :param issuer_name: Name of the operation's issuer object or reserved names. - :type issuer_name: str or ~azure.keyvault.certificates.WellKnownIssuerNames or None - :param certificate_type: Type of certificate requested from the issuer provider. - :type certificate_type: str or None - :param certificate_transparency: Indicates if the certificate this operation is running for is published to - certificate transparency logs. Defaults to False. - :type certificate_transparency: bool or None - :param csr: The certificate signing request (CSR) that is being used in the certificate operation. - :type csr: bytes or None - :param cancellation_requested: Indicates if cancellation was requested on the certificate operation. Defaults - to False. - :type cancellation_requested: bool or None - :param status: Status of the certificate operation. - :type status: str or None - :param status_details: The status details of the certificate operation - :type status_details: str or None - :param error: Error encountered, if any, during the certificate operation. - :type error: ~azure.keyvault.certificates.CertificateOperationError or None - :param target: Location which contains the result of the certificate operation. - :type target: str or None - :param request_id: Identifier for the certificate operation. - :type request_id: str or None - """ - - def __init__( - self, - cert_operation_id: Optional[str] = None, - issuer_name: Optional[Union[str, WellKnownIssuerNames]] = None, - certificate_type: Optional[str] = None, - certificate_transparency: Optional[bool] = False, - csr: Optional[bytes] = None, - cancellation_requested: Optional[bool] = False, - status: Optional[str] = None, - status_details: Optional[str] = None, - error: Optional[CertificateOperationError] = None, - target: Optional[str] = None, - request_id: Optional[str] = None, - ) -> None: - self._id = cert_operation_id - self._vault_id = parse_key_vault_id(cert_operation_id) if cert_operation_id else None - self._issuer_name = issuer_name - self._certificate_type = certificate_type - self._certificate_transparency = certificate_transparency - self._csr = csr - self._cancellation_requested = cancellation_requested - self._status = status - self._status_details = status_details - self._error = error - self._target = target - self._request_id = request_id - - def __repr__(self) -> str: - return f""[:1024] - - @classmethod - def _from_certificate_operation_bundle( - cls, certificate_operation_bundle: models.CertificateOperation - ) -> "CertificateOperation": - - issuer_parameters = certificate_operation_bundle.issuer_parameters - return cls( - cert_operation_id=certificate_operation_bundle.id, - issuer_name=issuer_parameters.name if issuer_parameters else None, - certificate_type=( - certificate_operation_bundle.issuer_parameters.certificate_type - if certificate_operation_bundle.issuer_parameters - else None - ), - # 2016-10-01 IssuerParameters doesn't have certificate_transparency - certificate_transparency=getattr(issuer_parameters, "certificate_transparency", None), - csr=certificate_operation_bundle.csr, - cancellation_requested=certificate_operation_bundle.cancellation_requested, - status=certificate_operation_bundle.status, - status_details=certificate_operation_bundle.status_details, - error=(CertificateOperationError._from_error_bundle(certificate_operation_bundle.error) # pylint: disable=protected-access - if certificate_operation_bundle.error else None), - target=certificate_operation_bundle.target, - request_id=certificate_operation_bundle.request_id, - ) - - @property - def id(self) -> Optional[str]: - """The certificate ID. - - :returns: The certificate ID. - :rtype: str or None - """ - return self._id - - @property - def name(self) -> Optional[str]: - """The certificate name. - - :returns: The certificate name. - :rtype: str or None - """ - return self._vault_id.name if self._vault_id else None - - @property - def vault_url(self) -> Optional[str]: - """URL of the vault performing the certificate operation. - - :returns: URL of the vault performing the certificate operation. - :rtype: str or None - """ - return self._vault_id.vault_url if self._vault_id else None - - @property - def issuer_name(self) -> Union[str, WellKnownIssuerNames, None]: - """The name of the certificate issuer. - - :returns: The name of the certificate issuer. - :rtype: str or ~azure.keyvault.certificates.WellKnownIssuerNames or None - """ - return self._issuer_name - - @property - def certificate_type(self) -> Optional[str]: - """Type of certificate to be requested from the issuer provider. - - :returns: Type of certificate to be requested from the issuer provider. - :rtype: str or None - """ - return self._certificate_type - - @property - def certificate_transparency(self) -> Optional[bool]: - """Whether certificates generated under this policy should be published to certificate transparency logs. - - :returns: True if the certificates should be published to transparency logs; False otherwise. - :rtype: bool or None - """ - return self._certificate_transparency - - @property - def csr(self) -> Optional[bytes]: - """The certificate signing request that is being used in this certificate operation. - - :returns: The certificate signing request that is being used in this certificate operation. - :rtype: bytes or None - """ - return self._csr - - @property - def cancellation_requested(self) -> Optional[bool]: - """Whether cancellation was requested on the certificate operation. - - :returns: True if cancellation was requested; False otherwise. - :rtype: bool or None - """ - return self._cancellation_requested - - @property - def status(self) -> Optional[str]: - """The operation status. - - :returns: The operation status. - :rtype: str or None - """ - return self._status - - @property - def status_details(self) -> Optional[str]: - """Details of the operation status. - - :returns: Details of the operation status. - :rtype: str or None - """ - return self._status_details - - @property - def error(self) -> Optional[CertificateOperationError]: - """Any error associated with the certificate operation. - - :returns: Any error associated with the operation, as a - :class:`~azure.keyvault.certificates.CertificateOperationError`. - :rtype: ~azure.keyvault.certificates.CertificateOperationError or None""" - return self._error - - @property - def target(self) -> Optional[str]: - """Location which contains the result of the certificate operation. - - :returns: Location which contains the result of the certificate operation. - :rtype: str or None - """ - return self._target - - @property - def request_id(self) -> Optional[str]: - """Identifier for the certificate operation. - - :returns: Identifier for the certificate operation. - :rtype: str or None - """ - return self._request_id - - -class CertificatePolicy(object): - """Management policy for a certificate. - - :param issuer_name: Optional. Name of the referenced issuer object or reserved names; for example, - :attr:`~azure.keyvault.certificates.WellKnownIssuerNames.self` or - :attr:`~azure.keyvault.certificates.WellKnownIssuerNames.unknown` - :type issuer_name: str or None - - :keyword subject: The subject name of the certificate. Should be a valid X509 distinguished name. Either subject or - one of the subject alternative name parameters are required for creating a certificate. This will be ignored - when importing a certificate; the subject will be parsed from the imported certificate. - :paramtype subject: str or None - :keyword san_emails: Subject alternative emails of the X509 object. Either subject or one of the subject alternative - name parameters are required for creating a certificate. - :paramtype san_emails: list[str] or None - :keyword san_dns_names: Subject alternative DNS names of the X509 object. Either subject or one of the subject - alternative name parameters are required for creating a certificate. - :paramtype san_dns_names: list[str] or None - :keyword san_user_principal_names: Subject alternative user principal names of the X509 object. Either subject or - one of the subject alternative name parameters are required for creating a certificate. - :paramtype san_user_principal_names: list[str] or None - :keyword exportable: Indicates if the private key can be exported. For valid values, see KeyType. - :paramtype exportable: bool or None - :keyword key_type: The type of key pair to be used for the certificate. - :paramtype key_type: str or ~azure.keyvault.certificates.KeyType or None - :keyword key_size: The key size in bits. For example: 2048, 3072, or 4096 for RSA. - :paramtype key_size: int or None - :keyword reuse_key: Indicates if the same key pair will be used on certificate renewal. - :paramtype reuse_key: bool or None - :keyword key_curve_name: Elliptic curve name. For valid values, see KeyCurveName. - :paramtype key_curve_name: str or ~azure.keyvault.certificates.KeyCurveName or None - :keyword enhanced_key_usage: The extended ways the key of the certificate can be used. - :paramtype enhanced_key_usage: list[str] or None - :keyword key_usage: List of key usages. - :paramtype key_usage: list[str or ~azure.keyvault.certificates.KeyUsageType] or None - :keyword content_type: The media type (MIME type) of the secret backing the certificate. If not specified, - :attr:`CertificateContentType.pkcs12` is assumed. - :paramtype content_type: str or ~azure.keyvault.certificates.CertificateContentType or None - :keyword validity_in_months: The duration that the certificate is valid in months. - :paramtype validity_in_months: int or None - :keyword lifetime_actions: Actions that will be performed by Key Vault over the lifetime of a certificate. - :paramtype lifetime_actions: list[~azure.keyvault.certificates.LifetimeAction] or None - :keyword certificate_type: Type of certificate to be requested from the issuer provider. - :paramtype certificate_type: str or None - :keyword certificate_transparency: Indicates if the certificates generated under this policy should be - published to certificate transparency logs. - :paramtype certificate_transparency: bool or None - """ - - # pylint:disable=too-many-instance-attributes - def __init__( - self, - issuer_name: Optional[str] = None, - **kwargs: Any, - ) -> None: - self._issuer_name = issuer_name - self._subject = kwargs.pop("subject", None) - self._attributes = kwargs.pop("attributes", None) - self._exportable = kwargs.pop("exportable", None) - self._key_type = kwargs.pop("key_type", None) - self._key_size = kwargs.pop("key_size", None) - self._reuse_key = kwargs.pop("reuse_key", None) - self._key_curve_name = kwargs.pop("key_curve_name", None) - self._enhanced_key_usage = kwargs.pop("enhanced_key_usage", None) - self._key_usage = kwargs.pop("key_usage", None) - self._content_type = kwargs.pop("content_type", None) - self._validity_in_months = kwargs.pop("validity_in_months", None) - self._lifetime_actions = kwargs.pop("lifetime_actions", None) - self._certificate_type = kwargs.pop("certificate_type", None) - self._certificate_transparency = kwargs.pop("certificate_transparency", None) - self._san_emails = kwargs.pop("san_emails", None) or None - self._san_dns_names = kwargs.pop("san_dns_names", None) or None - self._san_user_principal_names = kwargs.pop("san_user_principal_names", None) or None - - @classmethod - def get_default(cls) -> "CertificatePolicy": - return cls(issuer_name=WellKnownIssuerNames.self, subject="CN=DefaultPolicy") - - def __repr__(self) -> str: - return f""[:1024] - - def _to_certificate_policy_bundle(self) -> models.CertificatePolicy: - if self.issuer_name or self.certificate_type or self.certificate_transparency: - issuer_parameters: Optional[models.IssuerParameters] = models.IssuerParameters( - name=self.issuer_name, - certificate_type=self.certificate_type, - certificate_transparency=self.certificate_transparency, # 2016-10-01 model will ignore this - ) - else: - issuer_parameters = None - - if ( - self.enabled is not None - or self.created_on is not None - or self.updated_on is not None - ): - attributes = models.CertificateAttributes( - enabled=self.enabled, - created=self.created_on, - updated=self.updated_on, - ) - else: - attributes = None - - if self.lifetime_actions: - lifetime_actions = [] - for lifetime_action in self.lifetime_actions: - lifetime_actions.append( - models.LifetimeAction( - trigger=models.Trigger( - lifetime_percentage=lifetime_action.lifetime_percentage, - days_before_expiry=lifetime_action.days_before_expiry, - ), - action=models.Action(action_type=lifetime_action.action), - ) - ) - else: - lifetime_actions = None # type: ignore - - # pylint:disable=too-many-boolean-expressions - if ( - self.subject - or self.enhanced_key_usage - or self.key_usage - or self.san_emails - or self.san_user_principal_names - or self.san_dns_names - or self.validity_in_months - ): - if self.key_usage: - key_usage: Optional[List[Union[str, KeyUsageType]]] = [ - k.value if not isinstance(k, str) else k for k in self.key_usage - ] - else: - key_usage = None - - x509_properties: Optional[models.X509CertificateProperties] = models.X509CertificateProperties( - subject=self.subject, - ekus=self.enhanced_key_usage, - subject_alternative_names=models.SubjectAlternativeNames( - emails=self.san_emails, upns=self.san_user_principal_names, dns_names=self.san_dns_names - ), - key_usage=key_usage, - validity_in_months=self.validity_in_months, - ) - else: - x509_properties = None - - if self.exportable or self.key_type or self.key_size or self.reuse_key or self.key_curve_name: - key_properties: Optional[models.KeyProperties] = models.KeyProperties( - exportable=self.exportable, - key_type=self.key_type, - key_size=self.key_size, - reuse_key=self.reuse_key, - curve=self.key_curve_name, - ) - else: - key_properties = None - - if self.content_type: - secret_properties: Optional[models.SecretProperties] = models.SecretProperties( - content_type=self.content_type - ) - else: - secret_properties = None - - policy_bundle = models.CertificatePolicy( - key_properties=key_properties, - secret_properties=secret_properties, - x509_certificate_properties=x509_properties, - lifetime_actions=lifetime_actions, - issuer_parameters=issuer_parameters, - attributes=attributes, - ) - return policy_bundle - - @classmethod - def _from_certificate_policy_bundle( - cls, certificate_policy_bundle: Optional[models.CertificatePolicy] - ) -> "CertificatePolicy": - if certificate_policy_bundle is None: - return cls() - - if certificate_policy_bundle.lifetime_actions: - lifetime_actions: Optional[List[LifetimeAction]] = [ - LifetimeAction( - action=CertificatePolicyAction(item.action.action_type) if item.action else None, - lifetime_percentage=item.trigger.lifetime_percentage if item.trigger else None, - days_before_expiry=item.trigger.days_before_expiry if item.trigger else None, - ) - for item in certificate_policy_bundle.lifetime_actions - ] - else: - lifetime_actions = None - x509_certificate_properties = certificate_policy_bundle.x509_certificate_properties - if x509_certificate_properties and x509_certificate_properties.key_usage: - key_usage: Optional[List[KeyUsageType]] = [ - KeyUsageType(k) for k in x509_certificate_properties.key_usage - ] - else: - key_usage = None - key_properties = certificate_policy_bundle.key_properties - curve_name = getattr(key_properties, "curve", None) # missing from 2016-10-01 KeyProperties - if curve_name: - curve_name = KeyCurveName(curve_name) - - issuer_parameters = certificate_policy_bundle.issuer_parameters - return cls( - issuer_name=issuer_parameters.name if issuer_parameters else None, - subject=(x509_certificate_properties.subject if x509_certificate_properties else None), - certificate_type=issuer_parameters.certificate_type if issuer_parameters else None, - # 2016-10-01 IssuerParameters doesn't have certificate_transparency - certificate_transparency=getattr(issuer_parameters, "certificate_transparency", None), - lifetime_actions=lifetime_actions, - exportable=key_properties.exportable if key_properties else None, - key_type=KeyType(key_properties.key_type) if key_properties and key_properties.key_type else None, - key_size=key_properties.key_size if key_properties else None, - reuse_key=key_properties.reuse_key if key_properties else None, - key_curve_name=curve_name, - enhanced_key_usage=x509_certificate_properties.ekus if x509_certificate_properties else None, - key_usage=key_usage, - content_type=( - CertificateContentType(certificate_policy_bundle.secret_properties.content_type) - if certificate_policy_bundle.secret_properties and - certificate_policy_bundle.secret_properties.content_type - else None - ), - attributes=certificate_policy_bundle.attributes, - san_emails=( - x509_certificate_properties.subject_alternative_names.emails - if x509_certificate_properties and x509_certificate_properties.subject_alternative_names - else None - ), - san_user_principal_names=( - x509_certificate_properties.subject_alternative_names.upns - if x509_certificate_properties and x509_certificate_properties.subject_alternative_names - else None - ), - san_dns_names=( - x509_certificate_properties.subject_alternative_names.dns_names - if x509_certificate_properties and x509_certificate_properties.subject_alternative_names - else None - ), - validity_in_months=( - x509_certificate_properties.validity_in_months if x509_certificate_properties else None - ), - ) - - @property - def exportable(self) -> Optional[bool]: - """Whether the private key can be exported. - - :returns: True if the private key can be exported; False otherwise. - :rtype: bool or None - """ - return self._exportable - - @property - def key_type(self) -> Optional[KeyType]: - """The type of key pair to be used for the certificate. - - :returns: The type of key pair to be used for the certificate. - :rtype: ~azure.keyvault.certificates.KeyType or None - """ - return self._key_type - - @property - def key_size(self) -> Optional[int]: - """The key size in bits. - - :returns: The key size in bits. - :rtype: int or None - """ - return self._key_size - - @property - def reuse_key(self) -> Optional[bool]: - """Whether the same key pair will be used on certificate renewal. - - :returns: True if the same key pair will be used on certificate renewal; False otherwise. - :rtype: bool or None - """ - return self._reuse_key - - @property - def key_curve_name(self) -> Optional[KeyCurveName]: - """Elliptic curve name. - - :returns: Elliptic curve name. - :rtype: ~azure.keyvault.certificates.KeyCurveName or None - """ - return self._key_curve_name - - @property - def enhanced_key_usage(self) -> Optional[List[str]]: - """The enhanced key usage. - - :returns: The enhanced key usage. - :rtype: list[str] or None - """ - return self._enhanced_key_usage - - @property - def key_usage(self) -> Optional[List[KeyUsageType]]: - """List of key usages. - - :returns: List of key usages. - :rtype: list[~azure.keyvault.certificates.KeyUsageType] or None - """ - return self._key_usage - - @property - def content_type(self) -> Optional[CertificateContentType]: - """The media type (MIME type). - - :returns: The media type (MIME type). - :rtype: ~azure.keyvault.certificates.CertificateContentType or None - """ - return self._content_type - - @property - def subject(self) -> Optional[str]: - """The subject name of the certificate. - - :returns: The subject name of the certificate. - :rtype: str or None - """ - return self._subject - - @property - def san_emails(self) -> Optional[List[str]]: - """The subject alternative email addresses. - - :returns: The subject alternative email addresses, as a list. - :rtype: list[str] or None - """ - return self._san_emails - - @property - def san_dns_names(self) -> Optional[List[str]]: - """The subject alternative domain names. - - :returns: The subject alternative domain names, as a list. - :rtype: list[str] or None - """ - return self._san_dns_names - - @property - def san_user_principal_names(self) -> Optional[List[str]]: - """The subject alternative user principal names. - - :returns: The subject alternative user principal names, as a list. - :rtype: list[str] or None - """ - return self._san_user_principal_names - - @property - def validity_in_months(self) -> Optional[int]: - """The duration that the certificate is valid for in months. - - :returns: The duration that the certificate is valid for in months. - :rtype: int or None - """ - return self._validity_in_months - - @property - def lifetime_actions(self) -> "Optional[List[LifetimeAction]]": - """Actions and their triggers that will be performed by Key Vault over the lifetime of the certificate. - - :returns: Actions and their triggers that will be performed by Key Vault over the lifetime of the certificate. - :rtype: list[~azure.keyvault.certificates.LifetimeAction] or None - """ - return self._lifetime_actions - - @property - def issuer_name(self) -> Optional[str]: - """Name of the referenced issuer object or reserved names for the issuer of the certificate. - - :returns: Name of the referenced issuer object or reserved names for the issuer of the certificate. - :rtype: str or None - """ - return self._issuer_name - - @property - def certificate_type(self) -> Optional[str]: - """Type of certificate requested from the issuer provider. - - :returns: Type of certificate requested from the issuer provider. - :rtype: str or None - """ - return self._certificate_type - - @property - def certificate_transparency(self) -> Optional[bool]: - """Whether the certificates generated under this policy should be published to certificate transparency logs. - - :returns: True if the certificates should be published to transparency logs; False otherwise. - :rtype: bool or None - """ - return self._certificate_transparency - - @property - def enabled(self) -> Optional[bool]: - """Whether the certificate is enabled or not. - - :returns: True if the certificate is enabled; False otherwise. - :rtype: bool or None - """ - return self._attributes.enabled if self._attributes else None - - @property - def created_on(self) -> Optional[datetime]: - """The datetime when the certificate is created. - - :returns: The datetime when the certificate is created. - :rtype: ~datetime.datetime or None - """ - return self._attributes.created if self._attributes else None - - @property - def updated_on(self) -> Optional[datetime]: - """The datetime when the certificate was last updated. - - :returns: The datetime when the certificate was last updated. - :rtype: ~datetime.datetime or None - """ - return self._attributes.updated if self._attributes else None - - -class CertificateContact(object): - """The contact information for the vault certificates. - - :param email: Email address of a contact for the certificate. - :type email: str or None - :param name: Name of a contact for the certificate. - :type name: str or None - :param phone: phone number of a contact for the certificate. - :type phone: str or None - """ - - def __init__( - self, email: Optional[str] = None, name: Optional[str] = None, phone: Optional[str] = None - ) -> None: - self._email = email - self._name = name - self._phone = phone - - def __repr__(self) -> str: - return f"CertificateContact(email={self.email}, name={self.name}, phone={self.phone})"[:1024] - - def _to_certificate_contacts_item(self) -> models.Contact: - return models.Contact(email_address=self.email, name=self.name, phone=self.phone) - - @classmethod - def _from_certificate_contacts_item(cls, contact_item: models.Contact) -> "CertificateContact": - return cls(email=contact_item.email_address, name=contact_item.name, phone=contact_item.phone) - - @property - def email(self) -> Optional[str]: - """:rtype: str or None""" - return self._email - - @property - def name(self) -> Optional[str]: - """:rtype: str or None""" - return self._name - - @property - def phone(self) -> Optional[str]: - """:rtype: str or None""" - return self._phone - - -class IssuerProperties(object): - """The properties of an issuer containing the issuer metadata. - - :param provider: The issuer provider. - :type provider: str or None - """ - - def __init__(self, provider: Optional[str] = None, **kwargs: Any) -> None: - self._id = kwargs.pop("issuer_id", None) - self._vault_id = parse_key_vault_id(self._id) - self._provider = provider - - def __repr__(self) -> str: - return f"IssuerProperties(issuer_id={self.id}, provider={self.provider})"[:1024] - - @classmethod - def _from_issuer_item( - cls, issuer_item: Union[models.CertificateIssuerItem, models.IssuerBundle] - ) -> "IssuerProperties": - return cls(issuer_id=issuer_item.id, provider=issuer_item.provider) - - @property - def id(self) -> Optional[str]: - """The issuer ID. - - :returns: The issuer ID. - :rtype: str or None - """ - return self._id - - @property - def name(self) -> Optional[str]: - """The issuer name. - - :returns: The issuer name. - :rtype: str or None - """ - # Issuer name is listed under version under vault_id - return self._vault_id.version - - @property - def provider(self) -> Optional[str]: - """The issuer provider. - - :returns: The issuer provider. - :rtype: str or None - """ - return self._provider - - -class CertificateIssuer(object): - """The issuer for a Key Vault certificate. - - :param provider: The issuer provider - :type provider: str or None - :param attributes: The issuer attributes. - :type attributes: ~azure.keyvault.certificates._generated.models.IssuerAttributes or None - :param account_id: The username / account name / account id. - :type account_id: str or None - :param password: The password / secret / account key. - :type password: str or None - :param organization_id: The ID of the organization. - :type organization_id: str or None - :param admin_contacts: Details of the organization administrator. - :type admin_contacts: list[~azure.keyvault.certificates.AdministratorContact] or None - """ - - def __init__( - self, - provider: Optional[str], - attributes: Optional[models.IssuerAttributes] = None, - account_id: Optional[str] = None, - # [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Typedef, not string.")] - password: Optional[str] = None, - organization_id: Optional[str] = None, - admin_contacts: Optional[List[AdministratorContact]] = None, - **kwargs: Any, - ) -> None: - self._provider = provider - self._attributes = attributes - self._account_id = account_id - self._password = password - self._organization_id = organization_id - self._admin_contacts = admin_contacts - self._id = kwargs.pop("issuer_id", None) - self._vault_id = parse_key_vault_id(self._id) - - def __repr__(self) -> str: - return f""[:1024] - - @classmethod - def _from_issuer_bundle(cls, issuer_bundle: models.IssuerBundle) -> "CertificateIssuer": - admin_contacts = [] - admin_details = ( - issuer_bundle.organization_details.admin_details if issuer_bundle.organization_details else None - ) - if admin_details: - # pylint:disable=protected-access - for admin_detail in admin_details: - admin_contacts.append(AdministratorContact._from_admin_detail(admin_detail)) - return cls( - provider=IssuerProperties._from_issuer_item(issuer_bundle).provider, # pylint: disable=protected-access - attributes=issuer_bundle.attributes, - account_id=issuer_bundle.credentials.account_id if issuer_bundle.credentials else None, - password=issuer_bundle.credentials.password if issuer_bundle.credentials else None, - organization_id=issuer_bundle.organization_details.id if issuer_bundle.organization_details else None, - admin_contacts=admin_contacts, - issuer_id=issuer_bundle.id, - ) - - @property - def id(self) -> Optional[str]: - """The issuer ID. - - :returns: The issuer ID. - :rtype: str or None - """ - return self._id - - @property - def name(self) -> Optional[str]: - """The issuer name. - - :returns: The issuer name. - :rtype: str or None - """ - # Issuer name is listed under version under vault_id. - # This is because the id we pass to parse_key_vault_id has an extra segment, so where most cases the version of - # the general pattern is certificates/name/version, but here we have certificates/issuers/name/version. - # Issuers are not versioned. - return self._vault_id.version - - @property - def provider(self) -> Optional[str]: - """The issuer provider. - - :returns: The issuer provider. - :rtype: str or None - """ - return self._provider - - @property - def enabled(self) -> Optional[bool]: - """Whether the certificate is enabled or not. - - :returns: True if the certificate is enabled; False otherwise. - :rtype: bool or None - """ - return self._attributes.enabled if self._attributes else None - - @property - def created_on(self) -> Optional[datetime]: - """The datetime when the certificate is created. - - :returns: The datetime when the certificate is created. - :rtype: ~datetime.datetime or None - """ - return self._attributes.created if self._attributes else None - - @property - def updated_on(self) -> Optional[datetime]: - """The datetime when the certificate was last updated. - - :returns: The datetime when the certificate was last updated. - :rtype: ~datetime.datetime or None - """ - return self._attributes.updated if self._attributes else None - - @property - def account_id(self) -> Optional[str]: - """The username / account name / account id. - - :returns: The username / account name / account id. - :rtype: str or None - """ - return self._account_id - - @property - def password(self) -> Optional[str]: - """The password / secret / account key. - - :returns: The password / secret / account key. - :rtype: str or None - """ - return self._password - - @property - def organization_id(self) -> Optional[str]: - """The issuer organization ID. - - :returns: The issuer organization ID. - :rtype: str or None - """ - return self._organization_id - - @property - def admin_contacts(self) -> Optional[List[AdministratorContact]]: - """Contact details of the organization administrator(s) of this issuer. - - :returns: Contact details of the organization administrator(s) of this issuer. - :rtype: list[~azure.keyvault.certificates.AdministratorContact] or None - """ - return self._admin_contacts - - -class LifetimeAction(object): - """Action and its trigger that will be performed by certificate Vault over the lifetime of a certificate. - - :param action: The type of the action. For valid values, see CertificatePolicyAction - :type action: str or ~azure.keyvault.certificates.CertificatePolicyAction or None - :param lifetime_percentage: Percentage of lifetime at which to trigger. Value should be between 1 and 99. - :type lifetime_percentage: int or None - :param days_before_expiry: Days before expiry to attempt renewal. Value should be between 1 and - `validity_in_months` multiplied by 27. I.e., if validity_in_months is 36, then value should be between 1 and 972 - (36 * 27). - :type days_before_expiry: int or None - """ - - def __init__( - self, - action: Union[str, CertificatePolicyAction, None], - lifetime_percentage: Optional[int] = None, - days_before_expiry: Optional[int] = None, - ) -> None: - self._lifetime_percentage = lifetime_percentage - self._days_before_expiry = days_before_expiry - self._action = action - - def __repr__(self) -> str: - result = ( - f"LifetimeAction(action={self.action}, lifetime_percentage={self.lifetime_percentage}, " - + f"days_before_expiry={self.days_before_expiry})" - ) - return result[:1024] - - @property - def lifetime_percentage(self) -> Optional[int]: - """Percentage of lifetime at which to trigger. - - :returns: Percentage of lifetime at which to trigger. - :rtype: int or None - """ - return self._lifetime_percentage - - @property - def days_before_expiry(self) -> Optional[int]: - """Days before expiry to attempt renewal. - - :returns: Days before expiry to attempt renewal. - :rtype: int or None - """ - return self._days_before_expiry - - @property - def action(self) -> Union[str, CertificatePolicyAction, None]: - """The type of action that will be executed; see :class:`~azure.keyvault.certificates.CertificatePolicyAction`. - - :returns: The type of action that will be executed; see - :class:`~azure.keyvault.certificates.CertificatePolicyAction`. - :rtype: str or ~azure.keyvault.certificates.CertificatePolicyAction or None - """ - return self._action - - -class DeletedCertificate(KeyVaultCertificate): - """A deleted Certificate consisting of its previous ID, attributes, tags, and information on when it will be purged. - - :param properties: Properties of the deleted certificate. - :type properties: ~azure.keyvault.certificates.CertificateProperties - :param policy: The management policy of the deleted certificate. - :type policy: ~azure.keyvault.certificates.CertificatePolicy or None - :param cer: CER contents of the X509 certificate. - :type cer: bytearray or None - - :keyword deleted_on: The time when the certificate was deleted, in UTC. - :paramtype deleted_on: ~datetime.datetime or None - :keyword recovery_id: The url of the recovery object, used to identify and recover the deleted certificate. - :paramtype recovery_id: str or None - :keyword scheduled_purge_date: The time when the certificate is scheduled to be purged, in UTC. - :paramtype scheduled_purge_date: ~datetime.datetime or None - """ - - def __init__( - self, - properties: Optional[CertificateProperties] = None, - policy: Optional[CertificatePolicy] = None, - cer: Optional[bytearray] = None, - **kwargs: Any, - ) -> None: - super(DeletedCertificate, self).__init__(properties=properties, policy=policy, cer=cer, **kwargs) - self._deleted_on = kwargs.get("deleted_on", None) - self._recovery_id = kwargs.get("recovery_id", None) - self._scheduled_purge_date = kwargs.get("scheduled_purge_date", None) - - def __repr__(self) -> str: - return f""[:1024] - - @classmethod - def _from_deleted_certificate_item( - cls, deleted_certificate_item: models.DeletedCertificateItem - ) -> "DeletedCertificate": - return cls( - properties=CertificateProperties._from_certificate_item( # pylint: disable=protected-access - deleted_certificate_item - ), - key_id=None, - secret_id=None, - policy=None, - cer=None, - deleted_on=deleted_certificate_item.deleted_date, - recovery_id=deleted_certificate_item.recovery_id, - scheduled_purge_date=deleted_certificate_item.scheduled_purge_date, - ) - - @classmethod - def _from_deleted_certificate_bundle( - cls, deleted_certificate_bundle: models.DeletedCertificateBundle - ) -> "DeletedCertificate": - # pylint:disable=protected-access - return cls( - properties=CertificateProperties._from_certificate_item(deleted_certificate_bundle), - key_id=deleted_certificate_bundle.kid, - secret_id=deleted_certificate_bundle.sid, - policy=CertificatePolicy._from_certificate_policy_bundle(deleted_certificate_bundle.policy), - cer=deleted_certificate_bundle.cer, # type: ignore - deleted_on=deleted_certificate_bundle.deleted_date, - recovery_id=deleted_certificate_bundle.recovery_id, - scheduled_purge_date=deleted_certificate_bundle.scheduled_purge_date, - ) - - @property - def deleted_on(self) -> Optional[datetime]: - """The datetime when the certificate was deleted. - - :returns: The datetime when the certificate was deleted. - :rtype: ~datetime.datetime or None - """ - return self._deleted_on - - @property - def recovery_id(self) -> Optional[str]: - """The URL of the recovery object, used to identify and recover the deleted certificate. - - :returns: The URL of the recovery object, used to identify and recover the deleted certificate. - :rtype: str or None - """ - return self._recovery_id - - @property - def scheduled_purge_date(self) -> Optional[datetime]: - """The datetime when the certificate is scheduled to be purged. - - :returns: The datetime when the certificate is scheduled to be purged. - :rtype: ~datetime.datetime or None - """ - return self._scheduled_purge_date diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/__init__.py similarity index 58% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/__init__.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/__init__.py index 29ea96fccbfe..d514f5e4b5be 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/__init__.py @@ -2,18 +2,24 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- +# pylint: disable=wrong-import-position -from ._operations import KeyVaultClientOperationsMixin +from typing import TYPE_CHECKING + +if TYPE_CHECKING: + from ._patch import * # pylint: disable=unused-wildcard-import + +from ._operations import KeyVaultClientOperationsMixin # type: ignore from ._patch import __all__ as _patch_all -from ._patch import * # pylint: disable=unused-wildcard-import +from ._patch import * from ._patch import patch_sdk as _patch_sdk __all__ = [ "KeyVaultClientOperationsMixin", ] -__all__.extend([p for p in _patch_all if p not in __all__]) +__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore _patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/_operations.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/_operations.py similarity index 71% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/_operations.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/_operations.py index 5954f8a304d9..7c65bb73ec13 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/_operations.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/_operations.py @@ -1,13 +1,15 @@ -# pylint: disable=too-many-lines,too-many-statements +# pylint: disable=too-many-lines # coding=utf-8 # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- from io import IOBase -from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import json +import sys +from typing import Any, Callable, Dict, IO, Iterable, List, Optional, TypeVar, Union, overload import urllib.parse from azure.core.exceptions import ( @@ -16,6 +18,8 @@ ResourceExistsError, ResourceNotFoundError, ResourceNotModifiedError, + StreamClosedError, + StreamConsumedError, map_error, ) from azure.core.paging import ItemPaged @@ -25,9 +29,15 @@ from azure.core.utils import case_insensitive_dict from .. import models as _models +from .._model_base import SdkJSONEncoder, _deserialize, _failsafe_deserialize from .._serialization import Serializer from .._vendor import KeyVaultClientMixinABC +if sys.version_info >= (3, 9): + from collections.abc import MutableMapping +else: + from typing import MutableMapping # type: ignore +JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -41,18 +51,18 @@ def build_key_vault_get_certificates_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/certificates" # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") if maxresults is not None: - _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int", maximum=25, minimum=1) + _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int") if include_pending is not None: _params["includePending"] = _SERIALIZER.query("include_pending", include_pending, "bool") - _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") # Construct headers _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") @@ -66,7 +76,7 @@ def build_key_vault_delete_certificate_request( # pylint: disable=name-too-long _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -91,7 +101,7 @@ def build_key_vault_set_certificate_contacts_request(**kwargs: Any) -> HttpReque _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -112,7 +122,7 @@ def build_key_vault_get_certificate_contacts_request(**kwargs: Any) -> HttpReque _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -131,7 +141,7 @@ def build_key_vault_delete_certificate_contacts_request(**kwargs: Any) -> HttpRe _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -152,16 +162,16 @@ def build_key_vault_get_certificate_issuers_request( # pylint: disable=name-too _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/certificates/issuers" # Construct parameters - if maxresults is not None: - _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int", maximum=25, minimum=1) _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if maxresults is not None: + _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int") # Construct headers _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") @@ -176,7 +186,7 @@ def build_key_vault_set_certificate_issuer_request( # pylint: disable=name-too- _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -205,7 +215,7 @@ def build_key_vault_update_certificate_issuer_request( # pylint: disable=name-t _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -233,7 +243,7 @@ def build_key_vault_get_certificate_issuer_request( # pylint: disable=name-too- _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -259,7 +269,7 @@ def build_key_vault_delete_certificate_issuer_request( # pylint: disable=name-t _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -286,13 +296,13 @@ def build_key_vault_create_certificate_request( # pylint: disable=name-too-long _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/certificates/{certificate-name}/create" path_format_arguments = { - "certificate-name": _SERIALIZER.url("certificate_name", certificate_name, "str", pattern=r"^[0-9a-zA-Z-]+$"), + "certificate-name": _SERIALIZER.url("certificate_name", certificate_name, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -315,13 +325,13 @@ def build_key_vault_import_certificate_request( # pylint: disable=name-too-long _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/certificates/{certificate-name}/import" path_format_arguments = { - "certificate-name": _SERIALIZER.url("certificate_name", certificate_name, "str", pattern=r"^[0-9a-zA-Z-]+$"), + "certificate-name": _SERIALIZER.url("certificate_name", certificate_name, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -343,7 +353,7 @@ def build_key_vault_get_certificate_versions_request( # pylint: disable=name-to _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -355,9 +365,9 @@ def build_key_vault_get_certificate_versions_request( # pylint: disable=name-to _url: str = _url.format(**path_format_arguments) # type: ignore # Construct parameters - if maxresults is not None: - _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int", maximum=25, minimum=1) _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if maxresults is not None: + _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int") # Construct headers _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") @@ -371,7 +381,7 @@ def build_key_vault_get_certificate_policy_request( # pylint: disable=name-too- _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -398,7 +408,7 @@ def build_key_vault_update_certificate_policy_request( # pylint: disable=name-t _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -427,7 +437,7 @@ def build_key_vault_update_certificate_request( # pylint: disable=name-too-long _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -456,7 +466,7 @@ def build_key_vault_get_certificate_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -484,7 +494,7 @@ def build_key_vault_update_certificate_operation_request( # pylint: disable=nam _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -512,7 +522,7 @@ def build_key_vault_get_certificate_operation_request( # pylint: disable=name-t _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -538,7 +548,7 @@ def build_key_vault_delete_certificate_operation_request( # pylint: disable=nam _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -565,7 +575,7 @@ def build_key_vault_merge_certificate_request( # pylint: disable=name-too-long _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -593,7 +603,7 @@ def build_key_vault_backup_certificate_request( # pylint: disable=name-too-long _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -618,7 +628,7 @@ def build_key_vault_restore_certificate_request(**kwargs: Any) -> HttpRequest: _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -641,18 +651,18 @@ def build_key_vault_get_deleted_certificates_request( # pylint: disable=name-to _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/deletedcertificates" # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") if maxresults is not None: - _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int", maximum=25, minimum=1) + _params["maxresults"] = _SERIALIZER.query("maxresults", maxresults, "int") if include_pending is not None: _params["includePending"] = _SERIALIZER.query("include_pending", include_pending, "bool") - _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") # Construct headers _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") @@ -666,7 +676,7 @@ def build_key_vault_get_deleted_certificate_request( # pylint: disable=name-too _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -692,7 +702,7 @@ def build_key_vault_purge_deleted_certificate_request( # pylint: disable=name-t _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -718,7 +728,7 @@ def build_key_vault_recover_deleted_certificate_request( # pylint: disable=name _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.5")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6-preview.1")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -739,22 +749,16 @@ def build_key_vault_recover_deleted_certificate_request( # pylint: disable=name class KeyVaultClientOperationsMixin(KeyVaultClientMixinABC): # pylint: disable=too-many-public-methods + @distributed_trace def get_certificates( - self, - vault_base_url: str, - *, - maxresults: Optional[int] = None, - include_pending: Optional[bool] = None, - **kwargs: Any + self, *, maxresults: Optional[int] = None, include_pending: Optional[bool] = None, **kwargs: Any ) -> Iterable["_models.CertificateItem"]: """List certificates in a specified key vault. The GetCertificates operation returns the set of certificates resources in the specified key vault. This operation requires the certificates/list permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int @@ -762,17 +766,15 @@ def get_certificates( provisioned. Default value is None. :paramtype include_pending: bool :return: An iterator like instance of CertificateItem - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.v7_5.models.CertificateItem] + :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.models.CertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -791,7 +793,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -809,20 +813,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, iter(list_of_elem) + return deserialized.get("nextLink") or None, iter(list_of_elem) def get_next(next_link=None): _request = prepare_request(next_link) @@ -834,10 +838,8 @@ def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -845,24 +847,21 @@ def get_next(next_link=None): return ItemPaged(get_next, extract_data) @distributed_trace - def delete_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.DeletedCertificateBundle: + def delete_certificate(self, certificate_name: str, **kwargs: Any) -> _models.DeletedCertificateBundle: """Deletes a certificate from a specified key vault. Deletes all versions of a certificate object along with its associated policy. Delete certificate cannot be used to remove individual versions of a certificate object. This operation requires the certificates/delete permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: DeletedCertificateBundle - :rtype: ~azure.keyvault.v7_5.models.DeletedCertificateBundle + :return: DeletedCertificateBundle. The DeletedCertificateBundle is compatible with + MutableMapping + :rtype: ~azure.keyvault.certificates.models.DeletedCertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -882,11 +881,13 @@ def delete_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -895,12 +896,18 @@ def delete_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("DeletedCertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.DeletedCertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -909,68 +916,78 @@ def delete_certificate( @overload def set_certificate_contacts( - self, vault_base_url: str, contacts: _models.Contacts, *, content_type: str = "application/json", **kwargs: Any + self, contacts: _models.Contacts, *, content_type: str = "application/json", **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param contacts: The contacts for the key vault certificate. Required. - :type contacts: ~azure.keyvault.v7_5.models.Contacts + :type contacts: ~azure.keyvault.certificates.models.Contacts :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ @overload def set_certificate_contacts( - self, vault_base_url: str, contacts: IO[bytes], *, content_type: str = "application/json", **kwargs: Any + self, contacts: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.Contacts: + """Sets the certificate contacts for the specified key vault. + + Sets the certificate contacts for the specified key vault. This operation requires the + certificates/managecontacts permission. + + :param contacts: The contacts for the key vault certificate. Required. + :type contacts: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def set_certificate_contacts( + self, contacts: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param contacts: The contacts for the key vault certificate. Required. :type contacts: IO[bytes] :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def set_certificate_contacts( - self, vault_base_url: str, contacts: Union[_models.Contacts, IO[bytes]], **kwargs: Any + self, contacts: Union[_models.Contacts, JSON, IO[bytes]], **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :param contacts: The contacts for the key vault certificate. Is either a Contacts type or a - IO[bytes] type. Required. - :type contacts: ~azure.keyvault.v7_5.models.Contacts or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :param contacts: The contacts for the key vault certificate. Is one of the following types: + Contacts, JSON, IO[bytes] Required. + :type contacts: ~azure.keyvault.certificates.models.Contacts or JSON or IO[bytes] + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -985,27 +1002,27 @@ def set_certificate_contacts( cls: ClsType[_models.Contacts] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(contacts, (IOBase, bytes)): _content = contacts else: - _json = self._serialize.body(contacts, "Contacts") + _content = json.dumps(contacts, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_set_certificate_contacts_request( content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1014,12 +1031,18 @@ def set_certificate_contacts( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1027,19 +1050,17 @@ def set_certificate_contacts( return deserialized # type: ignore @distributed_trace - def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _models.Contacts: + def get_certificate_contacts(self, **kwargs: Any) -> _models.Contacts: """Lists the certificate contacts for a specified key vault. The GetCertificateContacts operation returns the set of certificate contact resources in the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1058,11 +1079,13 @@ def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _model params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1071,12 +1094,18 @@ def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _model if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1084,19 +1113,17 @@ def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _model return deserialized # type: ignore @distributed_trace - def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _models.Contacts: + def delete_certificate_contacts(self, **kwargs: Any) -> _models.Contacts: """Deletes the certificate contacts for a specified key vault. Deletes the certificate contacts for a specified key vault certificate. