adds retire functionality for tpp

Author: Pmaraveyias

vcert/connection_tpp.py

@@ -76,6 +76,17 @@ def post(self, args):
 
         return self._post(url=url, data=data)
 
+    def put(self, args):
+        """
+
+        :param dict args:
+        :rtype: tuple[Any, Any]
+        """
+        url = args[self.ARG_URL] if self.ARG_URL in args else None
+        data = args[self.ARG_DATA] if self.ARG_DATA in args else None
+
+        return self._put(url=url, data=data)
+
     def _get(self, url="", params=None):
         if not self._token or self._token[1] < time.time() + 1:
             self.auth()
@@ -106,6 +117,22 @@ def _post(self, url, data=None):
             raise ClientBadData
         return self.process_server_response(r)
 
+    def _put(self, url, data=None):
+        if not self._token or self._token[1] < time.time() + 1:
+            self.auth()
+            log.debug(f"Token is {self._token[0]}, timeout is {self._token[1]}")
+
+        if isinstance(data, dict):
+            r = requests.put(f"{self._base_url}{url}",
+                              headers={TOKEN_HEADER_NAME: self._token[0],
+                                       'content-type': MIME_JSON,
+                                       'cache-control': "no-cache"},
+                              json=data,
+                              **self._http_request_kwargs)  # nosec B113
+        else:
+            log.error(f"Unexpected client data type: {type(data)} for {url}")
+            raise ClientBadData
+        return self.process_server_response(r)
     @staticmethod
     def _normalize_and_verify_base_url(u):
         if u.startswith('http://'):  # nosec

vcert/connection_tpp_abstract.py

@@ -59,6 +59,7 @@ class URLS:
     CERTIFICATE_REVOKE = API_BASE_URL + "certificates/revoke"
     CERTIFICATE_RENEW = API_BASE_URL + "certificates/renew"
     CERTIFICATE_SEARCH = API_BASE_URL + "certificates/"
+    CERTIFICATE_UPDATE = API_BASE_URL + "certificates/"
     CERTIFICATE_IMPORT = API_BASE_URL + "certificates/import"
     ZONE_CONFIG = API_BASE_URL + "certificates/checkpolicy"
     CONFIG_READ_DN = API_BASE_URL + "Config/ReadDn"
@@ -349,23 +350,37 @@ def revoke_cert(self, request):
         raise ServerUnexptedBehavior
 
     def retire_cert(self, request):
-        if not (request.id or request.thumbprint):
+        if not (request.id or request.thumbprint or request.guid):
             raise ClientBadData
-        d = {
-            'Disable': request.disable
+        data = {
+            'AttributeData': [
+                {
+                    'Name': 'Disabled',
+                    'Value': [
+                        '1'
+                    ]
+                }
+            ]
         }
-        if request.reason:
-            d['Reason'] = request.reason
         if request.id:
-            d['CertificateDN'] = request.id
-        elif request.thumbprint:
-            d['Thumbprint'] = request.thumbprint
+            cert_guid = self.get_certificate_guid_from_dn(request.id)
+        elif request.guid:
+            cert_guid = request.guid
         else:
             raise ClientBadData
-        if request.comments:
-            d['Comments'] = request.comments
-        # TODO: Change _post() with post(args)
-        status, data = self._post(URLS.CERTIFICATE_REVOKE, data=d)
+
+        if request.description:
+            data['AttributeData'] += {
+                'Name': 'Description',
+                'Value': [
+                    request.description
+                ]
+            }
+        args = {
+            self.ARG_URL: URLS.CERTIFICATE_UPDATE+cert_guid,
+            self.ARG_DATA: data
+        }
+        status, data = self.put(args)
         if status in (HTTPStatus.OK, HTTPStatus.ACCEPTED):
             return data
 
@@ -755,6 +770,14 @@ def post(self, args):
         """
         raise NotImplementedError
 
+    def put(self, args):
+        """
+
+        :param dict args:
+        :rtype: tuple[Any, Any]
+        """
+        raise NotImplementedError
+
     # ======================================== API IMPLEMENTATION ENDS ======================================== #
     # ========================================================================================================= #