Black lint all the things

lemur/tests/conf.py

@@ -15,49 +15,51 @@ debug = False
 TESTING = True
 
 # this is the secret key used by flask session management
-SECRET_KEY = 'I/dVhOZNSMZMqrFJa5tWli6VQccOGudKerq3eWPMSzQNmHHVhMAQfQ=='
+SECRET_KEY = "I/dVhOZNSMZMqrFJa5tWli6VQccOGudKerq3eWPMSzQNmHHVhMAQfQ=="
 
 # You should consider storing these separately from your config
-LEMUR_TOKEN_SECRET = 'test'
-LEMUR_ENCRYPTION_KEYS = 'o61sBLNBSGtAckngtNrfVNd8xy8Hp9LBGDstTbMbqCY='
+LEMUR_TOKEN_SECRET = "test"
+LEMUR_ENCRYPTION_KEYS = "o61sBLNBSGtAckngtNrfVNd8xy8Hp9LBGDstTbMbqCY="
 
 # List of domain regular expressions that non-admin users can issue
 LEMUR_WHITELISTED_DOMAINS = [
-    '^[a-zA-Z0-9-]+\.example\.com$',
-    '^[a-zA-Z0-9-]+\.example\.org$',
-    '^example\d+\.long\.com$',
+    "^[a-zA-Z0-9-]+\.example\.com$",
+    "^[a-zA-Z0-9-]+\.example\.org$",
+    "^example\d+\.long\.com$",
 ]
 
 # Mail Server
 
 # Lemur currently only supports SES for sending email, this address
 # needs to be verified
-LEMUR_EMAIL = ''
-LEMUR_SECURITY_TEAM_EMAIL = ['security@example.com']
+LEMUR_EMAIL = ""
+LEMUR_SECURITY_TEAM_EMAIL = ["security@example.com"]
 
-LEMUR_HOSTNAME = 'lemur.example.com'
+LEMUR_HOSTNAME = "lemur.example.com"
 
 # Logging
 
 LOG_LEVEL = "DEBUG"
 LOG_FILE = "lemur.log"
 
-LEMUR_DEFAULT_COUNTRY = 'US'
-LEMUR_DEFAULT_STATE = 'California'
-LEMUR_DEFAULT_LOCATION = 'Los Gatos'
-LEMUR_DEFAULT_ORGANIZATION = 'Example, Inc.'
-LEMUR_DEFAULT_ORGANIZATIONAL_UNIT = 'Example'
+LEMUR_DEFAULT_COUNTRY = "US"
+LEMUR_DEFAULT_STATE = "California"
+LEMUR_DEFAULT_LOCATION = "Los Gatos"
+LEMUR_DEFAULT_ORGANIZATION = "Example, Inc."
+LEMUR_DEFAULT_ORGANIZATIONAL_UNIT = "Example"
 
 LEMUR_ALLOW_WEEKEND_EXPIRATION = False
 
 # Database
 
 # modify this if you are not using a local database
-SQLALCHEMY_DATABASE_URI = os.getenv('SQLALCHEMY_DATABASE_URI', 'postgresql://lemur:lemur@localhost:5432/lemur')
+SQLALCHEMY_DATABASE_URI = os.getenv(
+    "SQLALCHEMY_DATABASE_URI", "postgresql://lemur:lemur@localhost:5432/lemur"
+)
 SQLALCHEMY_TRACK_MODIFICATIONS = False
 
 # AWS
-LEMUR_INSTANCE_PROFILE = 'Lemur'
+LEMUR_INSTANCE_PROFILE = "Lemur"
 
 # Issuers
 
@@ -72,21 +74,21 @@ LEMUR_INSTANCE_PROFILE = 'Lemur'
 # CLOUDCA_DEFAULT_VALIDITY = 2
 
 
-DIGICERT_URL = 'mock://www.digicert.com'
-DIGICERT_ORDER_TYPE = 'ssl_plus'
-DIGICERT_API_KEY = 'api-key'
+DIGICERT_URL = "mock://www.digicert.com"
+DIGICERT_ORDER_TYPE = "ssl_plus"
+DIGICERT_API_KEY = "api-key"
 DIGICERT_ORG_ID = 111111
 DIGICERT_ROOT = "ROOT"
 
-VERISIGN_URL = 'http://example.com'
-VERISIGN_PEM_PATH = '~/'
-VERISIGN_FIRST_NAME = 'Jim'
-VERISIGN_LAST_NAME = 'Bob'
-VERSIGN_EMAIL = 'jim@example.com'
+VERISIGN_URL = "http://example.com"
+VERISIGN_PEM_PATH = "~/"
+VERISIGN_FIRST_NAME = "Jim"
+VERISIGN_LAST_NAME = "Bob"
+VERSIGN_EMAIL = "jim@example.com"
 
-ACME_AWS_ACCOUNT_NUMBER = '11111111111'
+ACME_AWS_ACCOUNT_NUMBER = "11111111111"
 
-ACME_PRIVATE_KEY = '''
+ACME_PRIVATE_KEY = """
 -----BEGIN RSA PRIVATE KEY-----
 MIIJJwIBAAKCAgEA0+jySNCc1i73LwDZEuIdSkZgRYQ4ZQVIioVf38RUhDElxy51
 4gdWZwp8/TDpQ8cVXMj6QhdRpTVLluOz71hdvBAjxXTISRCRlItzizTgBD9CLXRh
@@ -138,7 +140,7 @@ cRe4df5/EbRiUOyx/ZBepttB1meTnsH6cGPN0JnmTMQHQvanL3jjtjrC13408ONK
 omsEEjDt4qVqGvSyy+V/1EhqGPzm9ri3zapnorf69rscuXYYsMBZ8M6AtSio4ldB
 LjCRNS1lR6/mV8AqUNR9Kn2NLQyJ76yDoEVLulKZqGUsC9STN4oGJLUeFw==
 -----END RSA PRIVATE KEY-----
-'''
+"""
 
 ACME_ROOT = """
 -----BEGIN CERTIFICATE-----
@@ -174,17 +176,17 @@ PB0t6JzUA81mSqM3kxl5e+IZwhYAyO0OTg3/fs8HqGTNKd9BqoUwSRBzp06JMg5b
 rUCGwbCUDI0mxadJ3Bz4WxR6fyNpBK2yAinWEsikxqEt
 -----END CERTIFICATE-----
 """
-ACME_URL = 'https://acme-v01.api.letsencrypt.org'
-ACME_EMAIL = 'jim@example.com'
-ACME_TEL = '4088675309'
-ACME_DIRECTORY_URL = 'https://acme-v01.api.letsencrypt.org'
+ACME_URL = "https://acme-v01.api.letsencrypt.org"
+ACME_EMAIL = "jim@example.com"
+ACME_TEL = "4088675309"
+ACME_DIRECTORY_URL = "https://acme-v01.api.letsencrypt.org"
 ACME_DISABLE_AUTORESOLVE = True
 
 LDAP_AUTH = True
-LDAP_BIND_URI = 'ldap://localhost'
-LDAP_BASE_DN = 'dc=example,dc=com'
-LDAP_EMAIL_DOMAIN = 'example.com'
-LDAP_REQUIRED_GROUP = 'Lemur Access'
-LDAP_DEFAULT_ROLE = 'role1'
+LDAP_BIND_URI = "ldap://localhost"
+LDAP_BASE_DN = "dc=example,dc=com"
+LDAP_EMAIL_DOMAIN = "example.com"
+LDAP_REQUIRED_GROUP = "Lemur Access"
+LDAP_DEFAULT_ROLE = "role1"
 
 ALLOW_CERT_DELETION = True

lemur/tests/conftest.py

@@ -13,16 +13,34 @@ from lemur import create_app
 from lemur.common.utils import parse_private_key
 from lemur.database import db as _db
 from lemur.auth.service import create_token
-from lemur.tests.vectors import SAN_CERT_KEY, INTERMEDIATE_KEY, ROOTCA_CERT_STR, ROOTCA_KEY
+from lemur.tests.vectors import (
+    SAN_CERT_KEY,
+    INTERMEDIATE_KEY,
+    ROOTCA_CERT_STR,
+    ROOTCA_KEY,
+)
 
-from .factories import ApiKeyFactory, AuthorityFactory, NotificationFactory, DestinationFactory, \
-    CertificateFactory, UserFactory, RoleFactory, SourceFactory, EndpointFactory, \
-    RotationPolicyFactory, PendingCertificateFactory, AsyncAuthorityFactory, InvalidCertificateFactory, \
-    CryptoAuthorityFactory, CACertificateFactory
+from .factories import (
+    ApiKeyFactory,
+    AuthorityFactory,
+    NotificationFactory,
+    DestinationFactory,
+    CertificateFactory,
+    UserFactory,
+    RoleFactory,
+    SourceFactory,
+    EndpointFactory,
+    RotationPolicyFactory,
+    PendingCertificateFactory,
+    AsyncAuthorityFactory,
+    InvalidCertificateFactory,
+    CryptoAuthorityFactory,
+    CACertificateFactory,
+)
 
 
 def pytest_runtest_setup(item):
-    if 'slow' in item.keywords and not item.config.getoption("--runslow"):
+    if "slow" in item.keywords and not item.config.getoption("--runslow"):
         pytest.skip("need --runslow option to run")
 
     if "incremental" in item.keywords:
@@ -44,7 +62,9 @@ def app(request):
     Creates a new Flask application for a test duration.
     Uses application factory `create_app`.
     """
-    _app = create_app(config_path=os.path.dirname(os.path.realpath(__file__)) + '/conf.py')
+    _app = create_app(
+        config_path=os.path.dirname(os.path.realpath(__file__)) + "/conf.py"
+    )
     ctx = _app.app_context()
     ctx.push()
 
@@ -56,15 +76,15 @@ def app(request):
 @pytest.yield_fixture(scope="session")
 def db(app, request):
     _db.drop_all()
-    _db.engine.execute(text('CREATE EXTENSION IF NOT EXISTS pg_trgm'))
+    _db.engine.execute(text("CREATE EXTENSION IF NOT EXISTS pg_trgm"))
     _db.create_all()
 
     _db.app = app
 
     UserFactory()
-    r = RoleFactory(name='admin')
+    r = RoleFactory(name="admin")
     u = UserFactory(roles=[r])
-    rp = RotationPolicyFactory(name='default')
+    rp = RotationPolicyFactory(name="default")
     ApiKeyFactory(user=u)
 
     _db.session.commit()
@@ -159,8 +179,8 @@ def user(session):
     u = UserFactory()
     session.commit()
     user_token = create_token(u)
-    token = {'Authorization': 'Basic ' + user_token}
-    return {'user': u, 'token': token}
+    token = {"Authorization": "Basic " + user_token}
+    return {"user": u, "token": token}
 
 
 @pytest.fixture
@@ -203,18 +223,19 @@ def invalid_certificate(session):
 @pytest.fixture
 def admin_user(session):
     u = UserFactory()
-    admin_role = RoleFactory(name='admin')
+    admin_role = RoleFactory(name="admin")
     u.roles.append(admin_role)
     session.commit()
     user_token = create_token(u)
-    token = {'Authorization': 'Basic ' + user_token}
-    return {'user': u, 'token': token}
+    token = {"Authorization": "Basic " + user_token}
+    return {"user": u, "token": token}
 
 
 @pytest.fixture
 def async_issuer_plugin():
     from lemur.plugins.base import register
     from .plugins.issuer_plugin import TestAsyncIssuerPlugin
+
     register(TestAsyncIssuerPlugin)
     return TestAsyncIssuerPlugin
 
@@ -223,6 +244,7 @@ def async_issuer_plugin():
 def issuer_plugin():
     from lemur.plugins.base import register
     from .plugins.issuer_plugin import TestIssuerPlugin
+
     register(TestIssuerPlugin)
     return TestIssuerPlugin
 
@@ -231,6 +253,7 @@ def issuer_plugin():
 def notification_plugin():
     from lemur.plugins.base import register
     from .plugins.notification_plugin import TestNotificationPlugin
+
     register(TestNotificationPlugin)
     return TestNotificationPlugin
 
@@ -239,6 +262,7 @@ def notification_plugin():
 def destination_plugin():
     from lemur.plugins.base import register
     from .plugins.destination_plugin import TestDestinationPlugin
+
     register(TestDestinationPlugin)
     return TestDestinationPlugin
 
@@ -247,6 +271,7 @@ def destination_plugin():
 def source_plugin():
     from lemur.plugins.base import register
     from .plugins.source_plugin import TestSourcePlugin
+
     register(TestSourcePlugin)
     return TestSourcePlugin
 
@@ -277,13 +302,19 @@ def issuer_private_key():
 
 @pytest.fixture
 def cert_builder(private_key):
-    return (x509.CertificateBuilder()
-            .subject_name(x509.Name([x509.NameAttribute(x509.NameOID.COMMON_NAME, 'foo.com')]))
-            .issuer_name(x509.Name([x509.NameAttribute(x509.NameOID.COMMON_NAME, 'foo.com')]))
-            .serial_number(1)
-            .public_key(private_key.public_key())
-            .not_valid_before(datetime.datetime(2017, 12, 22))
-            .not_valid_after(datetime.datetime(2040, 1, 1)))
+    return (
+        x509.CertificateBuilder()
+        .subject_name(
+            x509.Name([x509.NameAttribute(x509.NameOID.COMMON_NAME, "foo.com")])
+        )
+        .issuer_name(
+            x509.Name([x509.NameAttribute(x509.NameOID.COMMON_NAME, "foo.com")])
+        )
+        .serial_number(1)
+        .public_key(private_key.public_key())
+        .not_valid_before(datetime.datetime(2017, 12, 22))
+        .not_valid_after(datetime.datetime(2040, 1, 1))
+    )
 
 
 @pytest.fixture
@@ -292,9 +323,9 @@ def selfsigned_cert(cert_builder, private_key):
     return cert_builder.sign(private_key, hashes.SHA256(), default_backend())
 
 
-@pytest.fixture(scope='function')
+@pytest.fixture(scope="function")
 def aws_credentials():
-    os.environ['AWS_ACCESS_KEY_ID'] = 'testing'
-    os.environ['AWS_SECRET_ACCESS_KEY'] = 'testing'
-    os.environ['AWS_SECURITY_TOKEN'] = 'testing'
-    os.environ['AWS_SESSION_TOKEN'] = 'testing'
+    os.environ["AWS_ACCESS_KEY_ID"] = "testing"
+    os.environ["AWS_SECRET_ACCESS_KEY"] = "testing"
+    os.environ["AWS_SECURITY_TOKEN"] = "testing"
+    os.environ["AWS_SESSION_TOKEN"] = "testing"

lemur/tests/factories.py

@@ -1,4 +1,3 @@
-
 from datetime import date
 
 from factory import Sequence, post_generation, SubFactory
@@ -19,8 +18,16 @@ from lemur.endpoints.models import Policy, Endpoint
 from lemur.policies.models import RotationPolicy
 from lemur.api_keys.models import ApiKey
 
