diff --git a/sdk/keyvault/azure-keyvault-keys/MANIFEST.in b/sdk/keyvault/azure-keyvault-keys/MANIFEST.in index d4688a08c24e..7696bd6b2f38 100644 --- a/sdk/keyvault/azure-keyvault-keys/MANIFEST.in +++ b/sdk/keyvault/azure-keyvault-keys/MANIFEST.in @@ -1,7 +1,8 @@ include *.md include LICENSE -include azure/keyvault/keys/py.typed +include azure/keyvault/keys/_generated/py.typed recursive-include tests *.py recursive-include samples *.py *.md include azure/__init__.py include azure/keyvault/__init__.py +include azure/keyvault/keys/__init__.py diff --git a/sdk/keyvault/azure-keyvault-keys/_metadata.json b/sdk/keyvault/azure-keyvault-keys/_metadata.json new file mode 100644 index 000000000000..63b06472591f --- /dev/null +++ b/sdk/keyvault/azure-keyvault-keys/_metadata.json @@ -0,0 +1,3 @@ +{ + "apiVersion": "2025-06-01-preview" +} \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-keys/apiview-properties.json b/sdk/keyvault/azure-keyvault-keys/apiview-properties.json new file mode 100644 index 000000000000..2fbacff777a3 --- /dev/null +++ b/sdk/keyvault/azure-keyvault-keys/apiview-properties.json @@ -0,0 +1,92 @@ +{ + "CrossLanguagePackageId": "KeyVault", + "CrossLanguageDefinitionId": { + "azure.keyvault.keys._generated.models.BackupKeyResult": "KeyVault.BackupKeyResult", + "azure.keyvault.keys._generated.models.DeletedKeyBundle": "KeyVault.DeletedKeyBundle", + "azure.keyvault.keys._generated.models.DeletedKeyItem": "KeyVault.DeletedKeyItem", + "azure.keyvault.keys._generated.models.GetRandomBytesRequest": "KeyVault.GetRandomBytesRequest", + "azure.keyvault.keys._generated.models.JsonWebKey": "KeyVault.JsonWebKey", + "azure.keyvault.keys._generated.models.KeyAttestation": "KeyVault.KeyAttestation", + "azure.keyvault.keys._generated.models.KeyAttributes": "KeyVault.KeyAttributes", + "azure.keyvault.keys._generated.models.KeyBundle": "KeyVault.KeyBundle", + "azure.keyvault.keys._generated.models.KeyCreateParameters": "KeyVault.KeyCreateParameters", + "azure.keyvault.keys._generated.models.KeyImportParameters": "KeyVault.KeyImportParameters", + "azure.keyvault.keys._generated.models.KeyItem": "KeyVault.KeyItem", + "azure.keyvault.keys._generated.models.KeyOperationResult": "KeyVault.KeyOperationResult", + "azure.keyvault.keys._generated.models.KeyOperationsParameters": "KeyVault.KeyOperationsParameters", + "azure.keyvault.keys._generated.models.KeyReleaseParameters": "KeyVault.KeyReleaseParameters", + "azure.keyvault.keys._generated.models.KeyReleasePolicy": "KeyVault.KeyReleasePolicy", + "azure.keyvault.keys._generated.models.KeyReleaseResult": "KeyVault.KeyReleaseResult", + "azure.keyvault.keys._generated.models.KeyRestoreParameters": "KeyVault.KeyRestoreParameters", + "azure.keyvault.keys._generated.models.KeyRotationPolicy": "KeyVault.KeyRotationPolicy", + "azure.keyvault.keys._generated.models.KeyRotationPolicyAttributes": "KeyVault.KeyRotationPolicyAttributes", + "azure.keyvault.keys._generated.models.KeySignParameters": "KeyVault.KeySignParameters", + "azure.keyvault.keys._generated.models.KeyUpdateParameters": "KeyVault.KeyUpdateParameters", + "azure.keyvault.keys._generated.models.KeyVaultError": "KeyVaultError", + "azure.keyvault.keys._generated.models.KeyVaultErrorError": "KeyVaultError.error.anonymous", + "azure.keyvault.keys._generated.models.KeyVerifyParameters": "KeyVault.KeyVerifyParameters", + "azure.keyvault.keys._generated.models.KeyVerifyResult": "KeyVault.KeyVerifyResult", + "azure.keyvault.keys._generated.models.LifetimeActions": "KeyVault.LifetimeActions", + "azure.keyvault.keys._generated.models.LifetimeActionsTrigger": "KeyVault.LifetimeActionsTrigger", + "azure.keyvault.keys._generated.models.LifetimeActionsType": "KeyVault.LifetimeActionsType", + "azure.keyvault.keys._generated.models.RandomBytes": "KeyVault.RandomBytes", + "azure.keyvault.keys._generated.models.JsonWebKeyType": "KeyVault.JsonWebKeyType", + "azure.keyvault.keys._generated.models.JsonWebKeyCurveName": "KeyVault.JsonWebKeyCurveName", + "azure.keyvault.keys._generated.models.DeletionRecoveryLevel": "KeyVault.DeletionRecoveryLevel", + "azure.keyvault.keys._generated.models.JsonWebKeyOperation": "KeyVault.JsonWebKeyOperation", + "azure.keyvault.keys._generated.models.JsonWebKeyEncryptionAlgorithm": "KeyVault.JsonWebKeyEncryptionAlgorithm", + "azure.keyvault.keys._generated.models.JsonWebKeySignatureAlgorithm": "KeyVault.JsonWebKeySignatureAlgorithm", + "azure.keyvault.keys._generated.models.KeyEncryptionAlgorithm": "KeyVault.KeyEncryptionAlgorithm", + "azure.keyvault.keys._generated.models.KeyRotationPolicyAction": "KeyVault.KeyRotationPolicyAction", + "azure.keyvault.keys._generated.KeyVaultClient.create_key": "KeyVault.createKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.create_key": "KeyVault.createKey", + "azure.keyvault.keys._generated.KeyVaultClient.rotate_key": "KeyVault.rotateKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.rotate_key": "KeyVault.rotateKey", + "azure.keyvault.keys._generated.KeyVaultClient.import_key": "KeyVault.importKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.import_key": "KeyVault.importKey", + "azure.keyvault.keys._generated.KeyVaultClient.delete_key": "KeyVault.deleteKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.delete_key": "KeyVault.deleteKey", + "azure.keyvault.keys._generated.KeyVaultClient.update_key": "KeyVault.updateKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.update_key": "KeyVault.updateKey", + "azure.keyvault.keys._generated.KeyVaultClient.get_key": "KeyVault.getKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_key": "KeyVault.getKey", + "azure.keyvault.keys._generated.KeyVaultClient.get_key_versions": "KeyVault.getKeyVersions", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_key_versions": "KeyVault.getKeyVersions", + "azure.keyvault.keys._generated.KeyVaultClient.get_keys": "KeyVault.getKeys", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_keys": "KeyVault.getKeys", + "azure.keyvault.keys._generated.KeyVaultClient.backup_key": "KeyVault.backupKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.backup_key": "KeyVault.backupKey", + "azure.keyvault.keys._generated.KeyVaultClient.restore_key": "KeyVault.restoreKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.restore_key": "KeyVault.restoreKey", + "azure.keyvault.keys._generated.KeyVaultClient.encrypt": "KeyVault.encrypt", + "azure.keyvault.keys._generated.aio.KeyVaultClient.encrypt": "KeyVault.encrypt", + "azure.keyvault.keys._generated.KeyVaultClient.decrypt": "KeyVault.decrypt", + "azure.keyvault.keys._generated.aio.KeyVaultClient.decrypt": "KeyVault.decrypt", + "azure.keyvault.keys._generated.KeyVaultClient.sign": "KeyVault.sign", + "azure.keyvault.keys._generated.aio.KeyVaultClient.sign": "KeyVault.sign", + "azure.keyvault.keys._generated.KeyVaultClient.verify": "KeyVault.verify", + "azure.keyvault.keys._generated.aio.KeyVaultClient.verify": "KeyVault.verify", + "azure.keyvault.keys._generated.KeyVaultClient.wrap_key": "KeyVault.wrapKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.wrap_key": "KeyVault.wrapKey", + "azure.keyvault.keys._generated.KeyVaultClient.unwrap_key": "KeyVault.unwrapKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.unwrap_key": "KeyVault.unwrapKey", + "azure.keyvault.keys._generated.KeyVaultClient.release": "KeyVault.release", + "azure.keyvault.keys._generated.aio.KeyVaultClient.release": "KeyVault.release", + "azure.keyvault.keys._generated.KeyVaultClient.get_deleted_keys": "KeyVault.getDeletedKeys", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_deleted_keys": "KeyVault.getDeletedKeys", + "azure.keyvault.keys._generated.KeyVaultClient.get_deleted_key": "KeyVault.getDeletedKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_deleted_key": "KeyVault.getDeletedKey", + "azure.keyvault.keys._generated.KeyVaultClient.purge_deleted_key": "KeyVault.purgeDeletedKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.purge_deleted_key": "KeyVault.purgeDeletedKey", + "azure.keyvault.keys._generated.KeyVaultClient.recover_deleted_key": "KeyVault.recoverDeletedKey", + "azure.keyvault.keys._generated.aio.KeyVaultClient.recover_deleted_key": "KeyVault.recoverDeletedKey", + "azure.keyvault.keys._generated.KeyVaultClient.get_key_rotation_policy": "KeyVault.getKeyRotationPolicy", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_key_rotation_policy": "KeyVault.getKeyRotationPolicy", + "azure.keyvault.keys._generated.KeyVaultClient.update_key_rotation_policy": "KeyVault.updateKeyRotationPolicy", + "azure.keyvault.keys._generated.aio.KeyVaultClient.update_key_rotation_policy": "KeyVault.updateKeyRotationPolicy", + "azure.keyvault.keys._generated.KeyVaultClient.get_random_bytes": "KeyVault.getRandomBytes", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_random_bytes": "KeyVault.getRandomBytes", + "azure.keyvault.keys._generated.KeyVaultClient.get_key_attestation": "KeyVault.getKeyAttestation", + "azure.keyvault.keys._generated.aio.KeyVaultClient.get_key_attestation": "KeyVault.getKeyAttestation" + } +} \ No newline at end of file diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_client.py index 6ab95a316bd7..d54c2457648e 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_client.py @@ -1,3 +1,4 @@ +# pylint: disable=too-many-lines # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -78,12 +79,12 @@ def _get_attributes( return None def get_cryptography_client( - self, - key_name: str, - *, - key_version: Optional[str] = None, - **kwargs, # pylint: disable=unused-argument - ) -> CryptographyClient: + self, + key_name: str, + *, + key_version: Optional[str] = None, + **kwargs, # pylint: disable=unused-argument + ) -> CryptographyClient: """Gets a :class:`~azure.keyvault.keys.crypto.CryptographyClient` for the given key. :param str key_name: The name of the key used to perform cryptographic operations. @@ -398,7 +399,9 @@ def create_oct_key( ) @distributed_trace - def begin_delete_key(self, name: str, **kwargs: Any) -> LROPoller[DeletedKey]: # pylint:disable=bad-option-value,delete-operation-wrong-return-type + def begin_delete_key( + self, name: str, **kwargs: Any + ) -> LROPoller[DeletedKey]: # pylint:disable=bad-option-value,delete-operation-wrong-return-type """Delete all versions of a key and its cryptographic material. Requires keys/delete permission. When this method returns Key Vault has begun deleting the key. Deletion may @@ -519,7 +522,7 @@ def list_deleted_keys(self, **kwargs: Any) -> ItemPaged[DeletedKey]: return self._client.get_deleted_keys( maxresults=kwargs.pop("max_page_size", None), cls=lambda objs: [DeletedKey._from_deleted_key_item(x) for x in objs], - **kwargs + **kwargs, ) @distributed_trace @@ -542,7 +545,7 @@ def list_properties_of_keys(self, **kwargs: Any) -> ItemPaged[KeyProperties]: return self._client.get_keys( maxresults=kwargs.pop("max_page_size", None), cls=lambda objs: [KeyProperties._from_key_item(x) for x in objs], - **kwargs + **kwargs, ) @distributed_trace @@ -568,7 +571,7 @@ def list_properties_of_key_versions(self, name: str, **kwargs: Any) -> ItemPaged name, maxresults=kwargs.pop("max_page_size", None), cls=lambda objs: [KeyProperties._from_key_item(x) for x in objs], - **kwargs + **kwargs, ) @distributed_trace @@ -709,9 +712,7 @@ def update_key_properties( release_policy=policy, ) - bundle = self._client.update_key( - name, key_version=version or "", parameters=parameters, **kwargs - ) + bundle = self._client.update_key(name, key_version=version or "", parameters=parameters, **kwargs) return KeyVaultKey._from_key_bundle(bundle) @distributed_trace @@ -770,8 +771,7 @@ def restore_key_backup(self, backup: bytes, **kwargs: Any) -> KeyVaultKey: :dedent: 8 """ bundle = self._client.restore_key( - parameters=self._models.KeyRestoreParameters(key_bundle_backup=backup), - **kwargs + parameters=self._models.KeyRestoreParameters(key_bundle_backup=backup), **kwargs ) return KeyVaultKey._from_key_bundle(bundle) @@ -877,7 +877,7 @@ def release_key( nonce=nonce, enc=algorithm, ), - **kwargs + **kwargs, ) return ReleaseKeyResult(result.value) @@ -988,7 +988,7 @@ def update_key_rotation_policy( # pylint: disable=unused-argument @distributed_trace def get_key_attestation(self, name: str, version: Optional[str] = None, **kwargs: Any) -> KeyVaultKey: """Get a key and its attestation blob. - + This method is applicable to any key stored in Azure Key Vault Managed HSM. This operation requires the keys/get permission. diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_client.py index affcf5d228d3..2971e8a2e32b 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_client.py @@ -15,14 +15,14 @@ from azure.core.rest import HttpRequest, HttpResponse from ._configuration import KeyVaultClientConfiguration -from ._operations import KeyVaultClientOperationsMixin +from ._operations._operations import _KeyVaultClientOperationsMixin from ._utils.serialization import Deserializer, Serializer if TYPE_CHECKING: from azure.core.credentials import TokenCredential -class KeyVaultClient(KeyVaultClientOperationsMixin): +class KeyVaultClient(_KeyVaultClientOperationsMixin): """The key vault client performs cryptographic key operations and vault operations against the Key Vault service. @@ -30,8 +30,9 @@ class KeyVaultClient(KeyVaultClientOperationsMixin): :type vault_base_url: str :param credential: Credential used to authenticate requests to the service. Required. :type credential: ~azure.core.credentials.TokenCredential - :keyword api_version: The API version to use for this operation. Default value is "7.6". Note - that overriding this default value may result in unsupported behavior. + :keyword api_version: The API version to use for this operation. Default value is + "2025-06-01-preview". Note that overriding this default value may result in unsupported + behavior. :paramtype api_version: str """ diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_configuration.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_configuration.py index 8780efd9f643..00f4770da8c1 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_configuration.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_configuration.py @@ -26,13 +26,14 @@ class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attribut :type vault_base_url: str :param credential: Credential used to authenticate requests to the service. Required. :type credential: ~azure.core.credentials.TokenCredential - :keyword api_version: The API version to use for this operation. Default value is "7.6". Note - that overriding this default value may result in unsupported behavior. + :keyword api_version: The API version to use for this operation. Default value is + "2025-06-01-preview". Note that overriding this default value may result in unsupported + behavior. :paramtype api_version: str """ def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None: - api_version: str = kwargs.pop("api_version", "7.6") + api_version: str = kwargs.pop("api_version", "2025-06-01-preview") if vault_base_url is None: raise ValueError("Parameter 'vault_base_url' must not be None.") diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/__init__.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/__init__.py index d514f5e4b5be..933fcd7d1b55 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/__init__.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/__init__.py @@ -12,14 +12,11 @@ if TYPE_CHECKING: from ._patch import * # pylint: disable=unused-wildcard-import -from ._operations import KeyVaultClientOperationsMixin # type: ignore from ._patch import __all__ as _patch_all from ._patch import * from ._patch import patch_sdk as _patch_sdk -__all__ = [ - "KeyVaultClientOperationsMixin", -] +__all__ = [] __all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore _patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/_operations.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/_operations.py index 2acc3fc6df38..c9a7633959c8 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/_operations.