w+dZddlmZddlmZddlmZddlZddlZddlZddlm Z ddlm Z ddl m Z dd l m Z d Zd Zd Zd ZdZGddej&ZGddeZGddeZGddeZGddeZGddeZGddeZGddeZdZd Zd!Zd"Z d(d#Z!d$Z"d%Z#Gd&d'e$Z%y))zCreate ECP configurations.)absolute_import)division)unicode_literalsN)config)log)files) platformsz/enterprise-certificate-proxy configuration filectjj}|s tdtj j |ddS)NzKUnable to find the SDK root path. The gcloud installation may be corrupted.platformenterprise_cert)rPathssdk_rootECPConfigErrorospathjoin)rs Dlib/googlecloudsdk/command_lib/auth/enterprise_certificate_config.pyget_platform_folderr!sB \\^ $ $(     h ,= >>c\tjj}|s td|S)NzJUnable to find the SDK bin path. The gcloud installation may be corrupted.)rr sdk_bin_pathr)rs rget_bin_folderr,s0,,,     rc2|r|StjSN)rCertConfigDefaultFilePath) output_files rget_config_pathr7s   ) ) ++rc|stjj}|jtjj k(rt jS|jtjjk(rt jS|jtjjk(rt jStdj|j)NzfUnsupported platform {}. Enterprise Certificate Proxy currently only supports OSX, Windows, and Linux.)r PlatformCurrentoperating_systemOperatingSystemMACOSX ConfigTypeKEYCHAINLINUXPKCS11WINDOWSMYSTORErformat)r s rplatform_to_configr+=s !!))+H )";";"B"BB     I$=$=$C$CC     I$=$=$E$EE     6 &** +  rceZdZdZdZdZdZy)r$N)__name__ __module__ __qualname__r'r%r)WORKLOADrrr$r$Os & ( ' (rr$ceZdZdZy)WindowsBinaryPathConfigc6|r|n'tjjtd|_|r|n'tjjt d|_|r||_ytjjt d|_y)Nzecp.exez libecp.dllzlibtls_offload.dllrrrrecpr ecp_client tls_offloadselfr:r;r<s r__init__z WindowsBinaryPathConfig.__init__Xsysrww||N, O   WW\\-/1E F rNr1r2r3r?r5rrr7r7V rr7ceZdZdZy)LinuxPathConfigc6|r|n'tjjtd|_|r|n'tjjt d|_|r||_ytjjt d|_y)Nr:z libecp.sozlibtls_offload.sor9r=s rr?zLinuxPathConfig.__init__hsysrww||N,rKrLrMrNs rr?zPKCS11Config.__init__s&DKDIDJdmrNr@r5rrrIrIsrrIceZdZdZy)KeyChainConfigc ||_||_yr)issuer keychain_type)r>rRrSs rr?zKeyChainConfig.__init__sDK&DrNr@r5rrrPrPs'rrPceZdZdZy) MyStoreConfigc.||_||_||_yr)rRstoreprovider)r>rRrWrXs rr?zMyStoreConfig.__init__sDKDJDMrNr@r5rrrUrUsrrUceZdZdZy)WorkloadConfigc ||_||_yr) cert_pathkey_path)r>r\r]s rr?zWorkloadConfig.__init__sDNDMrNr@r5rrrZrZsrrZc |r5|jdijdi}|jdi}ni}i}t|jddxs|jdd|jddxs|jdd|jddxs|jdd|jd dxs|jd d}t|jd dxs|jd d|jd dxs|jd d|jd dxs|jd d}dt|idt|ifS) a0Creates a Linux ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Linux config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. cert_configspkcs11libsrKNrLrrMrNr:r;r<)getrIrCvars) base_configkwargsbase_linux_configbase_libs_config ecp_config lib_configs rcreate_linux_configrjsd#;??"M"vr2 jj4 I$5$9$9(D$I jjB"3"7"7"B jj$G#4#8#8$#G jjT"M&7&;&;J&M *  jjB!1!5!5eT!B jjt$2   lD 1 jj%3   mT 2 * D$ %Z0@'A AArc |r|dd}|d}ni}i}t|jddxs|jdd|jddxs|jdd}t|jddxs|jdd|jd dxs|jd d|jd dxs|jd d}dt|idt|ifS) a0Creates a MacOS ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: MacOS config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. r_macos_keychainrarRNrSallr:r;r<)rPrbrFrc)rdrebase_macos_configrgrhris rcreate_macos_configros#N34DE"6* jj4 I$5$9$9(D$I jj%(7    6* % jjB!1!5!5eT!B jjt$2   lD 1 jj%3   mT 2 * D, -Z8H/I IIrc B|r|dd}|d}ni}i}t|jddxs|jdd|jddxs|jdd|jddxs|jdd}t|jddxs|jdd|jd dxs|jd d|jd dxs|jd d}dt|idt|ifS) a4Creates a Windows ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Windows config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. r_ windows_storerarRNrWrXr:r;r<)rUrbr7rc)rdrebase_windows_configrgrhris rcreate_windows_configrss/%n5oF"6* jj4 K$7$;$;Hd$K jj$I#6#:#:7D#I jjT"O&9&=&=j$&O* ' jjB!1!5!5eT!B jjt$2   lD 1 jj%3   mT 2 * 4 + ,vtJ7G.H HHrc |r |dd}ni}t|jddxs|jdd|jddxs|jdd}dt|iifS)a6Creates a Workload ECP Config. Args: base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: Workload config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. r_workloadr\Nr])rZrbrc)rdrebase_workload_configworkload_configs rcreate_workload_configrxs&~6zB" jjd#5  ! !+t 4 jjT"4  ! !*d 3 / d?+ ,b 00rc Z|tjk(rt|fi|\}}n|tjk(rt |fi|\}}n`|tj k(rt |fi|\}}n=|tjk(rt|fi|\}}ntdj|d|i|S)aCreates an ECP Config. Args: config_type: An ConfigType Enum that describes the type of ECP config. base_config: Optional parameter to use as a fallback for parameters that are not set in kwargs. **kwargs: config parameters. See go/enterprise-cert-config for valid variables. Returns: A dictionary object containing the ECP config. Raises: ECPConfigError: No valid config_type is specified. z|Unknown config_type {} passed to create enterprise certificate configuration. Valid options are: [PKCS11, KEYCHAIN, MYSTORE]r_) r$r'rjr%ror)rsr4rxrr*) config_typerdrerh libs_configs rcreate_ecp_configr|)s J%%%1+HHJ j)))1+HHJ j(((3KJ6JJ j)))4[KFKJ  M &    * 4 44rc t|dfi|}t|jdd}tj|t j |dtj|ty)zr __class__s rr?zECPConfigError.__init__js .$(*DLr)r1r2r3r? __classcell__)rs@rrrhs rrr)&__doc__ __future__rrrenumrrgooglecloudsdk.corerrgooglecloudsdk.core.utilrr rrrrr+Enumr$objectr7rCrFrIrPrUrZrjrorsrxr|rr Exceptionrr5rrrs!&' &#*.A ?, $ f  f  F  6'V'FV BFJDID165D22(Yr