# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ import asyncio import pytest from _shared.test_case_async import KeyVaultTestCase from _test_case import AdministrationTestCase, backup_client_setup, get_decorator all_api_versions = get_decorator(is_async=True) class TestExamplesTests(AdministrationTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): super().__init__(*args, match_body=False, **kwargs) @all_api_versions() @backup_client_setup async def test_example_backup_and_restore(self, client): if self.is_live: pytest.skip("SAS token failures are causing sev2 alerts for service team") backup_client = client container_uri = self.container_uri sas_token = self.sas_token # [START begin_backup] # begin a vault backup
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------- from __future__ import print_function import time import pytest from devtools_testutils import recorded_by_proxy from _shared.test_case import KeyVaultTestCase from _test_case import SecretsClientPreparer, get_decorator all_api_versions = get_decorator() def print(*args): assert all(arg is not None for arg in args) def test_create_secret_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_secret_client] from azure.identity import DefaultAzureCredential from azure.keyvault.secrets import SecretClient # Create a SecretClient using default Azure credentials credential = DefaultAzureCredential() secret_client = SecretClient(vault_url, credential)
from azure.keyvault.keys.crypto._key_validity import _UTC from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider from azure.keyvault.keys.crypto.aio import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm from azure.mgmt.keyvault.models import KeyPermissions, Permissions import pytest from _shared.helpers_async import get_completed_future from _shared.json_attribute_matcher import json_attribute_matcher from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase # without keys/get, a CryptographyClient created with a key ID performs all ops remotely NO_GET = Permissions( keys=[p.value for p in KeyPermissions if p.value != "get"]) all_api_versions = get_decorator(is_async=True) hsm_only = get_decorator(hsm_only=True, is_async=True) no_get = get_decorator(is_async=True, permissions=NO_GET) class CryptoClientTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): super().__init__(*args, match_body=False, custom_request_matchers=[json_attribute_matcher], **kwargs) plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd" iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec") aad = b"test"
from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.keyvault.keys import ( ApiVersion, JsonWebKey, KeyClient, KeyReleasePolicy, KeyRotationLifetimeAction, KeyRotationPolicyAction, ) import pytest from six import byte2int from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, is_public_cloud, KeysTestCase all_api_versions = get_decorator() only_hsm = get_decorator(only_hsm=True) only_hsm_7_3_preview = get_decorator(only_hsm=True, api_versions=[ApiVersion.V7_3_PREVIEW]) only_vault_7_3_preview = get_decorator(only_vault=True, api_versions=[ApiVersion.V7_3_PREVIEW]) only_7_3_preview = get_decorator(api_versions=[ApiVersion.V7_3_PREVIEW]) logging_enabled = get_decorator(logging_enable=True) logging_disabled = get_decorator(logging_enable=False) def _assert_rotation_policies_equal(p1, p2): assert p1.id == p2.id assert p1.expires_in == p2.expires_in assert p1.created_on == p2.created_on assert p1.updated_on == p2.updated_on
from azure.keyvault.keys import JsonWebKey, KeyCurveName, KeyOperation, KeyVaultKey from azure.keyvault.keys.crypto import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm from azure.keyvault.keys.crypto._key_validity import _UTC from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider from azure.mgmt.keyvault.models import KeyPermissions, Permissions import pytest from _shared.json_attribute_matcher import json_attribute_matcher from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase # without keys/get, a CryptographyClient created with a key ID performs all ops remotely NO_GET = Permissions( keys=[p.value for p in KeyPermissions if p.value != "get"]) all_api_versions = get_decorator() hsm_only = get_decorator(hsm_only=True) no_get = get_decorator(permissions=NO_GET) class CryptoClientTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): kwargs["match_body"] = False kwargs["custom_request_matchers"] = [json_attribute_matcher] super(CryptoClientTests, self).__init__(*args, **kwargs) plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd" iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec") aad = b"test" def _create_rsa_key(self, client, key_name, **kwargs):