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1115,11 +1142,13 @@ def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _mo params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1128,12 +1157,18 @@ def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _mo if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1142,7 +1177,7 @@ def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _mo @distributed_trace def get_certificate_issuers( - self, vault_base_url: str, *, maxresults: Optional[int] = None, **kwargs: Any + self, *, maxresults: Optional[int] = None, **kwargs: Any ) -> Iterable["_models.CertificateIssuerItem"]: """List certificate issuers for a specified key vault. @@ -1150,23 +1185,19 @@ def get_certificate_issuers( specified key vault. This operation requires the certificates/manageissuers/getissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int :return: An iterator like instance of CertificateIssuerItem - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.v7_5.models.CertificateIssuerItem] + :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.models.CertificateIssuerItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateIssuerListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateIssuerItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1184,7 +1215,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -1202,20 +1235,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateIssuerListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateIssuerItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, iter(list_of_elem) + return deserialized.get("nextLink") or None, iter(list_of_elem) def get_next(next_link=None): _request = prepare_request(next_link) @@ -1227,10 +1260,8 @@ def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -1240,7 +1271,6 @@ def get_next(next_link=None): @overload def set_certificate_issuer( self, - vault_base_url: str, issuer_name: str, parameter: _models.CertificateIssuerSetParameters, *, @@ -1252,39 +1282,52 @@ def set_certificate_issuer( The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type issuer_name: str :param parameter: Certificate issuer set parameter. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerSetParameters + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerSetParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def set_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, issuer_name: str, parameter: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.IssuerBundle: + """Sets the specified certificate issuer. + + The SetCertificateIssuer operation adds or updates the specified certificate issuer. This + operation requires the certificates/setissuers permission. + + :param issuer_name: The name of the issuer. The value you provide may be copied globally for + the purpose of running the service. The value provided should not include personally + identifiable or sensitive information. Required. + :type issuer_name: str + :param parameter: Certificate issuer set parameter. Required. + :type parameter: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def set_certificate_issuer( + self, issuer_name: str, parameter: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.IssuerBundle: """Sets the specified certificate issuer. The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -1294,41 +1337,33 @@ def set_certificate_issuer( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def set_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: Union[_models.CertificateIssuerSetParameters, IO[bytes]], - **kwargs: Any + self, issuer_name: str, parameter: Union[_models.CertificateIssuerSetParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.IssuerBundle: """Sets the specified certificate issuer. The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type issuer_name: str - :param parameter: Certificate issuer set parameter. Is either a CertificateIssuerSetParameters - type or a IO[bytes] type. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerSetParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :param parameter: Certificate issuer set parameter. Is one of the following types: + CertificateIssuerSetParameters, JSON, IO[bytes] Required. + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerSetParameters or JSON or + IO[bytes] + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1343,28 +1378,28 @@ def set_certificate_issuer( cls: ClsType[_models.IssuerBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameter, (IOBase, bytes)): _content = parameter else: - _json = self._serialize.body(parameter, "CertificateIssuerSetParameters") + _content = json.dumps(parameter, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_set_certificate_issuer_request( issuer_name=issuer_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1373,12 +1408,18 @@ def set_certificate_issuer( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1388,7 +1429,6 @@ def set_certificate_issuer( @overload def update_certificate_issuer( self, - vault_base_url: str, issuer_name: str, parameter: _models.CertificateIssuerUpdateParameters, *, @@ -1400,37 +1440,48 @@ def update_certificate_issuer( The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str :param parameter: Certificate issuer update parameter. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerUpdateParameters + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerUpdateParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def update_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, issuer_name: str, parameter: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.IssuerBundle: + """Updates the specified certificate issuer. + + The UpdateCertificateIssuer operation performs an update on the specified certificate issuer + entity. This operation requires the certificates/setissuers permission. + + :param issuer_name: The name of the issuer. Required. + :type issuer_name: str + :param parameter: Certificate issuer update parameter. Required. + :type parameter: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def update_certificate_issuer( + self, issuer_name: str, parameter: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.IssuerBundle: """Updates the specified certificate issuer. The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str :param parameter: Certificate issuer update parameter. Required. @@ -1438,17 +1489,16 @@ def update_certificate_issuer( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def update_certificate_issuer( self, - vault_base_url: str, issuer_name: str, - parameter: Union[_models.CertificateIssuerUpdateParameters, IO[bytes]], + parameter: Union[_models.CertificateIssuerUpdateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.IssuerBundle: """Updates the specified certificate issuer. @@ -1456,21 +1506,17 @@ def update_certificate_issuer( The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :param parameter: Certificate issuer update parameter. Is either a - CertificateIssuerUpdateParameters type or a IO[bytes] type. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerUpdateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :param parameter: Certificate issuer update parameter. Is one of the following types: + CertificateIssuerUpdateParameters, JSON, IO[bytes] Required. + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerUpdateParameters or JSON + or IO[bytes] + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1485,28 +1531,28 @@ def update_certificate_issuer( cls: ClsType[_models.IssuerBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameter, (IOBase, bytes)): _content = parameter else: - _json = self._serialize.body(parameter, "CertificateIssuerUpdateParameters") + _content = json.dumps(parameter, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_issuer_request( issuer_name=issuer_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1515,12 +1561,18 @@ def update_certificate_issuer( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1528,22 +1580,20 @@ def update_certificate_issuer( return deserialized # type: ignore @distributed_trace - def get_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: + def get_certificate_issuer(self, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: """Lists the specified certificate issuer. The GetCertificateIssuer operation returns the specified certificate issuer resources in the specified key vault. This operation requires the certificates/manageissuers/getissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1563,11 +1613,13 @@ def get_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwargs params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1576,12 +1628,18 @@ def get_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwargs if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1589,21 +1647,19 @@ def get_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwargs return deserialized # type: ignore @distributed_trace - def delete_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: + def delete_certificate_issuer(self, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: """Deletes the specified certificate issuer. The DeleteCertificateIssuer operation permanently removes the specified certificate issuer from the vault. This operation requires the certificates/manageissuers/deleteissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1623,11 +1679,13 @@ def delete_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwa params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1636,12 +1694,18 @@ def delete_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwa if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1651,7 +1715,6 @@ def delete_certificate_issuer(self, vault_base_url: str, issuer_name: str, **kwa @overload def create_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateCreateParameters, *, @@ -1663,39 +1726,52 @@ def create_certificate( If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str :param parameters: The parameters to create a certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateCreateParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateCreateParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @overload def create_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateOperation: + """Creates a new certificate. + + If this is the first version, the certificate resource is created. This operation requires the + certificates/create permission. + + :param certificate_name: The name of the certificate. The value you provide may be copied + globally for the purpose of running the service. The value provided should not include + personally identifiable or sensitive information. Required. + :type certificate_name: str + :param parameters: The parameters to create a certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateOperation: """Creates a new certificate. If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -1705,17 +1781,16 @@ def create_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def create_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateCreateParameters, IO[bytes]], + parameters: Union[_models.CertificateCreateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateOperation: """Creates a new certificate. @@ -1723,23 +1798,19 @@ def create_certificate( If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str - :param parameters: The parameters to create a certificate. Is either a - CertificateCreateParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateCreateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :param parameters: The parameters to create a certificate. Is one of the following types: + CertificateCreateParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateCreateParameters or JSON or + IO[bytes] + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1754,28 +1825,28 @@ def create_certificate( cls: ClsType[_models.CertificateOperation] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateCreateParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_create_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1784,12 +1855,18 @@ def create_certificate( if response.status_code not in [202]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1799,7 +1876,6 @@ def create_certificate( @overload def import_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateImportParameters, *, @@ -1813,31 +1889,48 @@ def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str :param parameters: The parameters to import the certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateImportParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateImportParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def import_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Imports a certificate into a specified key vault. + + Imports an existing valid certificate, containing a private key, into Azure Key Vault. This + operation requires the certificates/import permission. The certificate to be imported can be in + either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key + as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. + + :param certificate_name: The name of the certificate. The value you provide may be copied + globally for the purpose of running the service. The value provided should not include + personally identifiable or sensitive information. Required. + :type certificate_name: str + :param parameters: The parameters to import the certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def import_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Imports a certificate into a specified key vault. @@ -1846,8 +1939,6 @@ def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -1857,17 +1948,16 @@ def import_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def import_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateImportParameters, IO[bytes]], + parameters: Union[_models.CertificateImportParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Imports a certificate into a specified key vault. @@ -1877,23 +1967,19 @@ def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str - :param parameters: The parameters to import the certificate. Is either a - CertificateImportParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateImportParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to import the certificate. Is one of the following types: + CertificateImportParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateImportParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1908,28 +1994,28 @@ def import_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateImportParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_import_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1938,12 +2024,18 @@ def import_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1952,32 +2044,28 @@ def import_certificate( @distributed_trace def get_certificate_versions( - self, vault_base_url: str, certificate_name: str, *, maxresults: Optional[int] = None, **kwargs: Any + self, certificate_name: str, *, maxresults: Optional[int] = None, **kwargs: Any ) -> Iterable["_models.CertificateItem"]: """List the versions of a certificate. The GetCertificateVersions operation returns the versions of a certificate in the specified key vault. This operation requires the certificates/list permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int :return: An iterator like instance of CertificateItem - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.v7_5.models.CertificateItem] + :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.models.CertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1996,7 +2084,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -2014,20 +2104,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, iter(list_of_elem) + return deserialized.get("nextLink") or None, iter(list_of_elem) def get_next(next_link=None): _request = prepare_request(next_link) @@ -2039,10 +2129,8 @@ def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -2050,23 +2138,19 @@ def get_next(next_link=None): return ItemPaged(get_next, extract_data) @distributed_trace - def get_certificate_policy( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificatePolicy: + def get_certificate_policy(self, certificate_name: str, **kwargs: Any) -> _models.CertificatePolicy: """Lists the policy for a certificate. The GetCertificatePolicy operation returns the specified certificate policy resources in the specified key vault. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in a given key vault. Required. :type certificate_name: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2086,11 +2170,13 @@ def get_certificate_policy( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2099,12 +2185,18 @@ def get_certificate_policy( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificatePolicy", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificatePolicy, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2114,7 +2206,6 @@ def get_certificate_policy( @overload def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, certificate_policy: _models.CertificatePolicy, *, @@ -2126,24 +2217,42 @@ def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_policy: The policy for the certificate. Required. - :type certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy + :type certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def update_certificate_policy( + self, certificate_name: str, certificate_policy: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificatePolicy: + """Updates the policy for a certificate. + + Set specified members in the certificate policy. Leave others as null. This operation requires + the certificates/update permission. + + :param certificate_name: The name of the certificate in the given vault. Required. + :type certificate_name: str + :param certificate_policy: The policy for the certificate. Required. + :type certificate_policy: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ @overload def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, certificate_policy: IO[bytes], *, @@ -2155,8 +2264,6 @@ def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_policy: The policy for the certificate. Required. @@ -2164,17 +2271,16 @@ def update_certificate_policy( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, - certificate_policy: Union[_models.CertificatePolicy, IO[bytes]], + certificate_policy: Union[_models.CertificatePolicy, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificatePolicy: """Updates the policy for a certificate. @@ -2182,21 +2288,17 @@ def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str - :param certificate_policy: The policy for the certificate. Is either a CertificatePolicy type - or a IO[bytes] type. Required. - :type certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :param certificate_policy: The policy for the certificate. Is one of the following types: + CertificatePolicy, JSON, IO[bytes] Required. + :type certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy or JSON or + IO[bytes] + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2211,28 +2313,28 @@ def update_certificate_policy( cls: ClsType[_models.CertificatePolicy] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(certificate_policy, (IOBase, bytes)): _content = certificate_policy else: - _json = self._serialize.body(certificate_policy, "CertificatePolicy") + _content = json.dumps(certificate_policy, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_policy_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2241,12 +2343,18 @@ def update_certificate_policy( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificatePolicy", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificatePolicy, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2256,7 +2364,6 @@ def update_certificate_policy( @overload def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, parameters: _models.CertificateUpdateParameters, @@ -2270,26 +2377,53 @@ def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. :type certificate_version: str :param parameters: The parameters for certificate update. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateUpdateParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateUpdateParameters + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def update_certificate( + self, + certificate_name: str, + certificate_version: str, + parameters: JSON, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.CertificateBundle: + """Updates the specified attributes associated with the given certificate. + + The UpdateCertificate operation applies the specified update on the given certificate; the only + elements updated are the certificate's attributes. This operation requires the + certificates/update permission. + + :param certificate_name: The name of the certificate in the given key vault. Required. + :type certificate_name: str + :param certificate_version: The version of the certificate. Required. + :type certificate_version: str + :param parameters: The parameters for certificate update. Required. + :type parameters: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, parameters: IO[bytes], @@ -2303,8 +2437,6 @@ def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. @@ -2314,18 +2446,17 @@ def update_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, - parameters: Union[_models.CertificateUpdateParameters, IO[bytes]], + parameters: Union[_models.CertificateUpdateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Updates the specified attributes associated with the given certificate. @@ -2334,23 +2465,19 @@ def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. :type certificate_version: str - :param parameters: The parameters for certificate update. Is either a - CertificateUpdateParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateUpdateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters for certificate update. Is one of the following types: + CertificateUpdateParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateUpdateParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2365,29 +2492,29 @@ def update_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateUpdateParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_request( certificate_name=certificate_name, certificate_version=certificate_version, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2396,12 +2523,18 @@ def update_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2410,25 +2543,23 @@ def update_certificate( @distributed_trace def get_certificate( - self, vault_base_url: str, certificate_name: str, certificate_version: str, **kwargs: Any + self, certificate_name: str, certificate_version: str, **kwargs: Any ) -> _models.CertificateBundle: """Gets information about a certificate. Gets information about a specific certificate. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. This URI fragment is optional. If not specified, the latest version of the certificate is returned. Required. :type certificate_version: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2449,11 +2580,13 @@ def get_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2462,12 +2595,18 @@ def get_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2477,7 +2616,6 @@ def get_certificate( @overload def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, certificate_operation: _models.CertificateOperationUpdateParameter, *, @@ -2489,24 +2627,48 @@ def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param certificate_operation: The certificate operation response. Required. - :type certificate_operation: ~azure.keyvault.v7_5.models.CertificateOperationUpdateParameter + :type certificate_operation: + ~azure.keyvault.certificates.models.CertificateOperationUpdateParameter :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def update_certificate_operation( + self, + certificate_name: str, + certificate_operation: JSON, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.CertificateOperation: + """Updates a certificate operation. + + Updates a certificate creation operation that is already in progress. This operation requires + the certificates/update permission. + + :param certificate_name: The name of the certificate. Required. + :type certificate_name: str + :param certificate_operation: The certificate operation response. Required. + :type certificate_operation: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @overload def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, certificate_operation: IO[bytes], *, @@ -2518,8 +2680,6 @@ def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param certificate_operation: The certificate operation response. Required. @@ -2527,17 +2687,16 @@ def update_certificate_operation( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, - certificate_operation: Union[_models.CertificateOperationUpdateParameter, IO[bytes]], + certificate_operation: Union[_models.CertificateOperationUpdateParameter, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateOperation: """Updates a certificate operation. @@ -2545,22 +2704,17 @@ def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :param certificate_operation: The certificate operation response. Is either a - CertificateOperationUpdateParameter type or a IO[bytes] type. Required. - :type certificate_operation: ~azure.keyvault.v7_5.models.CertificateOperationUpdateParameter or - IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :param certificate_operation: The certificate operation response. Is one of the following + types: CertificateOperationUpdateParameter, JSON, IO[bytes] Required. + :type certificate_operation: + ~azure.keyvault.certificates.models.CertificateOperationUpdateParameter or JSON or IO[bytes] + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2575,28 +2729,28 @@ def update_certificate_operation( cls: ClsType[_models.CertificateOperation] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(certificate_operation, (IOBase, bytes)): _content = certificate_operation else: - _json = self._serialize.body(certificate_operation, "CertificateOperationUpdateParameter") + _content = json.dumps(certificate_operation, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_operation_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2605,12 +2759,18 @@ def update_certificate_operation( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2618,23 +2778,19 @@ def update_certificate_operation( return deserialized # type: ignore @distributed_trace - def get_certificate_operation( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateOperation: + def get_certificate_operation(self, certificate_name: str, **kwargs: Any) -> _models.CertificateOperation: """Gets the creation operation of a certificate. Gets the creation operation associated with a specified certificate. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2654,11 +2810,13 @@ def get_certificate_operation( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2667,12 +2825,18 @@ def get_certificate_operation( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2680,24 +2844,20 @@ def get_certificate_operation( return deserialized # type: ignore @distributed_trace - def delete_certificate_operation( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateOperation: + def delete_certificate_operation(self, certificate_name: str, **kwargs: Any) -> _models.CertificateOperation: """Deletes the creation operation for a specific certificate. Deletes the creation operation for a specified certificate that is in the process of being created. The certificate is no longer created. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2717,11 +2877,13 @@ def delete_certificate_operation( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2730,12 +2892,18 @@ def delete_certificate_operation( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2745,7 +2913,6 @@ def delete_certificate_operation( @overload def merge_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateMergeParameters, *, @@ -2758,29 +2925,43 @@ def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param parameters: The parameters to merge certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateMergeParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateMergeParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def merge_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Merges a certificate or a certificate chain with a key pair existing on the server. + + The MergeCertificate operation performs the merging of a certificate or certificate chain with + a key pair currently available in the service. This operation requires the certificates/create + permission. + + :param certificate_name: The name of the certificate. Required. + :type certificate_name: str + :param parameters: The parameters to merge certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def merge_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Merges a certificate or a certificate chain with a key pair existing on the server. @@ -2788,8 +2969,6 @@ def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param parameters: The parameters to merge certificate. Required. @@ -2797,17 +2976,16 @@ def merge_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def merge_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateMergeParameters, IO[bytes]], + parameters: Union[_models.CertificateMergeParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Merges a certificate or a certificate chain with a key pair existing on the server. @@ -2816,21 +2994,17 @@ def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :param parameters: The parameters to merge certificate. Is either a CertificateMergeParameters - type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateMergeParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to merge certificate. Is one of the following types: + CertificateMergeParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateMergeParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2845,28 +3019,28 @@ def merge_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateMergeParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_merge_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2875,12 +3049,18 @@ def merge_certificate( if response.status_code not in [201]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2888,24 +3068,20 @@ def merge_certificate( return deserialized # type: ignore @distributed_trace - def backup_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.BackupCertificateResult: + def backup_certificate(self, certificate_name: str, **kwargs: Any) -> _models.BackupCertificateResult: """Backs up the specified certificate. Requests that a backup of the specified certificate be downloaded to the client. All versions of the certificate will be downloaded. This operation requires the certificates/backup permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: BackupCertificateResult - :rtype: ~azure.keyvault.v7_5.models.BackupCertificateResult + :return: BackupCertificateResult. The BackupCertificateResult is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.BackupCertificateResult :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2925,11 +3101,13 @@ def backup_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2938,12 +3116,18 @@ def backup_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("BackupCertificateResult", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.BackupCertificateResult, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2952,73 +3136,79 @@ def backup_certificate( @overload def restore_certificate( - self, - vault_base_url: str, - parameters: _models.CertificateRestoreParameters, - *, - content_type: str = "application/json", - **kwargs: Any + self, parameters: _models.CertificateRestoreParameters, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Restores a backed up certificate to a vault. + + Restores a backed up certificate, and all its versions, to a vault. This operation requires the + certificates/restore permission. + + :param parameters: The parameters to restore the certificate. Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateRestoreParameters + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def restore_certificate( + self, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param parameters: The parameters to restore the certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateRestoreParameters + :type parameters: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload def restore_certificate( - self, vault_base_url: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any + self, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param parameters: The parameters to restore the certificate. Required. :type parameters: IO[bytes] :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace def restore_certificate( - self, vault_base_url: str, parameters: Union[_models.CertificateRestoreParameters, IO[bytes]], **kwargs: Any + self, parameters: Union[_models.CertificateRestoreParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :param parameters: The parameters to restore the certificate. Is either a - CertificateRestoreParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateRestoreParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to restore the certificate. Is one of the following types: + CertificateRestoreParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateRestoreParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -3033,27 +3223,27 @@ def restore_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateRestoreParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_restore_certificate_request( content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -3062,12 +3252,18 @@ def restore_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -3076,12 +3272,7 @@ def restore_certificate( @distributed_trace def get_deleted_certificates( - self, - vault_base_url: str, - *, - maxresults: Optional[int] = None, - include_pending: Optional[bool] = None, - **kwargs: Any + self, *, maxresults: Optional[int] = None, include_pending: Optional[bool] = None, **kwargs: Any ) -> Iterable["_models.DeletedCertificateItem"]: """Lists the deleted certificates in the specified vault currently available for recovery. @@ -3090,8 +3281,6 @@ def get_deleted_certificates( information. This operation requires the certificates/get/list permission. This operation can only be enabled on soft-delete enabled vaults. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int @@ -3099,17 +3288,16 @@ def get_deleted_certificates( provisioned. Default value is None. :paramtype include_pending: bool :return: An iterator like instance of DeletedCertificateItem - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.v7_5.models.DeletedCertificateItem] + :rtype: + ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.models.DeletedCertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.DeletedCertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.DeletedCertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -3128,7 +3316,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -3146,20 +3336,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.DeletedCertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.DeletedCertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, iter(list_of_elem) + return deserialized.get("nextLink") or None, iter(list_of_elem) def get_next(next_link=None): _request = prepare_request(next_link) @@ -3171,10 +3361,8 @@ def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -3182,24 +3370,21 @@ def get_next(next_link=None): return ItemPaged(get_next, extract_data) @distributed_trace - def get_deleted_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.DeletedCertificateBundle: + def get_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> _models.DeletedCertificateBundle: """Retrieves information about the specified deleted certificate. The GetDeletedCertificate operation retrieves the deleted certificate information plus its attributes, such as retention interval, scheduled permanent deletion and the current deletion recovery level. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: DeletedCertificateBundle - :rtype: ~azure.keyvault.v7_5.models.DeletedCertificateBundle + :return: DeletedCertificateBundle. The DeletedCertificateBundle is compatible with + MutableMapping + :rtype: ~azure.keyvault.certificates.models.DeletedCertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -3219,11 +3404,13 @@ def get_deleted_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -3232,12 +3419,18 @@ def get_deleted_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("DeletedCertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.DeletedCertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -3246,7 +3439,7 @@ def get_deleted_certificate( @distributed_trace def purge_deleted_certificate( # pylint: disable=inconsistent-return-statements - self, vault_base_url: str, certificate_name: str, **kwargs: Any + self, certificate_name: str, **kwargs: Any ) -> None: """Permanently deletes the specified deleted certificate. @@ -3254,15 +3447,13 @@ def purge_deleted_certificate( # pylint: disable=inconsistent-return-statements certificate, without possibility for recovery. The operation is not available if the recovery level does not specify 'Purgeable'. This operation requires the certificate/purge permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :return: None :rtype: None :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -3282,7 +3473,9 @@ def purge_deleted_certificate( # pylint: disable=inconsistent-return-statements params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -3294,19 +3487,15 @@ def purge_deleted_certificate( # pylint: disable=inconsistent-return-statements response = pipeline_response.http_response if response.status_code not in [204]: - if _stream: - response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) if cls: return cls(pipeline_response, None, {}) # type: ignore @distributed_trace - def recover_deleted_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateBundle: + def recover_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> _models.CertificateBundle: """Recovers the deleted certificate back to its current version under /certificates. The RecoverDeletedCertificate operation performs the reversal of the Delete operation. The @@ -3314,15 +3503,13 @@ def recover_deleted_certificate( retention interval (available in the deleted certificate's attributes). This operation requires the certificates/recover permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the deleted certificate. Required. :type certificate_name: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -3342,11 +3529,13 @@ def recover_deleted_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -3355,12 +3544,18 @@ def recover_deleted_certificate( if response.status_code not in [200]: if _stream: - response.read() # Load the body in memory and close the socket + try: + response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/_patch.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/_patch.py similarity index 100% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_operations/_patch.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_operations/_patch.py diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_patch.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_patch.py similarity index 100% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_patch.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_patch.py diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_polling.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_polling.py deleted file mode 100644 index 302b4abc87dc..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_polling.py +++ /dev/null @@ -1,61 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import logging -from typing import Any, Callable, cast, Optional, Union - -from azure.core.pipeline import PipelineResponse -from azure.core.pipeline.transport import HttpTransport -from azure.core.polling import PollingMethod -from azure.keyvault.certificates._models import KeyVaultCertificate, CertificateOperation - -logger = logging.getLogger(__name__) - - -class CreateCertificatePoller(PollingMethod): - def __init__( - self, pipeline_response: PipelineResponse, get_certificate_command: Callable, interval: int = 5 - ) -> None: - self._pipeline_response = pipeline_response - self._command: Optional[Callable] = None - self._resource: Optional[Union[CertificateOperation, KeyVaultCertificate]] = None - self._pending_certificate_op: Optional[CertificateOperation] = None - self._get_certificate_command = get_certificate_command - self._polling_interval = interval - - def _update_status(self) -> None: - self._pending_certificate_op = self._command() if self._command else None - - def initialize(self, client: Any, initial_response: Any, _: Any) -> None: - self._command = client - self._pending_certificate_op = initial_response - - def run(self) -> None: - try: - while not self.finished(): - self._update_status() - if not self.finished(): - # We should always ask the client's transport to sleep, instead of sleeping directly - transport: HttpTransport = cast(HttpTransport, self._pipeline_response.context.transport) - transport.sleep(self._polling_interval) - operation = self._pending_certificate_op - if operation and operation.status and operation.status.lower() == "completed": - self._resource = self._get_certificate_command() - else: - self._resource = self._pending_certificate_op - except Exception as e: - logger.warning(str(e)) - raise - - def finished(self) -> bool: - operation = self._pending_certificate_op - if operation and operation.issuer_name and operation.issuer_name.lower() == "unknown": - return True - return self._pending_certificate_op.status.lower() != "inprogress" # type: ignore - - def resource(self) -> Union[KeyVaultCertificate, CertificateOperation]: - return self._resource # type: ignore - - def status(self) -> str: - return self._pending_certificate_op.status.lower() # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_sdk_moniker.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_sdk_moniker.py deleted file mode 100644 index f7ac28c79e91..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_sdk_moniker.py +++ /dev/null @@ -1,7 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -from ._version import VERSION - -SDK_MONIKER = f"keyvault-certificates/{VERSION}" diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_serialization.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_serialization.py similarity index 85% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_serialization.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_serialization.py index baa661cb82d2..670738f0789c 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_serialization.