CertificateType rework
This commit is contained in:
parent
f21029e15b
commit
702aefc6e3
2 changed files with 5 additions and 13 deletions
|
@ -102,7 +102,6 @@ class CertificateType(Enum):
|
|||
Possible types of certificates
|
||||
"""
|
||||
|
||||
ca = auto()
|
||||
client = auto()
|
||||
server = auto()
|
||||
|
||||
|
@ -238,20 +237,16 @@ class EasyRSA:
|
|||
def get_certificate(
|
||||
self,
|
||||
*,
|
||||
cert_type: CertificateType | None = None,
|
||||
dn: DistinguishedName | None = None,
|
||||
) -> x509.Certificate | None:
|
||||
"""
|
||||
Get a certificate from the PKI directory
|
||||
"""
|
||||
|
||||
if cert_type is CertificateType.ca:
|
||||
if dn is None:
|
||||
cert_filename = self.output_directory.joinpath("ca.crt")
|
||||
|
||||
else:
|
||||
if dn is None:
|
||||
dn = DistinguishedName.build()
|
||||
|
||||
cert_filename = (self.output_directory.joinpath("issued")
|
||||
.joinpath(f"{dn.common_name}.crt"))
|
||||
|
||||
|
@ -284,7 +279,7 @@ class EasyRSA:
|
|||
EASYRSA_REQ_CN="kiwi-vpn-ca",
|
||||
)
|
||||
|
||||
cert = self.get_certificate(cert_type=CertificateType.ca)
|
||||
cert = self.get_certificate()
|
||||
assert cert is not None
|
||||
|
||||
# # this takes long!
|
||||
|
@ -315,10 +310,7 @@ class EasyRSA:
|
|||
**dn.easyrsa_env,
|
||||
)
|
||||
|
||||
return self.get_certificate(
|
||||
cert_type=cert_type,
|
||||
dn=dn,
|
||||
)
|
||||
return self.get_certificate(dn=dn)
|
||||
|
||||
def renew(
|
||||
self,
|
||||
|
|
|
@ -7,7 +7,7 @@ from fastapi.security import OAuth2PasswordBearer
|
|||
|
||||
from ..config import SETTINGS, Config
|
||||
from ..db import Device, User
|
||||
from ..easyrsa import EASYRSA, CertificateType, EasyRSA
|
||||
from ..easyrsa import EASYRSA, EasyRSA
|
||||
|
||||
oauth2_scheme = OAuth2PasswordBearer(
|
||||
tokenUrl=f"{SETTINGS.api_v1_prefix}/user/authenticate"
|
||||
|
@ -145,7 +145,7 @@ async def get_pki() -> EasyRSA:
|
|||
- 425: EasyRSA not initialized
|
||||
"""
|
||||
|
||||
if EASYRSA.get_certificate(cert_type=CertificateType.ca) is None:
|
||||
if EASYRSA.get_certificate() is None:
|
||||
raise HTTPException(status_code=status.HTTP_425_TOO_EARLY)
|
||||
|
||||
return EASYRSA
|
||||
|
|
Loading…
Reference in a new issue