diff --git a/sdk/attestation/azure-attestation/azure/attestation/__init__.py b/sdk/attestation/azure-attestation/azure/attestation/__init__.py new file mode 100644 index 0000000000000..cfca63c02e015 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/__init__.py @@ -0,0 +1,19 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from ._configuration import AttestationClientConfiguration +from ._attestation_client import AttestationClient +__all__ = ['AttestationClient', 'AttestationClientConfiguration'] + +from .version import VERSION + +__version__ = VERSION + diff --git a/sdk/attestation/azure-attestation/azure/attestation/_attestation_client.py b/sdk/attestation/azure-attestation/azure/attestation/_attestation_client.py new file mode 100644 index 0000000000000..43648228be53b --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/_attestation_client.py @@ -0,0 +1,61 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.service_client import SDKClient +from msrest import Serializer, Deserializer + +from ._configuration import AttestationClientConfiguration +from .operations import PolicyOperations +from .operations import PolicyCertificatesOperations +from .operations import SigningCertificatesOperations +from .operations import MetadataConfigurationOperations +from . import models + + +class AttestationClient(SDKClient): + """Describes the interface for the per-tenant enclave service. + + :ivar config: Configuration for client. + :vartype config: AttestationClientConfiguration + + :ivar policy: Policy operations + :vartype policy: azure.attestation.operations.PolicyOperations + :ivar policy_certificates: PolicyCertificates operations + :vartype policy_certificates: azure.attestation.operations.PolicyCertificatesOperations + :ivar signing_certificates: SigningCertificates operations + :vartype signing_certificates: azure.attestation.operations.SigningCertificatesOperations + :ivar metadata_configuration: MetadataConfiguration operations + :vartype metadata_configuration: azure.attestation.operations.MetadataConfigurationOperations + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + """ + + def __init__( + self, credentials): + + self.config = AttestationClientConfiguration(credentials) + super(AttestationClient, self).__init__(self.config.credentials, self.config) + + client_models = {k: v for k, v in models.__dict__.items() if isinstance(v, type)} + self.api_version = '2018-09-01-preview' + self._serialize = Serializer(client_models) + self._deserialize = Deserializer(client_models) + + self.policy = PolicyOperations( + self._client, self.config, self._serialize, self._deserialize) + self.policy_certificates = PolicyCertificatesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.signing_certificates = SigningCertificatesOperations( + self._client, self.config, self._serialize, self._deserialize) + self.metadata_configuration = MetadataConfigurationOperations( + self._client, self.config, self._serialize, self._deserialize) diff --git a/sdk/attestation/azure-attestation/azure/attestation/_configuration.py b/sdk/attestation/azure-attestation/azure/attestation/_configuration.py new file mode 100644 index 0000000000000..4346af59281f1 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/_configuration.py @@ -0,0 +1,41 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- +from msrestazure import AzureConfiguration + +from .version import VERSION + + +class AttestationClientConfiguration(AzureConfiguration): + """Configuration for AttestationClient + Note that all parameters used to create this instance are saved as instance + attributes. + + :param credentials: Credentials needed for the client to connect to Azure. + :type credentials: :mod:`A msrestazure Credentials + object` + """ + + def __init__( + self, credentials): + + if credentials is None: + raise ValueError("Parameter 'credentials' must not be None.") + base_url = '{tenantBaseUrl}' + + super(AttestationClientConfiguration, self).__init__(base_url) + + # Starting Autorest.Python 4.0.64, make connection pool activated by default + self.keep_alive = True + + self.add_user_agent('azure-attestation/{}'.format(VERSION)) + self.add_user_agent('Azure-SDK-For-Python') + + self.credentials = credentials diff --git a/sdk/attestation/azure-attestation/azure/attestation/models/__init__.py b/sdk/attestation/azure-attestation/azure/attestation/models/__init__.py new file mode 100644 index 0000000000000..e51294edbea83 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/models/__init__.py @@ -0,0 +1,23 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +try: + from ._models_py3 import AttestationPolicy +except (SyntaxError, ImportError): + from ._models import AttestationPolicy +from ._attestation_client_enums import ( + TeeKind, +) + +__all__ = [ + 'AttestationPolicy', + 'TeeKind', +] diff --git a/sdk/attestation/azure-attestation/azure/attestation/models/_attestation_client_enums.py b/sdk/attestation/azure-attestation/azure/attestation/models/_attestation_client_enums.py new file mode 100644 index 0000000000000..4d5bea35696c5 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/models/_attestation_client_enums.py @@ -0,0 +1,20 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from enum import Enum + + +class TeeKind(str, Enum): + + sgx_enclave = "SgxEnclave" #: Intel Software Guard eXtensions + open_enclave = "OpenEnclave" #: OpenEnclave extensions to SGX + cy_res_component = "CyResComponent" #: IoT Edge validation + vsm_enclave = "VSMEnclave" #: VSM Enclave Attestation diff --git a/sdk/attestation/azure-attestation/azure/attestation/models/_models.py b/sdk/attestation/azure-attestation/azure/attestation/models/_models.py new file mode 100644 index 0000000000000..ece81336f80c7 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/models/_models.py @@ -0,0 +1,80 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model +from msrest.exceptions import HttpOperationError + + +class AttestationPolicy(Model): + """AttestationPolicy. + + :param policy: JSON Web Token whose body is an AttestationPolicyRequest + definition. + :type policy: str + """ + + _attribute_map = { + 'policy': {'key': 'policy', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(AttestationPolicy, self).__init__(**kwargs) + self.policy = kwargs.get('policy', None) + + +class CloudError(Model): + """An error response from Attestation. + + :param error: + :type error: ~azure.attestation.models.CloudErrorBody + """ + + _attribute_map = { + 'error': {'key': 'error', 'type': 'CloudErrorBody'}, + } + + def __init__(self, **kwargs): + super(CloudError, self).__init__(**kwargs) + self.error = kwargs.get('error', None) + + +class CloudErrorException(HttpOperationError): + """Server responsed with exception of type: 'CloudError'. + + :param deserialize: A deserializer + :param response: Server response to be deserialized. + """ + + def __init__(self, deserialize, response, *args): + + super(CloudErrorException, self).__init__(deserialize, response, 'CloudError', *args) + + +class CloudErrorBody(Model): + """An error response from Attestation. + + :param code: An identifier for the error. Codes are invariant and are + intended to be consumed programmatically. + :type code: str + :param message: A message describing the error, intended to be suitable + for displaying in a user interface. + :type message: str + """ + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'message': {'key': 'message', 'type': 'str'}, + } + + def __init__(self, **kwargs): + super(CloudErrorBody, self).__init__(**kwargs) + self.code = kwargs.get('code', None) + self.message = kwargs.get('message', None) diff --git a/sdk/attestation/azure-attestation/azure/attestation/models/_models_py3.py b/sdk/attestation/azure-attestation/azure/attestation/models/_models_py3.py new file mode 100644 index 0000000000000..68bb3d7654438 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/models/_models_py3.py @@ -0,0 +1,80 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from msrest.serialization import Model +from msrest.exceptions import HttpOperationError + + +class AttestationPolicy(Model): + """AttestationPolicy. + + :param policy: JSON Web Token whose body is an AttestationPolicyRequest + definition. + :type policy: str + """ + + _attribute_map = { + 'policy': {'key': 'policy', 'type': 'str'}, + } + + def __init__(self, *, policy: str=None, **kwargs) -> None: + super(AttestationPolicy, self).__init__(**kwargs) + self.policy = policy + + +class CloudError(Model): + """An error response from Attestation. + + :param error: + :type error: ~azure.attestation.models.CloudErrorBody + """ + + _attribute_map = { + 'error': {'key': 'error', 'type': 'CloudErrorBody'}, + } + + def __init__(self, *, error=None, **kwargs) -> None: + super(CloudError, self).__init__(**kwargs) + self.error = error + + +class CloudErrorException(HttpOperationError): + """Server responsed with exception of type: 'CloudError'. + + :param deserialize: A deserializer + :param response: Server response to be deserialized. + """ + + def __init__(self, deserialize, response, *args): + + super(CloudErrorException, self).__init__(deserialize, response, 'CloudError', *args) + + +class CloudErrorBody(Model): + """An error response from Attestation. + + :param code: An identifier for the error. Codes are invariant and are + intended to be consumed programmatically. + :type code: str + :param message: A message describing the error, intended to be suitable + for displaying in a user interface. + :type message: str + """ + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'message': {'key': 'message', 'type': 'str'}, + } + + def __init__(self, *, code: str=None, message: str=None, **kwargs) -> None: + super(CloudErrorBody, self).__init__(**kwargs) + self.code = code + self.message = message diff --git a/sdk/attestation/azure-attestation/azure/attestation/operations/__init__.py b/sdk/attestation/azure-attestation/azure/attestation/operations/__init__.py new file mode 100644 index 0000000000000..521137a0b3c66 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/operations/__init__.py @@ -0,0 +1,22 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from ._policy_operations import PolicyOperations +from ._policy_certificates_operations import PolicyCertificatesOperations +from ._signing_certificates_operations import SigningCertificatesOperations +from ._metadata_configuration_operations import MetadataConfigurationOperations + +__all__ = [ + 'PolicyOperations', + 'PolicyCertificatesOperations', + 'SigningCertificatesOperations', + 'MetadataConfigurationOperations', +] diff --git a/sdk/attestation/azure-attestation/azure/attestation/operations/_metadata_configuration_operations.py b/sdk/attestation/azure-attestation/azure/attestation/operations/_metadata_configuration_operations.py new file mode 100644 index 0000000000000..60b4da09d6443 --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/operations/_metadata_configuration_operations.py @@ -0,0 +1,100 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class MetadataConfigurationOperations(object): + """MetadataConfigurationOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + + self.config = config + + def get( + self, tenant_base_url, custom_headers=None, raw=False, **operation_config): + """Retrieves the OpenID Configuration data for the Azure Attestation + Service. + + Retrieves metadata about the attestation signing keys in use by the + attestation service. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('object', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/.well-known/openid-configuration'} diff --git a/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_certificates_operations.py b/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_certificates_operations.py new file mode 100644 index 0000000000000..3f4601247312b --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_certificates_operations.py @@ -0,0 +1,244 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class PolicyCertificatesOperations(object): + """PolicyCertificatesOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "2018-09-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2018-09-01-preview" + + self.config = config + + def get( + self, tenant_base_url, custom_headers=None, raw=False, **operation_config): + """Retrieves the set of certificates used to express policy for the + current tenant. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('str', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/operations/policy/certificates'} + + def add( + self, tenant_base_url, policy_certificate_to_add, custom_headers=None, raw=False, **operation_config): + """Adds a new attestation policy certificate to the set of policy + management certificates. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param policy_certificate_to_add: An RFC7519 JSON Web Token containing + a claim named "maa-policyCertificate" whose value is an RFC7517 JSON + Web Key which specifies a new key to add. The RFC7519 JWT must be + signed with one of the existing signing certificates + :type policy_certificate_to_add: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.add.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(policy_certificate_to_add, 'str') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('str', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + add.metadata = {'url': '/operations/policy/certificates'} + + def remove( + self, tenant_base_url, policy_certificate_to_remove, custom_headers=None, raw=False, **operation_config): + """Removes the specified policy management certificate. Note that the + final policy management certificate cannot be removed. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param policy_certificate_to_remove: An RFC7519 JSON Web Token + containing a claim named "maa-policyCertificate" whose value is an + RFC7517 JSON Web Key which specifies a new key to update. The RFC7519 + JWT must be signed with one of the existing signing certificates + :type policy_certificate_to_remove: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.remove.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(policy_certificate_to_remove, 'str') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('str', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + remove.metadata = {'url': '/operations/policy/certificates'} diff --git a/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_operations.py b/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_operations.py new file mode 100644 index 0000000000000..11e85fe7c735a --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/operations/_policy_operations.py @@ -0,0 +1,323 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class PolicyOperations(object): + """PolicyOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar api_version: Client API version. Constant value: "2018-09-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.api_version = "2018-09-01-preview" + + self.config = config + + def prepare_to_set( + self, tenant_base_url, tee, policy_jws, custom_headers=None, raw=False, **operation_config): + """Accepts a new policy document and returns a JWT which expresses used + in preparation to set attestation policy. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param tee: Specifies the trusted execution environment to be used to + validate the evidence. Possible values include: 'SgxEnclave', + 'OpenEnclave', 'CyResComponent', 'VSMEnclave' + :type tee: str or ~azure.attestation.models.TeeKind + :param policy_jws: JSON Web Signature (See RFC7515) expressing the new + policy + :type policy_jws: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.prepare_to_set.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + query_parameters['tee'] = self._serialize.query("tee", tee, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'text/plain' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(policy_jws, 'str') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('str', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + prepare_to_set.metadata = {'url': '/operations/policy/updatepolicy'} + + def get( + self, tenant_base_url, tee, custom_headers=None, raw=False, **operation_config): + """Retrieves the current policy for a given kind of TEE. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param tee: Specifies the trusted execution environment to be used to + validate the evidence. Possible values include: 'SgxEnclave', + 'OpenEnclave', 'CyResComponent', 'VSMEnclave' + :type tee: str or ~azure.attestation.models.TeeKind + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + query_parameters['tee'] = self._serialize.query("tee", tee, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('AttestationPolicy', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/operations/policy/current'} + + def set( + self, tenant_base_url, tee, new_attestation_policy, custom_headers=None, raw=False, **operation_config): + """Sets the policy for a given kind of TEE. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param tee: Specifies the trusted execution environment to be used to + validate the evidence. Possible values include: 'SgxEnclave', + 'OpenEnclave', 'CyResComponent', 'VSMEnclave' + :type tee: str or ~azure.attestation.models.TeeKind + :param new_attestation_policy: JWT Expressing the new policy + :type new_attestation_policy: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.set.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + query_parameters['tee'] = self._serialize.query("tee", tee, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'text/plain' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(new_attestation_policy, 'str') + + # Construct and send request + request = self._client.put(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + set.metadata = {'url': '/operations/policy/current'} + + def reset( + self, tenant_base_url, tee, policy_jws, custom_headers=None, raw=False, **operation_config): + """Resets the attestation policy for the specified tenant and reverts to + the default policy. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param tee: Specifies the trusted execution environment to be used to + validate the evidence. Possible values include: 'SgxEnclave', + 'OpenEnclave', 'CyResComponent', 'VSMEnclave' + :type tee: str or ~azure.attestation.models.TeeKind + :param policy_jws: JSON Web Signature with an empty policy document + :type policy_jws: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.reset.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + query_parameters['tee'] = self._serialize.query("tee", tee, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + header_parameters['Content-Type'] = 'text/plain' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(policy_jws, 'str') + + # Construct and send request + request = self._client.post(url, query_parameters, header_parameters, body_content) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400, 401]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('str', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + if response.status_code == 401: + deserialized = self._deserialize('str', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + reset.metadata = {'url': '/operations/policy/current'} diff --git a/sdk/attestation/azure-attestation/azure/attestation/operations/_signing_certificates_operations.py b/sdk/attestation/azure-attestation/azure/attestation/operations/_signing_certificates_operations.py new file mode 100644 index 0000000000000..4bbbc9bba01fe --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/operations/_signing_certificates_operations.py @@ -0,0 +1,100 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError + +from .. import models + + +class SigningCertificatesOperations(object): + """SigningCertificatesOperations operations. + + You should not instantiate directly this class, but create a Client instance that will create it for you and attach it as attribute. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + + self.config = config + + def get( + self, tenant_base_url, custom_headers=None, raw=False, **operation_config): + """Retrieves the attestation signing keys in use by the attestation + service. + + Retrieves metadata signing certificates in use by the attestation + service. + + :param tenant_base_url: The tenant name, for example + https://mytenant.attest.azure.net. + :type tenant_base_url: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: object or ClientRawResponse if raw=true + :rtype: object or ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'tenantBaseUrl': self._serialize.url("tenant_base_url", tenant_base_url, 'str', skip_quote=True) + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + + # Construct headers + header_parameters = {} + header_parameters['Accept'] = 'application/json' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters, header_parameters) + response = self._client.send(request, stream=False, **operation_config) + + if response.status_code not in [200, 400]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + if response.status_code == 200: + deserialized = self._deserialize('object', response) + if response.status_code == 400: + deserialized = self._deserialize('CloudError', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/certs'} diff --git a/sdk/attestation/azure-attestation/azure/attestation/version.py b/sdk/attestation/azure-attestation/azure/attestation/version.py new file mode 100644 index 0000000000000..e0ec669828cbf --- /dev/null +++ b/sdk/attestation/azure-attestation/azure/attestation/version.py @@ -0,0 +1,13 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +VERSION = "0.1.0" +