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_serialization.py @@ -1,3 +1,4 @@ +# pylint: disable=too-many-lines # -------------------------------------------------------------------------- # # Copyright (c) Microsoft Corporation. All rights reserved. @@ -24,7 +25,6 @@ # # -------------------------------------------------------------------------- -# pylint: skip-file # pyright: reportUnnecessaryTypeIgnoreComment=false from base64 import b64decode, b64encode @@ -52,7 +52,6 @@ MutableMapping, Type, List, - Mapping, ) try: @@ -91,6 +90,8 @@ def deserialize_from_text(cls, data: Optional[Union[AnyStr, IO]], content_type: :param data: Input, could be bytes or stream (will be decoded with UTF8) or text :type data: str or bytes or IO :param str content_type: The content type. + :return: The deserialized data. + :rtype: object """ if hasattr(data, "read"): # Assume a stream @@ -112,7 +113,7 @@ def deserialize_from_text(cls, data: Optional[Union[AnyStr, IO]], content_type: try: return json.loads(data_as_str) except ValueError as err: - raise DeserializationError("JSON is invalid: {}".format(err), err) + raise DeserializationError("JSON is invalid: {}".format(err), err) from err elif "xml" in (content_type or []): try: @@ -144,6 +145,8 @@ def _json_attemp(data): # context otherwise. _LOGGER.critical("Wasn't XML not JSON, failing") raise DeserializationError("XML is invalid") from err + elif content_type.startswith("text/"): + return data_as_str raise DeserializationError("Cannot deserialize content-type: {}".format(content_type)) @classmethod @@ -153,6 +156,11 @@ def deserialize_from_http_generics(cls, body_bytes: Optional[Union[AnyStr, IO]], Use bytes and headers to NOT use any requests/aiohttp or whatever specific implementation. Headers will tested for "content-type" + + :param bytes body_bytes: The body of the response. + :param dict headers: The headers of the response. + :returns: The deserialized data. + :rtype: object """ # Try to use content-type from headers if available content_type = None @@ -170,13 +178,6 @@ def deserialize_from_http_generics(cls, body_bytes: Optional[Union[AnyStr, IO]], return None -try: - basestring # type: ignore - unicode_str = unicode # type: ignore -except NameError: - basestring = str - unicode_str = str - _LOGGER = logging.getLogger(__name__) try: @@ -184,80 +185,31 @@ def deserialize_from_http_generics(cls, body_bytes: Optional[Union[AnyStr, IO]], except NameError: _long_type = int - -class UTC(datetime.tzinfo): - """Time Zone info for handling UTC""" - - def utcoffset(self, dt): - """UTF offset for UTC is 0.""" - return datetime.timedelta(0) - - def tzname(self, dt): - """Timestamp representation.""" - return "Z" - - def dst(self, dt): - """No daylight saving for UTC.""" - return datetime.timedelta(hours=1) - - -try: - from datetime import timezone as _FixedOffset # type: ignore -except ImportError: # Python 2.7 - - class _FixedOffset(datetime.tzinfo): # type: ignore - """Fixed offset in minutes east from UTC. - Copy/pasted from Python doc - :param datetime.timedelta offset: offset in timedelta format - """ - - def __init__(self, offset): - self.__offset = offset - - def utcoffset(self, dt): - return self.__offset - - def tzname(self, dt): - return str(self.__offset.total_seconds() / 3600) - - def __repr__(self): - return "".format(self.tzname(None)) - - def dst(self, dt): - return datetime.timedelta(0) - - def __getinitargs__(self): - return (self.__offset,) - - -try: - from datetime import timezone - - TZ_UTC = timezone.utc -except ImportError: - TZ_UTC = UTC() # type: ignore +TZ_UTC = datetime.timezone.utc _FLATTEN = re.compile(r"(? None: self.additional_properties: Optional[Dict[str, Any]] = {} - for k in kwargs: + for k in kwargs: # pylint: disable=consider-using-dict-items if k not in self._attribute_map: _LOGGER.warning("%s is not a known attribute of class %s and will be ignored", k, self.__class__) elif k in self._validation and self._validation[k].get("readonly", False): @@ -305,13 +264,23 @@ def __init__(self, **kwargs: Any) -> None: setattr(self, k, kwargs[k]) def __eq__(self, other: Any) -> bool: - """Compare objects by comparing all attributes.""" + """Compare objects by comparing all attributes. + + :param object other: The object to compare + :returns: True if objects are equal + :rtype: bool + """ if isinstance(other, self.__class__): return self.__dict__ == other.__dict__ return False def __ne__(self, other: Any) -> bool: - """Compare objects by comparing all attributes.""" + """Compare objects by comparing all attributes. + + :param object other: The object to compare + :returns: True if objects are not equal + :rtype: bool + """ return not self.__eq__(other) def __str__(self) -> str: @@ -331,7 +300,11 @@ def is_xml_model(cls) -> bool: @classmethod def _create_xml_node(cls): - """Create XML node.""" + """Create XML node. + + :returns: The XML node + :rtype: xml.etree.ElementTree.Element + """ try: xml_map = cls._xml_map # type: ignore except AttributeError: @@ -351,7 +324,9 @@ def serialize(self, keep_readonly: bool = False, **kwargs: Any) -> JSON: :rtype: dict """ serializer = Serializer(self._infer_class_models()) - return serializer._serialize(self, keep_readonly=keep_readonly, **kwargs) # type: ignore + return serializer._serialize( # type: ignore # pylint: disable=protected-access + self, keep_readonly=keep_readonly, **kwargs + ) def as_dict( self, @@ -385,12 +360,15 @@ def my_key_transformer(key, attr_desc, value): If you want XML serialization, you can pass the kwargs is_xml=True. + :param bool keep_readonly: If you want to serialize the readonly attributes :param function key_transformer: A key transformer function. :returns: A dict JSON compatible object :rtype: dict """ serializer = Serializer(self._infer_class_models()) - return serializer._serialize(self, key_transformer=key_transformer, keep_readonly=keep_readonly, **kwargs) # type: ignore + return serializer._serialize( # type: ignore # pylint: disable=protected-access + self, key_transformer=key_transformer, keep_readonly=keep_readonly, **kwargs + ) @classmethod def _infer_class_models(cls): @@ -400,7 +378,7 @@ def _infer_class_models(cls): client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} if cls.__name__ not in client_models: raise ValueError("Not Autorest generated code") - except Exception: + except Exception: # pylint: disable=broad-exception-caught # Assume it's not Autorest generated (tests?). Add ourselves as dependencies. client_models = {cls.__name__: cls} return client_models @@ -413,6 +391,7 @@ def deserialize(cls: Type[ModelType], data: Any, content_type: Optional[str] = N :param str content_type: JSON by default, set application/xml if XML. :returns: An instance of this model :raises: DeserializationError if something went wrong + :rtype: ModelType """ deserializer = Deserializer(cls._infer_class_models()) return deserializer(cls.__name__, data, content_type=content_type) # type: ignore @@ -431,9 +410,11 @@ def from_dict( and last_rest_key_case_insensitive_extractor) :param dict data: A dict using RestAPI structure + :param function key_extractors: A key extractor function. :param str content_type: JSON by default, set application/xml if XML. :returns: An instance of this model :raises: DeserializationError if something went wrong + :rtype: ModelType """ deserializer = Deserializer(cls._infer_class_models()) deserializer.key_extractors = ( # type: ignore @@ -453,21 +434,25 @@ def _flatten_subtype(cls, key, objects): return {} result = dict(cls._subtype_map[key]) for valuetype in cls._subtype_map[key].values(): - result.update(objects[valuetype]._flatten_subtype(key, objects)) + result.update(objects[valuetype]._flatten_subtype(key, objects)) # pylint: disable=protected-access return result @classmethod def _classify(cls, response, objects): """Check the class _subtype_map for any child classes. We want to ignore any inherited _subtype_maps. - Remove the polymorphic key from the initial data. + + :param dict response: The initial data + :param dict objects: The class objects + :returns: The class to be used + :rtype: class """ for subtype_key in cls.__dict__.get("_subtype_map", {}).keys(): subtype_value = None if not isinstance(response, ET.Element): rest_api_response_key = cls._get_rest_key_parts(subtype_key)[-1] - subtype_value = response.pop(rest_api_response_key, None) or response.pop(subtype_key, None) + subtype_value = response.get(rest_api_response_key, None) or response.get(subtype_key, None) else: subtype_value = xml_key_extractor(subtype_key, cls._attribute_map[subtype_key], response) if subtype_value: @@ -506,11 +491,13 @@ def _decode_attribute_map_key(key): inside the received data. :param str key: A key string from the generated code + :returns: The decoded key + :rtype: str """ return key.replace("\\.", ".") -class Serializer(object): +class Serializer: # pylint: disable=too-many-public-methods """Request object model serializer.""" basic_types = {str: "str", int: "int", bool: "bool", float: "float"} @@ -545,7 +532,7 @@ class Serializer(object): "multiple": lambda x, y: x % y != 0, } - def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): + def __init__(self, classes: Optional[Mapping[str, type]] = None) -> None: self.serialize_type = { "iso-8601": Serializer.serialize_iso, "rfc-1123": Serializer.serialize_rfc, @@ -561,17 +548,20 @@ def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): "[]": self.serialize_iter, "{}": self.serialize_dict, } - self.dependencies: Dict[str, Type[ModelType]] = dict(classes) if classes else {} + self.dependencies: Dict[str, type] = dict(classes) if classes else {} self.key_transformer = full_restapi_key_transformer self.client_side_validation = True - def _serialize(self, target_obj, data_type=None, **kwargs): + def _serialize( # pylint: disable=too-many-nested-blocks, too-many-branches, too-many-statements, too-many-locals + self, target_obj, data_type=None, **kwargs + ): """Serialize data into a string according to type. - :param target_obj: The data to be serialized. + :param object target_obj: The data to be serialized. :param str data_type: The type to be serialized from. :rtype: str, dict :raises: SerializationError if serialization fails. + :returns: The serialized data. """ key_transformer = kwargs.get("key_transformer", self.key_transformer) keep_readonly = kwargs.get("keep_readonly", False) @@ -597,12 +587,14 @@ def _serialize(self, target_obj, data_type=None, **kwargs): serialized = {} if is_xml_model_serialization: - serialized = target_obj._create_xml_node() + serialized = target_obj._create_xml_node() # pylint: disable=protected-access try: - attributes = target_obj._attribute_map + attributes = target_obj._attribute_map # pylint: disable=protected-access for attr, attr_desc in attributes.items(): attr_name = attr - if not keep_readonly and target_obj._validation.get(attr_name, {}).get("readonly", False): + if not keep_readonly and target_obj._validation.get( # pylint: disable=protected-access + attr_name, {} + ).get("readonly", False): continue if attr_name == "additional_properties" and attr_desc["key"] == "": @@ -638,7 +630,8 @@ def _serialize(self, target_obj, data_type=None, **kwargs): if isinstance(new_attr, list): serialized.extend(new_attr) # type: ignore elif isinstance(new_attr, ET.Element): - # If the down XML has no XML/Name, we MUST replace the tag with the local tag. But keeping the namespaces. + # If the down XML has no XML/Name, + # we MUST replace the tag with the local tag. But keeping the namespaces. if "name" not in getattr(orig_attr, "_xml_map", {}): splitted_tag = new_attr.tag.split("}") if len(splitted_tag) == 2: # Namespace @@ -649,7 +642,7 @@ def _serialize(self, target_obj, data_type=None, **kwargs): else: # That's a basic type # Integrate namespace if necessary local_node = _create_xml_node(xml_name, xml_prefix, xml_ns) - local_node.text = unicode_str(new_attr) + local_node.text = str(new_attr) serialized.append(local_node) # type: ignore else: # JSON for k in reversed(keys): # type: ignore @@ -669,17 +662,17 @@ def _serialize(self, target_obj, data_type=None, **kwargs): except (AttributeError, KeyError, TypeError) as err: msg = "Attribute {} in object {} cannot be serialized.\n{}".format(attr_name, class_name, str(target_obj)) raise SerializationError(msg) from err - else: - return serialized + return serialized def body(self, data, data_type, **kwargs): """Serialize data intended for a request body. - :param data: The data to be serialized. + :param object data: The data to be serialized. :param str data_type: The type to be serialized from. :rtype: dict :raises: SerializationError if serialization fails. :raises: ValueError if data is None + :returns: The serialized request body """ # Just in case this is a dict @@ -708,7 +701,7 @@ def body(self, data, data_type, **kwargs): attribute_key_case_insensitive_extractor, last_rest_key_case_insensitive_extractor, ] - data = deserializer._deserialize(data_type, data) + data = deserializer._deserialize(data_type, data) # pylint: disable=protected-access except DeserializationError as err: raise SerializationError("Unable to build a model: " + str(err)) from err @@ -717,9 +710,11 @@ def body(self, data, data_type, **kwargs): def url(self, name, data, data_type, **kwargs): """Serialize data intended for a URL path. - :param data: The data to be serialized. + :param str name: The name of the URL path parameter. + :param object data: The data to be serialized. :param str data_type: The type to be serialized from. :rtype: str + :returns: The serialized URL path :raises: TypeError if serialization fails. :raises: ValueError if data is None """ @@ -733,21 +728,20 @@ def url(self, name, data, data_type, **kwargs): output = output.replace("{", quote("{")).replace("}", quote("}")) else: output = quote(str(output), safe="") - except SerializationError: - raise TypeError("{} must be type {}.".format(name, data_type)) - else: - return output + except SerializationError as exc: + raise TypeError("{} must be type {}.".format(name, data_type)) from exc + return output def query(self, name, data, data_type, **kwargs): """Serialize data intended for a URL query. - :param data: The data to be serialized. + :param str name: The name of the query parameter. + :param object data: The data to be serialized. :param str data_type: The type to be serialized from. - :keyword bool skip_quote: Whether to skip quote the serialized result. - Defaults to False. :rtype: str, list :raises: TypeError if serialization fails. :raises: ValueError if data is None + :returns: The serialized query parameter """ try: # Treat the list aside, since we don't want to encode the div separator @@ -764,19 +758,20 @@ def query(self, name, data, data_type, **kwargs): output = str(output) else: output = quote(str(output), safe="") - except SerializationError: - raise TypeError("{} must be type {}.".format(name, data_type)) - else: - return str(output) + except SerializationError as exc: + raise TypeError("{} must be type {}.".format(name, data_type)) from exc + return str(output) def header(self, name, data, data_type, **kwargs): """Serialize data intended for a request header. - :param data: The data to be serialized. + :param str name: The name of the header. + :param object data: The data to be serialized. :param str data_type: The type to be serialized from. :rtype: str :raises: TypeError if serialization fails. :raises: ValueError if data is None + :returns: The serialized header """ try: if data_type in ["[str]"]: @@ -785,21 +780,20 @@ def header(self, name, data, data_type, **kwargs): output = self.serialize_data(data, data_type, **kwargs) if data_type == "bool": output = json.dumps(output) - except SerializationError: - raise TypeError("{} must be type {}.".format(name, data_type)) - else: - return str(output) + except SerializationError as exc: + raise TypeError("{} must be type {}.".format(name, data_type)) from exc + return str(output) def serialize_data(self, data, data_type, **kwargs): """Serialize generic data according to supplied data type. - :param data: The data to be serialized. + :param object data: The data to be serialized. :param str data_type: The type to be serialized from. - :param bool required: Whether it's essential that the data not be - empty or None :raises: AttributeError if required data is None. :raises: ValueError if data is None :raises: SerializationError if serialization fails. + :returns: The serialized data. + :rtype: str, int, float, bool, dict, list """ if data is None: raise ValueError("No value for given attribute") @@ -810,7 +804,7 @@ def serialize_data(self, data, data_type, **kwargs): if data_type in self.basic_types.values(): return self.serialize_basic(data, data_type, **kwargs) - elif data_type in self.serialize_type: + if data_type in self.serialize_type: return self.serialize_type[data_type](data, **kwargs) # If dependencies is empty, try with current data class @@ -826,11 +820,10 @@ def serialize_data(self, data, data_type, **kwargs): except (ValueError, TypeError) as err: msg = "Unable to serialize value: {!r} as type: {!r}." raise SerializationError(msg.format(data, data_type)) from err - else: - return self._serialize(data, **kwargs) + return self._serialize(data, **kwargs) @classmethod - def _get_custom_serializers(cls, data_type, **kwargs): + def _get_custom_serializers(cls, data_type, **kwargs): # pylint: disable=inconsistent-return-statements custom_serializer = kwargs.get("basic_types_serializers", {}).get(data_type) if custom_serializer: return custom_serializer @@ -846,23 +839,26 @@ def serialize_basic(cls, data, data_type, **kwargs): - basic_types_serializers dict[str, callable] : If set, use the callable as serializer - is_xml bool : If set, use xml_basic_types_serializers - :param data: Object to be serialized. + :param obj data: Object to be serialized. :param str data_type: Type of object in the iterable. + :rtype: str, int, float, bool + :return: serialized object """ custom_serializer = cls._get_custom_serializers(data_type, **kwargs) if custom_serializer: return custom_serializer(data) if data_type == "str": return cls.serialize_unicode(data) - return eval(data_type)(data) # nosec + return eval(data_type)(data) # nosec # pylint: disable=eval-used @classmethod def serialize_unicode(cls, data): """Special handling for serializing unicode strings in Py2. Encode to UTF-8 if unicode, otherwise handle as a str. - :param data: Object to be serialized. + :param str data: Object to be serialized. :rtype: str + :return: serialized object """ try: # If I received an enum, return its value return data.value @@ -876,8 +872,7 @@ def serialize_unicode(cls, data): return data except NameError: return str(data) - else: - return str(data) + return str(data) def serialize_iter(self, data, iter_type, div=None, **kwargs): """Serialize iterable. @@ -887,15 +882,13 @@ def serialize_iter(self, data, iter_type, div=None, **kwargs): serialization_ctxt['type'] should be same as data_type. - is_xml bool : If set, serialize as XML - :param list attr: Object to be serialized. + :param list data: Object to be serialized. :param str iter_type: Type of object in the iterable. - :param bool required: Whether the objects in the iterable must - not be None or empty. :param str div: If set, this str will be used to combine the elements in the iterable into a combined string. Default is 'None'. - :keyword bool do_quote: Whether to quote the serialized result of each iterable element. Defaults to False. :rtype: list, str + :return: serialized iterable """ if isinstance(data, str): raise SerializationError("Refuse str type as a valid iter type.") @@ -950,9 +943,8 @@ def serialize_dict(self, attr, dict_type, **kwargs): :param dict attr: Object to be serialized. :param str dict_type: Type of object in the dictionary. - :param bool required: Whether the objects in the dictionary must - not be None or empty. :rtype: dict + :return: serialized dictionary """ serialization_ctxt = kwargs.get("serialization_ctxt", {}) serialized = {} @@ -976,7 +968,7 @@ def serialize_dict(self, attr, dict_type, **kwargs): return serialized - def serialize_object(self, attr, **kwargs): + def serialize_object(self, attr, **kwargs): # pylint: disable=too-many-return-statements """Serialize a generic object. This will be handled as a dictionary. If object passed in is not a basic type (str, int, float, dict, list) it will simply be @@ -984,6 +976,7 @@ def serialize_object(self, attr, **kwargs): :param dict attr: Object to be serialized. :rtype: dict or str + :return: serialized object """ if attr is None: return None @@ -994,7 +987,7 @@ def serialize_object(self, attr, **kwargs): return self.serialize_basic(attr, self.basic_types[obj_type], **kwargs) if obj_type is _long_type: return self.serialize_long(attr) - if obj_type is unicode_str: + if obj_type is str: return self.serialize_unicode(attr) if obj_type is datetime.datetime: return self.serialize_iso(attr) @@ -1008,7 +1001,7 @@ def serialize_object(self, attr, **kwargs): return self.serialize_decimal(attr) # If it's a model or I know this dependency, serialize as a Model - elif obj_type in self.dependencies.values() or isinstance(attr, Model): + if obj_type in self.dependencies.values() or isinstance(attr, Model): return self._serialize(attr) if obj_type == dict: @@ -1039,56 +1032,61 @@ def serialize_enum(attr, enum_obj=None): try: enum_obj(result) # type: ignore return result - except ValueError: + except ValueError as exc: for enum_value in enum_obj: # type: ignore if enum_value.value.lower() == str(attr).lower(): return enum_value.value error = "{!r} is not valid value for enum {!r}" - raise SerializationError(error.format(attr, enum_obj)) + raise SerializationError(error.format(attr, enum_obj)) from exc @staticmethod - def serialize_bytearray(attr, **kwargs): + def serialize_bytearray(attr, **kwargs): # pylint: disable=unused-argument """Serialize bytearray into base-64 string. - :param attr: Object to be serialized. + :param str attr: Object to be serialized. :rtype: str + :return: serialized base64 """ return b64encode(attr).decode() @staticmethod - def serialize_base64(attr, **kwargs): + def serialize_base64(attr, **kwargs): # pylint: disable=unused-argument """Serialize str into base-64 string. - :param attr: Object to be serialized. + :param str attr: Object to be serialized. :rtype: str + :return: serialized base64 """ encoded = b64encode(attr).decode("ascii") return encoded.strip("=").replace("+", "-").replace("/", "_") @staticmethod - def serialize_decimal(attr, **kwargs): + def serialize_decimal(attr, **kwargs): # pylint: disable=unused-argument """Serialize Decimal object to float. - :param attr: Object to be serialized. + :param decimal attr: Object to be serialized. :rtype: float + :return: serialized decimal """ return float(attr) @staticmethod - def serialize_long(attr, **kwargs): + def serialize_long(attr, **kwargs): # pylint: disable=unused-argument """Serialize long (Py2) or int (Py3). - :param attr: Object to be serialized. + :param int attr: Object to be serialized. :rtype: int/long + :return: serialized long """ return _long_type(attr) @staticmethod - def serialize_date(attr, **kwargs): + def serialize_date(attr, **kwargs): # pylint: disable=unused-argument """Serialize Date object into ISO-8601 formatted string. :param Date attr: Object to be serialized. :rtype: str + :return: serialized date """ if isinstance(attr, str): attr = isodate.parse_date(attr) @@ -1096,11 +1094,12 @@ def serialize_date(attr, **kwargs): return t @staticmethod - def serialize_time(attr, **kwargs): + def serialize_time(attr, **kwargs): # pylint: disable=unused-argument """Serialize Time object into ISO-8601 formatted string. :param datetime.time attr: Object to be serialized. :rtype: str + :return: serialized time """ if isinstance(attr, str): attr = isodate.parse_time(attr) @@ -1110,30 +1109,32 @@ def serialize_time(attr, **kwargs): return t @staticmethod - def serialize_duration(attr, **kwargs): + def serialize_duration(attr, **kwargs): # pylint: disable=unused-argument """Serialize TimeDelta object into ISO-8601 formatted string. :param TimeDelta attr: Object to be serialized. :rtype: str + :return: serialized duration """ if isinstance(attr, str): attr = isodate.parse_duration(attr) return isodate.duration_isoformat(attr) @staticmethod - def serialize_rfc(attr, **kwargs): + def serialize_rfc(attr, **kwargs): # pylint: disable=unused-argument """Serialize Datetime object into RFC-1123 formatted string. :param Datetime attr: Object to be serialized. :rtype: str :raises: TypeError if format invalid. + :return: serialized rfc """ try: if not attr.tzinfo: _LOGGER.warning("Datetime with no tzinfo will be considered UTC.") utc = attr.utctimetuple() - except AttributeError: - raise TypeError("RFC1123 object must be valid Datetime object.") + except AttributeError as exc: + raise TypeError("RFC1123 object must be valid Datetime object.") from exc return "{}, {:02} {} {:04} {:02}:{:02}:{:02} GMT".format( Serializer.days[utc.tm_wday], @@ -1146,12 +1147,13 @@ def serialize_rfc(attr, **kwargs): ) @staticmethod - def serialize_iso(attr, **kwargs): + def serialize_iso(attr, **kwargs): # pylint: disable=unused-argument """Serialize Datetime object into ISO-8601 formatted string. :param Datetime attr: Object to be serialized. :rtype: str :raises: SerializationError if format invalid. + :return: serialized iso """ if isinstance(attr, str): attr = isodate.parse_datetime(attr) @@ -1177,13 +1179,14 @@ def serialize_iso(attr, **kwargs): raise TypeError(msg) from err @staticmethod - def serialize_unix(attr, **kwargs): + def serialize_unix(attr, **kwargs): # pylint: disable=unused-argument """Serialize Datetime object into IntTime format. This is represented as seconds. :param Datetime attr: Object to be serialized. :rtype: int :raises: SerializationError if format invalid + :return: serialied unix """ if isinstance(attr, int): return attr @@ -1191,11 +1194,11 @@ def serialize_unix(attr, **kwargs): if not attr.tzinfo: _LOGGER.warning("Datetime with no tzinfo will be considered UTC.") return int(calendar.timegm(attr.utctimetuple())) - except AttributeError: - raise TypeError("Unix time object must be valid Datetime object.") + except AttributeError as exc: + raise TypeError("Unix time object must be valid Datetime object.") from exc -def rest_key_extractor(attr, attr_desc, data): +def rest_key_extractor(attr, attr_desc, data): # pylint: disable=unused-argument key = attr_desc["key"] working_data = data @@ -1216,7 +1219,9 @@ def rest_key_extractor(attr, attr_desc, data): return working_data.get(key) -def rest_key_case_insensitive_extractor(attr, attr_desc, data): +def rest_key_case_insensitive_extractor( # pylint: disable=unused-argument, inconsistent-return-statements + attr, attr_desc, data +): key = attr_desc["key"] working_data = data @@ -1237,17 +1242,29 @@ def rest_key_case_insensitive_extractor(attr, attr_desc, data): return attribute_key_case_insensitive_extractor(key, None, working_data) -def last_rest_key_extractor(attr, attr_desc, data): - """Extract the attribute in "data" based on the last part of the JSON path key.""" +def last_rest_key_extractor(attr, attr_desc, data): # pylint: disable=unused-argument + """Extract the attribute in "data" based on the last part of the JSON path key. + + :param str attr: The attribute to extract + :param dict attr_desc: The attribute description + :param dict data: The data to extract from + :rtype: object + :returns: The extracted attribute + """ key = attr_desc["key"] dict_keys = _FLATTEN.split(key) return attribute_key_extractor(dict_keys[-1], None, data) -def last_rest_key_case_insensitive_extractor(attr, attr_desc, data): +def last_rest_key_case_insensitive_extractor(attr, attr_desc, data): # pylint: disable=unused-argument """Extract the attribute in "data" based on the last part of the JSON path key. This is the case insensitive version of "last_rest_key_extractor" + :param str attr: The attribute to extract + :param dict attr_desc: The attribute description + :param dict data: The data to extract from + :rtype: object + :returns: The extracted attribute """ key = attr_desc["key"] dict_keys = _FLATTEN.split(key) @@ -1284,7 +1301,7 @@ def _extract_name_from_internal_type(internal_type): return xml_name -def xml_key_extractor(attr, attr_desc, data): +def xml_key_extractor(attr, attr_desc, data): # pylint: disable=unused-argument,too-many-return-statements if isinstance(data, dict): return None @@ -1336,22 +1353,21 @@ def xml_key_extractor(attr, attr_desc, data): if is_iter_type: if is_wrapped: return None # is_wrapped no node, we want None - else: - return [] # not wrapped, assume empty list + return [] # not wrapped, assume empty list return None # Assume it's not there, maybe an optional node. # If is_iter_type and not wrapped, return all found children if is_iter_type: if not is_wrapped: return children - else: # Iter and wrapped, should have found one node only (the wrap one) - if len(children) != 1: - raise DeserializationError( - "Tried to deserialize an array not wrapped, and found several nodes '{}'. Maybe you should declare this array as wrapped?".format( - xml_name - ) + # Iter and wrapped, should have found one node only (the wrap one) + if len(children) != 1: + raise DeserializationError( + "Tried to deserialize an array not wrapped, and found several nodes '{}'. Maybe you should declare this array as wrapped?".format( # pylint: disable=line-too-long + xml_name ) - return list(children[0]) # Might be empty list and that's ok. + ) + return list(children[0]) # Might be empty list and that's ok. # Here it's not a itertype, we should have found one element only or empty if len(children) > 1: @@ -1359,7 +1375,7 @@ def xml_key_extractor(attr, attr_desc, data): return children[0] -class Deserializer(object): +class Deserializer: """Response object model deserializer. :param dict classes: Class type dictionary for deserializing complex types. @@ -1368,9 +1384,9 @@ class Deserializer(object): basic_types = {str: "str", int: "int", bool: "bool", float: "float"} - valid_date = re.compile(r"\d{4}[-]\d{2}[-]\d{2}T\d{2}:\d{2}:\d{2}" r"\.?\d*Z?[-+]?[\d{2}]?:?[\d{2}]?") + valid_date = re.compile(r"\d{4}[-]\d{2}[-]\d{2}T\d{2}:\d{2}:\d{2}\.?\d*Z?[-+]?[\d{2}]?:?[\d{2}]?") - def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): + def __init__(self, classes: Optional[Mapping[str, type]] = None) -> None: self.deserialize_type = { "iso-8601": Deserializer.deserialize_iso, "rfc-1123": Deserializer.deserialize_rfc, @@ -1390,7 +1406,7 @@ def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): "duration": (isodate.Duration, datetime.timedelta), "iso-8601": (datetime.datetime), } - self.dependencies: Dict[str, Type[ModelType]] = dict(classes) if classes else {} + self.dependencies: Dict[str, type] = dict(classes) if classes else {} self.key_extractors = [rest_key_extractor, xml_key_extractor] # Additional properties only works if the "rest_key_extractor" is used to # extract the keys. Making it to work whatever the key extractor is too much @@ -1408,11 +1424,12 @@ def __call__(self, target_obj, response_data, content_type=None): :param str content_type: Swagger "produces" if available. :raises: DeserializationError if deserialization fails. :return: Deserialized object. + :rtype: object """ data = self._unpack_content(response_data, content_type) return self._deserialize(target_obj, data) - def _deserialize(self, target_obj, data): + def _deserialize(self, target_obj, data): # pylint: disable=inconsistent-return-statements """Call the deserializer on a model. Data needs to be already deserialized as JSON or XML ElementTree @@ -1421,12 +1438,13 @@ def _deserialize(self, target_obj, data): :param object data: Object to deserialize. :raises: DeserializationError if deserialization fails. :return: Deserialized object. + :rtype: object """ # This is already a model, go recursive just in case if hasattr(data, "_attribute_map"): constants = [name for name, config in getattr(data, "_validation", {}).items() if config.get("constant")] try: - for attr, mapconfig in data._attribute_map.items(): + for attr, mapconfig in data._attribute_map.items(): # pylint: disable=protected-access if attr in constants: continue value = getattr(data, attr) @@ -1443,15 +1461,15 @@ def _deserialize(self, target_obj, data): response, class_name = self._classify_target(target_obj, data) - if isinstance(response, basestring): + if isinstance(response, str): return self.deserialize_data(data, response) - elif isinstance(response, type) and issubclass(response, Enum): + if isinstance(response, type) and issubclass(response, Enum): return self.deserialize_enum(data, response) - if data is None: + if data is None or data is CoreNull: return data try: - attributes = response._attribute_map # type: ignore + attributes = response._attribute_map # type: ignore # pylint: disable=protected-access d_attrs = {} for attr, attr_desc in attributes.items(): # Check empty string. If it's not empty, someone has a real "additionalProperties"... @@ -1481,9 +1499,8 @@ def _deserialize(self, target_obj, data): except (AttributeError, TypeError, KeyError) as err: msg = "Unable to deserialize to object: " + class_name # type: ignore raise DeserializationError(msg) from err - else: - additional_properties = self._build_additional_properties(attributes, data) - return self._instantiate_model(response, d_attrs, additional_properties) + additional_properties = self._build_additional_properties(attributes, data) + return self._instantiate_model(response, d_attrs, additional_properties) def _build_additional_properties(self, attribute_map, data): if not self.additional_properties_detection: @@ -1510,18 +1527,20 @@ def _classify_target(self, target, data): :param str target: The target object type to deserialize to. :param str/dict data: The response data to deserialize. + :return: The classified target object and its class name. + :rtype: tuple """ if target is None: return None, None - if isinstance(target, basestring): + if isinstance(target, str): try: target = self.dependencies[target] except KeyError: return target, target try: - target = target._classify(data, self.dependencies) + target = target._classify(data, self.dependencies) # type: ignore # pylint: disable=protected-access except AttributeError: pass # Target is not a Model, no classify return target, target.__class__.__name__ # type: ignore @@ -1536,10 +1555,12 @@ def failsafe_deserialize(self, target_obj, data, content_type=None): :param str target_obj: The target object type to deserialize to. :param str/dict data: The response data to deserialize. :param str content_type: Swagger "produces" if available. + :return: Deserialized object. + :rtype: object """ try: return self(target_obj, data, content_type=content_type) - except: + except: # pylint: disable=bare-except _LOGGER.debug( "Ran into a deserialization error. Ignoring since this is failsafe deserialization", exc_info=True ) @@ -1557,10 +1578,12 @@ def _unpack_content(raw_data, content_type=None): If raw_data is something else, bypass all logic and return it directly. - :param raw_data: Data to be processed. - :param content_type: How to parse if raw_data is a string/bytes. + :param obj raw_data: Data to be processed. + :param str content_type: How to parse if raw_data is a string/bytes. :raises JSONDecodeError: If JSON is requested and parsing is impossible. :raises UnicodeDecodeError: If bytes is not UTF8 + :rtype: object + :return: Unpacked content. """ # Assume this is enough to detect a Pipeline Response without importing it context = getattr(raw_data, "context", {}) @@ -1577,31 +1600,42 @@ def _unpack_content(raw_data, content_type=None): if hasattr(raw_data, "_content_consumed"): return RawDeserializer.deserialize_from_http_generics(raw_data.text, raw_data.headers) - if isinstance(raw_data, (basestring, bytes)) or hasattr(raw_data, "read"): + if isinstance(raw_data, (str, bytes)) or hasattr(raw_data, "read"): return RawDeserializer.deserialize_from_text(raw_data, content_type) # type: ignore return raw_data def _instantiate_model(self, response, attrs, additional_properties=None): """Instantiate a response model passing in deserialized args. - :param response: The response model class. - :param d_attrs: The deserialized response attributes. + :param Response response: The response model class. + :param dict attrs: The deserialized response attributes. + :param dict additional_properties: Additional properties to be set. + :rtype: Response + :return: The instantiated response model. """ if callable(response): subtype = getattr(response, "_subtype_map", {}) try: - readonly = [k for k, v in response._validation.items() if v.get("readonly")] - const = [k for k, v in response._validation.items() if v.get("constant")] + readonly = [ + k + for k, v in response._validation.items() # pylint: disable=protected-access # type: ignore + if v.get("readonly") + ] + const = [ + k + for k, v in response._validation.items() # pylint: disable=protected-access # type: ignore + if v.get("constant") + ] kwargs = {k: v for k, v in attrs.items() if k not in subtype and k not in readonly + const} response_obj = response(**kwargs) for attr in readonly: setattr(response_obj, attr, attrs.get(attr)) if additional_properties: - response_obj.additional_properties = additional_properties + response_obj.additional_properties = additional_properties # type: ignore return response_obj except TypeError as err: msg = "Unable to deserialize {} into model {}. ".format(kwargs, response) # type: ignore - raise DeserializationError(msg + str(err)) + raise DeserializationError(msg + str(err)) from err else: try: for attr, value in attrs.items(): @@ -1610,15 +1644,16 @@ def _instantiate_model(self, response, attrs, additional_properties=None): except Exception as exp: msg = "Unable to populate response model. " msg += "Type: {}, Error: {}".format(type(response), exp) - raise DeserializationError(msg) + raise DeserializationError(msg) from exp - def deserialize_data(self, data, data_type): + def deserialize_data(self, data, data_type): # pylint: disable=too-many-return-statements """Process data for deserialization according to data type. :param str data: The response string to be deserialized. :param str data_type: The type to deserialize to. :raises: DeserializationError if deserialization fails. :return: Deserialized object. + :rtype: object """ if data is None: return data @@ -1632,7 +1667,11 @@ def deserialize_data(self, data, data_type): if isinstance(data, self.deserialize_expected_types.get(data_type, tuple())): return data - is_a_text_parsing_type = lambda x: x not in ["object", "[]", r"{}"] + is_a_text_parsing_type = lambda x: x not in [ # pylint: disable=unnecessary-lambda-assignment + "object", + "[]", + r"{}", + ] if isinstance(data, ET.Element) and is_a_text_parsing_type(data_type) and not data.text: return None data_val = self.deserialize_type[data_type](data) @@ -1652,14 +1691,14 @@ def deserialize_data(self, data, data_type): msg = "Unable to deserialize response data." msg += " Data: {}, {}".format(data, data_type) raise DeserializationError(msg) from err - else: - return self._deserialize(obj_type, data) + return self._deserialize(obj_type, data) def deserialize_iter(self, attr, iter_type): """Deserialize an iterable. :param list attr: Iterable to be deserialized. :param str iter_type: The type of object in the iterable. + :return: Deserialized iterable. :rtype: list """ if attr is None: @@ -1676,6 +1715,7 @@ def deserialize_dict(self, attr, dict_type): :param dict/list attr: Dictionary to be deserialized. Also accepts a list of key, value pairs. :param str dict_type: The object type of the items in the dictionary. + :return: Deserialized dictionary. :rtype: dict """ if isinstance(attr, list): @@ -1686,11 +1726,12 @@ def deserialize_dict(self, attr, dict_type): attr = {el.tag: el.text for el in attr} return {k: self.deserialize_data(v, dict_type) for k, v in attr.items()} - def deserialize_object(self, attr, **kwargs): + def deserialize_object(self, attr, **kwargs): # pylint: disable=too-many-return-statements """Deserialize a generic object. This will be handled as a dictionary. :param dict attr: Dictionary to be deserialized. + :return: Deserialized object. :rtype: dict :raises: TypeError if non-builtin datatype encountered. """ @@ -1699,7 +1740,7 @@ def deserialize_object(self, attr, **kwargs): if isinstance(attr, ET.Element): # Do no recurse on XML, just return the tree as-is return attr - if isinstance(attr, basestring): + if isinstance(attr, str): return self.deserialize_basic(attr, "str") obj_type = type(attr) if obj_type in self.basic_types: @@ -1725,11 +1766,10 @@ def deserialize_object(self, attr, **kwargs): pass return deserialized - else: - error = "Cannot deserialize generic object with type: " - raise TypeError(error + str(obj_type)) + error = "Cannot deserialize generic object with type: " + raise TypeError(error + str(obj_type)) - def deserialize_basic(self, attr, data_type): + def deserialize_basic(self, attr, data_type): # pylint: disable=too-many-return-statements """Deserialize basic builtin data type from string. Will attempt to convert to str, int, float and bool. This function will also accept '1', '0', 'true' and 'false' as @@ -1737,6 +1777,7 @@ def deserialize_basic(self, attr, data_type): :param str attr: response string to be deserialized. :param str data_type: deserialization data type. + :return: Deserialized basic type. :rtype: str, int, float or bool :raises: TypeError if string format is not valid. """ @@ -1748,24 +1789,23 @@ def deserialize_basic(self, attr, data_type): if data_type == "str": # None or '', node is empty string. return "" - else: - # None or '', node with a strong type is None. - # Don't try to model "empty bool" or "empty int" - return None + # None or '', node with a strong type is None. + # Don't try to model "empty bool" or "empty int" + return None if data_type == "bool": if attr in [True, False, 1, 0]: return bool(attr) - elif isinstance(attr, basestring): + if isinstance(attr, str): if attr.lower() in ["true", "1"]: return True - elif attr.lower() in ["false", "0"]: + if attr.lower() in ["false", "0"]: return False raise TypeError("Invalid boolean value: {}".format(attr)) if data_type == "str": return self.deserialize_unicode(attr) - return eval(data_type)(attr) # nosec + return eval(data_type)(attr) # nosec # pylint: disable=eval-used @staticmethod def deserialize_unicode(data): @@ -1773,6 +1813,7 @@ def deserialize_unicode(data): as a string. :param str data: response string to be deserialized. + :return: Deserialized string. :rtype: str or unicode """ # We might be here because we have an enum modeled as string, @@ -1786,8 +1827,7 @@ def deserialize_unicode(data): return data except NameError: return str(data) - else: - return str(data) + return str(data) @staticmethod def deserialize_enum(data, enum_obj): @@ -1799,6 +1839,7 @@ def deserialize_enum(data, enum_obj): :param str data: Response string to be deserialized. If this value is None or invalid it will be returned as-is. :param Enum enum_obj: Enum object to deserialize to. + :return: Deserialized enum object. :rtype: Enum """ if isinstance(data, enum_obj) or data is None: @@ -1809,9 +1850,9 @@ def deserialize_enum(data, enum_obj): # Workaround. We might consider remove it in the future. try: return list(enum_obj.__members__.values())[data] - except IndexError: + except IndexError as exc: error = "{!r} is not a valid index for enum {!r}" - raise DeserializationError(error.format(data, enum_obj)) + raise DeserializationError(error.format(data, enum_obj)) from exc try: return enum_obj(str(data)) except ValueError: @@ -1827,6 +1868,7 @@ def deserialize_bytearray(attr): """Deserialize string into bytearray. :param str attr: response string to be deserialized. + :return: Deserialized bytearray :rtype: bytearray :raises: TypeError if string format invalid. """ @@ -1839,6 +1881,7 @@ def deserialize_base64(attr): """Deserialize base64 encoded string into string. :param str attr: response string to be deserialized. + :return: Deserialized base64 string :rtype: bytearray :raises: TypeError if string format invalid. """ @@ -1854,8 +1897,9 @@ def deserialize_decimal(attr): """Deserialize string into Decimal object. :param str attr: response string to be deserialized. - :rtype: Decimal + :return: Deserialized decimal :raises: DeserializationError if string format invalid. + :rtype: decimal """ if isinstance(attr, ET.Element): attr = attr.text @@ -1870,6 +1914,7 @@ def deserialize_long(attr): """Deserialize string into long (Py2) or int (Py3). :param str attr: response string to be deserialized. + :return: Deserialized int :rtype: long or int :raises: ValueError if string format invalid. """ @@ -1882,6 +1927,7 @@ def deserialize_duration(attr): """Deserialize ISO-8601 formatted string into TimeDelta object. :param str attr: response string to be deserialized. + :return: Deserialized duration :rtype: TimeDelta :raises: DeserializationError if string format invalid. """ @@ -1892,14 +1938,14 @@ def deserialize_duration(attr): except (ValueError, OverflowError, AttributeError) as err: msg = "Cannot deserialize duration object." raise DeserializationError(msg) from err - else: - return duration + return duration @staticmethod def deserialize_date(attr): """Deserialize ISO-8601 formatted string into Date object. :param str attr: response string to be deserialized. + :return: Deserialized date :rtype: Date :raises: DeserializationError if string format invalid. """ @@ -1915,6 +1961,7 @@ def deserialize_time(attr): """Deserialize ISO-8601 formatted string into time object. :param str attr: response string to be deserialized. + :return: Deserialized time :rtype: datetime.time :raises: DeserializationError if string format invalid. """ @@ -1929,6 +1976,7 @@ def deserialize_rfc(attr): """Deserialize RFC-1123 formatted string into Datetime object. :param str attr: response string to be deserialized. + :return: Deserialized RFC datetime :rtype: Datetime :raises: DeserializationError if string format invalid. """ @@ -1937,21 +1985,21 @@ def deserialize_rfc(attr): try: parsed_date = email.utils.parsedate_tz(attr) # type: ignore date_obj = datetime.datetime( - *parsed_date[:6], tzinfo=_FixedOffset(datetime.timedelta(minutes=(parsed_date[9] or 0) / 60)) + *parsed_date[:6], tzinfo=datetime.timezone(datetime.timedelta(minutes=(parsed_date[9] or 0) / 60)) ) if not date_obj.tzinfo: date_obj = date_obj.astimezone(tz=TZ_UTC) except ValueError as err: msg = "Cannot deserialize to rfc datetime object." raise DeserializationError(msg) from err - else: - return date_obj + return date_obj @staticmethod def deserialize_iso(attr): """Deserialize ISO-8601 formatted string into Datetime object. :param str attr: response string to be deserialized. + :return: Deserialized ISO datetime :rtype: Datetime :raises: DeserializationError if string format invalid. """ @@ -1981,8 +2029,7 @@ def deserialize_iso(attr): except (ValueError, OverflowError, AttributeError) as err: msg = "Cannot deserialize datetime object." raise DeserializationError(msg) from err - else: - return date_obj + return date_obj @staticmethod def deserialize_unix(attr): @@ -1990,6 +2037,7 @@ def deserialize_unix(attr): This is represented as seconds. :param int attr: Object to be serialized. + :return: Deserialized datetime :rtype: Datetime :raises: DeserializationError if format invalid """ @@ -2001,5 +2049,4 @@ def deserialize_unix(attr): except ValueError as err: msg = "Cannot deserialize to unix datetime object." raise DeserializationError(msg) from err - else: - return date_obj + return date_obj diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/__init__.py deleted file mode 100644 index 4bcf3faed073..