def execute(self, *args, **options): # Deferred import, ipaclient.csrgen is expensive to load. # see https://pagure.io/freeipa/issue/7484 from ipaclient import csrgen from ipaclient import csrgen_ffi if 'out' in options: util.check_writable_file(options['out']) principal = options.get('principal') profile_id = options.get('profile_id') if profile_id is None: profile_id = dogtag.DEFAULT_PROFILE public_key_info = options.get('public_key_info') public_key_info = base64.b64decode(public_key_info) if self.api.env.in_server: backend = self.api.Backend.ldap2 else: backend = self.api.Backend.rpcclient if not backend.isconnected(): backend.connect() try: if principal.is_host: principal_obj = api.Command.host_show(principal.hostname, all=True) elif principal.is_service: principal_obj = api.Command.service_show(unicode(principal), all=True) elif principal.is_user: principal_obj = api.Command.user_show(principal.username, all=True) except errors.NotFound: raise errors.NotFound( reason=_("The principal for this request doesn't exist.")) principal_obj = principal_obj['result'] config = api.Command.config_show()['result'] generator = csrgen.CSRGenerator(csrgen.FileRuleProvider()) csr_config = generator.csr_config(principal_obj, config, profile_id) request_info = base64.b64encode( csrgen_ffi.build_requestinfo(csr_config.encode('utf8'), public_key_info)) result = {} if 'out' in options: with open(options['out'], 'wb') as f: f.write(request_info) else: result = dict(request_info=request_info) return dict(result=result)
def generator(): return csrgen.CSRGenerator(csrgen.FileRuleProvider())
def rule_provider(): return csrgen.FileRuleProvider(csr_data_dir=CSR_DATA_DIR)