-from .vectors import SAN_CERT_STR, SAN_CERT_KEY, CSR_STR, INTERMEDIATE_CERT_STR, ROOTCA_CERT_STR, INTERMEDIATE_KEY, \
-    WILDCARD_CERT_KEY, INVALID_CERT_STR
+from .vectors import (
+    SAN_CERT_STR,
+    SAN_CERT_KEY,
+    CSR_STR,
+    INTERMEDIATE_CERT_STR,
+    ROOTCA_CERT_STR,
+    INTERMEDIATE_KEY,
+    WILDCARD_CERT_KEY,
+    INVALID_CERT_STR,
+)
 
 
 class BaseFactory(SQLAlchemyModelFactory):
@@ -28,28 +35,32 @@ class BaseFactory(SQLAlchemyModelFactory):
 
     class Meta:
         """Factory configuration."""
+
         abstract = True
         sqlalchemy_session = db.session
 
 
 class RotationPolicyFactory(BaseFactory):
     """Rotation Factory."""
-    name = Sequence(lambda n: 'policy{0}'.format(n))
+
+    name = Sequence(lambda n: "policy{0}".format(n))
     days = 30
 
     class Meta:
         """Factory configuration."""
+
         model = RotationPolicy
 
 
 class CertificateFactory(BaseFactory):
     """Certificate factory."""
-    name = Sequence(lambda n: 'certificate{0}'.format(n))
+
+    name = Sequence(lambda n: "certificate{0}".format(n))
     chain = INTERMEDIATE_CERT_STR
     body = SAN_CERT_STR
     private_key = SAN_CERT_KEY
-    owner = 'joe@example.com'
-    status = FuzzyChoice(['valid', 'revoked', 'unknown'])
+    owner = "joe@example.com"
+    status = FuzzyChoice(["valid", "revoked", "unknown"])
     deleted = False
     description = FuzzyText(length=128)
     active = True
@@ -58,6 +69,7 @@ class CertificateFactory(BaseFactory):
 
     class Meta:
         """Factory Configuration."""
+
         model = Certificate
 
     @post_generation
@@ -139,20 +151,22 @@ class CACertificateFactory(CertificateFactory):
 
 class InvalidCertificateFactory(CertificateFactory):
     body = INVALID_CERT_STR
-    private_key = ''
-    chain = ''
+    private_key = ""
+    chain = ""
 
 
 class AuthorityFactory(BaseFactory):
     """Authority factory."""
-    name = Sequence(lambda n: 'authority{0}'.format(n))
-    owner = 'joe@example.com'
-    plugin = {'slug': 'test-issuer'}
+
+    name = Sequence(lambda n: "authority{0}".format(n))
+    owner = "joe@example.com"
+    plugin = {"slug": "test-issuer"}
     description = FuzzyText(length=128)
     authority_certificate = SubFactory(CACertificateFactory)
 
     class Meta:
         """Factory configuration."""
+
         model = Authority
 
     @post_generation
@@ -167,54 +181,64 @@ class AuthorityFactory(BaseFactory):
 
 class AsyncAuthorityFactory(AuthorityFactory):
     """Async Authority factory."""
-    name = Sequence(lambda n: 'authority{0}'.format(n))
-    owner = 'joe@example.com'
-    plugin = {'slug': 'test-issuer-async'}
+
+    name = Sequence(lambda n: "authority{0}".format(n))
+    owner = "joe@example.com"
+    plugin = {"slug": "test-issuer-async"}
     description = FuzzyText(length=128)
     authority_certificate = SubFactory(CertificateFactory)
 
 
 class CryptoAuthorityFactory(AuthorityFactory):
     """Authority factory based on 'cryptography' plugin."""
-    plugin = {'slug': 'cryptography-issuer'}
+
+    plugin = {"slug": "cryptography-issuer"}
 
 
 class DestinationFactory(BaseFactory):
     """Destination factory."""
-    plugin_name = 'test-destination'
-    label = Sequence(lambda n: 'destination{0}'.format(n))
+
+    plugin_name = "test-destination"
+    label = Sequence(lambda n: "destination{0}".format(n))
 
     class Meta:
         """Factory Configuration."""
+
         model = Destination
 
 
 class SourceFactory(BaseFactory):
     """Source factory."""
-    plugin_name = 'test-source'
-    label = Sequence(lambda n: 'source{0}'.format(n))
+
+    plugin_name = "test-source"
+    label = Sequence(lambda n: "source{0}".format(n))
 
     class Meta:
         """Factory Configuration."""
+
         model = Source
 
 
 class NotificationFactory(BaseFactory):
     """Notification factory."""
-    plugin_name = 'test-notification'
-    label = Sequence(lambda n: 'notification{0}'.format(n))
+
+    plugin_name = "test-notification"
+    label = Sequence(lambda n: "notification{0}".format(n))
 
     class Meta:
         """Factory Configuration."""
+
         model = Notification
 
 
 class RoleFactory(BaseFactory):
     """Role factory."""
-    name = Sequence(lambda n: 'role{0}'.format(n))
+
+    name = Sequence(lambda n: "role{0}".format(n))
 
     class Meta:
         """Factory Configuration."""
+
         model = Role
 
     @post_generation
@@ -229,14 +253,16 @@ class RoleFactory(BaseFactory):
 
 class UserFactory(BaseFactory):
     """User Factory."""
-    username = Sequence(lambda n: 'user{0}'.format(n))
-    email = Sequence(lambda n: 'user{0}@example.com'.format(n))
+
+    username = Sequence(lambda n: "user{0}".format(n))
+    email = Sequence(lambda n: "user{0}@example.com".format(n))
     active = True
     password = FuzzyText(length=24)
     certificates = []
 
     class Meta:
         """Factory Configuration."""
+
         model = User
 
     @post_generation
@@ -269,39 +295,45 @@ class UserFactory(BaseFactory):
 
 class PolicyFactory(BaseFactory):
     """Policy Factory."""
-    name = Sequence(lambda n: 'endpoint{0}'.format(n))
+
+    name = Sequence(lambda n: "endpoint{0}".format(n))
 
     class Meta:
         """Factory Configuration."""
+
         model = Policy
 
 
 class EndpointFactory(BaseFactory):
     """Endpoint Factory."""
-    owner = 'joe@example.com'
-    name = Sequence(lambda n: 'endpoint{0}'.format(n))
-    type = FuzzyChoice(['elb'])
+
+    owner = "joe@example.com"
+    name = Sequence(lambda n: "endpoint{0}".format(n))
+    type = FuzzyChoice(["elb"])
     active = True
     port = FuzzyInteger(0, high=65535)
-    dnsname = 'endpoint.example.com'
+    dnsname = "endpoint.example.com"
     policy = SubFactory(PolicyFactory)
     certificate = SubFactory(CertificateFactory)
     source = SubFactory(SourceFactory)
 
     class Meta:
         """Factory Configuration."""
+
         model = Endpoint
 
 
 class ApiKeyFactory(BaseFactory):
     """Api Key Factory."""
-    name = Sequence(lambda n: 'api_key_{0}'.format(n))
+
+    name = Sequence(lambda n: "api_key_{0}".format(n))
     revoked = False
     ttl = -1
     issued_at = 1
 
     class Meta:
         """Factory Configuration."""
+
         model = ApiKey
 
     @post_generation
@@ -315,13 +347,14 @@ class ApiKeyFactory(BaseFactory):
 
 class PendingCertificateFactory(BaseFactory):
     """PendingCertificate factory."""
-    name = Sequence(lambda n: 'pending_certificate{0}'.format(n))
+
+    name = Sequence(lambda n: "pending_certificate{0}".format(n))
     external_id = 12345
     csr = CSR_STR
     chain = INTERMEDIATE_CERT_STR
     private_key = WILDCARD_CERT_KEY
-    owner = 'joe@example.com'
-    status = FuzzyChoice(['valid', 'revoked', 'unknown'])
+    owner = "joe@example.com"
+    status = FuzzyChoice(["valid", "revoked", "unknown"])
     deleted = False
     description = FuzzyText(length=128)
     date_created = FuzzyDate(date(2016, 1, 1), date(2020, 1, 1))
@@ -330,6 +363,7 @@ class PendingCertificateFactory(BaseFactory):
 
     class Meta:
         """Factory Configuration."""
+
         model = PendingCertificate
 
     @post_generation

lemur/tests/plugins/destination_plugin.py

@@ -2,12 +2,12 @@ from lemur.plugins.bases import DestinationPlugin
 
 
 class TestDestinationPlugin(DestinationPlugin):
-    title = 'Test'
-    slug = 'test-destination'
-    description = 'Enables testing'
+    title = "Test"
+    slug = "test-destination"
+    description = "Enables testing"
 
-    author = 'Kevin Glisson'
-    author_url = 'https://github.com/netflix/lemur.git'
+    author = "Kevin Glisson"
+    author_url = "https://github.com/netflix/lemur.git"
 
     def __init__(self, *args, **kwargs):
         super(TestDestinationPlugin, self).__init__(*args, **kwargs)

lemur/tests/plugins/issuer_plugin.py

@@ -4,12 +4,12 @@ from lemur.tests.vectors import SAN_CERT_STR, INTERMEDIATE_CERT_STR
 
 
 class TestIssuerPlugin(IssuerPlugin):
-    title = 'Test'
-    slug = 'test-issuer'
-    description = 'Enables testing'
+    title = "Test"
+    slug = "test-issuer"
+    description = "Enables testing"
 
-    author = 'Kevin Glisson'
-    author_url = 'https://github.com/netflix/lemur.git'
+    author = "Kevin Glisson"
+    author_url = "https://github.com/netflix/lemur.git"
 
     def __init__(self, *args, **kwargs):
         super(TestIssuerPlugin, self).__init__(*args, **kwargs)
@@ -20,17 +20,17 @@ class TestIssuerPlugin(IssuerPlugin):
 
     @staticmethod
     def create_authority(options):
-        role = {'username': '', 'password': '', 'name': 'test'}
+        role = {"username": "", "password": "", "name": "test"}
         return SAN_CERT_STR, "", [role]
 
 
 class TestAsyncIssuerPlugin(IssuerPlugin):
-    title = 'Test Async'
-    slug = 'test-issuer-async'
-    description = 'Enables testing with pending certificates'
+    title = "Test Async"
+    slug = "test-issuer-async"
+    description = "Enables testing with pending certificates"
 
-    author = 'James Chuong'
-    author_url = 'https://github.com/jchuong'
+    author = "James Chuong"
+    author_url = "https://github.com/jchuong"
 
     def __init__(self, *args, **kwargs):
         super(TestAsyncIssuerPlugin, self).__init__(*args, **kwargs)
@@ -43,7 +43,7 @@ class TestAsyncIssuerPlugin(IssuerPlugin):
 
     @staticmethod
     def create_authority(options):
-        role = {'username': '', 'password': '', 'name': 'test'}
+        role = {"username": "", "password": "", "name": "test"}
         return SAN_CERT_STR, "", [role]
 
     def cancel_ordered_certificate(self, pending_certificate, **kwargs):

lemur/tests/plugins/notification_plugin.py

@@ -2,12 +2,12 @@ from lemur.plugins.bases import NotificationPlugin
 
 
 class TestNotificationPlugin(NotificationPlugin):
-    title = 'Test'
-    slug = 'test-notification'
-    description = 'Enables testing'
+    title = "Test"
+    slug = "test-notification"
+    description = "Enables testing"
 
-    author = 'Kevin Glisson'
-    author_url = 'https://github.com/netflix/lemur.git'
+    author = "Kevin Glisson"
+    author_url = "https://github.com/netflix/lemur.git"
 
     def __init__(self, *args, **kwargs):
         super(TestNotificationPlugin, self).__init__(*args, **kwargs)

lemur/tests/plugins/source_plugin.py

@@ -2,12 +2,12 @@ from lemur.plugins.bases import SourcePlugin
 
 
 class TestSourcePlugin(SourcePlugin):
-    title = 'Test'
-    slug = 'test-source'
-    description = 'Enables testing'
+    title = "Test"
+    slug = "test-source"
+    description = "Enables testing"
 
-    author = 'Kevin Glisson'
-    author_url = 'https://github.com/netflix/lemur.git'
+    author = "Kevin Glisson"
+    author_url = "https://github.com/netflix/lemur.git"
 
     def __init__(self, *args, **kwargs):
         super(TestSourcePlugin, self).__init__(*args, **kwargs)

lemur/tests/test_api_keys.py

@@ -4,219 +4,398 @@ import pytest
 from lemur.api_keys.views import *  # noqa
 
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_api_key_list_get(client, token, status):
     assert client.get(api.url_for(ApiKeyList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_api_key_list_post_invalid(client, token, status):
-    assert client.post(api.url_for(ApiKeyList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(ApiKeyList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,user_id,status", [
-    (VALID_USER_HEADER_TOKEN, 1, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 2, 200),
-    (VALID_ADMIN_API_TOKEN, 2, 200),
-    ('', 0, 401)
-])
+@pytest.mark.parametrize(
+    "token,user_id,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 1, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 2, 200),
+        (VALID_ADMIN_API_TOKEN, 2, 200),
+        ("", 0, 401),
+    ],
+)
 def test_api_key_list_post_valid_self(client, user_id, token, status):
-    assert client.post(api.url_for(ApiKeyList), data=json.dumps({'name': 'a test token', 'user': {'id': user_id, 'username': 'example', 'email': 'example@test.net'}, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(ApiKeyList),
+            data=json.dumps(
+                {
+                    "name": "a test token",
+                    "user": {
+                        "id": user_id,
+                        "username": "example",
+                        "email": "example@test.net",
+                    },
+                    "ttl": -1,
+                }
+            ),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_api_key_list_post_valid_no_permission(client, token, status):
-    assert client.post(api.url_for(ApiKeyList), data=json.dumps({'name': 'a test token', 'user': {'id': 2, 'username': 'example', 'email': 'example@test.net'}, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(ApiKeyList),
+            data=json.dumps(
+                {
+                    "name": "a test token",
+                    "user": {
+                        "id": 2,
+                        "username": "example",
+                        "email": "example@test.net",
+                    },
+                    "ttl": -1,
+                }
+            ),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_api_key_list_patch(client, token, status):
-    assert client.patch(api.url_for(ApiKeyList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(ApiKeyList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_api_key_list_delete(client, token, status):
     assert client.delete(api.url_for(ApiKeyList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_user_api_key_list_get(client, token, status):
-    assert client.get(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_user_api_key_list_post_invalid(client, token, status):
-    assert client.post(api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,user_id,status", [
-    (VALID_USER_HEADER_TOKEN, 1, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 2, 200),
-    (VALID_ADMIN_API_TOKEN, 2, 200),
-    ('', 0, 401)
-])
+@pytest.mark.parametrize(
+    "token,user_id,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 1, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 2, 200),
+        (VALID_ADMIN_API_TOKEN, 2, 200),
+        ("", 0, 401),
+    ],
+)
 def test_user_api_key_list_post_valid_self(client, user_id, token, status):
-    assert client.post(api.url_for(ApiKeyUserList, user_id=1), data=json.dumps({'name': 'a test token', 'user': {'id': user_id}, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(ApiKeyUserList, user_id=1),
+            data=json.dumps(
+                {"name": "a test token", "user": {"id": user_id}, "ttl": -1}
+            ),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_user_api_key_list_post_valid_no_permission(client, token, status):
-    assert client.post(api.url_for(ApiKeyUserList, user_id=2), data=json.dumps({'name': 'a test token', 'user': {'id': 2}, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(ApiKeyUserList, user_id=2),
+            data=json.dumps({"name": "a test token", "user": {"id": 2}, "ttl": -1}),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_api_key_list_patch(client, token, status):
-    assert client.patch(api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(ApiKeyUserList, user_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_api_key_list_delete(client, token, status):
-    assert client.delete(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(ApiKeyUserList, user_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
-@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
+@pytest.mark.skip(
+    reason="no way of getting an actual user onto the access key to generate a jwt"
+)
 def test_api_key_get(client, token, status):
     assert client.get(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_api_key_post(client, token, status):
     assert client.post(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_api_key_patch(client, token, status):
-    assert client.patch(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(ApiKeys, aid=1), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
-@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
+@pytest.mark.skip(
+    reason="no way of getting an actual user onto the access key to generate a jwt"
+)
 def test_api_key_put_permssions(client, token, status):
-    assert client.put(api.url_for(ApiKeys, aid=1), data=json.dumps({'name': 'Test', 'revoked': False, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(ApiKeys, aid=1),
+            data=json.dumps({"name": "Test", "revoked": False, "ttl": -1}),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
 # This test works while the other doesn't because the schema allows user id to be null.
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_api_key_described_get(client, token, status):
-    assert client.get(api.url_for(ApiKeysDescribed, aid=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(ApiKeysDescribed, aid=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
-@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
+@pytest.mark.skip(
+    reason="no way of getting an actual user onto the access key to generate a jwt"
+)
 def test_user_api_key_get(client, token, status):
-    assert client.get(api.url_for(UserApiKeys, uid=1, aid=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(UserApiKeys, uid=1, aid=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_api_key_post(client, token, status):
-    assert client.post(api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_api_key_patch(client, token, status):
-    assert client.patch(api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(UserApiKeys, uid=2, aid=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
-@pytest.mark.skip(reason="no way of getting an actual user onto the access key to generate a jwt")
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
+@pytest.mark.skip(
+    reason="no way of getting an actual user onto the access key to generate a jwt"
+)
 def test_user_api_key_put_permssions(client, token, status):
-    assert client.put(api.url_for(UserApiKeys, uid=2, aid=1), data=json.dumps({'name': 'Test', 'revoked': False, 'ttl': -1}), headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(UserApiKeys, uid=2, aid=1),
+            data=json.dumps({"name": "Test", "revoked": False, "ttl": -1}),
+            headers=token,
+        ).status_code
+        == status
+    )

lemur/tests/test_authorities.py

@@ -4,22 +4,29 @@ import pytest
 
 from lemur.authorities.views import *  # noqa
 from lemur.tests.factories import AuthorityFactory, RoleFactory
-from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from lemur.tests.vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_authority_input_schema(client, role, issuer_plugin, logged_in_user):
     from lemur.authorities.schemas import AuthorityInputSchema
 
     input_data = {
-        'name': 'Example Authority',
-        'owner': 'jim@example.com',
-        'description': 'An example authority.',
-        'commonName': 'An Example Authority',
-        'plugin': {'slug': 'test-issuer', 'plugin_options': [{'name': 'test', 'value': 'blah'}]},
-        'type': 'root',
-        'signingAlgorithm': 'sha256WithRSA',
-        'keyType': 'RSA2048',
-        'sensitivity': 'medium'
+        "name": "Example Authority",
+        "owner": "jim@example.com",
+        "description": "An example authority.",
+        "commonName": "An Example Authority",
+        "plugin": {
+            "slug": "test-issuer",
+            "plugin_options": [{"name": "test", "value": "blah"}],
+        },
+        "type": "root",
+        "signingAlgorithm": "sha256WithRSA",
+        "keyType": "RSA2048",
+        "sensitivity": "medium",
     }
 
     data, errors = AuthorityInputSchema().load(input_data)
@@ -28,179 +35,286 @@ def test_authority_input_schema(client, role, issuer_plugin, logged_in_user):
 
 
 def test_user_authority(session, client, authority, role, user, issuer_plugin):
-    u = user['user']
+    u = user["user"]
     u.roles.append(role)
     authority.roles.append(role)
     session.commit()
-    assert client.get(api.url_for(AuthoritiesList), headers=user['token']).json['total'] == 1
+    assert (
+        client.get(api.url_for(AuthoritiesList), headers=user["token"]).json["total"]
+        == 1
+    )
     u.roles.remove(role)
     session.commit()
-    assert client.get(api.url_for(AuthoritiesList), headers=user['token']).json['total'] == 0
+    assert (
+        client.get(api.url_for(AuthoritiesList), headers=user["token"]).json["total"]
+        == 0
+    )
 
 
 def test_create_authority(issuer_plugin, user):
     from lemur.authorities.service import create
-    authority = create(plugin={'plugin_object': issuer_plugin, 'slug': issuer_plugin.slug}, owner='jim@example.com', type='root', creator=user['user'])
+
+    authority = create(
+        plugin={"plugin_object": issuer_plugin, "slug": issuer_plugin.slug},
+        owner="jim@example.com",
+        type="root",
+        creator=user["user"],
+    )
     assert authority.authority_certificate
 