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/__init__.py +++ /dev/null @@ -1,77 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -from typing import Optional -from urllib import parse - -from .challenge_auth_policy import ChallengeAuthPolicy -from .client_base import KeyVaultClientBase -from .http_challenge import HttpChallenge -from . import http_challenge_cache - -HttpChallengeCache = http_challenge_cache # to avoid aliasing pylint error (C4745) - - -__all__ = [ - "ChallengeAuthPolicy", - "HttpChallenge", - "HttpChallengeCache", - "KeyVaultClientBase", -] - -class KeyVaultResourceId(): - """Represents a Key Vault identifier and its parsed contents. - - :param str source_id: The complete identifier received from Key Vault - :param str vault_url: The vault URL - :param str name: The name extracted from the ID - :param str version: The version extracted from the ID - """ - - def __init__( - self, - source_id: str, - vault_url: str, - name: str, - version: "Optional[str]" = None, - ) -> None: - self.source_id = source_id - self.vault_url = vault_url - self.name = name - self.version = version - - -def parse_key_vault_id(source_id: str) -> KeyVaultResourceId: - try: - parsed_uri = parse.urlparse(source_id) - except Exception as exc: - raise ValueError(f"'{source_id}' is not a valid ID") from exc - if not (parsed_uri.scheme and parsed_uri.hostname): - raise ValueError(f"'{source_id}' is not a valid ID") - - path = list(filter(None, parsed_uri.path.split("/"))) - - if len(path) < 2 or len(path) > 3: - raise ValueError(f"'{source_id}' is not a valid ID") - - vault_url = f"{parsed_uri.scheme}://{parsed_uri.hostname}" - if parsed_uri.port: - vault_url += f":{parsed_uri.port}" - - return KeyVaultResourceId( - source_id=source_id, - vault_url=vault_url, - name=path[1], - version=path[2] if len(path) == 3 else None, - ) - - -try: - # pylint:disable=unused-import - from .async_challenge_auth_policy import AsyncChallengeAuthPolicy - from .async_client_base import AsyncKeyVaultClientBase - - __all__.extend(["AsyncChallengeAuthPolicy", "AsyncKeyVaultClientBase"]) -except (SyntaxError, ImportError): - pass diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling.py deleted file mode 100644 index d4b83a0eca57..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling.py +++ /dev/null @@ -1,142 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import logging -import threading -import uuid -from typing import Any, Callable, cast, Optional - -from azure.core.exceptions import ResourceNotFoundError, HttpResponseError -from azure.core.pipeline import PipelineResponse -from azure.core.pipeline.transport import HttpTransport -from azure.core.polling import PollingMethod, LROPoller, NoPolling - -from azure.core.tracing.decorator import distributed_trace -from azure.core.tracing.common import with_current_context - -logger = logging.getLogger(__name__) - - -class KeyVaultOperationPoller(LROPoller): - """Poller for long running operations where calling result() doesn't wait for operation to complete. - - :param polling_method: The poller's polling method. - :type polling_method: ~azure.core.polling.PollingMethod - """ - - def __init__(self, polling_method: PollingMethod) -> None: - super(KeyVaultOperationPoller, self).__init__(None, None, lambda *_: None, NoPolling()) - self._polling_method = polling_method - - # pylint: disable=arguments-differ - def result(self) -> "Any": # type: ignore - """Returns a representation of the final resource without waiting for the operation to complete. - - :returns: The deserialized resource of the long running operation - :rtype: Any - - :raises ~azure.core.exceptions.HttpResponseError: Server problem with the query. - """ - return self._polling_method.resource() - - @distributed_trace - def wait(self, timeout: Optional[float] = None) -> None: - """Wait on the long running operation for a number of seconds. - - You can check if this call has ended with timeout with the "done()" method. - - :param float timeout: Period of time to wait for the long running operation to complete (in seconds). - - :raises ~azure.core.exceptions.HttpResponseError: Server problem with the query. - """ - - if not self._polling_method.finished(): - self._done = threading.Event() - self._thread = threading.Thread( - target=with_current_context(self._start), name=f"KeyVaultOperationPoller({uuid.uuid4()})" - ) - self._thread.daemon = True - self._thread.start() - - if self._thread is None: - return - self._thread.join(timeout=timeout) - try: - # Let's handle possible None in forgiveness here - raise self._exception # type: ignore - except TypeError: # Was None - pass - - -class DeleteRecoverPollingMethod(PollingMethod): - """Poller for deleting resources, and recovering deleted resources, in vaults with soft-delete enabled. - - This works by polling for the existence of the deleted or recovered resource. When a resource is deleted, Key Vault - immediately removes it from its collection. However, the resource will not immediately appear in the deleted - collection. Key Vault will therefore respond 404 to GET requests for the deleted resource; when it responds 2xx, - the resource exists in the deleted collection i.e. its deletion is complete. - - Similarly, while recovering a deleted resource, Key Vault will respond 404 to GET requests for the non-deleted - resource; when it responds 2xx, the resource exists in the non-deleted collection, i.e. its recovery is complete. - - :param pipeline_response: The operation's original pipeline response. - :type pipeline_response: PipelineResponse - :param command: A callable to invoke when polling. - :type command: Callable - :param final_resource: The final resource returned by the polling operation. - :type final_resource: Any - :param bool finished: Whether or not the polling operation is completed. - :param int interval: The polling interval, in seconds. - """ - def __init__( - self, - pipeline_response: PipelineResponse, - command: Callable, - final_resource: Any, - finished: bool, - interval: int = 2 - ) -> None: - self._pipeline_response = pipeline_response - self._command = command - self._resource = final_resource - self._polling_interval = interval - self._finished = finished - - def _update_status(self) -> None: - try: - self._command() - self._finished = True - except ResourceNotFoundError: - pass - except HttpResponseError as e: - # If we are polling on get_deleted_* and we don't have get permissions, we will get - # ResourceNotFoundError until the resource is recovered, at which point we'll get a 403. - if e.status_code == 403: - self._finished = True - else: - raise - - def initialize(self, client: Any, initial_response: Any, deserialization_callback: Callable) -> None: - pass - - def run(self) -> None: - try: - while not self.finished(): - self._update_status() - if not self.finished(): - # We should always ask the client's transport to sleep, instead of sleeping directly - transport: HttpTransport = cast(HttpTransport, self._pipeline_response.context.transport) - transport.sleep(self._polling_interval) - except Exception as e: - logger.warning(str(e)) - raise - - def finished(self) -> bool: - return self._finished - - def resource(self) -> Any: - return self._resource - - def status(self) -> str: - return "finished" if self._finished else "polling" diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling_async.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling_async.py deleted file mode 100644 index a089567b7c1f..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/_polling_async.py +++ /dev/null @@ -1,87 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import logging -from typing import Any, Callable, cast - -from azure.core.exceptions import ResourceNotFoundError, HttpResponseError -from azure.core.pipeline import PipelineResponse -from azure.core.pipeline.transport import AsyncHttpTransport -from azure.core.polling import AsyncPollingMethod - -logger = logging.getLogger(__name__) - - -class AsyncDeleteRecoverPollingMethod(AsyncPollingMethod): - """Poller for deleting resources, and recovering deleted resources, in vaults with soft-delete enabled. - - This works by polling for the existence of the deleted or recovered resource. When a resource is deleted, Key Vault - immediately removes it from its collection. However, the resource will not immediately appear in the deleted - collection. Key Vault will therefore respond 404 to GET requests for the deleted resource; when it responds 2xx, - the resource exists in the deleted collection i.e. its deletion is complete. - - Similarly, while recovering a deleted resource, Key Vault will respond 404 to GET requests for the non-deleted - resource; when it responds 2xx, the resource exists in the non-deleted collection, i.e. its recovery is complete. - - :param pipeline_response: The operation's original pipeline response. - :type pipeline_response: PipelineResponse - :param command: An awaitable to invoke when polling. - :type command: Callable - :param final_resource: The final resource returned by the polling operation. - :type final_resource: Any - :param bool finished: Whether or not the polling operation is completed. - :param int interval: The polling interval, in seconds. - """ - - def __init__( - self, - pipeline_response: PipelineResponse, - command: Callable, - final_resource: Any, - finished: bool, - interval: int = 2 - ) -> None: - self._pipeline_response = pipeline_response - self._command = command - self._resource = final_resource - self._polling_interval = interval - self._finished = finished - - def initialize(self, client, initial_response, deserialization_callback): - pass - - async def _update_status(self) -> None: - try: - await self._command() - self._finished = True - except ResourceNotFoundError: - pass - except HttpResponseError as e: - # If we are polling on get_deleted_* and we don't have get permissions, we will get - # ResourceNotFoundError until the resource is recovered, at which point we'll get a 403. - if e.status_code == 403: - self._finished = True - else: - raise - - async def run(self) -> None: - try: - while not self.finished(): - await self._update_status() - if not self.finished(): - # We should always ask the client's transport to sleep, instead of sleeping directly - transport: AsyncHttpTransport = cast(AsyncHttpTransport, self._pipeline_response.context.transport) - await transport.sleep(self._polling_interval) - except Exception as e: - logger.warning(str(e)) - raise - - def finished(self) -> bool: - return self._finished - - def resource(self) -> Any: - return self._resource - - def status(self) -> str: - return "finished" if self._finished else "polling" diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py deleted file mode 100644 index dad851f8f58c..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_challenge_auth_policy.py +++ /dev/null @@ -1,262 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -"""Policy implementing Key Vault's challenge authentication protocol. - -Normally the protocol is only used for the client's first service request, upon which: -1. The challenge authentication policy sends a copy of the request, without authorization or content. -2. Key Vault responds 401 with a header (the 'challenge') detailing how the client should authenticate such a request. -3. The policy authenticates according to the challenge and sends the original request with authorization. - -The policy caches the challenge and thus knows how to authenticate future requests. However, authentication -requirements can change. For example, a vault may move to a new tenant. In such a case the policy will attempt the -protocol again. -""" - -from copy import deepcopy -import sys -import time -from typing import Any, Callable, cast, Optional, overload, TypeVar, Union -from urllib.parse import urlparse - -from typing_extensions import ParamSpec - -from azure.core.credentials import AccessToken, AccessTokenInfo, TokenRequestOptions -from azure.core.credentials_async import AsyncSupportsTokenInfo, AsyncTokenCredential, AsyncTokenProvider -from azure.core.pipeline import PipelineRequest, PipelineResponse -from azure.core.pipeline.policies import AsyncBearerTokenCredentialPolicy -from azure.core.rest import AsyncHttpResponse, HttpRequest - -from .http_challenge import HttpChallenge -from . import http_challenge_cache as ChallengeCache -from .challenge_auth_policy import _enforce_tls, _has_claims, _update_challenge - -if sys.version_info < (3, 9): - from typing import Awaitable -else: - from collections.abc import Awaitable - - -P = ParamSpec("P") -T = TypeVar("T") - - -@overload -async def await_result(func: Callable[P, Awaitable[T]], *args: P.args, **kwargs: P.kwargs) -> T: ... - - -@overload -async def await_result(func: Callable[P, T], *args: P.args, **kwargs: P.kwargs) -> T: ... - - -async def await_result(func: Callable[P, Union[T, Awaitable[T]]], *args: P.args, **kwargs: P.kwargs) -> T: - """If func returns an awaitable, await it. - - :param func: The function to run. - :type func: callable - :param args: The positional arguments to pass to the function. - :type args: list - :rtype: any - :return: The result of the function - """ - result = func(*args, **kwargs) - if isinstance(result, Awaitable): - return await result - return result - - -class AsyncChallengeAuthPolicy(AsyncBearerTokenCredentialPolicy): - """Policy for handling HTTP authentication challenges. - - :param credential: An object which can provide an access token for the vault, such as a credential from - :mod:`azure.identity.aio` - :type credential: ~azure.core.credentials_async.AsyncTokenProvider - """ - - def __init__(self, credential: AsyncTokenProvider, *scopes: str, **kwargs: Any) -> None: - # Pass `enable_cae` so `enable_cae=True` is always passed through self.authorize_request - super().__init__(credential, *scopes, enable_cae=True, **kwargs) - self._credential: AsyncTokenProvider = credential - self._token: Optional[Union["AccessToken", "AccessTokenInfo"]] = None - self._verify_challenge_resource = kwargs.pop("verify_challenge_resource", True) - self._request_copy: Optional[HttpRequest] = None - - async def send( - self, request: PipelineRequest[HttpRequest] - ) -> PipelineResponse[HttpRequest, AsyncHttpResponse]: - """Authorize request with a bearer token and send it to the next policy. - - We implement this method to account for the valid scenario where a Key Vault authentication challenge is - immediately followed by a CAE claims challenge. The base class's implementation would return the second 401 to - the caller, but we should handle that second challenge as well (and only return any third 401 response). - - :param request: The pipeline request object - :type request: ~azure.core.pipeline.PipelineRequest - :return: The pipeline response object - :rtype: ~azure.core.pipeline.PipelineResponse - """ - await await_result(self.on_request, request) - response: PipelineResponse[HttpRequest, AsyncHttpResponse] - try: - response = await self.next.send(request) - except Exception: # pylint:disable=broad-except - await await_result(self.on_exception, request) - raise - await await_result(self.on_response, request, response) - - if response.http_response.status_code == 401: - return await self.handle_challenge_flow(request, response) - return response - - async def handle_challenge_flow( - self, - request: PipelineRequest[HttpRequest], - response: PipelineResponse[HttpRequest, AsyncHttpResponse], - consecutive_challenge: bool = False, - ) -> PipelineResponse[HttpRequest, AsyncHttpResponse]: - """Handle the challenge flow of Key Vault and CAE authentication. - - :param request: The pipeline request object - :type request: ~azure.core.pipeline.PipelineRequest - :param response: The pipeline response object - :type response: ~azure.core.pipeline.PipelineResponse - :param bool consecutive_challenge: Whether the challenge is arriving immediately after another challenge. - Consecutive challenges can only be valid if a Key Vault challenge is followed by a CAE claims challenge. - True if the preceding challenge was a Key Vault challenge; False otherwise. - - :return: The pipeline response object - :rtype: ~azure.core.pipeline.PipelineResponse - """ - self._token = None # any cached token is invalid - if "WWW-Authenticate" in response.http_response.headers: - # If the previous challenge was a KV challenge and this one is too, return the 401 - claims_challenge = _has_claims(response.http_response.headers["WWW-Authenticate"]) - if consecutive_challenge and not claims_challenge: - return response - - request_authorized = await self.on_challenge(request, response) - if request_authorized: - # if we receive a challenge response, we retrieve a new token - # which matches the new target. In this case, we don't want to remove - # token from the request so clear the 'insecure_domain_change' tag - request.context.options.pop("insecure_domain_change", False) - try: - response = await self.next.send(request) - except Exception: # pylint:disable=broad-except - await await_result(self.on_exception, request) - raise - - # If consecutive_challenge == True, this could be a third consecutive 401 - if response.http_response.status_code == 401 and not consecutive_challenge: - # If the previous challenge wasn't from CAE, we can try this function one more time - if not claims_challenge: - return await self.handle_challenge_flow(request, response, consecutive_challenge=True) - await await_result(self.on_response, request, response) - return response - - - async def on_request(self, request: PipelineRequest) -> None: - _enforce_tls(request) - challenge = ChallengeCache.get_challenge_for_url(request.http_request.url) - if challenge: - # Note that if the vault has moved to a new tenant since our last request for it, this request will fail. - if self._need_new_token(): - # azure-identity credentials require an AADv2 scope but the challenge may specify an AADv1 resource - scope = challenge.get_scope() or challenge.get_resource() + "/.default" - await self._request_kv_token(scope, challenge) - - bearer_token = cast(Union[AccessToken, AccessTokenInfo], self._token).token - request.http_request.headers["Authorization"] = f"Bearer {bearer_token}" - return - - # else: discover authentication information by eliciting a challenge from Key Vault. Remove any request data, - # saving it for later. Key Vault will reject the request as unauthorized and respond with a challenge. - # on_challenge will parse that challenge, use the original request including the body, authorize the - # request, and tell super to send it again. - if request.http_request.content: - self._request_copy = request.http_request - bodiless_request = HttpRequest( - method=request.http_request.method, - url=request.http_request.url, - headers=deepcopy(request.http_request.headers), - ) - bodiless_request.headers["Content-Length"] = "0" - request.http_request = bodiless_request - - - async def on_challenge(self, request: PipelineRequest, response: PipelineResponse) -> bool: - try: - # CAE challenges may not include a scope or tenant; cache from the previous challenge to use if necessary - old_scope: Optional[str] = None - old_tenant: Optional[str] = None - cached_challenge = ChallengeCache.get_challenge_for_url(request.http_request.url) - if cached_challenge: - old_scope = cached_challenge.get_scope() or cached_challenge.get_resource() + "/.default" - old_tenant = cached_challenge.tenant_id - - challenge = _update_challenge(request, response) - # CAE challenges may not include a scope or tenant; use the previous challenge's values if necessary - if challenge.claims and old_scope: - challenge._parameters["scope"] = old_scope # pylint:disable=protected-access - challenge.tenant_id = old_tenant - # azure-identity credentials require an AADv2 scope but the challenge may specify an AADv1 resource - scope = challenge.get_scope() or challenge.get_resource() + "/.default" - except ValueError: - return False - - if self._verify_challenge_resource: - resource_domain = urlparse(scope).netloc - if not resource_domain: - raise ValueError(f"The challenge contains invalid scope '{scope}'.") - - request_domain = urlparse(request.http_request.url).netloc - if not request_domain.lower().endswith(f".{resource_domain.lower()}"): - raise ValueError( - f"The challenge resource '{resource_domain}' does not match the requested domain. Pass " - "`verify_challenge_resource=False` to your client's constructor to disable this verification. " - "See https://aka.ms/azsdk/blog/vault-uri for more information." - ) - - # If we had created a request copy in on_request, use it now to send along the original body content - if self._request_copy: - request.http_request = self._request_copy - - # The tenant parsed from AD FS challenges is "adfs"; we don't actually need a tenant for AD FS authentication - # For AD FS we skip cross-tenant authentication per https://github.com/Azure/azure-sdk-for-python/issues/28648 - if challenge.tenant_id and challenge.tenant_id.lower().endswith("adfs"): - await self.authorize_request(request, scope, claims=challenge.claims) - else: - await self.authorize_request( - request, scope, claims=challenge.claims, tenant_id=challenge.tenant_id - ) - - return True - - def _need_new_token(self) -> bool: - now = time.time() - refresh_on = getattr(self._token, "refresh_on", None) - return not self._token or (refresh_on and refresh_on <= now) or self._token.expires_on - now < 300 - - async def _request_kv_token(self, scope: str, challenge: HttpChallenge) -> None: - """Implementation of BearerTokenCredentialPolicy's _request_token method, but specific to Key Vault. - - :param str scope: The scope for which to request a token. - :param challenge: The challenge for the request being made. - :type challenge: HttpChallenge - """ - # Exclude tenant for AD FS authentication - exclude_tenant = challenge.tenant_id and challenge.tenant_id.lower().endswith("adfs") - # The AsyncSupportsTokenInfo protocol needs TokenRequestOptions for token requests instead of kwargs - if hasattr(self._credential, "get_token_info"): - options: TokenRequestOptions = {"enable_cae": True} - if challenge.tenant_id and not exclude_tenant: - options["tenant_id"] = challenge.tenant_id - self._token = await cast(AsyncSupportsTokenInfo, self._credential).get_token_info(scope, options=options) - else: - if exclude_tenant: - self._token = await self._credential.get_token(scope, enable_cae=True) - else: - self._token = await cast(AsyncTokenCredential, self._credential).get_token( - scope, tenant_id=challenge.tenant_id, enable_cae=True - ) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_client_base.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_client_base.py deleted file mode 100644 index 08fb1c9f668e..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/async_client_base.py +++ /dev/null @@ -1,115 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import sys -from typing import Any - -from azure.core.credentials_async import AsyncTokenCredential -from azure.core.pipeline.policies import HttpLoggingPolicy -from azure.core.rest import AsyncHttpResponse, HttpRequest -from azure.core.tracing.decorator_async import distributed_trace_async - -from . import AsyncChallengeAuthPolicy -from .client_base import ApiVersion, DEFAULT_VERSION, _format_api_version, _SERIALIZER -from .._sdk_moniker import SDK_MONIKER -from .._generated.aio import KeyVaultClient as _KeyVaultClient -from .._generated import models as _models - -if sys.version_info < (3, 9): - from typing import Awaitable -else: - from collections.abc import Awaitable - - -class AsyncKeyVaultClientBase(object): - # pylint:disable=protected-access - def __init__(self, vault_url: str, credential: AsyncTokenCredential, **kwargs: Any) -> None: - if not credential: - raise ValueError( - "credential should be an object supporting the AsyncTokenCredential protocol, " - "such as a credential from azure-identity" - ) - if not vault_url: - raise ValueError("vault_url must be the URL of an Azure Key Vault") - - try: - self.api_version = kwargs.pop("api_version", DEFAULT_VERSION) - # If API version was provided as an enum value, need to make a plain string for 3.11 compatibility - if hasattr(self.api_version, "value"): - self.api_version = self.api_version.value - self._vault_url = vault_url.strip(" /") - - client = kwargs.get("generated_client") - if client: - # caller provided a configured client -> only models left to initialize - self._client = client - models = kwargs.get("generated_models") - self._models = models or _models - return - - http_logging_policy = HttpLoggingPolicy(**kwargs) - http_logging_policy.allowed_header_names.update( - {"x-ms-keyvault-network-info", "x-ms-keyvault-region", "x-ms-keyvault-service-version"} - ) - - verify_challenge = kwargs.pop("verify_challenge_resource", True) - self._client = _KeyVaultClient( - api_version=self.api_version, - authentication_policy=AsyncChallengeAuthPolicy(credential, verify_challenge_resource=verify_challenge), - sdk_moniker=SDK_MONIKER, - http_logging_policy=http_logging_policy, - **kwargs - ) - self._models = _models - except ValueError as exc: - # Ignore pyright error that comes from not identifying ApiVersion as an iterable enum - raise NotImplementedError( - f"This package doesn't support API version '{self.api_version}'. " - + "Supported versions: " - + f"{', '.join(v.value for v in ApiVersion)}" # pyright: ignore[reportGeneralTypeIssues] - ) from exc - - @property - def vault_url(self) -> str: - return self._vault_url - - async def __aenter__(self) -> "AsyncKeyVaultClientBase": - await self._client.__aenter__() - return self - - async def __aexit__(self, *args: Any) -> None: - await self._client.__aexit__(*args) - - async def close(self) -> None: - """Close sockets opened by the client. - - Calling this method is unnecessary when using the client as a context manager. - """ - await self._client.close() - - @distributed_trace_async - def send_request( - self, request: HttpRequest, *, stream: bool = False, **kwargs: Any - ) -> Awaitable[AsyncHttpResponse]: - """Runs a network request using the client's existing pipeline. - - The request URL can be relative to the vault URL. The service API version used for the request is the same as - the client's unless otherwise specified. This method does not raise if the response is an error; to raise an - exception, call `raise_for_status()` on the returned response object. For more information about how to send - custom requests with this method, see https://aka.ms/azsdk/dpcodegen/python/send_request. - - :param request: The network request you want to make. - :type request: ~azure.core.rest.HttpRequest - - :keyword bool stream: Whether the response payload will be streamed. Defaults to False. - - :return: The response of your network call. Does not do error handling on your response. - :rtype: ~azure.core.rest.AsyncHttpResponse - """ - request_copy = _format_api_version(request, self.api_version) - path_format_arguments = { - "vaultBaseUrl": _SERIALIZER.url("vault_base_url", self._vault_url, "str", skip_quote=True), - } - request_copy.url = self._client._client.format_url(request_copy.url, **path_format_arguments) - return self._client._client.send_request(request_copy, stream=stream, **kwargs) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py deleted file mode 100644 index eb4073d0e699..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/challenge_auth_policy.py +++ /dev/null @@ -1,270 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -"""Policy implementing Key Vault's challenge authentication protocol. - -Normally the protocol is only used for the client's first service request, upon which: -1. The challenge authentication policy sends a copy of the request, without authorization or content. -2. Key Vault responds 401 with a header (the 'challenge') detailing how the client should authenticate such a request. -3. The policy authenticates according to the challenge and sends the original request with authorization. - -The policy caches the challenge and thus knows how to authenticate future requests. However, authentication -requirements can change. For example, a vault may move to a new tenant. In such a case the policy will attempt the -protocol again. -""" - -from copy import deepcopy -import time -from typing import Any, cast, Optional, Union -from urllib.parse import urlparse - -from azure.core.credentials import ( - AccessToken, - AccessTokenInfo, - TokenCredential, - TokenProvider, - TokenRequestOptions, - SupportsTokenInfo, -) -from azure.core.exceptions import ServiceRequestError -from azure.core.pipeline import PipelineRequest, PipelineResponse -from azure.core.pipeline.policies import BearerTokenCredentialPolicy -from azure.core.rest import HttpRequest, HttpResponse - -from .http_challenge import HttpChallenge -from . import http_challenge_cache as ChallengeCache - - -def _enforce_tls(request: PipelineRequest) -> None: - if not request.http_request.url.lower().startswith("https"): - raise ServiceRequestError( - "Bearer token authentication is not permitted for non-TLS protected (non-https) URLs." - ) - - -def _has_claims(challenge: str) -> bool: - """Check if a challenge header contains claims. - - :param challenge: The challenge header to check. - :type challenge: str - - :returns: True if the challenge contains claims; False otherwise. - :rtype: bool - """ - # Split the challenge into its scheme and parameters, then check if any parameter contains claims - split_challenge = challenge.strip().split(" ", 1) - return any("claims=" in item for item in split_challenge[1].split(",")) - - -def _update_challenge(request: PipelineRequest, challenger: PipelineResponse) -> HttpChallenge: - """Parse challenge from a challenge response, cache it, and return it. - - :param request: The pipeline request that prompted the challenge response. - :type request: ~azure.core.pipeline.PipelineRequest - :param challenger: The pipeline response containing the authentication challenge. - :type challenger: ~azure.core.pipeline.PipelineResponse - - :returns: An HttpChallenge object representing the authentication challenge. - :rtype: HttpChallenge - """ - - challenge = HttpChallenge( - request.http_request.url, - challenger.http_response.headers.get("WWW-Authenticate"), - response_headers=challenger.http_response.headers, - ) - ChallengeCache.set_challenge_for_url(request.http_request.url, challenge) - return challenge - - -class ChallengeAuthPolicy(BearerTokenCredentialPolicy): - """Policy for handling HTTP authentication challenges. - - :param credential: An object which can provide an access token for the vault, such as a credential from - :mod:`azure.identity` - :type credential: ~azure.core.credentials.TokenProvider - :param str scopes: Lets you specify the type of access needed. - """ - - def __init__(self, credential: TokenProvider, *scopes: str, **kwargs: Any) -> None: - # Pass `enable_cae` so `enable_cae=True` is always passed through self.authorize_request - super(ChallengeAuthPolicy, self).__init__(credential, *scopes, enable_cae=True, **kwargs) - self._credential: TokenProvider = credential - self._token: Optional[Union["AccessToken", "AccessTokenInfo"]] = None - self._verify_challenge_resource = kwargs.pop("verify_challenge_resource", True) - self._request_copy: Optional[HttpRequest] = None - - def send(self, request: PipelineRequest[HttpRequest]) -> PipelineResponse[HttpRequest, HttpResponse]: - """Authorize request with a bearer token and send it to the next policy. - - We implement this method to account for the valid scenario where a Key Vault authentication challenge is - immediately followed by a CAE claims challenge. The base class's implementation would return the second 401 to - the caller, but we should handle that second challenge as well (and only return any third 401 response). - - :param request: The pipeline request object - :type request: ~azure.core.pipeline.PipelineRequest - - :return: The pipeline response object - :rtype: ~azure.core.pipeline.PipelineResponse - """ - self.on_request(request) - try: - response = self.next.send(request) - except Exception: # pylint:disable=broad-except - self.on_exception(request) - raise - - self.on_response(request, response) - if response.http_response.status_code == 401: - return self.handle_challenge_flow(request, response) - return response - - def handle_challenge_flow( - self, - request: PipelineRequest[HttpRequest], - response: PipelineResponse[HttpRequest, HttpResponse], - consecutive_challenge: bool = False, - ) -> PipelineResponse[HttpRequest, HttpResponse]: - """Handle the challenge flow of Key Vault and CAE authentication. - - :param request: The pipeline request object - :type request: ~azure.core.pipeline.PipelineRequest - :param response: The pipeline response object - :type response: ~azure.core.pipeline.PipelineResponse - :param bool consecutive_challenge: Whether the challenge is arriving immediately after another challenge. - Consecutive challenges can only be valid if a Key Vault challenge is followed by a CAE claims challenge. - True if the preceding challenge was a Key Vault challenge; False otherwise. - - :return: The pipeline response object - :rtype: ~azure.core.pipeline.PipelineResponse - """ - self._token = None # any cached token is invalid - if "WWW-Authenticate" in response.http_response.headers: - # If the previous challenge was a KV challenge and this one is too, return the 401 - claims_challenge = _has_claims(response.http_response.headers["WWW-Authenticate"]) - if consecutive_challenge and not claims_challenge: - return response - - request_authorized = self.on_challenge(request, response) - if request_authorized: - # if we receive a challenge response, we retrieve a new token - # which matches the new target. In this case, we don't want to remove - # token from the request so clear the 'insecure_domain_change' tag - request.context.options.pop("insecure_domain_change", False) - try: - response = self.next.send(request) - except Exception: # pylint:disable=broad-except - self.on_exception(request) - raise - - # If consecutive_challenge == True, this could be a third consecutive 401 - if response.http_response.status_code == 401 and not consecutive_challenge: - # If the previous challenge wasn't from CAE, we can try this function one more time - if not claims_challenge: - return self.handle_challenge_flow(request, response, consecutive_challenge=True) - self.on_response(request, response) - return response - - def on_request(self, request: PipelineRequest) -> None: - _enforce_tls(request) - challenge = ChallengeCache.get_challenge_for_url(request.http_request.url) - if challenge: - # Note that if the vault has moved to a new tenant since our last request for it, this request will fail. - if self._need_new_token: - # azure-identity credentials require an AADv2 scope but the challenge may specify an AADv1 resource - scope = challenge.get_scope() or challenge.get_resource() + "/.default" - self._request_kv_token(scope, challenge) - - bearer_token = cast(Union["AccessToken", "AccessTokenInfo"], self._token).token - request.http_request.headers["Authorization"] = f"Bearer {bearer_token}" - return - - # else: discover authentication information by eliciting a challenge from Key Vault. Remove any request data, - # saving it for later. Key Vault will reject the request as unauthorized and respond with a challenge. - # on_challenge will parse that challenge, use the original request including the body, authorize the - # request, and tell super to send it again. - if request.http_request.content: - self._request_copy = request.http_request - bodiless_request = HttpRequest( - method=request.http_request.method, - url=request.http_request.url, - headers=deepcopy(request.http_request.headers), - ) - bodiless_request.headers["Content-Length"] = "0" - request.http_request = bodiless_request - - def on_challenge(self, request: PipelineRequest, response: PipelineResponse) -> bool: - try: - # CAE challenges may not include a scope or tenant; cache from the previous challenge to use if necessary - old_scope: Optional[str] = None - old_tenant: Optional[str] = None - cached_challenge = ChallengeCache.get_challenge_for_url(request.http_request.url) - if cached_challenge: - old_scope = cached_challenge.get_scope() or cached_challenge.get_resource() + "/.default" - old_tenant = cached_challenge.tenant_id - - challenge = _update_challenge(request, response) - # CAE challenges may not include a scope or tenant; use the previous challenge's values if necessary - if challenge.claims and old_scope: - challenge._parameters["scope"] = old_scope # pylint:disable=protected-access - challenge.tenant_id = old_tenant - # azure-identity credentials require an AADv2 scope but the challenge may specify an AADv1 resource - scope = challenge.get_scope() or challenge.get_resource() + "/.default" - except ValueError: - return False - - if self._verify_challenge_resource: - resource_domain = urlparse(scope).netloc - if not resource_domain: - raise ValueError(f"The challenge contains invalid scope '{scope}'.") - - request_domain = urlparse(request.http_request.url).netloc - if not request_domain.lower().endswith(f".{resource_domain.lower()}"): - raise ValueError( - f"The challenge resource '{resource_domain}' does not match the requested domain. Pass " - "`verify_challenge_resource=False` to your client's constructor to disable this verification. " - "See https://aka.ms/azsdk/blog/vault-uri for more information." - ) - - # If we had created a request copy in on_request, use it now to send along the original body content - if self._request_copy: - request.http_request = self._request_copy - - # The tenant parsed from AD FS challenges is "adfs"; we don't actually need a tenant for AD FS authentication - # For AD FS we skip cross-tenant authentication per https://github.com/Azure/azure-sdk-for-python/issues/28648 - if challenge.tenant_id and challenge.tenant_id.lower().endswith("adfs"): - self.authorize_request(request, scope, claims=challenge.claims) - else: - self.authorize_request(request, scope, claims=challenge.claims, tenant_id=challenge.tenant_id) - - return True - - @property - def _need_new_token(self) -> bool: - now = time.time() - refresh_on = getattr(self._token, "refresh_on", None) - return not self._token or (refresh_on and refresh_on <= now) or self._token.expires_on - now < 300 - - def _request_kv_token(self, scope: str, challenge: HttpChallenge) -> None: - """Implementation of BearerTokenCredentialPolicy's _request_token method, but specific to Key Vault. - - :param str scope: The scope for which to request a token. - :param challenge: The challenge for the request being made. - :type challenge: HttpChallenge - """ - # Exclude tenant for AD FS authentication - exclude_tenant = challenge.tenant_id and challenge.tenant_id.lower().endswith("adfs") - # The SupportsTokenInfo protocol needs TokenRequestOptions for token requests instead of kwargs - if hasattr(self._credential, "get_token_info"): - options: TokenRequestOptions = {"enable_cae": True} - if challenge.tenant_id and not exclude_tenant: - options["tenant_id"] = challenge.tenant_id - self._token = cast(SupportsTokenInfo, self._credential).get_token_info(scope, options=options) - else: - if exclude_tenant: - self._token = self._credential.get_token(scope, enable_cae=True) - else: - self._token = cast(TokenCredential, self._credential).get_token( - scope, tenant_id=challenge.tenant_id, enable_cae=True - ) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/client_base.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/client_base.py deleted file mode 100644 index 704cea8a0753..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/client_base.py +++ /dev/null @@ -1,158 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -from copy import deepcopy -from enum import Enum -from typing import Any -from urllib.parse import urlparse - -from azure.core import CaseInsensitiveEnumMeta -from azure.core.credentials import TokenCredential -from azure.core.pipeline.policies import HttpLoggingPolicy -from azure.core.rest import HttpRequest, HttpResponse -from azure.core.tracing.decorator import distributed_trace - -from . import ChallengeAuthPolicy -from .._generated import KeyVaultClient as _KeyVaultClient -from .._generated import models as _models -from .._generated._serialization import Serializer -from .._sdk_moniker import SDK_MONIKER - - -class ApiVersion(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Key Vault API versions supported by this package""" - - #: this is the default version - V7_5 = "7.5" - V7_4 = "7.4" - V7_3 = "7.3" - V7_2 = "7.2" - V7_1 = "7.1" - V7_0 = "7.0" - V2016_10_01 = "2016-10-01" - - -DEFAULT_VERSION = ApiVersion.V7_5 - -_SERIALIZER = Serializer() -_SERIALIZER.client_side_validation = False - - -def _format_api_version(request: HttpRequest, api_version: str) -> HttpRequest: - """Returns a request copy that includes an api-version query parameter if one wasn't originally present. - - :param request: The HTTP request being sent. - :type request: ~azure.core.rest.HttpRequest - :param str api_version: The service API version that the request should include. - - :returns: A copy of the request that includes an api-version query parameter. - :rtype: azure.core.rest.HttpRequest - """ - request_copy = deepcopy(request) - params = {"api-version": api_version} # By default, we want to use the client's API version - query = urlparse(request_copy.url).query - - if query: - request_copy.url = request_copy.url.partition("?")[0] - existing_params = {p[0]: p[-1] for p in [p.partition("=") for p in query.split("&")]} - params.update(existing_params) # If an api-version was provided, this will overwrite our default - - # Reconstruct the query parameters onto the URL - query_params = [] - for k, v in params.items(): - query_params.append("{}={}".format(k, v)) - query = "?" + "&".join(query_params) - request_copy.url = request_copy.url + query - return request_copy - - -class KeyVaultClientBase(object): - # pylint:disable=protected-access - def __init__(self, vault_url: str, credential: TokenCredential, **kwargs: Any) -> None: - if not credential: - raise ValueError( - "credential should be an object supporting the TokenCredential protocol, " - "such as a credential from azure-identity" - ) - if not vault_url: - raise ValueError("vault_url must be the URL of an Azure Key Vault") - - try: - self.api_version = kwargs.pop("api_version", DEFAULT_VERSION) - # If API version was provided as an enum value, need to make a plain string for 3.11 compatibility - if hasattr(self.api_version, "value"): - self.api_version = self.api_version.value - self._vault_url = vault_url.strip(" /") - - client = kwargs.get("generated_client") - if client: - # caller provided a configured client -> only models left to initialize - self._client = client - models = kwargs.get("generated_models") - self._models = models or _models - return - - http_logging_policy = HttpLoggingPolicy(**kwargs) - http_logging_policy.allowed_header_names.update( - {"x-ms-keyvault-network-info", "x-ms-keyvault-region", "x-ms-keyvault-service-version"} - ) - - verify_challenge = kwargs.pop("verify_challenge_resource", True) - self._client = _KeyVaultClient( - api_version=self.api_version, - authentication_policy=ChallengeAuthPolicy(credential, verify_challenge_resource=verify_challenge), - sdk_moniker=SDK_MONIKER, - http_logging_policy=http_logging_policy, - **kwargs - ) - self._models = _models - except ValueError as exc: - # Ignore pyright error that comes from not identifying ApiVersion as an iterable enum - raise NotImplementedError( - f"This package doesn't support API version '{self.api_version}'. " - + "Supported versions: " - + f"{', '.join(v.value for v in ApiVersion)}" # pyright: ignore[reportGeneralTypeIssues] - ) from exc - - @property - def vault_url(self) -> str: - return self._vault_url - - def __enter__(self) -> "KeyVaultClientBase": - self._client.__enter__() - return self - - def __exit__(self, *args: Any) -> None: - self._client.__exit__(*args) - - def close(self) -> None: - """Close sockets opened by the client. - - Calling this method is unnecessary when using the client as a context manager. - """ - self._client.close() - - @distributed_trace - def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse: - """Runs a network request using the client's existing pipeline. - - The request URL can be relative to the vault URL. The service API version used for the request is the same as - the client's unless otherwise specified. This method does not raise if the response is an error; to raise an - exception, call `raise_for_status()` on the returned response object. For more information about how to send - custom requests with this method, see https://aka.ms/azsdk/dpcodegen/python/send_request. - - :param request: The network request you want to make. - :type request: ~azure.core.rest.HttpRequest - - :keyword bool stream: Whether the response payload will be streamed. Defaults to False. - - :return: The response of your network call. Does not do error handling on your response. - :rtype: ~azure.core.rest.HttpResponse - """ - request_copy = _format_api_version(request, self.api_version) - path_format_arguments = { - "vaultBaseUrl": _SERIALIZER.url("vault_base_url", self._vault_url, "str", skip_quote=True), - } - request_copy.url = self._client._client.format_url(request_copy.url, **path_format_arguments) - return self._client._client.send_request(request_copy, stream=stream, **kwargs) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge.py deleted file mode 100644 index 0320df5a868b..