o €Ï=3ã@spdZddlmZddlmZddlmZddlZddlZddlZddlm Z ddlm Z ddlm Z dd l m Z dd l mZd Zd d „Zdd„Zdd„Zdd„ZGdd„dejƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGdd„deƒZGd d!„d!eƒZGd"d#„d#eƒZd$d%„Zd&d'„Zd(d)„Z d*d+„Z!d4d,d-„Z"d.d/„Z#d0d1„Z$Gd2d3„d3e%ƒZ&dS)5zCreate ECP configurations.é)Úabsolute_import)Údivision)Úunicode_literalsN)Úconfig)Úlog)Ú properties)Úfiles)Ú platformsz/enterprise-certificate-proxy configuration filecCs&t ¡j}|s tdƒ‚tj |dd¡S)NzKUnable to find the SDK root path. The gcloud installation may be corrupted.ÚplatformÚenterprise_cert)rÚPathsÚsdk_rootÚECPConfigErrorÚosÚpathÚjoin)r ©rúZ/tmp/google-cloud-sdk/lib/googlecloudsdk/command_lib/auth/enterprise_certificate_config.pyÚget_platform_folder"s ÿrcCst ¡j}|s tdƒ‚|S)NzJUnable to find the SDK bin path. The gcloud installation may be corrupted.)rr Ú sdk_bin_pathr)rrrrÚget_bin_folder-s ÿrcCs|r|St ¡S©N)rÚCertConfigDefaultFilePath)Ú output_filerrrÚget_config_path8srcCsZ|stj ¡}|jtjjkrtjS|jtjjkrtj S|jtjj kr%tj St d  |j¡ƒ‚)NzfUnsupported platform {}. Enterprise Certificate Proxy currently only supports OSX, Windows, and Linux.)r ÚPlatformÚCurrentÚoperating_systemÚOperatingSystemÚMACOSXÚ ConfigTypeÚKEYCHAINÚLINUXÚPKCS11ÚWINDOWSÚMYSTORErÚformat)r rrrÚplatform_to_config>s ür'c@seZdZdZdZdZdZdS)r ééééN)Ú__name__Ú __module__Ú __qualname__r#r!r%ÚWORKLOADrrrrr Ps r c@óeZdZdZdd„ZdS)ÚWindowsBinaryPathConfigaConfiguration for the paths to the ECP binaries on Windows. Attributes: ecp: Path to the ECP binary. ecp_http_proxy: Path to the ECP HTTP proxy binary. ecp_client: Path to the ECP client library. tls_offload: Path to the TLS offload library. cCór|r|ntj tƒd¡|_|r|ntj tƒd¡|_|r|ntj tƒd¡|_|r.||_dStj tƒd¡|_dS)Nzecp.exezecp_http_proxy.exez libecp.dllzlibtls_offload.dll© rrrrÚecpÚecp_http_proxyrÚ ecp_clientÚ tls_offload©Úselfr4r6r7r5rrrÚ__init__aóÿýÿýÿÿýz WindowsBinaryPathConfig.__init__N©r,r-r.Ú__doc__r:rrrrr1Wó r1c@r0)ÚLinuxPathConfigaConfiguration for the paths to the ECP binaries on Linux. Attributes: ecp: Path to the ECP binary. ecp_http_proxy: Path to the ECP HTTP proxy binary. ecp_client: Path to the ECP client library. tls_offload: Path to the TLS offload library. cCr2)Nr4r5z libecp.sozlibtls_offload.sor3r8rrrr:~r;zLinuxPathConfig.__init__Nr<rrrrr?tr>r?c@r0)ÚMacOSBinaryPathConfigaConfiguration for the paths to the ECP binaries on MacOS. Attributes: ecp: Path to the ECP binary. ecp_http_proxy: Path to the ECP HTTP proxy binary. ecp_client: Path to the ECP client library. tls_offload: Path to the TLS offload library. cCr2)Nr4r5z libecp.dylibzlibtls_offload.dylibr3r8rrrr:›r;zMacOSBinaryPathConfig.