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_operations/_operations.py @@ -9,7 +9,7 @@ from collections.abc import MutableMapping from io import IOBase import json -from typing import Any, Callable, Dict, IO, Iterable, List, Optional, TypeVar, Union, overload +from typing import Any, Callable, Dict, IO, List, Optional, TypeVar, Union, overload import urllib.parse from azure.core import PipelineClient @@ -49,7 +49,7 @@ def build_key_vault_create_key_request(key_name: str, **kwargs: Any) -> HttpRequ _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -75,7 +75,7 @@ def build_key_vault_rotate_key_request(key_name: str, **kwargs: Any) -> HttpRequ _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -100,7 +100,7 @@ def build_key_vault_import_key_request(key_name: str, **kwargs: Any) -> HttpRequ _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -126,7 +126,7 @@ def build_key_vault_delete_key_request(key_name: str, **kwargs: Any) -> HttpRequ _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -146,19 +146,21 @@ def build_key_vault_delete_key_request(key_name: str, **kwargs: Any) -> HttpRequ return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_update_key_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_update_key_request( + key_name: str, *, key_version: Optional[str] = None, **kwargs: Any +) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -174,18 +176,18 @@ def build_key_vault_update_key_request(key_name: str, key_version: str, **kwargs return HttpRequest(method="PATCH", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_get_key_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_get_key_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -205,7 +207,7 @@ def build_key_vault_get_key_versions_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -231,7 +233,7 @@ def build_key_vault_get_keys_request(*, maxresults: Optional[int] = None, **kwar _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -252,7 +254,7 @@ def build_key_vault_backup_key_request(key_name: str, **kwargs: Any) -> HttpRequ _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -277,7 +279,7 @@ def build_key_vault_restore_key_request(**kwargs: Any) -> HttpRequest: _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -294,19 +296,19 @@ def build_key_vault_restore_key_request(**kwargs: Any) -> HttpRequest: return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_encrypt_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_encrypt_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/encrypt" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -322,19 +324,19 @@ def build_key_vault_encrypt_request(key_name: str, key_version: str, **kwargs: A return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_decrypt_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_decrypt_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/decrypt" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -350,19 +352,19 @@ def build_key_vault_decrypt_request(key_name: str, key_version: str, **kwargs: A return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_sign_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_sign_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/sign" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -378,19 +380,19 @@ def build_key_vault_sign_request(key_name: str, key_version: str, **kwargs: Any) return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_verify_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_verify_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/verify" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -406,19 +408,19 @@ def build_key_vault_verify_request(key_name: str, key_version: str, **kwargs: An return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_wrap_key_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_wrap_key_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/wrapkey" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -434,19 +436,21 @@ def build_key_vault_wrap_key_request(key_name: str, key_version: str, **kwargs: return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_unwrap_key_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_unwrap_key_request( + key_name: str, *, key_version: Optional[str] = None, **kwargs: Any +) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/unwrapkey" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -462,19 +466,19 @@ def build_key_vault_unwrap_key_request(key_name: str, key_version: str, **kwargs return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) -def build_key_vault_release_request(key_name: str, key_version: str, **kwargs: Any) -> HttpRequest: +def build_key_vault_release_request(key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/release" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -494,7 +498,7 @@ def build_key_vault_get_deleted_keys_request(*, maxresults: Optional[int] = None _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -515,7 +519,7 @@ def build_key_vault_get_deleted_key_request(key_name: str, **kwargs: Any) -> Htt _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -541,7 +545,7 @@ def build_key_vault_purge_deleted_key_request( # pylint: disable=name-too-long _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -567,7 +571,7 @@ def build_key_vault_recover_deleted_key_request( # pylint: disable=name-too-lon _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -593,7 +597,7 @@ def build_key_vault_get_key_rotation_policy_request( # pylint: disable=name-too _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -620,7 +624,7 @@ def build_key_vault_update_key_rotation_policy_request( # pylint: disable=name- _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -647,7 +651,7 @@ def build_key_vault_get_random_bytes_request(**kwargs: Any) -> HttpRequest: _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -665,19 +669,19 @@ def build_key_vault_get_random_bytes_request(**kwargs: Any) -> HttpRequest: def build_key_vault_get_key_attestation_request( # pylint: disable=name-too-long - key_name: str, key_version: str, **kwargs: Any + key_name: str, *, key_version: Optional[str] = None, **kwargs: Any ) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: str = kwargs.pop("api_version", _params.pop("api-version", "7.6")) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2025-06-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL _url = "/keys/{key-name}/{key-version}/attestation" path_format_arguments = { "key-name": _SERIALIZER.url("key_name", key_name, "str"), - "key-version": _SERIALIZER.url("key_version", key_version, "str"), + "key-version": "" if key_version is None else "/" + _SERIALIZER.url("key_version", key_version, "str"), } _url: str = _url.format(**path_format_arguments) # type: ignore @@ -691,7 +695,7 @@ def build_key_vault_get_key_attestation_request( # pylint: disable=name-too-lon return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) -class KeyVaultClientOperationsMixin( # pylint: disable=too-many-public-methods +class _KeyVaultClientOperationsMixin( # pylint: disable=too-many-public-methods ClientMixinABC[PipelineClient[HttpRequest, HttpResponse], KeyVaultClientConfiguration] ): @@ -1167,9 +1171,9 @@ def delete_key(self, key_name: str, **kwargs: Any) -> _models.DeletedKeyBundle: def update_key( self, key_name: str, - key_version: str, parameters: _models.KeyUpdateParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -1182,10 +1186,10 @@ def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyUpdateParameters + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1198,9 +1202,9 @@ def update_key( def update_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -1213,10 +1217,10 @@ def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: JSON + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1229,9 +1233,9 @@ def update_key( def update_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -1244,10 +1248,10 @@ def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1260,8 +1264,9 @@ def update_key( def update_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyUpdateParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyBundle: """The update key operation changes specified attributes of a stored key and can be applied to any @@ -1273,12 +1278,12 @@ def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Is one of the following types: KeyUpdateParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyUpdateParameters or JSON or IO[bytes] + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: @@ -1348,7 +1353,7 @@ def update_key( return deserialized # type: ignore @distributed_trace - def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _models.KeyBundle: + def get_key(self, key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> _models.KeyBundle: """Gets the public part of a stored key. The get key operation is applicable to all key types. If the requested key is symmetric, then @@ -1356,10 +1361,10 @@ def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _models.Key :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. This - URI fragment is optional. If not specified, the latest version of the key is returned. - Required. - :type key_version: str + :keyword key_version: Adding the version parameter retrieves a specific version of a key. This + URI fragment is optional. If not specified, the latest version of the key is returned. Default + value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: @@ -1421,7 +1426,7 @@ def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _models.Key @distributed_trace def get_key_versions( self, key_name: str, *, maxresults: Optional[int] = None, **kwargs: Any - ) -> Iterable["_models.KeyItem"]: + ) -> ItemPaged["_models.KeyItem"]: """Retrieves a list of individual key versions with the same key name. The full key identifier, attributes, and tags are provided in the response. This operation @@ -1514,7 +1519,7 @@ def get_next(next_link=None): return ItemPaged(get_next, extract_data) @distributed_trace - def get_keys(self, *, maxresults: Optional[int] = None, **kwargs: Any) -> Iterable["_models.KeyItem"]: + def get_keys(self, *, maxresults: Optional[int] = None, **kwargs: Any) -> ItemPaged["_models.KeyItem"]: """List keys in the specified vault. Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the @@ -1852,9 +1857,9 @@ def restore_key( def encrypt( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1871,10 +1876,10 @@ def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1887,9 +1892,9 @@ def encrypt( def encrypt( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1906,10 +1911,10 @@ def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1922,9 +1927,9 @@ def encrypt( def encrypt( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1941,10 +1946,10 @@ def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1957,8 +1962,9 @@ def encrypt( def encrypt( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Encrypts an arbitrary sequence of bytes using an encryption key that is stored in a key vault. @@ -1974,12 +1980,12 @@ def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2052,9 +2058,9 @@ def encrypt( def decrypt( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2073,10 +2079,10 @@ def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2089,9 +2095,9 @@ def decrypt( def decrypt( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2110,10 +2116,10 @@ def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2126,9 +2132,9 @@ def decrypt( def decrypt( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2147,10 +2153,10 @@ def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2163,8 +2169,9 @@ def decrypt( def decrypt( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Decrypts a single block of encrypted data. @@ -2182,12 +2189,12 @@ def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2260,9 +2267,9 @@ def decrypt( def sign( self, key_name: str, - key_version: str, parameters: _models.KeySignParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2274,10 +2281,10 @@ def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeySignParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2290,9 +2297,9 @@ def sign( def sign( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2304,10 +2311,10 @@ def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2320,9 +2327,9 @@ def sign( def sign( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2334,10 +2341,10 @@ def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2350,8 +2357,9 @@ def sign( def sign( self, key_name: str, - key_version: str, parameters: Union[_models.KeySignParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Creates a signature from a digest using the specified key. @@ -2362,11 +2370,11 @@ def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Is one of the following types: KeySignParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeySignParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2439,9 +2447,9 @@ def sign( def verify( self, key_name: str, - key_version: str, parameters: _models.KeyVerifyParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -2455,10 +2463,10 @@ def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyVerifyParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2471,9 +2479,9 @@ def verify( def verify( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -2487,10 +2495,10 @@ def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2503,9 +2511,9 @@ def verify( def verify( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -2519,10 +2527,10 @@ def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2535,8 +2543,9 @@ def verify( def verify( self, key_name: str, - key_version: str, parameters: Union[_models.KeyVerifyParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyVerifyResult: """Verifies a signature using a specified key. @@ -2549,12 +2558,12 @@ def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Is one of the following types: KeyVerifyParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyVerifyParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyVerifyResult. The KeyVerifyResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyVerifyResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2627,9 +2636,9 @@ def verify( def wrap_key( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2644,10 +2653,10 @@ def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2660,9 +2669,9 @@ def wrap_key( def wrap_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2677,10 +2686,10 @@ def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2693,9 +2702,9 @@ def wrap_key( def wrap_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2710,10 +2719,10 @@ def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2726,8 +2735,9 @@ def wrap_key( def wrap_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Wraps a symmetric key using a specified key. @@ -2741,12 +2751,12 @@ def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2819,9 +2829,9 @@ def wrap_key( def unwrap_key( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2834,10 +2844,10 @@ def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2850,9 +2860,9 @@ def unwrap_key( def unwrap_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2865,10 +2875,10 @@ def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2881,9 +2891,9 @@ def unwrap_key( def unwrap_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2896,10 +2906,10 @@ def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2912,8 +2922,9 @@ def unwrap_key( def unwrap_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Unwraps a symmetric key using the specified key that was initially used for wrapping that key. @@ -2925,12 +2936,12 @@ def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -3003,9 +3014,9 @@ def unwrap_key( def release( self, key_name: str, - key_version: str, parameters: _models.KeyReleaseParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -3016,11 +3027,11 @@ def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyReleaseParameters + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -3033,9 +3044,9 @@ def release( def release( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -3046,11 +3057,11 @@ def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: JSON + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -3063,9 +3074,9 @@ def release( def release( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -3076,11 +3087,11 @@ def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: IO[bytes] + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -3093,8 +3104,9 @@ def release( def release( self, key_name: str, - key_version: str, parameters: Union[_models.KeyReleaseParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyReleaseResult: """Releases a key. @@ -3104,13 +3116,13 @@ def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Is one of the following types: KeyReleaseParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyReleaseParameters or JSON or IO[bytes] + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :return: KeyReleaseResult. The KeyReleaseResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyReleaseResult :raises ~azure.core.exceptions.HttpResponseError: @@ -3182,7 +3194,7 @@ def release( @distributed_trace def get_deleted_keys( self, *, maxresults: Optional[int] = None, **kwargs: Any - ) -> Iterable["_models.DeletedKeyItem"]: + ) -> ItemPaged["_models.DeletedKeyItem"]: """Lists the deleted keys in the specified vault. Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the @@ -3814,10 +3826,13 @@ def get_random_bytes( @distributed_trace @api_version_validation( - method_added_on="7.6", - params_added_on={"7.6": ["api_version", "key_name", "key_version", "accept"]}, + method_added_on="7.6-preview.2", + params_added_on={"7.6-preview.2": ["key_name", "key_version", "accept", "api_version"]}, + api_versions_list=["7.6-preview.2", "7.6", "2025-06-01-preview"], ) - def get_key_attestation(self, key_name: str, key_version: str, **kwargs: Any) -> _models.KeyBundle: + def get_key_attestation( + self, key_name: str, *, key_version: Optional[str] = None, **kwargs: Any + ) -> _models.KeyBundle: """Gets the public part of a stored key along with its attestation blob. The get key attestation operation returns the key along with its attestation blob. This @@ -3825,10 +3840,10 @@ def get_key_attestation(self, key_name: str, key_version: str, **kwargs: Any) -> :param key_name: The name of the key to retrieve attestation for. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves attestation blob for specific + :keyword key_version: Adding the version parameter retrieves attestation blob for specific version of a key. This URI fragment is optional. If not specified, the latest version of the - key attestation blob is returned. Required. - :type key_version: str + key attestation blob is returned. Default value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_validation.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_validation.py index 752b2822f9d3..f5af3a4eb8a2 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_validation.