Pleasing the PEP8 gods

lemur/certificates/exceptions.py

@@ -53,6 +53,7 @@ class UnableToCreateCSR(LemurException):
     def __str__(self):
         return repr(self.data['message'])
 
+
 class UnableToCreatePrivateKey(LemurException):
     def __init__(self):
         self.code = 500
@@ -63,6 +64,7 @@ class UnableToCreatePrivateKey(LemurException):
     def __str__(self):
         return repr(self.data['message'])
 
+
 class MissingFiles(LemurException):
     def __init__(self, path):
         self.code = 500
@@ -84,4 +86,3 @@ class NoPersistanceFound(LemurException):
 
     def __str__(self):
         return repr(self.data['message'])
-

lemur/certificates/models.py

@@ -21,7 +21,7 @@ from lemur.database import db
 
 from lemur.domains.models import Domain
 
-from lemur.constants import SAN_NAMING_TEMPLATE, DEFAULT_NAMING_TEMPLATE, NONSTANDARD_NAMING_TEMPLATE
+from lemur.constants import SAN_NAMING_TEMPLATE, DEFAULT_NAMING_TEMPLATE
 from lemur.models import certificate_associations, certificate_destination_associations
 
 
@@ -110,6 +110,7 @@ def cert_is_san(cert):
     if len(cert_get_domains(cert)) > 1:
         return True
 
+
 def cert_is_wildcard(cert):
     """
     Determines if certificate is a wildcard certificate.
@@ -197,8 +198,8 @@ class Certificate(db.Model):
     owner = Column(String(128))
     body = Column(Text())
     private_key = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))
-    challenge = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY'))) # TODO deprecate
-    csr_config = Column(Text()) # TODO deprecate
+    challenge = Column(EncryptedType(String, os.environ.get('LEMUR_ENCRYPTION_KEY')))  # TODO deprecate
+    csr_config = Column(Text())  # TODO deprecate
     status = Column(String(128))
     deleted = Column(Boolean, index=True)
     name = Column(String(128))
@@ -266,4 +267,3 @@ class Certificate(db.Model):
 
     def as_dict(self):
         return {c.name: getattr(self, c.name) for c in self.__table__.columns}
-

lemur/certificates/service.py

@@ -27,7 +27,6 @@ from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 
 
-
 def get(cert_id):
     """
     Retrieves certificate by it's ID.
@@ -106,7 +105,7 @@ def mint(issuer_options):
 
     csr, private_key = create_csr(issuer_options)
 
-    issuer_options['challenge'] = create_challenge()
+    issuer_options['challenge'] = create_challenge()  # TODO deprecate
     issuer_options['creator'] = g.user.email
     cert_body, cert_chain = issuer.create_certificate(csr, issuer_options)
 
@@ -212,8 +211,8 @@ def render(args):
     time_range = args.pop('time_range')
     destination_id = args.pop('destination_id')
     show = args.pop('show')
-    owner = args.pop('owner')
-    creator = args.pop('creator')  # TODO we should enabling filtering by owner
+    # owner = args.pop('owner')
+    # creator = args.pop('creator')  # TODO we should enabling filtering by owner
 
     filt = args.pop('filter')
 
@@ -235,7 +234,7 @@ def render(args):
 
         if 'destination' in terms:
             query = query.filter(Certificate.destinations.any(Destination.id == terms[1]))
-        elif 'active' in filt: # this is really weird but strcmp seems to not work here??
+        elif 'active' in filt:  # this is really weird but strcmp seems to not work here??
             query = query.filter(Certificate.active == terms[1])
         else:
             query = database.filter(query, Certificate, terms)
@@ -288,7 +287,7 @@ def create_csr(csr_config):
         x509.BasicConstraints(ca=False, path_length=None), critical=True,
     )
 
