CertificateType rework
This commit is contained in:
parent
f21029e15b
commit
702aefc6e3
2 changed files with 5 additions and 13 deletions
|
@ -102,7 +102,6 @@ class CertificateType(Enum):
|
||||||
Possible types of certificates
|
Possible types of certificates
|
||||||
"""
|
"""
|
||||||
|
|
||||||
ca = auto()
|
|
||||||
client = auto()
|
client = auto()
|
||||||
server = auto()
|
server = auto()
|
||||||
|
|
||||||
|
@ -238,20 +237,16 @@ class EasyRSA:
|
||||||
def get_certificate(
|
def get_certificate(
|
||||||
self,
|
self,
|
||||||
*,
|
*,
|
||||||
cert_type: CertificateType | None = None,
|
|
||||||
dn: DistinguishedName | None = None,
|
dn: DistinguishedName | None = None,
|
||||||
) -> x509.Certificate | None:
|
) -> x509.Certificate | None:
|
||||||
"""
|
"""
|
||||||
Get a certificate from the PKI directory
|
Get a certificate from the PKI directory
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if cert_type is CertificateType.ca:
|
if dn is None:
|
||||||
cert_filename = self.output_directory.joinpath("ca.crt")
|
cert_filename = self.output_directory.joinpath("ca.crt")
|
||||||
|
|
||||||
else:
|
else:
|
||||||
if dn is None:
|
|
||||||
dn = DistinguishedName.build()
|
|
||||||
|
|
||||||
cert_filename = (self.output_directory.joinpath("issued")
|
cert_filename = (self.output_directory.joinpath("issued")
|
||||||
.joinpath(f"{dn.common_name}.crt"))
|
.joinpath(f"{dn.common_name}.crt"))
|
||||||
|
|
||||||
|
@ -284,7 +279,7 @@ class EasyRSA:
|
||||||
EASYRSA_REQ_CN="kiwi-vpn-ca",
|
EASYRSA_REQ_CN="kiwi-vpn-ca",
|
||||||
)
|
)
|
||||||
|
|
||||||
cert = self.get_certificate(cert_type=CertificateType.ca)
|
cert = self.get_certificate()
|
||||||
assert cert is not None
|
assert cert is not None
|
||||||
|
|
||||||
# # this takes long!
|
# # this takes long!
|
||||||
|
@ -315,10 +310,7 @@ class EasyRSA:
|
||||||
**dn.easyrsa_env,
|
**dn.easyrsa_env,
|
||||||
)
|
)
|
||||||
|
|
||||||
return self.get_certificate(
|
return self.get_certificate(dn=dn)
|
||||||
cert_type=cert_type,
|
|
||||||
dn=dn,
|
|
||||||
)
|
|
||||||
|
|
||||||
def renew(
|
def renew(
|
||||||
self,
|
self,
|
||||||
|
|
|
@ -7,7 +7,7 @@ from fastapi.security import OAuth2PasswordBearer
|
||||||
|
|
||||||
from ..config import SETTINGS, Config
|
from ..config import SETTINGS, Config
|
||||||
from ..db import Device, User
|
from ..db import Device, User
|
||||||
from ..easyrsa import EASYRSA, CertificateType, EasyRSA
|
from ..easyrsa import EASYRSA, EasyRSA
|
||||||
|
|
||||||
oauth2_scheme = OAuth2PasswordBearer(
|
oauth2_scheme = OAuth2PasswordBearer(
|
||||||
tokenUrl=f"{SETTINGS.api_v1_prefix}/user/authenticate"
|
tokenUrl=f"{SETTINGS.api_v1_prefix}/user/authenticate"
|
||||||
|
@ -145,7 +145,7 @@ async def get_pki() -> EasyRSA:
|
||||||
- 425: EasyRSA not initialized
|
- 425: EasyRSA not initialized
|
||||||
"""
|
"""
|
||||||
|
|
||||||
if EASYRSA.get_certificate(cert_type=CertificateType.ca) is None:
|
if EASYRSA.get_certificate() is None:
|
||||||
raise HTTPException(status_code=status.HTTP_425_TOO_EARLY)
|
raise HTTPException(status_code=status.HTTP_425_TOO_EARLY)
|
||||||
|
|
||||||
return EASYRSA
|
return EASYRSA
|
||||||
|
|
Loading…
Reference in a new issue