Ejemplo n.º 1
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
import asyncio

import pytest

from _shared.test_case_async import KeyVaultTestCase
from _test_case import AdministrationTestCase, backup_client_setup, get_decorator


all_api_versions = get_decorator(is_async=True)


class TestExamplesTests(AdministrationTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, match_body=False, **kwargs)

    @all_api_versions()
    @backup_client_setup
    async def test_example_backup_and_restore(self, client):
        if self.is_live:
            pytest.skip("SAS token failures are causing sev2 alerts for service team")

        backup_client = client
        container_uri = self.container_uri
        sas_token = self.sas_token

        # [START begin_backup]
        # begin a vault backup
Ejemplo n.º 2
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# -------------------------------------
from __future__ import print_function

import time

import pytest
from devtools_testutils import recorded_by_proxy

from _shared.test_case import KeyVaultTestCase
from _test_case import SecretsClientPreparer, get_decorator

all_api_versions = get_decorator()


def print(*args):
    assert all(arg is not None for arg in args)


def test_create_secret_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_secret_client]
    from azure.identity import DefaultAzureCredential
    from azure.keyvault.secrets import SecretClient

    # Create a SecretClient using default Azure credentials
    credential = DefaultAzureCredential()
    secret_client = SecretClient(vault_url, credential)
Ejemplo n.º 3
0
from azure.keyvault.keys.crypto._key_validity import _UTC
from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider
from azure.keyvault.keys.crypto.aio import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm
from azure.mgmt.keyvault.models import KeyPermissions, Permissions
import pytest

from _shared.helpers_async import get_completed_future
from _shared.json_attribute_matcher import json_attribute_matcher
from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

# without keys/get, a CryptographyClient created with a key ID performs all ops remotely
NO_GET = Permissions(
    keys=[p.value for p in KeyPermissions if p.value != "get"])

all_api_versions = get_decorator(is_async=True)
hsm_only = get_decorator(hsm_only=True, is_async=True)
no_get = get_decorator(is_async=True, permissions=NO_GET)


class CryptoClientTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        super().__init__(*args,
                         match_body=False,
                         custom_request_matchers=[json_attribute_matcher],
                         **kwargs)

    plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd"
    iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec")
    aad = b"test"
Ejemplo n.º 4
0
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.keyvault.keys import (
    ApiVersion,
    JsonWebKey,
    KeyClient,
    KeyReleasePolicy,
    KeyRotationLifetimeAction,
    KeyRotationPolicyAction,
)
import pytest
from six import byte2int

from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, is_public_cloud, KeysTestCase

all_api_versions = get_decorator()
only_hsm = get_decorator(only_hsm=True)
only_hsm_7_3_preview = get_decorator(only_hsm=True,
                                     api_versions=[ApiVersion.V7_3_PREVIEW])
only_vault_7_3_preview = get_decorator(only_vault=True,
                                       api_versions=[ApiVersion.V7_3_PREVIEW])
only_7_3_preview = get_decorator(api_versions=[ApiVersion.V7_3_PREVIEW])
logging_enabled = get_decorator(logging_enable=True)
logging_disabled = get_decorator(logging_enable=False)


def _assert_rotation_policies_equal(p1, p2):
    assert p1.id == p2.id
    assert p1.expires_in == p2.expires_in
    assert p1.created_on == p2.created_on
    assert p1.updated_on == p2.updated_on
Ejemplo n.º 5
0
from azure.keyvault.keys import JsonWebKey, KeyCurveName, KeyOperation, KeyVaultKey
from azure.keyvault.keys.crypto import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm
from azure.keyvault.keys.crypto._key_validity import _UTC
from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider
from azure.mgmt.keyvault.models import KeyPermissions, Permissions
import pytest

from _shared.json_attribute_matcher import json_attribute_matcher
from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

# without keys/get, a CryptographyClient created with a key ID performs all ops remotely
NO_GET = Permissions(
    keys=[p.value for p in KeyPermissions if p.value != "get"])

all_api_versions = get_decorator()
hsm_only = get_decorator(hsm_only=True)
no_get = get_decorator(permissions=NO_GET)


class CryptoClientTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        kwargs["match_body"] = False
        kwargs["custom_request_matchers"] = [json_attribute_matcher]
        super(CryptoClientTests, self).__init__(*args, **kwargs)

    plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd"
    iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec")
    aad = b"test"

    def _create_rsa_key(self, client, key_name, **kwargs):
Ejemplo n.º 6
0
from azure.keyvault.keys import ApiVersion, JsonWebKey, KeyCurveName, KeyOperation, KeyVaultKey
from azure.keyvault.keys.crypto import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm
from azure.keyvault.keys.crypto._key_validity import _UTC
from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider
from azure.mgmt.keyvault.models import KeyPermissions, Permissions
import pytest

from _shared.json_attribute_matcher import json_attribute_matcher
from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

