async def test_crud_issuer(self, client, **kwargs):
issuer_name = "issuer"
admin_contacts = [
AdministratorContact(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# create certificate issuer
issuer = await client.create_issuer(issuer_name,
"Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
enabled=True)
expected = CertificateIssuer(
provider="Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
issuer_id=client.vault_url + "/certificates/issuers/" +
issuer_name,
)
self._validate_certificate_issuer(expected, issuer)
# get certificate issuer
issuer = await client.get_issuer(issuer_name=issuer_name)
self._validate_certificate_issuer(expected, issuer)
# list certificate issuers
await client.create_issuer(
issuer_name=issuer_name + "2",
provider="Test",
account_id="keyvaultuser2",
admin_contacts=admin_contacts,
enabled=True,
)
expected_base_1 = IssuerProperties(issuer_id=client.vault_url +
"/certificates/issuers/" +
issuer_name,
provider="Test")
expected_base_2 = IssuerProperties(issuer_id=client.vault_url +
"/certificates/issuers/" +
issuer_name + "2",
provider="Test")
expected_issuers = [expected_base_1, expected_base_2]
issuers = client.list_properties_of_issuers()
async for issuer in issuers:
exp_issuer = next(
(i for i in expected_issuers if i.name == issuer.name), None)
self.assertIsNotNone(exp_issuer)
self._validate_certificate_issuer_properties(exp_issuer, issuer)
expected_issuers.remove(exp_issuer)
self.assertEqual(len(expected_issuers), 0)
# update certificate issuer
admin_contacts = [
AdministratorContact(first_name="Jane",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
expected = CertificateIssuer(
provider="Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
issuer_id=client.vault_url + "/certificates/issuers/" +
issuer_name,
)
issuer = await client.update_issuer(issuer_name,
admin_contacts=admin_contacts)
self._validate_certificate_issuer(expected, issuer)
# delete certificate issuer
await client.delete_issuer(issuer_name=issuer_name)
# get certificate issuer returns not found
try:
await client.get_issuer(issuer_name=issuer_name)
self.fail("Get should fail")
except Exception as ex:
if not hasattr(ex,
"message") or "not found" not in ex.message.lower():
raise ex
#
# 5. Delete an issuer (delete_issuer)
# ----------------------------------------------------------------------------------------------------------
# Instantiate a certificate client that will be used to call the service.
# Notice that the client is using default Azure credentials.
# To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
# 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials.
VAULT_URL = os.environ["VAULT_URL"]
credential = DefaultAzureCredential()
client = CertificateClient(vault_url=VAULT_URL, credential=credential)
# First we specify the AdministratorContact for our issuers.
admin_contacts = [
AdministratorContact(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# Next we create an issuer with these administrator details
# The name field refers to the name you would like to get the issuer. There are also pre-set names, such as 'Self' and 'Unknown'
# The provider for your issuer must exist for your vault location and tenant id.
client.create_issuer(issuer_name="issuer1",
provider="Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
enabled=True)
# Now we get this issuer by name
issuer1 = client.get_issuer(issuer_name="issuer1")
async def test_example_issuers(self, vault_client, **kwargs):
certificate_client = vault_client.certificates
# [START create_issuer]
from azure.keyvault.certificates import AdministratorContact
# First we specify the AdministratorContact for a issuer.
admin_contacts = [
AdministratorContact(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
issuer = await certificate_client.create_issuer(
issuer_name="issuer1",
provider="Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
enabled=True)
print(issuer.name)
print(issuer.provider)
print(issuer.account_id)
for contact in issuer.admin_contacts:
print(contact.first_name)
print(contact.last_name)
print(contact.email)
print(contact.phone)
# [END create_issuer]
# [START get_issuer]
issuer = await certificate_client.get_issuer("issuer1")
print(issuer.name)
print(issuer.provider)
print(issuer.account_id)
for contact in issuer.admin_contacts:
print(contact.first_name)
print(contact.last_name)
print(contact.email)
print(contact.phone)
# [END get_issuer]
await certificate_client.create_issuer(issuer_name="issuer2",
provider="Test",
account_id="keyvaultuser",
enabled=True)
# [START list_properties_of_issuers]
issuers = certificate_client.list_properties_of_issuers()
async for issuer in issuers:
print(issuer.name)
print(issuer.provider)
# [END list_properties_of_issuers]
# [START delete_issuer]
deleted_issuer = await certificate_client.delete_issuer("issuer1")
print(deleted_issuer.name)
print(deleted_issuer.provider)
print(deleted_issuer.account_id)
for contact in deleted_issuer.admin_contacts:
print(contact.first_name)
print(contact.last_name)
print(contact.email)
print(contact.phone)
async def run_sample():
# Instantiate a certificate client that will be used to call the service.
# Notice that the client is using default Azure credentials.
# To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
# 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials.
VAULT_URL = os.environ["VAULT_URL"]
credential = DefaultAzureCredential()
client = CertificateClient(vault_url=VAULT_URL, credential=credential)
try:
# First we specify the AdministratorContact for our issuers.
admin_contacts = [
AdministratorContact(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# Next we create an issuer with these administrator details
# The name field refers to the name you would like to get the issuer. There are also pre-set names, such as 'Self' and 'Unknown'
await client.create_issuer(issuer_name="issuer1",
provider="Test",
account_id="keyvaultuser",
admin_contacts=admin_contacts,
enabled=True)
# Now we get this issuer by name
issuer1 = await client.get_issuer("issuer1")
print(issuer1.name)
print(issuer1.properties.provider)
print(issuer1.account_id)
for contact in issuer1.admin_contacts:
print(contact.first_name)
print(contact.last_name)
print(contact.email)
print(contact.phone)
# Now we update the admnistrator contact for this issuer
admin_contacts = [
AdministratorContact(first_name="Jane",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
issuer1 = await client.update_issuer(issuer_name="issuer1",
admin_contacts=admin_contacts)
for contact in issuer1.admin_contacts:
print(contact.first_name)
print(contact.last_name)
print(contact.email)
print(contact.phone)
# Now we will list all of the certificate issuers for this key vault. To better demonstrate this, we will first create another issuer.
await client.create_issuer(issuer_name="issuer2",
provider="Test",
account_id="keyvaultuser",
enabled=True)
issuers = client.list_properties_of_issuers()
async for issuer in issuers:
print(issuer.name)
print(issuer.provider)
# Finally, we delete our first issuer by name.
await client.delete_issuer("issuer1")
except HttpResponseError as e:
print("\nrun_sample has caught an error. {0}".format(e.message))
finally:
print("\nrun_sample done")