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/_validation.py @@ -10,6 +10,22 @@ def api_version_validation(**kwargs): params_added_on = kwargs.pop("params_added_on", {}) method_added_on = kwargs.pop("method_added_on", "") + api_versions_list = kwargs.pop("api_versions_list", []) + + def _index_with_default(value: str, default: int = -1) -> int: + """Get the index of value in lst, or return default if not found. + + :param value: The value to search for in the api_versions_list. + :type value: str + :param default: The default value to return if the value is not found. + :type default: int + :return: The index of the value in the list, or the default value if not found. + :rtype: int + """ + try: + return api_versions_list.index(value) + except ValueError: + return default def decorator(func): @functools.wraps(func) @@ -21,7 +37,7 @@ def wrapper(*args, **kwargs): except AttributeError: return func(*args, **kwargs) - if method_added_on > client_api_version: + if _index_with_default(method_added_on) > _index_with_default(client_api_version): raise ValueError( f"'{func.__name__}' is not available in API version " f"{client_api_version}. Pass service API version {method_added_on} or newer to your client." @@ -31,7 +47,7 @@ def wrapper(*args, **kwargs): parameter: api_version for api_version, parameters in params_added_on.items() for parameter in parameters - if parameter in kwargs and api_version > client_api_version + if parameter in kwargs and _index_with_default(api_version) > _index_with_default(client_api_version) } if unsupported: raise ValueError( diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_client.py index 3f8e48a8e50c..d9dd9b186e2c 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_client.py @@ -16,13 +16,13 @@ from .._utils.serialization import Deserializer, Serializer from ._configuration import KeyVaultClientConfiguration -from ._operations import KeyVaultClientOperationsMixin +from ._operations._operations import _KeyVaultClientOperationsMixin if TYPE_CHECKING: from azure.core.credentials_async import AsyncTokenCredential -class KeyVaultClient(KeyVaultClientOperationsMixin): +class KeyVaultClient(_KeyVaultClientOperationsMixin): """The key vault client performs cryptographic key operations and vault operations against the Key Vault service. @@ -30,8 +30,9 @@ class KeyVaultClient(KeyVaultClientOperationsMixin): :type vault_base_url: str :param credential: Credential used to authenticate requests to the service. Required. :type credential: ~azure.core.credentials_async.AsyncTokenCredential - :keyword api_version: The API version to use for this operation. Default value is "7.6". Note - that overriding this default value may result in unsupported behavior. + :keyword api_version: The API version to use for this operation. Default value is + "2025-06-01-preview". Note that overriding this default value may result in unsupported + behavior. :paramtype api_version: str """ diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_configuration.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_configuration.py index 7960dc38a2e8..b79f62c4a57d 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_configuration.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_configuration.py @@ -26,13 +26,14 @@ class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attribut :type vault_base_url: str :param credential: Credential used to authenticate requests to the service. Required. :type credential: ~azure.core.credentials_async.AsyncTokenCredential - :keyword api_version: The API version to use for this operation. Default value is "7.6". Note - that overriding this default value may result in unsupported behavior. + :keyword api_version: The API version to use for this operation. Default value is + "2025-06-01-preview". Note that overriding this default value may result in unsupported + behavior. :paramtype api_version: str """ def __init__(self, vault_base_url: str, credential: "AsyncTokenCredential", **kwargs: Any) -> None: - api_version: str = kwargs.pop("api_version", "7.6") + api_version: str = kwargs.pop("api_version", "2025-06-01-preview") if vault_base_url is None: raise ValueError("Parameter 'vault_base_url' must not be None.") diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/__init__.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/__init__.py index d514f5e4b5be..933fcd7d1b55 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/__init__.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/__init__.py @@ -12,14 +12,11 @@ if TYPE_CHECKING: from ._patch import * # pylint: disable=unused-wildcard-import -from ._operations import KeyVaultClientOperationsMixin # type: ignore from ._patch import __all__ as _patch_all from ._patch import * from ._patch import patch_sdk as _patch_sdk -__all__ = [ - "KeyVaultClientOperationsMixin", -] +__all__ = [] __all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore _patch_sdk() diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/_operations.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/_operations.py index 33877dd1143c..111b913807a2 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/_operations.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_generated/aio/_operations/_operations.py @@ -9,7 +9,7 @@ from collections.abc import MutableMapping from io import IOBase import json -from typing import Any, AsyncIterable, Callable, Dict, IO, List, Optional, TypeVar, Union, overload +from typing import Any, Callable, Dict, IO, List, Optional, TypeVar, Union, overload import urllib.parse from azure.core import AsyncPipelineClient @@ -68,7 +68,7 @@ ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] -class KeyVaultClientOperationsMixin( # pylint: disable=too-many-public-methods +class _KeyVaultClientOperationsMixin( # pylint: disable=too-many-public-methods ClientMixinABC[AsyncPipelineClient[HttpRequest, AsyncHttpResponse], KeyVaultClientConfiguration] ): @@ -544,9 +544,9 @@ async def delete_key(self, key_name: str, **kwargs: Any) -> _models.DeletedKeyBu async def update_key( self, key_name: str, - key_version: str, parameters: _models.KeyUpdateParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -559,10 +559,10 @@ async def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyUpdateParameters + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -575,9 +575,9 @@ async def update_key( async def update_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -590,10 +590,10 @@ async def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: JSON + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -606,9 +606,9 @@ async def update_key( async def update_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyBundle: @@ -621,10 +621,10 @@ async def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -637,8 +637,9 @@ async def update_key( async def update_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyUpdateParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyBundle: """The update key operation changes specified attributes of a stored key and can be applied to any @@ -650,12 +651,12 @@ async def update_key( :param key_name: The name of key to update. Required. :type key_name: str - :param key_version: The version of the key to update. Required. - :type key_version: str :param parameters: The parameters of the key to update. Is one of the following types: KeyUpdateParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyUpdateParameters or JSON or IO[bytes] + :keyword key_version: The version of the key to update. Default value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: @@ -725,7 +726,7 @@ async def update_key( return deserialized # type: ignore @distributed_trace_async - async def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _models.KeyBundle: + async def get_key(self, key_name: str, *, key_version: Optional[str] = None, **kwargs: Any) -> _models.KeyBundle: """Gets the public part of a stored key. The get key operation is applicable to all key types. If the requested key is symmetric, then @@ -733,10 +734,10 @@ async def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _mode :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. This - URI fragment is optional. If not specified, the latest version of the key is returned. - Required. - :type key_version: str + :keyword key_version: Adding the version parameter retrieves a specific version of a key. This + URI fragment is optional. If not specified, the latest version of the key is returned. Default + value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: @@ -798,7 +799,7 @@ async def get_key(self, key_name: str, key_version: str, **kwargs: Any) -> _mode @distributed_trace def get_key_versions( self, key_name: str, *, maxresults: Optional[int] = None, **kwargs: Any - ) -> AsyncIterable["_models.KeyItem"]: + ) -> AsyncItemPaged["_models.KeyItem"]: """Retrieves a list of individual key versions with the same key name. The full key identifier, attributes, and tags are provided in the response. This operation @@ -891,7 +892,7 @@ async def get_next(next_link=None): return AsyncItemPaged(get_next, extract_data) @distributed_trace - def get_keys(self, *, maxresults: Optional[int] = None, **kwargs: Any) -> AsyncIterable["_models.KeyItem"]: + def get_keys(self, *, maxresults: Optional[int] = None, **kwargs: Any) -> AsyncItemPaged["_models.KeyItem"]: """List keys in the specified vault. Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the @@ -1229,9 +1230,9 @@ async def restore_key( async def encrypt( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1248,10 +1249,10 @@ async def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1264,9 +1265,9 @@ async def encrypt( async def encrypt( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1283,10 +1284,10 @@ async def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1299,9 +1300,9 @@ async def encrypt( async def encrypt( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1318,10 +1319,10 @@ async def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1334,8 +1335,9 @@ async def encrypt( async def encrypt( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Encrypts an arbitrary sequence of bytes using an encryption key that is stored in a key vault. @@ -1351,12 +1353,12 @@ async def encrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the encryption operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -1429,9 +1431,9 @@ async def encrypt( async def decrypt( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1450,10 +1452,10 @@ async def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1466,9 +1468,9 @@ async def decrypt( async def decrypt( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1487,10 +1489,10 @@ async def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1503,9 +1505,9 @@ async def decrypt( async def decrypt( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1524,10 +1526,10 @@ async def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1540,8 +1542,9 @@ async def decrypt( async def decrypt( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Decrypts a single block of encrypted data. @@ -1559,12 +1562,12 @@ async def decrypt( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the decryption operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -1637,9 +1640,9 @@ async def decrypt( async def sign( self, key_name: str, - key_version: str, parameters: _models.KeySignParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1651,10 +1654,10 @@ async def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeySignParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1667,9 +1670,9 @@ async def sign( async def sign( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1681,10 +1684,10 @@ async def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1697,9 +1700,9 @@ async def sign( async def sign( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -1711,10 +1714,10 @@ async def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1727,8 +1730,9 @@ async def sign( async def sign( self, key_name: str, - key_version: str, parameters: Union[_models.KeySignParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Creates a signature from a digest using the specified key. @@ -1739,11 +1743,11 @@ async def sign( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the signing operation. Is one of the following types: KeySignParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeySignParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -1816,9 +1820,9 @@ async def sign( async def verify( self, key_name: str, - key_version: str, parameters: _models.KeyVerifyParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -1832,10 +1836,10 @@ async def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyVerifyParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1848,9 +1852,9 @@ async def verify( async def verify( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -1864,10 +1868,10 @@ async def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -1880,9 +1884,9 @@ async def verify( async def verify( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyVerifyResult: @@ -1896,10 +1900,10 @@ async def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -1912,8 +1916,9 @@ async def verify( async def verify( self, key_name: str, - key_version: str, parameters: Union[_models.KeyVerifyParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyVerifyResult: """Verifies a signature using a specified key. @@ -1926,12 +1931,12 @@ async def verify( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for verify operations. Is one of the following types: KeyVerifyParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyVerifyParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyVerifyResult. The KeyVerifyResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyVerifyResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2004,9 +2009,9 @@ async def verify( async def wrap_key( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2021,10 +2026,10 @@ async def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2037,9 +2042,9 @@ async def wrap_key( async def wrap_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2054,10 +2059,10 @@ async def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2070,9 +2075,9 @@ async def wrap_key( async def wrap_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2087,10 +2092,10 @@ async def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2103,8 +2108,9 @@ async def wrap_key( async def wrap_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Wraps a symmetric key using a specified key. @@ -2118,12 +2124,12 @@ async def wrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for wrap operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2196,9 +2202,9 @@ async def wrap_key( async def unwrap_key( self, key_name: str, - key_version: str, parameters: _models.KeyOperationsParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2211,10 +2217,10 @@ async def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2227,9 +2233,9 @@ async def unwrap_key( async def unwrap_key( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2242,10 +2248,10 @@ async def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: JSON + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2258,9 +2264,9 @@ async def unwrap_key( async def unwrap_key( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyOperationResult: @@ -2273,10 +2279,10 @@ async def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Required. :type parameters: IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2289,8 +2295,9 @@ async def unwrap_key( async def unwrap_key( self, key_name: str, - key_version: str, parameters: Union[_models.KeyOperationsParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyOperationResult: """Unwraps a symmetric key using the specified key that was initially used for wrapping that key. @@ -2302,12 +2309,12 @@ async def unwrap_key( :param key_name: The name of the key. Required. :type key_name: str - :param key_version: The version of the key. Required. - :type key_version: str :param parameters: The parameters for the key operation. Is one of the following types: KeyOperationsParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyOperationsParameters or JSON or IO[bytes] + :keyword key_version: The version of the key. Default value is None. + :paramtype key_version: str :return: KeyOperationResult. The KeyOperationResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyOperationResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2380,9 +2387,9 @@ async def unwrap_key( async def release( self, key_name: str, - key_version: str, parameters: _models.KeyReleaseParameters, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -2393,11 +2400,11 @@ async def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyReleaseParameters + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2410,9 +2417,9 @@ async def release( async def release( self, key_name: str, - key_version: str, parameters: JSON, *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -2423,11 +2430,11 @@ async def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: JSON + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. Default value is "application/json". :paramtype content_type: str @@ -2440,9 +2447,9 @@ async def release( async def release( self, key_name: str, - key_version: str, parameters: IO[bytes], *, + key_version: Optional[str] = None, content_type: str = "application/json", **kwargs: Any ) -> _models.KeyReleaseResult: @@ -2453,11 +2460,11 @@ async def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Required. :type parameters: IO[bytes] + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :keyword content_type: Body Parameter content-type. Content type parameter for binary body. Default value is "application/json". :paramtype content_type: str @@ -2470,8 +2477,9 @@ async def release( async def release( self, key_name: str, - key_version: str, parameters: Union[_models.KeyReleaseParameters, JSON, IO[bytes]], + *, + key_version: Optional[str] = None, **kwargs: Any ) -> _models.KeyReleaseResult: """Releases a key. @@ -2481,13 +2489,13 @@ async def release( :param key_name: The name of the key to get. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves a specific version of a key. - Required. - :type key_version: str :param parameters: The parameters for the key release operation. Is one of the following types: KeyReleaseParameters, JSON, IO[bytes] Required. :type parameters: ~azure.keyvault.keys._generated.models.KeyReleaseParameters or JSON or IO[bytes] + :keyword key_version: Adding the version parameter retrieves a specific version of a key. + Default value is None. + :paramtype key_version: str :return: KeyReleaseResult. The KeyReleaseResult is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyReleaseResult :raises ~azure.core.exceptions.HttpResponseError: @@ -2559,7 +2567,7 @@ async def release( @distributed_trace def get_deleted_keys( self, *, maxresults: Optional[int] = None, **kwargs: Any - ) -> AsyncIterable["_models.DeletedKeyItem"]: + ) -> AsyncItemPaged["_models.DeletedKeyItem"]: """Lists the deleted keys in the specified vault. Retrieves a list of the keys in the Key Vault as JSON Web Key structures that contain the @@ -3192,10 +3200,13 @@ async def get_random_bytes( @distributed_trace_async @api_version_validation( - method_added_on="7.6", - params_added_on={"7.6": ["api_version", "key_name", "key_version", "accept"]}, + method_added_on="7.6-preview.2", + params_added_on={"7.6-preview.2": ["key_name", "key_version", "accept", "api_version"]}, + api_versions_list=["7.6-preview.2", "7.6", "2025-06-01-preview"], ) - async def get_key_attestation(self, key_name: str, key_version: str, **kwargs: Any) -> _models.KeyBundle: + async def get_key_attestation( + self, key_name: str, *, key_version: Optional[str] = None, **kwargs: Any + ) -> _models.KeyBundle: """Gets the public part of a stored key along with its attestation blob. The get key attestation operation returns the key along with its attestation blob. This @@ -3203,10 +3214,10 @@ async def get_key_attestation(self, key_name: str, key_version: str, **kwargs: A :param key_name: The name of the key to retrieve attestation for. Required. :type key_name: str - :param key_version: Adding the version parameter retrieves attestation blob for specific + :keyword key_version: Adding the version parameter retrieves attestation blob for specific version of a key. This URI fragment is optional. If not specified, the latest version of the - key attestation blob is returned. Required. - :type key_version: str + key attestation blob is returned. Default value is None. + :paramtype key_version: str :return: KeyBundle. The KeyBundle is compatible with MutableMapping :rtype: ~azure.keyvault.keys._generated.models.KeyBundle :raises ~azure.core.exceptions.HttpResponseError: diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_models.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_models.py index b0c6b4138afd..c6f1cb236ad1 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_models.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_models.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -312,7 +313,9 @@ def attestation(self) -> Optional[KeyAttestation]: # attestation was added in 7.6-preview.2 if self._attributes: attestation = getattr(self._attributes, "attestation", None) - return KeyAttestation._from_generated(attestation=attestation) if attestation else None # pylint:disable=protected-access + return ( + KeyAttestation._from_generated(attestation=attestation) if attestation else None + ) # pylint:disable=protected-access return None @@ -411,7 +414,8 @@ def _from_generated(cls, policy: "_models.KeyRotationPolicy") -> "KeyRotationPol [] if policy.lifetime_actions is None else [ - KeyRotationLifetimeAction._from_generated(action) for action in policy.lifetime_actions # pylint:disable=protected-access + KeyRotationLifetimeAction._from_generated(action) + for action in policy.lifetime_actions # pylint:disable=protected-access ] ) if policy.attributes: diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py index 0f84607e3ccd..3e3ac1855178 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_shared/async_challenge_auth_policy.py @@ -66,7 +66,6 @@ async def await_result(func: Callable[P, Union[T, Awaitable[T]]], *args: P.args, return result - class AsyncChallengeAuthPolicy(AsyncBearerTokenCredentialPolicy): """Policy for handling HTTP authentication challenges. @@ -83,9 +82,7 @@ def __init__(self, credential: AsyncTokenProvider, *scopes: str, **kwargs: Any) self._verify_challenge_resource = kwargs.pop("verify_challenge_resource", True) self._request_copy: Optional[HttpRequest] = None - async def send( - self, request: PipelineRequest[HttpRequest] - ) -> PipelineResponse[HttpRequest, AsyncHttpResponse]: + async def send(self, request: PipelineRequest[HttpRequest]) -> PipelineResponse[HttpRequest, AsyncHttpResponse]: """Authorize request with a bearer token and send it to the next policy. We implement this method to account for the valid scenario where a Key Vault authentication challenge is @@ -156,7 +153,6 @@ async def handle_challenge_flow( await await_result(self.on_response, request, response) return response - async def on_request(self, request: PipelineRequest) -> None: _enforce_tls(request) challenge = ChallengeCache.get_challenge_for_url(request.http_request.url) @@ -227,9 +223,7 @@ async def on_challenge(self, request: PipelineRequest, response: PipelineRespons if challenge.tenant_id and challenge.tenant_id.lower().endswith("adfs"): await self.authorize_request(request, scope, claims=challenge.claims) else: - await self.authorize_request( - request, scope, claims=challenge.claims, tenant_id=challenge.tenant_id - ) + await self.authorize_request(request, scope, claims=challenge.claims, tenant_id=challenge.tenant_id) return True diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/aio/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/aio/_client.py index 2f1c30a96b01..41084614a416 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/aio/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/aio/_client.py @@ -1,3 +1,4 @@ +# pylint: disable=too-many-lines # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -84,12 +85,12 @@ def _get_attributes( return None def get_cryptography_client( - self, - key_name: str, - *, - key_version: Optional[str] = None, - **kwargs, # pylint: disable=unused-argument - ) -> CryptographyClient: + self, + key_name: str, + *, + key_version: Optional[str] = None, + **kwargs, # pylint: disable=unused-argument + ) -> CryptographyClient: """Gets a :class:`~azure.keyvault.keys.crypto.aio.CryptographyClient` for the given key. :param str key_name: The name of the key used to perform cryptographic operations. @@ -647,7 +648,7 @@ async def recover_deleted_key(self, name: str, **kwargs: Any) -> KeyVaultKey: command=command, final_resource=recovered_key, finished=False, - interval=polling_interval + interval=polling_interval, ) await polling_method.run() @@ -841,9 +842,7 @@ async def import_key( release_policy=policy, ) - bundle = await self._client.import_key( - name, parameters=parameters, **kwargs - ) + bundle = await self._client.import_key(name, parameters=parameters, **kwargs) return KeyVaultKey._from_key_bundle(bundle) @distributed_trace_async @@ -996,7 +995,7 @@ async def update_key_rotation_policy( # pylint: disable=unused-argument @distributed_trace_async async def get_key_attestation(self, name: str, version: Optional[str] = None, **kwargs: Any) -> KeyVaultKey: """Get a key and its attestation blob. - + This method is applicable to any key stored in Azure Key Vault Managed HSM. This operation requires the keys/get permission. diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_client.py index d3a27fee66df..51f273d8f858 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_client.py @@ -32,13 +32,13 @@ def _validate_arguments( - operation: KeyOperation, - algorithm: EncryptionAlgorithm, - *, - iv: Optional[bytes] = None, - tag: Optional[bytes] = None, - aad: Optional[bytes] = None, - ) -> None: + operation: KeyOperation, + algorithm: EncryptionAlgorithm, + *, + iv: Optional[bytes] = None, + tag: Optional[bytes] = None, + aad: Optional[bytes] = None, +) -> None: """Validates the arguments passed to perform an operation with a provided algorithm. :param KeyOperation operation: the type of operation being requested @@ -55,9 +55,7 @@ def _validate_arguments( """ if operation == KeyOperation.encrypt: if iv and "CBC" not in algorithm: - raise ValueError( - f"iv should only be provided with AES-CBC algorithms; {algorithm} does not accept an iv" - ) + raise ValueError(f"iv should only be provided with AES-CBC algorithms; {algorithm} does not accept an iv") if iv is None and "CBC" in algorithm: raise ValueError("iv is a required parameter for encryption with AES-CBC algorithms.") if aad and not ("CBC" in algorithm or "GCM" in algorithm): @@ -68,9 +66,7 @@ def _validate_arguments( if operation == KeyOperation.decrypt: if iv and not ("CBC" in algorithm or "GCM" in algorithm): - raise ValueError( - f"iv should only be provided with AES algorithms; {algorithm} does not accept an iv" - ) + raise ValueError(f"iv should only be provided with AES algorithms; {algorithm} does not accept an iv") if iv is None and ("CBC" in algorithm or "GCM" in algorithm): raise ValueError("iv is a required parameter for decryption with AES algorithms.") if tag and "GCM" not in algorithm: @@ -203,7 +199,7 @@ def _initialize(self, **kwargs: Any) -> None: key_bundle = self._client.get_key( self._key_id.name if self._key_id else None, self._key_id.version if self._key_id else None, - **kwargs + **kwargs, ) key = KeyVaultKey._from_key_bundle(key_bundle) self._key = key.key @@ -310,7 +306,7 @@ def encrypt( parameters=self._models.KeyOperationsParameters( algorithm=algorithm, value=plaintext, iv=iv, aad=additional_authenticated_data ), - **kwargs + **kwargs, ) result_iv = operation_result.iv if hasattr(operation_result, "iv") else None @@ -400,7 +396,7 @@ def decrypt( parameters=self._models.KeyOperationsParameters( algorithm=algorithm, value=ciphertext, iv=iv, tag=authentication_tag, aad=additional_authenticated_data ), - **kwargs + **kwargs, ) return DecryptResult(key_id=self.key_id, algorithm=algorithm, plaintext=operation_result.result) @@ -443,7 +439,7 @@ def wrap_key(self, algorithm: KeyWrapAlgorithm, key: bytes, **kwargs: Any) -> Wr key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyOperationsParameters(algorithm=algorithm, value=key), - **kwargs + **kwargs, ) return WrapResult(key_id=self.key_id, algorithm=algorithm, encrypted_key=operation_result.result) @@ -485,7 +481,7 @@ def unwrap_key(self, algorithm: KeyWrapAlgorithm, encrypted_key: bytes, **kwargs key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyOperationsParameters(algorithm=algorithm, value=encrypted_key), - **kwargs + **kwargs, ) return UnwrapResult(key_id=self.key_id, algorithm=algorithm, key=operation_result.result) @@ -527,7 +523,7 @@ def sign(self, algorithm: SignatureAlgorithm, digest: bytes, **kwargs: Any) -> S key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeySignParameters(algorithm=algorithm, value=digest), - **kwargs + **kwargs, ) return SignResult(key_id=self.key_id, algorithm=algorithm, signature=operation_result.result) @@ -571,7 +567,7 @@ def verify(self, algorithm: SignatureAlgorithm, digest: bytes, signature: bytes, key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyVerifyParameters(algorithm=algorithm, digest=digest, signature=signature), - **kwargs + **kwargs, ) return VerifyResult(key_id=self.key_id, algorithm=algorithm, is_valid=operation_result.value) diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_enums.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_enums.py index fcce8d0929e7..356b72b5edc5 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_enums.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_enums.py @@ -5,6 +5,7 @@ from enum import Enum from azure.core import CaseInsensitiveEnumMeta + # pylint: disable=enum-must-be-uppercase class KeyWrapAlgorithm(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Key wrapping algorithms""" diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_internal/rsa_key.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_internal/rsa_key.py index e1325894bccc..0d3f21df4257 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_internal/rsa_key.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_internal/rsa_key.py @@ -33,7 +33,14 @@ class RsaKey(Key): # pylint:disable=too-many-public-methods _supported_encryption_algorithms = frozenset((Rsa1_5.name(), RsaOaep.name(), RsaOaep256.name())) _supported_key_wrap_algorithms = frozenset((Rsa1_5.name(), RsaOaep.name(), RsaOaep256.name())) _supported_signature_algorithms = frozenset( - (Ps256.name(), Ps384.name(), Ps512.name(), Rs256.name(), Rs384.name(), Rs512.name(),) + ( + Ps256.name(), + Ps384.name(), + Ps512.name(), + Rs256.name(), + Rs384.name(), + Rs512.name(), + ) ) def __init__(self, kid=None): diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_models.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_models.py index c16d5811f7e9..2f1f6788a6ed 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_models.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/_models.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. diff --git a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/aio/_client.py b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/aio/_client.py index 9f7e370e983f..13111932ebbe 100644 --- a/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/aio/_client.py +++ b/sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/crypto/aio/_client.py @@ -146,7 +146,7 @@ async def _initialize(self, **kwargs: Any) -> None: key_bundle = await self._client.get_key( self._key_id.name if self._key_id else None, self._key_id.version if self._key_id else None, - **kwargs + **kwargs, ) key = KeyVaultKey._from_key_bundle(key_bundle) self._key = key.key @@ -229,7 +229,7 @@ async def encrypt( parameters=self._models.KeyOperationsParameters( algorithm=algorithm, value=plaintext, iv=iv, aad=additional_authenticated_data ), - **kwargs + **kwargs, ) result_iv = operation_result.iv if hasattr(operation_result, "iv") else None @@ -319,7 +319,7 @@ async def decrypt( parameters=self._models.KeyOperationsParameters( algorithm=algorithm, value=ciphertext, iv=iv, tag=authentication_tag, aad=additional_authenticated_data ), - **kwargs + **kwargs, ) return DecryptResult(key_id=self.key_id, algorithm=algorithm, plaintext=operation_result.result) @@ -362,7 +362,7 @@ async def wrap_key(self, algorithm: KeyWrapAlgorithm, key: bytes, **kwargs: Any) key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyOperationsParameters(algorithm=algorithm, value=key), - **kwargs + **kwargs, ) return WrapResult(key_id=self.key_id, algorithm=algorithm, encrypted_key=operation_result.result) @@ -404,7 +404,7 @@ async def unwrap_key(self, algorithm: KeyWrapAlgorithm, encrypted_key: bytes, ** key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyOperationsParameters(algorithm=algorithm, value=encrypted_key), - **kwargs + **kwargs, ) return UnwrapResult(key_id=self.key_id, algorithm=algorithm, key=operation_result.result) @@ -447,7 +447,7 @@ async def sign(self, algorithm: SignatureAlgorithm, digest: bytes, **kwargs: Any key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeySignParameters(algorithm=algorithm, value=digest), - **kwargs + **kwargs, ) return SignResult(key_id=self.key_id, algorithm=algorithm, signature=operation_result.result) @@ -493,7 +493,7 @@ async def verify( key_name=self._key_id.name if self._key_id else None, key_version=self._key_id.version if self._key_id else None, parameters=self._models.KeyVerifyParameters(algorithm=algorithm, digest=digest, signature=signature), - **kwargs + **kwargs, ) return VerifyResult(key_id=self.key_id, algorithm=algorithm, is_valid=operation_result.value) diff --git a/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations.py b/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations.py index bdf7d1305fd3..2e3f83c2ff66 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -14,7 +15,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # diff --git a/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations_async.py b/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations_async.py index f6990ab87997..efef9cd89af4 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations_async.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/backup_restore_operations_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -34,13 +35,14 @@ # 5. Restore a key (restore_key_backup) # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a key client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. VAULT_URL = os.environ["VAULT_URL"] credential = DefaultAzureCredential() client = KeyClient(vault_url=VAULT_URL, credential=credential) - + # Let's create a Key of type RSA. # if the key already exists in the Key Vault, then a new version of the key is created. print("\n.. Create Key") diff --git a/sdk/keyvault/azure-keyvault-keys/samples/hello_world.py b/sdk/keyvault/azure-keyvault-keys/samples/hello_world.py index afb096383708..e323e555334f 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/hello_world.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/hello_world.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -12,7 +13,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # @@ -70,9 +71,7 @@ # associated with a key previously stored within Key Vault. print("\n.. Update a Key by name") expires = datetime.datetime.utcnow() + datetime.timedelta(days=365) -updated_ec_key = client.update_key_properties( - ec_key.name, ec_key.properties.version, expires_on=expires, enabled=False -) +updated_ec_key = client.update_key_properties(ec_key.name, ec_key.properties.version, expires_on=expires, enabled=False) print(f"Key with name '{updated_ec_key.name}' was updated on date '{updated_ec_key.properties.updated_on}'") print(f"Key with name '{updated_ec_key.name}' was updated to expire on '{updated_ec_key.properties.expires_on}'") diff --git a/sdk/keyvault/azure-keyvault-keys/samples/hello_world_async.py b/sdk/keyvault/azure-keyvault-keys/samples/hello_world_async.py index 864f14750aaa..87d3728d5253 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/hello_world_async.