Skip to content

Commit

Permalink
[Key Vault] Generate Keys with TypeSpec (#36902)
Browse files Browse the repository at this point in the history
  • Loading branch information
mccoyp authored Feb 26, 2025
1 parent ef180f1 commit 3d9629b
Show file tree
Hide file tree
Showing 37 changed files with 4,656 additions and 2,755 deletions.
1 change: 1 addition & 0 deletions sdk/keyvault/azure-keyvault-keys/CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
### Bugs Fixed

### Other Changes
- Updated minimum `typing-extensions` version to 4.6.0

## 4.10.0 (2024-10-17)

Expand Down
33 changes: 12 additions & 21 deletions sdk/keyvault/azure-keyvault-keys/azure/keyvault/keys/_client.py
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ def create_key(
release_policy=policy,
)

bundle = self._client.create_key(vault_base_url=self.vault_url, key_name=name, parameters=parameters, **kwargs)
bundle = self._client.create_key(key_name=name, parameters=parameters, **kwargs)
return KeyVaultKey._from_key_bundle(bundle)

@distributed_trace
Expand Down Expand Up @@ -429,7 +429,6 @@ def begin_delete_key(self, name: str, **kwargs: Any) -> LROPoller[DeletedKey]:
if polling_interval is None:
polling_interval = 2
pipeline_response, deleted_key_bundle = self._client.delete_key(
vault_base_url=self.vault_url,
key_name=name,
cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized),
**kwargs,
Expand Down Expand Up @@ -472,7 +471,7 @@ def get_key(self, name: str, version: Optional[str] = None, **kwargs: Any) -> Ke
:caption: Get a key
:dedent: 8
"""
bundle = self._client.get_key(self.vault_url, name, key_version=version or "", **kwargs)
bundle = self._client.get_key(name, key_version=version or "", **kwargs)
return KeyVaultKey._from_key_bundle(bundle)

@distributed_trace
Expand All @@ -497,7 +496,7 @@ def get_deleted_key(self, name: str, **kwargs: Any) -> DeletedKey:
:caption: Get a deleted key
:dedent: 8
"""
bundle = self._client.get_deleted_key(self.vault_url, name, **kwargs)
bundle = self._client.get_deleted_key(name, **kwargs)
return DeletedKey._from_deleted_key_bundle(bundle)

@distributed_trace
Expand All @@ -518,7 +517,6 @@ def list_deleted_keys(self, **kwargs: Any) -> ItemPaged[DeletedKey]:
:dedent: 8
"""
return self._client.get_deleted_keys(
self._vault_url,
maxresults=kwargs.pop("max_page_size", None),
cls=lambda objs: [DeletedKey._from_deleted_key_item(x) for x in objs],
**kwargs
Expand All @@ -542,7 +540,6 @@ def list_properties_of_keys(self, **kwargs: Any) -> ItemPaged[KeyProperties]:
:dedent: 8
"""
return self._client.get_keys(
self._vault_url,
maxresults=kwargs.pop("max_page_size", None),
cls=lambda objs: [KeyProperties._from_key_item(x) for x in objs],
**kwargs
Expand All @@ -568,7 +565,6 @@ def list_properties_of_key_versions(self, name: str, **kwargs: Any) -> ItemPaged
:dedent: 8
"""
return self._client.get_key_versions(
self._vault_url,
name,
maxresults=kwargs.pop("max_page_size", None),
cls=lambda objs: [KeyProperties._from_key_item(x) for x in objs],
Expand Down Expand Up @@ -600,7 +596,7 @@ def purge_deleted_key(self, name: str, **kwargs: Any) -> None:
key_client.purge_deleted_key("key-name")
"""
self._client.purge_deleted_key(vault_base_url=self.vault_url, key_name=name, **kwargs)
self._client.purge_deleted_key(key_name=name, **kwargs)

@distributed_trace
def begin_recover_deleted_key(self, name: str, **kwargs: Any) -> LROPoller[KeyVaultKey]:
Expand Down Expand Up @@ -634,7 +630,6 @@ def begin_recover_deleted_key(self, name: str, **kwargs: Any) -> LROPoller[KeyVa
if polling_interval is None:
polling_interval = 2
pipeline_response, recovered_key_bundle = self._client.recover_deleted_key(
vault_base_url=self.vault_url,
key_name=name,
cls=lambda pipeline_response, deserialized, _: (pipeline_response, deserialized),
**kwargs,
Expand Down Expand Up @@ -715,7 +710,7 @@ def update_key_properties(
)

bundle = self._client.update_key(
self.vault_url, name, key_version=version or "", parameters=parameters, **kwargs
name, key_version=version or "", parameters=parameters, **kwargs
)
return KeyVaultKey._from_key_bundle(bundle)

Expand Down Expand Up @@ -745,7 +740,7 @@ def backup_key(self, name: str, **kwargs: Any) -> bytes:
:caption: Get a key backup
:dedent: 8
"""
backup_result = self._client.backup_key(self.vault_url, name, **kwargs)
backup_result = self._client.backup_key(name, **kwargs)
return backup_result.value