 
-@pytest.mark.parametrize("token, count", [
-    (VALID_USER_HEADER_TOKEN, 0),
-    (VALID_ADMIN_HEADER_TOKEN, 3),
-    (VALID_ADMIN_API_TOKEN, 3),
-])
+@pytest.mark.parametrize(
+    "token, count",
+    [
+        (VALID_USER_HEADER_TOKEN, 0),
+        (VALID_ADMIN_HEADER_TOKEN, 3),
+        (VALID_ADMIN_API_TOKEN, 3),
+    ],
+)
 def test_admin_authority(client, authority, issuer_plugin, token, count):
-    assert client.get(api.url_for(AuthoritiesList), headers=token).json['total'] == count
+    assert (
+        client.get(api.url_for(AuthoritiesList), headers=token).json["total"] == count
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_authority_get(client, token, status):
-    assert client.get(api.url_for(Authorities, authority_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Authorities, authority_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authority_post(client, token, status):
-    assert client.post(api.url_for(Authorities, authority_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Authorities, authority_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_authority_put(client, token, status):
-    assert client.put(api.url_for(Authorities, authority_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Authorities, authority_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authority_delete(client, token, status):
-    assert client.delete(api.url_for(Authorities, authority_id=1), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(Authorities, authority_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authority_patch(client, token, status):
-    assert client.patch(api.url_for(Authorities, authority_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Authorities, authority_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_authorities_get(client, token, status):
     assert client.get(api.url_for(AuthoritiesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_authorities_post(client, token, status):
-    assert client.post(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authorities_put(client, token, status):
-    assert client.put(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authorities_delete(client, token, status):
-    assert client.delete(api.url_for(AuthoritiesList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(AuthoritiesList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_authorities_patch(client, token, status):
-    assert client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_certificate_authorities_get(client, token, status):
     assert client.get(api.url_for(AuthoritiesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_certificate_authorities_post(client, token, status):
-    assert client.post(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_authorities_put(client, token, status):
-    assert client.put(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_authorities_delete(client, token, status):
-    assert client.delete(api.url_for(AuthoritiesList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(AuthoritiesList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_authorities_patch(client, token, status):
-    assert client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(AuthoritiesList), data={}, headers=token).status_code
+        == status
+    )
 
 
 def test_authority_roles(client, session, issuer_plugin):
@@ -209,23 +323,29 @@ def test_authority_roles(client, session, issuer_plugin):
     session.flush()
 
     data = {
-        'owner': auth.owner,
-        'name': auth.name,
-        'description': auth.description,
-        'active': True,
-        'roles': [
-            {'id': role.id},
-        ],
+        "owner": auth.owner,
+        "name": auth.name,
+        "description": auth.description,
+        "active": True,
+        "roles": [{"id": role.id}],
     }
 
     # Add role
-    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    resp = client.put(
+        api.url_for(Authorities, authority_id=auth.id),
+        data=json.dumps(data),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
-    assert len(resp.json['roles']) == 1
+    assert len(resp.json["roles"]) == 1
     assert set(auth.roles) == {role}
 
     # Remove role
-    del data['roles'][0]
-    resp = client.put(api.url_for(Authorities, authority_id=auth.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    del data["roles"][0]
+    resp = client.put(
+        api.url_for(Authorities, authority_id=auth.id),
+        data=json.dumps(data),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
-    assert len(resp.json['roles']) == 0
+    assert len(resp.json["roles"]) == 0

lemur/tests/test_certificates.py

@@ -17,32 +17,53 @@ from lemur.common import utils
 from lemur.domains.models import Domain
 
 
-from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, CSR_STR, \
-    INTERMEDIATE_CERT_STR, SAN_CERT_STR, SAN_CERT_CSR, SAN_CERT_KEY, ROOTCA_KEY, ROOTCA_CERT_STR
+from lemur.tests.vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+    CSR_STR,
+    INTERMEDIATE_CERT_STR,
+    SAN_CERT_STR,
+    SAN_CERT_CSR,
+    SAN_CERT_KEY,
+    ROOTCA_KEY,
+    ROOTCA_CERT_STR,
+)
 
 
 def test_get_or_increase_name(session, certificate):
     from lemur.certificates.models import get_or_increase_name
     from lemur.tests.factories import CertificateFactory
 
-    serial = 'AFF2DB4F8D2D4D8E80FA382AE27C2333'
+    serial = "AFF2DB4F8D2D4D8E80FA382AE27C2333"
 
-    assert get_or_increase_name(certificate.name, certificate.serial) == '{0}-{1}'.format(certificate.name, serial)
+    assert get_or_increase_name(
+        certificate.name, certificate.serial
+    ) == "{0}-{1}".format(certificate.name, serial)
 
-    certificate.name = 'test-cert-11111111'
-    assert get_or_increase_name(certificate.name, certificate.serial) == 'test-cert-11111111-' + serial
+    certificate.name = "test-cert-11111111"
+    assert (
+        get_or_increase_name(certificate.name, certificate.serial)
+        == "test-cert-11111111-" + serial
+    )
 
-    certificate.name = 'test-cert-11111111-1'
-    assert get_or_increase_name('test-cert-11111111-1', certificate.serial) == 'test-cert-11111111-1-' + serial
+    certificate.name = "test-cert-11111111-1"
+    assert (
+        get_or_increase_name("test-cert-11111111-1", certificate.serial)
+        == "test-cert-11111111-1-" + serial
+    )
 
-    cert2 = CertificateFactory(name='certificate1-' + serial)
+    cert2 = CertificateFactory(name="certificate1-" + serial)
     session.commit()
 
-    assert get_or_increase_name('certificate1', int(serial, 16)) == 'certificate1-{}-1'.format(serial)
+    assert get_or_increase_name(
+        "certificate1", int(serial, 16)
+    ) == "certificate1-{}-1".format(serial)
 
 
 def test_get_all_certs(session, certificate):
     from lemur.certificates.service import get_all_certs
+
     assert len(get_all_certs()) > 1
 
 
@@ -66,7 +87,7 @@ def test_delete_cert(session):
     from lemur.certificates.service import delete, get
     from lemur.tests.factories import CertificateFactory
 
-    delete_this = CertificateFactory(name='DELETEME')
+    delete_this = CertificateFactory(name="DELETEME")
     session.commit()
 
     cert_exists = get(delete_this.id)
@@ -85,21 +106,24 @@ def test_get_by_attributes(session, certificate):
     from lemur.certificates.service import get_by_attributes
 
     # Should get one cert
-    certificate1 = get_by_attributes({
-        'name': 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231'
-    })
+    certificate1 = get_by_attributes(
+        {
+            "name": "SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231"
+        }
+    )
 
     # Should get one cert using multiple attrs
-    certificate2 = get_by_attributes({
-        'name': 'test-cert-11111111-1',
-        'cn': 'san.example.org'
-    })
+    certificate2 = get_by_attributes(
+        {"name": "test-cert-11111111-1", "cn": "san.example.org"}
+    )
 
     # Should get multiple certs
-    multiple = get_by_attributes({
-        'cn': 'LemurTrust Unittests Class 1 CA 2018',
-        'issuer': 'LemurTrustUnittestsRootCA2018'
-    })
+    multiple = get_by_attributes(
+        {
+            "cn": "LemurTrust Unittests Class 1 CA 2018",
+            "issuer": "LemurTrustUnittestsRootCA2018",
+        }
+    )
 
     assert len(certificate1) == 1
     assert len(certificate2) == 1
@@ -109,14 +133,11 @@ def test_get_by_attributes(session, certificate):
 def test_find_duplicates(session):
     from lemur.certificates.service import find_duplicates
 
-    cert = {
-        'body': SAN_CERT_STR,
-        'chain': INTERMEDIATE_CERT_STR
-    }
+    cert = {"body": SAN_CERT_STR, "chain": INTERMEDIATE_CERT_STR}
 
     dups1 = find_duplicates(cert)
 
-    cert['chain'] = ''
+    cert["chain"] = ""
 
     dups2 = find_duplicates(cert)
 
@@ -138,13 +159,15 @@ def test_certificate_output_schema(session, certificate, issuer_plugin):
     from lemur.certificates.schemas import CertificateOutputSchema
 
     # Clear the cached attribute first
-    if 'parsed_cert' in certificate.__dict__:
-        del certificate.__dict__['parsed_cert']
+    if "parsed_cert" in certificate.__dict__:
+        del certificate.__dict__["parsed_cert"]
 
     # Make sure serialization parses the cert only once (uses cached 'parsed_cert' attribute)
-    with patch('lemur.common.utils.parse_certificate', side_effect=utils.parse_certificate) as wrapper:
+    with patch(
+        "lemur.common.utils.parse_certificate", side_effect=utils.parse_certificate
+    ) as wrapper:
         data, errors = CertificateOutputSchema().dump(certificate)
-        assert data['issuer'] == 'LemurTrustUnittestsClass1CA2018'
+        assert data["issuer"] == "LemurTrustUnittestsClass1CA2018"
 
     assert wrapper.call_count == 1
 
@@ -152,24 +175,21 @@ def test_certificate_output_schema(session, certificate, issuer_plugin):
 def test_certificate_edit_schema(session):
     from lemur.certificates.schemas import CertificateEditInputSchema
 
-    input_data = {'owner': 'bob@example.com'}
+    input_data = {"owner": "bob@example.com"}
     data, errors = CertificateEditInputSchema().load(input_data)
-    assert len(data['notifications']) == 3
+    assert len(data["notifications"]) == 3
 
 
 def test_authority_key_identifier_schema():
     from lemur.schemas import AuthorityKeyIdentifierSchema
-    input_data = {
-        'useKeyIdentifier': True,
-        'useAuthorityCert': True
-    }
+
+    input_data = {"useKeyIdentifier": True, "useAuthorityCert": True}
 
     data, errors = AuthorityKeyIdentifierSchema().load(input_data)
 
-    assert sorted(data) == sorted({
-        'use_key_identifier': True,
-        'use_authority_cert': True
-    })
+    assert sorted(data) == sorted(
+        {"use_key_identifier": True, "use_authority_cert": True}
+    )
     assert not errors
 
     data, errors = AuthorityKeyIdentifierSchema().dumps(data)
@@ -179,11 +199,12 @@ def test_authority_key_identifier_schema():
 
 def test_certificate_info_access_schema():
     from lemur.schemas import CertificateInfoAccessSchema
-    input_data = {'includeAIA': True}
+
+    input_data = {"includeAIA": True}
 
     data, errors = CertificateInfoAccessSchema().load(input_data)
     assert not errors
-    assert data == {'include_aia': True}
+    assert data == {"include_aia": True}
 
     data, errors = CertificateInfoAccessSchema().dump(data)
     assert not errors
@@ -193,11 +214,11 @@ def test_certificate_info_access_schema():
 def test_subject_key_identifier_schema():
     from lemur.schemas import SubjectKeyIdentifierSchema
 
-    input_data = {'includeSKI': True}
+    input_data = {"includeSKI": True}
 
     data, errors = SubjectKeyIdentifierSchema().load(input_data)
     assert not errors
-    assert data == {'include_ski': True}
+    assert data == {"include_ski": True}
     data, errors = SubjectKeyIdentifierSchema().dump(data)
     assert not errors
     assert data == input_data
@@ -207,16 +228,9 @@ def test_extension_schema(client):
     from lemur.certificates.schemas import ExtensionSchema
 
     input_data = {
-        'keyUsage': {
-            'useKeyEncipherment': True,
-            'useDigitalSignature': True
-        },
-        'extendedKeyUsage': {
-            'useServerAuthentication': True
-        },
-        'subjectKeyIdentifier': {
-            'includeSKI': True
-        }
+        "keyUsage": {"useKeyEncipherment": True, "useDigitalSignature": True},
+        "extendedKeyUsage": {"useServerAuthentication": True},
+        "subjectKeyIdentifier": {"includeSKI": True},
     }
 
     data, errors = ExtensionSchema().load(input_data)
@@ -230,24 +244,24 @@ def test_certificate_input_schema(client, authority):
     from lemur.certificates.schemas import CertificateInputSchema
 
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': arrow.get(2018, 11, 9).isoformat(),
-        'validityEnd': arrow.get(2019, 11, 9).isoformat(),
-        'dnsProvider': None,
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": arrow.get(2018, 11, 9).isoformat(),
+        "validityEnd": arrow.get(2019, 11, 9).isoformat(),
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
 
     assert not errors
-    assert data['authority'].id == authority.id
+    assert data["authority"].id == authority.id
 
     # make sure the defaults got set
-    assert data['common_name'] == 'test.example.com'
-    assert data['country'] == 'US'
-    assert data['location'] == 'Los Gatos'
+    assert data["common_name"] == "test.example.com"
+    assert data["country"] == "US"
+    assert data["location"] == "Los Gatos"
 
     assert len(data.keys()) == 19
 
@@ -256,28 +270,22 @@ def test_certificate_input_with_extensions(client, authority):
     from lemur.certificates.schemas import CertificateInputSchema
 
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'extensions': {
-            'keyUsage': {
-                'digital_signature': True
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "extensions": {
+            "keyUsage": {"digital_signature": True},
+            "extendedKeyUsage": {
+                "useClientAuthentication": True,
+                "useServerAuthentication": True,
             },
-            'extendedKeyUsage': {
-                'useClientAuthentication': True,
-                'useServerAuthentication': True
+            "subjectKeyIdentifier": {"includeSKI": True},
+            "subAltNames": {
+                "names": [{"nameType": "DNSName", "value": "test.example.com"}]
             },
-            'subjectKeyIdentifier': {
-                'includeSKI': True
-            },
-            'subAltNames': {
-                'names': [
-                    {'nameType': 'DNSName', 'value': 'test.example.com'}
-                ]
-            }
         },
-        'dnsProvider': None,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -287,48 +295,61 @@ def test_certificate_input_with_extensions(client, authority):
 def test_certificate_input_schema_parse_csr(authority):
     from lemur.certificates.schemas import CertificateInputSchema
 
-    test_san_dns = 'foobar.com'
-    extensions = {'sub_alt_names': {'names': x509.SubjectAlternativeName([x509.DNSName(test_san_dns)])}}
-    csr, private_key = create_csr(owner='joe@example.com', common_name='ACommonName', organization='test',
-                                  organizational_unit='Meters', country='NL', state='Noord-Holland', location='Amsterdam',
-                                  key_type='RSA2048', extensions=extensions)
+    test_san_dns = "foobar.com"
+    extensions = {
+        "sub_alt_names": {
+            "names": x509.SubjectAlternativeName([x509.DNSName(test_san_dns)])
+        }
+    }
+    csr, private_key = create_csr(
+        owner="joe@example.com",
+        common_name="ACommonName",
+        organization="test",
+        organizational_unit="Meters",
+        country="NL",
+        state="Noord-Holland",
+        location="Amsterdam",
+        key_type="RSA2048",
+        extensions=extensions,
+    )
 