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/hello_world_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -35,6 +36,7 @@ # 5. Delete a key (delete_key) # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a key client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. diff --git a/sdk/keyvault/azure-keyvault-keys/samples/key_rotation.py b/sdk/keyvault/azure-keyvault-keys/samples/key_rotation.py index 248ac051899e..731f4d743805 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/key_rotation.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/key_rotation.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -14,7 +15,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # diff --git a/sdk/keyvault/azure-keyvault-keys/samples/key_rotation_async.py b/sdk/keyvault/azure-keyvault-keys/samples/key_rotation_async.py index c20f614943a7..4ebad1c8cf59 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/key_rotation_async.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/key_rotation_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -36,6 +37,7 @@ # 5. Delete a key (delete_key) # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a key client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. @@ -108,4 +110,4 @@ async def run_sample(): if __name__ == "__main__": - asyncio.run(run_sample()) \ No newline at end of file + asyncio.run(run_sample()) diff --git a/sdk/keyvault/azure-keyvault-keys/samples/list_operations.py b/sdk/keyvault/azure-keyvault-keys/samples/list_operations.py index f8b01807efc4..cf42f7006bb2 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/list_operations.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/list_operations.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -13,7 +14,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # diff --git a/sdk/keyvault/azure-keyvault-keys/samples/list_operations_async.py b/sdk/keyvault/azure-keyvault-keys/samples/list_operations_async.py index 757017e45e00..e1a2c535508e 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/list_operations_async.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/list_operations_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -35,6 +36,7 @@ # # ---------------------------------------------------------------------------------------------------------- + async def run_sample(): # Instantiate a key client that will be used to call the service. # Here we use the DefaultAzureCredential, but any azure-identity credential can be used. diff --git a/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations.py b/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations.py index 9b5b45985c97..7668cf456ac8 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -13,7 +14,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # diff --git a/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations_async.py b/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations_async.py index bcb8eb588df3..8d4f1c138c36 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations_async.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/recover_purge_operations_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -7,6 +8,7 @@ from azure.identity.aio import DefaultAzureCredential from azure.keyvault.keys.aio import KeyClient + # ---------------------------------------------------------------------------------------------------------- # Prerequisites: # 1. An Azure Key Vault (https://learn.microsoft.com/azure/key-vault/quick-create-cli) diff --git a/sdk/keyvault/azure-keyvault-keys/samples/send_request.py b/sdk/keyvault/azure-keyvault-keys/samples/send_request.py index 78d35dc3c8f2..c5e3f2b5a9c3 100644 --- a/sdk/keyvault/azure-keyvault-keys/samples/send_request.py +++ b/sdk/keyvault/azure-keyvault-keys/samples/send_request.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -14,7 +15,7 @@ # 2. azure-keyvault-keys and azure-identity libraries (pip install these) # # 3. Set environment variable VAULT_URL with the URL of your key vault -# +# # 4. Set up your environment to use azure-identity's DefaultAzureCredential. For more information about how to configure # the DefaultAzureCredential, refer to https://aka.ms/azsdk/python/identity/docs#azure.identity.DefaultAzureCredential # @@ -55,7 +56,7 @@ response = client.send_request(request) # The return value is an azure.core.rest.HttpResponse -- the key information is in the response body. -# We can get a dictionary of the body content with the `json` method. +# We can get a dictionary of the body content with the `json` method. response_body = response.json() print(f"\n.. Key with ID {response_body['key']['kid']} was found.") diff --git a/sdk/keyvault/azure-keyvault-keys/setup.py b/sdk/keyvault/azure-keyvault-keys/setup.py new file mode 100644 index 000000000000..fa2ff73b2e2b --- /dev/null +++ b/sdk/keyvault/azure-keyvault-keys/setup.py @@ -0,0 +1,68 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) Python Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + + +import os +import re +from setuptools import setup, find_packages + + +PACKAGE_NAME = "azure-keyvault-keys" +PACKAGE_PPRINT_NAME = "Key Vault Keys" +PACKAGE_NAMESPACE = "azure.keyvault.keys._generated" + +# a.b.c => a/b/c +package_folder_path = PACKAGE_NAMESPACE.replace(".", "/") + +# Version extraction inspired from 'requests' +with open(os.path.join(package_folder_path, "_version.py"), "r") as fd: + version = re.search(r'^VERSION\s*=\s*[\'"]([^\'"]*)[\'"]', fd.read(), re.MULTILINE).group(1) + +if not version: + raise RuntimeError("Cannot find version information") + + +setup( + name=PACKAGE_NAME, + version=version, + description="Microsoft Corporation {} Client Library for Python".format(PACKAGE_PPRINT_NAME), + long_description=open("README.md", "r").read(), + long_description_content_type="text/markdown", + license="MIT License", + author="Microsoft Corporation", + author_email="azpysdkhelp@microsoft.com", + url="https://github.com/Azure/azure-sdk-for-python/tree/main/sdk", + keywords="azure, azure sdk", + classifiers=[ + "Development Status :: ", + "Programming Language :: Python", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "License :: OSI Approved :: MIT License", + ], + zip_safe=False, + packages=find_packages( + exclude=[ + "tests", + ] + ), + include_package_data=True, + package_data={ + "azure.keyvault.keys._generated": ["py.typed"], + }, + install_requires=[ + "isodate>=0.6.1", + "azure-core>=1.30.0", + "typing-extensions>=4.6.0", + ], + python_requires=">=3.9", +) diff --git a/sdk/keyvault/azure-keyvault-keys/tests/_keys_test_case.py b/sdk/keyvault/azure-keyvault-keys/tests/_keys_test_case.py index d1e99ba811e3..d23ab5e15853 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/_keys_test_case.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/_keys_test_case.py @@ -13,7 +13,7 @@ def _get_attestation_uri(self): playback_uri = "https://fakeattestation.azurewebsites.net" if self.is_live: real_uri = os.environ.get("AZURE_KEYVAULT_ATTESTATION_URL") - real_uri = real_uri.rstrip('/') + real_uri = real_uri.rstrip("/") if real_uri is None: pytest.skip("No AZURE_KEYVAULT_ATTESTATION_URL environment variable") return real_uri @@ -22,9 +22,11 @@ def _get_attestation_uri(self): def create_crypto_client(self, key, **kwargs): if kwargs.pop("is_async", False): from azure.keyvault.keys.crypto.aio import CryptographyClient - credential = self.get_credential(CryptographyClient,is_async=True) + + credential = self.get_credential(CryptographyClient, is_async=True) else: from azure.keyvault.keys.crypto import CryptographyClient + credential = self.get_credential(CryptographyClient) return self.create_client_from_credential(CryptographyClient, credential=credential, key=key, **kwargs) diff --git a/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case.py b/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case.py index a67376fd53e1..87a1198ea5de 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case.py @@ -8,8 +8,6 @@ from devtools_testutils import AzureRecordedTestCase - - class KeyVaultTestCase(AzureRecordedTestCase): def get_resource_name(self, name): """helper to create resources with a consistent, test-indicative prefix""" diff --git a/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case_async.py b/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case_async.py index 6059c528f1a3..fb26f89f3ab3 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/_shared/test_case_async.py @@ -36,7 +36,7 @@ async def _poll_until_exception(self, fn, expected_exception, max_retries=20, re except expected_exception: return self.fail("expected exception {expected_exception} was not raised") - + def teardown_method(self, method): HttpChallengeCache.clear() assert len(HttpChallengeCache._cache) == 0 diff --git a/sdk/keyvault/azure-keyvault-keys/tests/conftest.py b/sdk/keyvault/azure-keyvault-keys/tests/conftest.py index bfcd18356825..3db4bb782e44 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/conftest.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/conftest.py @@ -13,16 +13,22 @@ add_oauth_response_sanitizer, is_live, remove_batch_sanitizers, - set_custom_default_matcher + set_custom_default_matcher, ) from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION, ApiVersion -os.environ['PYTHONHASHSEED'] = '0' +os.environ["PYTHONHASHSEED"] = "0" ALL_API_VERSIONS = "--all-api-versions" + def pytest_addoption(parser): - parser.addoption(ALL_API_VERSIONS, action="store_true", default=False, - help="Test all api version in live mode. Not applicable in playback mode.") + parser.addoption( + ALL_API_VERSIONS, + action="store_true", + default=False, + help="Test all api version in live mode. Not applicable in playback mode.", + ) + def pytest_configure(config): if is_live() and not config.getoption(ALL_API_VERSIONS): @@ -30,16 +36,19 @@ def pytest_configure(config): else: pytest.api_version = ApiVersion + @pytest.fixture(scope="session", autouse=True) def add_sanitizers(test_proxy): azure_keyvault_url = os.getenv("AZURE_KEYVAULT_URL", "https://vaultname.vault.azure.net") azure_keyvault_url = azure_keyvault_url.rstrip("/") keyvault_tenant_id = os.getenv("KEYVAULT_TENANT_ID", "keyvault_tenant_id") keyvault_subscription_id = os.getenv("KEYVAULT_SUBSCRIPTION_ID", "keyvault_subscription_id") - azure_managedhsm_url = os.environ.get("AZURE_MANAGEDHSM_URL","https://managedhsmvaultname.managedhsm.azure.net") + azure_managedhsm_url = os.environ.get("AZURE_MANAGEDHSM_URL", "https://managedhsmvaultname.managedhsm.azure.net") azure_managedhsm_url = azure_managedhsm_url.rstrip("/") - azure_attestation_uri = os.environ.get("AZURE_KEYVAULT_ATTESTATION_URL","https://fakeattestation.azurewebsites.net") - azure_attestation_uri = azure_attestation_uri.rstrip('/') + azure_attestation_uri = os.environ.get( + "AZURE_KEYVAULT_ATTESTATION_URL", "https://fakeattestation.azurewebsites.net" + ) + azure_attestation_uri = azure_attestation_uri.rstrip("/") add_general_string_sanitizer(target=azure_keyvault_url, value="https://vaultname.vault.azure.net") add_general_string_sanitizer(target=keyvault_tenant_id, value="00000000-0000-0000-0000-000000000000") @@ -52,7 +61,12 @@ def add_sanitizers(test_proxy): # Remove the following sanitizers since certain fields are needed in tests and are non-sensitive: # - AZSDK3430: $..id # - AZSDK3447: $.key - remove_batch_sanitizers(["AZSDK3430", "AZSDK3447",]) + remove_batch_sanitizers( + [ + "AZSDK3430", + "AZSDK3447", + ] + ) @pytest.fixture(scope="session", autouse=True) @@ -80,6 +94,7 @@ def immediate_return(_): else: yield + @pytest.fixture(scope="session") def event_loop(request): loop = asyncio.get_event_loop() diff --git a/sdk/keyvault/azure-keyvault-keys/tests/keys.py b/sdk/keyvault/azure-keyvault-keys/tests/keys.py index 80db438ae5f2..428b82eb21e0 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/keys.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/keys.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. diff --git a/sdk/keyvault/azure-keyvault-keys/tests/perfstress_tests/sign.py b/sdk/keyvault/azure-keyvault-keys/tests/perfstress_tests/sign.py index e98cbd1ce11c..469de42d8a35 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/perfstress_tests/sign.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/perfstress_tests/sign.py @@ -25,6 +25,7 @@ def __init__(self, arguments): super().__init__(arguments) from dotenv import load_dotenv + load_dotenv() # Auth configuration diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth.py b/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth.py index de26cc59f07d..b889b052484f 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth.py @@ -36,6 +36,7 @@ TOKEN_TYPES = [AccessToken, AccessTokenInfo] + class TestChallengeAuth(KeyVaultTestCase, KeysTestCase): @pytest.mark.parametrize("api_version,is_hsm", only_default_version) @KeysClientPreparer() @@ -125,7 +126,6 @@ def test_enforces_tls(): pipeline.run(HttpRequest("GET", url)) - def test_challenge_cache(): url_a = get_random_url() challenge_a = HttpChallenge(url_a, "Bearer authorization=authority A, resource=resource A") @@ -148,9 +148,7 @@ def test_challenge_parsing(): tenant = "tenant" authority = f"https://login.authority.net/{tenant}" resource = "https://challenge.resource" - challenge = HttpChallenge( - "https://request.uri", challenge=f"Bearer authorization={authority}, resource={resource}" - ) + challenge = HttpChallenge("https://request.uri", challenge=f"Bearer authorization={authority}, resource={resource}") assert challenge.get_authorization_server() == authority assert challenge.get_resource() == resource @@ -548,8 +546,8 @@ def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) transport_2 = validating_transport( requests=[Request(), Request(required_headers={"Authorization": f"Bearer {token}"})], @@ -557,8 +555,8 @@ def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) client = KeyClient(url, credential, transport=transport, verify_challenge_resource=verify_challenge_resource) @@ -603,8 +601,8 @@ def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) client = KeyClient(url, credential, transport=transport, verify_challenge_resource=verify_challenge_resource) diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth_async.py b/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth_async.py index 81ec711f6ad2..4834e9037d3a 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_challenge_auth_async.py @@ -19,7 +19,7 @@ from azure.core.pipeline import AsyncPipeline from azure.core.pipeline.policies import SansIOHTTPPolicy from azure.core.rest import HttpRequest -from azure.keyvault.keys._shared import AsyncChallengeAuthPolicy,HttpChallenge, HttpChallengeCache +from azure.keyvault.keys._shared import AsyncChallengeAuthPolicy, HttpChallenge, HttpChallengeCache from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION from azure.keyvault.keys.aio import KeyClient from devtools_testutils.aio import recorded_by_proxy_async @@ -45,7 +45,7 @@ class TestChallengeAuth(KeyVaultTestCase): @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_default_version) + @pytest.mark.parametrize("api_version,is_hsm", only_default_version) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_multitenant_authentication(self, client, is_hsm, **kwargs): @@ -131,9 +131,7 @@ async def get_token(*scopes, **_): credential = Mock(spec_set=["get_token"], get_token=Mock(wraps=get_token)) else: credential = Mock(spec_set=["get_token_info"], get_token_info=Mock(wraps=get_token)) - pipeline = AsyncPipeline( - policies=[AsyncChallengeAuthPolicy(credential=credential)], transport=Mock(send=send) - ) + pipeline = AsyncPipeline(policies=[AsyncChallengeAuthPolicy(credential=credential)], transport=Mock(send=send)) request = HttpRequest("POST", get_random_url()) request.set_bytes_body(expected_content) await pipeline.run(request) @@ -200,9 +198,7 @@ async def get_token(*_, options=None, **kwargs): credential = Mock(spec_set=["get_token"], get_token=Mock(wraps=get_token)) else: credential = Mock(spec_set=["get_token_info"], get_token_info=Mock(wraps=get_token)) - pipeline = AsyncPipeline( - policies=[AsyncChallengeAuthPolicy(credential=credential)], transport=Mock(send=send) - ) + pipeline = AsyncPipeline(policies=[AsyncChallengeAuthPolicy(credential=credential)], transport=Mock(send=send)) request = HttpRequest("POST", get_random_url()) request.set_bytes_body(expected_content) await pipeline.run(request) @@ -495,8 +491,8 @@ async def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) transport_2 = async_validating_transport( requests=[Request(), Request(required_headers={"Authorization": f"Bearer {token}"})], @@ -504,8 +500,8 @@ async def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) client = KeyClient(url, credential, transport=transport, verify_challenge_resource=verify_challenge_resource) @@ -550,8 +546,8 @@ async def get_token(*_, **__): mock_response( status_code=401, headers={"WWW-Authenticate": f'Bearer authorization="{url}", resource={resource}'} ), - mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}) - ] + mock_response(status_code=200, json_payload={"key": {"kid": f"{url}/key-name"}}), + ], ) client = KeyClient(url, credential, transport=transport, verify_challenge_resource=verify_challenge_resource) diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client.py