__init__Nr<rrrrr@‘r>r@c@óeZdZdd„ZdS)Ú PKCS11ConfigcCs$||_||_||_|r||_dSdSr)ÚmoduleÚslotÚlabelÚuser_pin)r9rCrDrErFrrrr:°s  ÿzPKCS11Config.__init__N©r,r-r.r:rrrrrB®ó rBc@rA)ÚKeyChainConfigcCó||_||_dSr)ÚissuerÚ keychain_type)r9rKrLrrrr:»ó zKeyChainConfig.__init__NrGrrrrrI¹rHrIc@rA)Ú MyStoreConfigcCs||_||_||_dSr)rKÚstoreÚprovider)r9rKrOrPrrrr:Âs zMyStoreConfig.__init__NrGrrrrrNÀrHrNc@rA)ÚWorkloadConfigcCrJr)Ú cert_pathÚkey_path)r9rRrSrrrr:ÊrMzWorkloadConfig.__init__NrGrrrrrQÈrHrQcKs|r| di¡ di¡}| di¡}ni}i}t| dd¡p#| dd¡| dd¡p.| dd¡| dd¡p9| dd¡| d d¡pD| d d¡ƒ}t| d d¡pR| d d¡| d d¡p]| d d¡| d d¡ph| d d¡| d d¡ps| d d¡ƒ}dt|ƒidt|ƒifS)a0Creates a Linux ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Linux config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. Ú cert_configsÚpkcs11ÚlibsrCNrDrrErFr4r6r7r5)ÚgetrBr?Úvars)Ú base_configÚkwargsÚbase_linux_configÚbase_libs_configÚ ecp_configÚ lib_configrrrÚcreate_linux_configÏs* ü      ù r_cKsÊ|r |dd}|d}ni}i}t| dd¡p| dd¡| dd¡p(| dd¡ƒ}t| dd¡p6| dd¡| d d¡pA| d d¡| d d¡pL| d d¡| d d¡pW| d d¡ƒ}dt|ƒidt|ƒifS) a0Creates a MacOS ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: MacOS config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. rTÚmacos_keychainrVrKNrLÚallr4r6r7r5)rIrWr@rX)rYrZÚbase_macos_configr\r]r^rrrÚcreate_macos_configôs(    ý      ù rccKsà|r |dd}|d}ni}i}t| dd¡p| dd¡| dd¡p(| dd¡| dd¡p3| dd¡ƒ}t| dd¡pA| dd¡| d d¡pL| d d¡| d d¡pW| d d¡| d d¡pb| d d¡ƒ}dt|ƒidt|ƒifS) a4Creates a Windows ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Windows config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. rTÚ windows_storerVrKNrOrPr4r6r7r5)rNrWr1rX)rYrZÚbase_windows_configr\r]r^rrrÚcreate_windows_configs(  ý      ù rfcKsX|r |dd}ni}t| dd¡p| dd¡| dd¡p"| dd¡ƒ}dt|ƒiifS)a6Creates a Workload ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Workload config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. rTÚworkloadrRNrS)rQrWrX)rYrZÚbase_workload_configÚworkload_configrrrÚcreate_workload_config<s     ürjcKsÎ|tjkrt|fi|¤Ž\}}n7|tjkr t|fi|¤Ž\}}n'|tjkr0t|fi|¤Ž\}}n|tjkr@t|fi|¤Ž\}}nt d  |¡ƒ‚t j j j ¡rRt  ¡sad|vrad|dvra|dd=d|i|¥S)a±Creates an ECP Config. Args: config_type: An ConfigType Enum that describes the type of ECP config. base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. Raises: ECPConfigError: No valid config_type is specified. z|Unknown config_type {} passed to create enterprise certificate configuration. Valid options are: [PKCS11, KEYCHAIN, MYSTORE]rVr5rT)r r#r_r!rcr%rfr/rjrr&rÚVALUESÚ context_awareÚuse_ecp_http_proxyÚGetBoolÚIsInternalUserCheck)Ú config_typerYrZr]Ú libs_configrrrÚcreate_ecp_configWs(    ü þý   rrcKsHt|dfi|¤Ž}t| dd¡ƒ}t |tj|dd¡t |t ¡dS)zsB           %$$ .