from azure.keyvault.keys import ApiVersion, JsonWebKey, KeyCurveName, KeyOperation, KeyVaultKey from azure.keyvault.keys.crypto import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm from azure.keyvault.keys.crypto._key_validity import _UTC from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider from azure.mgmt.keyvault.models import KeyPermissions, Permissions import pytest from _shared.json_attribute_matcher import json_attribute_matcher from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase # without keys/get, a CryptographyClient created with a key ID performs all ops remotely NO_GET = Permissions( keys=[p.value for p in KeyPermissions if p.value != "get"]) all_api_versions = get_decorator() only_hsm = get_decorator(only_hsm=True) no_get = get_decorator(permissions=NO_GET) class CryptoClientTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): kwargs["match_body"] = False kwargs["custom_request_matchers"] = [json_attribute_matcher] super(CryptoClientTests, self).__init__(*args, **kwargs) plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd" iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec") aad = b"test" def _create_rsa_key(self, client, key_name, **kwargs):
# ------------------------------------ from __future__ import print_function import time from azure.keyvault.certificates import ( ApiVersion, CertificatePolicy, CertificateContentType, WellKnownIssuerNames, ) from parameterized import parameterized, param from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, CertificatesTestCase all_api_versions = get_decorator() exclude_2016_10_01 = get_decorator( api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01]) def print(*args): assert all(arg is not None for arg in args) def test_create_certificate_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_certificate_client] from azure.identity import DefaultAzureCredential from azure.keyvault.certificates import CertificateClient
# ------------------------------------ import functools from dateutil import parser as date_parse import time import logging import json from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.keyvault.secrets import SecretClient from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, SecretsTestCase all_api_versions = get_decorator() logging_enabled = get_decorator(logging_enable=True) logging_disabled = get_decorator(logging_enable=False) # used for logging tests class MockHandler(logging.Handler): def __init__(self): super(MockHandler, self).__init__() self.messages = [] def emit(self, record): self.messages.append(record) class SecretClientTests(SecretsTestCase, KeyVaultTestCase):
from azure.core.exceptions import ServiceRequestError from azure.core.pipeline import Pipeline from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.core.pipeline.transport import HttpRequest from azure.identity import ClientSecretCredential from azure.keyvault.keys import KeyClient from azure.keyvault.keys._shared import ChallengeAuthPolicy, HttpChallenge, HttpChallengeCache from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION import pytest from _shared.helpers import mock_response, Request, validating_transport from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase only_default_version = get_decorator(api_versions=[DEFAULT_VERSION]) class ChallengeAuthTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): super(ChallengeAuthTests, self).__init__(*args, match_body=False, **kwargs) @only_default_version() @client_setup def test_multitenant_authentication(self, client, is_hsm, **kwargs): if not self.is_live: pytest.skip("This test is incompatible with vcrpy in playback") client_id = os.environ.get("KEYVAULT_CLIENT_ID")
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ import asyncio from azure.keyvault.certificates import ApiVersion, CertificatePolicy, CertificateContentType, WellKnownIssuerNames import pytest from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, CertificatesTestCase all_api_versions = get_decorator(is_async=True) exclude_2016_10_01 = get_decorator( is_async=True, api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01]) def print(*args): assert all(arg is not None for arg in args) @pytest.mark.asyncio async def test_create_certificate(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_certificate_client] from azure.identity.aio import DefaultAzureCredential from azure.keyvault.certificates.aio import CertificateClient # Create a KeyVaultCertificate using default Azure credentials
