CertificateType rework

This commit is contained in:
Jörn-Michael Miehe 2022-04-07 11:37:36 +00:00
parent f21029e15b
commit 702aefc6e3
2 changed files with 5 additions and 13 deletions

View file

@ -102,7 +102,6 @@ class CertificateType(Enum):
Possible types of certificates
"""
ca = auto()
client = auto()
server = auto()
@ -238,20 +237,16 @@ class EasyRSA:
def get_certificate(
self,
*,
cert_type: CertificateType | None = None,
dn: DistinguishedName | None = None,
) -> x509.Certificate | None:
"""
Get a certificate from the PKI directory
"""
if cert_type is CertificateType.ca:
if dn is None:
cert_filename = self.output_directory.joinpath("ca.crt")
else:
if dn is None:
dn = DistinguishedName.build()
cert_filename = (self.output_directory.joinpath("issued")
.joinpath(f"{dn.common_name}.crt"))
@ -284,7 +279,7 @@ class EasyRSA:
EASYRSA_REQ_CN="kiwi-vpn-ca",
)
cert = self.get_certificate(cert_type=CertificateType.ca)
cert = self.get_certificate()
assert cert is not None
# # this takes long!
@ -315,10 +310,7 @@ class EasyRSA:
**dn.easyrsa_env,
)
return self.get_certificate(
cert_type=cert_type,
dn=dn,
)
return self.get_certificate(dn=dn)
def renew(
self,

View file

@ -7,7 +7,7 @@ from fastapi.security import OAuth2PasswordBearer
from ..config import SETTINGS, Config
from ..db import Device, User
from ..easyrsa import EASYRSA, CertificateType, EasyRSA
from ..easyrsa import EASYRSA, EasyRSA
oauth2_scheme = OAuth2PasswordBearer(
tokenUrl=f"{SETTINGS.api_v1_prefix}/user/authenticate"
@ -145,7 +145,7 @@ async def get_pki() -> EasyRSA:
- 425: EasyRSA not initialized
"""
if EASYRSA.get_certificate(cert_type=CertificateType.ca) is None:
if EASYRSA.get_certificate() is None:
raise HTTPException(status_code=status.HTTP_425_TOO_EARLY)
return EASYRSA