# without keys/get, a CryptographyClient created with a key ID performs all ops remotely
NO_GET = Permissions(
    keys=[p.value for p in KeyPermissions if p.value != "get"])

all_api_versions = get_decorator()
only_hsm = get_decorator(only_hsm=True)
no_get = get_decorator(permissions=NO_GET)


class CryptoClientTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        kwargs["match_body"] = False
        kwargs["custom_request_matchers"] = [json_attribute_matcher]
        super(CryptoClientTests, self).__init__(*args, **kwargs)

    plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd"
    iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec")
    aad = b"test"

    def _create_rsa_key(self, client, key_name, **kwargs):
Ejemplo n.º 7
0
# ------------------------------------
from __future__ import print_function
import time

from azure.keyvault.certificates import (
    ApiVersion,
    CertificatePolicy,
    CertificateContentType,
    WellKnownIssuerNames,
)
from parameterized import parameterized, param

from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, CertificatesTestCase

all_api_versions = get_decorator()
exclude_2016_10_01 = get_decorator(
    api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01])


def print(*args):
    assert all(arg is not None for arg in args)


def test_create_certificate_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_certificate_client]
    from azure.identity import DefaultAzureCredential
    from azure.keyvault.certificates import CertificateClient
Ejemplo n.º 8
0
# ------------------------------------
import functools
from dateutil import parser as date_parse
import time
import logging
import json

from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.keyvault.secrets import SecretClient

from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, SecretsTestCase


all_api_versions = get_decorator()
logging_enabled = get_decorator(logging_enable=True)
logging_disabled = get_decorator(logging_enable=False)


# used for logging tests
class MockHandler(logging.Handler):
    def __init__(self):
        super(MockHandler, self).__init__()
        self.messages = []

    def emit(self, record):
        self.messages.append(record)


class SecretClientTests(SecretsTestCase, KeyVaultTestCase):
Ejemplo n.º 9
0
from azure.core.exceptions import ServiceRequestError
from azure.core.pipeline import Pipeline
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.core.pipeline.transport import HttpRequest
from azure.identity import ClientSecretCredential
from azure.keyvault.keys import KeyClient
from azure.keyvault.keys._shared import ChallengeAuthPolicy, HttpChallenge, HttpChallengeCache
from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION

import pytest

from _shared.helpers import mock_response, Request, validating_transport
from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

only_default_version = get_decorator(api_versions=[DEFAULT_VERSION])


class ChallengeAuthTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        super(ChallengeAuthTests, self).__init__(*args,
                                                 match_body=False,
                                                 **kwargs)

    @only_default_version()
    @client_setup
    def test_multitenant_authentication(self, client, is_hsm, **kwargs):
        if not self.is_live:
            pytest.skip("This test is incompatible with vcrpy in playback")

        client_id = os.environ.get("KEYVAULT_CLIENT_ID")
Ejemplo n.º 10
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
import asyncio

from azure.keyvault.certificates import ApiVersion, CertificatePolicy, CertificateContentType, WellKnownIssuerNames
import pytest

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, CertificatesTestCase

all_api_versions = get_decorator(is_async=True)
exclude_2016_10_01 = get_decorator(
    is_async=True,
    api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01])


def print(*args):
    assert all(arg is not None for arg in args)


@pytest.mark.asyncio
async def test_create_certificate():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_certificate_client]
    from azure.identity.aio import DefaultAzureCredential
    from azure.keyvault.certificates.aio import CertificateClient

    # Create a KeyVaultCertificate using default Azure credentials
Ejemplo n.º 11
0
from dateutil import parser as date_parse
import functools
import json
import logging

from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.keyvault.keys import ApiVersion, JsonWebKey, KeyReleasePolicy
from azure.keyvault.keys.aio import KeyClient
import pytest
from six import byte2int