-    #for k, v in csr_config.get('extensions', {}).items():
+    # for k, v in csr_config.get('extensions', {}).items():
     #    if k == 'subAltNames':
     #        builder = builder.add_extension(
     #            x509.SubjectAlternativeName([x509.DNSName(n) for n in v]), critical=True,
@@ -354,14 +353,16 @@ def create_csr(csr_config):
 
     return csr, pem
 
+
+# TODO deprecate
 def create_challenge():
     """
     Create a random and strongish csr challenge.
     """
-    challenge = ''.join(random.choice(string.ascii_uppercase) for x in range(6))
-    challenge += ''.join(random.choice("~!@#$%^&*()_+") for x in range(6))
+    challenge = ''.join(random.choice(string.ascii_uppercase) for x in range(6))  # noqa
+    challenge += ''.join(random.choice("~!@#$%^&*()_+") for x in range(6))  # noqa
     challenge += ''.join(random.choice(string.ascii_lowercase) for x in range(6))
-    challenge += ''.join(random.choice(string.digits) for x in range(6))
+    challenge += ''.join(random.choice(string.digits) for x in range(6))  # noqa
     return challenge
 
 
@@ -405,5 +406,3 @@ def stats(**kwargs):
         values.append(count)
 
     return {'labels': keys, 'values': values}
-
-

lemur/certificates/sync.py

@@ -21,6 +21,7 @@ from lemur.certificates import service as cert_service
 from lemur.plugins.base import plugins
 from lemur.plugins.bases.source import SourcePlugin
 
+
 def sync():
     for plugin in plugins:
         new = 0
@@ -42,5 +43,4 @@ def sync():
 
                 # TODO associated cert with source
                 # TODO update cert if found from different source
-                # TODO dissassociate source if missing
-
+                # TODO disassociate source if missing

lemur/certificates/verify.py

@@ -30,7 +30,7 @@ def ocsp_verify(cert_path, issuer_chain_path):
     url, err = p1.communicate()
 
     p2 = subprocess.Popen(['openssl', 'ocsp', '-issuer', issuer_chain_path,
-                            '-cert', cert_path, "-url", url.strip()], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+                           '-cert', cert_path, "-url", url.strip()], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 
     message, err = p2.communicate()
     if 'error' in message or 'Error' in message:
@@ -132,4 +132,4 @@ def verify_string(cert_string, issuer_string):
 
 
 def remove_tmp_file(file_path):
-    os.remove(file_path)
+    os.remove(file_path)

lemur/certificates/views.py

@@ -51,7 +51,7 @@ def valid_authority(authority_options):
     """
     Defends against invalid authorities
 
-    :param authority_name:
+    :param authority_options:
     :return: :raise ValueError:
     """
     name = authority_options['name']
@@ -76,7 +76,7 @@ def pem_str(value, name):
     """
     try:
         x509.load_pem_x509_certificate(str(value), default_backend())
-    except Exception as e:
+    except Exception:
         raise ValueError("The parameter '{0}' needs to be a valid PEM string".format(name))
     return value
 
@@ -91,12 +91,11 @@ def private_key_str(value, name):
     """
     try:
         serialization.load_pem_private_key(str(value), None, backend=default_backend())
-    except Exception as e:
+    except Exception:
         raise ValueError("The parameter '{0}' needs to be a valid RSA private key".format(name))
     return value
 
 
-
 class CertificatesList(AuthenticatedResource):
     """ Defines the 'certificates' endpoint """
     def __init__(self):
@@ -274,8 +273,8 @@ class CertificatesList(AuthenticatedResource):
         self.reqparse.add_argument('destinations', type=list, default=[], location='json')
         self.reqparse.add_argument('elbs', type=list, location='json')
         self.reqparse.add_argument('owner', type=str, location='json')
-        self.reqparse.add_argument('validityStart', type=str, location='json') # parse date
-        self.reqparse.add_argument('validityEnd', type=str, location='json') # parse date
+        self.reqparse.add_argument('validityStart', type=str, location='json')  # TODO validate
+        self.reqparse.add_argument('validityEnd', type=str, location='json')  # TODO validate
         self.reqparse.add_argument('authority', type=valid_authority, location='json')
         self.reqparse.add_argument('description', type=str, location='json')
         self.reqparse.add_argument('country', type=str, location='json')