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge.py +++ /dev/null @@ -1,182 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import base64 -from typing import Dict, MutableMapping, Optional -from urllib import parse - - -class HttpChallenge(object): - """An object representing the content of a Key Vault authentication challenge. - - :param str request_uri: The URI of the HTTP request that prompted this challenge. - :param str challenge: The WWW-Authenticate header of the challenge response. - :param response_headers: Optional. The headers attached to the challenge response. - :type response_headers: MutableMapping[str, str] or None - """ - - def __init__( - self, request_uri: str, challenge: str, response_headers: "Optional[MutableMapping[str, str]]" = None - ) -> None: - """Parses an HTTP WWW-Authentication Bearer challenge from a server. - - Example challenge with claims: - Bearer authorization="https://login.windows-ppe.net/", error="invalid_token", - error_description="User session has been revoked", - claims="eyJhY2Nlc3NfdG9rZW4iOnsibmJmIjp7ImVzc2VudGlhbCI6dHJ1ZSwgInZhbHVlIjoiMTYwMzc0MjgwMCJ9fX0=" - """ - self.source_authority = self._validate_request_uri(request_uri) - self.source_uri = request_uri - self._parameters: "Dict[str, str]" = {} - - # get the scheme of the challenge and remove from the challenge string - trimmed_challenge = self._validate_challenge(challenge) - split_challenge = trimmed_challenge.split(" ", 1) - self.scheme = split_challenge[0] - trimmed_challenge = split_challenge[1] - - self.claims = None - # split trimmed challenge into comma-separated name=value pairs. Values are expected - # to be surrounded by quotes which are stripped here. - for item in trimmed_challenge.split(","): - # Special case for claims, which can contain = symbols as padding. Assume at most one claim per challenge - if "claims=" in item: - encoded_claims = item[item.index("=") + 1 :].strip(" \"'") - padding_needed = -len(encoded_claims) % 4 - try: - decoded_claims = base64.urlsafe_b64decode(encoded_claims + "=" * padding_needed).decode() - self.claims = decoded_claims - except Exception: # pylint:disable=broad-except - continue - # process name=value pairs - else: - comps = item.split("=") - if len(comps) == 2: - key = comps[0].strip(' "') - value = comps[1].strip(' "') - if key: - self._parameters[key] = value - - # minimum set of parameters - if not self._parameters: - raise ValueError("Invalid challenge parameters") - - # must specify authorization or authorization_uri - if "authorization" not in self._parameters and "authorization_uri" not in self._parameters: - raise ValueError("Invalid challenge parameters") - - authorization_uri = self.get_authorization_server() - # the authorization server URI should look something like https://login.windows.net/tenant-id - raw_uri_path = str(parse.urlparse(authorization_uri).path) - uri_path = raw_uri_path.lstrip("/") - self.tenant_id = uri_path.split("/", maxsplit=1)[0] or None - - # if the response headers were supplied - if response_headers: - # get the message signing key and message key encryption key from the headers - self.server_signature_key = response_headers.get("x-ms-message-signing-key", None) - self.server_encryption_key = response_headers.get("x-ms-message-encryption-key", None) - - def is_bearer_challenge(self) -> bool: - """Tests whether the HttpChallenge is a Bearer challenge. - - :returns: True if the challenge is a Bearer challenge; False otherwise. - :rtype: bool - """ - if not self.scheme: - return False - - return self.scheme.lower() == "bearer" - - def is_pop_challenge(self) -> bool: - """Tests whether the HttpChallenge is a proof of possession challenge. - - :returns: True if the challenge is a proof of possession challenge; False otherwise. - :rtype: bool - """ - if not self.scheme: - return False - - return self.scheme.lower() == "pop" - - def get_value(self, key: str) -> "Optional[str]": - return self._parameters.get(key) - - def get_authorization_server(self) -> str: - """Returns the URI for the authorization server if present, otherwise an empty string. - - :returns: The URI for the authorization server if present, otherwise an empty string. - :rtype: str - """ - value = "" - for key in ["authorization_uri", "authorization"]: - value = self.get_value(key) or "" - if value: - break - return value - - def get_resource(self) -> str: - """Returns the resource if present, otherwise an empty string. - - :returns: The challenge resource if present, otherwise an empty string. - :rtype: str - """ - return self.get_value("resource") or "" - - def get_scope(self) -> str: - """Returns the scope if present, otherwise an empty string. - - :returns: The challenge scope if present, otherwise an empty string. - :rtype: str - """ - return self.get_value("scope") or "" - - def supports_pop(self) -> bool: - """Returns True if the challenge supports proof of possession token auth; False otherwise. - - :returns: True if the challenge supports proof of possession token auth; False otherwise. - :rtype: bool - """ - return self._parameters.get("supportspop", "").lower() == "true" - - def supports_message_protection(self) -> bool: - """Returns True if the challenge vault supports message protection; False otherwise. - - :returns: True if the challenge vault supports message protection; False otherwise. - :rtype: bool - """ - return self.supports_pop() and self.server_encryption_key and self.server_signature_key # type: ignore - - def _validate_challenge(self, challenge: str) -> str: # pylint:disable=bad-option-value,useless-option-value,no-self-use - """Verifies that the challenge is a valid auth challenge and returns the key=value pairs. - - :param str challenge: The WWW-Authenticate header of the challenge response. - - :returns: The challenge key/value pairs, with whitespace removed, as a string. - :rtype: str - """ - if not challenge: - raise ValueError("Challenge cannot be empty") - - return challenge.strip() - - def _validate_request_uri(self, uri: str) -> str: # pylint:disable=bad-option-value,useless-option-value,no-self-use - """Extracts the host authority from the given URI. - - :param str uri: The URI of the HTTP request that prompted the challenge. - - :returns: The challenge host authority. - :rtype: str - """ - if not uri: - raise ValueError("request_uri cannot be empty") - - parsed = parse.urlparse(uri) - if not parsed.netloc: - raise ValueError("request_uri must be an absolute URI") - - if parsed.scheme.lower() not in ["http", "https"]: - raise ValueError("request_uri must be HTTP or HTTPS") - - return parsed.netloc diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge_cache.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge_cache.py deleted file mode 100644 index f1448cc53391..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_shared/http_challenge_cache.py +++ /dev/null @@ -1,93 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import threading -from typing import Dict, Optional -from urllib import parse - -from .http_challenge import HttpChallenge - - -_cache: "Dict[str, HttpChallenge]" = {} -_lock = threading.Lock() - - -def get_challenge_for_url(url: str) -> "Optional[HttpChallenge]": - """Gets the challenge for the cached URL. - - :param str url: the URL the challenge is cached for. - - :returns: The challenge for the cached request URL, or None if the request URL isn't cached. - :rtype: HttpChallenge or None - """ - - if not url: - raise ValueError("URL cannot be None") - - key = _get_cache_key(url) - - with _lock: - return _cache.get(key) - - -def _get_cache_key(url: str) -> str: - """Use the URL's netloc as cache key except when the URL specifies the default port for its scheme. In that case - use the netloc without the port. That is to say, https://foo.bar and https://foo.bar:443 are considered equivalent. - - This equivalency prevents an unnecessary challenge when using Key Vault's paging API. The Key Vault client doesn't - specify ports, but Key Vault's next page links do, so a redundant challenge would otherwise be executed when the - client requests the next page. - - :param str url: The HTTP request URL. - - :returns: The URL's `netloc`, minus any port attached to the URL. - :rtype: str - """ - - parsed = parse.urlparse(url) - if parsed.scheme == "https" and parsed.port == 443: - return parsed.netloc[:-4] - return parsed.netloc - - -def remove_challenge_for_url(url: str) -> None: - """Removes the cached challenge for the specified URL. - - :param str url: the URL for which to remove the cached challenge - """ - if not url: - raise ValueError("URL cannot be empty") - - parsed = parse.urlparse(url) - - with _lock: - del _cache[parsed.netloc] - - -def set_challenge_for_url(url: str, challenge: "HttpChallenge") -> None: - """Caches the challenge for the specified URL. - - :param str url: the URL for which to cache the challenge - :param challenge: the challenge to cache - :type challenge: HttpChallenge - """ - if not url: - raise ValueError("URL cannot be empty") - - if not challenge: - raise ValueError("Challenge cannot be empty") - - src_url = parse.urlparse(url) - if src_url.netloc != challenge.source_authority: - raise ValueError("Source URL and Challenge URL do not match") - - with _lock: - _cache[src_url.netloc] = challenge - - -def clear() -> None: - """Clears the cache.""" - - with _lock: - _cache.clear() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_vendor.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_vendor.py similarity index 88% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_vendor.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_vendor.py index db923753c642..3790083b97e3 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/_vendor.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_vendor.py @@ -1,7 +1,7 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- @@ -11,7 +11,6 @@ from ._configuration import KeyVaultClientConfiguration if TYPE_CHECKING: - # pylint: disable=unused-import,ungrouped-imports from azure.core import PipelineClient from ._serialization import Deserializer, Serializer diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_version.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_version.py index 9170d8b493b6..0d777283b3a2 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_version.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_version.py @@ -1,6 +1,9 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- -VERSION = "4.9.1" +VERSION = "4.9.0b1" diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/__init__.py index ba1c15a8d7ae..8c996b993b8a 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/__init__.py @@ -1,8 +1,29 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +# pylint: disable=wrong-import-position -from ._client import CertificateClient +from typing import TYPE_CHECKING -__all__ = ["CertificateClient"] +if TYPE_CHECKING: + from ._patch import * # pylint: disable=unused-wildcard-import + +from ._client import KeyVaultClient # type: ignore + +try: + from ._patch import __all__ as _patch_all + from ._patch import * +except ImportError: + _patch_all = [] +from ._patch import patch_sdk as _patch_sdk + +__all__ = [ + "KeyVaultClient", +] +__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore + +_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_client.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_client.py index f08bd19385f0..6da9106e5189 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_client.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_client.py @@ -1,1081 +1,102 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -# pylint:disable=too-many-lines,too-many-public-methods -import base64 -from typing import Any, Dict, List, Optional, Union -from functools import partial +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- -from azure.core.polling import AsyncLROPoller -from azure.core.tracing.decorator import distributed_trace -from azure.core.tracing.decorator_async import distributed_trace_async -from azure.core.async_paging import AsyncItemPaged +from copy import deepcopy +from typing import Any, Awaitable, TYPE_CHECKING +from typing_extensions import Self -from .. import ( - AdministratorContact, - KeyVaultCertificate, - CertificateOperation, - CertificatePolicy, - DeletedCertificate, - CertificateProperties, - CertificateContact, - CertificateIssuer, - IssuerProperties, -) -from ._polling_async import CreateCertificatePollerAsync -from .._client import NO_SAN_OR_SUBJECT -from .._shared import AsyncKeyVaultClientBase -from .._shared._polling_async import AsyncDeleteRecoverPollingMethod +from azure.core import AsyncPipelineClient +from azure.core.pipeline import policies +from azure.core.rest import AsyncHttpResponse, HttpRequest +from .._serialization import Deserializer, Serializer +from ._configuration import KeyVaultClientConfiguration +from ._operations import KeyVaultClientOperationsMixin -class CertificateClient(AsyncKeyVaultClientBase): - """A high-level asynchronous interface for managing a vault's certificates. +if TYPE_CHECKING: + from azure.core.credentials_async import AsyncTokenCredential - :param str vault_url: URL of the vault the client will access. This is also called the vault's "DNS Name". - You should validate that this URL references a valid Key Vault resource. See https://aka.ms/azsdk/blog/vault-uri - for details. - :param credential: An object which can provide an access token for the vault, such as a credential from - :mod:`azure.identity.aio` - :type credential: ~azure.core.credentials_async.AsyncTokenCredential - :keyword api_version: Version of the service API to use. Defaults to the most recent. - :paramtype api_version: ~azure.keyvault.certificates.ApiVersion or str - :keyword bool verify_challenge_resource: Whether to verify the authentication challenge resource matches the Key - Vault domain. Defaults to True. +class KeyVaultClient(KeyVaultClientOperationsMixin): + """The key vault client performs cryptographic key operations and vault operations against the Key + Vault service. - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START create_certificate_client] - :end-before: [END create_certificate_client] - :language: python - :dedent: 4 - :caption: Creates a new instance of the Certificate client + :param vault_base_url: Required. + :type vault_base_url: str + :param credential: Credential used to authenticate requests to the service. Required. + :type credential: ~azure.core.credentials_async.AsyncTokenCredential + :keyword api_version: The API version to use for this operation. Default value is + "7.6-preview.1". Note that overriding this default value may result in unsupported behavior. + :paramtype api_version: str """ - # pylint:disable=protected-access - @distributed_trace_async - async def create_certificate( - self, - certificate_name: str, - policy: CertificatePolicy, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> Union[KeyVaultCertificate, CertificateOperation]: - """Creates a new certificate. - - If this is the first version, the certificate resource is created. This operation requires the - certificates/create permission. The poller requires the certificates/get permission, otherwise raises an - :class:`~azure.core.exceptions.HttpResponseError`. - - :param str certificate_name: The name of the certificate. - :param policy: The management policy for the certificate. Either subject or one of the subject alternative - name properties are required. - :type policy: ~azure.keyvault.certificates.CertificatePolicy - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - - :returns: A coroutine for the creation of the certificate. Awaiting the coroutine returns the created - KeyVaultCertificate if creation is successful, or the CertificateOperation if not. - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate or ~azure.keyvault.certificates.CertificateOperation - - :raises ValueError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate policy is invalid; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START create_certificate] - :end-before: [END create_certificate] - :language: python - :caption: Create a certificate - :dedent: 8 - """ - if not (policy.san_emails or policy.san_user_principal_names or policy.san_dns_names or policy.subject): - raise ValueError(NO_SAN_OR_SUBJECT) - - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 5 - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateCreateParameters( - certificate_policy=policy._to_certificate_policy_bundle(), - certificate_attributes=attributes, - tags=tags, - ) - - pipeline_response, cert_bundle = await self._client.create_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - parameters=parameters, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs - ) - - create_certificate_operation = CertificateOperation._from_certificate_operation_bundle(cert_bundle) - - command = partial(self.get_certificate_operation, certificate_name=certificate_name, **kwargs) - - get_certificate_command = partial(self.get_certificate, certificate_name=certificate_name, **kwargs) - - create_certificate_polling = CreateCertificatePollerAsync( - pipeline_response=pipeline_response, - get_certificate_command=get_certificate_command, - interval=polling_interval, - ) - def no_op(*_, **__) -> Any: # The deserialization callback is ignored based on polling implementation - pass - return await AsyncLROPoller(command, create_certificate_operation, no_op, create_certificate_polling) - - @distributed_trace_async - async def get_certificate(self, certificate_name: str, **kwargs: Any) -> KeyVaultCertificate: - """Gets a certificate with its management policy attached. Requires certificates/get permission. - - Does not accept the version of the certificate as a parameter. To get a specific version of the - certificate, call :func:`get_certificate_version`. - - :param str certificate_name: The name of the certificate in the given vault. - - :returns: An instance of KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START get_certificate] - :end-before: [END get_certificate] - :language: python - :caption: Get a certificate - :dedent: 8 - """ - bundle = await self._client.get_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_version="", - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace_async - async def get_certificate_version( - self, certificate_name: str, version: str, **kwargs: Any - ) -> KeyVaultCertificate: - """Gets a specific version of a certificate without returning its management policy. - - Requires certificates/get permission. To get the latest version of the certificate, or to get the certificate's - policy as well, call :func:`get_certificate`. - - :param str certificate_name: The name of the certificate in the given vault. - :param str version: The version of the certificate. - - :returns: An instance of KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START get_certificate_version] - :end-before: [END get_certificate_version] - :language: python - :caption: Get a certificate with a specific version - :dedent: 8 - """ - bundle = await self._client.get_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_version=version, - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace_async - async def delete_certificate(self, certificate_name: str, **kwargs: Any) -> DeletedCertificate: - """Delete all versions of a certificate. Requires certificates/delete permission. - - If the vault has soft-delete enabled, deletion may take several seconds to complete. - - :param str certificate_name: The name of the certificate. - - :returns: The deleted certificate - :rtype: ~azure.keyvault.certificates.DeletedCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START delete_certificate] - :end-before: [END delete_certificate] - :language: python - :caption: Delete a certificate - :dedent: 8 - """ - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 2 - pipeline_response, deleted_cert_bundle = await self._client.delete_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs, - ) - deleted_certificate = DeletedCertificate._from_deleted_certificate_bundle(deleted_cert_bundle) - - polling_method = AsyncDeleteRecoverPollingMethod( - # no recovery ID means soft-delete is disabled, in which case we initialize the poller as finished - finished=deleted_certificate.recovery_id is None, - pipeline_response=pipeline_response, - command=partial(self.get_deleted_certificate, certificate_name=certificate_name, **kwargs), - final_resource=deleted_certificate, - interval=polling_interval, - ) - await polling_method.run() - - return polling_method.resource() - - @distributed_trace_async - async def get_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> DeletedCertificate: - """Get a deleted certificate. Possible only in a vault with soft-delete enabled. - - Requires certificates/get permission. Retrieves the deleted certificate information plus its attributes, such as - retention interval, scheduled permanent deletion, and the current deletion recovery level. - - :param str certificate_name: The name of the certificate. - - :return: The deleted certificate - :rtype: ~azure.keyvault.certificates.DeletedCertificate - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START get_deleted_certificate] - :end-before: [END get_deleted_certificate] - :language: python - :caption: Get a deleted certificate - :dedent: 8 - """ - bundle = await self._client.get_deleted_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return DeletedCertificate._from_deleted_certificate_bundle(deleted_certificate_bundle=bundle) - - @distributed_trace_async - async def purge_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> None: - """Permanently deletes a deleted certificate. Possible only in vaults with soft-delete enabled. - - Requires certificates/purge permission. Performs an irreversible deletion of the specified certificate, without - possibility for recovery. The operation is not available if the - :py:attr:`~azure.keyvault.certificates.CertificateProperties.recovery_level` does not specify 'Purgeable'. - This method is only necessary for purging a certificate before its - :py:attr:`~azure.keyvault.certificates.DeletedCertificate.scheduled_purge_date`. - - :param str certificate_name: The name of the certificate - - :return: None - :rtype: None - - :raises ~azure.core.exceptions.HttpResponseError: - """ - await self._client.purge_deleted_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - - @distributed_trace_async - async def recover_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> KeyVaultCertificate: - """Recover a deleted certificate to its latest version. Possible only in a vault with soft-delete enabled. - - Requires certificates/recover permission. If the vault does not have soft-delete enabled, - :func:`delete_certificate` is permanent, and this method will raise an error. Attempting to recover a - non-deleted certificate will also raise an error. - - :param str certificate_name: The name of the deleted certificate - - :returns: The recovered certificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START recover_deleted_certificate] - :end-before: [END recover_deleted_certificate] - :language: python - :caption: Recover a deleted certificate - :dedent: 8 - """ - polling_interval = kwargs.pop("_polling_interval", None) - if polling_interval is None: - polling_interval = 2 - pipeline_response, recovered_cert_bundle = await self._client.recover_deleted_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized), - **kwargs, - ) - recovered_certificate = KeyVaultCertificate._from_certificate_bundle(recovered_cert_bundle) - - command = partial(self.get_certificate, certificate_name=certificate_name, **kwargs) - polling_method = AsyncDeleteRecoverPollingMethod( - pipeline_response=pipeline_response, - command=command, - final_resource=recovered_certificate, - finished=False, - interval=polling_interval - ) - await polling_method.run() - - return polling_method.resource() - - @distributed_trace_async - async def import_certificate( - self, - certificate_name: str, - certificate_bytes: bytes, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - password: Optional[str] = None, - policy: Optional[CertificatePolicy] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Import a certificate created externally. Requires certificates/import permission. - - Imports an existing valid certificate, containing a private key, into Azure Key Vault. The certificate to be - imported can be in either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the - key as well as x509 certificates, and you must provide a ``policy`` with - :attr:`~azure.keyvault.certificates.CertificatePolicy.content_type` of - :attr:`~azure.keyvault.certificates.CertificateContentType.pem`. - - :param str certificate_name: The name of the certificate. - :param bytes certificate_bytes: Bytes of the certificate object to import. - This certificate needs to contain the private key. - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - :keyword str password: If the private key in the passed in certificate is encrypted, it - is the password used for encryption. - :keyword policy: The management policy for the certificate. Required if importing a PEM-format certificate, - with :attr:`~azure.keyvault.certificates.CertificatePolicy.content_type` set to - :attr:`~azure.keyvault.certificates.CertificateContentType.pem`. - :paramtype policy: ~azure.keyvault.certificates.CertificatePolicy - - :returns: The imported KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - base64_encoded_certificate = base64.b64encode(certificate_bytes).decode("utf-8") - - parameters = self._models.CertificateImportParameters( - base64_encoded_certificate=base64_encoded_certificate, - password=password, - certificate_policy=policy._to_certificate_policy_bundle() if policy else None, - certificate_attributes=attributes, - tags=tags, - ) - - bundle = await self._client.import_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - parameters=parameters, - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace_async - async def get_certificate_policy(self, certificate_name: str, **kwargs: Any) -> CertificatePolicy: - """Gets the policy for a certificate. Requires certificates/get permission. - - Returns the specified certificate policy resources in the key vault. - - :param str certificate_name: The name of the certificate in a given key vault. - - :return: The certificate policy - :rtype: ~azure.keyvault.certificates.CertificatePolicy - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = await self._client.get_certificate_policy( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificatePolicy._from_certificate_policy_bundle(certificate_policy_bundle=bundle) - - @distributed_trace_async - async def update_certificate_policy( - self, certificate_name: str, policy: CertificatePolicy, **kwargs: Any - ) -> CertificatePolicy: - """Updates the policy for a certificate. Requires certificates/update permission. - - Set specified members in the certificate policy. Leaves others as null. - - :param str certificate_name: The name of the certificate in the given vault. - :param policy: The policy for the certificate. - :type policy: ~azure.keyvault.certificates.CertificatePolicy - - :return: The certificate policy - :rtype: ~azure.keyvault.certificates.CertificatePolicy - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = await self._client.update_certificate_policy( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_policy=policy._to_certificate_policy_bundle(), - **kwargs - ) - return CertificatePolicy._from_certificate_policy_bundle(certificate_policy_bundle=bundle) - - @distributed_trace_async - async def update_certificate_properties( - self, - certificate_name: str, - version: Optional[str] = None, - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Change a certificate's properties. Requires certificates/update permission. - - :param str certificate_name: The name of the certificate in the given key vault. - :param str version: The version of the certificate. - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - - :returns: The updated KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START update_certificate] - :end-before: [END update_certificate] - :language: python - :caption: Update a certificate's attributes - :dedent: 8 - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateUpdateParameters( - certificate_attributes=attributes, tags=tags - ) - - bundle = await self._client.update_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_version=version or "", - parameters=parameters, - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace_async - async def backup_certificate(self, certificate_name: str, **kwargs: Any) -> bytes: - """Back up a certificate in a protected form useable only by Azure Key Vault. - - Requires certificates/backup permission. This is intended to allow copying a certificate from one vault to - another. Both vaults must be owned by the same Azure subscription. Also, backup / restore cannot be performed - across geopolitical boundaries. For example, a backup from a vault in a USA region cannot be restored to a vault - in an EU region. - - :param str certificate_name: The name of the certificate. - - :return: The backup blob containing the backed up certificate. - :rtype: bytes - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START backup_certificate] - :end-before: [END backup_certificate] - :language: python - :caption: Get a certificate backup - :dedent: 8 - """ - backup_result = await self._client.backup_certificate( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return backup_result.value - - @distributed_trace_async - async def restore_certificate_backup(self, backup: bytes, **kwargs: Any) -> KeyVaultCertificate: - """Restore a certificate backup to the vault. Requires certificates/restore permission. - - This restores all versions of the certificate, with its name, attributes, and access control policies. If the - certificate's name is already in use, restoring it will fail. Also, the target vault must be owned by the same - Microsoft Azure subscription as the source vault. - - :param bytes backup: The backup blob associated with a certificate bundle. - - :return: The restored KeyVaultCertificate - :rtype: ~azure.keyvault.certificates.KeyVaultCertificate - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START restore_certificate] - :end-before: [END restore_certificate] - :language: python - :caption: Restore a certificate backup - :dedent: 8 - """ - bundle = await self._client.restore_certificate( - vault_base_url=self.vault_url, - parameters=self._models.CertificateRestoreParameters(certificate_bundle_backup=backup), - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace - def list_deleted_certificates( - self, *, include_pending: Optional[bool] = None, **kwargs: Any - ) -> AsyncItemPaged[DeletedCertificate]: - """Lists the currently-recoverable deleted certificates. Possible only if vault is soft-delete enabled. - - Requires certificates/get/list permission. Retrieves the certificates in the current vault which are in a - deleted state and ready for recovery or purging. This operation includes deletion-specific information. - - :keyword bool include_pending: Specifies whether to include certificates which are not completely deleted. - Only available for API versions v7.0 and up. If not provided, Key Vault treats this as False. - :paramtype include_pending: bool or None - - :return: An iterator-like instance of DeletedCertificate - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.DeletedCertificate] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START list_deleted_certificates] - :end-before: [END list_deleted_certificates] - :language: python - :caption: List all the deleted certificates - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - - if self.api_version == "2016-10-01": - if include_pending is not None: - raise NotImplementedError( - "The 'include_pending' parameter to `list_deleted_certificates` " - "is only available for API versions v7.0 and up" - ) - else: - kwargs.update({"include_pending": include_pending}) - - return self._client.get_deleted_certificates( - vault_base_url=self._vault_url, - maxresults=max_page_size, - cls=lambda objs: [DeletedCertificate._from_deleted_certificate_item(x) for x in objs], - **kwargs - ) - - @distributed_trace - def list_properties_of_certificates( - self, *, include_pending: Optional[bool] = None, **kwargs: Any - ) -> AsyncItemPaged[CertificateProperties]: - """List identifiers and properties of all certificates in the vault. - - Requires certificates/list permission. - - :keyword bool include_pending: Specifies whether to include certificates which are not completely provisioned. - Only available for API versions v7.0 and up. If not provided, Key Vault treats this as False. - :paramtype include_pending: bool or None - - :returns: An iterator-like instance of CertificateProperties - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateProperties] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START list_properties_of_certificates] - :end-before: [END list_properties_of_certificates] - :language: python - :caption: List all certificates - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - - if self.api_version == "2016-10-01": - if include_pending is not None: - raise NotImplementedError( - "The 'include_pending' parameter to `list_properties_of_certificates` " - "is only available for API versions v7.0 and up" - ) - else: - kwargs.update({"include_pending": include_pending}) - - return self._client.get_certificates( - vault_base_url=self._vault_url, - maxresults=max_page_size, - cls=lambda objs: [CertificateProperties._from_certificate_item(x) for x in objs], - **kwargs - ) - - @distributed_trace - def list_properties_of_certificate_versions( - self, certificate_name: str, **kwargs: Any - ) -> AsyncItemPaged[CertificateProperties]: - """List the identifiers and properties of a certificate's versions. - - Requires certificates/list permission. - - :param str certificate_name: The name of the certificate. - - :returns: An iterator-like instance of CertificateProperties - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateProperties] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START list_properties_of_certificate_versions] - :end-before: [END list_properties_of_certificate_versions] - :language: python - :caption: List all versions of a certificate - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - return self._client.get_certificate_versions( - vault_base_url=self._vault_url, - certificate_name=certificate_name, - maxresults=max_page_size, - cls=lambda objs: [CertificateProperties._from_certificate_item(x) for x in objs], - **kwargs - ) - - @distributed_trace_async - async def set_contacts(self, contacts: List[CertificateContact], **kwargs: Any) -> List[CertificateContact]: - """Sets the certificate contacts for the key vault. Requires certificates/managecontacts permission. - - :param contacts: The contact list for the vault certificates. - :type contacts: list[~azure.keyvault.certificates.CertificateContact] - - :returns: The created list of contacts - :rtype: list[~azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START set_contacts] - :end-before: [END set_contacts] - :language: python - :caption: Create contacts - :dedent: 8 - """ - new_contacts = await self._client.set_certificate_contacts( - vault_base_url=self.vault_url, - contacts=self._models.Contacts(contact_list=[c._to_certificate_contacts_item() for c in contacts]), - **kwargs - ) - return [ - CertificateContact._from_certificate_contacts_item(contact_item=item) for item in new_contacts.contact_list - ] - - @distributed_trace_async - async def get_contacts(self, **kwargs: Any) -> List[CertificateContact]: - """Gets the certificate contacts for the key vault. Requires the certificates/managecontacts permission. - - :return: The certificate contacts for the key vault. - :rtype: list[azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START get_contacts] - :end-before: [END get_contacts] - :language: python - :caption: Get contacts - :dedent: 8 - """ - contacts = await self._client.get_certificate_contacts( - vault_base_url=self._vault_url, **kwargs - ) - return [CertificateContact._from_certificate_contacts_item(contact_item=item) for item in contacts.contact_list] - - @distributed_trace_async - async def delete_contacts(self, **kwargs: Any) -> List[CertificateContact]: - """Deletes the certificate contacts for the key vault. Requires the certificates/managecontacts permission. - - :return: The deleted contacts for the key vault. - :rtype: list[~azure.keyvault.certificates.CertificateContact] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START delete_contacts] - :end-before: [END delete_contacts] - :language: python - :caption: Delete contacts - :dedent: 8 - """ - contacts = await self._client.delete_certificate_contacts( - vault_base_url=self.vault_url, **kwargs - ) - return [CertificateContact._from_certificate_contacts_item(contact_item=item) for item in contacts.contact_list] - - @distributed_trace_async - async def get_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Gets the creation operation of a certificate. Requires the certificates/get permission. - - :param str certificate_name: The name of the certificate. - - :returns: The created CertificateOperation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the certificate doesn't exist; the latter for other errors - """ - - bundle = await self._client.get_certificate_operation( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace_async - async def delete_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Deletes and stops the creation operation for a specific certificate. - - Requires the certificates/update permission. - - :param str certificate_name: The name of the certificate. - - :return: The deleted CertificateOperation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the operation doesn't exist; the latter for other errors - """ - bundle = await self._client.delete_certificate_operation( - vault_base_url=self.vault_url, certificate_name=certificate_name, **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace_async - async def cancel_certificate_operation(self, certificate_name: str, **kwargs: Any) -> CertificateOperation: - """Cancels an in-progress certificate operation. Requires the certificates/update permission. - - :param str certificate_name: The name of the certificate. - - :returns: The cancelled certificate operation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.HttpResponseError: - """ - bundle = await self._client.update_certificate_operation( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - certificate_operation=self._models.CertificateOperationUpdateParameter(cancellation_requested=True), - **kwargs - ) - return CertificateOperation._from_certificate_operation_bundle(certificate_operation_bundle=bundle) - - @distributed_trace_async - async def merge_certificate( - self, - certificate_name: str, - x509_certificates: List[bytes], - *, - enabled: Optional[bool] = None, - tags: Optional[Dict[str, str]] = None, - **kwargs: Any, - ) -> KeyVaultCertificate: - """Merges a certificate or a certificate chain with a key pair existing on the server. - - Requires the certificates/create permission. Performs the merging of a certificate or certificate chain with a - key pair currently available in the service. Make sure when creating the certificate to merge using - :func:`begin_create_certificate` that you set its issuer to 'Unknown'. This way Key Vault knows that the - certificate will not be signed by an issuer known to it. - - :param str certificate_name: The name of the certificate - :param x509_certificates: The certificate or the certificate chain to merge. - :type x509_certificates: list[bytes] - - :keyword bool enabled: Whether the certificate is enabled for use. - :keyword tags: Application specific metadata in the form of key-value pairs. - :paramtype tags: dict[str, str] - - :return: The merged certificate operation - :rtype: ~azure.keyvault.certificates.CertificateOperation - - :raises ~azure.core.exceptions.HttpResponseError: - """ - - if enabled is not None: - attributes = self._models.CertificateAttributes(enabled=enabled) - else: - attributes = None - - parameters = self._models.CertificateMergeParameters( - x509_certificates=x509_certificates, certificate_attributes=attributes, tags=tags - ) - - bundle = await self._client.merge_certificate( - vault_base_url=self.vault_url, - certificate_name=certificate_name, - parameters=parameters, - **kwargs - ) - return KeyVaultCertificate._from_certificate_bundle(certificate_bundle=bundle) - - @distributed_trace_async - async def get_issuer(self, issuer_name: str, **kwargs: Any) -> CertificateIssuer: - """Gets the specified certificate issuer. Requires certificates/manageissuers/getissuers permission. - - :param str issuer_name: The name of the issuer. - - :return: The specified certificate issuer. - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.ResourceNotFoundError or ~azure.core.exceptions.HttpResponseError: - the former if the issuer doesn't exist; the latter for other errors - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START get_issuer] - :end-before: [END get_issuer] - :language: python - :caption: Get an issuer - :dedent: 8 - """ - issuer_bundle = await self._client.get_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) - - @distributed_trace_async - async def create_issuer( - self, - issuer_name: str, - provider: str, - *, - enabled: Optional[bool] = None, - account_id: Optional[str] = None, - password: Optional[str] = None, - organization_id: Optional[str] = None, - admin_contacts: Optional[List[AdministratorContact]] = None, - **kwargs: Any, - ) -> CertificateIssuer: - """Sets the specified certificate issuer. Requires certificates/setissuers permission. - - :param str issuer_name: The name of the issuer. - :param str provider: The issuer provider. - - :keyword bool enabled: Whether the issuer is enabled for use. - :keyword str account_id: The user name/account name/account id. - :keyword str password: The password/secret/account key. - :keyword str organization_id: Id of the organization - :keyword admin_contacts: Contact details of the organization administrators of the - certificate issuer. - :paramtype admin_contacts: list[~azure.keyvault.certificates.AdministratorContact] - - :returns: The created CertificateIssuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START create_issuer] - :end-before: [END create_issuer] - :language: python - :caption: Create an issuer - :dedent: 8 - """ - - if account_id or password: - issuer_credentials = self._models.IssuerCredentials(account_id=account_id, password=password) - else: - issuer_credentials = None - if admin_contacts: - admin_details: Optional[List[Any]] = [ - self._models.AdministratorDetails( - first_name=contact.first_name, - last_name=contact.last_name, - email_address=contact.email, - phone=contact.phone, - ) - for contact in admin_contacts + def __init__(self, vault_base_url: str, credential: "AsyncTokenCredential", **kwargs: Any) -> None: + _endpoint = "{vaultBaseUrl}" + self._config = KeyVaultClientConfiguration(vault_base_url=vault_base_url, credential=credential, **kwargs) + _policies = kwargs.pop("policies", None) + if _policies is None: + _policies = [ + policies.RequestIdPolicy(**kwargs), + self._config.headers_policy, + self._config.user_agent_policy, + self._config.proxy_policy, + policies.ContentDecodePolicy(**kwargs), + self._config.redirect_policy, + self._config.retry_policy, + self._config.authentication_policy, + self._config.custom_hook_policy, + self._config.logging_policy, + policies.DistributedTracingPolicy(**kwargs), + policies.SensitiveHeaderCleanupPolicy(**kwargs) if self._config.redirect_policy else None, + self._config.http_logging_policy, ] - else: - admin_details = None - if organization_id or admin_details: - organization_details = self._models.OrganizationDetails(id=organization_id, admin_details=admin_details) - else: - organization_details = None - if enabled is not None: - issuer_attributes = self._models.IssuerAttributes(enabled=enabled) - else: - issuer_attributes = None - - parameters = self._models.CertificateIssuerSetParameters( - provider=provider, - credentials=issuer_credentials, - organization_details=organization_details, - attributes=issuer_attributes, - ) + self._client: AsyncPipelineClient = AsyncPipelineClient(base_url=_endpoint, policies=_policies, **kwargs) - issuer_bundle = await self._client.set_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, parameter=parameters, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) + self._serialize = Serializer() + self._deserialize = Deserializer() + self._serialize.client_side_validation = False - @distributed_trace_async - async def update_issuer( - self, - issuer_name: str, - *, - enabled: Optional[bool] = None, - provider: Optional[str] = None, - account_id: Optional[str] = None, - password: Optional[str] = None, - organization_id: Optional[str] = None, - admin_contacts: Optional[List[AdministratorContact]] = None, - **kwargs: Any, - ) -> CertificateIssuer: - """Updates the specified certificate issuer. Requires certificates/setissuers permission. + def send_request( + self, request: HttpRequest, *, stream: bool = False, **kwargs: Any + ) -> Awaitable[AsyncHttpResponse]: + """Runs the network request through the client's chained policies. - :param str issuer_name: The name of the issuer. + >>> from azure.core.rest import HttpRequest + >>> request = HttpRequest("GET", "https://www.example.org/") + + >>> response = await client.send_request(request) + - :keyword bool enabled: Whether the issuer is enabled for use. - :keyword str provider: The issuer provider - :keyword str account_id: The user name/account name/account id. - :keyword str password: The password/secret/account key. - :keyword str organization_id: Id of the organization - :keyword admin_contacts: Contact details of the organization administrators of - the certificate issuer - :paramtype admin_contacts: list[~azure.keyvault.certificates.AdministratorContact] + For more information on this code flow, see https://aka.ms/azsdk/dpcodegen/python/send_request - :return: The updated issuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: + :param request: The network request you want to make. Required. + :type request: ~azure.core.rest.HttpRequest + :keyword bool stream: Whether the response payload will be streamed. Defaults to False. + :return: The response of your network call. Does not do error handling on your response. + :rtype: ~azure.core.rest.AsyncHttpResponse """ - if account_id or password: - issuer_credentials = self._models.IssuerCredentials(account_id=account_id, password=password) - else: - issuer_credentials = None - if admin_contacts: - admin_details: Optional[List[Any]] = list( - self._models.AdministratorDetails( - first_name=contact.first_name, - last_name=contact.last_name, - email_address=contact.email, - phone=contact.phone, - ) - for contact in admin_contacts - ) - else: - admin_details = None - if organization_id or admin_details: - organization_details = self._models.OrganizationDetails(id=organization_id, admin_details=admin_details) - else: - organization_details = None - if enabled is not None: - issuer_attributes = self._models.IssuerAttributes(enabled=enabled) - else: - issuer_attributes = None - - parameters = self._models.CertificateIssuerUpdateParameters( - provider=provider, - credentials=issuer_credentials, - organization_details=organization_details, - attributes=issuer_attributes, - ) - - issuer_bundle = await self._client.update_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, parameter=parameters, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) + request_copy = deepcopy(request) + path_format_arguments = { + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), + } - @distributed_trace_async - async def delete_issuer(self, issuer_name: str, **kwargs: Any) -> CertificateIssuer: - """Deletes the specified certificate issuer. + request_copy.url = self._client.format_url(request_copy.url, **path_format_arguments) + return self._client.send_request(request_copy, stream=stream, **kwargs) # type: ignore - Requires certificates/manageissuers/deleteissuers permission. + async def close(self) -> None: + await self._client.close() - :param str issuer_name: The name of the issuer. - - :return: CertificateIssuer - :rtype: ~azure.keyvault.certificates.CertificateIssuer - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START delete_issuer] - :end-before: [END delete_issuer] - :language: python - :caption: Delete an issuer - :dedent: 8 - """ - issuer_bundle = await self._client.delete_certificate_issuer( - vault_base_url=self.vault_url, issuer_name=issuer_name, **kwargs - ) - return CertificateIssuer._from_issuer_bundle(issuer_bundle=issuer_bundle) - - @distributed_trace - def list_properties_of_issuers(self, **kwargs: Any) -> AsyncItemPaged[IssuerProperties]: - """Lists properties of the certificate issuers for the key vault. - - Requires the certificates/manageissuers/getissuers permission. - - :return: An iterator-like instance of Issuers - :rtype: ~azure.core.paging.ItemPaged[~azure.keyvault.certificates.CertificateIssuer] - - :raises ~azure.core.exceptions.HttpResponseError: - - Example: - .. literalinclude:: ../tests/test_examples_certificates_async.py - :start-after: [START list_properties_of_issuers] - :end-before: [END list_properties_of_issuers] - :language: python - :caption: List issuers of a vault - :dedent: 8 - """ - max_page_size = kwargs.pop("max_page_size", None) - return self._client.get_certificate_issuers( - vault_base_url=self.vault_url, - maxresults=max_page_size, - cls=lambda objs: [IssuerProperties._from_issuer_item(x) for x in objs], - **kwargs - ) - - async def __aenter__(self) -> "CertificateClient": + async def __aenter__(self) -> Self: await self._client.__aenter__() return self + + async def __aexit__(self, *exc_details: Any) -> None: + await self._client.__aexit__(*exc_details) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_configuration.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_configuration.py similarity index 54% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_configuration.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_configuration.py index 8dd6125e8e1d..a0506cc2498f 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_configuration.