b/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client.py index 45cb23d5b84b..382bee35dfb7 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression,too-many-lines # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -20,7 +21,7 @@ rsa_crt_dmq1, rsa_crt_iqmp, RSAPrivateNumbers, - RSAPublicNumbers + RSAPublicNumbers, ) from cryptography.hazmat.primitives.serialization import Encoding, NoEncryption, PrivateFormat, PublicFormat import pytest @@ -60,21 +61,21 @@ def _to_bytes(hex): # RSA key with private components so that the JWK can be used for private operations TEST_JWK = { - "kty":"RSA", - "key_ops":["decrypt", "verify", "unwrapKey"], - "n":_to_bytes( + "kty": "RSA", + "key_ops": ["decrypt", "verify", "unwrapKey"], + "n": _to_bytes( "00a0914d00234ac683b21b4c15d5bed887bdc959c2e57af54ae734e8f00720d775d275e455207e3784ceeb60a50a4655dd72a7a94d271e8ee8f7959a669ca6e775bf0e23badae991b4529d978528b4bd90521d32dd2656796ba82b6bbfc7668c8f5eeb5053747fd199319d29a8440d08f4412d527ff9311eda71825920b47b1c46b11ab3e91d7316407e89c7f340f7b85a34042ce51743b27d4718403d34c7b438af6181be05e4d11eb985d38253d7fe9bf53fc2f1b002d22d2d793fa79a504b6ab42d0492804d7071d727a06cf3a8893aa542b1503f832b296371b6707d4dc6e372f8fe67d8ded1c908fde45ce03bc086a71487fa75e43aa0e0679aa0d20efe35" ), - "e":_to_bytes("10001"), - "p":_to_bytes( + "e": _to_bytes("10001"), + "p": _to_bytes( "00d1deac8d68ddd2c1fd52d5999655b2cf1565260de5269e43fd2a85f39280e1708ffff0682166cb6106ee5ea5e9ffd9f98d0becc9ff2cda2febc97259215ad84b9051e563e14a051dce438bc6541a24ac4f014cf9732d36ebfc1e61a00d82cbe412090f7793cfbd4b7605be133dfc3991f7e1bed5786f337de5036fc1e2df4cf3" ), - "q":_to_bytes( + "q": _to_bytes( "00c3dc66b641a9b73cd833bc439cd34fc6574465ab5b7e8a92d32595a224d56d911e74624225b48c15a670282a51c40d1dad4bc2e9a3c8dab0c76f10052dfb053bc6ed42c65288a8e8bace7a8881184323f94d7db17ea6dfba651218f931a93b8f738f3d8fd3f6ba218d35b96861a0f584b0ab88ddcf446b9815f4d287d83a3237" ), - "d":_to_bytes( + "d": _to_bytes( "627c7d24668148fe2252c7fa649ea8a5a9ed44d75c766cda42b29b660e99404f0e862d4561a6c95af6a83d213e0a2244b03cd28576473215073785fb067f015da19084ade9f475e08b040a9a2c7ba00253bb8125508c9df140b75161d266be347a5e0f6900fe1d8bbf78ccc25eeb37e0c9d188d6e1fc15169ba4fe12276193d77790d2326928bd60d0d01d6ead8d6ac4861abadceec95358fd6689c50a1671a4a936d2376440a41445501da4e74bfb98f823bd19c45b94eb01d98fc0d2f284507f018ebd929b8180dbe6381fdd434bffb7800aaabdd973d55f9eaf9bb88a6ea7b28c2a80231e72de1ad244826d665582c2362761019de2e9f10cb8bcc2625649" - ) + ), } @@ -111,9 +112,10 @@ def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops assert key.kty == kty, f"kty should by '{key}', but is '{key.kty}'" assert key.n and key.e, "Bad RSA public material." assert sorted(key_ops) == sorted(key.key_ops), f"keyOps should be '{key_ops}', but is '{key.key_ops}'" - - assert key_attributes.properties.created_on and key_attributes.properties.updated_on, "Missing required date attributes." - + + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kty): prefix = "/".join(s.strip("/") for s in [vault, "keys", key_name]) @@ -122,7 +124,9 @@ def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kt assert key_curve == key.crv assert kid.index(prefix) == 0, f"Key Id should start with '{prefix}', but value is '{kid}'" assert key.kty == kty, f"kty should by '{key}', but is '{key.kty}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _import_test_key(self, client, name, hardware_protected=False): key = JsonWebKey( @@ -169,7 +173,7 @@ def _import_symmetric_test_key(self, client, name): assert key_vault_key.key.kid == imported_key.id == key_vault_key.id return key_vault_key - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_ec_key_id(self, key_client, is_hsm, **kwargs): @@ -185,7 +189,7 @@ def test_ec_key_id(self, key_client, is_hsm, **kwargs): crypto_client.verify(SignatureAlgorithm.es256_k, hashlib.sha256(self.plaintext).digest(), self.plaintext) - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_rsa_key_id(self, key_client, is_hsm, **kwargs): @@ -399,7 +403,7 @@ def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): encrypt_result.ciphertext, iv=encrypt_result.iv, authentication_tag=encrypt_result.tag, - additional_authenticated_data=self.aad + additional_authenticated_data=self.aad, ) else: encrypt_result = crypto_client.encrypt( @@ -410,13 +414,15 @@ def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): encrypt_result.algorithm, encrypt_result.ciphertext, iv=encrypt_result.iv, - additional_authenticated_data=None if "CBC" in algorithm else self.aad + additional_authenticated_data=None if "CBC" in algorithm else self.aad, ) assert decrypt_result.key_id == imported_key.id assert decrypt_result.algorithm == algorithm if algorithm.endswith("CBC"): - assert decrypt_result.plaintext.startswith(self.plaintext) # AES-CBC returns a zero-padded plaintext + assert decrypt_result.plaintext.startswith( + self.plaintext + ) # AES-CBC returns a zero-padded plaintext else: assert decrypt_result.plaintext == self.plaintext @@ -436,7 +442,7 @@ def test_symmetric_wrap_and_unwrap(self, key_client, **kwargs): result = crypto_client.unwrap_key(result.algorithm, result.encrypted_key) assert result.key == self.plaintext - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_encrypt_local(self, key_client, is_hsm, **kwargs): @@ -453,7 +459,7 @@ def test_encrypt_local(self, key_client, is_hsm, **kwargs): result = crypto_client.decrypt(result.algorithm, result.ciphertext) assert result.plaintext == self.plaintext - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_encrypt_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -470,8 +476,8 @@ def test_encrypt_local_from_jwk(self, key_client, is_hsm, **kwargs): result = crypto_client.decrypt(result.algorithm, result.ciphertext) assert result.plaintext == self.plaintext - - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @KeysClientPreparer() @recorded_by_proxy def test_symmetric_encrypt_local(self, key_client, **kwargs): @@ -499,7 +505,7 @@ def test_symmetric_encrypt_local(self, key_client, **kwargs): assert decrypt_result.key_id == imported_key.id assert decrypt_result.algorithm == algorithm assert decrypt_result.plaintext == self.plaintext - + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @KeysClientPreparer() @recorded_by_proxy @@ -524,14 +530,14 @@ def test_symmetric_decrypt_local(self, key_client, **kwargs): encrypt_result.algorithm, encrypt_result.ciphertext, iv=encrypt_result.iv, - additional_authenticated_data=self.aad + additional_authenticated_data=self.aad, ) assert decrypt_result.key_id == imported_key.id assert decrypt_result.algorithm == algorithm assert decrypt_result.plaintext == self.plaintext - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_wrap_local(self, key_client, is_hsm, **kwargs): @@ -547,7 +553,7 @@ def test_wrap_local(self, key_client, is_hsm, **kwargs): result = crypto_client.unwrap_key(result.algorithm, result.encrypted_key) assert result.key == self.plaintext - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_wrap_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -564,7 +570,7 @@ def test_wrap_local_from_jwk(self, key_client, is_hsm, **kwargs): result = crypto_client.unwrap_key(result.algorithm, result.encrypted_key) assert result.key == self.plaintext - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_rsa_verify_local(self, key_client, is_hsm, **kwargs): @@ -589,7 +595,7 @@ def test_rsa_verify_local(self, key_client, is_hsm, **kwargs): result = crypto_client.verify(result.algorithm, digest, result.signature) assert result.is_valid - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -600,12 +606,12 @@ def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): crypto_client = self.create_crypto_client(key, api_version=key_client.api_version) local_client = CryptographyClient.from_jwk(key.key) for signature_algorithm, hash_function in ( - (SignatureAlgorithm.ps256, hashlib.sha256), - (SignatureAlgorithm.ps384, hashlib.sha384), - (SignatureAlgorithm.ps512, hashlib.sha512), - (SignatureAlgorithm.rs256, hashlib.sha256), - (SignatureAlgorithm.rs384, hashlib.sha384), - (SignatureAlgorithm.rs512, hashlib.sha512), + (SignatureAlgorithm.ps256, hashlib.sha256), + (SignatureAlgorithm.ps384, hashlib.sha384), + (SignatureAlgorithm.ps512, hashlib.sha512), + (SignatureAlgorithm.rs256, hashlib.sha256), + (SignatureAlgorithm.rs384, hashlib.sha384), + (SignatureAlgorithm.rs512, hashlib.sha512), ): digest = hash_function(self.plaintext).digest() @@ -615,7 +621,7 @@ def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): result = local_client.verify(result.algorithm, digest, result.signature) assert result.is_valid - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_ec_verify_local(self, key_client, is_hsm, **kwargs): @@ -640,7 +646,7 @@ def test_ec_verify_local(self, key_client, is_hsm, **kwargs): result = crypto_client.verify(result.algorithm, digest, result.signature) assert result.is_valid - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_ec_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -666,11 +672,12 @@ def test_ec_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): result = local_client.verify(result.algorithm, digest, result.signature) assert result.is_valid - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_local_validity_period_enforcement(self, key_client, is_hsm, **kwargs): """Local crypto operations should respect a key's nbf and exp properties""" + def test_operations(key, expected_error_substrings, encrypt_algorithms, wrap_algorithms): crypto_client = self.create_crypto_client(key, api_version=key_client.api_version) for algorithm in encrypt_algorithms: @@ -713,7 +720,7 @@ def test_operations(key, expected_error_substrings, encrypt_algorithms, wrap_alg valid_key, (str(the_year_3000), str(the_year_3001)), rsa_encryption_algorithms, rsa_wrap_algorithms ) - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_send_request(self, key_client, is_hsm, **kwargs): @@ -734,7 +741,7 @@ def test_send_request(self, key_client, is_hsm, **kwargs): method="POST", url=f"keys/{key_name}/{imported_key.properties.version}/sign", headers={"Accept": "application/json"}, - json=json + json=json, ) response = crypto_client.send_request(request) response.raise_for_status() @@ -1081,7 +1088,7 @@ def test_rsa_public_key_public_bytes(): public_numbers = public_key.public_numbers() crypto_public_numbers = RSAPublicNumbers(e=public_numbers.e, n=public_numbers.n) crypto_public_bytes = crypto_public_numbers.public_key().public_bytes(Encoding.PEM, PublicFormat.PKCS1) - assert public_bytes == crypto_public_bytes + assert public_bytes == crypto_public_bytes def test_rsa_public_key_private_key_size(): diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client_async.py b/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client_async.py index 18bd7007d5e6..ddbb2207e98f 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_crypto_client_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -70,8 +71,9 @@ def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops assert key.kty == kty, f"kty should by '{key}', but is '{key.kty}'" assert key.n and key.e, "Bad RSA public material." assert sorted(key_ops) == sorted(key.key_ops), f"keyOps should be '{key_ops}', but is '{key.key_ops}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." - + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kty): prefix = "/".join(s.strip("/") for s in [vault, "keys", key_name]) @@ -80,7 +82,9 @@ def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kt assert key_curve == key.crv assert kid.index(prefix) == 0, f"Key Id should start with '{prefix}', but value is '{kid}'" assert key.kty == kty, f"kty should by '{key}', but is '{key.kty}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." async def _import_test_key(self, client, name, hardware_protected=False): def _to_bytes(hex): @@ -133,7 +137,7 @@ async def _import_symmetric_test_key(self, client, name): return key_vault_key @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_ec_key_id(self, key_client, is_hsm, **kwargs): @@ -150,7 +154,7 @@ async def test_ec_key_id(self, key_client, is_hsm, **kwargs): await crypto_client.verify(SignatureAlgorithm.es256, hashlib.sha256(self.plaintext).digest(), self.plaintext) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_rsa_key_id(self, key_client, is_hsm, **kwargs): @@ -169,7 +173,7 @@ async def test_rsa_key_id(self, key_client, is_hsm, **kwargs): await crypto_client.wrap_key(KeyWrapAlgorithm.rsa_oaep, self.plaintext) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_encrypt_and_decrypt(self, key_client, is_hsm, **kwargs): @@ -188,7 +192,7 @@ async def test_encrypt_and_decrypt(self, key_client, is_hsm, **kwargs): assert self.plaintext == result.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_sign_and_verify(self, key_client, is_hsm, **kwargs): @@ -211,7 +215,7 @@ async def test_sign_and_verify(self, key_client, is_hsm, **kwargs): assert verified.is_valid @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_wrap_and_unwrap(self, key_client, is_hsm, **kwargs): @@ -231,7 +235,7 @@ async def test_wrap_and_unwrap(self, key_client, is_hsm, **kwargs): assert key_bytes == result.key @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): @@ -257,7 +261,7 @@ async def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): result.ciphertext, iv=result.iv, authentication_tag=result.tag, - additional_authenticated_data=self.aad + additional_authenticated_data=self.aad, ) else: result = await crypto_client.encrypt( @@ -268,7 +272,7 @@ async def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): result.algorithm, result.ciphertext, iv=self.iv, - additional_authenticated_data=None if "CBC" in algorithm else self.aad + additional_authenticated_data=None if "CBC" in algorithm else self.aad, ) assert result.key_id == imported_key.id @@ -279,7 +283,7 @@ async def test_symmetric_encrypt_and_decrypt(self, key_client, **kwargs): assert result.plaintext == self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_symmetric_wrap_and_unwrap(self, key_client, **kwargs): @@ -296,7 +300,7 @@ async def test_symmetric_wrap_and_unwrap(self, key_client, **kwargs): assert result.key == self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_encrypt_local(self, key_client, is_hsm, **kwargs): @@ -333,7 +337,7 @@ async def test_encrypt_local_from_jwk(self, key_client, is_hsm, **kwargs): assert result.plaintext, self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_symmetric_encrypt_local(self, key_client, **kwargs): @@ -363,7 +367,7 @@ async def test_symmetric_encrypt_local(self, key_client, **kwargs): assert decrypt_result.plaintext == self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_symmetric_decrypt_local(self, key_client, **kwargs): @@ -387,7 +391,7 @@ async def test_symmetric_decrypt_local(self, key_client, **kwargs): encrypt_result.algorithm, encrypt_result.ciphertext, iv=encrypt_result.iv, - additional_authenticated_data=self.aad + additional_authenticated_data=self.aad, ) assert decrypt_result.key_id == imported_key.id @@ -395,7 +399,7 @@ async def test_symmetric_decrypt_local(self, key_client, **kwargs): assert decrypt_result.plaintext == self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_wrap_local(self, key_client, is_hsm, **kwargs): @@ -412,7 +416,7 @@ async def test_wrap_local(self, key_client, is_hsm, **kwargs): assert result.key, self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_wrap_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -430,7 +434,7 @@ async def test_wrap_local_from_jwk(self, key_client, is_hsm, **kwargs): assert result.key, self.