@distributed_trace
Expand Down Expand Up @@ -775,7 +770,6 @@ def restore_key_backup(self, backup: bytes, **kwargs: Any) -> KeyVaultKey:
:dedent: 8
"""
bundle = self._client.restore_key(
self.vault_url,
parameters=self._models.KeyRestoreParameters(key_bundle_backup=backup),
**kwargs
)
Expand Down Expand Up @@ -841,7 +835,7 @@ def import_key(
release_policy=policy,
)

bundle = self._client.import_key(self.vault_url, name, parameters=parameters, **kwargs)
bundle = self._client.import_key(name, parameters=parameters, **kwargs)
return KeyVaultKey._from_key_bundle(bundle)

@distributed_trace
Expand Down Expand Up @@ -876,7 +870,6 @@ def release_key(
:raises ~azure.core.exceptions.HttpResponseError:
"""
result = self._client.release(
vault_base_url=self._vault_url,
key_name=name,
key_version=version or "",
parameters=self._models.KeyReleaseParameters(
Expand Down Expand Up @@ -911,7 +904,7 @@ def get_random_bytes(self, count: int, **kwargs: Any) -> bytes:
if count < 1:
raise ValueError("At least one random byte must be requested")
parameters = self._models.GetRandomBytesRequest(count=count)
result = self._client.get_random_bytes(vault_base_url=self._vault_url, parameters=parameters, **kwargs)
result = self._client.get_random_bytes(parameters=parameters, **kwargs)
return result.value

@distributed_trace
Expand All @@ -925,7 +918,7 @@ def get_key_rotation_policy(self, key_name: str, **kwargs: Any) -> KeyRotationPo
:raises ~azure.core.exceptions.HttpResponseError:
"""
policy = self._client.get_key_rotation_policy(vault_base_url=self._vault_url, key_name=key_name, **kwargs)
policy = self._client.get_key_rotation_policy(key_name=key_name, **kwargs)
return KeyRotationPolicy._from_generated(policy)

@distributed_trace
Expand All @@ -941,11 +934,11 @@ def rotate_key(self, name: str, **kwargs: Any) -> KeyVaultKey:
:raises ~azure.core.exceptions.HttpResponseError:
"""
bundle = self._client.rotate_key(vault_base_url=self._vault_url, key_name=name, **kwargs)
bundle = self._client.rotate_key(key_name=name, **kwargs)
return KeyVaultKey._from_key_bundle(bundle)

@distributed_trace
def update_key_rotation_policy(
def update_key_rotation_policy( # pylint: disable=unused-argument
self,
key_name: str,
policy: KeyRotationPolicy,
Expand Down Expand Up @@ -989,9 +982,7 @@ def update_key_rotation_policy(

attributes = self._models.KeyRotationPolicyAttributes(expiry_time=expires_in or policy.expires_in)
new_policy = self._models.KeyRotationPolicy(lifetime_actions=actions or [], attributes=attributes)
result = self._client.update_key_rotation_policy(
vault_base_url=self._vault_url, key_name=key_name, key_rotation_policy=new_policy, **kwargs
)
result = self._client.update_key_rotation_policy(key_name=key_name, key_rotation_policy=new_policy)
return KeyRotationPolicy._from_generated(result)

def __enter__(self) -> "KeyClient":
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,22 +2,31 @@
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# Code generated by Microsoft (R) AutoRest Code Generator.
# Code generated by Microsoft (R) Python Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------
# pylint: disable=wrong-import-position

from ._client import KeyVaultClient
from typing import TYPE_CHECKING

if TYPE_CHECKING:
from ._patch import * # pylint: disable=unused-wildcard-import

from ._client import KeyVaultClient # type: ignore
from ._version import VERSION

__version__ = VERSION

try:
from ._patch import __all__ as _patch_all
from ._patch import * # pylint: disable=unused-wildcard-import
from ._patch import *
except ImportError:
_patch_all = []
from ._patch import patch_sdk as _patch_sdk

__all__ = [
"KeyVaultClient",
]
__all__.extend([p for p in _patch_all if p not in __all__])
__all__.extend([p for p in _patch_all if p not in __all__]) # pyright: ignore

_patch_sdk()
Original file line number Diff line number Diff line change
Expand Up @@ -2,35 +2,42 @@
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# Code generated by Microsoft (R) AutoRest Code Generator.
# Code generated by Microsoft (R) Python Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------

from copy import deepcopy
from typing import Any
from typing import Any, TYPE_CHECKING
from typing_extensions import Self

from azure.core import PipelineClient
from azure.core.pipeline import policies
from azure.core.rest import HttpRequest, HttpResponse

from . import models as _models
from ._configuration import KeyVaultClientConfiguration
from ._operations import KeyVaultClientOperationsMixin
from ._serialization import Deserializer, Serializer

if TYPE_CHECKING:
from azure.core.credentials import TokenCredential

class KeyVaultClient(KeyVaultClientOperationsMixin): # pylint: disable=client-accepts-api-version-keyword

