o iq@sjddlmZmZddlmZddlmZmZddlm Z ddl m Z ddlm Z m Z Gd d d ee Zd S) )OptionalAny)AccessTokenInfo) AadClientAsyncContextManager) GetTokenMixin)get_client_credential)AadClientCertificatevalidate_tenant_idc seZdZdZddededeededdf fdd Zdd d Zdd d Z dededee fddZ dedede fddZ Z S)CertificateCredentialaAuthenticates as a service principal using a certificate. The certificate must have an RSA private key, because this credential signs assertions using RS256. See `Microsoft Entra ID documentation `__ for more information on configuring certificate authentication. :param str tenant_id: ID of the service principal's tenant. Also called its 'directory' ID. :param str client_id: The service principal's client ID :param str certificate_path: Optional path to a certificate file in PEM or PKCS12 format, including the private key. If not provided, **certificate_data** is required. :keyword str authority: Authority of a Microsoft Entra endpoint, for example 'login.microsoftonline.com', the authority for Azure Public Cloud (which is the default). :class:`~azure.identity.AzureAuthorityHosts` defines authorities for other clouds. :keyword bytes certificate_data: The bytes of a certificate in PEM or PKCS12 format, including the private key. :keyword password: The certificate's password. If a unicode string, it will be encoded as UTF-8. If the certificate requires a different encoding, pass appropriately encoded bytes instead. :paramtype password: str or bytes :keyword cache_persistence_options: Configuration for persistent token caching. If unspecified, the credential will cache tokens in memory. :paramtype cache_persistence_options: ~azure.identity.TokenCachePersistenceOptions :keyword List[str] additionally_allowed_tenants: Specifies tenants in addition to the specified "tenant_id" for which the credential may acquire tokens. Add the wildcard value "*" to allow the credential to acquire tokens for any tenant the application can access. .. admonition:: Example: .. literalinclude:: ../samples/credential_creation_code_snippets.py :start-after: [START create_certificate_credential_async] :end-before: [END create_certificate_credential_async] :language: python :dedent: 4 :caption: Create a CertificateCredential. N tenant_id client_idcertificate_pathkwargsreturnc sXt|t|fi|}t|d|dd|_t||fi||_||_t dS)NZ private_keyZ passphrase)password) r r r get _certificater_clientZ _client_idsuper__init__)selfrrrrZclient_credential __class__b/home/app/Keep/.python/lib/python3.10/site-packages/azure/identity/aio/_credentials/certificate.pyr3szCertificateCredential.__init__cs|jIdH|SN)r __aenter__rrrrr@sz CertificateCredential.__aenter__cs|jIdHdS)z)Close the credential's transport session.N)r __aexit__r rrrcloseDszCertificateCredential.closescopescs|jj|fi|Sr)rZget_cached_access_tokenrr#rrrr_acquire_token_silentlyIsz-CertificateCredential._acquire_token_silentlycs |jj||jfi|IdHSr)rZ"obtain_token_by_client_certificaterr$rrr_request_tokenLsz$CertificateCredential._request_tokenr)rr )rN)__name__ __module__ __qualname____doc__strrrrrr"rr%r& __classcell__rrrrr s($ r N)typingrrZazure.core.credentialsr _internalrrZ_internal.get_token_mixinrZ_credentials.certificater r r r rrrrs