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'csr': csr,
-        'dnsProvider': None,
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "csr": csr,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
 
-    for san in data['extensions']['sub_alt_names']['names']:
+    for san in data["extensions"]["sub_alt_names"]["names"]:
         assert san.value == test_san_dns
     assert not errors
 
 
 def test_certificate_out_of_range_date(client, authority):
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityYears': 100,
-        'dnsProvider': None,
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityYears": 100,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
     assert errors
 
-    input_data['validityStart'] = '2017-04-30T00:12:34.513631'
+    input_data["validityStart"] = "2017-04-30T00:12:34.513631"
 
     data, errors = CertificateInputSchema().load(input_data)
     assert errors
 
-    input_data['validityEnd'] = '2018-04-30T00:12:34.513631'
+    input_data["validityEnd"] = "2018-04-30T00:12:34.513631"
 
     data, errors = CertificateInputSchema().load(input_data)
     assert errors
@@ -336,13 +357,14 @@ def test_certificate_out_of_range_date(client, authority):
 
 def test_certificate_valid_years(client, authority):
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityYears': 1,
-        'dnsProvider': None,
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityYears": 1,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -351,14 +373,15 @@ def test_certificate_valid_years(client, authority):
 
 def test_certificate_valid_dates(client, authority):
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': 'test.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'dnsProvider': None,
+        "commonName": "test.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -368,14 +391,15 @@ def test_certificate_valid_dates(client, authority):
 def test_certificate_cn_admin(client, authority, logged_in_admin):
     """Admin is exempt from CN/SAN domain restrictions."""
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': '*.admin-overrides-whitelist.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'dnsProvider': None,
+        "commonName": "*.admin-overrides-whitelist.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -385,22 +409,23 @@ def test_certificate_cn_admin(client, authority, logged_in_admin):
 def test_certificate_allowed_names(client, authority, session, logged_in_user):
     """Test for allowed CN and SAN values."""
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': 'Names with spaces are not checked',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'extensions': {
-            'subAltNames': {
-                'names': [
-                    {'nameType': 'DNSName', 'value': 'allowed.example.com'},
-                    {'nameType': 'IPAddress', 'value': '127.0.0.1'},
+        "commonName": "Names with spaces are not checked",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "extensions": {
+            "subAltNames": {
+                "names": [
+                    {"nameType": "DNSName", "value": "allowed.example.com"},
+                    {"nameType": "IPAddress", "value": "127.0.0.1"},
                 ]
             }
         },
-        'dnsProvider': None,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
@@ -415,74 +440,82 @@ def test_certificate_incative_authority(client, authority, session, logged_in_us
     session.add(authority)
 
     input_data = {
-        'commonName': 'foo.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'dnsProvider': None,
+        "commonName": "foo.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
-    assert errors['authority'][0] == "The authority is inactive."
+    assert errors["authority"][0] == "The authority is inactive."
 
 
 def test_certificate_disallowed_names(client, authority, session, logged_in_user):
     """The CN and SAN are disallowed by LEMUR_WHITELISTED_DOMAINS."""
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': '*.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'extensions': {
-            'subAltNames': {
-                'names': [
-                    {'nameType': 'DNSName', 'value': 'allowed.example.com'},
-                    {'nameType': 'DNSName', 'value': 'evilhacker.org'},
+        "commonName": "*.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "extensions": {
+            "subAltNames": {
+                "names": [
+                    {"nameType": "DNSName", "value": "allowed.example.com"},
+                    {"nameType": "DNSName", "value": "evilhacker.org"},
                 ]
             }
         },
-        'dnsProvider': None,
+        "dnsProvider": None,
     }
 
     data, errors = CertificateInputSchema().load(input_data)
-    assert errors['common_name'][0].startswith("Domain *.example.com does not match whitelisted domain patterns")
-    assert (errors['extensions']['sub_alt_names']['names'][0]
-            .startswith("Domain evilhacker.org does not match whitelisted domain patterns"))
+    assert errors["common_name"][0].startswith(
+        "Domain *.example.com does not match whitelisted domain patterns"
+    )
+    assert errors["extensions"]["sub_alt_names"]["names"][0].startswith(
+        "Domain evilhacker.org does not match whitelisted domain patterns"
+    )
 
 
 def test_certificate_sensitive_name(client, authority, session, logged_in_user):
     """The CN is disallowed by 'sensitive' flag on Domain model."""
     from lemur.certificates.schemas import CertificateInputSchema
+
     input_data = {
-        'commonName': 'sensitive.example.com',
-        'owner': 'jim@example.com',
-        'authority': {'id': authority.id},
-        'description': 'testtestest',
-        'validityStart': '2020-01-01T00:00:00',
-        'validityEnd': '2020-01-01T00:00:01',
-        'dnsProvider': None,
+        "commonName": "sensitive.example.com",
+        "owner": "jim@example.com",
+        "authority": {"id": authority.id},
+        "description": "testtestest",
+        "validityStart": "2020-01-01T00:00:00",
+        "validityEnd": "2020-01-01T00:00:01",
+        "dnsProvider": None,
     }
-    session.add(Domain(name='sensitive.example.com', sensitive=True))
+    session.add(Domain(name="sensitive.example.com", sensitive=True))
 
     data, errors = CertificateInputSchema().load(input_data)
-    assert errors['common_name'][0].startswith("Domain sensitive.example.com has been marked as sensitive")
+    assert errors["common_name"][0].startswith(
+        "Domain sensitive.example.com has been marked as sensitive"
+    )
 
 
 def test_certificate_upload_schema_ok(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'name': 'Jane',
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-        'privateKey': SAN_CERT_KEY,
-        'chain': INTERMEDIATE_CERT_STR,
-        'csr': SAN_CERT_CSR,
-        'external_id': '1234',
+        "name": "Jane",
+        "owner": "pwner@example.com",
+        "body": SAN_CERT_STR,
+        "privateKey": SAN_CERT_KEY,
+        "chain": INTERMEDIATE_CERT_STR,
+        "csr": SAN_CERT_CSR,
+        "external_id": "1234",
     }
     data, errors = CertificateUploadInputSchema().load(data)
     assert not errors
@@ -490,20 +523,19 @@ def test_certificate_upload_schema_ok(client):
 
 def test_certificate_upload_schema_minimal(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
-    data = {
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-    }
+
+    data = {"owner": "pwner@example.com", "body": SAN_CERT_STR}
     data, errors = CertificateUploadInputSchema().load(data)
     assert not errors
 
 
 def test_certificate_upload_schema_long_chain(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-        'chain': INTERMEDIATE_CERT_STR + '\n' + ROOTCA_CERT_STR
+        "owner": "pwner@example.com",
+        "body": SAN_CERT_STR,
+        "chain": INTERMEDIATE_CERT_STR + "\n" + ROOTCA_CERT_STR,
     }
     data, errors = CertificateUploadInputSchema().load(data)
     assert not errors
@@ -511,87 +543,106 @@ def test_certificate_upload_schema_long_chain(client):
 
 def test_certificate_upload_schema_invalid_body(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'owner': 'pwner@example.com',
-        'body': 'Hereby I certify that this is a valid body',
+        "owner": "pwner@example.com",
+        "body": "Hereby I certify that this is a valid body",
     }
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'body': ['Public certificate presented is not valid.']}
+    assert errors == {"body": ["Public certificate presented is not valid."]}
 
 
 def test_certificate_upload_schema_invalid_pkey(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-        'privateKey': 'Look at me Im a private key!!111',
+        "owner": "pwner@example.com",
+        "body": SAN_CERT_STR,
+        "privateKey": "Look at me Im a private key!!111",
     }
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'private_key': ['Private key presented is not valid.']}
+    assert errors == {"private_key": ["Private key presented is not valid."]}
 
 
 def test_certificate_upload_schema_invalid_chain(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
-    data = {
-        'body': SAN_CERT_STR,
-        'chain': 'CHAINSAW',
-        'owner': 'pwner@example.com',
-    }
+
+    data = {"body": SAN_CERT_STR, "chain": "CHAINSAW", "owner": "pwner@example.com"}
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'chain': ['Invalid certificate in certificate chain.']}
+    assert errors == {"chain": ["Invalid certificate in certificate chain."]}
 
 
 def test_certificate_upload_schema_wrong_pkey(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'body': SAN_CERT_STR,
-        'privateKey': ROOTCA_KEY,
-        'chain': INTERMEDIATE_CERT_STR,
-        'owner': 'pwner@example.com',
+        "body": SAN_CERT_STR,
+        "privateKey": ROOTCA_KEY,
+        "chain": INTERMEDIATE_CERT_STR,
+        "owner": "pwner@example.com",
     }
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'_schema': ['Private key does not match certificate.']}
+    assert errors == {"_schema": ["Private key does not match certificate."]}
 
 
 def test_certificate_upload_schema_wrong_chain(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-        'chain': ROOTCA_CERT_STR,
+        "owner": "pwner@example.com",
+        "body": SAN_CERT_STR,
+        "chain": ROOTCA_CERT_STR,
     }
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'_schema': ["Incorrect chain certificate(s) provided: 'san.example.org' is not signed by "
-                                  "'LemurTrust Unittests Root CA 2018'"]}
+    assert errors == {
+        "_schema": [
+            "Incorrect chain certificate(s) provided: 'san.example.org' is not signed by "
+            "'LemurTrust Unittests Root CA 2018'"
+        ]
+    }
 
 
 def test_certificate_upload_schema_wrong_chain_2nd(client):
     from lemur.certificates.schemas import CertificateUploadInputSchema
+
     data = {
-        'owner': 'pwner@example.com',
-        'body': SAN_CERT_STR,
-        'chain': INTERMEDIATE_CERT_STR + '\n' + SAN_CERT_STR,
+        "owner": "pwner@example.com",
+        "body": SAN_CERT_STR,
+        "chain": INTERMEDIATE_CERT_STR + "\n" + SAN_CERT_STR,
     }
     data, errors = CertificateUploadInputSchema().load(data)
-    assert errors == {'_schema': ["Incorrect chain certificate(s) provided: 'LemurTrust Unittests Class 1 CA 2018' is "
-                                  "not signed by 'san.example.org'"]}
+    assert errors == {
+        "_schema": [
+            "Incorrect chain certificate(s) provided: 'LemurTrust Unittests Class 1 CA 2018' is "
+            "not signed by 'san.example.org'"
+        ]
+    }
 
 
 def test_create_basic_csr(client):
     csr_config = dict(
-        common_name='example.com',
-        organization='Example, Inc.',
-        organizational_unit='Operations',
-        country='US',
-        state='CA',
-        location='A place',
-        owner='joe@example.com',
-        key_type='RSA2048',
-        extensions=dict(names=dict(sub_alt_names=x509.SubjectAlternativeName([x509.DNSName('test.example.com'), x509.DNSName('test2.example.com')])))
+        common_name="example.com",
+        organization="Example, Inc.",
+        organizational_unit="Operations",
+        country="US",
+        state="CA",
+        location="A place",
+        owner="joe@example.com",
+        key_type="RSA2048",
+        extensions=dict(
+            names=dict(
+                sub_alt_names=x509.SubjectAlternativeName(
+                    [
+                        x509.DNSName("test.example.com"),
+                        x509.DNSName("test2.example.com"),
+                    ]
+                )
+            )
+        ),
     )
     csr, pem = create_csr(**csr_config)
 
-    csr = x509.load_pem_x509_csr(csr.encode('utf-8'), default_backend())
+    csr = x509.load_pem_x509_csr(csr.encode("utf-8"), default_backend())
     for name in csr.subject:
         assert name.value in csr_config.values()
 
@@ -603,13 +654,13 @@ def test_csr_empty_san(client):
     """
 
     csr_text, pkey = create_csr(
-        common_name='daniel-san.example.com',
-        owner='daniel-san@example.com',
-        key_type='RSA2048',
-        extensions={'sub_alt_names': {'names': x509.SubjectAlternativeName([])}}
+        common_name="daniel-san.example.com",
+        owner="daniel-san@example.com",
+        key_type="RSA2048",
+        extensions={"sub_alt_names": {"names": x509.SubjectAlternativeName([])}},
     )
 
-    csr = x509.load_pem_x509_csr(csr_text.encode('utf-8'), default_backend())
+    csr = x509.load_pem_x509_csr(csr_text.encode("utf-8"), default_backend())
 
     with pytest.raises(x509.ExtensionNotFound):
         csr.extensions.get_extension_for_class(x509.SubjectAlternativeName)
@@ -620,13 +671,13 @@ def test_csr_disallowed_cn(client, logged_in_user):
     from lemur.common import validators
 
     request, pkey = create_csr(
-        common_name='evilhacker.org',
-        owner='joe@example.com',
-        key_type='RSA2048',
+        common_name="evilhacker.org", owner="joe@example.com", key_type="RSA2048"
     )
     with pytest.raises(ValidationError) as err:
         validators.csr(request)
-    assert str(err.value).startswith('Domain evilhacker.org does not match whitelisted domain patterns')
+    assert str(err.value).startswith(
+        "Domain evilhacker.org does not match whitelisted domain patterns"
+    )
 
 
 def test_csr_disallowed_san(client, logged_in_user):
@@ -635,46 +686,71 @@ def test_csr_disallowed_san(client, logged_in_user):
 
     request, pkey = create_csr(
         common_name="CN with spaces isn't a domain and is thus allowed",
-        owner='joe@example.com',
-        key_type='RSA2048',
-        extensions={'sub_alt_names': {'names': x509.SubjectAlternativeName([x509.DNSName('evilhacker.org')])}}
+        owner="joe@example.com",
+        key_type="RSA2048",
+        extensions={
+            "sub_alt_names": {
+                "names": x509.SubjectAlternativeName([x509.DNSName("evilhacker.org")])
+            }
+        },
     )
     with pytest.raises(ValidationError) as err:
         validators.csr(request)
-    assert str(err.value).startswith('Domain evilhacker.org does not match whitelisted domain patterns')
+    assert str(err.value).startswith(
+        "Domain evilhacker.org does not match whitelisted domain patterns"
+    )
 
 
 def test_get_name_from_arn(client):
     from lemur.certificates.service import get_name_from_arn
-    arn = 'arn:aws:iam::11111111:server-certificate/mycertificate'
-    assert get_name_from_arn(arn) == 'mycertificate'
+
+    arn = "arn:aws:iam::11111111:server-certificate/mycertificate"
+    assert get_name_from_arn(arn) == "mycertificate"
 
 
 def test_get_account_number(client):
     from lemur.certificates.service import get_account_number
-    arn = 'arn:aws:iam::11111111:server-certificate/mycertificate'
-    assert get_account_number(arn) == '11111111'
+
+    arn = "arn:aws:iam::11111111:server-certificate/mycertificate"
+    assert get_account_number(arn) == "11111111"
 
 
 def test_mint_certificate(issuer_plugin, authority):
     from lemur.certificates.service import mint
-    cert_body, private_key, chain, external_id, csr = mint(authority=authority, csr=CSR_STR)
+
+    cert_body, private_key, chain, external_id, csr = mint(
+        authority=authority, csr=CSR_STR
+    )
     assert cert_body == SAN_CERT_STR
 
 
 def test_create_certificate(issuer_plugin, authority, user):
     from lemur.certificates.service import create
-    cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', creator=user['user'])
-    assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
-    assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
-    assert cert.issuer == 'LemurTrustUnittestsClass1CA2018'
-    assert cert.name == 'SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333'
 
-    cert = create(authority=authority, csr=CSR_STR, owner='joe@example.com', name='ACustomName1', creator=user['user'])
-    assert cert.name == 'ACustomName1'
+    cert = create(
+        authority=authority, csr=CSR_STR, owner="joe@example.com", creator=user["user"]
+    )
+    assert str(cert.not_after) == "2047-12-31T22:00:00+00:00"
+    assert str(cert.not_before) == "2017-12-31T22:00:00+00:00"
+    assert cert.issuer == "LemurTrustUnittestsClass1CA2018"
+    assert (
+        cert.name
+        == "SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231-AFF2DB4F8D2D4D8E80FA382AE27C2333"
+    )
+
+    cert = create(
+        authority=authority,
+        csr=CSR_STR,
+        owner="joe@example.com",
+        name="ACustomName1",
+        creator=user["user"],
+    )
+    assert cert.name == "ACustomName1"
 
