[Keyvault] Fix Azure#26527: az keyvault certificate show: Show poli…

…cy.x509CertificateProperties.subjectAlternativeNames correctly (Azure#26530) * fix `az keyvault certificate show` policy.x509CertificateProperties.subjectAlternativeNames, which does not have to have all three components. * fix name
avgale · May 26, 2023 · b13f0e0 · b13f0e0
1 parent 523c6a2
commit b13f0e0
Show file tree

Hide file tree

Showing 5 changed files with 324 additions and 367 deletions.
diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/_transformers.py b/src/azure-cli/azure/cli/command_modules/keyvault/_transformers.py
@@ -294,16 +294,6 @@ def transform_certificate_show(result, **command_args):
 # pylint: disable=line-too-long,redefined-builtin
 def transform_certificate_policy(policy, policy_id):
     if policy is not None and not isinstance(policy, dict):
-        san_emails = getattr(policy, "san_emails", None)
-        san_dns_names = getattr(policy, "san_dns_names", None)
-        san_upns = getattr(policy, "san_user_principal_names", None)
-        subject_alternative_names = None
-        if san_emails and san_dns_names and san_upns:
-            subject_alternative_names = {
-                "emails": san_emails,
-                "upns": san_upns,
-                "dns_names": san_dns_names
-            }
         policy = {
             "attributes": {
                 "created": getattr(policy, "created_on", None),
@@ -342,7 +332,11 @@ def transform_certificate_policy(policy, policy_id):
                 "ekus": getattr(policy, "enhanced_key_usage", None),
                 "keyUsage": getattr(policy, "key_usage", None),
                 "subject": getattr(policy, "subject", None),
-                "subjectAlternativeNames": subject_alternative_names,
+                "subjectAlternativeNames": {
+                    "emails": getattr(policy, "san_emails", None),
+                    "upns": getattr(policy, "san_user_principal_names", None),
+                    "dnsNames": getattr(policy, "san_dns_names", None)
+                },
                 "validityInMonths": getattr(policy, "validity_in_months", None)
             }
         }

diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/policy.json b/src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/policy.json
@@ -36,7 +36,12 @@
       "keyCertSign"
     ],
     "subject": "C=US, ST=WA, L=Redmon, O=Test Noodle, OU=TestNugget, CN=www.mytestdomain.com",
-    "subject_alternative_names": null,
+    "subject_alternative_names": {
+      "dns_names": [
+        "1",
+        "2"
+      ]
+    },
     "validity_in_months": 60
   }
 }
diff --git a/src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/policy3.json b/src/azure-cli/azure/cli/command_modules/keyvault/tests/latest/policy3.json
@@ -1 +1 @@
-{"attributes": {"created": "2023-05-16T06:58:03+00:00", "enabled": true, "expires": null, "notBefore": null, "recoveryLevel": null, "updated": "2023-05-16T06:58:03+00:00"}, "id": "https://cli-test-kv-ct-ybd5og6g5.vault.azure.net/certificates/cert2/policy", "issuerParameters": {"certificateTransparency": null, "certificateType": null, "name": "Self"}, "keyProperties": {"curve": null, "exportable": true, "keySize": 2048, "keyType": "RSA", "reuseKey": false}, "lifetimeActions": [{"action": {"actionType": "AutoRenew"}, "trigger": {"daysBeforeExpiry": null, "lifetimePercentage": 90}}], "secretProperties": {"contentType": "application/x-pkcs12"}, "x509CertificateProperties": {"ekus": ["1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2"], "keyUsage": ["digitalSignature", "keyAgreement", "keyCertSign", "keyEncipherment", "nonRepudiation"], "subject": "C=US, ST=WA, L=Redmon, O=Test Noodle, OU=TestNugget, CN=www.mytestdomain.com", "subjectAlternativeNames": null, "validityInMonths": 60}}
+{"attributes": {"created": "2023-05-25T06:10:06+00:00", "enabled": true, "expires": null, "notBefore": null, "recoveryLevel": null, "updated": "2023-05-25T06:10:06+00:00"}, "id": "https://cli-test-kv-ct-pispzvs2c.vault.azure.net/certificates/cert2/policy", "issuerParameters": {"certificateTransparency": null, "certificateType": null, "name": "Self"}, "keyProperties": {"curve": null, "exportable": true, "keySize": 2048, "keyType": "RSA", "reuseKey": false}, "lifetimeActions": [{"action": {"actionType": "AutoRenew"}, "trigger": {"daysBeforeExpiry": null, "lifetimePercentage": 90}}], "secretProperties": {"contentType": "application/x-pkcs12"}, "x509CertificateProperties": {"ekus": ["1.3.6.1.5.5.7.3.1", "1.3.6.1.5.5.7.3.2"], "keyUsage": ["digitalSignature", "keyAgreement", "keyCertSign", "keyEncipherment", "nonRepudiation"], "subject": "C=US, ST=WA, L=Redmon, O=Test Noodle, OU=TestNugget, CN=www.mytestdomain.com", "subjectAlternativeNames": {"dnsNames": ["1", "2"], "emails": null, "upns": null}, "validityInMonths": 60}}