class KeyVaultClient(KeyVaultClientOperationsMixin):
"""The key vault client performs cryptographic key operations and vault operations against the Key
Vault service.
:keyword api_version: Api Version. Default value is "7.5". Note that overriding this default
value may result in unsupported behavior.
:param vault_base_url: Required.
:type vault_base_url: str
:param credential: Credential used to authenticate requests to the service. Required.
:type credential: ~azure.core.credentials.TokenCredential
:keyword api_version: The API version to use for this operation. Default value is
"7.6-preview.2". Note that overriding this default value may result in unsupported behavior.
:paramtype api_version: str
"""

def __init__(self, **kwargs: Any) -> None: # pylint: disable=missing-client-constructor-parameter-credential
def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None:
_endpoint = "{vaultBaseUrl}"
self._config = KeyVaultClientConfiguration(**kwargs)
self._config = KeyVaultClientConfiguration(vault_base_url=vault_base_url, credential=credential, **kwargs)
_policies = kwargs.pop("policies", None)
if _policies is None:
_policies = [
Expand All @@ -50,10 +57,8 @@ def __init__(self, **kwargs: Any) -> None: # pylint: disable=missing-client-con
]
self._client: PipelineClient = PipelineClient(base_url=_endpoint, policies=_policies, **kwargs)

client_models = {k: v for k, v in _models._models.__dict__.items() if isinstance(v, type)}
client_models.update({k: v for k, v in _models.__dict__.items() if isinstance(v, type)})
self._serialize = Serializer(client_models)
self._deserialize = Deserializer(client_models)
self._serialize = Serializer()
self._deserialize = Deserializer()
self._serialize.client_side_validation = False

def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs: Any) -> HttpResponse:
Expand All @@ -75,13 +80,19 @@ def send_request(self, request: HttpRequest, *, stream: bool = False, **kwargs:
"""

request_copy = deepcopy(request)
request_copy.url = self._client.format_url(request_copy.url)
path_format_arguments = {
"vaultBaseUrl": self._serialize.url(
"self._config.vault_base_url", self._config.vault_base_url, "str", skip_quote=True
),
}

request_copy.url = self._client.format_url(request_copy.url, **path_format_arguments)
return self._client.send_request(request_copy, stream=stream, **kwargs) # type: ignore

def close(self) -> None:
self._client.close()

def __enter__(self) -> "KeyVaultClient":
def __enter__(self) -> Self:
self._client.__enter__()
return self

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,18 @@
# --------------------------------------------------------------------------
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License. See License.txt in the project root for license information.
# Code generated by Microsoft (R) AutoRest Code Generator.
# Code generated by Microsoft (R) Python Code Generator.
# Changes may cause incorrect behavior and will be lost if the code is regenerated.
# --------------------------------------------------------------------------

from typing import Any
from typing import Any, TYPE_CHECKING

from azure.core.pipeline import policies

VERSION = "unknown"
from ._version import VERSION

if TYPE_CHECKING:
from azure.core.credentials import TokenCredential


class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attributes
Expand All @@ -19,16 +22,28 @@ class KeyVaultClientConfiguration: # pylint: disable=too-many-instance-attribut
Note that all parameters used to create this instance are saved as instance
attributes.
:keyword api_version: Api Version. Default value is "7.5". Note that overriding this default
value may result in unsupported behavior.
:param vault_base_url: Required.
:type vault_base_url: str
:param credential: Credential used to authenticate requests to the service. Required.
:type credential: ~azure.core.credentials.TokenCredential
:keyword api_version: The API version to use for this operation. Default value is
"7.6-preview.2". Note that overriding this default value may result in unsupported behavior.
:paramtype api_version: str
"""

def __init__(self, **kwargs: Any) -> None:
api_version: str = kwargs.pop("api_version", "7.5")
def __init__(self, vault_base_url: str, credential: "TokenCredential", **kwargs: Any) -> None:
api_version: str = kwargs.pop("api_version", "7.6-preview.2")

if vault_base_url is None:
raise ValueError("Parameter 'vault_base_url' must not be None.")
if credential is None:
raise ValueError("Parameter 'credential' must not be None.")

self.vault_base_url = vault_base_url
self.credential = credential
self.api_version = api_version
kwargs.setdefault("sdk_moniker", "keyvault/{}".format(VERSION))
self.credential_scopes = kwargs.pop("credential_scopes", ["https://vault.azure.net/.default"])
kwargs.setdefault("sdk_moniker", "keyvault-keys/{}".format(VERSION))
self.polling_interval = kwargs.get("polling_interval", 30)
self._configure(**kwargs)

Expand All @@ -42,3 +57,7 @@ def _configure(self, **kwargs: Any) -> None:
self.redirect_policy = kwargs.get("redirect_policy") or policies.RedirectPolicy(**kwargs)
self.retry_policy = kwargs.get("retry_policy") or policies.RetryPolicy(**kwargs)
self.authentication_policy = kwargs.get("authentication_policy")
if self.credential and not self.authentication_policy:
self.authentication_policy = policies.BearerTokenCredentialPolicy(
self.credential, *self.credential_scopes, **kwargs
)
Loading

0 comments on commit 3d9629b

Please sign in to comment.