 
-def test_reissue_certificate(issuer_plugin, crypto_authority, certificate, logged_in_user):
+def test_reissue_certificate(
+    issuer_plugin, crypto_authority, certificate, logged_in_user
+):
     from lemur.certificates.service import reissue_certificate
 
     # test-authority would return a mismatching private key, so use 'cryptography-issuer' plugin instead.
@@ -684,286 +760,511 @@ def test_reissue_certificate(issuer_plugin, crypto_authority, certificate, logge
 
 
 def test_create_csr():
-    csr, private_key = create_csr(owner='joe@example.com', common_name='ACommonName', organization='test', organizational_unit='Meters', country='US',
-                                  state='CA', location='Here', key_type='RSA2048')
+    csr, private_key = create_csr(
+        owner="joe@example.com",
+        common_name="ACommonName",
+        organization="test",
+        organizational_unit="Meters",
+        country="US",
+        state="CA",
+        location="Here",
+        key_type="RSA2048",
+    )
     assert csr
     assert private_key
 
-    extensions = {'sub_alt_names': {'names': x509.SubjectAlternativeName([x509.DNSName('AnotherCommonName')])}}
-    csr, private_key = create_csr(owner='joe@example.com', common_name='ACommonName', organization='test', organizational_unit='Meters', country='US',
-                                  state='CA', location='Here', extensions=extensions, key_type='RSA2048')
+    extensions = {
+        "sub_alt_names": {
+            "names": x509.SubjectAlternativeName([x509.DNSName("AnotherCommonName")])
+        }
+    }
+    csr, private_key = create_csr(
+        owner="joe@example.com",
+        common_name="ACommonName",
+        organization="test",
+        organizational_unit="Meters",
+        country="US",
+        state="CA",
+        location="Here",
+        extensions=extensions,
+        key_type="RSA2048",
+    )
     assert csr
     assert private_key
 
 
 def test_import(user):
     from lemur.certificates.service import import_certificate
-    cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, creator=user['user'])
-    assert str(cert.not_after) == '2047-12-31T22:00:00+00:00'
-    assert str(cert.not_before) == '2017-12-31T22:00:00+00:00'
-    assert cert.issuer == 'LemurTrustUnittestsClass1CA2018'
-    assert cert.name.startswith('SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231')
 
-    cert = import_certificate(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName2', creator=user['user'])
-    assert cert.name == 'ACustomName2'
+    cert = import_certificate(
+        body=SAN_CERT_STR,
+        chain=INTERMEDIATE_CERT_STR,
+        private_key=SAN_CERT_KEY,
+        creator=user["user"],
+    )
+    assert str(cert.not_after) == "2047-12-31T22:00:00+00:00"
+    assert str(cert.not_before) == "2017-12-31T22:00:00+00:00"
+    assert cert.issuer == "LemurTrustUnittestsClass1CA2018"
+    assert cert.name.startswith(
+        "SAN-san.example.org-LemurTrustUnittestsClass1CA2018-20171231-20471231"
+    )
+
+    cert = import_certificate(
+        body=SAN_CERT_STR,
+        chain=INTERMEDIATE_CERT_STR,
+        private_key=SAN_CERT_KEY,
+        owner="joe@example.com",
+        name="ACustomName2",
+        creator=user["user"],
+    )
+    assert cert.name == "ACustomName2"
 
 
 @pytest.mark.skip
 def test_upload(user):
     from lemur.certificates.service import upload
-    cert = upload(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', creator=user['user'])
-    assert str(cert.not_after) == '2040-01-01T20:30:52+00:00'
-    assert str(cert.not_before) == '2015-06-26T20:30:52+00:00'
-    assert cert.issuer == 'Example'
-    assert cert.name == 'long.lived.com-Example-20150626-20400101-3'
 
-    cert = upload(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName', creator=user['user'])
-    assert 'ACustomName' in cert.name
+    cert = upload(
+        body=SAN_CERT_STR,
+        chain=INTERMEDIATE_CERT_STR,
+        private_key=SAN_CERT_KEY,
+        owner="joe@example.com",
+        creator=user["user"],
+    )
+    assert str(cert.not_after) == "2040-01-01T20:30:52+00:00"
+    assert str(cert.not_before) == "2015-06-26T20:30:52+00:00"
+    assert cert.issuer == "Example"
+    assert cert.name == "long.lived.com-Example-20150626-20400101-3"
+
+    cert = upload(
+        body=SAN_CERT_STR,
+        chain=INTERMEDIATE_CERT_STR,
+        private_key=SAN_CERT_KEY,
+        owner="joe@example.com",
+        name="ACustomName",
+        creator=user["user"],
+    )
+    assert "ACustomName" in cert.name
 
 
 # verify upload with a private key as a str
 def test_upload_private_key_str(user):
     from lemur.certificates.service import upload
-    cert = upload(body=SAN_CERT_STR, chain=INTERMEDIATE_CERT_STR, private_key=SAN_CERT_KEY, owner='joe@example.com', name='ACustomName', creator=user['user'])
+
+    cert = upload(
+        body=SAN_CERT_STR,
+        chain=INTERMEDIATE_CERT_STR,
+        private_key=SAN_CERT_KEY,
+        owner="joe@example.com",
+        name="ACustomName",
+        creator=user["user"],
+    )
     assert cert
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_certificate_get_private_key(client, token, status):
-    assert client.get(api.url_for(Certificates, certificate_id=1), headers=token).status_code == status
+    assert (
+        client.get(
+            api.url_for(Certificates, certificate_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_certificate_get(client, token, status):
-    assert client.get(api.url_for(Certificates, certificate_id=1), headers=token).status_code == status
+    assert (
+        client.get(
+            api.url_for(Certificates, certificate_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
 def test_certificate_get_body(client):
-    response_body = client.get(api.url_for(Certificates, certificate_id=1), headers=VALID_USER_HEADER_TOKEN).json
-    assert response_body['serial'] == '211983098819107449768450703123665283596'
-    assert response_body['serialHex'] == '9F7A75B39DAE4C3F9524C68B06DA6A0C'
-    assert response_body['distinguishedName'] == ('CN=LemurTrust Unittests Class 1 CA 2018,'
-                                                  'O=LemurTrust Enterprises Ltd,'
-                                                  'OU=Unittesting Operations Center,'
-                                                  'C=EE,'
-                                                  'ST=N/A,'
-                                                  'L=Earth')
+    response_body = client.get(
+        api.url_for(Certificates, certificate_id=1), headers=VALID_USER_HEADER_TOKEN
+    ).json
+    assert response_body["serial"] == "211983098819107449768450703123665283596"
+    assert response_body["serialHex"] == "9F7A75B39DAE4C3F9524C68B06DA6A0C"
+    assert response_body["distinguishedName"] == (
+        "CN=LemurTrust Unittests Class 1 CA 2018,"
+        "O=LemurTrust Enterprises Ltd,"
+        "OU=Unittesting Operations Center,"
+        "C=EE,"
+        "ST=N/A,"
+        "L=Earth"
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_post(client, token, status):
-    assert client.post(api.url_for(Certificates, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Certificates, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_certificate_put(client, token, status):
-    assert client.put(api.url_for(Certificates, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Certificates, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
 def test_certificate_put_with_data(client, certificate, issuer_plugin):
-    resp = client.put(api.url_for(Certificates, certificate_id=certificate.id), data=json.dumps({'owner': 'bob@example.com', 'description': 'test', 'notify': True}), headers=VALID_ADMIN_HEADER_TOKEN)
+    resp = client.put(
+        api.url_for(Certificates, certificate_id=certificate.id),
+        data=json.dumps(
+            {"owner": "bob@example.com", "description": "test", "notify": True}
+        ),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 204),
-    (VALID_ADMIN_API_TOKEN, 412),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 204),
+        (VALID_ADMIN_API_TOKEN, 412),
+        ("", 401),
+    ],
+)
 def test_certificate_delete(client, token, status):
-    assert client.delete(api.url_for(Certificates, certificate_id=1), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(Certificates, certificate_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 204),
-    (VALID_ADMIN_API_TOKEN, 204),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 204),
+        (VALID_ADMIN_API_TOKEN, 204),
+        ("", 401),
+    ],
+)
 def test_invalid_certificate_delete(client, invalid_certificate, token, status):
-    assert client.delete(
-        api.url_for(Certificates, certificate_id=invalid_certificate.id), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(Certificates, certificate_id=invalid_certificate.id),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_patch(client, token, status):
-    assert client.patch(api.url_for(Certificates, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Certificates, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_certificates_get(client, token, status):
-    assert client.get(api.url_for(CertificatesList), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(CertificatesList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_certificates_post(client, token, status):
-    assert client.post(api.url_for(CertificatesList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(CertificatesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_put(client, token, status):
-    assert client.put(api.url_for(CertificatesList), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(CertificatesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_delete(client, token, status):
-    assert client.delete(api.url_for(CertificatesList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(CertificatesList), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_patch(client, token, status):
-    assert client.patch(api.url_for(CertificatesList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(CertificatesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_credentials_post(client, token, status):
-    assert client.post(api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_credentials_put(client, token, status):
-    assert client.put(api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_credentials_delete(client, token, status):
-    assert client.delete(api.url_for(CertificatePrivateKey, certificate_id=1), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(CertificatePrivateKey, certificate_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificate_credentials_patch(client, token, status):
-    assert client.patch(api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(CertificatePrivateKey, certificate_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_upload_get(client, token, status):
-    assert client.get(api.url_for(CertificatesUpload), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(CertificatesUpload), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_certificates_upload_post(client, token, status):
-    assert client.post(api.url_for(CertificatesUpload), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(CertificatesUpload), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_upload_put(client, token, status):
-    assert client.put(api.url_for(CertificatesUpload), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(CertificatesUpload), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_upload_delete(client, token, status):
-    assert client.delete(api.url_for(CertificatesUpload), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(CertificatesUpload), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_certificates_upload_patch(client, token, status):
-    assert client.patch(api.url_for(CertificatesUpload), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(CertificatesUpload), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
 def test_sensitive_sort(client):
-    resp = client.get(api.url_for(CertificatesList) + '?sortBy=private_key&sortDir=asc', headers=VALID_ADMIN_HEADER_TOKEN)
-    assert "'private_key' is not sortable or filterable" in resp.json['message']
+    resp = client.get(
+        api.url_for(CertificatesList) + "?sortBy=private_key&sortDir=asc",
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
+    assert "'private_key' is not sortable or filterable" in resp.json["message"]
 
 
 def test_boolean_filter(client):
-    resp = client.get(api.url_for(CertificatesList) + '?filter=notify;true', headers=VALID_ADMIN_HEADER_TOKEN)
+    resp = client.get(
+        api.url_for(CertificatesList) + "?filter=notify;true",
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
     # Also don't crash with invalid input (we currently treat that as false)
-    resp = client.get(api.url_for(CertificatesList) + '?filter=notify;whatisthis', headers=VALID_ADMIN_HEADER_TOKEN)
+    resp = client.get(
+        api.url_for(CertificatesList) + "?filter=notify;whatisthis",
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200

lemur/tests/test_defaults.py

@@ -8,14 +8,18 @@ from .vectors import SAN_CERT, WILDCARD_CERT, INTERMEDIATE_CERT
 def test_cert_get_cn(client):
     from lemur.common.defaults import common_name
 
-    assert common_name(SAN_CERT) == 'san.example.org'
+    assert common_name(SAN_CERT) == "san.example.org"
 
 
 def test_cert_sub_alt_domains(client):
     from lemur.common.defaults import domains
 
     assert domains(INTERMEDIATE_CERT) == []
-    assert domains(SAN_CERT) == ['san.example.org', 'san2.example.org', 'daniel-san.example.org']
+    assert domains(SAN_CERT) == [
+        "san.example.org",
+        "san2.example.org",
+        "daniel-san.example.org",
+    ]
 
 
 def test_cert_is_san(client):
@@ -28,94 +32,119 @@ def test_cert_is_san(client):
 
 def test_cert_is_wildcard(client):
     from lemur.common.defaults import is_wildcard
+
     assert is_wildcard(WILDCARD_CERT)
     assert not is_wildcard(INTERMEDIATE_CERT)
 
 
 def test_cert_bitstrength(client):
     from lemur.common.defaults import bitstrength
+
     assert bitstrength(INTERMEDIATE_CERT) == 2048
 
 
 def test_cert_issuer(client):
     from lemur.common.defaults import issuer
-    assert issuer(INTERMEDIATE_CERT) == 'LemurTrustUnittestsRootCA2018'
+
+    assert issuer(INTERMEDIATE_CERT) == "LemurTrustUnittestsRootCA2018"
 
 
 def test_text_to_slug(client):
     from lemur.common.defaults import text_to_slug
-    assert text_to_slug('test - string') == 'test-string'
-    assert text_to_slug('test - string', '') == 'teststring'
+
+    assert text_to_slug("test - string") == "test-string"
+    assert text_to_slug("test - string", "") == "teststring"
     # Accented characters are decomposed
-    assert text_to_slug('föö bär') == 'foo-bar'
+    assert text_to_slug("föö bär") == "foo-bar"
     # Melt away the Unicode Snowman
-    assert text_to_slug('\u2603') == ''
-    assert text_to_slug('\u2603test\u2603') == 'test'
-    assert text_to_slug('snow\u2603man') == 'snow-man'
-    assert text_to_slug('snow\u2603man', '') == 'snowman'
+    assert text_to_slug("\u2603") == ""
+    assert text_to_slug("\u2603test\u2603") == "test"
+    assert text_to_slug("snow\u2603man") == "snow-man"
+    assert text_to_slug("snow\u2603man", "") == "snowman"
     # IDNA-encoded domain names should be kept as-is
-    assert text_to_slug('xn--i1b6eqas.xn--xmpl-loa9b3671b.com') == 'xn--i1b6eqas.xn--xmpl-loa9b3671b.com'
+    assert (
+        text_to_slug("xn--i1b6eqas.xn--xmpl-loa9b3671b.com")
+        == "xn--i1b6eqas.xn--xmpl-loa9b3671b.com"
+    )
 
 
 def test_create_name(client):
     from lemur.common.defaults import certificate_name
     from datetime import datetime
-    assert certificate_name(
-        'example.com',
-        'Example Inc,',
-        datetime(2015, 5, 7, 0, 0, 0),
-        datetime(2015, 5, 12, 0, 0, 0),
-        False
-    ) == 'example.com-ExampleInc-20150507-20150512'
-    assert certificate_name(
-        'example.com',
-        'Example Inc,',
-        datetime(2015, 5, 7, 0, 0, 0),
-        datetime(2015, 5, 12, 0, 0, 0),
-        True
-    ) == 'SAN-example.com-ExampleInc-20150507-20150512'
-    assert certificate_name(
-        'xn--mnchen-3ya.de',
-        'Vertrauenswürdig Autorität',
-        datetime(2015, 5, 7, 0, 0, 0),
-        datetime(2015, 5, 12, 0, 0, 0),
-        False
-    ) == 'xn--mnchen-3ya.de-VertrauenswurdigAutoritat-20150507-20150512'
-    assert certificate_name(
-        'selfie.example.org',
-        '<selfsigned>',
-        datetime(2015, 5, 7, 0, 0, 0),
-        datetime(2025, 5, 12, 13, 37, 0),
-        False
-    ) == 'selfie.example.org-selfsigned-20150507-20250512'
+
+    assert (
+        certificate_name(
+            "example.com",
+            "Example Inc,",
+            datetime(2015, 5, 7, 0, 0, 0),
+            datetime(2015, 5, 12, 0, 0, 0),
+            False,
+        )
+        == "example.com-ExampleInc-20150507-20150512"
+    )
+    assert (
+        certificate_name(
+            "example.com",
+            "Example Inc,",
+            datetime(2015, 5, 7, 0, 0, 0),
+            datetime(2015, 5, 12, 0, 0, 0),
+            True,
+        )
+        == "SAN-example.com-ExampleInc-20150507-20150512"
+    )
+    assert (
+        certificate_name(
+            "xn--mnchen-3ya.de",
+            "Vertrauenswürdig Autorität",
+            datetime(2015, 5, 7, 0, 0, 0),
+            datetime(2015, 5, 12, 0, 0, 0),
+            False,
+        )
+        == "xn--mnchen-3ya.de-VertrauenswurdigAutoritat-20150507-20150512"
+    )
+    assert (
+        certificate_name(
+            "selfie.example.org",
+            "<selfsigned>",
+            datetime(2015, 5, 7, 0, 0, 0),
+            datetime(2025, 5, 12, 13, 37, 0),
+            False,
+        )
+        == "selfie.example.org-selfsigned-20150507-20250512"
+    )
 
 
 def test_issuer(client, cert_builder, issuer_private_key):
     from lemur.common.defaults import issuer
 
