async def test_recover_and_purge(self, client, **kwargs):
certs = {}
# create certificates to recover
for i in range(self.list_test_size):
cert_name = self.get_resource_name("certrec{}".format(str(i)))
certs[cert_name] = await self._import_common_certificate(
client=client, cert_name=cert_name)
# create certificates to purge
for i in range(self.list_test_size):
cert_name = self.get_resource_name("certprg{}".format(str(i)))
certs[cert_name] = await self._import_common_certificate(
client=client, cert_name=cert_name)
# delete all certificates
for cert_name in certs.keys():
await client.delete_certificate(certificate_name=cert_name)
# validate all our deleted certificates are returned by list_deleted_certificates
deleted_certificates = client.list_deleted_certificates()
deleted = []
async for c in deleted_certificates:
deleted.append(KeyVaultCertificateIdentifier(source_id=c.id).name)
self.assertTrue(all(c in deleted for c in certs.keys()))
# recover select certificates (test resources have a "livekvtest" prefix)
for certificate_name in [
c for c in certs.keys() if c.startswith("livekvtestcertrec")
]:
await client.recover_deleted_certificate(
certificate_name=certificate_name)
# purge select certificates
for certificate_name in [
c for c in certs.keys() if c.startswith("livekvtestcertprg")
]:
await client.purge_deleted_certificate(certificate_name)
if not self.is_playback():
await asyncio.sleep(50)
# validate none of our deleted certificates are returned by list_deleted_certificates
deleted_certificates = client.list_deleted_certificates()
deleted = []
async for c in deleted_certificates:
deleted.append(KeyVaultCertificateIdentifier(source_id=c.id).name)
self.assertTrue(not any(c in deleted for c in certs.keys()))
# validate the recovered certificates
expected = {
k: v
for k, v in certs.items() if k.startswith("livekvtestcertrec")
}
actual = {}
for k in expected.keys():
actual[k] = await client.get_certificate_version(
certificate_name=k, version="")
self.assertEqual(len(set(expected.keys()) & set(actual.keys())),
len(expected))
def _validate_certificate_operation(self, pending_cert_operation, vault, cert_name, original_cert_policy):
self.assertIsNotNone(pending_cert_operation)
self.assertIsNotNone(pending_cert_operation.csr)
self.assertEqual(original_cert_policy.issuer_name, pending_cert_operation.issuer_name)
pending_id = KeyVaultCertificateIdentifier(pending_cert_operation.id)
self.assertEqual(pending_id.vault_url.strip("/"), vault.strip("/"))
self.assertEqual(pending_id.name, cert_name)
def test_parse_deleted_certificate_id():
source_id = "https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate"
parsed_certificate_id = KeyVaultCertificateIdentifier(source_id)
assert parsed_certificate_id.name == "deleted-certificate"
assert parsed_certificate_id.vault_url == "https://keyvault-name.vault.azure.net"
assert parsed_certificate_id.version is None
assert (
parsed_certificate_id.source_id ==
"https://keyvault-name.vault.azure.net/deletedcertificates/deleted-certificate"
)
def test_parse_certificate_id_with_pending_version():
source_id = "https://keyvault-name.vault.azure.net/certificates/certificate-name/pending"
parsed_certificate_id = KeyVaultCertificateIdentifier(source_id)
assert parsed_certificate_id.name == "certificate-name"
assert parsed_certificate_id.vault_url == "https://keyvault-name.vault.azure.net"
assert parsed_certificate_id.version == "pending"
assert (
parsed_certificate_id.source_id ==
"https://keyvault-name.vault.azure.net/certificates/certificate-name/pending"
)
def test_parse_certificate_id_with_version(self, azure_keyvault_url):
client = self.create_client(azure_keyvault_url)
cert_name = self.get_resource_name("cert")
# create certificate
certificate = client.begin_create_certificate(
cert_name, CertificatePolicy.get_default()).result()
# [START parse_key_vault_certificate_id]
cert = client.get_certificate(cert_name)
parsed_certificate_id = KeyVaultCertificateIdentifier(cert.id)
print(parsed_certificate_id.name)
print(parsed_certificate_id.vault_url)
print(parsed_certificate_id.version)
print(parsed_certificate_id.source_id)
# [END parse_key_vault_certificate_id]
assert parsed_certificate_id.name == cert_name
assert parsed_certificate_id.vault_url == client.vault_url
assert parsed_certificate_id.version == cert.properties.version
assert parsed_certificate_id.source_id == cert.id