|
6 | 6 |
|
7 | 7 | Follow our quickstart for examples: https://aka.ms/azsdk/python/dpcodegen/python/customize |
8 | 8 | """ |
9 | | -from typing import List |
| 9 | +from copy import deepcopy |
| 10 | +from enum import Enum |
| 11 | +from typing import Any, List |
| 12 | +from urllib.parse import urlparse |
10 | 13 |
|
11 | | -__all__: List[str] = [] # Add all objects you want publicly available to users at this package level |
| 14 | +from azure.core import CaseInsensitiveEnumMeta |
| 15 | +from azure.core.credentials import TokenCredential |
| 16 | +from azure.core.pipeline.policies import HttpLoggingPolicy |
| 17 | +from azure.core.rest import HttpRequest, HttpResponse |
| 18 | +from azure.core.tracing.decorator import distributed_trace |
| 19 | + |
| 20 | +from ._client import KeyVaultClient |
| 21 | +from ._internal import ChallengeAuthPolicy |
| 22 | +from ._serialization import Serializer |
| 23 | + |
| 24 | +__all__: List[str] = [ |
| 25 | + "SecurityDomainClient", |
| 26 | +] # Add all objects you want publicly available to users at this package level |
| 27 | + |
| 28 | + |
| 29 | +class ApiVersion(str, Enum, metaclass=CaseInsensitiveEnumMeta): |
| 30 | + """Key Vault API versions supported by this package""" |
| 31 | + |
| 32 | + #: this is the default version |
| 33 | + V7_5 = "7.5" |
| 34 | + |
| 35 | + |
| 36 | +DEFAULT_VERSION = ApiVersion.V7_5 |
| 37 | + |
| 38 | +_SERIALIZER = Serializer() |
| 39 | +_SERIALIZER.client_side_validation = False |
| 40 | + |
| 41 | + |
| 42 | +def _format_api_version(request: HttpRequest, api_version: str) -> HttpRequest: |
| 43 | + """Returns a request copy that includes an api-version query parameter if one wasn't originally present. |
| 44 | +
|
| 45 | + :param request: The HTTP request being sent. |
| 46 | + :type request: ~azure.core.rest.HttpRequest |
| 47 | + :param str api_version: The service API version that the request should include. |
| 48 | +
|
| 49 | + :returns: A copy of the request that includes an api-version query parameter. |
| 50 | + :rtype: ~azure.core.rest.HttpRequest |
| 51 | + """ |
| 52 | + request_copy = deepcopy(request) |
| 53 | + params = {"api-version": api_version} # By default, we want to use the client's API version |
| 54 | + query = urlparse(request_copy.url).query |
| 55 | + |
| 56 | + if query: |
| 57 | + request_copy.url = request_copy.url.partition("?")[0] |
| 58 | + existing_params = {p[0]: p[-1] for p in [p.partition("=") for p in query.split("&")]} |
| 59 | + params.update(existing_params) # If an api-version was provided, this will overwrite our default |
| 60 | + |
| 61 | + # Reconstruct the query parameters onto the URL |
| 62 | + query_params = [] |
| 63 | + for k, v in params.items(): |
| 64 | + query_params.append("{}={}".format(k, v)) |
| 65 | + query = "?" + "&".join(query_params) |
| 66 | + request_copy.url = request_copy.url + query |
| 67 | + return request_copy |
| 68 | + |
| 69 | + |
| 70 | +class SecurityDomainClient(KeyVaultClient): |
| 71 | + """Manages the security domain of a Managed HSM. |
| 72 | +
|
| 73 | + :ivar hsm_security_domain: HsmSecurityDomainOperations operations |
| 74 | + :vartype hsm_security_domain: |
| 75 | + azure.keyvault.securitydomain.operations.HsmSecurityDomainOperations |
| 76 | +
|
| 77 | + :param str vault_url: URL of the vault on which the client will operate. This is also called the vault's "DNS Name". |
| 78 | + You should validate that this URL references a valid Key Vault or Managed HSM resource. |
| 79 | + See https://aka.ms/azsdk/blog/vault-uri for details. |