-    assert issuer(INTERMEDIATE_CERT) == 'LemurTrustUnittestsRootCA2018'
+    assert issuer(INTERMEDIATE_CERT) == "LemurTrustUnittestsRootCA2018"
 
     # We need to override builder's issuer name
     cert_builder._issuer_name = None
     # Unicode issuer name
-    cert = (cert_builder
-            .issuer_name(x509.Name([x509.NameAttribute(x509.NameOID.COMMON_NAME, 'Vertrauenswürdig Autorität')]))
-            .sign(issuer_private_key, hashes.SHA256(), default_backend()))
-    assert issuer(cert) == 'VertrauenswurdigAutoritat'
+    cert = cert_builder.issuer_name(
+        x509.Name(
+            [x509.NameAttribute(x509.NameOID.COMMON_NAME, "Vertrauenswürdig Autorität")]
+        )
+    ).sign(issuer_private_key, hashes.SHA256(), default_backend())
+    assert issuer(cert) == "VertrauenswurdigAutoritat"
 
     # Fallback to 'Organization' field when issuer CN is missing
-    cert = (cert_builder
-            .issuer_name(x509.Name([x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, 'No Such Organization')]))
-            .sign(issuer_private_key, hashes.SHA256(), default_backend()))
-    assert issuer(cert) == 'NoSuchOrganization'
+    cert = cert_builder.issuer_name(
+        x509.Name(
+            [x509.NameAttribute(x509.NameOID.ORGANIZATION_NAME, "No Such Organization")]
+        )
+    ).sign(issuer_private_key, hashes.SHA256(), default_backend())
+    assert issuer(cert) == "NoSuchOrganization"
 
     # Missing issuer name
-    cert = (cert_builder
-            .issuer_name(x509.Name([]))
-            .sign(issuer_private_key, hashes.SHA256(), default_backend()))
-    assert issuer(cert) == '<unknown>'
+    cert = cert_builder.issuer_name(x509.Name([])).sign(
+        issuer_private_key, hashes.SHA256(), default_backend()
+    )
+    assert issuer(cert) == "<unknown>"
 
 
 def test_issuer_selfsigned(selfsigned_cert):
     from lemur.common.defaults import issuer
-    assert issuer(selfsigned_cert) == '<selfsigned>'
+
+    assert issuer(selfsigned_cert) == "<selfsigned>"

lemur/tests/test_destinations.py

@@ -3,20 +3,22 @@ import pytest
 from lemur.destinations.views import *  # noqa
 
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_destination_input_schema(client, destination_plugin, destination):
     from lemur.destinations.schemas import DestinationInputSchema
 
     input_data = {
-        'label': 'destination1',
-        'options': {},
-        'description': 'my destination',
-        'active': True,
-        'plugin': {
-            'slug': 'test-destination'
-        }
+        "label": "destination1",
+        "options": {},
+        "description": "my destination",
+        "active": True,
+        "plugin": {"slug": "test-destination"},
     }
 
     data, errors = DestinationInputSchema().load(input_data)
@@ -24,91 +26,154 @@ def test_destination_input_schema(client, destination_plugin, destination):
     assert not errors
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 404),
-    (VALID_ADMIN_HEADER_TOKEN, 404),
-    (VALID_ADMIN_API_TOKEN, 404),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 404),
+        (VALID_ADMIN_HEADER_TOKEN, 404),
+        (VALID_ADMIN_API_TOKEN, 404),
+        ("", 401),
+    ],
+)
 def test_destination_get(client, token, status):
-    assert client.get(api.url_for(Destinations, destination_id=1), headers=token).status_code == status
+    assert (
+        client.get(
+            api.url_for(Destinations, destination_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_destination_post_(client, token, status):
-    assert client.post(api.url_for(Destinations, destination_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Destinations, destination_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_destination_put(client, token, status):
-    assert client.put(api.url_for(Destinations, destination_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Destinations, destination_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_destination_delete(client, token, status):
-    assert client.delete(api.url_for(Destinations, destination_id=1), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(Destinations, destination_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_destination_patch(client, token, status):
-    assert client.patch(api.url_for(Destinations, destination_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Destinations, destination_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_destination_list_post_(client, token, status):
-    assert client.post(api.url_for(DestinationsList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(DestinationsList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_destination_list_get(client, token, status):
-    assert client.get(api.url_for(DestinationsList), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(DestinationsList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_destination_list_delete(client, token, status):
-    assert client.delete(api.url_for(DestinationsList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(DestinationsList), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_destination_list_patch(client, token, status):
-    assert client.patch(api.url_for(DestinationsList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(DestinationsList), data={}, headers=token).status_code
+        == status
+    )

lemur/tests/test_domains.py

@@ -3,94 +3,152 @@ import pytest
 from lemur.domains.views import *  # noqa
 
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_domain_get(client, token, status):
-    assert client.get(api.url_for(Domains, domain_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Domains, domain_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_domain_post_(client, token, status):
-    assert client.post(api.url_for(Domains, domain_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Domains, domain_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_domain_put(client, token, status):
-    assert client.put(api.url_for(Domains, domain_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Domains, domain_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_domain_delete(client, token, status):
-    assert client.delete(api.url_for(Domains, domain_id=1), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(Domains, domain_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_domain_patch(client, token, status):
-    assert client.patch(api.url_for(Domains, domain_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Domains, domain_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_domain_list_post_(client, token, status):
-    assert client.post(api.url_for(DomainsList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(DomainsList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_domain_list_get(client, token, status):
     assert client.get(api.url_for(DomainsList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_domain_list_delete(client, token, status):
     assert client.delete(api.url_for(DomainsList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_domain_list_patch(client, token, status):
-    assert client.patch(api.url_for(DomainsList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(DomainsList), data={}, headers=token).status_code
+        == status
+    )

lemur/tests/test_endpoints.py

@@ -4,11 +4,16 @@ from lemur.endpoints.views import *  # noqa
 from lemur.tests.factories import EndpointFactory, CertificateFactory
 
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_rotate_certificate(client, source_plugin):
     from lemur.deployment.service import rotate_certificate
+
     new_certificate = CertificateFactory()
     endpoint = EndpointFactory()
 
@@ -16,91 +21,147 @@ def test_rotate_certificate(client, source_plugin):
     assert endpoint.certificate == new_certificate
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 404),
-    (VALID_ADMIN_HEADER_TOKEN, 404),
-    (VALID_ADMIN_API_TOKEN, 404),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 404),
+        (VALID_ADMIN_HEADER_TOKEN, 404),
+        (VALID_ADMIN_API_TOKEN, 404),
+        ("", 401),
+    ],
+)
 def test_endpoint_get(client, token, status):
-    assert client.get(api.url_for(Endpoints, endpoint_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Endpoints, endpoint_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_post_(client, token, status):
-    assert client.post(api.url_for(Endpoints, endpoint_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Endpoints, endpoint_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_put(client, token, status):
-    assert client.put(api.url_for(Endpoints, endpoint_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Endpoints, endpoint_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_delete(client, token, status):
-    assert client.delete(api.url_for(Endpoints, endpoint_id=1), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(Endpoints, endpoint_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_patch(client, token, status):
-    assert client.patch(api.url_for(Endpoints, endpoint_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Endpoints, endpoint_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_list_post_(client, token, status):
-    assert client.post(api.url_for(EndpointsList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(EndpointsList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_endpoint_list_get(client, token, status):
     assert client.get(api.url_for(EndpointsList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_list_delete(client, token, status):
-    assert client.delete(api.url_for(EndpointsList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(EndpointsList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_endpoint_list_patch(client, token, status):
-    assert client.patch(api.url_for(EndpointsList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(EndpointsList), data={}, headers=token).status_code
+        == status
+    )

lemur/tests/test_ldap.py

@@ -1,51 +1,69 @@
 import pytest
-from lemur.auth.ldap import * # noqa
+from lemur.auth.ldap import *  # noqa
 from mock import patch, MagicMock
 
 
 class LdapPrincipalTester(LdapPrincipal):
-
     def __init__(self, args):
         super().__init__(args)
-        self.ldap_server = 'ldap://localhost'
+        self.ldap_server = "ldap://localhost"
 
     def bind_test(self):
-        groups = [('user', {'memberOf': ['CN=Lemur Access,OU=Groups,DC=example,DC=com'.encode('utf-8'),
-                  'CN=Pen Pushers,OU=Groups,DC=example,DC=com'.encode('utf-8')]})]
+        groups = [
+            (
+                "user",
+                {
+                    "memberOf": [
+                        "CN=Lemur Access,OU=Groups,DC=example,DC=com".encode("utf-8"),
+                        "CN=Pen Pushers,OU=Groups,DC=example,DC=com".encode("utf-8"),
+                    ]
+                },
+            )
+        ]
         self.ldap_client = MagicMock()
         self.ldap_client.search_s.return_value = groups
         self._bind()
 
     def authorize_test_groups_to_roles_admin(self):
-        self.ldap_groups = ''.join(['CN=Pen Pushers,OU=Groups,DC=example,DC=com',
-                            'CN=Lemur Admins,OU=Groups,DC=example,DC=com',
-                            'CN=Lemur Read Only,OU=Groups,DC=example,DC=com'])
+        self.ldap_groups = "".join(
+            [
+                "CN=Pen Pushers,OU=Groups,DC=example,DC=com",
+                "CN=Lemur Admins,OU=Groups,DC=example,DC=com",
+                "CN=Lemur Read Only,OU=Groups,DC=example,DC=com",
+            ]
+        )
         self.ldap_required_group = None
-        self.ldap_groups_to_roles = {'Lemur Admins': 'admin', 'Lemur Read Only': 'read-only'}
+        self.ldap_groups_to_roles = {
+            "Lemur Admins": "admin",
+            "Lemur Read Only": "read-only",
+        }
         return self._authorize()
 
     def authorize_test_required_group(self, group):
-        self.ldap_groups = ''.join(['CN=Lemur Access,OU=Groups,DC=example,DC=com',
-                            'CN=Pen Pushers,OU=Groups,DC=example,DC=com'])
+        self.ldap_groups = "".join(
+            [
+                "CN=Lemur Access,OU=Groups,DC=example,DC=com",
+                "CN=Pen Pushers,OU=Groups,DC=example,DC=com",
+            ]
+        )
         self.ldap_required_group = group
         return self._authorize()
 
 
 @pytest.fixture()
 def principal(session):
-    args = {'username': 'user', 'password': 'p4ssw0rd'}
+    args = {"username": "user", "password": "p4ssw0rd"}
     yield LdapPrincipalTester(args)
 
 
 class TestLdapPrincipal:
-
-    @patch('ldap.initialize')
+    @patch("ldap.initialize")
     def test_bind(self, app, principal):
         self.test_ldap_user = principal
         self.test_ldap_user.bind_test()
-        group = 'Pen Pushers'
+        group = "Pen Pushers"
         assert group in self.test_ldap_user.ldap_groups
-        assert self.test_ldap_user.ldap_principal == 'user@example.com'
+        assert self.test_ldap_user.ldap_principal == "user@example.com"
 
     def test_authorize_groups_to_roles_admin(self, app, principal):
         self.test_ldap_user = principal
@@ -54,11 +72,11 @@ class TestLdapPrincipal:
 
     def test_authorize_required_group_missing(self, app, principal):
         self.test_ldap_user = principal
-        roles = self.test_ldap_user.authorize_test_required_group('Not Allowed')
+        roles = self.test_ldap_user.authorize_test_required_group("Not Allowed")
         assert not roles
 
     def test_authorize_required_group_access(self, session, principal):
         self.test_ldap_user = principal
-        roles = self.test_ldap_user.authorize_test_required_group('Lemur Access')
+        roles = self.test_ldap_user.authorize_test_required_group("Lemur Access")
         assert len(roles) >= 1
         assert any(x.name == "user@example.com" for x in roles)

lemur/tests/test_logs.py

@@ -1,21 +1,32 @@
 import pytest
-from lemur.tests.vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from lemur.tests.vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 from lemur.logs.views import *  # noqa
 
 
 def test_private_key_audit(client, certificate):
     from lemur.certificates.views import CertificatePrivateKey, api
+
     assert len(certificate.logs) == 0
-    client.get(api.url_for(CertificatePrivateKey, certificate_id=certificate.id), headers=VALID_ADMIN_HEADER_TOKEN)
+    client.get(
+        api.url_for(CertificatePrivateKey, certificate_id=certificate.id),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert len(certificate.logs) == 1
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_get_logs(client, token, status):
     assert client.get(api.url_for(LogsList), headers=token).status_code == status

lemur/tests/test_messaging.py

@@ -8,14 +8,21 @@ from moto import mock_ses
 
 def test_needs_notification(app, certificate, notification):
     from lemur.notifications.messaging import needs_notification
+
     assert not needs_notification(certificate)
 
     with pytest.raises(Exception):
-        notification.options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'min'}]
+        notification.options = [
+            {"name": "interval", "value": 10},
+            {"name": "unit", "value": "min"},
+        ]
         certificate.notifications.append(notification)
         needs_notification(certificate)
 
-    certificate.notifications[0].options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'days'}]
+    certificate.notifications[0].options = [
+        {"name": "interval", "value": 10},
+        {"name": "unit", "value": "days"},
+    ]
     assert not needs_notification(certificate)
 
     delta = certificate.not_after - timedelta(days=10)
@@ -30,7 +37,8 @@ def test_get_certificates(app, certificate, notification):
     delta = certificate.not_after - timedelta(days=2)
 
     notification.options = [
-        {'name': 'interval', 'value': 2}, {'name': 'unit', 'value': 'days'}
+        {"name": "interval", "value": 2},
+        {"name": "unit", "value": "days"},
     ]
 
     with freeze_time(delta.datetime):
@@ -55,11 +63,16 @@ def test_get_eligible_certificates(app, certificate, notification):
     from lemur.notifications.messaging import get_eligible_certificates
 
     certificate.notifications.append(notification)
-    certificate.notifications[0].options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'days'}]
+    certificate.notifications[0].options = [
+        {"name": "interval", "value": 10},
+        {"name": "unit", "value": "days"},
+    ]
 
     delta = certificate.not_after - timedelta(days=10)
     with freeze_time(delta.datetime):
-        assert get_eligible_certificates() == {certificate.owner: {notification.label: [(notification, certificate)]}}
+        assert get_eligible_certificates() == {
+            certificate.owner: {notification.label: [(notification, certificate)]}
+        }
 
 
 @mock_ses
@@ -67,7 +80,10 @@ def test_send_expiration_notification(certificate, notification, notification_pl
     from lemur.notifications.messaging import send_expiration_notifications
 
     certificate.notifications.append(notification)
-    certificate.notifications[0].options = [{'name': 'interval', 'value': 10}, {'name': 'unit', 'value': 'days'}]
+    certificate.notifications[0].options = [
+        {"name": "interval", "value": 10},
+        {"name": "unit", "value": "days"},
+    ]
 
     delta = certificate.not_after - timedelta(days=10)
     with freeze_time(delta.datetime):
@@ -75,7 +91,9 @@ def test_send_expiration_notification(certificate, notification, notification_pl
 
 
 @mock_ses
-def test_send_expiration_notification_with_no_notifications(certificate, notification, notification_plugin):
+def test_send_expiration_notification_with_no_notifications(
+    certificate, notification, notification_plugin
+):
     from lemur.notifications.messaging import send_expiration_notifications
 
     delta = certificate.not_after - timedelta(days=10)
@@ -86,4 +104,5 @@ def test_send_expiration_notification_with_no_notifications(certificate, notific
 @mock_ses
 def test_send_rotation_notification(notification_plugin, certificate):
     from lemur.notifications.messaging import send_rotation_notification
+
     send_rotation_notification(certificate, notification_plugin=notification_plugin)

lemur/tests/test_missing.py

@@ -9,9 +9,12 @@ def test_convert_validity_years(session):
     with freeze_time("2016-01-01"):
         data = convert_validity_years(dict(validity_years=2))
 
