2016-05-05 21:52:08 +02:00
|
|
|
"""
|
|
|
|
.. module: lemur.certificates.schemas
|
|
|
|
:platform: unix
|
|
|
|
:copyright: (c) 2015 by Netflix Inc., see AUTHORS for more
|
|
|
|
:license: Apache, see LICENSE for more details.
|
|
|
|
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
|
|
|
|
"""
|
|
|
|
from flask import current_app
|
|
|
|
|
2016-05-09 20:00:16 +02:00
|
|
|
from marshmallow import fields, validates_schema
|
2016-05-05 21:52:08 +02:00
|
|
|
from marshmallow.exceptions import ValidationError
|
|
|
|
|
|
|
|
from lemur.schemas import AssociatedAuthoritySchema, AssociatedDestinationSchema, AssociatedCertificateSchema, \
|
2016-05-12 21:38:44 +02:00
|
|
|
AssociatedNotificationSchema, PluginInputSchema, ExtensionSchema
|
2016-05-09 20:00:16 +02:00
|
|
|
from lemur.common.schema import LemurInputSchema, LemurOutputSchema
|
|
|
|
from lemur.common import validators
|
2016-05-05 21:52:08 +02:00
|
|
|
|
|
|
|
|
|
|
|
class CertificateInputSchema(LemurInputSchema):
|
|
|
|
name = fields.String()
|
|
|
|
owner = fields.Email(required=True)
|
|
|
|
description = fields.String()
|
2016-05-09 20:00:16 +02:00
|
|
|
common_name = fields.String(required=True, validate=validators.sensitive_domain)
|
2016-05-05 21:52:08 +02:00
|
|
|
authority = fields.Nested(AssociatedAuthoritySchema, required=True)
|
|
|
|
|
|
|
|
validity_start = fields.DateTime()
|
|
|
|
validity_end = fields.DateTime()
|
|
|
|
validity_years = fields.Integer()
|
|
|
|
|
|
|
|
destinations = fields.Nested(AssociatedDestinationSchema, missing=[], many=True)
|
|
|
|
notifications = fields.Nested(AssociatedNotificationSchema, missing=[], many=True)
|
|
|
|
replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)
|
|
|
|
|
2016-05-09 20:00:16 +02:00
|
|
|
csr = fields.String(validate=validators.csr)
|
2016-05-05 21:52:08 +02:00
|
|
|
|
|
|
|
# certificate body fields
|
|
|
|
organizational_unit = fields.String(missing=lambda: current_app.config.get('LEMUR_DEFAULT_ORGANIZATIONAL_UNIT'))
|
|
|
|
organization = fields.String(missing=lambda: current_app.config.get('LEMUR_DEFAULT_ORGANIZATION'))
|
|
|
|
location = fields.String(missing=lambda: current_app.config.get('LEMUR_DEFAULT_LOCATION'))
|
|
|
|
country = fields.String(missing=lambda: current_app.config.get('LEMUR_DEFAULT_COUNTRY'))
|
|
|
|
state = fields.String(missing=lambda: current_app.config.get('LEMUR_DEFAULT_STATE'))
|
|
|
|
|
|
|
|
extensions = fields.Nested(ExtensionSchema)
|
|
|
|
|
|
|
|
@validates_schema
|
|
|
|
def validate_dates(self, data):
|
2016-05-09 20:00:16 +02:00
|
|
|
validators.dates(data)
|
2016-05-05 21:52:08 +02:00
|
|
|
|
|
|
|
|
|
|
|
class CertificateOutputSchema(LemurOutputSchema):
|
|
|
|
id = fields.Integer()
|
|
|
|
active = fields.Boolean()
|
|
|
|
bits = fields.Integer()
|
|
|
|
body = fields.String()
|
|
|
|
chain = fields.String()
|
|
|
|
deleted = fields.Boolean(default=False)
|
|
|
|
description = fields.String()
|
|
|
|
issuer = fields.String()
|
|
|
|
name = fields.String()
|
2016-05-10 20:27:57 +02:00
|
|
|
common_name = fields.String()
|
2016-05-05 21:52:08 +02:00
|
|
|
not_after = fields.DateTime()
|
|
|
|
not_before = fields.DateTime()
|
|
|
|
owner = fields.Email()
|
|
|
|
san = fields.Boolean()
|
|
|
|
serial = fields.String()
|
|
|
|
signing_algorithm = fields.String()
|
|
|
|
status = fields.Boolean()
|
|
|
|
|
|
|
|
|
|
|
|
class CertificateUploadInputSchema(LemurInputSchema):
|
|
|
|
name = fields.String()
|
|
|
|
owner = fields.Email(required=True)
|
|
|
|
description = fields.String()
|
|
|
|
active = fields.Boolean(missing=True)
|
|
|
|
|
2016-05-09 20:00:16 +02:00
|
|
|
private_key = fields.String(validate=validators.private_key)
|
|
|
|
public_cert = fields.String(required=True, validate=validators.public_certificate)
|
|
|
|
chain = fields.String(validate=validators.public_certificate) # TODO this could be multiple certificates
|
2016-05-05 21:52:08 +02:00
|
|
|
|
|
|
|
destinations = fields.Nested(AssociatedDestinationSchema, missing=[], many=True)
|
|
|
|
notifications = fields.Nested(AssociatedNotificationSchema, missing=[], many=True)
|
|
|
|
replacements = fields.Nested(AssociatedCertificateSchema, missing=[], many=True)
|
|
|
|
|
|
|
|
@validates_schema
|
|
|
|
def keys(self, data):
|
|
|
|
if data.get('destinations'):
|
|
|
|
if not data.get('private_key'):
|
|
|
|
raise ValidationError('Destinations require private key.')
|
|
|
|
|
|
|
|
|
|
|
|
class CertificateExportInputSchema(LemurInputSchema):
|
2016-05-12 21:38:44 +02:00
|
|
|
export = fields.Nested(PluginInputSchema)
|
2016-05-05 21:52:08 +02:00
|
|
|
|
|
|
|
|
|
|
|
certificate_input_schema = CertificateInputSchema()
|
|
|
|
certificate_output_schema = CertificateOutputSchema()
|
|
|
|
certificates_output_schema = CertificateOutputSchema(many=True)
|
|
|
|
certificate_upload_input_schema = CertificateUploadInputSchema()
|
|
|
|
certificate_export_input_schema = CertificateExportInputSchema()
|