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_configuration.py @@ -2,15 +2,18 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -from typing import Any +from typing import Any, TYPE_CHECKING from azure.core.pipeline import policies -VERSION = "unknown" +from .._version import VERSION + +if TYPE_CHECKING: + from azure.core.credentials_async import AsyncTokenCredential class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attributes @@ -19,16 +22,28 @@ class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attribut Note that all parameters used to create this instance are saved as instance attributes. - :keyword api_version: Api Version. Default value is "7.5". Note that overriding this default - value may result in unsupported behavior. + :param vault_base_url: Required. + :type vault_base_url: str + :param credential: Credential used to authenticate requests to the service. Required. + :type credential: ~azure.core.credentials_async.AsyncTokenCredential + :keyword api_version: The API version to use for this operation. Default value is + "7.6-preview.1". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str """ - def __init__(self, **kwargs: Any) -> None: - api_version: str = kwargs.pop("api_version", "7.5") + def __init__(self, vault_base_url: str, credential: "AsyncTokenCredential", **kwargs: Any) -> None: + api_version: str = kwargs.pop("api_version", "7.6-preview.1") + + if vault_base_url is None: + raise ValueError("Parameter 'vault_base_url' must not be None.") + if credential is None: + raise ValueError("Parameter 'credential' must not be None.") + self.vault_base_url = vault_base_url + self.credential = credential self.api_version = api_version - kwargs.setdefault("sdk_moniker", "keyvault/{}".format(VERSION)) + self.credential_scopes = kwargs.pop("credential_scopes", ["https://vault.azure.net/.default"]) + kwargs.setdefault("sdk_moniker", "keyvault-certificates/{}".format(VERSION)) self.polling_interval = kwargs.get("polling_interval", 30) self._configure(**kwargs) @@ -42,3 +57,7 @@ def _configure(self, **kwargs: Any) -> None: self.redirect_policy = kwargs.get("redirect_policy") or policies.AsyncRedirectPolicy(**kwargs) self.retry_policy = kwargs.get("retry_policy") or policies.AsyncRetryPolicy(**kwargs) self.authentication_policy = kwargs.get("authentication_policy") + if self.credential and not self.authentication_policy: + self.authentication_policy = policies.AsyncBearerTokenCredentialPolicy( + self.credential, *self.credential_scopes, **kwargs + ) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/__init__.py similarity index 58% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/__init__.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/__init__.py index 29ea96fccbfe..d514f5e4b5be 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/__init__.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/__init__.py @@ -2,18 +2,24 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- +# pylint: disable=wrong-import-position -from ._operations import KeyVaultClientOperationsMixin +from typing import TYPE_CHECKING + +if TYPE_CHECKING: + from ._patch import * # pylint: disable=unused-wildcard-import + +from ._operations import KeyVaultClientOperationsMixin # type: ignore from ._patch import __all__ as _patch_all -from ._patch import * # pylint: disable=unused-wildcard-import +from ._patch import * from ._patch import patch_sdk as _patch_sdk __all__ = [ "KeyVaultClientOperationsMixin", ] -__all__.extend([p for p in _patch_all if p not in __all__]) +__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore _patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/_operations.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/_operations.py similarity index 66% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/_operations.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/_operations.py index 729afcf8a10a..d624374123e3 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/_operations.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/_operations.py @@ -1,13 +1,15 @@ -# pylint: disable=too-many-lines,too-many-statements +# pylint: disable=too-many-lines # coding=utf-8 # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- from io import IOBase -from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import json +import sys +from typing import Any, AsyncIterable, Callable, Dict, IO, List, Optional, TypeVar, Union, overload import urllib.parse from azure.core.async_paging import AsyncItemPaged, AsyncList @@ -17,6 +19,8 @@ ResourceExistsError, ResourceNotFoundError, ResourceNotModifiedError, + StreamClosedError, + StreamConsumedError, map_error, ) from azure.core.pipeline import PipelineResponse @@ -26,6 +30,7 @@ from azure.core.utils import case_insensitive_dict from ... import models as _models +from ..._model_base import SdkJSONEncoder, _deserialize, _failsafe_deserialize from ..._operations._operations import ( build_key_vault_backup_certificate_request, build_key_vault_create_certificate_request, @@ -57,27 +62,26 @@ ) from .._vendor import KeyVaultClientMixinABC +if sys.version_info >= (3, 9): + from collections.abc import MutableMapping +else: + from typing import MutableMapping # type: ignore +JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] class KeyVaultClientOperationsMixin(KeyVaultClientMixinABC): # pylint: disable=too-many-public-methods + @distributed_trace def get_certificates( - self, - vault_base_url: str, - *, - maxresults: Optional[int] = None, - include_pending: Optional[bool] = None, - **kwargs: Any + self, *, maxresults: Optional[int] = None, include_pending: Optional[bool] = None, **kwargs: Any ) -> AsyncIterable["_models.CertificateItem"]: """List certificates in a specified key vault. The GetCertificates operation returns the set of certificates resources in the specified key vault. This operation requires the certificates/list permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int @@ -85,17 +89,16 @@ def get_certificates( provisioned. Default value is None. :paramtype include_pending: bool :return: An iterator like instance of CertificateItem - :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.v7_5.models.CertificateItem] + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.certificates.models.CertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -114,7 +117,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -132,20 +137,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request async def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, AsyncList(list_of_elem) + return deserialized.get("nextLink") or None, AsyncList(list_of_elem) async def get_next(next_link=None): _request = prepare_request(next_link) @@ -157,10 +162,8 @@ async def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - await response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -168,24 +171,21 @@ async def get_next(next_link=None): return AsyncItemPaged(get_next, extract_data) @distributed_trace_async - async def delete_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.DeletedCertificateBundle: + async def delete_certificate(self, certificate_name: str, **kwargs: Any) -> _models.DeletedCertificateBundle: """Deletes a certificate from a specified key vault. Deletes all versions of a certificate object along with its associated policy. Delete certificate cannot be used to remove individual versions of a certificate object. This operation requires the certificates/delete permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: DeletedCertificateBundle - :rtype: ~azure.keyvault.v7_5.models.DeletedCertificateBundle + :return: DeletedCertificateBundle. The DeletedCertificateBundle is compatible with + MutableMapping + :rtype: ~azure.keyvault.certificates.models.DeletedCertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -205,11 +205,13 @@ async def delete_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -218,12 +220,18 @@ async def delete_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("DeletedCertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.DeletedCertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -232,68 +240,78 @@ async def delete_certificate( @overload async def set_certificate_contacts( - self, vault_base_url: str, contacts: _models.Contacts, *, content_type: str = "application/json", **kwargs: Any + self, contacts: _models.Contacts, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.Contacts: + """Sets the certificate contacts for the specified key vault. + + Sets the certificate contacts for the specified key vault. This operation requires the + certificates/managecontacts permission. + + :param contacts: The contacts for the key vault certificate. Required. + :type contacts: ~azure.keyvault.certificates.models.Contacts + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def set_certificate_contacts( + self, contacts: JSON, *, content_type: str = "application/json", **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param contacts: The contacts for the key vault certificate. Required. - :type contacts: ~azure.keyvault.v7_5.models.Contacts + :type contacts: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def set_certificate_contacts( - self, vault_base_url: str, contacts: IO[bytes], *, content_type: str = "application/json", **kwargs: Any + self, contacts: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param contacts: The contacts for the key vault certificate. Required. :type contacts: IO[bytes] :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def set_certificate_contacts( - self, vault_base_url: str, contacts: Union[_models.Contacts, IO[bytes]], **kwargs: Any + self, contacts: Union[_models.Contacts, JSON, IO[bytes]], **kwargs: Any ) -> _models.Contacts: """Sets the certificate contacts for the specified key vault. Sets the certificate contacts for the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :param contacts: The contacts for the key vault certificate. Is either a Contacts type or a - IO[bytes] type. Required. - :type contacts: ~azure.keyvault.v7_5.models.Contacts or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :param contacts: The contacts for the key vault certificate. Is one of the following types: + Contacts, JSON, IO[bytes] Required. + :type contacts: ~azure.keyvault.certificates.models.Contacts or JSON or IO[bytes] + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -308,27 +326,27 @@ async def set_certificate_contacts( cls: ClsType[_models.Contacts] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(contacts, (IOBase, bytes)): _content = contacts else: - _json = self._serialize.body(contacts, "Contacts") + _content = json.dumps(contacts, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_set_certificate_contacts_request( content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -337,12 +355,18 @@ async def set_certificate_contacts( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -350,19 +374,17 @@ async def set_certificate_contacts( return deserialized # type: ignore @distributed_trace_async - async def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _models.Contacts: + async def get_certificate_contacts(self, **kwargs: Any) -> _models.Contacts: """Lists the certificate contacts for a specified key vault. The GetCertificateContacts operation returns the set of certificate contact resources in the specified key vault. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -381,11 +403,13 @@ async def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -394,12 +418,18 @@ async def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -407,19 +437,17 @@ async def get_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> return deserialized # type: ignore @distributed_trace_async - async def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) -> _models.Contacts: + async def delete_certificate_contacts(self, **kwargs: Any) -> _models.Contacts: """Deletes the certificate contacts for a specified key vault. Deletes the certificate contacts for a specified key vault certificate. This operation requires the certificates/managecontacts permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :return: Contacts - :rtype: ~azure.keyvault.v7_5.models.Contacts + :return: Contacts. The Contacts is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.Contacts :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -438,11 +466,13 @@ async def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -451,12 +481,18 @@ async def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("Contacts", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.Contacts, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -465,7 +501,7 @@ async def delete_certificate_contacts(self, vault_base_url: str, **kwargs: Any) @distributed_trace def get_certificate_issuers( - self, vault_base_url: str, *, maxresults: Optional[int] = None, **kwargs: Any + self, *, maxresults: Optional[int] = None, **kwargs: Any ) -> AsyncIterable["_models.CertificateIssuerItem"]: """List certificate issuers for a specified key vault. @@ -473,24 +509,20 @@ def get_certificate_issuers( specified key vault. This operation requires the certificates/manageissuers/getissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int :return: An iterator like instance of CertificateIssuerItem :rtype: - ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.v7_5.models.CertificateIssuerItem] + ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.certificates.models.CertificateIssuerItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateIssuerListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateIssuerItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -508,7 +540,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -526,20 +560,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request async def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateIssuerListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateIssuerItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, AsyncList(list_of_elem) + return deserialized.get("nextLink") or None, AsyncList(list_of_elem) async def get_next(next_link=None): _request = prepare_request(next_link) @@ -551,10 +585,8 @@ async def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - await response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -564,7 +596,6 @@ async def get_next(next_link=None): @overload async def set_certificate_issuer( self, - vault_base_url: str, issuer_name: str, parameter: _models.CertificateIssuerSetParameters, *, @@ -576,39 +607,52 @@ async def set_certificate_issuer( The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type issuer_name: str :param parameter: Certificate issuer set parameter. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerSetParameters + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerSetParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def set_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, issuer_name: str, parameter: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.IssuerBundle: + """Sets the specified certificate issuer. + + The SetCertificateIssuer operation adds or updates the specified certificate issuer. This + operation requires the certificates/setissuers permission. + + :param issuer_name: The name of the issuer. The value you provide may be copied globally for + the purpose of running the service. The value provided should not include personally + identifiable or sensitive information. Required. + :type issuer_name: str + :param parameter: Certificate issuer set parameter. Required. + :type parameter: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def set_certificate_issuer( + self, issuer_name: str, parameter: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.IssuerBundle: """Sets the specified certificate issuer. The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -618,41 +662,33 @@ async def set_certificate_issuer( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def set_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: Union[_models.CertificateIssuerSetParameters, IO[bytes]], - **kwargs: Any + self, issuer_name: str, parameter: Union[_models.CertificateIssuerSetParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.IssuerBundle: """Sets the specified certificate issuer. The SetCertificateIssuer operation adds or updates the specified certificate issuer. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type issuer_name: str - :param parameter: Certificate issuer set parameter. Is either a CertificateIssuerSetParameters - type or a IO[bytes] type. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerSetParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :param parameter: Certificate issuer set parameter. Is one of the following types: + CertificateIssuerSetParameters, JSON, IO[bytes] Required. + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerSetParameters or JSON or + IO[bytes] + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -667,28 +703,28 @@ async def set_certificate_issuer( cls: ClsType[_models.IssuerBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameter, (IOBase, bytes)): _content = parameter else: - _json = self._serialize.body(parameter, "CertificateIssuerSetParameters") + _content = json.dumps(parameter, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_set_certificate_issuer_request( issuer_name=issuer_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -697,12 +733,18 @@ async def set_certificate_issuer( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -712,7 +754,6 @@ async def set_certificate_issuer( @overload async def update_certificate_issuer( self, - vault_base_url: str, issuer_name: str, parameter: _models.CertificateIssuerUpdateParameters, *, @@ -724,37 +765,48 @@ async def update_certificate_issuer( The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str :param parameter: Certificate issuer update parameter. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerUpdateParameters + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerUpdateParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def update_certificate_issuer( - self, - vault_base_url: str, - issuer_name: str, - parameter: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, issuer_name: str, parameter: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.IssuerBundle: + """Updates the specified certificate issuer. + + The UpdateCertificateIssuer operation performs an update on the specified certificate issuer + entity. This operation requires the certificates/setissuers permission. + + :param issuer_name: The name of the issuer. Required. + :type issuer_name: str + :param parameter: Certificate issuer update parameter. Required. + :type parameter: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def update_certificate_issuer( + self, issuer_name: str, parameter: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.IssuerBundle: """Updates the specified certificate issuer. The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str :param parameter: Certificate issuer update parameter. Required. @@ -762,17 +814,16 @@ async def update_certificate_issuer( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def update_certificate_issuer( self, - vault_base_url: str, issuer_name: str, - parameter: Union[_models.CertificateIssuerUpdateParameters, IO[bytes]], + parameter: Union[_models.CertificateIssuerUpdateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.IssuerBundle: """Updates the specified certificate issuer. @@ -780,21 +831,17 @@ async def update_certificate_issuer( The UpdateCertificateIssuer operation performs an update on the specified certificate issuer entity. This operation requires the certificates/setissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :param parameter: Certificate issuer update parameter. Is either a - CertificateIssuerUpdateParameters type or a IO[bytes] type. Required. - :type parameter: ~azure.keyvault.v7_5.models.CertificateIssuerUpdateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :param parameter: Certificate issuer update parameter. Is one of the following types: + CertificateIssuerUpdateParameters, JSON, IO[bytes] Required. + :type parameter: ~azure.keyvault.certificates.models.CertificateIssuerUpdateParameters or JSON + or IO[bytes] + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -809,28 +856,28 @@ async def update_certificate_issuer( cls: ClsType[_models.IssuerBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameter, (IOBase, bytes)): _content = parameter else: - _json = self._serialize.body(parameter, "CertificateIssuerUpdateParameters") + _content = json.dumps(parameter, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_issuer_request( issuer_name=issuer_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -839,12 +886,18 @@ async def update_certificate_issuer( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -852,24 +905,20 @@ async def update_certificate_issuer( return deserialized # type: ignore @distributed_trace_async - async def get_certificate_issuer( - self, vault_base_url: str, issuer_name: str, **kwargs: Any - ) -> _models.IssuerBundle: + async def get_certificate_issuer(self, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: """Lists the specified certificate issuer. The GetCertificateIssuer operation returns the specified certificate issuer resources in the specified key vault. This operation requires the certificates/manageissuers/getissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -889,11 +938,13 @@ async def get_certificate_issuer( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -902,12 +953,18 @@ async def get_certificate_issuer( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -915,23 +972,19 @@ async def get_certificate_issuer( return deserialized # type: ignore @distributed_trace_async - async def delete_certificate_issuer( - self, vault_base_url: str, issuer_name: str, **kwargs: Any - ) -> _models.IssuerBundle: + async def delete_certificate_issuer(self, issuer_name: str, **kwargs: Any) -> _models.IssuerBundle: """Deletes the specified certificate issuer. The DeleteCertificateIssuer operation permanently removes the specified certificate issuer from the vault. This operation requires the certificates/manageissuers/deleteissuers permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param issuer_name: The name of the issuer. Required. :type issuer_name: str - :return: IssuerBundle - :rtype: ~azure.keyvault.v7_5.models.IssuerBundle + :return: IssuerBundle. The IssuerBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.IssuerBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -951,11 +1004,13 @@ async def delete_certificate_issuer( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -964,12 +1019,18 @@ async def delete_certificate_issuer( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("IssuerBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.IssuerBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -979,7 +1040,6 @@ async def delete_certificate_issuer( @overload async def create_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateCreateParameters, *, @@ -991,39 +1051,52 @@ async def create_certificate( If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str :param parameters: The parameters to create a certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateCreateParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateCreateParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def create_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateOperation: + """Creates a new certificate. + + If this is the first version, the certificate resource is created. This operation requires the + certificates/create permission. + + :param certificate_name: The name of the certificate. The value you provide may be copied + globally for the purpose of running the service. The value provided should not include + personally identifiable or sensitive information. Required. + :type certificate_name: str + :param parameters: The parameters to create a certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateOperation: """Creates a new certificate. If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -1033,17 +1106,16 @@ async def create_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def create_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateCreateParameters, IO[bytes]], + parameters: Union[_models.CertificateCreateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateOperation: """Creates a new certificate. @@ -1051,23 +1123,19 @@ async def create_certificate( If this is the first version, the certificate resource is created. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str - :param parameters: The parameters to create a certificate. Is either a - CertificateCreateParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateCreateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :param parameters: The parameters to create a certificate. Is one of the following types: + CertificateCreateParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateCreateParameters or JSON or + IO[bytes] + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1082,28 +1150,28 @@ async def create_certificate( cls: ClsType[_models.CertificateOperation] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateCreateParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_create_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1112,12 +1180,18 @@ async def create_certificate( if response.status_code not in [202]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1127,7 +1201,6 @@ async def create_certificate( @overload async def import_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateImportParameters, *, @@ -1141,31 +1214,48 @@ async def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str :param parameters: The parameters to import the certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateImportParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateImportParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def import_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Imports a certificate into a specified key vault. + + Imports an existing valid certificate, containing a private key, into Azure Key Vault. This + operation requires the certificates/import permission. The certificate to be imported can be in + either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key + as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. + + :param certificate_name: The name of the certificate. The value you provide may be copied + globally for the purpose of running the service. The value provided should not include + personally identifiable or sensitive information. Required. + :type certificate_name: str + :param parameters: The parameters to import the certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def import_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Imports a certificate into a specified key vault. @@ -1174,8 +1264,6 @@ async def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. @@ -1185,17 +1273,16 @@ async def import_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def import_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateImportParameters, IO[bytes]], + parameters: Union[_models.CertificateImportParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Imports a certificate into a specified key vault. @@ -1205,23 +1292,19 @@ async def import_certificate( either PFX or PEM format. If the certificate is in PEM format the PEM file must contain the key as well as x509 certificates. Key Vault will only accept a key in PKCS#8 format. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. The value you provide may be copied globally for the purpose of running the service. The value provided should not include personally identifiable or sensitive information. Required. :type certificate_name: str - :param parameters: The parameters to import the certificate. Is either a - CertificateImportParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateImportParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to import the certificate. Is one of the following types: + CertificateImportParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateImportParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1236,28 +1319,28 @@ async def import_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateImportParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_import_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1266,12 +1349,18 @@ async def import_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1280,32 +1369,29 @@ async def import_certificate( @distributed_trace def get_certificate_versions( - self, vault_base_url: str, certificate_name: str, *, maxresults: Optional[int] = None, **kwargs: Any + self, certificate_name: str, *, maxresults: Optional[int] = None, **kwargs: Any ) -> AsyncIterable["_models.CertificateItem"]: """List the versions of a certificate. The GetCertificateVersions operation returns the versions of a certificate in the specified key vault. This operation requires the certificates/list permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int :return: An iterator like instance of CertificateItem - :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.v7_5.models.CertificateItem] + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.certificates.models.CertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.CertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.CertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1324,7 +1410,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -1342,20 +1430,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request async def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.CertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.CertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, AsyncList(list_of_elem) + return deserialized.get("nextLink") or None, AsyncList(list_of_elem) async def get_next(next_link=None): _request = prepare_request(next_link) @@ -1367,10 +1455,8 @@ async def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - await response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -1378,23 +1464,19 @@ async def get_next(next_link=None): return AsyncItemPaged(get_next, extract_data) @distributed_trace_async - async def get_certificate_policy( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificatePolicy: + async def get_certificate_policy(self, certificate_name: str, **kwargs: Any) -> _models.CertificatePolicy: """Lists the policy for a certificate. The GetCertificatePolicy operation returns the specified certificate policy resources in the specified key vault. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in a given key vault. Required. :type certificate_name: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1414,11 +1496,13 @@ async def get_certificate_policy( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1427,12 +1511,18 @@ async def get_certificate_policy( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificatePolicy", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificatePolicy, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1442,7 +1532,6 @@ async def get_certificate_policy( @overload async def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, certificate_policy: _models.CertificatePolicy, *, @@ -1454,24 +1543,42 @@ async def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_policy: The policy for the certificate. Required. - :type certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy + :type certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def update_certificate_policy( + self, certificate_name: str, certificate_policy: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificatePolicy: + """Updates the policy for a certificate. + + Set specified members in the certificate policy. Leave others as null. This operation requires + the certificates/update permission. + + :param certificate_name: The name of the certificate in the given vault. Required. + :type certificate_name: str + :param certificate_policy: The policy for the certificate. Required. + :type certificate_policy: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, certificate_policy: IO[bytes], *, @@ -1483,8 +1590,6 @@ async def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_policy: The policy for the certificate. Required. @@ -1492,17 +1597,16 @@ async def update_certificate_policy( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def update_certificate_policy( self, - vault_base_url: str, certificate_name: str, - certificate_policy: Union[_models.CertificatePolicy, IO[bytes]], + certificate_policy: Union[_models.CertificatePolicy, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificatePolicy: """Updates the policy for a certificate. @@ -1510,21 +1614,17 @@ async def update_certificate_policy( Set specified members in the certificate policy. Leave others as null. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str - :param certificate_policy: The policy for the certificate. Is either a CertificatePolicy type - or a IO[bytes] type. Required. - :type certificate_policy: ~azure.keyvault.v7_5.models.CertificatePolicy or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificatePolicy - :rtype: ~azure.keyvault.v7_5.models.CertificatePolicy + :param certificate_policy: The policy for the certificate. Is one of the following types: + CertificatePolicy, JSON, IO[bytes] Required. + :type certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy or JSON or + IO[bytes] + :return: CertificatePolicy. The CertificatePolicy is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificatePolicy :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1539,28 +1639,28 @@ async def update_certificate_policy( cls: ClsType[_models.CertificatePolicy] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(certificate_policy, (IOBase, bytes)): _content = certificate_policy else: - _json = self._serialize.body(certificate_policy, "CertificatePolicy") + _content = json.dumps(certificate_policy, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_policy_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1569,12 +1669,18 @@ async def update_certificate_policy( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificatePolicy", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificatePolicy, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1584,7 +1690,6 @@ async def update_certificate_policy( @overload async def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, parameters: _models.CertificateUpdateParameters, @@ -1598,26 +1703,53 @@ async def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. :type certificate_version: str :param parameters: The parameters for certificate update. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateUpdateParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateUpdateParameters + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def update_certificate( + self, + certificate_name: str, + certificate_version: str, + parameters: JSON, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.CertificateBundle: + """Updates the specified attributes associated with the given certificate. + + The UpdateCertificate operation applies the specified update on the given certificate; the only + elements updated are the certificate's attributes. This operation requires the + certificates/update permission. + + :param certificate_name: The name of the certificate in the given key vault. Required. + :type certificate_name: str + :param certificate_version: The version of the certificate. Required. + :type certificate_version: str + :param parameters: The parameters for certificate update. Required. + :type parameters: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, parameters: IO[bytes], @@ -1631,8 +1763,6 @@ async def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. @@ -1642,18 +1772,17 @@ async def update_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def update_certificate( self, - vault_base_url: str, certificate_name: str, certificate_version: str, - parameters: Union[_models.CertificateUpdateParameters, IO[bytes]], + parameters: Union[_models.CertificateUpdateParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Updates the specified attributes associated with the given certificate. @@ -1662,23 +1791,19 @@ async def update_certificate( elements updated are the certificate's attributes. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given key vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. Required. :type certificate_version: str - :param parameters: The parameters for certificate update. Is either a - CertificateUpdateParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateUpdateParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters for certificate update. Is one of the following types: + CertificateUpdateParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateUpdateParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1693,29 +1818,29 @@ async def update_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateUpdateParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_request( certificate_name=certificate_name, certificate_version=certificate_version, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1724,12 +1849,18 @@ async def update_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1738,25 +1869,23 @@ async def update_certificate( @distributed_trace_async async def get_certificate( - self, vault_base_url: str, certificate_name: str, certificate_version: str, **kwargs: Any + self, certificate_name: str, certificate_version: str, **kwargs: Any ) -> _models.CertificateBundle: """Gets information about a certificate. Gets information about a specific certificate. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate in the given vault. Required. :type certificate_name: str :param certificate_version: The version of the certificate. This URI fragment is optional. If not specified, the latest version of the certificate is returned. Required. :type certificate_version: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1777,11 +1906,13 @@ async def get_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1790,12 +1921,18 @@ async def get_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1805,7 +1942,6 @@ async def get_certificate( @overload async def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, certificate_operation: _models.CertificateOperationUpdateParameter, *, @@ -1817,24 +1953,48 @@ async def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param certificate_operation: The certificate operation response. Required. - :type certificate_operation: ~azure.keyvault.v7_5.models.CertificateOperationUpdateParameter + :type certificate_operation: + ~azure.keyvault.certificates.models.CertificateOperationUpdateParameter + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def update_certificate_operation( + self, + certificate_name: str, + certificate_operation: JSON, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.CertificateOperation: + """Updates a certificate operation. + + Updates a certificate creation operation that is already in progress. This operation requires + the certificates/update permission. + + :param certificate_name: The name of the certificate. Required. + :type certificate_name: str + :param certificate_operation: The certificate operation response. Required. + :type certificate_operation: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, certificate_operation: IO[bytes], *, @@ -1846,8 +2006,6 @@ async def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param certificate_operation: The certificate operation response. Required. @@ -1855,17 +2013,16 @@ async def update_certificate_operation( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def update_certificate_operation( self, - vault_base_url: str, certificate_name: str, - certificate_operation: Union[_models.CertificateOperationUpdateParameter, IO[bytes]], + certificate_operation: Union[_models.CertificateOperationUpdateParameter, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateOperation: """Updates a certificate operation. @@ -1873,22 +2030,17 @@ async def update_certificate_operation( Updates a certificate creation operation that is already in progress. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :param certificate_operation: The certificate operation response. Is either a - CertificateOperationUpdateParameter type or a IO[bytes] type. Required. - :type certificate_operation: ~azure.keyvault.v7_5.models.CertificateOperationUpdateParameter or - IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :param certificate_operation: The certificate operation response. Is one of the following + types: CertificateOperationUpdateParameter, JSON, IO[bytes] Required. + :type certificate_operation: + ~azure.keyvault.certificates.models.CertificateOperationUpdateParameter or JSON or IO[bytes] + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1903,28 +2055,28 @@ async def update_certificate_operation( cls: ClsType[_models.CertificateOperation] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(certificate_operation, (IOBase, bytes)): _content = certificate_operation else: - _json = self._serialize.body(certificate_operation, "CertificateOperationUpdateParameter") + _content = json.dumps(certificate_operation, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_update_certificate_operation_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1933,12 +2085,18 @@ async def update_certificate_operation( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -1946,23 +2104,19 @@ async def update_certificate_operation( return deserialized # type: ignore @distributed_trace_async - async def get_certificate_operation( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateOperation: + async def get_certificate_operation(self, certificate_name: str, **kwargs: Any) -> _models.CertificateOperation: """Gets the creation operation of a certificate. Gets the creation operation associated with a specified certificate. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -1982,11 +2136,13 @@ async def get_certificate_operation( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -1995,12 +2151,18 @@ async def get_certificate_operation( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2008,24 +2170,20 @@ async def get_certificate_operation( return deserialized # type: ignore @distributed_trace_async - async def delete_certificate_operation( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateOperation: + async def delete_certificate_operation(self, certificate_name: str, **kwargs: Any) -> _models.CertificateOperation: """Deletes the creation operation for a specific certificate. Deletes the creation operation for a specified certificate that is in the process of being created. The certificate is no longer created. This operation requires the certificates/update permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: CertificateOperation - :rtype: ~azure.keyvault.v7_5.models.CertificateOperation + :return: CertificateOperation. The CertificateOperation is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateOperation :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2045,11 +2203,13 @@ async def delete_certificate_operation( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2058,12 +2218,18 @@ async def delete_certificate_operation( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateOperation", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateOperation, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2073,7 +2239,6 @@ async def delete_certificate_operation( @overload async def merge_certificate( self, - vault_base_url: str, certificate_name: str, parameters: _models.CertificateMergeParameters, *, @@ -2086,29 +2251,43 @@ async def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param parameters: The parameters to merge certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateMergeParameters + :type parameters: ~azure.keyvault.certificates.models.CertificateMergeParameters :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def merge_certificate( - self, - vault_base_url: str, - certificate_name: str, - parameters: IO[bytes], - *, - content_type: str = "application/json", - **kwargs: Any + self, certificate_name: str, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Merges a certificate or a certificate chain with a key pair existing on the server. + + The MergeCertificate operation performs the merging of a certificate or certificate chain with + a key pair currently available in the service. This operation requires the certificates/create + permission. + + :param certificate_name: The name of the certificate. Required. + :type certificate_name: str + :param parameters: The parameters to merge certificate. Required. + :type parameters: JSON + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def merge_certificate( + self, certificate_name: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Merges a certificate or a certificate chain with a key pair existing on the server. @@ -2116,8 +2295,6 @@ async def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :param parameters: The parameters to merge certificate. Required. @@ -2125,17 +2302,16 @@ async def merge_certificate( :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def merge_certificate( self, - vault_base_url: str, certificate_name: str, - parameters: Union[_models.CertificateMergeParameters, IO[bytes]], + parameters: Union[_models.CertificateMergeParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Merges a certificate or a certificate chain with a key pair existing on the server. @@ -2144,21 +2320,17 @@ async def merge_certificate( a key pair currently available in the service. This operation requires the certificates/create permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :param parameters: The parameters to merge certificate. Is either a CertificateMergeParameters - type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateMergeParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to merge certificate. Is one of the following types: + CertificateMergeParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateMergeParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2173,28 +2345,28 @@ async def merge_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateMergeParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_merge_certificate_request( certificate_name=certificate_name, content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2203,12 +2375,18 @@ async def merge_certificate( if response.status_code not in [201]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2216,24 +2394,20 @@ async def merge_certificate( return deserialized # type: ignore @distributed_trace_async - async def backup_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.BackupCertificateResult: + async def backup_certificate(self, certificate_name: str, **kwargs: Any) -> _models.BackupCertificateResult: """Backs up the specified certificate. Requests that a backup of the specified certificate be downloaded to the client. All versions of the certificate will be downloaded. This operation requires the certificates/backup permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: BackupCertificateResult - :rtype: ~azure.keyvault.v7_5.models.BackupCertificateResult + :return: BackupCertificateResult. The BackupCertificateResult is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.BackupCertificateResult :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2253,11 +2427,13 @@ async def backup_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2266,12 +2442,18 @@ async def backup_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("BackupCertificateResult", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.BackupCertificateResult, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2280,73 +2462,79 @@ async def backup_certificate( @overload async def restore_certificate( - self, - vault_base_url: str, - parameters: _models.CertificateRestoreParameters, - *, - content_type: str = "application/json", - **kwargs: Any + self, parameters: _models.CertificateRestoreParameters, *, content_type: str = "application/json", **kwargs: Any + ) -> _models.CertificateBundle: + """Restores a backed up certificate to a vault. + + Restores a backed up certificate, and all its versions, to a vault. This operation requires the + certificates/restore permission. + + :param parameters: The parameters to restore the certificate. Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateRestoreParameters + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def restore_certificate( + self, parameters: JSON, *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param parameters: The parameters to restore the certificate. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateRestoreParameters + :type parameters: JSON :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @overload async def restore_certificate( - self, vault_base_url: str, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any + self, parameters: IO[bytes], *, content_type: str = "application/json", **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param parameters: The parameters to restore the certificate. Required. :type parameters: IO[bytes] :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ @distributed_trace_async async def restore_certificate( - self, vault_base_url: str, parameters: Union[_models.CertificateRestoreParameters, IO[bytes]], **kwargs: Any + self, parameters: Union[_models.CertificateRestoreParameters, JSON, IO[bytes]], **kwargs: Any ) -> _models.CertificateBundle: """Restores a backed up certificate to a vault. Restores a backed up certificate, and all its versions, to a vault. This operation requires the certificates/restore permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str - :param parameters: The parameters to restore the certificate. Is either a - CertificateRestoreParameters type or a IO[bytes] type. Required. - :type parameters: ~azure.keyvault.v7_5.models.CertificateRestoreParameters or IO[bytes] - :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. - Default value is None. - :paramtype content_type: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :param parameters: The parameters to restore the certificate. Is one of the following types: + CertificateRestoreParameters, JSON, IO[bytes] Required. + :type parameters: ~azure.keyvault.certificates.models.CertificateRestoreParameters or JSON or + IO[bytes] + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2361,27 +2549,27 @@ async def restore_certificate( cls: ClsType[_models.CertificateBundle] = kwargs.pop("cls", None) content_type = content_type or "application/json" - _json = None _content = None if isinstance(parameters, (IOBase, bytes)): _content = parameters else: - _json = self._serialize.body(parameters, "CertificateRestoreParameters") + _content = json.dumps(parameters, cls=SdkJSONEncoder, exclude_readonly=True) # type: ignore _request = build_key_vault_restore_certificate_request( content_type=content_type, api_version=self._config.api_version, - json=_json, content=_content, headers=_headers, params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2390,12 +2578,18 @@ async def restore_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2404,12 +2598,7 @@ async def restore_certificate( @distributed_trace def get_deleted_certificates( - self, - vault_base_url: str, - *, - maxresults: Optional[int] = None, - include_pending: Optional[bool] = None, - **kwargs: Any + self, *, maxresults: Optional[int] = None, include_pending: Optional[bool] = None, **kwargs: Any ) -> AsyncIterable["_models.DeletedCertificateItem"]: """Lists the deleted certificates in the specified vault currently available for recovery. @@ -2418,8 +2607,6 @@ def get_deleted_certificates( information. This operation requires the certificates/get/list permission. This operation can only be enabled on soft-delete enabled vaults. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :keyword maxresults: Maximum number of results to return in a page. If not specified the service will return up to 25 results. Default value is None. :paramtype maxresults: int @@ -2428,17 +2615,15 @@ def get_deleted_certificates( :paramtype include_pending: bool :return: An iterator like instance of DeletedCertificateItem :rtype: - ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.v7_5.models.DeletedCertificateItem] + ~azure.core.async_paging.AsyncItemPaged[~azure.keyvault.certificates.models.DeletedCertificateItem] :raises ~azure.core.exceptions.HttpResponseError: """ _headers = kwargs.pop("headers", {}) or {} _params = kwargs.pop("params", {}) or {} - cls: ClsType[_models._models.DeletedCertificateListResult] = kwargs.pop( # pylint: disable=protected-access - "cls", None - ) + cls: ClsType[List[_models.DeletedCertificateItem]] = kwargs.pop("cls", None) - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2457,7 +2642,9 @@ def prepare_request(next_link=None): params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -2475,20 +2662,20 @@ def prepare_request(next_link=None): "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) return _request async def extract_data(pipeline_response): - deserialized = self._deserialize( - _models._models.DeletedCertificateListResult, pipeline_response # pylint: disable=protected-access - ) - list_of_elem = deserialized.value + deserialized = pipeline_response.http_response.json() + list_of_elem = _deserialize(List[_models.DeletedCertificateItem], deserialized["value"]) if cls: list_of_elem = cls(list_of_elem) # type: ignore - return deserialized.next_link or None, AsyncList(list_of_elem) + return deserialized.get("nextLink") or None, AsyncList(list_of_elem) async def get_next(next_link=None): _request = prepare_request(next_link) @@ -2500,10 +2687,8 @@ async def get_next(next_link=None): response = pipeline_response.http_response if response.status_code not in [200]: - if _stream: - await response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) return pipeline_response @@ -2511,24 +2696,21 @@ async def get_next(next_link=None): return AsyncItemPaged(get_next, extract_data) @distributed_trace_async - async def get_deleted_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.DeletedCertificateBundle: + async def get_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> _models.DeletedCertificateBundle: """Retrieves information about the specified deleted certificate. The GetDeletedCertificate operation retrieves the deleted certificate information plus its attributes, such as retention interval, scheduled permanent deletion and the current deletion recovery level. This operation requires the certificates/get permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str - :return: DeletedCertificateBundle - :rtype: ~azure.keyvault.v7_5.models.DeletedCertificateBundle + :return: DeletedCertificateBundle. The DeletedCertificateBundle is compatible with + MutableMapping + :rtype: ~azure.keyvault.certificates.models.DeletedCertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2548,11 +2730,13 @@ async def get_deleted_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2561,12 +2745,18 @@ async def get_deleted_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("DeletedCertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.DeletedCertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore @@ -2574,24 +2764,20 @@ async def get_deleted_certificate( return deserialized # type: ignore @distributed_trace_async - async def purge_deleted_certificate( # pylint: disable=inconsistent-return-statements - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> None: + async def purge_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> None: """Permanently deletes the specified deleted certificate. The PurgeDeletedCertificate operation performs an irreversible deletion of the specified certificate, without possibility for recovery. The operation is not available if the recovery level does not specify 'Purgeable'. This operation requires the certificate/purge permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the certificate. Required. :type certificate_name: str :return: None :rtype: None :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2611,7 +2797,9 @@ async def purge_deleted_certificate( # pylint: disable=inconsistent-return-stat params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) @@ -2623,19 +2811,15 @@ async def purge_deleted_certificate( # pylint: disable=inconsistent-return-stat response = pipeline_response.http_response if response.status_code not in [204]: - if _stream: - await response.read() # Load the body in memory and close the socket map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) if cls: return cls(pipeline_response, None, {}) # type: ignore @distributed_trace_async - async def recover_deleted_certificate( - self, vault_base_url: str, certificate_name: str, **kwargs: Any - ) -> _models.CertificateBundle: + async def recover_deleted_certificate(self, certificate_name: str, **kwargs: Any) -> _models.CertificateBundle: """Recovers the deleted certificate back to its current version under /certificates. The RecoverDeletedCertificate operation performs the reversal of the Delete operation. The @@ -2643,15 +2827,13 @@ async def recover_deleted_certificate( retention interval (available in the deleted certificate's attributes). This operation requires the certificates/recover permission. - :param vault_base_url: The vault name, for example https://myvault.vault.azure.net. Required. - :type vault_base_url: str :param certificate_name: The name of the deleted certificate. Required. :type certificate_name: str - :return: CertificateBundle - :rtype: ~azure.keyvault.v7_5.models.CertificateBundle + :return: CertificateBundle. The CertificateBundle is compatible with MutableMapping + :rtype: ~azure.keyvault.certificates.models.CertificateBundle :raises ~azure.core.exceptions.HttpResponseError: """ - error_map = { + error_map: MutableMapping = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError, @@ -2671,11 +2853,13 @@ async def recover_deleted_certificate( params=_params, ) path_format_arguments = { - "vaultBaseUrl": self._serialize.url("vault_base_url", vault_base_url, "str", skip_quote=True), + "vaultBaseUrl": self._serialize.url( + "self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True + ), } _request.url = self._client.format_url(_request.url, **path_format_arguments) - _stream = False + _stream = kwargs.pop("stream", False) pipeline_response: PipelineResponse = await self._client._pipeline.run( # type: ignore # pylint: disable=protected-access _request, stream=_stream, **kwargs ) @@ -2684,12 +2868,18 @@ async def recover_deleted_certificate( if response.status_code not in [200]: if _stream: - await response.read() # Load the body in memory and close the socket + try: + await response.read() # Load the body in memory and close the socket + except (StreamConsumedError, StreamClosedError): + pass map_error(status_code=response.status_code, response=response, error_map=error_map) - error = self._deserialize.failsafe_deserialize(_models.KeyVaultError, pipeline_response) + error = _failsafe_deserialize(_models.KeyVaultError, response.json()) raise HttpResponseError(response=response, model=error) - deserialized = self._deserialize("CertificateBundle", pipeline_response) + if _stream: + deserialized = response.iter_bytes() + else: + deserialized = _deserialize(_models.CertificateBundle, response.json()) if cls: return cls(pipeline_response, deserialized, {}) # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/_patch.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/_patch.py similarity index 100% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_operations/_patch.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_operations/_patch.py diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_patch.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_patch.py similarity index 100% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_patch.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_patch.py diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_polling_async.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_polling_async.py deleted file mode 100644 index 4ae7e776a05d..000000000000 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_polling_async.py +++ /dev/null @@ -1,63 +0,0 @@ -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -import logging -from typing import Any, Callable, cast, Optional, Union - -from azure.core.pipeline import PipelineResponse -from azure.core.pipeline.transport import AsyncHttpTransport -from azure.core.polling import AsyncPollingMethod - -from .._models import KeyVaultCertificate, CertificateOperation - - -logger = logging.getLogger(__name__) - - -class CreateCertificatePollerAsync(AsyncPollingMethod): - def __init__( - self, pipeline_response: PipelineResponse, get_certificate_command: Callable, interval: int = 5 - ) -> None: - self._pipeline_response = pipeline_response - self._command: Optional[Callable] = None - self._resource: Optional[Union[CertificateOperation, KeyVaultCertificate]] = None - self._pending_certificate_op: Optional[CertificateOperation] = None - self._get_certificate_command = get_certificate_command - self._polling_interval = interval - - async def _update_status(self) -> None: - self._pending_certificate_op = await self._command() if self._command else None - - def initialize(self, client: Any, initial_response: Any, _: Callable) -> None: - self._command = client - self._pending_certificate_op = initial_response - - async def run(self) -> None: - try: - while not self.finished(): - await self._update_status() - if not self.finished(): - # We should always ask the client's transport to sleep, instead of sleeping directly - transport: AsyncHttpTransport = cast(AsyncHttpTransport, self._pipeline_response.context.transport) - await transport.sleep(self._polling_interval) - operation = self._pending_certificate_op - if operation and operation.status and operation.status.lower() == "completed": - self._resource = await self._get_certificate_command() - else: - self._resource = self._pending_certificate_op - except Exception as e: - logger.warning(str(e)) - raise - - def finished(self) -> bool: - operation = self._pending_certificate_op - if operation and operation.issuer_name and operation.issuer_name.lower() == "unknown": - return True - return self._pending_certificate_op.status.lower() != "inprogress" # type: ignore - - def resource(self) -> Union[KeyVaultCertificate, CertificateOperation]: - return self._resource # type: ignore - - def status(self) -> str: - return self._pending_certificate_op.status.lower() # type: ignore diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_vendor.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_vendor.py similarity index 88% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_vendor.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_vendor.py index 92c6d827acd9..2b1f525d61ea 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/aio/_vendor.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/aio/_vendor.py @@ -1,7 +1,7 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- @@ -11,7 +11,6 @@ from ._configuration import KeyVaultClientConfiguration if TYPE_CHECKING: - # pylint: disable=unused-import,ungrouped-imports from azure.core import AsyncPipelineClient from .._serialization import Deserializer, Serializer diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/__init__.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/__init__.py new file mode 100644 index 000000000000..1f8f05ec4716 --- /dev/null +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/__init__.py @@ -0,0 +1,106 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +# pylint: disable=wrong-import-position + +from typing import TYPE_CHECKING + +if TYPE_CHECKING: + from ._patch import * # pylint: disable=unused-wildcard-import + + +from ._models import ( # type: ignore + Action, + AdministratorDetails, + BackupCertificateResult, + CertificateAttributes, + CertificateBundle, + CertificateCreateParameters, + CertificateImportParameters, + CertificateIssuerItem, + CertificateIssuerSetParameters, + CertificateIssuerUpdateParameters, + CertificateItem, + CertificateMergeParameters, + CertificateOperation, + CertificateOperationUpdateParameter, + CertificatePolicy, + CertificateRestoreParameters, + CertificateUpdateParameters, + Contact, + Contacts, + DeletedCertificateBundle, + DeletedCertificateItem, + IssuerAttributes, + IssuerBundle, + IssuerCredentials, + IssuerParameters, + KeyProperties, + KeyVaultError, + KeyVaultErrorError, + LifetimeAction, + OrganizationDetails, + SecretProperties, + SubjectAlternativeNames, + Trigger, + X509CertificateProperties, +) + +from ._enums import ( # type: ignore + CertificatePolicyAction, + DeletionRecoveryLevel, + JsonWebKeyCurveName, + JsonWebKeyType, + KeyUsageType, +) +from ._patch import __all__ as _patch_all +from ._patch import * +from ._patch import patch_sdk as _patch_sdk + +__all__ = [ + "Action", + "AdministratorDetails", + "BackupCertificateResult", + "CertificateAttributes", + "CertificateBundle", + "CertificateCreateParameters", + "CertificateImportParameters", + "CertificateIssuerItem", + "CertificateIssuerSetParameters", + "CertificateIssuerUpdateParameters", + "CertificateItem", + "CertificateMergeParameters", + "CertificateOperation", + "CertificateOperationUpdateParameter", + "CertificatePolicy", + "CertificateRestoreParameters", + "CertificateUpdateParameters", + "Contact", + "Contacts", + "DeletedCertificateBundle", + "DeletedCertificateItem", + "IssuerAttributes", + "IssuerBundle", + "IssuerCredentials", + "IssuerParameters", + "KeyProperties", + "KeyVaultError", + "KeyVaultErrorError", + "LifetimeAction", + "OrganizationDetails", + "SecretProperties", + "SubjectAlternativeNames", + "Trigger", + "X509CertificateProperties", + "CertificatePolicyAction", + "DeletionRecoveryLevel", + "JsonWebKeyCurveName", + "JsonWebKeyType", + "KeyUsageType", +] +__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore +_patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_enums.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_enums.py similarity index 62% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_enums.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_enums.py index da3e1193bf96..fb12ea02410b 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_enums.py +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_enums.py @@ -2,7 +2,7 @@ # -------------------------------------------------------------------------- # Copyright (c) Microsoft Corporation. All rights reserved. # Licensed under the MIT License. See License.txt in the project root for license information. -# Code generated by Microsoft (R) AutoRest Code Generator. +# Code generated by Microsoft (R) Python Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- @@ -10,17 +10,19 @@ from azure.core import CaseInsensitiveEnumMeta -class ActionType(str, Enum, metaclass=CaseInsensitiveEnumMeta): +class CertificatePolicyAction(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The type of the action.""" EMAIL_CONTACTS = "EmailContacts" + """A certificate policy that will email certificate contacts.""" AUTO_RENEW = "AutoRenew" + """A certificate policy that will auto-renew a certificate.""" class DeletionRecoveryLevel(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Reflects the deletion recovery level currently in effect for certificates in the current vault. - If it contains 'Purgeable', the certificate can be permanently deleted by a privileged user; - otherwise, only the system can purge the certificate, at the end of the retention interval. + """Reflects the deletion recovery level currently in effect for secrets in the current vault. If + it contains 'Purgeable', the secret can be permanently deleted by a privileged user; otherwise, + only the system can purge the secret, at the end of the retention interval. """ PURGEABLE = "Purgeable" @@ -36,7 +38,7 @@ class DeletionRecoveryLevel(str, Enum, metaclass=CaseInsensitiveEnumMeta): RECOVERABLE = "Recoverable" """Denotes a vault state in which deletion is recoverable without the possibility for immediate and permanent deletion (i.e. purge). This level guarantees the recoverability of the deleted - entity during the retention interval(90 days) and while the subscription is still available. + entity during the retention interval (90 days) and while the subscription is still available. System wil permanently delete it after 90 days, if not recovered""" RECOVERABLE_PROTECTED_SUBSCRIPTION = "Recoverable+ProtectedSubscription" """Denotes a vault and subscription state in which deletion is recoverable within retention @@ -45,18 +47,18 @@ class DeletionRecoveryLevel(str, Enum, metaclass=CaseInsensitiveEnumMeta): after 90 days, if not recovered""" CUSTOMIZED_RECOVERABLE_PURGEABLE = "CustomizedRecoverable+Purgeable" """Denotes a vault state in which deletion is recoverable, and which also permits immediate and - permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90). This level guarantees + permanent deletion (i.e. purge when 7 <= SoftDeleteRetentionInDays < 90). This level guarantees the recoverability of the deleted entity during the retention interval, unless a Purge operation is requested, or the subscription is cancelled.""" CUSTOMIZED_RECOVERABLE = "CustomizedRecoverable" """Denotes a vault state in which deletion is recoverable without the possibility for immediate - and permanent deletion (i.e. purge when 7<= SoftDeleteRetentionInDays < 90).This level + and permanent deletion (i.e. purge when 7 <= SoftDeleteRetentionInDays < 90).This level guarantees the recoverability of the deleted entity during the retention interval and while the subscription is still available.""" CUSTOMIZED_RECOVERABLE_PROTECTED_SUBSCRIPTION = "CustomizedRecoverable+ProtectedSubscription" """Denotes a vault and subscription state in which deletion is recoverable, immediate and permanent deletion (i.e. purge) is not permitted, and in which the subscription itself cannot - be permanently canceled when 7<= SoftDeleteRetentionInDays < 90. This level guarantees the + be permanently canceled when 7 <= SoftDeleteRetentionInDays < 90. This level guarantees the recoverability of the deleted entity during the retention interval, and also reflects the fact that the subscription itself cannot be cancelled.""" @@ -64,32 +66,52 @@ class DeletionRecoveryLevel(str, Enum, metaclass=CaseInsensitiveEnumMeta): class JsonWebKeyCurveName(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Elliptic curve name. For valid values, see JsonWebKeyCurveName.""" - P256 = "P-256" - P384 = "P-384" - P521 = "P-521" - P256_K = "P-256K" + P_256 = "P-256" + """The NIST P-256 elliptic curve, AKA SECG curve SECP256R1.""" + P_384 = "P-384" + """The NIST P-384 elliptic curve, AKA SECG curve SECP384R1.""" + P_521 = "P-521" + """The NIST P-521 elliptic curve, AKA SECG curve SECP521R1.""" + P_256K = "P-256K" + """The SECG SECP256K1 elliptic curve.""" class JsonWebKeyType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The type of key pair to be used for the certificate.""" EC = "EC" + """Elliptic Curve.""" EC_HSM = "EC-HSM" + """Elliptic Curve with a private key which is not exportable from the HSM.""" RSA = "RSA" + """RSA (https://tools.ietf.org/html/rfc3447).""" RSA_HSM = "RSA-HSM" + """RSA with a private key which is not exportable from the HSM.""" OCT = "oct" + """Octet sequence (used to represent symmetric keys).""" OCT_HSM = "oct-HSM" + """Octet sequence with a private key which is not exportable from the HSM.""" class KeyUsageType(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """KeyUsageType.""" + """Supported usages of a certificate key.""" DIGITAL_SIGNATURE = "digitalSignature" + """Indicates that the certificate key can be used as a digital signature.""" NON_REPUDIATION = "nonRepudiation" + """Indicates that the certificate key can be used for authentication.""" KEY_ENCIPHERMENT = "keyEncipherment" + """Indicates that the certificate key can be used for key encryption.""" DATA_ENCIPHERMENT = "dataEncipherment" + """Indicates that the certificate key can be used for data encryption.""" KEY_AGREEMENT = "keyAgreement" + """Indicates that the certificate key can be used to determine key agreement, such as a key + created using the Diffie-Hellman key agreement algorithm.""" KEY_CERT_SIGN = "keyCertSign" + """Indicates that the certificate key can be used to sign certificates.""" C_RL_SIGN = "cRLSign" + """Indicates that the certificate key can be used to sign a certificate revocation list.""" ENCIPHER_ONLY = "encipherOnly" + """Indicates that the certificate key can be used for encryption only.""" DECIPHER_ONLY = "decipherOnly" + """Indicates that the certificate key can be used for decryption only.""" diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_models.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_models.py new file mode 100644 index 000000000000..c3e554edd862 --- /dev/null +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_models.py @@ -0,0 +1,1453 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +# pylint: disable=useless-super-delegation + +import datetime +from typing import Any, Dict, List, Mapping, Optional, TYPE_CHECKING, Union, overload + +from .. import _model_base +from .._model_base import rest_field + +if TYPE_CHECKING: + from .. import models as _models + + +class Action(_model_base.Model): + """The action that will be executed. + + :ivar action_type: The type of the action. Known values are: "EmailContacts" and "AutoRenew". + :vartype action_type: str or ~azure.keyvault.certificates.models.CertificatePolicyAction + """ + + action_type: Optional[Union[str, "_models.CertificatePolicyAction"]] = rest_field() + """The type of the action. Known values are: \"EmailContacts\" and \"AutoRenew\".""" + + @overload + def __init__( + self, + *, + action_type: Optional[Union[str, "_models.CertificatePolicyAction"]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class AdministratorDetails(_model_base.Model): + """Details of the organization administrator of the certificate issuer. + + :ivar first_name: First name. + :vartype first_name: str + :ivar last_name: Last name. + :vartype last_name: str + :ivar email_address: Email address. + :vartype email_address: str + :ivar phone: Phone number. + :vartype phone: str + """ + + first_name: Optional[str] = rest_field() + """First name.""" + last_name: Optional[str] = rest_field() + """Last name.""" + email_address: Optional[str] = rest_field(name="email") + """Email address.""" + phone: Optional[str] = rest_field() + """Phone number.""" + + @overload + def __init__( + self, + *, + first_name: Optional[str] = None, + last_name: Optional[str] = None, + email_address: Optional[str] = None, + phone: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class BackupCertificateResult(_model_base.Model): + """The backup certificate result, containing the backup blob. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: The backup blob containing the backed up certificate. + :vartype value: bytes + """ + + value: Optional[bytes] = rest_field(visibility=["read"], format="base64url") + """The backup blob containing the backed up certificate.""" + + +class CertificateAttributes(_model_base.Model): + """The certificate management attributes. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar enabled: Determines whether the object is enabled. + :vartype enabled: bool + :ivar not_before: Not before date in UTC. + :vartype not_before: ~datetime.datetime + :ivar expires: Expiry date in UTC. + :vartype expires: ~datetime.datetime + :ivar created: Creation time in UTC. + :vartype created: ~datetime.datetime + :ivar updated: Last updated time in UTC. + :vartype updated: ~datetime.datetime + :ivar recoverable_days: softDelete data retention days. Value should be >=7 and <=90 when + softDelete enabled, otherwise 0. + :vartype recoverable_days: int + :ivar recovery_level: Reflects the deletion recovery level currently in effect for certificates + in the current vault. If it contains 'Purgeable', the certificate can be permanently deleted by + a privileged user; otherwise, only the system can purge the certificate, at the end of the + retention interval. Known values are: "Purgeable", "Recoverable+Purgeable", "Recoverable", + "Recoverable+ProtectedSubscription", "CustomizedRecoverable+Purgeable", + "CustomizedRecoverable", and "CustomizedRecoverable+ProtectedSubscription". + :vartype recovery_level: str or ~azure.keyvault.certificates.models.DeletionRecoveryLevel + """ + + enabled: Optional[bool] = rest_field() + """Determines whether the object is enabled.""" + not_before: Optional[datetime.datetime] = rest_field(name="nbf", format="unix-timestamp") + """Not before date in UTC.""" + expires: Optional[datetime.datetime] = rest_field(name="exp", format="unix-timestamp") + """Expiry date in UTC.""" + created: Optional[datetime.datetime] = rest_field(visibility=["read"], format="unix-timestamp") + """Creation time in UTC.""" + updated: Optional[datetime.datetime] = rest_field(visibility=["read"], format="unix-timestamp") + """Last updated time in UTC.""" + recoverable_days: Optional[int] = rest_field(name="recoverableDays", visibility=["read"]) + """softDelete data retention days. Value should be >=7 and <=90 when softDelete enabled, otherwise + 0.""" + recovery_level: Optional[Union[str, "_models.DeletionRecoveryLevel"]] = rest_field( + name="recoveryLevel", visibility=["read"] + ) + """Reflects the deletion recovery level currently in effect for certificates in the current vault. + If it contains 'Purgeable', the certificate can be permanently deleted by a privileged user; + otherwise, only the system can purge the certificate, at the end of the retention interval. + Known values are: \"Purgeable\", \"Recoverable+Purgeable\", \"Recoverable\", + \"Recoverable+ProtectedSubscription\", \"CustomizedRecoverable+Purgeable\", + \"CustomizedRecoverable\", and \"CustomizedRecoverable+ProtectedSubscription\".""" + + @overload + def __init__( + self, + *, + enabled: Optional[bool] = None, + not_before: Optional[datetime.datetime] = None, + expires: Optional[datetime.datetime] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateBundle(_model_base.Model): + """A certificate bundle consists of a certificate (X509) plus its attributes. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: The certificate id. + :vartype id: str + :ivar kid: The key id. + :vartype kid: str + :ivar sid: The secret id. + :vartype sid: str + :ivar x509_thumbprint: Thumbprint of the certificate. + :vartype x509_thumbprint: bytes + :ivar policy: The management policy. + :vartype policy: ~azure.keyvault.certificates.models.CertificatePolicy + :ivar cer: CER contents of x509 certificate. + :vartype cer: bytes + :ivar content_type: The content type of the secret. eg. 'application/x-pem-file' or + 'application/x-pkcs12',. + :vartype content_type: str + :ivar attributes: The certificate attributes. + :vartype attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """The certificate id.""" + kid: Optional[str] = rest_field(visibility=["read"]) + """The key id.""" + sid: Optional[str] = rest_field(visibility=["read"]) + """The secret id.""" + x509_thumbprint: Optional[bytes] = rest_field(name="x5t", visibility=["read"], format="base64url") + """Thumbprint of the certificate.""" + policy: Optional["_models.CertificatePolicy"] = rest_field(visibility=["read"]) + """The management policy.""" + cer: Optional[bytes] = rest_field(format="base64") + """CER contents of x509 certificate.""" + content_type: Optional[str] = rest_field(name="contentType") + """The content type of the secret. eg. 'application/x-pem-file' or 'application/x-pkcs12',.""" + attributes: Optional["_models.CertificateAttributes"] = rest_field() + """The certificate attributes.""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + + @overload + def __init__( + self, + *, + cer: Optional[bytes] = None, + content_type: Optional[str] = None, + attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateCreateParameters(_model_base.Model): + """The certificate create parameters. + + :ivar certificate_policy: The management policy for the certificate. + :vartype certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy + :ivar certificate_attributes: The attributes of the certificate (optional). + :vartype certificate_attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + """ + + certificate_policy: Optional["_models.CertificatePolicy"] = rest_field(name="policy") + """The management policy for the certificate.""" + certificate_attributes: Optional["_models.CertificateAttributes"] = rest_field(name="attributes") + """The attributes of the certificate (optional).""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + + @overload + def __init__( + self, + *, + certificate_policy: Optional["_models.CertificatePolicy"] = None, + certificate_attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateImportParameters(_model_base.Model): + """The certificate import parameters. + + All required parameters must be populated in order to send to server. + + :ivar base64_encoded_certificate: Base64 encoded representation of the certificate object to + import. This certificate needs to contain the private key. Required. + :vartype base64_encoded_certificate: str + :ivar password: If the private key in base64EncodedCertificate is encrypted, the password used + for encryption. + :vartype password: str + :ivar certificate_policy: The management policy for the certificate. + :vartype certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy + :ivar certificate_attributes: The attributes of the certificate (optional). + :vartype certificate_attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + """ + + base64_encoded_certificate: str = rest_field(name="value") + """Base64 encoded representation of the certificate object to import. This certificate needs to + contain the private key. Required.""" + password: Optional[str] = rest_field(name="pwd") + """If the private key in base64EncodedCertificate is encrypted, the password used for encryption.""" + certificate_policy: Optional["_models.CertificatePolicy"] = rest_field(name="policy") + """The management policy for the certificate.""" + certificate_attributes: Optional["_models.CertificateAttributes"] = rest_field(name="attributes") + """The attributes of the certificate (optional).""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + + @overload + def __init__( + self, + *, + base64_encoded_certificate: str, + password: Optional[str] = None, + certificate_policy: Optional["_models.CertificatePolicy"] = None, + certificate_attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateIssuerItem(_model_base.Model): + """The certificate issuer item containing certificate issuer metadata. + + :ivar id: Certificate Identifier. + :vartype id: str + :ivar provider: The issuer provider. + :vartype provider: str + """ + + id: Optional[str] = rest_field() + """Certificate Identifier.""" + provider: Optional[str] = rest_field() + """The issuer provider.""" + + @overload + def __init__( + self, + *, + id: Optional[str] = None, # pylint: disable=redefined-builtin + provider: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateIssuerSetParameters(_model_base.Model): + """The certificate issuer set parameters. + + All required parameters must be populated in order to send to server. + + :ivar provider: The issuer provider. Required. + :vartype provider: str + :ivar credentials: The credentials to be used for the issuer. + :vartype credentials: ~azure.keyvault.certificates.models.IssuerCredentials + :ivar organization_details: Details of the organization as provided to the issuer. + :vartype organization_details: ~azure.keyvault.certificates.models.OrganizationDetails + :ivar attributes: Attributes of the issuer object. + :vartype attributes: ~azure.keyvault.certificates.models.IssuerAttributes + """ + + provider: str = rest_field() + """The issuer provider. Required.""" + credentials: Optional["_models.IssuerCredentials"] = rest_field() + """The credentials to be used for the issuer.""" + organization_details: Optional["_models.OrganizationDetails"] = rest_field(name="org_details") + """Details of the organization as provided to the issuer.""" + attributes: Optional["_models.IssuerAttributes"] = rest_field() + """Attributes of the issuer object.""" + + @overload + def __init__( + self, + *, + provider: str, + credentials: Optional["_models.IssuerCredentials"] = None, + organization_details: Optional["_models.OrganizationDetails"] = None, + attributes: Optional["_models.IssuerAttributes"] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateIssuerUpdateParameters(_model_base.Model): + """The certificate issuer update parameters. + + :ivar provider: The issuer provider. + :vartype provider: str + :ivar credentials: The credentials to be used for the issuer. + :vartype credentials: ~azure.keyvault.certificates.models.IssuerCredentials + :ivar organization_details: Details of the organization as provided to the issuer. + :vartype organization_details: ~azure.keyvault.certificates.models.OrganizationDetails + :ivar attributes: Attributes of the issuer object. + :vartype attributes: ~azure.keyvault.certificates.models.IssuerAttributes + """ + + provider: Optional[str] = rest_field() + """The issuer provider.""" + credentials: Optional["_models.IssuerCredentials"] = rest_field() + """The credentials to be used for the issuer.""" + organization_details: Optional["_models.OrganizationDetails"] = rest_field(name="org_details") + """Details of the organization as provided to the issuer.""" + attributes: Optional["_models.IssuerAttributes"] = rest_field() + """Attributes of the issuer object.""" + + @overload + def __init__( + self, + *, + provider: Optional[str] = None, + credentials: Optional["_models.IssuerCredentials"] = None, + organization_details: Optional["_models.OrganizationDetails"] = None, + attributes: Optional["_models.IssuerAttributes"] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateItem(_model_base.Model): + """The certificate item containing certificate metadata. + + :ivar id: Certificate identifier. + :vartype id: str + :ivar attributes: The certificate management attributes. + :vartype attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + :ivar x509_thumbprint: Thumbprint of the certificate. + :vartype x509_thumbprint: bytes + """ + + id: Optional[str] = rest_field() + """Certificate identifier.""" + attributes: Optional["_models.CertificateAttributes"] = rest_field() + """The certificate management attributes.""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + x509_thumbprint: Optional[bytes] = rest_field(name="x5t", format="base64url") + """Thumbprint of the certificate.""" + + @overload + def __init__( + self, + *, + id: Optional[str] = None, # pylint: disable=redefined-builtin + attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + x509_thumbprint: Optional[bytes] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateMergeParameters(_model_base.Model): + """The certificate merge parameters. + + All required parameters must be populated in order to send to server. + + :ivar x509_certificates: The certificate or the certificate chain to merge. Required. + :vartype x509_certificates: list[bytes] + :ivar certificate_attributes: The attributes of the certificate (optional). + :vartype certificate_attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + """ + + x509_certificates: List[bytes] = rest_field(name="x5c", format="base64") + """The certificate or the certificate chain to merge. Required.""" + certificate_attributes: Optional["_models.CertificateAttributes"] = rest_field(name="attributes") + """The attributes of the certificate (optional).""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + + @overload + def __init__( + self, + *, + x509_certificates: List[bytes], + certificate_attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateOperation(_model_base.Model): + """A certificate operation is returned in case of asynchronous requests. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: The certificate id. + :vartype id: str + :ivar issuer_parameters: Parameters for the issuer of the X509 component of a certificate. + :vartype issuer_parameters: ~azure.keyvault.certificates.models.IssuerParameters + :ivar csr: The certificate signing request (CSR) that is being used in the certificate + operation. + :vartype csr: bytes + :ivar cancellation_requested: Indicates if cancellation was requested on the certificate + operation. + :vartype cancellation_requested: bool + :ivar status: Status of the certificate operation. + :vartype status: str + :ivar status_details: The status details of the certificate operation. + :vartype status_details: str + :ivar error: Error encountered, if any, during the certificate operation. + :vartype error: ~azure.keyvault.certificates.models.KeyVaultErrorError + :ivar target: Location which contains the result of the certificate operation. + :vartype target: str + :ivar request_id: Identifier for the certificate operation. + :vartype request_id: str + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """The certificate id.""" + issuer_parameters: Optional["_models.IssuerParameters"] = rest_field(name="issuer") + """Parameters for the issuer of the X509 component of a certificate.""" + csr: Optional[bytes] = rest_field(format="base64") + """The certificate signing request (CSR) that is being used in the certificate operation.""" + cancellation_requested: Optional[bool] = rest_field() + """Indicates if cancellation was requested on the certificate operation.""" + status: Optional[str] = rest_field() + """Status of the certificate operation.""" + status_details: Optional[str] = rest_field() + """The status details of the certificate operation.""" + error: Optional["_models.KeyVaultErrorError"] = rest_field() + """Error encountered, if any, during the certificate operation.""" + target: Optional[str] = rest_field() + """Location which contains the result of the certificate operation.""" + request_id: Optional[str] = rest_field() + """Identifier for the certificate operation.""" + + @overload + def __init__( + self, + *, + issuer_parameters: Optional["_models.IssuerParameters"] = None, + csr: Optional[bytes] = None, + cancellation_requested: Optional[bool] = None, + status: Optional[str] = None, + status_details: Optional[str] = None, + error: Optional["_models.KeyVaultErrorError"] = None, + target: Optional[str] = None, + request_id: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateOperationUpdateParameter(_model_base.Model): + """The certificate operation update parameters. + + All required parameters must be populated in order to send to server. + + :ivar cancellation_requested: Indicates if cancellation was requested on the certificate + operation. Required. + :vartype cancellation_requested: bool + """ + + cancellation_requested: bool = rest_field() + """Indicates if cancellation was requested on the certificate operation. Required.""" + + @overload + def __init__( + self, + *, + cancellation_requested: bool, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificatePolicy(_model_base.Model): + """Management policy for a certificate. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: The certificate id. + :vartype id: str + :ivar key_properties: Properties of the key backing a certificate. + :vartype key_properties: ~azure.keyvault.certificates.models.KeyProperties + :ivar secret_properties: Properties of the secret backing a certificate. + :vartype secret_properties: ~azure.keyvault.certificates.models.SecretProperties + :ivar x509_certificate_properties: Properties of the X509 component of a certificate. + :vartype x509_certificate_properties: + ~azure.keyvault.certificates.models.X509CertificateProperties + :ivar lifetime_actions: Actions that will be performed by Key Vault over the lifetime of a + certificate. + :vartype lifetime_actions: list[~azure.keyvault.certificates.models.LifetimeAction] + :ivar issuer_parameters: Parameters for the issuer of the X509 component of a certificate. + :vartype issuer_parameters: ~azure.keyvault.certificates.models.IssuerParameters + :ivar attributes: The certificate attributes. + :vartype attributes: ~azure.keyvault.certificates.models.CertificateAttributes + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """The certificate id.""" + key_properties: Optional["_models.KeyProperties"] = rest_field(name="key_props") + """Properties of the key backing a certificate.""" + secret_properties: Optional["_models.SecretProperties"] = rest_field(name="secret_props") + """Properties of the secret backing a certificate.""" + x509_certificate_properties: Optional["_models.X509CertificateProperties"] = rest_field(name="x509_props") + """Properties of the X509 component of a certificate.""" + lifetime_actions: Optional[List["_models.LifetimeAction"]] = rest_field() + """Actions that will be performed by Key Vault over the lifetime of a certificate.""" + issuer_parameters: Optional["_models.IssuerParameters"] = rest_field(name="issuer") + """Parameters for the issuer of the X509 component of a certificate.""" + attributes: Optional["_models.CertificateAttributes"] = rest_field() + """The certificate attributes.""" + + @overload + def __init__( + self, + *, + key_properties: Optional["_models.KeyProperties"] = None, + secret_properties: Optional["_models.SecretProperties"] = None, + x509_certificate_properties: Optional["_models.X509CertificateProperties"] = None, + lifetime_actions: Optional[List["_models.LifetimeAction"]] = None, + issuer_parameters: Optional["_models.IssuerParameters"] = None, + attributes: Optional["_models.CertificateAttributes"] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateRestoreParameters(_model_base.Model): + """The certificate restore parameters. + + All required parameters must be populated in order to send to server. + + :ivar certificate_bundle_backup: The backup blob associated with a certificate bundle. + Required. + :vartype certificate_bundle_backup: bytes + """ + + certificate_bundle_backup: bytes = rest_field(name="value", format="base64url") + """The backup blob associated with a certificate bundle. Required.""" + + @overload + def __init__( + self, + *, + certificate_bundle_backup: bytes, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class CertificateUpdateParameters(_model_base.Model): + """The certificate update parameters. + + :ivar certificate_policy: The management policy for the certificate. + :vartype certificate_policy: ~azure.keyvault.certificates.models.CertificatePolicy + :ivar certificate_attributes: The attributes of the certificate (optional). + :vartype certificate_attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + """ + + certificate_policy: Optional["_models.CertificatePolicy"] = rest_field(name="policy") + """The management policy for the certificate.""" + certificate_attributes: Optional["_models.CertificateAttributes"] = rest_field(name="attributes") + """The attributes of the certificate (optional).""