-        assert data['validity_start'] == arrow.utcnow().isoformat()
-        assert data['validity_end'] == arrow.utcnow().replace(years=+2).isoformat()
+        assert data["validity_start"] == arrow.utcnow().isoformat()
+        assert data["validity_end"] == arrow.utcnow().replace(years=+2).isoformat()
 
     with freeze_time("2015-01-10"):
         data = convert_validity_years(dict(validity_years=1))
-        assert data['validity_end'] == arrow.utcnow().replace(years=+1, days=-2).isoformat()
+        assert (
+            data["validity_end"]
+            == arrow.utcnow().replace(years=+1, days=-2).isoformat()
+        )

lemur/tests/test_notifications.py

@@ -3,20 +3,22 @@ import pytest
 from lemur.notifications.views import *  # noqa
 
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_notification_input_schema(client, notification_plugin, notification):
     from lemur.notifications.schemas import NotificationInputSchema
 
     input_data = {
-        'label': 'notification1',
-        'options': {},
-        'description': 'my notification',
-        'active': True,
-        'plugin': {
-            'slug': 'test-notification'
-        }
+        "label": "notification1",
+        "options": {},
+        "description": "my notification",
+        "active": True,
+        "plugin": {"slug": "test-notification"},
     }
 
     data, errors = NotificationInputSchema().load(input_data)
@@ -24,91 +26,156 @@ def test_notification_input_schema(client, notification_plugin, notification):
     assert not errors
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_notification_get(client, notification_plugin, notification, token, status):
-    assert client.get(api.url_for(Notifications, notification_id=notification.id), headers=token).status_code == status
+    assert (
+        client.get(
+            api.url_for(Notifications, notification_id=notification.id), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_notification_post_(client, token, status):
-    assert client.post(api.url_for(Notifications, notification_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Notifications, notification_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_notification_put(client, token, status):
-    assert client.put(api.url_for(Notifications, notification_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Notifications, notification_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_notification_delete(client, token, status):
-    assert client.delete(api.url_for(Notifications, notification_id=1), headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(Notifications, notification_id=1), headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_notification_patch(client, token, status):
-    assert client.patch(api.url_for(Notifications, notification_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Notifications, notification_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_notification_list_post_(client, token, status):
-    assert client.post(api.url_for(NotificationsList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(NotificationsList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
-def test_notification_list_get(client, notification_plugin, notification, token, status):
-    assert client.get(api.url_for(NotificationsList), headers=token).status_code == status
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
+def test_notification_list_get(
+    client, notification_plugin, notification, token, status
+):
+    assert (
+        client.get(api.url_for(NotificationsList), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_notification_list_delete(client, token, status):
-    assert client.delete(api.url_for(NotificationsList), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(NotificationsList), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_notification_list_patch(client, token, status):
-    assert client.patch(api.url_for(NotificationsList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(NotificationsList), data={}, headers=token).status_code
+        == status
+    )

lemur/tests/test_pending_certificates.py

@@ -4,12 +4,19 @@ import pytest
 
 from marshmallow import ValidationError
 from lemur.pending_certificates.views import *  # noqa
-from .vectors import CSR_STR, INTERMEDIATE_CERT_STR, VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, \
-    VALID_USER_HEADER_TOKEN, WILDCARD_CERT_STR
+from .vectors import (
+    CSR_STR,
+    INTERMEDIATE_CERT_STR,
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+    WILDCARD_CERT_STR,
+)
 
 
 def test_increment_attempt(pending_certificate):
     from lemur.pending_certificates.service import increment_attempt
+
     initial_attempt = pending_certificate.number_attempts
     attempts = increment_attempt(pending_certificate)
     assert attempts == initial_attempt + 1
@@ -17,50 +24,66 @@ def test_increment_attempt(pending_certificate):
 
 def test_create_pending_certificate(async_issuer_plugin, async_authority, user):
     from lemur.certificates.service import create
-    pending_cert = create(authority=async_authority, csr=CSR_STR, owner='joe@example.com', creator=user['user'],
-                          common_name='ACommonName')
-    assert pending_cert.external_id == '12345'
+
+    pending_cert = create(
+        authority=async_authority,
+        csr=CSR_STR,
+        owner="joe@example.com",
+        creator=user["user"],
+        common_name="ACommonName",
+    )
+    assert pending_cert.external_id == "12345"
 
 
 def test_create_pending(pending_certificate, user, session):
     import copy
     from lemur.pending_certificates.service import create_certificate, get
-    cert = {'body': WILDCARD_CERT_STR,
-            'chain': INTERMEDIATE_CERT_STR,
-            'external_id': '54321'}
+
+    cert = {
+        "body": WILDCARD_CERT_STR,
+        "chain": INTERMEDIATE_CERT_STR,
+        "external_id": "54321",
+    }
 
     # Weird copy because the session behavior.  pending_certificate is a valid object but the
     # return of vars(pending_certificate) is a sessionobject, and so nothing from the pending_cert
     # is used to create the certificate.  Maybe a bug due to using vars(), and should copy every
     # field explicitly.
     pending_certificate = copy.copy(get(pending_certificate.id))
-    real_cert = create_certificate(pending_certificate, cert, user['user'])
+    real_cert = create_certificate(pending_certificate, cert, user["user"])
     assert real_cert.owner == pending_certificate.owner
     assert real_cert.notify == pending_certificate.notify
     assert real_cert.private_key == pending_certificate.private_key
-    assert real_cert.external_id == '54321'
+    assert real_cert.external_id == "54321"
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 204),
-    (VALID_ADMIN_API_TOKEN, 204),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 204),
+        (VALID_ADMIN_API_TOKEN, 204),
+        ("", 401),
+    ],
+)
 def test_pending_cancel(client, pending_certificate, token, status):
-    assert client.delete(api.url_for(PendingCertificates, pending_certificate_id=pending_certificate.id),
-                         data=json.dumps({'note': "unit test", 'send_email': False}),
-                         headers=token).status_code == status
+    assert (
+        client.delete(
+            api.url_for(
+                PendingCertificates, pending_certificate_id=pending_certificate.id
+            ),
+            data=json.dumps({"note": "unit test", "send_email": False}),
+            headers=token,
+        ).status_code
+        == status
+    )
 
 
 def test_pending_upload(pending_certificate_from_full_chain_ca):
     from lemur.pending_certificates.service import upload
     from lemur.certificates.service import get
 
-    cert = {'body': WILDCARD_CERT_STR,
-            'chain': None,
-            'external_id': None
-    }
+    cert = {"body": WILDCARD_CERT_STR, "chain": None, "external_id": None}
 
     pending_cert = upload(pending_certificate_from_full_chain_ca.id, **cert)
     assert pending_cert.resolved
@@ -71,9 +94,10 @@ def test_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
     from lemur.pending_certificates.service import upload
     from lemur.certificates.service import get
 
-    cert = {'body': WILDCARD_CERT_STR,
-            'chain': INTERMEDIATE_CERT_STR,
-            'external_id': None
+    cert = {
+        "body": WILDCARD_CERT_STR,
+        "chain": INTERMEDIATE_CERT_STR,
+        "external_id": None,
     }
 
     pending_cert = upload(pending_certificate_from_partial_chain_ca.id, **cert)
@@ -84,11 +108,9 @@ def test_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
 def test_invalid_pending_upload_with_chain(pending_certificate_from_partial_chain_ca):
     from lemur.pending_certificates.service import upload
 
-    cert = {'body': WILDCARD_CERT_STR,
-            'chain': None,
-            'external_id': None
-    }
+    cert = {"body": WILDCARD_CERT_STR, "chain": None, "external_id": None}
     with pytest.raises(ValidationError) as err:
         upload(pending_certificate_from_partial_chain_ca.id, **cert)
     assert str(err.value).startswith(
-        'Incorrect chain certificate(s) provided: \'*.wild.example.org\' is not signed by \'LemurTrust Unittests Root CA 2018')
+        "Incorrect chain certificate(s) provided: '*.wild.example.org' is not signed by 'LemurTrust Unittests Root CA 2018"
+    )

lemur/tests/test_roles.py

@@ -3,16 +3,23 @@ import json
 import pytest
 
 from lemur.roles.views import *  # noqa
-from lemur.tests.factories import RoleFactory, AuthorityFactory, CertificateFactory, UserFactory
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from lemur.tests.factories import (
+    RoleFactory,
+    AuthorityFactory,
+    CertificateFactory,
+    UserFactory,
+)
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_role_input_schema(client):
     from lemur.roles.schemas import RoleInputSchema
 
-    input_data = {
-        'name': 'myRole'
-    }
+    input_data = {"name": "myRole"}
 
     data, errors = RoleInputSchema().load(input_data)
 
@@ -38,60 +45,80 @@ def test_multiple_authority_certificate_association(session, client):
     assert role.certificates[1].name == certificate1.name
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_role_get(client, token, status):
-    assert client.get(api.url_for(Roles, role_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Roles, role_id=1), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_role_post_(client, token, status):
-    assert client.post(api.url_for(Roles, role_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(Roles, role_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 400),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 400),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_role_put(client, token, status):
-    assert client.put(api.url_for(Roles, role_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(Roles, role_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_role_put_with_data(client, session, token, status):
     user = UserFactory()
     role = RoleFactory()
     session.commit()
 
-    data = {
-        'users': [
-            {'id': user.id}
-        ],
-        'id': role.id,
-        'name': role.name
-    }
+    data = {"users": [{"id": user.id}], "id": role.id, "name": role.name}
 
-    assert client.put(api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=token
+        ).status_code
+        == status
+    )
 
 
 def test_role_put_with_data_and_user(client, session):
     from lemur.auth.service import create_token
+
     user = UserFactory()
     role = RoleFactory(users=[user])
     role1 = RoleFactory()
@@ -99,83 +126,119 @@ def test_role_put_with_data_and_user(client, session):
     session.commit()
 
     headers = {
-        'Authorization': 'Basic ' + create_token(user),
-        'Content-Type': 'application/json'
+        "Authorization": "Basic " + create_token(user),
+        "Content-Type": "application/json",
     }
 
     data = {
-        'users': [
-            {'id': user1.id},
-            {'id': user.id}
-        ],
-        'id': role.id,
-        'name': role.name
+        "users": [{"id": user1.id}, {"id": user.id}],
+        "id": role.id,
+        "name": role.name,
     }
 
-    assert client.put(api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=headers).status_code == 200
-    assert client.get(api.url_for(RolesList), data={}, headers=headers).json['total'] > 1
+    assert (
+        client.put(
+            api.url_for(Roles, role_id=role.id), data=json.dumps(data), headers=headers
+        ).status_code
+        == 200
+    )
+    assert (
+        client.get(api.url_for(RolesList), data={}, headers=headers).json["total"] > 1
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_role_delete(client, token, status, role):
-    assert client.delete(api.url_for(Roles, role_id=role.id), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(Roles, role_id=role.id), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_role_patch(client, token, status):
-    assert client.patch(api.url_for(Roles, role_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(Roles, role_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_role_list_post_(client, token, status):
-    assert client.post(api.url_for(RolesList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(RolesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_role_list_get(client, token, status):
     assert client.get(api.url_for(RolesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_role_list_delete(client, token, status):
     assert client.delete(api.url_for(RolesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_role_list_patch(client, token, status):
-    assert client.patch(api.url_for(RolesList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(RolesList), data={}, headers=token).status_code
+        == status
+    )
 
 
 def test_sensitive_filter(client):
-    resp = client.get(api.url_for(RolesList) + '?filter=password;a', headers=VALID_ADMIN_HEADER_TOKEN)
-    assert "'password' is not sortable or filterable" in resp.json['message']
+    resp = client.get(
+        api.url_for(RolesList) + "?filter=password;a", headers=VALID_ADMIN_HEADER_TOKEN
+    )
+    assert "'password' is not sortable or filterable" in resp.json["message"]

lemur/tests/test_schemas.py

@@ -14,15 +14,15 @@ def test_get_object_attribute():
         get_object_attribute([{}], many=True)
 
     with pytest.raises(ValidationError):
-        get_object_attribute([{}, {'id': 1}], many=True)
+        get_object_attribute([{}, {"id": 1}], many=True)
 
     with pytest.raises(ValidationError):
-        get_object_attribute([{}, {'name': 'test'}], many=True)
+        get_object_attribute([{}, {"name": "test"}], many=True)
 
-    assert get_object_attribute({'name': 'test'}) == 'name'
-    assert get_object_attribute({'id': 1}) == 'id'
-    assert get_object_attribute([{'name': 'test'}], many=True) == 'name'
-    assert get_object_attribute([{'id': 1}], many=True) == 'id'
+    assert get_object_attribute({"name": "test"}) == "name"
+    assert get_object_attribute({"id": 1}) == "id"
+    assert get_object_attribute([{"name": "test"}], many=True) == "name"
+    assert get_object_attribute([{"id": 1}], many=True) == "id"
 
 
 def test_fetch_objects(session):
@@ -33,26 +33,26 @@ def test_fetch_objects(session):
     role1 = RoleFactory()
     session.commit()
 
-    data = {'id': role.id}
+    data = {"id": role.id}
     found_role = fetch_objects(Role, data)
     assert found_role == role
 
-    data = {'name': role.name}
+    data = {"name": role.name}
     found_role = fetch_objects(Role, data)
     assert found_role == role
 
-    data = [{'id': role.id}, {'id': role1.id}]
+    data = [{"id": role.id}, {"id": role1.id}]
     found_roles = fetch_objects(Role, data, many=True)
     assert found_roles == [role, role1]
 
-    data = [{'name': role.name}, {'name': role1.name}]
+    data = [{"name": role.name}, {"name": role1.name}]
     found_roles = fetch_objects(Role, data, many=True)
     assert found_roles == [role, role1]
 
     with pytest.raises(ValidationError):
-        data = [{'name': 'blah'}, {'name': role1.name}]
+        data = [{"name": "blah"}, {"name": role1.name}]
         fetch_objects(Role, data, many=True)
 
     with pytest.raises(ValidationError):
-        data = {'name': 'nah'}
+        data = {"name": "nah"}
         fetch_objects(Role, data)

lemur/tests/test_sources.py

@@ -2,17 +2,22 @@ import pytest
 
 from lemur.sources.views import *  # noqa
 
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN, WILDCARD_CERT_STR, \
-    WILDCARD_CERT_KEY
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+    WILDCARD_CERT_STR,
+    WILDCARD_CERT_KEY,
+)
 
 
 def validate_source_schema(client):
     from lemur.sources.schemas import SourceInputSchema
 
     input_data = {
-        'label': 'exampleSource',
-        'options': {},
-        'plugin': {'slug': 'aws-source'}
+        "label": "exampleSource",
+        "options": {},
+        "plugin": {"slug": "aws-source"},
     }
 
     data, errors = SourceInputSchema().load(input_data)
@@ -26,111 +31,171 @@ def test_create_certificate(user, source):
         certificate_create({}, source)
 
     data = {
-        'body': WILDCARD_CERT_STR,
-        'private_key': WILDCARD_CERT_KEY,
-        'owner': 'bob@example.com',
-        'creator': user['user']
+        "body": WILDCARD_CERT_STR,
+        "private_key": WILDCARD_CERT_KEY,
+        "owner": "bob@example.com",
+        "creator": user["user"],
     }
 
     cert = certificate_create(data, source)
     assert cert.notifications
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 404),
-    (VALID_ADMIN_HEADER_TOKEN, 404),
-    (VALID_ADMIN_API_TOKEN, 404),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 404),
+        (VALID_ADMIN_HEADER_TOKEN, 404),
+        (VALID_ADMIN_API_TOKEN, 404),
+        ("", 401),
+    ],
+)
 def test_source_get(client, source_plugin, token, status):
-    assert client.get(api.url_for(Sources, source_id=43543), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Sources, source_id=43543), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_source_post_(client, token, status):
-    assert client.post(api.url_for(Sources, source_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(
+            api.url_for(Sources, source_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_source_put(client, token, status):
-    assert client.put(api.url_for(Sources, source_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(
+            api.url_for(Sources, source_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_source_delete(client, token, status):
-    assert client.delete(api.url_for(Sources, source_id=1), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(Sources, source_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_source_patch(client, token, status):
-    assert client.patch(api.url_for(Sources, source_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(
+            api.url_for(Sources, source_id=1), data={}, headers=token
+        ).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_sources_list_get(client, source_plugin, token, status):
     assert client.get(api.url_for(SourcesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_sources_list_post(client, token, status):
-    assert client.post(api.url_for(SourcesList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(SourcesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_sources_list_put(client, token, status):
-    assert client.put(api.url_for(SourcesList), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(SourcesList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_sources_list_delete(client, token, status):
     assert client.delete(api.url_for(SourcesList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_sources_list_patch(client, token, status):
-    assert client.patch(api.url_for(SourcesList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(SourcesList), data={}, headers=token).status_code
+        == status
+    )

lemur/tests/test_users.py

@@ -4,16 +4,20 @@ import pytest
 
 from lemur.tests.factories import UserFactory, RoleFactory
 from lemur.users.views import *  # noqa
-from .vectors import VALID_ADMIN_API_TOKEN, VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKEN
+from .vectors import (
+    VALID_ADMIN_API_TOKEN,
+    VALID_ADMIN_HEADER_TOKEN,
+    VALID_USER_HEADER_TOKEN,
+)
 
 
 def test_user_input_schema(client):
     from lemur.users.schemas import UserInputSchema
 
     input_data = {
-        'username': 'example',
-        'password': '1233432',
-        'email': 'example@example.com'
+        "username": "example",
+        "password": "1233432",
+        "email": "example@example.com",
     }
 
     data, errors = UserInputSchema().load(input_data)
@@ -21,104 +25,156 @@ def test_user_input_schema(client):
     assert not errors
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_user_get(client, token, status):
-    assert client.get(api.url_for(Users, user_id=1), headers=token).status_code == status
+    assert (
+        client.get(api.url_for(Users, user_id=1), headers=token).status_code == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_post_(client, token, status):
-    assert client.post(api.url_for(Users, user_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(Users, user_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_user_put(client, token, status):
-    assert client.put(api.url_for(Users, user_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.put(api.url_for(Users, user_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_delete(client, token, status):
-    assert client.delete(api.url_for(Users, user_id=1), headers=token).status_code == status
+    assert (
+        client.delete(api.url_for(Users, user_id=1), headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_patch(client, token, status):
-    assert client.patch(api.url_for(Users, user_id=1), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(Users, user_id=1), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 403),
-    (VALID_ADMIN_HEADER_TOKEN, 400),
-    (VALID_ADMIN_API_TOKEN, 400),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 403),
+        (VALID_ADMIN_HEADER_TOKEN, 400),
+        (VALID_ADMIN_API_TOKEN, 400),
+        ("", 401),
+    ],
+)
 def test_user_list_post_(client, token, status):
-    assert client.post(api.url_for(UsersList), data={}, headers=token).status_code == status
+    assert (
+        client.post(api.url_for(UsersList), data={}, headers=token).status_code
+        == status
+    )
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 200),
-    (VALID_ADMIN_HEADER_TOKEN, 200),
-    (VALID_ADMIN_API_TOKEN, 200),
-    ('', 401)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 200),
+        (VALID_ADMIN_HEADER_TOKEN, 200),
+        (VALID_ADMIN_API_TOKEN, 200),
+        ("", 401),
+    ],
+)
 def test_user_list_get(client, token, status):
     assert client.get(api.url_for(UsersList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_list_delete(client, token, status):
     assert client.delete(api.url_for(UsersList), headers=token).status_code == status
 