from dateutil import parser as date_parse import functools import json import logging from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.keyvault.keys import ApiVersion, JsonWebKey, KeyReleasePolicy from azure.keyvault.keys.aio import KeyClient import pytest from six import byte2int from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, KeysTestCase all_api_versions = get_decorator(is_async=True) only_hsm = get_decorator(only_hsm=True, is_async=True) only_hsm_7_3_preview = get_decorator(only_hsm=True, is_async=True, api_versions=[ApiVersion.V7_3_PREVIEW]) logging_enabled = get_decorator(is_async=True, logging_enable=True) logging_disabled = get_decorator(is_async=True, logging_enable=False) # used for logging tests class MockHandler(logging.Handler): def __init__(self): super(MockHandler, self).__init__() self.messages = [] def emit(self, record):
from azure.core.pipeline import AsyncPipeline from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.core.pipeline.transport import HttpRequest from azure.identity.aio import ClientSecretCredential from azure.keyvault.keys.aio import KeyClient from azure.keyvault.keys._shared import AsyncChallengeAuthPolicy, HttpChallenge, HttpChallengeCache from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION import pytest from _shared.helpers import mock_response, Request from _shared.helpers_async import async_validating_transport from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase from test_challenge_auth import empty_challenge_cache, get_random_url only_default_version = get_decorator(is_async=True, api_versions=[DEFAULT_VERSION]) class ChallengeAuthTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): super().__init__(*args, match_body=False, **kwargs) @only_default_version() @client_setup async def test_multitenant_authentication(self, client, is_hsm, **kwargs): if not self.is_live: pytest.skip("This test is incompatible with vcrpy in playback") client_id = os.environ.get("KEYVAULT_CLIENT_ID") client_secret = os.environ.get("KEYVAULT_CLIENT_SECRET") if not (client_id and client_secret):
from azure.keyvault.keys.crypto._key_validity import _UTC from azure.keyvault.keys.crypto._providers import NoLocalCryptography, get_local_cryptography_provider from azure.keyvault.keys.crypto.aio import CryptographyClient, EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm from azure.mgmt.keyvault.models import KeyPermissions, Permissions import pytest from _shared.helpers_async import get_completed_future from _shared.json_attribute_matcher import json_attribute_matcher from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase # without keys/get, a CryptographyClient created with a key ID performs all ops remotely NO_GET = Permissions(keys=[p.value for p in KeyPermissions if p.value != "get"]) all_api_versions = get_decorator(is_async=True) only_hsm = get_decorator(only_hsm=True, is_async=True) no_get = get_decorator(is_async=True, permissions=NO_GET) class CryptoClientTests(KeysTestCase, KeyVaultTestCase): def __init__(self, *args, **kwargs): super().__init__(*args, match_body=False, custom_request_matchers=[json_attribute_matcher], **kwargs) plaintext = b"5063e6aaa845f150200547944fd199679c98ed6f99da0a0b2dafeaf1f4684496fd532c1c229968cb9dee44957fcef7ccef59ceda0b362e56bcd78fd3faee5781c623c0bb22b35beabde0664fd30e0e824aba3dd1b0afffc4a3d955ede20cf6a854d52cfd" iv = codecs.decode("89b8adbfb07345e3598932a09c517441", "hex_codec") aad = b"test" async def _create_rsa_key(self, client, key_name, **kwargs): key_ops = ["encrypt", "decrypt", "sign", "verify", "wrapKey", "unwrapKey"] hsm = kwargs.get("hardware_protected") or False
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ import asyncio import os from azure.keyvault.keys import KeyType import pytest from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase all_api_versions = get_decorator(is_async=True, only_vault=True) only_hsm = get_decorator(only_hsm=True, is_async=True) def print(*args): assert all(arg is not None for arg in args) @pytest.mark.asyncio async def test_create_key_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_key_client] from azure.identity.aio import DefaultAzureCredential from azure.keyvault.keys.aio import KeyClient # Create a KeyClient using default Azure credentials
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ from __future__ import print_function import time from azure.keyvault.keys import KeyType from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase all_api_versions = get_decorator(vault_only=True) def print(*args): assert all(arg is not None for arg in args) def test_create_key_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_key_client] from azure.identity import DefaultAzureCredential from azure.keyvault.keys import KeyClient # Create a KeyClient using default Azure credentials credential = DefaultAzureCredential() key_client = KeyClient(vault_url, credential) # [END create_key_client]