| 80 | + :param credential: An object which can provide an access token for the vault, such as a credential from |
| 81 | + :mod:`azure.identity` |
| 82 | + :type credential: ~azure.core.credentials.TokenCredential |
| 83 | +
|
| 84 | + :keyword str api_version: The API version to use for this operation. Default value is "7.5". Note that overriding |
| 85 | + this default value may result in unsupported behavior. |
| 86 | + :keyword bool verify_challenge_resource: Whether to verify the authentication challenge resource matches the Key |
| 87 | + Vault or Managed HSM domain. Defaults to True. |
| 88 | + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no |
| 89 | + Retry-After header is present. |
| 90 | + """ |
| 91 | + |
| 92 | + def __init__(self, vault_url: str, credential: TokenCredential, **kwargs): |
| 93 | + self.api_version = kwargs.pop("api_version", DEFAULT_VERSION) |
| 94 | + # If API version was provided as an enum value, need to make a plain string for 3.11 compatibility |
| 95 | + if hasattr(self.api_version, "value"): |
| 96 | + self.api_version = self.api_version.value |
| 97 | + self._vault_url = vault_url.strip(" /") |
| 98 | + |
| 99 | + http_logging_policy = HttpLoggingPolicy(**kwargs) |
| 100 | + http_logging_policy.allowed_header_names.update( |
| 101 | + {"x-ms-keyvault-network-info", "x-ms-keyvault-region", "x-ms-keyvault-service-version"} |
| 102 | + ) |
| 103 | + verify_challenge = kwargs.pop("verify_challenge_resource", True) |
| 104 | + super().__init__( |
| 105 | + vault_url, |
| 106 | + credential, |
| 107 | + api_version=self.api_version, |
| 108 | + authentication_policy=ChallengeAuthPolicy(credential, verify_challenge_resource=verify_challenge), |
| 109 | + http_logging_policy=http_logging_policy, |
| 110 | + **kwargs |
| 111 | + ) |
| 112 | + |
| 113 | + @property |
| 114 | + def vault_url(self) -> str: |
| 115 | + return self._vault_url |
| 116 | + |
| 117 | + @distributed_trace |
| 118 | + def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse: |
| 119 | + """Runs a network request using the client's existing pipeline. |
| 120 | +
|
| 121 | + The request URL can be relative to the vault URL. The service API version used for the request is the same as |
| 122 | + the client's unless otherwise specified. This method does not raise if the response is an error; to raise an |
| 123 | + exception, call `raise_for_status()` on the returned response object. For more information about how to send |
| 124 | + custom requests with this method, see https://aka.ms/azsdk/dpcodegen/python/send_request. |
| 125 | +
|
| 126 | + :param request: The network request you want to make. |
| 127 | + :type request: ~azure.core.rest.HttpRequest |
| 128 | +
|
| 129 | + :keyword bool stream: Whether the response payload will be streamed. Defaults to False. |
| 130 | +
|
| 131 | + :return: The response of your network call. Does not do error handling on your response. |
| 132 | + :rtype: ~azure.core.rest.HttpResponse |
| 133 | + """ |
| 134 | + request_copy = _format_api_version(request, self.api_version) |
| 135 | + path_format_arguments = { |
| 136 | + "vaultBaseUrl": _SERIALIZER.url("vault_base_url", self._vault_url, "str", skip_quote=True), |
| 137 | + } |
| 138 | + request_copy.url = self._client._client.format_url(request_copy.url, **path_format_arguments) |
| 139 | + return self._client._client.send_request(request_copy, stream=stream, **kwargs) |
12 | 140 |
|
13 | 141 |
|
14 | 142 | def patch_sdk(): |
|
0 commit comments