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, KeysTestCase

all_api_versions = get_decorator(is_async=True)
only_hsm = get_decorator(only_hsm=True, is_async=True)
only_hsm_7_3_preview = get_decorator(only_hsm=True,
                                     is_async=True,
                                     api_versions=[ApiVersion.V7_3_PREVIEW])
logging_enabled = get_decorator(is_async=True, logging_enable=True)
logging_disabled = get_decorator(is_async=True, logging_enable=False)


# used for logging tests
class MockHandler(logging.Handler):
    def __init__(self):
        super(MockHandler, self).__init__()
        self.messages = []

    def emit(self, record):
Ejemplo n.º 12
0
from azure.core.pipeline import AsyncPipeline
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.core.pipeline.transport import HttpRequest
from azure.identity.aio import ClientSecretCredential
from azure.keyvault.keys.aio import KeyClient
from azure.keyvault.keys._shared import AsyncChallengeAuthPolicy, HttpChallenge, HttpChallengeCache
from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION
import pytest

from _shared.helpers import mock_response, Request
from _shared.helpers_async import async_validating_transport
from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase
from test_challenge_auth import empty_challenge_cache, get_random_url

only_default_version = get_decorator(is_async=True,
                                     api_versions=[DEFAULT_VERSION])


class ChallengeAuthTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, match_body=False, **kwargs)

    @only_default_version()
    @client_setup
    async def test_multitenant_authentication(self, client, is_hsm, **kwargs):
        if not self.is_live:
            pytest.skip("This test is incompatible with vcrpy in playback")

        client_id = os.environ.get("KEYVAULT_CLIENT_ID")
        client_secret = os.environ.get("KEYVAULT_CLIENT_SECRET")
        if not (client_id and client_secret):
Ejemplo n.º 13
0
from azure.keyvault.keys.crypto._key_validity import _UTC
from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider
from azure.keyvault.keys.crypto.aio import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm
from azure.mgmt.keyvault.models import KeyPermissions, Permissions
import pytest

from _shared.helpers_async  import get_completed_future
from _shared.json_attribute_matcher import json_attribute_matcher
from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase


# without keys/get, a CryptographyClient created with a key ID performs all ops remotely
NO_GET = Permissions(keys=[p.value for p in KeyPermissions if p.value != "get"])

all_api_versions = get_decorator(is_async=True)
only_hsm = get_decorator(only_hsm=True, is_async=True)
no_get = get_decorator(is_async=True, permissions=NO_GET)


class CryptoClientTests(KeysTestCase, KeyVaultTestCase):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, match_body=False, custom_request_matchers=[json_attribute_matcher], **kwargs)

    plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd"
    iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec")
    aad = b"test"

    async def _create_rsa_key(self, client, key_name, **kwargs):
        key_ops = ["encrypt", "decrypt", "sign", "verify", "wrapKey", "unwrapKey"]
        hsm = kwargs.get("hardware_protected") or False
Ejemplo n.º 14
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
import asyncio
import os

from azure.keyvault.keys import KeyType
import pytest

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase


all_api_versions = get_decorator(is_async=True, only_vault=True)
only_hsm = get_decorator(only_hsm=True, is_async=True)


def print(*args):
    assert all(arg is not None for arg in args)


@pytest.mark.asyncio
async def test_create_key_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_key_client]
    from azure.identity.aio import DefaultAzureCredential
    from azure.keyvault.keys.aio import KeyClient

    # Create a KeyClient using default Azure credentials
Ejemplo n.º 15
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
from __future__ import print_function
import time

from azure.keyvault.keys import KeyType

from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase


all_api_versions = get_decorator(vault_only=True)


def print(*args):
    assert all(arg is not None for arg in args)


def test_create_key_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_key_client]
    from azure.identity import DefaultAzureCredential
    from azure.keyvault.keys import KeyClient

    # Create a KeyClient using default Azure credentials
    credential = DefaultAzureCredential()
    key_client = KeyClient(vault_url, credential)
    # [END create_key_client]
Ejemplo n.º 16
0
import codecs
from dateutil import parser as date_parse
import functools
import json
import logging

from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure.keyvault.keys import JsonWebKey
from azure.keyvault.keys.aio import KeyClient
from six import byte2int

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

all_api_versions = get_decorator(is_async=True)
hsm_only = get_decorator(hsm_only=True, is_async=True)
logging_enabled = get_decorator(is_async=True, logging_enable=True)
logging_disabled = get_decorator(is_async=True, logging_enable=False)


