async def run_sample():
# Instantiate a certificate client that will be used to call the service.
# Notice that the client is using default Azure credentials.
# To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
# 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials.
VAULT_ENDPOINT = os.environ["VAULT_ENDPOINT"]
credential = DefaultAzureCredential()
client = CertificateClient(vault_endpoint=VAULT_ENDPOINT,
credential=credential)
try:
# First we specify the AdministratorDetails for our issuers.
admin_details = [
AdministratorDetails(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# Next we create an issuer with these administrator details
# The name field refers to the name you would like to get the issuer. There are also pre-set names, such as 'Self' and 'Unknown'
await client.create_issuer(name="issuer1",
provider="Test",
account_id="keyvaultuser",
admin_details=admin_details,
enabled=True)
# Now we get this issuer by name
issuer1 = await client.get_issuer(name="issuer1")
print(issuer1.name)
print(issuer1.properties.provider)
print(issuer1.account_id)
for admin_detail in issuer1.admin_details:
print(admin_detail.first_name)
print(admin_detail.last_name)
print(admin_detail.email)
print(admin_detail.phone)
# Now we will list all of the certificate issuers for this key vault. To better demonstrate this, we will first create another issuer.
await client.create_issuer(name="issuer2",
provider="Test",
account_id="keyvaultuser",
enabled=True)
issuers = client.list_issuers()
async for issuer in issuers:
print(issuer.name)
print(issuer.provider)
# Finally, we delete our first issuer by name.
await client.delete_issuer(name="issuer1")
except HttpResponseError as e:
print("\nrun_sample has caught an error. {0}".format(e.message))
finally:
print("\nrun_sample done")
async def test_example_issuers(self, vault_client, **kwargs):
from azure.keyvault.certificates import AdministratorDetails, CertificatePolicy
certificate_client = vault_client.certificates
# [START create_issuer]
# First we specify the AdministratorDetails for a issuer.
admin_details = [
AdministratorDetails(first_name="John", last_name="Doe", email="*****@*****.**", phone="4255555555")
]
issuer = await certificate_client.create_issuer(
name="issuer1", provider="Test", account_id="keyvaultuser", admin_details=admin_details, enabled=True
)
print(issuer.name)
print(issuer.properties.provider)
print(issuer.account_id)
for admin_detail in issuer.admin_details:
print(admin_detail.first_name)
print(admin_detail.last_name)
print(admin_detail.email)
print(admin_detail.phone)
# [END create_issuer]
# [START get_issuer]
issuer = await certificate_client.get_issuer(name="issuer1")
print(issuer.name)
print(issuer.properties.provider)
print(issuer.account_id)
for admin_detail in issuer.admin_details:
print(admin_detail.first_name)
print(admin_detail.last_name)
print(admin_detail.email)
print(admin_detail.phone)
# [END get_issuer]
await certificate_client.create_issuer(name="issuer2", provider="Test", account_id="keyvaultuser", enabled=True)
# [START list_issuers]
issuers = certificate_client.list_issuers()
async for issuer in issuers:
print(issuer.name)
print(issuer.provider)
# [END list_issuers]
# [START delete_issuer]
deleted_issuer = await certificate_client.delete_issuer(name="issuer1")
print(deleted_issuer.name)
print(deleted_issuer.properties.provider)
print(deleted_issuer.account_id)
for admin_detail in deleted_issuer.admin_details:
print(admin_detail.first_name)
print(admin_detail.last_name)
print(admin_detail.email)
print(admin_detail.phone)
async def test_crud_issuer(self, vault_client, **kwargs):
self.assertIsNotNone(vault_client)
client = vault_client.certificates
issuer_name = "issuer"
admin_details = [
AdministratorDetails(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# create certificate issuer
issuer = await client.create_issuer(name=issuer_name,
provider="Test",
account_id="keyvaultuser",
admin_details=admin_details,
enabled=True)
properties = IssuerProperties(issuer_id=client.vault_url +
"/certificates/issuers/" + issuer_name,
provider="Test")
expected = Issuer(properties=properties,
account_id="keyvaultuser",
admin_details=admin_details,
attributes=IssuerAttributes(enabled=True))
self._validate_certificate_issuer(issuer=issuer, expected=expected)
# get certificate issuer
issuer = await client.get_issuer(name=issuer_name)
self._validate_certificate_issuer(issuer=issuer, expected=expected)
# list certificate issuers
await client.create_issuer(name=issuer_name + "2",
provider="Test",
account_id="keyvaultuser2",
admin_details=admin_details,
enabled=True)
expected_base_1 = IssuerProperties(issuer_id=client.vault_url +
"/certificates/issuers/" +
issuer_name,
provider="Test")
expected_base_2 = IssuerProperties(issuer_id=client.vault_url +
"/certificates/issuers/" +
issuer_name + "2",
provider="Test")
expected_issuers = [expected_base_1, expected_base_2]
issuers = client.list_issuers()
async for issuer in issuers:
exp_issuer = next(
(i for i in expected_issuers if i.name == issuer.name), None)
self.assertIsNotNone(exp_issuer)
self._validate_certificate_issuer_properties(issuer=issuer,
expected=exp_issuer)
expected_issuers.remove(exp_issuer)
self.assertEqual(len(expected_issuers), 0)
# update certificate issuer
admin_details = [
AdministratorDetails(first_name="Jane",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
expected = Issuer(properties=properties,
account_id="keyvaultuser",
admin_details=admin_details,
attributes=IssuerAttributes(enabled=True))
issuer = await client.update_issuer(name=issuer_name,
admin_details=admin_details)
self._validate_certificate_issuer(issuer=issuer, expected=expected)
# delete certificate issuer
await client.delete_issuer(name=issuer_name)
# get certificate issuer returns not found
try:
await client.get_issuer(name=issuer_name)
self.fail('Get should fail')
except Exception as ex:
if not hasattr(ex,
'message') or 'not found' not in ex.message.lower():
raise ex
# 5. Delete an issuer (delete_issuer)
# ----------------------------------------------------------------------------------------------------------
# Instantiate a certificate client that will be used to call the service.
# Notice that the client is using default Azure credentials.
# To make default credentials work, ensure that environment variables 'AZURE_CLIENT_ID',
# 'AZURE_CLIENT_SECRET' and 'AZURE_TENANT_ID' are set with the service principal credentials.
VAULT_ENDPOINT = os.environ["VAULT_ENDPOINT"]
credential = DefaultAzureCredential()
client = CertificateClient(vault_endpoint=VAULT_ENDPOINT,
credential=credential)
try:
# First we specify the AdministratorDetails for our issuers.
admin_details = [
AdministratorDetails(first_name="John",
last_name="Doe",
email="*****@*****.**",
phone="4255555555")
]
# Next we create an issuer with these administrator details
# The name field refers to the name you would like to get the issuer. There are also pre-set names, such as 'Self' and 'Unknown'
# The provider for your issuer must exist for your vault location and tenant id.
client.create_issuer(name="issuer1",
provider="Test",
account_id="keyvaultuser",
admin_details=admin_details,
enabled=True)
# Now we get this issuer by name
issuer1 = client.get_issuer(name="issuer1")