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + + @overload + def __init__( + self, + *, + certificate_policy: Optional["_models.CertificatePolicy"] = None, + certificate_attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class Contact(_model_base.Model): + """The contact information for the vault certificates. + + :ivar email_address: Email address. + :vartype email_address: str + :ivar name: Name. + :vartype name: str + :ivar phone: Phone number. + :vartype phone: str + """ + + email_address: Optional[str] = rest_field(name="email") + """Email address.""" + name: Optional[str] = rest_field() + """Name.""" + phone: Optional[str] = rest_field() + """Phone number.""" + + @overload + def __init__( + self, + *, + email_address: Optional[str] = None, + name: Optional[str] = None, + phone: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class Contacts(_model_base.Model): + """The contacts for the vault certificates. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Identifier for the contacts collection. + :vartype id: str + :ivar contact_list: The contact list for the vault certificates. + :vartype contact_list: list[~azure.keyvault.certificates.models.Contact] + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """Identifier for the contacts collection.""" + contact_list: Optional[List["_models.Contact"]] = rest_field(name="contacts") + """The contact list for the vault certificates.""" + + @overload + def __init__( + self, + *, + contact_list: Optional[List["_models.Contact"]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class DeletedCertificateBundle(_model_base.Model): + """A Deleted Certificate consisting of its previous id, attributes and its tags, as well as + information on when it will be purged. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: The certificate id. + :vartype id: str + :ivar kid: The key id. + :vartype kid: str + :ivar sid: The secret id. + :vartype sid: str + :ivar x509_thumbprint: Thumbprint of the certificate. + :vartype x509_thumbprint: bytes + :ivar policy: The management policy. + :vartype policy: ~azure.keyvault.certificates.models.CertificatePolicy + :ivar cer: CER contents of x509 certificate. + :vartype cer: bytes + :ivar content_type: The content type of the secret. eg. 'application/x-pem-file' or + 'application/x-pkcs12',. + :vartype content_type: str + :ivar attributes: The certificate attributes. + :vartype attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + :ivar recovery_id: The url of the recovery object, used to identify and recover the deleted + certificate. + :vartype recovery_id: str + :ivar scheduled_purge_date: The time when the certificate is scheduled to be purged, in UTC. + :vartype scheduled_purge_date: ~datetime.datetime + :ivar deleted_date: The time when the certificate was deleted, in UTC. + :vartype deleted_date: ~datetime.datetime + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """The certificate id.""" + kid: Optional[str] = rest_field(visibility=["read"]) + """The key id.""" + sid: Optional[str] = rest_field(visibility=["read"]) + """The secret id.""" + x509_thumbprint: Optional[bytes] = rest_field(name="x5t", visibility=["read"], format="base64url") + """Thumbprint of the certificate.""" + policy: Optional["_models.CertificatePolicy"] = rest_field(visibility=["read"]) + """The management policy.""" + cer: Optional[bytes] = rest_field(format="base64") + """CER contents of x509 certificate.""" + content_type: Optional[str] = rest_field(name="contentType") + """The content type of the secret. eg. 'application/x-pem-file' or 'application/x-pkcs12',.""" + attributes: Optional["_models.CertificateAttributes"] = rest_field() + """The certificate attributes.""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + recovery_id: Optional[str] = rest_field(name="recoveryId") + """The url of the recovery object, used to identify and recover the deleted certificate.""" + scheduled_purge_date: Optional[datetime.datetime] = rest_field( + name="scheduledPurgeDate", visibility=["read"], format="unix-timestamp" + ) + """The time when the certificate is scheduled to be purged, in UTC.""" + deleted_date: Optional[datetime.datetime] = rest_field( + name="deletedDate", visibility=["read"], format="unix-timestamp" + ) + """The time when the certificate was deleted, in UTC.""" + + @overload + def __init__( + self, + *, + cer: Optional[bytes] = None, + content_type: Optional[str] = None, + attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + recovery_id: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class DeletedCertificateItem(_model_base.Model): + """The deleted certificate item containing metadata about the deleted certificate. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Certificate identifier. + :vartype id: str + :ivar attributes: The certificate management attributes. + :vartype attributes: ~azure.keyvault.certificates.models.CertificateAttributes + :ivar tags: Application specific metadata in the form of key-value pairs. + :vartype tags: dict[str, str] + :ivar x509_thumbprint: Thumbprint of the certificate. + :vartype x509_thumbprint: bytes + :ivar recovery_id: The url of the recovery object, used to identify and recover the deleted + certificate. + :vartype recovery_id: str + :ivar scheduled_purge_date: The time when the certificate is scheduled to be purged, in UTC. + :vartype scheduled_purge_date: ~datetime.datetime + :ivar deleted_date: The time when the certificate was deleted, in UTC. + :vartype deleted_date: ~datetime.datetime + """ + + id: Optional[str] = rest_field() + """Certificate identifier.""" + attributes: Optional["_models.CertificateAttributes"] = rest_field() + """The certificate management attributes.""" + tags: Optional[Dict[str, str]] = rest_field() + """Application specific metadata in the form of key-value pairs.""" + x509_thumbprint: Optional[bytes] = rest_field(name="x5t", format="base64url") + """Thumbprint of the certificate.""" + recovery_id: Optional[str] = rest_field(name="recoveryId") + """The url of the recovery object, used to identify and recover the deleted certificate.""" + scheduled_purge_date: Optional[datetime.datetime] = rest_field( + name="scheduledPurgeDate", visibility=["read"], format="unix-timestamp" + ) + """The time when the certificate is scheduled to be purged, in UTC.""" + deleted_date: Optional[datetime.datetime] = rest_field( + name="deletedDate", visibility=["read"], format="unix-timestamp" + ) + """The time when the certificate was deleted, in UTC.""" + + @overload + def __init__( + self, + *, + id: Optional[str] = None, # pylint: disable=redefined-builtin + attributes: Optional["_models.CertificateAttributes"] = None, + tags: Optional[Dict[str, str]] = None, + x509_thumbprint: Optional[bytes] = None, + recovery_id: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class IssuerAttributes(_model_base.Model): + """The attributes of an issuer managed by the Key Vault service. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar enabled: Determines whether the issuer is enabled. + :vartype enabled: bool + :ivar created: Creation time in UTC. + :vartype created: ~datetime.datetime + :ivar updated: Last updated time in UTC. + :vartype updated: ~datetime.datetime + """ + + enabled: Optional[bool] = rest_field() + """Determines whether the issuer is enabled.""" + created: Optional[datetime.datetime] = rest_field(visibility=["read"], format="unix-timestamp") + """Creation time in UTC.""" + updated: Optional[datetime.datetime] = rest_field(visibility=["read"], format="unix-timestamp") + """Last updated time in UTC.""" + + @overload + def __init__( + self, + *, + enabled: Optional[bool] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class IssuerBundle(_model_base.Model): + """The issuer for Key Vault certificate. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Identifier for the issuer object. + :vartype id: str + :ivar provider: The issuer provider. + :vartype provider: str + :ivar credentials: The credentials to be used for the issuer. + :vartype credentials: ~azure.keyvault.certificates.models.IssuerCredentials + :ivar organization_details: Details of the organization as provided to the issuer. + :vartype organization_details: ~azure.keyvault.certificates.models.OrganizationDetails + :ivar attributes: Attributes of the issuer object. + :vartype attributes: ~azure.keyvault.certificates.models.IssuerAttributes + """ + + id: Optional[str] = rest_field(visibility=["read"]) + """Identifier for the issuer object.""" + provider: Optional[str] = rest_field() + """The issuer provider.""" + credentials: Optional["_models.IssuerCredentials"] = rest_field() + """The credentials to be used for the issuer.""" + organization_details: Optional["_models.OrganizationDetails"] = rest_field(name="org_details") + """Details of the organization as provided to the issuer.""" + attributes: Optional["_models.IssuerAttributes"] = rest_field() + """Attributes of the issuer object.""" + + @overload + def __init__( + self, + *, + provider: Optional[str] = None, + credentials: Optional["_models.IssuerCredentials"] = None, + organization_details: Optional["_models.OrganizationDetails"] = None, + attributes: Optional["_models.IssuerAttributes"] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class IssuerCredentials(_model_base.Model): + """The credentials to be used for the certificate issuer. + + :ivar account_id: The user name/account name/account id. + :vartype account_id: str + :ivar password: The password/secret/account key. + :vartype password: str + """ + + account_id: Optional[str] = rest_field() + """The user name/account name/account id.""" + password: Optional[str] = rest_field(name="pwd") + """The password/secret/account key.""" + + @overload + def __init__( + self, + *, + account_id: Optional[str] = None, + password: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class IssuerParameters(_model_base.Model): + """Parameters for the issuer of the X509 component of a certificate. + + :ivar name: Name of the referenced issuer object or reserved names; for example, 'Self' or + 'Unknown'. + :vartype name: str + :ivar certificate_type: Certificate type as supported by the provider (optional); for example + 'OV-SSL', 'EV-SSL'. + :vartype certificate_type: str + :ivar certificate_transparency: Indicates if the certificates generated under this policy + should be published to certificate transparency logs. + :vartype certificate_transparency: bool + """ + + name: Optional[str] = rest_field() + """Name of the referenced issuer object or reserved names; for example, 'Self' or 'Unknown'.""" + certificate_type: Optional[str] = rest_field(name="cty") + """Certificate type as supported by the provider (optional); for example 'OV-SSL', 'EV-SSL'.""" + certificate_transparency: Optional[bool] = rest_field(name="cert_transparency") + """Indicates if the certificates generated under this policy should be published to certificate + transparency logs.""" + + @overload + def __init__( + self, + *, + name: Optional[str] = None, + certificate_type: Optional[str] = None, + certificate_transparency: Optional[bool] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class KeyProperties(_model_base.Model): + """Properties of the key pair backing a certificate. + + :ivar exportable: Indicates if the private key can be exported. Release policy must be provided + when creating the first version of an exportable key. + :vartype exportable: bool + :ivar key_type: The type of key pair to be used for the certificate. Known values are: "EC", + "EC-HSM", "RSA", "RSA-HSM", "oct", and "oct-HSM". + :vartype key_type: str or ~azure.keyvault.certificates.models.JsonWebKeyType + :ivar key_size: The key size in bits. For example: 2048, 3072, or 4096 for RSA. + :vartype key_size: int + :ivar reuse_key: Indicates if the same key pair will be used on certificate renewal. + :vartype reuse_key: bool + :ivar curve: Elliptic curve name. For valid values, see JsonWebKeyCurveName. Known values are: + "P-256", "P-384", "P-521", and "P-256K". + :vartype curve: str or ~azure.keyvault.certificates.models.JsonWebKeyCurveName + """ + + exportable: Optional[bool] = rest_field() + """Indicates if the private key can be exported. Release policy must be provided when creating the + first version of an exportable key.""" + key_type: Optional[Union[str, "_models.JsonWebKeyType"]] = rest_field(name="kty") + """The type of key pair to be used for the certificate. Known values are: \"EC\", \"EC-HSM\", + \"RSA\", \"RSA-HSM\", \"oct\", and \"oct-HSM\".""" + key_size: Optional[int] = rest_field() + """The key size in bits. For example: 2048, 3072, or 4096 for RSA.""" + reuse_key: Optional[bool] = rest_field() + """Indicates if the same key pair will be used on certificate renewal.""" + curve: Optional[Union[str, "_models.JsonWebKeyCurveName"]] = rest_field(name="crv") + """Elliptic curve name. For valid values, see JsonWebKeyCurveName. Known values are: \"P-256\", + \"P-384\", \"P-521\", and \"P-256K\".""" + + @overload + def __init__( + self, + *, + exportable: Optional[bool] = None, + key_type: Optional[Union[str, "_models.JsonWebKeyType"]] = None, + key_size: Optional[int] = None, + reuse_key: Optional[bool] = None, + curve: Optional[Union[str, "_models.JsonWebKeyCurveName"]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class KeyVaultError(_model_base.Model): + """The key vault error exception. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar error: The key vault server error. + :vartype error: ~azure.keyvault.certificates.models.KeyVaultErrorError + """ + + error: Optional["_models.KeyVaultErrorError"] = rest_field(visibility=["read"]) + """The key vault server error.""" + + +class KeyVaultErrorError(_model_base.Model): + """KeyVaultErrorError. + + Readonly variables are only populated by the server, and will be ignored when sending a request. + + :ivar code: The error code. + :vartype code: str + :ivar message: The error message. + :vartype message: str + :ivar inner_error: The key vault server error. + :vartype inner_error: ~azure.keyvault.certificates.models.KeyVaultErrorError + """ + + code: Optional[str] = rest_field(visibility=["read"]) + """The error code.""" + message: Optional[str] = rest_field(visibility=["read"]) + """The error message.""" + inner_error: Optional["_models.KeyVaultErrorError"] = rest_field(name="innererror", visibility=["read"]) + """The key vault server error.""" + + +class LifetimeAction(_model_base.Model): + """Action and its trigger that will be performed by Key Vault over the lifetime of a certificate. + + :ivar trigger: The condition that will execute the action. + :vartype trigger: ~azure.keyvault.certificates.models.Trigger + :ivar action: The action that will be executed. + :vartype action: ~azure.keyvault.certificates.models.Action + """ + + trigger: Optional["_models.Trigger"] = rest_field() + """The condition that will execute the action.""" + action: Optional["_models.Action"] = rest_field() + """The action that will be executed.""" + + @overload + def __init__( + self, + *, + trigger: Optional["_models.Trigger"] = None, + action: Optional["_models.Action"] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class OrganizationDetails(_model_base.Model): + """Details of the organization of the certificate issuer. + + :ivar id: Id of the organization. + :vartype id: str + :ivar admin_details: Details of the organization administrator. + :vartype admin_details: list[~azure.keyvault.certificates.models.AdministratorDetails] + """ + + id: Optional[str] = rest_field() + """Id of the organization.""" + admin_details: Optional[List["_models.AdministratorDetails"]] = rest_field() + """Details of the organization administrator.""" + + @overload + def __init__( + self, + *, + id: Optional[str] = None, # pylint: disable=redefined-builtin + admin_details: Optional[List["_models.AdministratorDetails"]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class SecretProperties(_model_base.Model): + """Properties of the key backing a certificate. + + :ivar content_type: The media type (MIME type). + :vartype content_type: str + """ + + content_type: Optional[str] = rest_field(name="contentType") + """The media type (MIME type).""" + + @overload + def __init__( + self, + *, + content_type: Optional[str] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class SubjectAlternativeNames(_model_base.Model): + """The subject alternate names of a X509 object. + + :ivar emails: Email addresses. + :vartype emails: list[str] + :ivar dns_names: Domain names. + :vartype dns_names: list[str] + :ivar upns: User principal names. + :vartype upns: list[str] + """ + + emails: Optional[List[str]] = rest_field() + """Email addresses.""" + dns_names: Optional[List[str]] = rest_field() + """Domain names.""" + upns: Optional[List[str]] = rest_field() + """User principal names.""" + + @overload + def __init__( + self, + *, + emails: Optional[List[str]] = None, + dns_names: Optional[List[str]] = None, + upns: Optional[List[str]] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class Trigger(_model_base.Model): + """A condition to be satisfied for an action to be executed. + + :ivar lifetime_percentage: Percentage of lifetime at which to trigger. Value should be between + 1 and 99. + :vartype lifetime_percentage: int + :ivar days_before_expiry: Days before expiry to attempt renewal. Value should be between 1 and + validity_in_months multiplied by 27. If validity_in_months is 36, then value should be between + 1 and 972 (36 * 27). + :vartype days_before_expiry: int + """ + + lifetime_percentage: Optional[int] = rest_field() + """Percentage of lifetime at which to trigger. Value should be between 1 and 99.""" + days_before_expiry: Optional[int] = rest_field() + """Days before expiry to attempt renewal. Value should be between 1 and validity_in_months + multiplied by 27. If validity_in_months is 36, then value should be between 1 and 972 (36 * + 27).""" + + @overload + def __init__( + self, + *, + lifetime_percentage: Optional[int] = None, + days_before_expiry: Optional[int] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) + + +class X509CertificateProperties(_model_base.Model): + """Properties of the X509 component of a certificate. + + :ivar subject: The subject name. Should be a valid X509 distinguished Name. + :vartype subject: str + :ivar ekus: The enhanced key usage. + :vartype ekus: list[str] + :ivar subject_alternative_names: The subject alternative names. + :vartype subject_alternative_names: ~azure.keyvault.certificates.models.SubjectAlternativeNames + :ivar key_usage: Defines how the certificate's key may be used. + :vartype key_usage: list[str or ~azure.keyvault.certificates.models.KeyUsageType] + :ivar validity_in_months: The duration that the certificate is valid in months. + :vartype validity_in_months: int + """ + + subject: Optional[str] = rest_field() + """The subject name. Should be a valid X509 distinguished Name.""" + ekus: Optional[List[str]] = rest_field() + """The enhanced key usage.""" + subject_alternative_names: Optional["_models.SubjectAlternativeNames"] = rest_field(name="sans") + """The subject alternative names.""" + key_usage: Optional[List[Union[str, "_models.KeyUsageType"]]] = rest_field() + """Defines how the certificate's key may be used.""" + validity_in_months: Optional[int] = rest_field(name="validity_months") + """The duration that the certificate is valid in months.""" + + @overload + def __init__( + self, + *, + subject: Optional[str] = None, + ekus: Optional[List[str]] = None, + subject_alternative_names: Optional["_models.SubjectAlternativeNames"] = None, + key_usage: Optional[List[Union[str, "_models.KeyUsageType"]]] = None, + validity_in_months: Optional[int] = None, + ) -> None: ... + + @overload + def __init__(self, mapping: Mapping[str, Any]) -> None: + """ + :param mapping: raw JSON to initialize the model. + :type mapping: Mapping[str, Any] + """ + + def __init__(self, *args: Any, **kwargs: Any) -> None: + super().__init__(*args, **kwargs) diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_patch.py b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_patch.py similarity index 100% rename from sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/_generated/models/_patch.py rename to sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/models/_patch.py diff --git a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/py.typed b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/py.typed index e69de29bb2d1..e5aff4f83af8 100644 --- a/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/py.typed +++ b/sdk/keyvault/azure-keyvault-certificates/azure/keyvault/certificates/py.typed @@ -0,0 +1 @@ +# Marker file for PEP 561. \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/backup_restore_operations_async.py b/sdk/keyvault/azure-keyvault-certificates/samples/backup_restore_operations_async.py index cc4e9e39e53f..8ed40e3b8210 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/backup_restore_operations_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/backup_restore_operations_async.py @@ -46,9 +46,7 @@ async def run_sample(): # Let's create a certificate for your key vault. # if the certificate already exists in the Key Vault, then a new version of the certificate is created. # Awaiting the call returns a KeyVaultCertificate if creation is successful, and a CertificateOperation if not. - certificate = await client.create_certificate( - certificate_name=cert_name, policy=CertificatePolicy.get_default() - ) + certificate = await client.create_certificate(certificate_name=cert_name, policy=CertificatePolicy.get_default()) print(f"Certificate with name '{certificate.name}' created.") diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/hello_world.py b/sdk/keyvault/azure-keyvault-certificates/samples/hello_world.py index 72db35887172..b2df23b1a491 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/hello_world.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/hello_world.py @@ -5,7 +5,12 @@ import os from azure.identity import DefaultAzureCredential -from azure.keyvault.certificates import CertificateClient, CertificatePolicy, CertificateContentType, WellKnownIssuerNames +from azure.keyvault.certificates import ( + CertificateClient, + CertificatePolicy, + CertificateContentType, + WellKnownIssuerNames, +) # ---------------------------------------------------------------------------------------------------------- # Prerequisites: @@ -64,9 +69,7 @@ # as a KeyVaultCertificate if creation is successful, and the CertificateOperation if not. The wait() # call on the poller will wait until the long running operation is complete. # [START create_a_certificate] -new_certificate = client.begin_create_certificate( - certificate_name=cert_name, policy=cert_policy -).result() +new_certificate = client.begin_create_certificate(certificate_name=cert_name, policy=cert_policy).result() # [END create_a_certificate] print(f"Certificate with name '{new_certificate.name}' created") @@ -83,17 +86,11 @@ print("\n.. Update a certificate by name") # [START update_certificate] tags = {"a": "b"} -updated_certificate = client.update_certificate_properties( - certificate_name=certificate.name, tags=tags -) +updated_certificate = client.update_certificate_properties(certificate_name=certificate.name, tags=tags) # [END update_certificate] assert updated_certificate.properties -print( - f"Certificate with name '{certificate.name}' was updated on date '{updated_certificate.properties.updated_on}'" -) -print( - f"Certificate with name '{certificate.name}' was updated with tags '{updated_certificate.properties.tags}'" -) +print(f"Certificate with name '{certificate.name}' was updated on date '{updated_certificate.properties.updated_on}'") +print(f"Certificate with name '{certificate.name}' was updated with tags '{updated_certificate.properties.tags}'") # The account was closed, need to delete its credentials from the Key Vault. print("\n.. Delete certificate") diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/hello_world_async.py b/sdk/keyvault/azure-keyvault-certificates/samples/hello_world_async.py index b19299afbb33..d712b51e5b82 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/hello_world_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/hello_world_async.py @@ -76,9 +76,7 @@ async def run_sample(): # After one year, the bank account is still active, and we have decided to update the tags. print("\n.. Update a certificate by name") tags = {"a": "b"} - updated_certificate = await client.update_certificate_properties( - certificate_name=bank_certificate.name, tags=tags - ) + updated_certificate = await client.update_certificate_properties(certificate_name=bank_certificate.name, tags=tags) assert updated_certificate.properties print( f"Certificate with name '{bank_certificate.name}' was updated on date " @@ -100,4 +98,4 @@ async def run_sample(): if __name__ == "__main__": - asyncio.run(run_sample()) \ No newline at end of file + asyncio.run(run_sample()) diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/import_certificate_async.py b/sdk/keyvault/azure-keyvault-certificates/samples/import_certificate_async.py index b6edfea61381..150d071788d1 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/import_certificate_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/import_certificate_async.py @@ -31,6 +31,7 @@ # # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a certificate client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. @@ -65,5 +66,6 @@ async def run_sample(): await credential.close() await client.close() + if __name__ == "__main__": asyncio.run(run_sample()) diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/issuers_async.py b/sdk/keyvault/azure-keyvault-certificates/samples/issuers_async.py index e0a5ae6ba7f8..9aed2e1af2fe 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/issuers_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/issuers_async.py @@ -96,4 +96,4 @@ async def run_sample(): if __name__ == "__main__": - asyncio.run(run_sample()) \ No newline at end of file + asyncio.run(run_sample()) diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate.py b/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate.py index dc3efc2bbf68..1834734056ba 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate.py @@ -77,16 +77,13 @@ # in place of load_key_and_certificates. cert_bytes = base64.b64decode(certificate_secret.value) private_key, public_certificate, additional_certificates = pkcs12.load_key_and_certificates( - data=cert_bytes, - password=None + data=cert_bytes, password=None ) print(f"Certificate with name '{certificate_secret.name}' was parsed.") # Now we can clean up the vault by deleting, then purging, the certificate. print("\n.. Delete certificate") -delete_operation_poller = certificate_client.begin_delete_certificate( - certificate_name=cert_name -) +delete_operation_poller = certificate_client.begin_delete_certificate(certificate_name=cert_name) deleted_certificate = delete_operation_poller.result() assert deleted_certificate.name delete_operation_poller.wait() diff --git a/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate_async.py b/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate_async.py index 0ae13aa06a47..3d8f2e69382a 100644 --- a/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/samples/parse_certificate_async.py @@ -37,6 +37,7 @@ # # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a certificate client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. @@ -59,9 +60,7 @@ async def run_sample(): # Awaiting create_certificate will return the certificate as a KeyVaultCertificate # if creation is successful, and the CertificateOperation if not. - created_certificate = await certificate_client.create_certificate( - certificate_name=cert_name, policy=cert_policy - ) + created_certificate = await certificate_client.create_certificate(certificate_name=cert_name, policy=cert_policy) print(f"Certificate with name '{created_certificate.name}' was created") # Key Vault also creates a secret with the same name as the created certificate. @@ -77,8 +76,7 @@ async def run_sample(): # in place of load_key_and_certificates. cert_bytes = base64.b64decode(certificate_secret.value) private_key, public_certificate, additional_certificates = pkcs12.load_key_and_certificates( - data=cert_bytes, - password=None + data=cert_bytes, password=None ) print(f"Certificate with name '{certificate_secret.name}' was parsed.") diff --git a/sdk/keyvault/azure-keyvault-certificates/setup.py b/sdk/keyvault/azure-keyvault-certificates/setup.py index c7bb89ff6117..dfa53c235296 100644 --- a/sdk/keyvault/azure-keyvault-certificates/setup.py +++ b/sdk/keyvault/azure-keyvault-certificates/setup.py @@ -1,51 +1,44 @@ -#!/usr/bin/env python - -# ------------------------------------ -# Copyright (c) Microsoft Corporation. -# Licensed under the MIT License. -# ------------------------------------ -# pylint:disable=missing-docstring +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +# coding: utf-8 +import os import re -import os.path -from io import open -from setuptools import find_packages, setup +from setuptools import setup, find_packages + -# Change the PACKAGE_NAME only to change folder and different name PACKAGE_NAME = "azure-keyvault-certificates" -PACKAGE_PPRINT_NAME = "Key Vault Certificates" +PACKAGE_PPRINT_NAME = "Azure Keyvault Certificates" # a-b-c => a/b/c -PACKAGE_FOLDER_PATH = PACKAGE_NAME.replace("-", "/") -# a-b-c => a.b.c -NAMESPACE_NAME = PACKAGE_NAME.replace("-", ".") +package_folder_path = PACKAGE_NAME.replace("-", "/") # Version extraction inspired from 'requests' -with open(os.path.join(PACKAGE_FOLDER_PATH, "_version.py"), "r") as fd: - VERSION = re.search(r'^VERSION\s*=\s*[\'"]([^\'"]*)[\'"]', fd.read(), re.MULTILINE).group(1) +with open(os.path.join(package_folder_path, "_version.py"), "r") as fd: + version = re.search(r'^VERSION\s*=\s*[\'"]([^\'"]*)[\'"]', fd.read(), re.MULTILINE).group(1) -if not VERSION: +if not version: raise RuntimeError("Cannot find version information") -with open("README.md", encoding="utf-8") as f: - README = f.read() -with open("CHANGELOG.md", encoding="utf-8") as f: - CHANGELOG = f.read() setup( name=PACKAGE_NAME, - version=VERSION, - include_package_data=True, - description=f"Microsoft Azure {PACKAGE_PPRINT_NAME} Client Library for Python", - long_description=README + "\n\n" + CHANGELOG, + version=version, + description="Microsoft {} Client Library for Python".format(PACKAGE_PPRINT_NAME), + long_description=open("README.md", "r").read(), long_description_content_type="text/markdown", license="MIT License", author="Microsoft Corporation", - author_email="azurekeyvault@microsoft.com", - url="https://github.com/Azure/azure-sdk-for-python/tree/main/sdk/keyvault/azure-keyvault-certificates", + author_email="azpysdkhelp@microsoft.com", + url="https://github.com/Azure/azure-sdk-for-python/tree/main/sdk", keywords="azure, azure sdk", classifiers=[ - "Development Status :: 5 - Production/Stable", + "Development Status :: 4 - Beta", "Programming Language :: Python", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3", @@ -59,17 +52,20 @@ zip_safe=False, packages=find_packages( exclude=[ - "samples", "tests", # Exclude packages that will be covered by PEP420 or nspkg "azure", "azure.keyvault", ] ), - python_requires=">=3.8", + include_package_data=True, + package_data={ + "azure.keyvault.certificates": ["py.typed"], + }, install_requires=[ - "azure-core>=1.31.0", "isodate>=0.6.1", - "typing-extensions>=4.0.1", + "azure-core>=1.30.0", + "typing-extensions>=4.6.0", ], + python_requires=">=3.8", ) diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/_async_test_case.py b/sdk/keyvault/azure-keyvault-certificates/tests/_async_test_case.py index 959061de2552..90e3227a283c 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/_async_test_case.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/_async_test_case.py @@ -26,12 +26,12 @@ def __init__(self, **kwargs) -> None: self.azure_keyvault_url = os.environ["AZURE_KEYVAULT_URL"] self.is_logging_enabled = kwargs.pop("logging_enable", True) - + if is_live(): os.environ["AZURE_TENANT_ID"] = os.getenv("KEYVAULT_TENANT_ID", "") # empty in pipelines os.environ["AZURE_CLIENT_ID"] = os.getenv("KEYVAULT_CLIENT_ID", "") # empty in pipelines os.environ["AZURE_CLIENT_SECRET"] = os.getenv("KEYVAULT_CLIENT_SECRET", "") # empty for user-based auth - + def __call__(self, fn): async def _preparer(test_class, api_version, **kwargs): @@ -42,13 +42,14 @@ async def _preparer(test_class, api_version, **kwargs): async with client: await fn(test_class, client) + return _preparer - + def create_client(self, vault_uri, **kwargs): from azure.keyvault.certificates.aio import CertificateClient - - credential = self.get_credential(CertificateClient, is_async = True) - + + credential = self.get_credential(CertificateClient, is_async=True) + return self.create_client_from_credential( CertificateClient, credential=credential, vault_url=vault_uri, **kwargs ) diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/_shared/test_case_async.py b/sdk/keyvault/azure-keyvault-certificates/tests/_shared/test_case_async.py index 392d3ed03ded..469522a072fd 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/_shared/test_case_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/_shared/test_case_async.py @@ -41,4 +41,3 @@ async def _poll_until_exception(self, fn, expected_exception, max_retries=20, re def tear_down(self): HttpChallengeCache.clear() assert len(HttpChallengeCache._cache) == 0 - diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/_test_case.py b/sdk/keyvault/azure-keyvault-certificates/tests/_test_case.py index a36ebc805f23..5dcc9d819140 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/_test_case.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/_test_case.py @@ -10,7 +10,6 @@ import pytest - def get_decorator(**kwargs): """returns a test decorator for test parameterization""" versions = kwargs.pop("api_versions", None) or ApiVersion @@ -23,13 +22,13 @@ def __init__(self, **kwargs) -> None: self.azure_keyvault_url = "https://vaultname.vault.azure.net" self.is_logging_enabled = kwargs.pop("logging_enable", True) - + if is_live(): self.azure_keyvault_url = os.environ["AZURE_KEYVAULT_URL"] os.environ["AZURE_TENANT_ID"] = os.getenv("KEYVAULT_TENANT_ID", "") # empty in pipelines os.environ["AZURE_CLIENT_ID"] = os.getenv("KEYVAULT_CLIENT_ID", "") # empty in pipelines os.environ["AZURE_CLIENT_SECRET"] = os.getenv("KEYVAULT_CLIENT_SECRET", "") # empty for user-based auth - + def __call__(self, fn): def _preparer(test_class, api_version, **kwargs): @@ -40,13 +39,14 @@ def _preparer(test_class, api_version, **kwargs): with client: fn(test_class, client) + return _preparer - + def create_client(self, vault_uri, **kwargs): from azure.keyvault.certificates import CertificateClient - + credential = self.get_credential(CertificateClient) - + return self.create_client_from_credential( CertificateClient, credential=credential, vault_url=vault_uri, **kwargs ) diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/conftest.py b/sdk/keyvault/azure-keyvault-certificates/tests/conftest.py index ccbf8b0d4d3c..3a6b6a4f0dd5 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/conftest.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/conftest.py @@ -79,6 +79,7 @@ def immediate_return(_): else: yield + @pytest.fixture(scope="session") def event_loop(request): loop = asyncio.get_event_loop() diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client.py b/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client.py index 651d1b1002f4..166ddd45d5c4 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client.py @@ -27,7 +27,7 @@ LifetimeAction, CertificateIssuer, IssuerProperties, - WellKnownIssuerNames + WellKnownIssuerNames, ) from azure.keyvault.certificates._client import NO_SAN_OR_SUBJECT from azure.keyvault.certificates._shared.client_base import DEFAULT_VERSION @@ -126,7 +126,7 @@ def _validate_lifetime_actions(self, a, b): for a_entry in a: b_entry = next(x for x in b if x.action == a_entry.action) assert a_entry.lifetime_percentage == b_entry.lifetime_percentage - assert a_entry.days_before_expiry == b_entry.days_before_expiry + assert a_entry.days_before_expiry == b_entry.days_before_expiry def _validate_certificate_list(self, a, b): # verify that all certificates in a exist in b @@ -378,7 +378,9 @@ def test_recover_and_purge(self, client, **kwargs): @recorded_by_proxy def test_async_request_cancellation_and_deletion(self, client, **kwargs): if self.is_live: - pytest.skip("Skipping by default because of pipeline test flakiness: https://github.com/Azure/azure-sdk-for-python/issues/16333") + pytest.skip( + "Skipping by default because of pipeline test flakiness: https://github.com/Azure/azure-sdk-for-python/issues/16333" + ) cert_name = self.get_resource_name("asyncCanceledDeletedCert") cert_policy = CertificatePolicy.get_default() @@ -477,7 +479,6 @@ def test_get_pending_certificate_signing_request(self, client, **kwargs): pending_version_csr = client.get_certificate_operation(certificate_name=cert_name).csr assert client.get_certificate_operation(certificate_name=cert_name).csr == pending_version_csr - @pytest.mark.parametrize("api_version", exclude_2016_10_01) @CertificatesClientPreparer() @recorded_by_proxy @@ -584,7 +585,7 @@ def test_crud_issuer(self, client, **kwargs): raise ex @pytest.mark.parametrize("api_version", all_api_versions) - @CertificatesClientPreparer(logging_enable = True) + @CertificatesClientPreparer(logging_enable=True) @recorded_by_proxy def test_logging_enabled(self, client, **kwargs): mock_handler = MockHandler() @@ -618,7 +619,7 @@ def test_logging_enabled(self, client, **kwargs): assert False, "Expected request body wasn't logged" @pytest.mark.parametrize("api_version", all_api_versions) - @CertificatesClientPreparer(logging_enable = False) + @CertificatesClientPreparer(logging_enable=False) @recorded_by_proxy def test_logging_disabled(self, client, **kwargs): mock_handler = MockHandler() @@ -650,7 +651,6 @@ def test_logging_disabled(self, client, **kwargs): mock_handler.close() - @pytest.mark.parametrize("api_version", only_2016_10_01) @CertificatesClientPreparer() @recorded_by_proxy @@ -701,20 +701,26 @@ def test_list_properties_of_certificates(self, client, **kwargs): with pytest.raises(NotImplementedError) as excinfo: [_ for _ in client.list_properties_of_certificates(include_pending=True)] - assert "The 'include_pending' parameter to `list_properties_of_certificates` is only available for API versions v7.0 and up" in str(excinfo.value) + assert ( + "The 'include_pending' parameter to `list_properties_of_certificates` is only available for API versions v7.0 and up" + in str(excinfo.value) + ) @pytest.mark.parametrize("api_version", only_2016_10_01) @CertificatesClientPreparer() @recorded_by_proxy def test_list_deleted_certificates(self, client, **kwargs): """Tests API version v2016_10_01""" - + [_ for _ in client.list_deleted_certificates()] with pytest.raises(NotImplementedError) as excinfo: [_ for _ in client.list_deleted_certificates(include_pending=True)] - assert "The 'include_pending' parameter to `list_deleted_certificates` is only available for API versions v7.0 and up" in str(excinfo.value) + assert ( + "The 'include_pending' parameter to `list_deleted_certificates` is only available for API versions v7.0 and up" + in str(excinfo.value) + ) @pytest.mark.parametrize("api_version", only_latest) @CertificatesClientPreparer() @@ -729,6 +735,7 @@ def test_40x_handling(self, client, **kwargs): # 409 is raised correctly (`begin_create_certificate` shouldn't actually trigger this, but for raising behavior) def run(*_, **__): return Mock(http_response=Mock(status_code=409)) + with patch.object(client._client._client._pipeline, "run", run): with pytest.raises(ResourceExistsError): client.begin_create_certificate("...", CertificatePolicy.get_default()) diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client_async.py b/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client_async.py index 59e37b9a8e16..47340dea7a9d 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/test_certificates_client_async.py @@ -26,7 +26,7 @@ LifetimeAction, CertificateIssuer, IssuerProperties, - WellKnownIssuerNames + WellKnownIssuerNames, ) from azure.keyvault.certificates.aio import CertificateClient from azure.keyvault.certificates._client import NO_SAN_OR_SUBJECT @@ -102,7 +102,7 @@ def _validate_certificate_policy(self, a, b): if a.enhanced_key_usage: assert set(a.enhanced_key_usage) == set(b.enhanced_key_usage) if a.key_usage: - assert set(a.key_usage) == set(b.key_usage) + assert set(a.key_usage) == set(b.key_usage) assert a.content_type == b.content_type assert a.validity_in_months == b.validity_in_months assert a.certificate_type == b.certificate_type @@ -186,7 +186,6 @@ async def test_crud_operations(self, client, **kwargs): self._validate_certificate_bundle(cert=cert, cert_name=cert_name, cert_policy=cert_policy) assert (await client.get_certificate_operation(certificate_name=cert_name)).status.lower() == "completed" - # get certificate cert = await client.get_certificate(certificate_name=cert_name) @@ -486,7 +485,6 @@ async def test_policy(self, client, **kwargs): self._validate_certificate_policy(cert_policy, returned_policy) - @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) @AsyncCertificatesClientPreparer() @@ -611,7 +609,7 @@ async def test_crud_issuer(self, client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_logging_enabled(self, client, **kwargs): mock_handler = MockHandler() @@ -646,7 +644,7 @@ async def test_logging_enabled(self, client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = False) + @AsyncCertificatesClientPreparer(logging_enable=False) @recorded_by_proxy_async async def test_logging_disabled(self, client, **kwargs): mock_handler = MockHandler() @@ -680,7 +678,7 @@ async def test_logging_disabled(self, client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_get_certificate_version(self, client, **kwargs): cert_name = self.get_resource_name("cert") @@ -708,7 +706,7 @@ async def test_get_certificate_version(self, client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", only_2016_10_01) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_list_properties_of_certificates(self, client, **kwargs): """Tests API version v2016_10_01""" @@ -722,12 +720,14 @@ async def test_list_properties_of_certificates(self, client, **kwargs): async for cert in certs: pass - assert "The 'include_pending' parameter to `list_properties_of_certificates` is only available for API versions v7.0 and up" in str(excinfo.value) + assert ( + "The 'include_pending' parameter to `list_properties_of_certificates` is only available for API versions v7.0 and up" + in str(excinfo.value) + ) - @pytest.mark.asyncio @pytest.mark.parametrize("api_version", only_2016_10_01) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_list_deleted_certificates_2016_10_01(self, client, **kwargs): """Tests API version v2016_10_01""" @@ -741,7 +741,10 @@ async def test_list_deleted_certificates_2016_10_01(self, client, **kwargs): async for cert in certs: pass - assert "The 'include_pending' parameter to `list_deleted_certificates` is only available for API versions v7.0 and up" in str(excinfo.value) + assert ( + "The 'include_pending' parameter to `list_deleted_certificates` is only available for API versions v7.0 and up" + in str(excinfo.value) + ) @pytest.mark.asyncio @pytest.mark.parametrize("api_version", only_latest) @@ -757,6 +760,7 @@ async def test_40x_handling(self, client, **kwargs): # 409 is raised correctly (`create_certificate` shouldn't actually trigger this, but for raising behavior) async def run(*_, **__): return Mock(http_response=Mock(status_code=409)) + with patch.object(client._client._client._pipeline, "run", run): with pytest.raises(ResourceExistsError): await client.create_certificate("...", CertificatePolicy.get_default()) diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates.py b/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates.py index 4c3038b12bf1..265667eaaa2c 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates.py @@ -41,9 +41,7 @@ def test_example_certificate_crud_operations(self, certificate_client, **kwargs) cert_name = self.get_resource_name("cert-name") # [START create_certificate] - from azure.keyvault.certificates import (CertificateContentType, - CertificatePolicy, - WellKnownIssuerNames) + from azure.keyvault.certificates import CertificateContentType, CertificatePolicy, WellKnownIssuerNames # specify the certificate policy cert_policy = CertificatePolicy( diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates_async.py b/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates_async.py index 04e42c9ac805..0828bc7815d5 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/test_examples_certificates_async.py @@ -43,7 +43,7 @@ async def test_create_certificate(): class TestExamplesKeyVault(KeyVaultTestCase): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_certificate_crud_operations(self, certificate_client, **kwargs): cert_name = self.get_resource_name("cert-name") @@ -116,7 +116,7 @@ async def test_example_certificate_crud_operations(self, certificate_client, **k @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_certificate_list_operations(self, certificate_client, **kwargs): # specify the certificate policy @@ -176,7 +176,7 @@ async def test_example_certificate_list_operations(self, certificate_client, **k @pytest.mark.asyncio @pytest.mark.parametrize("api_version", exclude_2016_10_01) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_certificate_backup_restore(self, certificate_client, **kwargs): # specify the certificate policy @@ -223,7 +223,7 @@ async def test_example_certificate_backup_restore(self, certificate_client, **kw @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_certificate_recover(self, certificate_client, **kwargs): # specify the certificate policy @@ -262,7 +262,7 @@ async def test_example_certificate_recover(self, certificate_client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_contacts(self, certificate_client, **kwargs): # [START set_contacts] @@ -302,7 +302,7 @@ async def test_example_contacts(self, certificate_client, **kwargs): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_example_issuers(self, certificate_client, **kwargs): # [START create_issuer] diff --git a/sdk/keyvault/azure-keyvault-certificates/tests/test_merge_certificate_async.py b/sdk/keyvault/azure-keyvault-certificates/tests/test_merge_certificate_async.py index 3534aa984b6d..7b75e49382d1 100644 --- a/sdk/keyvault/azure-keyvault-certificates/tests/test_merge_certificate_async.py +++ b/sdk/keyvault/azure-keyvault-certificates/tests/test_merge_certificate_async.py @@ -20,7 +20,7 @@ class TestMergeCertificate(KeyVaultTestCase): @pytest.mark.asyncio @pytest.mark.parametrize("api_version", all_api_versions) - @AsyncCertificatesClientPreparer(logging_enable = True) + @AsyncCertificatesClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_merge_certificate(self, client, **kwargs): set_bodiless_matcher() diff --git a/sdk/keyvault/azure-keyvault-certificates/tsp-location.yaml b/sdk/keyvault/azure-keyvault-certificates/tsp-location.yaml new file mode 100644 index 000000000000..1d615355e20b --- /dev/null +++ b/sdk/keyvault/azure-keyvault-certificates/tsp-location.yaml @@ -0,0 +1,5 @@ +directory: specification/keyvault/Security.KeyVault.Certificates +commit: 1ba5dd7a40742434101a1d705b537a71a7c585c5 +repo: Azure/azure-rest-api-specs +additionalDirectories: +- specification/keyvault/Security.KeyVault.Common