# used for logging tests
class MockHandler(logging.Handler):
    def __init__(self):
        super(MockHandler, self).__init__()
        self.messages = []

    def emit(self, record):
        self.messages.append(record)
Ejemplo n.º 17
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
from __future__ import print_function
import time
import os
import pytest

from azure.keyvault.keys import KeyType

from _shared.test_case import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase

all_api_versions = get_decorator(only_vault=True)
only_hsm = get_decorator(only_hsm=True)


def print(*args):
    assert all(arg is not None for arg in args)


def test_create_key_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_key_client]
    from azure.identity import DefaultAzureCredential
    from azure.keyvault.keys import KeyClient

    # Create a KeyClient using default Azure credentials
    credential = DefaultAzureCredential()
Ejemplo n.º 18
0
from azure.core.pipeline.policies import SansIOHTTPPolicy
from azure_devtools.scenario_tests import RecordingProcessor
from azure.keyvault.certificates import (
    AdministratorContact, ApiVersion, CertificateContact,
    CertificatePolicyAction, CertificatePolicy, KeyType, KeyCurveName,
    KeyUsageType, KeyVaultCertificateIdentifier, CertificateContentType,
    LifetimeAction, CertificateIssuer, IssuerProperties, WellKnownIssuerNames)
from azure.keyvault.certificates.aio import CertificateClient
from azure.keyvault.certificates._client import NO_SAN_OR_SUBJECT
import pytest

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, CertificatesTestCase
from test_certificates_client import CERT_CONTENT_PASSWORD_ENCODED, CERT_CONTENT_NOT_PASSWORD_ENCODED

all_api_versions = get_decorator(is_async=True)
logging_enabled = get_decorator(is_async=True, logging_enable=True)
logging_disabled = get_decorator(is_async=True, logging_enable=False)
exclude_2016_10_01 = get_decorator(
    is_async=True,
    api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01])
only_2016_10_01 = get_decorator(is_async=True,
                                api_versions=[ApiVersion.V2016_10_01])


class RetryAfterReplacer(RecordingProcessor):
    """Replace the retry after wait time in the replay process to 0."""
    def process_response(self, response):
        if "retry-after" in response["headers"]:
            response["headers"]["retry-after"] = "0"
        return response
Ejemplo n.º 19
0
# ------------------------------------
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
# ------------------------------------
import asyncio

from azure.keyvault.keys import KeyType
import pytest

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_decorator, KeysTestCase


all_api_versions = get_decorator(is_async=True, vault_only=True)


def print(*args):
    assert all(arg is not None for arg in args)


@pytest.mark.asyncio
async def test_create_key_client():
    vault_url = "vault_url"
    # pylint:disable=unused-variable
    # [START create_key_client]
    from azure.identity.aio import DefaultAzureCredential
    from azure.keyvault.keys.aio import KeyClient

    # Create a KeyClient using default Azure credentials
    credential = DefaultAzureCredential()
    key_client = KeyClient(vault_url, credential)
Ejemplo n.º 20
0
    JsonWebKey,
    KeyReleasePolicy,
    KeyRotationLifetimeAction,
    KeyRotationPolicy,
    KeyRotationPolicyAction,
)
from azure.keyvault.keys.aio import KeyClient
import pytest
from six import byte2int

from _shared.test_case_async import KeyVaultTestCase
from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, is_public_cloud, KeysTestCase
from test_key_client import _assert_lifetime_actions_equal, _assert_rotation_policies_equal


all_api_versions = get_decorator(is_async=True)
only_hsm = get_decorator(only_hsm=True, is_async=True)
only_hsm_7_3 = get_decorator(only_hsm=True, is_async=True, api_versions=[ApiVersion.V7_3])
only_vault_7_3 = get_decorator(only_vault=True, is_async=True, api_versions=[ApiVersion.V7_3])
only_7_3 = get_decorator(is_async=True, api_versions=[ApiVersion.V7_3])
logging_enabled = get_decorator(is_async=True, logging_enable=True)
logging_disabled = get_decorator(is_async=True, logging_enable=False)

# used for logging tests
class MockHandler(logging.Handler):
    def __init__(self):
        super(MockHandler, self).__init__()
        self.messages = []

    def emit(self, record):
        self.messages.append(record)