feat(ark e2e): add get endpoint cert by ak/sk

Change-Id: I82722c49b1f4684f6a9a6d70e56c7e7ac66ef0c8

Author: liuhuiqi.7

volcenginesdkarkruntime/_client.py

@@ -87,7 +87,7 @@ def __init__(
 
         self._default_stream_cls = Stream
         self._sts_token_manager: StsTokenManager | None = None
-        self._certificate_manager: Dict[str, key_agreement_client] | None = None
+        self._certificate_manager: E2ECertificateManager | None = None
 
         self.chat = resources.Chat(self)
         self.bot_chat = resources.BotChat(self)
@@ -103,32 +103,11 @@ def _get_endpoint_sts_token(self, endpoint_id: str):
         return self._sts_token_manager.get(endpoint_id)
 
     def _get_endpoint_certificate(self, endpoint_id: str) -> key_agreement_client:
-        seed_pem = """-----BEGIN CERTIFICATE-----
-MIICxjCCAm2gAwIBAgIUG8YxEzdBJnYjBEYSc1j2diJ8/uMwCgYIKoZIzj0EAwIw
-gYQxITAfBgNVBAMMGE1hYVMgU0RLIFN1YiBDQSBFQ0MgUDI1NjEbMBkGA1UECgwS
-Vm9sY2FubyBFbmdpbmUgQXJrMREwDwYDVQQLDAhTZWN1cml0eTELMAkGA1UEBhMC
-Q04xEDAOBgNVBAgMB0JlaWppbmcxEDAOBgNVBAcMB0JlaWppbmcwHhcNMjQwMTAz
-MDY1MjM4WhcNMjkwMTAzMDY1MjM4WjCBgjELMAkGA1UEBhMCQ04xEDAOBgNVBAgT
-B0JlaWppbmcxEDAOBgNVBAcTB0JlaWppbmcxGzAZBgNVBAoTElZvbGNhbm8gRW5n
-aW5lIEFyazERMA8GA1UECxMIU2VjdXJpdHkxHzAdBgNVBAMTFk1hYVMgQ3J5cHRv
-IFNESyBPbmxpbmUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATD7RyZC51FCwuK
-xYKh2ZCwIvbNDvQfosUk3gKc0B/+euemDWDAaVazuBOm8okHsSmUrsEudeksRruG
-LTGu1lBxo4G8MIG5MA4GA1UdDwEB/wQEAwIDiDBYBgNVHR8EUTBPME2gS6BJhkdo
-dHRwOi8vY3JsLnZvbGNjYS5jb20vdm9sYzE/c249NURCNEUwNDNFRjQ3MEY3RDBB
-REU0RDIyMTNBNTU1NTEzMjEyOEM3MzA4BggrBgEFBQcBAQQsMCowKAYIKwYBBQUH
-MAGGHGh0dHA6Ly9vY3NwLnZvbGNjYS5jb20vdm9sYzEwEwYDVR0lBAwwCgYIKwYB
-BQUHAwEwCgYIKoZIzj0EAwIDRwAwRAIgFSel9WBkyPmpdG6YzReb7ShCVKq3scT3
-9T2mfBgooPkCIHpRalKvIJX5S9oSyTf6iQiUcwzfUHd47Ew+PUV7O6aq
------END CERTIFICATE-----"""
         if self._certificate_manager is None:
-            self._certificate_manager = {}
-        if endpoint_id not in self._certificate_manager:
             if self.ak is None or self.sk is None:
                 raise ArkAPIError("must set ak and sk before get endpoint token.")
-            self._certificate_manager[endpoint_id] = key_agreement_client(
-                certificate_pem_string=seed_pem
-            )
-        return self._certificate_manager[endpoint_id]
+            self._certificate_manager = E2ECertificateManager(self.ak, self.sk, self.region)
+        return self._certificate_manager.get(endpoint_id)
 
     def _get_bot_sts_token(self, bot_id: str):
         if self._sts_token_manager is None:
@@ -302,3 +281,37 @@ def _load_api_key(self, ep: str, duration_seconds: int,
         )
 
         return resp.api_key, resp.expired_time
+
+class E2ECertificateManager(object):
+    def __init__(self, ak: str, sk: str, region: str):
+        self._certificate_manager: Dict[str, key_agreement_client] = {}
+
+        import volcenginesdkcore
+
+        configuration = volcenginesdkcore.Configuration()
+        configuration.ak = ak
+        configuration.sk = sk
+        configuration.region = region
+        configuration.schema = "https"
+
+        volcenginesdkcore.Configuration.set_default(configuration)
+        self.api_instance = volcenginesdkark.ARKApi()
+
+    def _load_api_key(self, ep: str) -> str:
+        get_endpoint_certificate_request = volcenginesdkark.GetEndpointCertificateRequest(
+            id=ep
+        )
+        try:
+            resp: volcenginesdkark.GetEndpointCertificateResponse = self.api_instance.get_endpoint_certificate(get_endpoint_certificate_request)
+        except ApiException as e:
+            print("Exception when calling api: %s\n" % e)
+
+        return resp.pca_instance_certificate
+
+    def get(self, ep: str) -> str:
+        if ep not in self._certificate_manager:
+            cert_pem = self._load_api_key(ep)
+            self._certificate_manager[ep] = key_agreement_client(
+                certificate_pem_string=cert_pem
+            )
+        return self._certificate_manager[ep]