import codecs from dateutil import parser as date_parse import functools import json import logging from azure.core.exceptions import ResourceExistsError, ResourceNotFoundError from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.keyvault.keys import JsonWebKey from azure.keyvault.keys.aio import KeyClient from six import byte2int from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase all_api_versions = get_decorator(is_async=True) hsm_only = get_decorator(hsm_only=True, is_async=True) logging_enabled = get_decorator(is_async=True, logging_enable=True) logging_disabled = get_decorator(is_async=True, logging_enable=False) # used for logging tests class MockHandler(logging.Handler): def __init__(self): super(MockHandler, self).__init__() self.messages = [] def emit(self, record): self.messages.append(record)
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ from __future__ import print_function import time import os import pytest from azure.keyvault.keys import KeyType from _shared.test_case import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase all_api_versions = get_decorator(only_vault=True) only_hsm = get_decorator(only_hsm=True) def print(*args): assert all(arg is not None for arg in args) def test_create_key_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_key_client] from azure.identity import DefaultAzureCredential from azure.keyvault.keys import KeyClient # Create a KeyClient using default Azure credentials credential = DefaultAzureCredential()
from azure.core.pipeline.policies import SansIOHTTPPolicy from azure_devtools.scenario_tests import RecordingProcessor from azure.keyvault.certificates import ( AdministratorContact, ApiVersion, CertificateContact, CertificatePolicyAction, CertificatePolicy, KeyType, KeyCurveName, KeyUsageType, KeyVaultCertificateIdentifier, CertificateContentType, LifetimeAction, CertificateIssuer, IssuerProperties, WellKnownIssuerNames) from azure.keyvault.certificates.aio import CertificateClient from azure.keyvault.certificates._client import NO_SAN_OR_SUBJECT import pytest from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, CertificatesTestCase from test_certificates_client import CERT_CONTENT_PASSWORD_ENCODED, CERT_CONTENT_NOT_PASSWORD_ENCODED all_api_versions = get_decorator(is_async=True) logging_enabled = get_decorator(is_async=True, logging_enable=True) logging_disabled = get_decorator(is_async=True, logging_enable=False) exclude_2016_10_01 = get_decorator( is_async=True, api_versions=[v for v in ApiVersion if v != ApiVersion.V2016_10_01]) only_2016_10_01 = get_decorator(is_async=True, api_versions=[ApiVersion.V2016_10_01]) class RetryAfterReplacer(RecordingProcessor): """Replace the retry after wait time in the replay process to 0.""" def process_response(self, response): if "retry-after" in response["headers"]: response["headers"]["retry-after"] = "0" return response
# ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # ------------------------------------ import asyncio from azure.keyvault.keys import KeyType import pytest from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_decorator, KeysTestCase all_api_versions = get_decorator(is_async=True, vault_only=True) def print(*args): assert all(arg is not None for arg in args) @pytest.mark.asyncio async def test_create_key_client(): vault_url = "vault_url" # pylint:disable=unused-variable # [START create_key_client] from azure.identity.aio import DefaultAzureCredential from azure.keyvault.keys.aio import KeyClient # Create a KeyClient using default Azure credentials credential = DefaultAzureCredential() key_client = KeyClient(vault_url, credential)
JsonWebKey, KeyReleasePolicy, KeyRotationLifetimeAction, KeyRotationPolicy, KeyRotationPolicyAction, ) from azure.keyvault.keys.aio import KeyClient import pytest from six import byte2int from _shared.test_case_async import KeyVaultTestCase from _test_case import client_setup, get_attestation_token, get_decorator, get_release_policy, is_public_cloud, KeysTestCase from test_key_client import _assert_lifetime_actions_equal, _assert_rotation_policies_equal all_api_versions = get_decorator(is_async=True) only_hsm = get_decorator(only_hsm=True, is_async=True) only_hsm_7_3 = get_decorator(only_hsm=True, is_async=True, api_versions=[ApiVersion.V7_3]) only_vault_7_3 = get_decorator(only_vault=True, is_async=True, api_versions=[ApiVersion.V7_3]) only_7_3 = get_decorator(is_async=True, api_versions=[ApiVersion.V7_3]) logging_enabled = get_decorator(is_async=True, logging_enable=True) logging_disabled = get_decorator(is_async=True, logging_enable=False) # used for logging tests class MockHandler(logging.Handler): def __init__(self): super(MockHandler, self).__init__() self.messages = [] def emit(self, record): self.messages.append(record)