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_rsa_verify_local(self, key_client, is_hsm, **kwargs): @@ -456,7 +460,7 @@ async def test_rsa_verify_local(self, key_client, is_hsm, **kwargs): assert result.is_valid @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -467,12 +471,12 @@ async def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): crypto_client = self.create_crypto_client(key, is_async=True, api_version=key_client.api_version) local_client = CryptographyClient.from_jwk(key.key) for signature_algorithm, hash_function in ( - (SignatureAlgorithm.ps256, hashlib.sha256), - (SignatureAlgorithm.ps384, hashlib.sha384), - (SignatureAlgorithm.ps512, hashlib.sha512), - (SignatureAlgorithm.rs256, hashlib.sha256), - (SignatureAlgorithm.rs384, hashlib.sha384), - (SignatureAlgorithm.rs512, hashlib.sha512), + (SignatureAlgorithm.ps256, hashlib.sha256), + (SignatureAlgorithm.ps384, hashlib.sha384), + (SignatureAlgorithm.ps512, hashlib.sha512), + (SignatureAlgorithm.rs256, hashlib.sha256), + (SignatureAlgorithm.rs384, hashlib.sha384), + (SignatureAlgorithm.rs512, hashlib.sha512), ): digest = hash_function(self.plaintext).digest() @@ -483,7 +487,7 @@ async def test_rsa_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): assert result.is_valid @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_ec_verify_local(self, key_client, is_hsm, **kwargs): @@ -509,7 +513,7 @@ async def test_ec_verify_local(self, key_client, is_hsm, **kwargs): assert result.is_valid @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_ec_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): @@ -536,11 +540,12 @@ async def test_ec_verify_local_from_jwk(self, key_client, is_hsm, **kwargs): assert result.is_valid @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_local_validity_period_enforcement(self, key_client, is_hsm, **kwargs): """Local crypto operations should respect a key's nbf and exp properties""" + async def test_operations(key, expected_error_substrings, encrypt_algorithms, wrap_algorithms): crypto_client = self.create_crypto_client(key, is_async=True, api_version=key_client.api_version) crypto_client._keys_get_forbidden = True # Prevent caching key material locally, to force remote ops @@ -587,7 +592,7 @@ async def test_operations(key, expected_error_substrings, encrypt_algorithms, wr ) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_send_request(self, key_client, is_hsm, **kwargs): @@ -608,7 +613,7 @@ async def test_send_request(self, key_client, is_hsm, **kwargs): method="POST", url=f"keys/{key_name}/{imported_key.properties.version}/sign", headers={"Accept": "application/json"}, - json=json + json=json, ) response = await crypto_client.send_request(request) response.raise_for_status() @@ -632,7 +637,10 @@ class CustomHookPolicy(SansIOHTTPPolicy): @pytest.mark.asyncio async def test_symmetric_wrap_and_unwrap_local(): key = KeyVaultKey( - key_id="http://localhost/keys/key/version", k=os.urandom(32), kty="oct", key_ops=["unwrapKey", "wrapKey"], + key_id="http://localhost/keys/key/version", + k=os.urandom(32), + kty="oct", + key_ops=["unwrapKey", "wrapKey"], ) crypto_client = CryptographyClient(key, credential=lambda *_: None) @@ -795,7 +803,7 @@ async def test_local_only_mode_no_service_calls(): async def test_local_only_mode_raise(): """A local-only CryptographyClient should raise an exception if an operation can't be performed locally""" - jwk = {"kty":"RSA", "key_ops":["decrypt", "verify", "unwrapKey"], "n":b"10011", "e":b"10001"} + jwk = {"kty": "RSA", "key_ops": ["decrypt", "verify", "unwrapKey"], "n": b"10011", "e": b"10001"} client = CryptographyClient.from_jwk(jwk=jwk) # Algorithm not supported locally @@ -908,7 +916,7 @@ async def test_aes_cbc_iv_validation(): @pytest.mark.asyncio async def test_encrypt_argument_validation(): """The client should raise an error when arguments don't work with the specified algorithm""" - + mock_client = mock.Mock() key = mock.Mock( spec=KeyVaultKey, diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto.py b/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto.py index a1cdd20eeb4d..82f3aef073b2 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto.py @@ -12,6 +12,7 @@ all_api_versions = get_decorator(only_vault=True) + class TestCryptoExamples(KeyVaultTestCase, KeysTestCase): @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @@ -59,7 +60,9 @@ def test_wrap_unwrap(self, key_client, **kwargs): key = key_client.create_rsa_key(key_name) client = CryptographyClient(key, credential, api_version=key_client.api_version) - key_bytes = b'\xc5\xb0\xfc\xf1C\x8a\x88pj\x11\x8d\xe5\x94\xe8\xff\x04\x0eY\xfeu\x8a\xe9<\x06(\xdb\x7f\xa9~\x85\x02\x04' + key_bytes = ( + b"\xc5\xb0\xfc\xf1C\x8a\x88pj\x11\x8d\xe5\x94\xe8\xff\x04\x0eY\xfeu\x8a\xe9<\x06(\xdb\x7f\xa9~\x85\x02\x04" + ) # [START wrap_key] from azure.keyvault.keys.crypto import KeyWrapAlgorithm diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto_async.py b/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto_async.py index 287d673c65db..08320d36b5a4 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_examples_crypto_async.py @@ -15,7 +15,7 @@ class TestCryptoExamples(KeyVaultTestCase): @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_encrypt_decrypt_async(self, key_client, **kwargs): @@ -58,7 +58,7 @@ async def test_encrypt_decrypt_async(self, key_client, **kwargs): # [END decrypt] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_wrap_unwrap_async(self, key_client, **kwargs): @@ -67,7 +67,9 @@ async def test_wrap_unwrap_async(self, key_client, **kwargs): key = await key_client.create_rsa_key(key_name) client = CryptographyClient(key, credential, api_version=key_client.api_version) - key_bytes = b'\xc5\xb0\xfc\xf1C\x8a\x88pj\x11\x8d\xe5\x94\xe8\xff\x04\x0eY\xfeu\x8a\xe9<\x06(\xdb\x7f\xa9~\x85\x02\x04' + key_bytes = ( + b"\xc5\xb0\xfc\xf1C\x8a\x88pj\x11\x8d\xe5\x94\xe8\xff\x04\x0eY\xfeu\x8a\xe9<\x06(\xdb\x7f\xa9~\x85\x02\x04" + ) # [START wrap_key] from azure.keyvault.keys.crypto import KeyWrapAlgorithm @@ -86,7 +88,7 @@ async def test_wrap_unwrap_async(self, key_client, **kwargs): # [END unwrap_key] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_sign_verify_async(self, key_client, **kwargs): diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_key_client.py b/sdk/keyvault/azure-keyvault-keys/tests/test_key_client.py index 9fe97370442c..18d2a9d8c8f2 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_key_client.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_key_client.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -23,7 +24,7 @@ KeyRotationLifetimeAction, KeyRotationPolicy, KeyRotationPolicyAction, - KeyType + KeyType, ) from azure.keyvault.keys._generated.models import KeyRotationPolicy as _KeyRotationPolicy from azure.keyvault.keys._shared.client_base import DEFAULT_VERSION @@ -54,6 +55,7 @@ def _assert_rotation_policies_equal(p1, p2): assert p1.updated_on == p2.updated_on assert len(p1.lifetime_actions) == len(p2.lifetime_actions) + def _assert_lifetime_actions_equal(a1, a2): assert a1.action == a2.action assert a1.time_after_create == a2.time_after_create @@ -115,8 +117,9 @@ def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kt assert key_curve == key.crv assert kid.index(prefix) == 0, f"Key Id should start with '{prefix}', but value is '{kid}'" assert key.kty == kty, f"kty should be '{kty}', but is '{key.kty}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." - + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops): prefix = "/".join(s.strip("/") for s in [vault, "keys", key_name]) @@ -126,7 +129,9 @@ def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops assert key.kty == kty, f"kty should be '{kty}', but is '{key.kty}'" assert key.n and key.e, "Bad RSA public material." assert sorted(key_ops) == sorted(key.key_ops), f"keyOps should be '{key_ops}', but is '{key.key_ops}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on, "Missing required date attributes." + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _update_key_properties(self, client, key, release_policy=None): expires = date_parse.parse("2050-01-02T08:00:00.000Z") @@ -184,7 +189,7 @@ def _to_bytes(hex): self._validate_rsa_key_bundle(imported_key, client.vault_url, name, key.kty, key.key_ops) return imported_key - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_key_crud_operations(self, client, is_hsm, **kwargs): @@ -210,7 +215,7 @@ def test_key_crud_operations(self, client, is_hsm, **kwargs): # create rsa key rsa_key_name = self.get_resource_name("crud-rsa-key") tags = {"purpose": "unit test", "test name ": "CreateRSAKeyTest"} - key_ops = ["encrypt","decrypt","sign","verify","wrapKey","unwrapKey"] + key_ops = ["encrypt", "decrypt", "sign", "verify", "wrapKey", "unwrapKey"] rsa_key = self._create_rsa_key( client, key_name=rsa_key_name, key_operations=key_ops, size=2048, tags=tags, hardware_protected=is_hsm ) @@ -239,8 +244,10 @@ def test_key_crud_operations(self, client, is_hsm, **kwargs): # aside from key_ops, the original updated keys should have the same JWKs self._assert_jwks_equal(rsa_key.key, deleted_key.key) assert deleted_key.id == rsa_key.id - assert deleted_key.recovery_id and deleted_key.deleted_date and deleted_key.scheduled_purge_date, "Missing required deleted key attributes." - + assert ( + deleted_key.recovery_id and deleted_key.deleted_date and deleted_key.scheduled_purge_date + ), "Missing required deleted key attributes." + deleted_key_poller.wait() # get the deleted key when soft deleted enabled @@ -248,7 +255,7 @@ def test_key_crud_operations(self, client, is_hsm, **kwargs): assert deleted_key is not None assert rsa_key.id == deleted_key.id - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @KeysClientPreparer() @recorded_by_proxy def test_rsa_public_exponent(self, client, **kwargs): @@ -260,7 +267,7 @@ def test_rsa_public_exponent(self, client, **kwargs): public_exponent = key.key.e[0] assert public_exponent == 17 - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_backup_restore(self, client, is_hsm, **kwargs): @@ -286,7 +293,7 @@ def test_backup_restore(self, client, is_hsm, **kwargs): restored_key = self._poll_until_no_exception(restore_function, ResourceExistsError) self._assert_key_attributes_equal(created_bundle.properties, restored_key.properties) - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_key_list(self, client, is_hsm, **kwargs): @@ -309,7 +316,7 @@ def test_key_list(self, client, is_hsm, **kwargs): del expected[key.name] assert len(expected) == 0 - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_list_versions(self, client, is_hsm, **kwargs): @@ -336,7 +343,7 @@ def test_list_versions(self, client, is_hsm, **kwargs): assert 0 == len(expected) @pytest.mark.skip("Temporarily disabled due to service issue") - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_list_deleted_keys(self, client, is_hsm, **kwargs): @@ -367,7 +374,7 @@ def test_list_deleted_keys(self, client, is_hsm, **kwargs): del expected[key.name] @pytest.mark.skip("Temporarily disabled due to service issue") - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_recover(self, client, is_hsm, **kwargs): @@ -393,7 +400,7 @@ def test_recover(self, client, is_hsm, **kwargs): expected_key = keys[key_name] self._assert_key_attributes_equal(expected_key.properties, recovered_key.properties) - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_purge(self, client, is_hsm, **kwargs): @@ -424,8 +431,8 @@ def test_purge(self, client, is_hsm, **kwargs): deleted = [s.name for s in client.list_deleted_keys()] assert not any(s in deleted for s in key_names) - @pytest.mark.parametrize("api_version,is_hsm",logging_enabled) - @KeysClientPreparer(logging_enable = True) + @pytest.mark.parametrize("api_version,is_hsm", logging_enabled) + @KeysClientPreparer(logging_enable=True) @recorded_by_proxy def test_logging_enabled(self, client, is_hsm, **kwargs): mock_handler = MockHandler() @@ -459,8 +466,8 @@ def test_logging_enabled(self, client, is_hsm, **kwargs): mock_handler.close() assert False, "Expected request body wasn't logged" - @pytest.mark.parametrize("api_version,is_hsm",logging_enabled) - @KeysClientPreparer(logging_enable = False) + @pytest.mark.parametrize("api_version,is_hsm", logging_enabled) + @KeysClientPreparer(logging_enable=False) @recorded_by_proxy def test_logging_disabled(self, client, is_hsm, **kwargs): mock_handler = MockHandler() @@ -493,7 +500,7 @@ def test_logging_disabled(self, client, is_hsm, **kwargs): mock_handler.close() - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_get_random_bytes(self, client, **kwargs): @@ -509,11 +516,11 @@ def test_get_random_bytes(self, client, **kwargs): assert all(random_bytes != rb for rb in generated_random_bytes) generated_random_bytes.append(random_bytes) - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_key_release(self, client, is_hsm, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") if is_hsm and client.api_version == ApiVersion.V7_5: pytest.skip("Currently failing on 7.5-preview.1; skipping for now") @@ -538,7 +545,7 @@ def test_key_release(self, client, is_hsm, **kwargs): if self.is_live and "Target environment attestation statement cannot be verified" in ex.message: pytest.skip("Target environment attestation statement cannot be verified. Likely transient failure.") - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_imported_key_release(self, client, **kwargs): @@ -560,11 +567,11 @@ def test_imported_key_release(self, client, **kwargs): release_result = client.release_key(imported_key_name, attestation) assert release_result.value - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_update_release_policy(self, client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") if client.api_version == ApiVersion.V7_5: pytest.skip("Currently failing on 7.5-preview.1; skipping for now") @@ -584,17 +591,9 @@ def test_update_release_policy(self, client, **kwargs): new_release_policy_json = { "anyOf": [ - { - "anyOf": [ - { - "claim": "sdk-test", - "equals": False - } - ], - "authority": attestation_uri.rstrip("/") + "/" - } + {"anyOf": [{"claim": "sdk-test", "equals": False}], "authority": attestation_uri.rstrip("/") + "/"} ], - "version": "1.0.0" + "version": "1.0.0", } policy_string = json.dumps(new_release_policy_json).encode() new_release_policy = KeyReleasePolicy(policy_string) @@ -605,12 +604,12 @@ def test_update_release_policy(self, client, **kwargs): claim_condition = claim_condition if isinstance(claim_condition, bool) else json.loads(claim_condition) assert claim_condition is False - #Immutable policies aren't currently supported on Managed HSM - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + # Immutable policies aren't currently supported on Managed HSM + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_immutable_release_policy(self, client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") attestation_uri = self._get_attestation_uri() @@ -624,17 +623,9 @@ def test_immutable_release_policy(self, client, **kwargs): new_release_policy_json = { "anyOf": [ - { - "anyOf": [ - { - "claim": "sdk-test", - "equals": False - } - ], - "authority": attestation_uri.rstrip("/") + "/" - } + {"anyOf": [{"claim": "sdk-test", "equals": False}], "authority": attestation_uri.rstrip("/") + "/"} ], - "version": "1.0.0" + "version": "1.0.0", } policy_string = json.dumps(new_release_policy_json).encode() new_release_policy = KeyReleasePolicy(policy_string, immutable=True) @@ -642,11 +633,11 @@ def test_immutable_release_policy(self, client, **kwargs): with pytest.raises(HttpResponseError): self._update_key_properties(client, key, new_release_policy) - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_key_rotation(self, client, is_hsm, **kwargs): - if (not is_public_cloud() and self.is_live): + if not is_public_cloud() and self.is_live: pytest.skip("This test is not supported in usgov/china region. Follow up with service team.") key_name = self.get_resource_name("rotation-key") @@ -663,11 +654,11 @@ def test_key_rotation(self, client, is_hsm, **kwargs): assert key.properties.version != rotated_key.properties.version assert key.key.n != rotated_key.key.n - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_key_rotation_policy(self, client, is_hsm, **kwargs): - if (not is_public_cloud() and self.is_live): + if not is_public_cloud() and self.is_live: pytest.skip("This test is not supported in usgov/china region. Follow up with service team.") key_name = self.get_resource_name("rotation-key") @@ -720,7 +711,9 @@ def test_key_rotation_policy(self, client, is_hsm, **kwargs): if not is_hsm: # updating with a round-tripped policy and overriding lifetime_actions newest_actions = [KeyRotationLifetimeAction(KeyRotationPolicyAction.notify, time_before_expiry="P60D")] - newest_policy = client.update_key_rotation_policy(key_name, policy=new_policy, lifetime_actions=newest_actions) + newest_policy = client.update_key_rotation_policy( + key_name, policy=new_policy, lifetime_actions=newest_actions + ) newest_fetched_policy = client.get_key_rotation_policy(key_name) assert newest_policy.expires_in == "P90D" _assert_rotation_policies_equal(newest_policy, newest_fetched_policy) @@ -738,7 +731,7 @@ def test_key_rotation_policy(self, client, is_hsm, **kwargs): newest_fetched_policy_actions = newest_fetched_policy.lifetime_actions[i] _assert_lifetime_actions_equal(newest_policy_actions, newest_fetched_policy_actions) - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_get_cryptography_client(self, client, is_hsm, **kwargs): @@ -774,7 +767,7 @@ def test_get_cryptography_client(self, client, is_hsm, **kwargs): assert "RSA-OAEP" == result.algorithm assert plaintext == result.plaintext - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @KeysClientPreparer() @recorded_by_proxy def test_send_request(self, client, is_hsm, **kwargs): @@ -790,7 +783,7 @@ def test_send_request(self, client, is_hsm, **kwargs): response = client.send_request(request) assert response.json()["key"]["kid"] == key.id - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_default) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_default) @KeysClientPreparer() @recorded_by_proxy def test_get_key_attestation(self, client, **kwargs): @@ -834,6 +827,7 @@ def test_40x_handling(self, client, **kwargs): # Test that 409 is raised correctly (`create_key` shouldn't actually trigger this, but for raising behavior) def run(*_, **__): return Mock(http_response=Mock(status_code=409)) + with patch.object(client._client._client._pipeline, "run", run): with pytest.raises(ResourceExistsError): client.create_key("...", "RSA") diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_keys_async.py b/sdk/keyvault/azure-keyvault-keys/tests/test_keys_async.py index f7a8c1fcf8c1..65b553d0b3f4 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_keys_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_keys_async.py @@ -1,3 +1,4 @@ +# pylint: disable=line-too-long,useless-suppression # ------------------------------------ # Copyright (c) Microsoft Corporation. # Licensed under the MIT License. @@ -28,7 +29,13 @@ import pytest from _shared.test_case_async import KeyVaultTestCase -from _async_test_case import get_attestation_token, get_decorator, get_release_policy, is_public_cloud, AsyncKeysClientPreparer +from _async_test_case import ( + get_attestation_token, + get_decorator, + get_release_policy, + is_public_cloud, + AsyncKeysClientPreparer, +) from test_key_client import _assert_lifetime_actions_equal, _assert_rotation_policies_equal from devtools_testutils import set_bodiless_matcher from devtools_testutils.aio import recorded_by_proxy_async @@ -38,12 +45,8 @@ all_api_versions = get_decorator(is_async=True) only_hsm = get_decorator(only_hsm=True, is_async=True) only_hsm_default = get_decorator(only_hsm=True, is_async=True, api_versions=[DEFAULT_VERSION]) -only_hsm_7_4_plus = get_decorator( - only_hsm=True, is_async=True, api_versions=[ApiVersion.V7_4, ApiVersion.V7_5] -) -only_vault_7_4_plus = get_decorator( - only_vault=True, is_async=True, api_versions=[ApiVersion.V7_4, ApiVersion.V7_5] -) +only_hsm_7_4_plus = get_decorator(only_hsm=True, is_async=True, api_versions=[ApiVersion.V7_4, ApiVersion.V7_5]) +only_vault_7_4_plus = get_decorator(only_vault=True, is_async=True, api_versions=[ApiVersion.V7_4, ApiVersion.V7_5]) only_7_4_plus = get_decorator(is_async=True, api_versions=[ApiVersion.V7_4, ApiVersion.V7_5]) logging_enabled = get_decorator(is_async=True, logging_enable=True) logging_disabled = get_decorator(is_async=True, logging_enable=False) @@ -69,15 +72,15 @@ def _assert_jwks_equal(self, jwk1, jwk2): assert getattr(jwk1, field) == getattr(jwk2, field) def _assert_key_attributes_equal(self, k1: KeyProperties, k2: KeyProperties) -> None: - assert k1.name== k2.name - assert k1.vault_url== k2.vault_url - assert k1.enabled== k2.enabled - assert k1.not_before== k2.not_before - assert k1.expires_on== k2.expires_on - assert k1.created_on== k2.created_on - assert k1.updated_on== k2.updated_on - assert k1.tags== k2.tags - assert k1.recovery_level== k2.recovery_level + assert k1.name == k2.name + assert k1.vault_url == k2.vault_url + assert k1.enabled == k2.enabled + assert k1.not_before == k2.not_before + assert k1.expires_on == k2.expires_on + assert k1.created_on == k2.created_on + assert k1.updated_on == k2.updated_on + assert k1.tags == k2.tags + assert k1.recovery_level == k2.recovery_level assert k1.hsm_platform == k2.hsm_platform async def _create_rsa_key(self, client, key_name, **kwargs): @@ -107,7 +110,9 @@ def _validate_ec_key_bundle(self, key_curve, key_attributes, vault, key_name, kt assert key_curve == key.crv assert kid.index(prefix) == 0, f"Key Id should start with '{prefix}', but value is '{kid}'" assert key.kty == kty, f"kty should be '{kty}', but is '{key.kty}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops): prefix = "/".join(s.strip("/") for s in [vault, "keys", key_name]) @@ -117,7 +122,9 @@ def _validate_rsa_key_bundle(self, key_attributes, vault, key_name, kty, key_ops assert key.kty == kty, f"kty should be '{kty}', but is '{key.kty}'" assert key.n and key.e, "Bad RSA public material." assert sorted(key_ops) == sorted(key.key_ops), f"keyOps should be '{key_ops}', but is '{key.key_ops}'" - assert key_attributes.properties.created_on and key_attributes.properties.updated_on,"Missing required date attributes." + assert ( + key_attributes.properties.created_on and key_attributes.properties.updated_on + ), "Missing required date attributes." async def _update_key_properties(self, client, key, release_policy=None): expires = date_parse.parse("2050-01-02T08:00:00.000Z") @@ -183,7 +190,7 @@ def _to_bytes(hex): return imported_key @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_key_crud_operations(self, client, is_hsm, **kwargs): @@ -224,9 +231,7 @@ async def test_key_crud_operations(self, client, is_hsm, **kwargs): self._assert_key_attributes_equal(rsa_key.properties, key.properties) # get key without version - self._assert_key_attributes_equal( - rsa_key.properties, (await client.get_key(rsa_key.name)).properties - ) + self._assert_key_attributes_equal(rsa_key.properties, (await client.get_key(rsa_key.name)).properties) # update key with version if self.is_live: @@ -242,7 +247,9 @@ async def test_key_crud_operations(self, client, is_hsm, **kwargs): # aside from key_ops, the original updated keys should have the same JWKs self._assert_jwks_equal(rsa_key.key, deleted_key.key) assert deleted_key.id == rsa_key.id - assert deleted_key.recovery_id and deleted_key.deleted_date and deleted_key.scheduled_purge_date,"Missing required deleted key attributes." + assert ( + deleted_key.recovery_id and deleted_key.deleted_date and deleted_key.scheduled_purge_date + ), "Missing required deleted key attributes." # get the deleted key when soft deleted enabled deleted_key = await client.get_deleted_key(rsa_key.name) @@ -250,7 +257,7 @@ async def test_key_crud_operations(self, client, is_hsm, **kwargs): assert rsa_key.id == deleted_key.id @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_rsa_public_exponent(self, client, **kwargs): @@ -263,7 +270,7 @@ async def test_rsa_public_exponent(self, client, **kwargs): assert public_exponent == 17 @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_backup_restore(self, client, is_hsm, **kwargs): @@ -276,7 +283,7 @@ async def test_backup_restore(self, client, is_hsm, **kwargs): # backup key key_backup = await client.backup_key(created_bundle.name) - #self.assertIsNotNone(key_backup, "key_backup") + # self.assertIsNotNone(key_backup, "key_backup") assert key_backup is not None # delete key @@ -291,7 +298,7 @@ async def test_backup_restore(self, client, is_hsm, **kwargs): self._assert_key_attributes_equal(created_bundle.properties, restored_key.properties) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_key_list(self, client, is_hsm, **kwargs): @@ -315,7 +322,7 @@ async def test_key_list(self, client, is_hsm, **kwargs): assert len(expected) == 0 @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_list_versions(self, client, is_hsm, **kwargs): @@ -343,7 +350,7 @@ async def test_list_versions(self, client, is_hsm, **kwargs): @pytest.mark.asyncio @pytest.mark.skip("Temporarily disabled due to service issue") - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_list_deleted_keys(self, client, is_hsm, **kwargs): @@ -376,7 +383,7 @@ async def test_list_deleted_keys(self, client, is_hsm, **kwargs): @pytest.mark.asyncio @pytest.mark.skip("Temporarily disabled due to service issue") - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_recover(self, client, is_hsm, **kwargs): @@ -407,7 +414,7 @@ async def test_recover(self, client, is_hsm, **kwargs): assert len(set(expected.keys()) & set(actual.keys())) == len(expected) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_purge(self, client, is_hsm, **kwargs): @@ -435,8 +442,8 @@ async def test_purge(self, client, is_hsm, **kwargs): assert deleted_key.name not in key_names @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",logging_enabled) - @AsyncKeysClientPreparer(logging_enable = True) + @pytest.mark.parametrize("api_version,is_hsm", logging_enabled) + @AsyncKeysClientPreparer(logging_enable=True) @recorded_by_proxy_async async def test_logging_enabled(self, client, is_hsm, **kwargs): mock_handler = MockHandler() @@ -471,8 +478,8 @@ async def test_logging_enabled(self, client, is_hsm, **kwargs): assert False, "Expected request body wasn't logged" @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",logging_disabled) - @AsyncKeysClientPreparer(logging_enable = False) + @pytest.mark.parametrize("api_version,is_hsm", logging_disabled) + @AsyncKeysClientPreparer(logging_enable=False) @recorded_by_proxy_async async def test_logging_disabled(self, client, is_hsm, **kwargs): mock_handler = MockHandler() @@ -506,7 +513,7 @@ async def test_logging_disabled(self, client, is_hsm, **kwargs): mock_handler.close() @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_get_random_bytes(self, client, **kwargs): @@ -523,11 +530,11 @@ async def test_get_random_bytes(self, client, **kwargs): generated_random_bytes.append(random_bytes) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_key_release(self, client, is_hsm, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") if is_hsm and client.api_version == ApiVersion.V7_5: pytest.skip("Currently failing on 7.5-preview.1; skipping for now") @@ -553,7 +560,7 @@ async def test_key_release(self, client, is_hsm, **kwargs): pytest.skip("Target environment attestation statement cannot be verified. Likely transient failure.") @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_imported_key_release(self, client, **kwargs): @@ -576,11 +583,11 @@ async def test_imported_key_release(self, client, **kwargs): assert release_result.value @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_update_release_policy(self, client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") if client.api_version == ApiVersion.V7_5: pytest.skip("Currently failing on 7.5-preview.1; skipping for now") @@ -600,17 +607,9 @@ async def test_update_release_policy(self, client, **kwargs): new_release_policy_json = { "anyOf": [ - { - "anyOf": [ - { - "claim": "sdk-test", - "equals": False - } - ], - "authority": attestation_uri.rstrip("/") + "/" - } + {"anyOf": [{"claim": "sdk-test", "equals": False}], "authority": attestation_uri.rstrip("/") + "/"} ], - "version": "1.0.0" + "version": "1.0.0", } policy_string = json.dumps(new_release_policy_json).encode() new_release_policy = KeyReleasePolicy(policy_string) @@ -623,11 +622,11 @@ async def test_update_release_policy(self, client, **kwargs): # Immutable policies aren't currently supported on Managed HSM @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_immutable_release_policy(self, client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") attestation_uri = self._get_attestation_uri() @@ -641,17 +640,9 @@ async def test_immutable_release_policy(self, client, **kwargs): new_release_policy_json = { "anyOf": [ - { - "anyOf": [ - { - "claim": "sdk-test", - "equals": False - } - ], - "authority": attestation_uri.rstrip("/") + "/" - } + {"anyOf": [{"claim": "sdk-test", "equals": False}], "authority": attestation_uri.rstrip("/") + "/"} ], - "version": "1.0.0" + "version": "1.0.0", } policy_string = json.dumps(new_release_policy_json).encode() new_release_policy = KeyReleasePolicy(policy_string, immutable=True) @@ -660,11 +651,11 @@ async def test_immutable_release_policy(self, client, **kwargs): await self._update_key_properties(client, key, new_release_policy) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_key_rotation(self, client, is_hsm, **kwargs): - if (not is_public_cloud() and self.is_live): + if not is_public_cloud() and self.is_live: pytest.skip("This test is not supported in usgov/china region. Follow up with service team.") key_name = self.get_resource_name("rotation-key") @@ -684,11 +675,11 @@ async def test_key_rotation(self, client, is_hsm, **kwargs): assert key.key.n != rotated_key.key.n @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_key_rotation_policy(self, client, is_hsm, **kwargs): - if (not is_public_cloud() and self.is_live): + if not is_public_cloud() and self.is_live: pytest.skip("This test is not supported in usgov/china region. Follow up with service team.") key_name = self.get_resource_name("rotation-key") @@ -763,7 +754,7 @@ async def test_key_rotation_policy(self, client, is_hsm, **kwargs): _assert_lifetime_actions_equal(newest_policy_actions, newest_fetched_policy_actions) @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_get_cryptography_client(self, client, is_hsm, **kwargs): @@ -800,7 +791,7 @@ async def test_get_cryptography_client(self, client, is_hsm, **kwargs): assert plaintext == result.plaintext @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_vault_7_4_plus) + @pytest.mark.parametrize("api_version,is_hsm", only_vault_7_4_plus) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_send_request(self, client, is_hsm, **kwargs): @@ -817,7 +808,7 @@ async def test_send_request(self, client, is_hsm, **kwargs): assert response.json()["key"]["kid"] == key.id @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm_default) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm_default) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_get_key_attestation(self, client, **kwargs): @@ -864,6 +855,7 @@ async def test_40x_handling(self, client, **kwargs): # Test that 409 is raised correctly (`create_key` shouldn't actually trigger this, but for raising behavior) async def run(*_, **__): return Mock(http_response=Mock(status_code=409)) + with patch.object(client._client._client._pipeline, "run", run): with pytest.raises(ResourceExistsError): await client.create_key("...", "RSA") diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_local_crypto.py b/sdk/keyvault/azure-keyvault-keys/tests/test_local_crypto.py index 52ec32992543..e9b2867fc08d 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_local_crypto.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_local_crypto.py @@ -7,10 +7,8 @@ import pytest from azure.keyvault.keys import KeyCurveName, KeyVaultKey -from azure.keyvault.keys.crypto import (EncryptionAlgorithm, KeyWrapAlgorithm, - SignatureAlgorithm) -from azure.keyvault.keys.crypto._providers import \ - get_local_cryptography_provider +from azure.keyvault.keys.crypto import EncryptionAlgorithm, KeyWrapAlgorithm, SignatureAlgorithm +from azure.keyvault.keys.crypto._providers import get_local_cryptography_provider from keys import EC_KEYS, RSA_KEYS @@ -48,14 +46,14 @@ def test_rsa_encrypt_decrypt(key, algorithm): (EncryptionAlgorithm.a256_cbcpad, 32), (EncryptionAlgorithm.a192_cbcpad, 24), (EncryptionAlgorithm.a128_cbcpad, 16), - ) + ), ) def test_symmetric_encrypt_decrypt(algorithm, key_size): jwk = { "k": os.urandom(key_size), - "kid":"http://localhost/keys/key/version", + "kid": "http://localhost/keys/key/version", "kty": "oct-HSM", - "key_ops": ("encrypt", "decrypt") + "key_ops": ("encrypt", "decrypt"), } key = KeyVaultKey(key_id="http://localhost/keys/key/version", jwk=jwk) provider = get_local_cryptography_provider(key.key) @@ -119,9 +117,9 @@ def test_rsa_wrap_unwrap(key, algorithm): def test_symmetric_wrap_unwrap(algorithm): jwk = { "k": os.urandom(32), - "kid":"http://localhost/keys/key/version", + "kid": "http://localhost/keys/key/version", "kty": "oct", - "key_ops": ("unwrapKey", "wrapKey") + "key_ops": ("unwrapKey", "wrapKey"), } key = KeyVaultKey(key_id="http://localhost/keys/key/version", jwk=jwk) provider = get_local_cryptography_provider(key.key) diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_parse_id.py b/sdk/keyvault/azure-keyvault-keys/tests/test_parse_id.py index 3f72b8cb9556..eb33db5f2860 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_parse_id.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_parse_id.py @@ -15,7 +15,7 @@ class TestParseId(KeyVaultTestCase, KeysTestCase): - @pytest.mark.parametrize("api_version,is_hsm",only_vault) + @pytest.mark.parametrize("api_version,is_hsm", only_vault) @KeysClientPreparer() @recorded_by_proxy def test_parse_key_id_with_version(self, client, **kwargs): diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys.py b/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys.py index 68e2b6496d64..be044fe64650 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys.py @@ -36,11 +36,11 @@ def test_create_key_client(): class TestExamplesKeyVault(KeyVaultTestCase, KeysTestCase): - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_example_key_crud_operations(self, key_client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") key_name = self.get_resource_name("key-name") @@ -131,7 +131,7 @@ def test_example_key_crud_operations(self, key_client, **kwargs): deleted_key_poller.wait() # [END delete_key] - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @KeysClientPreparer() @recorded_by_proxy def test_example_create_oct_key(self, key_client, **kwargs): @@ -145,7 +145,7 @@ def test_example_create_oct_key(self, key_client, **kwargs): print(key.key_type) # [END create_oct_key] - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_example_key_list_operations(self, key_client, **kwargs): @@ -186,7 +186,7 @@ def test_example_key_list_operations(self, key_client, **kwargs): print(key.deleted_date) # [END list_deleted_keys] - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_example_keys_backup_restore(self, key_client, **kwargs): @@ -219,7 +219,7 @@ def test_example_keys_backup_restore(self, key_client, **kwargs): print(restored_key.properties.version) # [END restore_key_backup] - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @KeysClientPreparer() @recorded_by_proxy def test_example_keys_recover(self, key_client, **kwargs): diff --git a/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys_async.py b/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys_async.py index 0357017a4b44..e8e127c82d9e 100644 --- a/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys_async.py +++ b/sdk/keyvault/azure-keyvault-keys/tests/test_samples_keys_async.py @@ -42,11 +42,11 @@ async def test_create_key_client(): class TestExamplesKeyVault(KeyVaultTestCase): @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_example_key_crud_operations(self, key_client, **kwargs): - if (self.is_live and os.environ["KEYVAULT_SKU"] != "premium"): + if self.is_live and os.environ["KEYVAULT_SKU"] != "premium": pytest.skip("This test is not supported on standard SKU vaults. Follow up with service team") key_name = self.get_resource_name("key-name") @@ -132,7 +132,7 @@ async def test_example_key_crud_operations(self, key_client, **kwargs): # [END delete_key] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",only_hsm) + @pytest.mark.parametrize("api_version,is_hsm", only_hsm) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_example_create_oct_key(self, key_client, **kwargs): @@ -147,7 +147,7 @@ async def test_example_create_oct_key(self, key_client, **kwargs): # [END create_oct_key] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_example_key_list_operations(self, key_client, **kwargs): @@ -194,7 +194,7 @@ async def test_example_key_list_operations(self, key_client, **kwargs): # [END list_deleted_keys] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_example_keys_backup_restore(self, key_client, **kwargs): @@ -229,7 +229,7 @@ async def test_example_keys_backup_restore(self, key_client, **kwargs): # [END restore_key_backup] @pytest.mark.asyncio - @pytest.mark.parametrize("api_version,is_hsm",all_api_versions) + @pytest.mark.parametrize("api_version,is_hsm", all_api_versions) @AsyncKeysClientPreparer() @recorded_by_proxy_async async def test_example_keys_recover(self, key_client, **kwargs):