 
-@pytest.mark.parametrize("token,status", [
-    (VALID_USER_HEADER_TOKEN, 405),
-    (VALID_ADMIN_HEADER_TOKEN, 405),
-    (VALID_ADMIN_API_TOKEN, 405),
-    ('', 405)
-])
+@pytest.mark.parametrize(
+    "token,status",
+    [
+        (VALID_USER_HEADER_TOKEN, 405),
+        (VALID_ADMIN_HEADER_TOKEN, 405),
+        (VALID_ADMIN_API_TOKEN, 405),
+        ("", 405),
+    ],
+)
 def test_user_list_patch(client, token, status):
-    assert client.patch(api.url_for(UsersList), data={}, headers=token).status_code == status
+    assert (
+        client.patch(api.url_for(UsersList), data={}, headers=token).status_code
+        == status
+    )
 
 
 def test_sensitive_filter(client):
-    resp = client.get(api.url_for(UsersList) + '?filter=password;a', headers=VALID_ADMIN_HEADER_TOKEN)
-    assert "'password' is not sortable or filterable" in resp.json['message']
+    resp = client.get(
+        api.url_for(UsersList) + "?filter=password;a", headers=VALID_ADMIN_HEADER_TOKEN
+    )
+    assert "'password' is not sortable or filterable" in resp.json["message"]
 
 
 def test_sensitive_sort(client):
-    resp = client.get(api.url_for(UsersList) + '?sortBy=password&sortDir=asc', headers=VALID_ADMIN_HEADER_TOKEN)
-    assert "'password' is not sortable or filterable" in resp.json['message']
+    resp = client.get(
+        api.url_for(UsersList) + "?sortBy=password&sortDir=asc",
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
+    assert "'password' is not sortable or filterable" in resp.json["message"]
 
 
 def test_user_role_changes(client, session):
@@ -128,25 +184,30 @@ def test_user_role_changes(client, session):
     session.flush()
 
     data = {
-        'active': True,
-        'id': user.id,
-        'username': user.username,
-        'email': user.email,
-        'roles': [
-            {'id': role1.id},
-            {'id': role2.id},
-        ],
+        "active": True,
+        "id": user.id,
+        "username": user.username,
+        "email": user.email,
+        "roles": [{"id": role1.id}, {"id": role2.id}],
     }
 
     # PUT two roles
-    resp = client.put(api.url_for(Users, user_id=user.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    resp = client.put(
+        api.url_for(Users, user_id=user.id),
+        data=json.dumps(data),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
-    assert len(resp.json['roles']) == 2
+    assert len(resp.json["roles"]) == 2
     assert set(user.roles) == {role1, role2}
 
     # Remove one role and PUT again
-    del data['roles'][1]
-    resp = client.put(api.url_for(Users, user_id=user.id), data=json.dumps(data), headers=VALID_ADMIN_HEADER_TOKEN)
+    del data["roles"][1]
+    resp = client.put(
+        api.url_for(Users, user_id=user.id),
+        data=json.dumps(data),
+        headers=VALID_ADMIN_HEADER_TOKEN,
+    )
     assert resp.status_code == 200
-    assert len(resp.json['roles']) == 1
+    assert len(resp.json["roles"]) == 1
     assert set(user.roles) == {role1}

lemur/tests/test_utils.py

@@ -1,40 +1,49 @@
 import pytest
 
-from lemur.tests.vectors import SAN_CERT, INTERMEDIATE_CERT, ROOTCA_CERT, EC_CERT_EXAMPLE, ECDSA_PRIME256V1_CERT, ECDSA_SECP384r1_CERT, DSA_CERT
+from lemur.tests.vectors import (
+    SAN_CERT,
+    INTERMEDIATE_CERT,
+    ROOTCA_CERT,
+    EC_CERT_EXAMPLE,
+    ECDSA_PRIME256V1_CERT,
+    ECDSA_SECP384r1_CERT,
+    DSA_CERT,
+)
 
 
 def test_generate_private_key():
     from lemur.common.utils import generate_private_key
 
-    assert generate_private_key('RSA2048')
-    assert generate_private_key('RSA4096')
-    assert generate_private_key('ECCPRIME192V1')
-    assert generate_private_key('ECCPRIME256V1')
-    assert generate_private_key('ECCSECP192R1')
-    assert generate_private_key('ECCSECP224R1')
-    assert generate_private_key('ECCSECP256R1')
-    assert generate_private_key('ECCSECP384R1')
-    assert generate_private_key('ECCSECP521R1')
-    assert generate_private_key('ECCSECP256K1')
-    assert generate_private_key('ECCSECT163K1')
-    assert generate_private_key('ECCSECT233K1')
-    assert generate_private_key('ECCSECT283K1')
-    assert generate_private_key('ECCSECT409K1')
-    assert generate_private_key('ECCSECT571K1')
-    assert generate_private_key('ECCSECT163R2')
-    assert generate_private_key('ECCSECT233R1')
-    assert generate_private_key('ECCSECT283R1')
-    assert generate_private_key('ECCSECT409R1')
-    assert generate_private_key('ECCSECT571R2')
+    assert generate_private_key("RSA2048")
+    assert generate_private_key("RSA4096")
+    assert generate_private_key("ECCPRIME192V1")
+    assert generate_private_key("ECCPRIME256V1")
+    assert generate_private_key("ECCSECP192R1")
+    assert generate_private_key("ECCSECP224R1")
+    assert generate_private_key("ECCSECP256R1")
+    assert generate_private_key("ECCSECP384R1")
+    assert generate_private_key("ECCSECP521R1")
+    assert generate_private_key("ECCSECP256K1")
+    assert generate_private_key("ECCSECT163K1")
+    assert generate_private_key("ECCSECT233K1")
+    assert generate_private_key("ECCSECT283K1")
+    assert generate_private_key("ECCSECT409K1")
+    assert generate_private_key("ECCSECT571K1")
+    assert generate_private_key("ECCSECT163R2")
+    assert generate_private_key("ECCSECT233R1")
+    assert generate_private_key("ECCSECT283R1")
+    assert generate_private_key("ECCSECT409R1")
+    assert generate_private_key("ECCSECT571R2")
 
     with pytest.raises(Exception):
-        generate_private_key('LEMUR')
+        generate_private_key("LEMUR")
 
 
 def test_get_authority_key():
-    '''test get authority key function'''
+    """test get authority key function"""
     from lemur.common.utils import get_authority_key
-    test_cert = '''-----BEGIN CERTIFICATE-----
+
+    test_cert = """-----BEGIN CERTIFICATE-----
 MIIGYjCCBEqgAwIBAgIUVS7mn6LR5XlQyEGxQ4w9YAWL/XIwDQYJKoZIhvcNAQEN
 BQAweTELMAkGA1UEBhMCREUxDTALBgNVBAgTBEJvbm4xEDAOBgNVBAcTB0dlcm1h
 bnkxITAfBgNVBAoTGFRlbGVrb20gRGV1dHNjaGxhbmQgR21iSDELMAkGA1UECxMC
@@ -70,9 +79,9 @@ zc75IDsn5wP6A3KflduWW7ri0bYUiKe5higMcbUM0aXzTEAVxsxPk8aEsR9dazF7
 y4L/msew3UjFE3ovDHgStjWM1NBMxuIvJEbWOsiB2WA2l3FiT8HvFi0eX/0hbkGi
 5LL+oz7nvm9Of7te/BV6Rq0rXWN4d6asO+QlLkTqbmAH6rwunmPCY7MbLXXtP/qM
 KFfxwrO1
------END CERTIFICATE-----'''
+-----END CERTIFICATE-----"""
     authority_key = get_authority_key(test_cert)
-    assert authority_key == 'feacb541be81771293affa412d8dc9f66a3ebb80'
+    assert authority_key == "feacb541be81771293affa412d8dc9f66a3ebb80"
 
 
 def test_is_selfsigned(selfsigned_cert):

lemur/tests/test_validators.py

@@ -12,7 +12,7 @@ def test_private_key(session):
     parse_private_key(SAN_CERT_KEY)
 
     with pytest.raises(ValueError):
-        parse_private_key('invalid_private_key')
+        parse_private_key("invalid_private_key")
 
 
 def test_validate_private_key(session):
@@ -29,7 +29,7 @@ def test_sub_alt_type(session):
     from lemur.common.validators import sub_alt_type
 
     with pytest.raises(ValidationError):
-        sub_alt_type('CNAME')
+        sub_alt_type("CNAME")
 
 
 def test_dates(session):
@@ -44,7 +44,13 @@ def test_dates(session):
         dates(dict(validity_end=datetime(2016, 1, 1)))
 
     with pytest.raises(ValidationError):
-        dates(dict(validity_start=datetime(2016, 1, 5), validity_end=datetime(2016, 1, 1)))
+        dates(
+            dict(validity_start=datetime(2016, 1, 5), validity_end=datetime(2016, 1, 1))
+        )
 
     with pytest.raises(ValidationError):
-        dates(dict(validity_start=datetime(2016, 1, 1), validity_end=datetime(2016, 1, 10)))
+        dates(
+            dict(
+                validity_start=datetime(2016, 1, 1), validity_end=datetime(2016, 1, 10)
+            )
+        )

lemur/tests/test_verify.py

@@ -13,20 +13,24 @@ from .vectors import INTERMEDIATE_CERT_STR
 def test_verify_simple_cert():
     """Simple certificate without CRL or OCSP."""
     # Verification returns None if there are no means to verify a cert
-    assert verify_string(INTERMEDIATE_CERT_STR, '') is None
+    assert verify_string(INTERMEDIATE_CERT_STR, "") is None
 
 
 def test_verify_crl_unknown_scheme(cert_builder, private_key):
     """Unknown distribution point URI schemes should be ignored."""
-    ldap_uri = 'ldap://ldap.example.org/cn=Example%20Certificate%20Authority?certificateRevocationList;binary'
-    crl_dp = x509.DistributionPoint([UniformResourceIdentifier(ldap_uri)],
-                                    relative_name=None, reasons=None, crl_issuer=None)
-    cert = (cert_builder
-            .add_extension(x509.CRLDistributionPoints([crl_dp]), critical=False)
-            .sign(private_key, hashes.SHA256(), default_backend()))
+    ldap_uri = "ldap://ldap.example.org/cn=Example%20Certificate%20Authority?certificateRevocationList;binary"
+    crl_dp = x509.DistributionPoint(
+        [UniformResourceIdentifier(ldap_uri)],
+        relative_name=None,
+        reasons=None,
+        crl_issuer=None,
+    )
+    cert = cert_builder.add_extension(
+        x509.CRLDistributionPoints([crl_dp]), critical=False
+    ).sign(private_key, hashes.SHA256(), default_backend())
 
     with mktempfile() as cert_tmp:
-        with open(cert_tmp, 'wb') as f:
+        with open(cert_tmp, "wb") as f:
             f.write(cert.public_bytes(serialization.Encoding.PEM))
 
         # Must not raise exception
@@ -35,15 +39,19 @@ def test_verify_crl_unknown_scheme(cert_builder, private_key):
 
 def test_verify_crl_unreachable(cert_builder, private_key):
     """Unreachable CRL distribution point results in error."""
-    ldap_uri = 'http://invalid.example.org/crl/foobar.crl'
-    crl_dp = x509.DistributionPoint([UniformResourceIdentifier(ldap_uri)],
-                                    relative_name=None, reasons=None, crl_issuer=None)
-    cert = (cert_builder
-            .add_extension(x509.CRLDistributionPoints([crl_dp]), critical=False)
-            .sign(private_key, hashes.SHA256(), default_backend()))
+    ldap_uri = "http://invalid.example.org/crl/foobar.crl"
+    crl_dp = x509.DistributionPoint(
+        [UniformResourceIdentifier(ldap_uri)],
+        relative_name=None,
+        reasons=None,
+        crl_issuer=None,
+    )
+    cert = cert_builder.add_extension(
+        x509.CRLDistributionPoints([crl_dp]), critical=False
+    ).sign(private_key, hashes.SHA256(), default_backend())
 
     with mktempfile() as cert_tmp:
-        with open(cert_tmp, 'wb') as f:
+        with open(cert_tmp, "wb") as f:
             f.write(cert.public_bytes(serialization.Encoding.PEM))
 
         with pytest.raises(Exception, match="Unable to retrieve CRL:"):

lemur/tests/vectors.py

@@ -1,20 +1,23 @@
 from lemur.common.utils import parse_certificate
 
 VALID_USER_HEADER_TOKEN = {
-    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MjE2NTIwMjIsImV4cCI6MjM4NTY1MjAyMiwic3ViIjoxfQ.uK4PZjVAs0gt6_9h2EkYkKd64nFXdOq-rHsJZzeQicc',
-    'Content-Type': 'application/json'
+    "Authorization": "Basic "
+    + "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MjE2NTIwMjIsImV4cCI6MjM4NTY1MjAyMiwic3ViIjoxfQ.uK4PZjVAs0gt6_9h2EkYkKd64nFXdOq-rHsJZzeQicc",
+    "Content-Type": "application/json",
 }
 
 
 VALID_ADMIN_HEADER_TOKEN = {
-    'Authorization': 'Basic ' + 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MjE2NTE2NjMsInN1YiI6MiwiYWlkIjoxfQ.wyf5PkQNcggLrMFqxDfzjY-GWPw_XsuWvU2GmQaC5sg',
-    'Content-Type': 'application/json'
+    "Authorization": "Basic "
+    + "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1MjE2NTE2NjMsInN1YiI6MiwiYWlkIjoxfQ.wyf5PkQNcggLrMFqxDfzjY-GWPw_XsuWvU2GmQaC5sg",
+    "Content-Type": "application/json",
 }
 
 
 VALID_ADMIN_API_TOKEN = {
-    'Authorization': 'Basic ' + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjIsImFpZCI6MSwiaWF0IjoxNDM1MjMzMzY5fQ.umW0I_oh4MVZ2qrClzj9SfYnQl6cd0HGzh9EwkDW60I',
-    'Content-Type': 'application/json'
+    "Authorization": "Basic "
+    + "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOjIsImFpZCI6MSwiaWF0IjoxNDM1MjMzMzY5fQ.umW0I_oh4MVZ2qrClzj9SfYnQl6cd0HGzh9EwkDW60I",
+    "Content-Type": "application/json",
 }