def test_recover_and_purge(self, client, **kwargs):
certs = {}
# create certificates to recover
for i in range(self.list_test_size):
cert_name = self.get_resource_name("certrec{}".format(str(i)))
certs[cert_name] = self._import_common_certificate(
client=client, cert_name=cert_name)
# create certificates to purge
for i in range(self.list_test_size):
cert_name = self.get_resource_name("certprg{}".format(str(i)))
certs[cert_name] = self._import_common_certificate(
client=client, cert_name=cert_name)
# delete all certificates
for cert_name in certs.keys():
client.begin_delete_certificate(certificate_name=cert_name).wait()
# validate all our deleted certificates are returned by list_deleted_certificates
deleted = [
parse_key_vault_certificate_id(source_id=c.id).name
for c in client.list_deleted_certificates()
]
self.assertTrue(all(c in deleted for c in certs.keys()))
# recover select certificates (test resources have a "livekvtest" prefix)
for certificate_name in [
c for c in certs.keys() if c.startswith("livekvtestcertrec")
]:
client.begin_recover_deleted_certificate(
certificate_name=certificate_name).wait()
# purge select certificates
for certificate_name in [
c for c in certs.keys() if c.startswith("livekvtestcertprg")
]:
client.purge_deleted_certificate(certificate_name)
if not self.is_playback():
time.sleep(50)
# validate none of our deleted certificates are returned by list_deleted_certificates
deleted = [
parse_key_vault_certificate_id(source_id=c.id).name
for c in client.list_deleted_certificates()
]
self.assertTrue(not any(c in deleted for c in certs.keys()))
# validate the recovered certificates
expected = {
k: v
for k, v in certs.items() if k.startswith("livekvtestcertrec")
}
actual = {
k: client.get_certificate_version(certificate_name=k, version="")
for k in expected.keys()
}
self.assertEqual(len(set(expected.keys()) & set(actual.keys())),
len(expected))
def _validate_certificate_operation(self, pending_cert_operation, vault, cert_name, original_cert_policy):
self.assertIsNotNone(pending_cert_operation)
self.assertIsNotNone(pending_cert_operation.csr)
self.assertEqual(original_cert_policy.issuer_name, pending_cert_operation.issuer_name)
pending_id = parse_key_vault_certificate_id(pending_cert_operation.id)
self.assertEqual(pending_id.vault_url.strip("/"), vault.strip("/"))
self.assertEqual(pending_id.name, cert_name)
def test_parse_certificate_id_with_pending_version():
source_id = "https://keyvault-name.vault.azure.net/certificates/certificate-name/pending"
parsed_certificate_id = parse_key_vault_certificate_id(source_id)
assert parsed_certificate_id.name == "certificate-name"
assert parsed_certificate_id.vault_url == "https://keyvault-name.vault.azure.net"
assert parsed_certificate_id.version == "pending"
assert (
parsed_certificate_id.source_id == "https://keyvault-name.vault.azure.net/certificates/certificate-name/pending"
)
def test_parse_deleted_certificate_id():
source_id = "https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate"
parsed_certificate_id = parse_key_vault_certificate_id(source_id)
assert parsed_certificate_id.name == "deleted-certificate"
assert parsed_certificate_id.vault_url == "https://keyvault-name.vault.azure.net"
assert parsed_certificate_id.version is None
assert (
parsed_certificate_id.source_id ==
"https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate"
)
def test_parse_deleted_certificate_id(self):
source_id = "https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate"
parsed_certificate_id = parse_key_vault_certificate_id(source_id)
self.assertEqual(parsed_certificate_id.name, "deleted-certificate")
self.assertEqual(parsed_certificate_id.vault_url,
"https://keyvault-name.vault.azure.net")
self.assertIsNone(parsed_certificate_id.version)
self.assertEqual(
parsed_certificate_id.source_id,
"https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate",
)
def test_parse_certificate_id_with_pending_version(self):
source_id = "https://keyvault-name.vault.azure.net/certificates/certificate-name/pending"
parsed_certificate_id = parse_key_vault_certificate_id(source_id)
self.assertEqual(parsed_certificate_id.name, "certificate-name")
self.assertEqual(parsed_certificate_id.vault_url,
"https://keyvault-name.vault.azure.net")
self.assertEqual(parsed_certificate_id.version, "pending")
self.assertEqual(
parsed_certificate_id.source_id,
"https://keyvault-name.vault.azure.net/certificates/certificate-name/pending",
)
def test_parse_certificate_id_with_version(self, client):
cert_name = self.get_resource_name("cert")
# create certificate
certificate = client.begin_create_certificate(
cert_name, CertificatePolicy.get_default()).result()
# [START parse_key_vault_certificate_id]
cert = client.get_certificate(cert_name)
parsed_certificate_id = parse_key_vault_certificate_id(cert.id)
print(parsed_certificate_id.name)
print(parsed_certificate_id.vault_url)
print(parsed_certificate_id.version)
print(parsed_certificate_id.source_id)
# [END parse_key_vault_certificate_id]
assert parsed_certificate_id.name == cert_name
assert parsed_certificate_id.vault_url == client.vault_url
assert parsed_certificate_id.version == cert.properties.version
assert parsed_certificate_id.source_id == cert.id
