com.azure.security.keyvault.certificates.CertificateClient Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of azure-security-keyvault-certificates Show documentation
Show all versions of azure-security-keyvault-certificates Show documentation
This module contains client library for Microsoft Azure KeyVault Certificates.
The newest version!
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
package com.azure.security.keyvault.certificates;
import com.azure.core.annotation.ReturnType;
import com.azure.core.annotation.ServiceClient;
import com.azure.core.annotation.ServiceMethod;
import com.azure.core.exception.HttpRequestException;
import com.azure.core.exception.HttpResponseException;
import com.azure.core.exception.ResourceModifiedException;
import com.azure.core.exception.ResourceNotFoundException;
import com.azure.core.http.rest.PagedIterable;
import com.azure.core.http.rest.Response;
import com.azure.core.http.rest.SimpleResponse;
import com.azure.core.util.Context;
import com.azure.core.util.logging.ClientLogger;
import com.azure.core.util.polling.LongRunningOperationStatus;
import com.azure.core.util.polling.PollResponse;
import com.azure.core.util.polling.PollingContext;
import com.azure.core.util.polling.SyncPoller;
import com.azure.security.keyvault.certificates.implementation.CertificateClientImpl;
import com.azure.security.keyvault.certificates.implementation.CertificateIssuerHelper;
import com.azure.security.keyvault.certificates.implementation.CertificateOperationHelper;
import com.azure.security.keyvault.certificates.implementation.CertificatePolicyHelper;
import com.azure.security.keyvault.certificates.implementation.DeletedCertificateHelper;
import com.azure.security.keyvault.certificates.implementation.KeyVaultCertificateWithPolicyHelper;
import com.azure.security.keyvault.certificates.implementation.models.BackupCertificateResult;
import com.azure.security.keyvault.certificates.implementation.models.CertificateAttributes;
import com.azure.security.keyvault.certificates.implementation.models.CertificateBundle;
import com.azure.security.keyvault.certificates.implementation.models.Contacts;
import com.azure.security.keyvault.certificates.implementation.models.IssuerBundle;
import com.azure.security.keyvault.certificates.implementation.models.KeyVaultErrorException;
import com.azure.security.keyvault.certificates.models.CertificateContact;
import com.azure.security.keyvault.certificates.models.CertificateIssuer;
import com.azure.security.keyvault.certificates.models.CertificateOperation;
import com.azure.security.keyvault.certificates.models.CertificatePolicy;
import com.azure.security.keyvault.certificates.models.CertificatePolicyAction;
import com.azure.security.keyvault.certificates.models.CertificateProperties;
import com.azure.security.keyvault.certificates.models.DeletedCertificate;
import com.azure.security.keyvault.certificates.models.ImportCertificateOptions;
import com.azure.security.keyvault.certificates.models.IssuerProperties;
import com.azure.security.keyvault.certificates.models.KeyVaultCertificate;
import com.azure.security.keyvault.certificates.models.KeyVaultCertificateWithPolicy;
import com.azure.security.keyvault.certificates.models.LifetimeAction;
import com.azure.security.keyvault.certificates.models.MergeCertificateOptions;
import java.net.HttpURLConnection;
import java.time.Duration;
import java.util.List;
import java.util.Map;
import java.util.function.Function;
import java.util.function.Supplier;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.mapCertificateItemPage;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.mapContactsToPagedResponse;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.mapDeletedCertificateItemPage;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.mapIssuersPagedResponse;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.processCertificateOperationResponse;
import static com.azure.security.keyvault.certificates.CertificateAsyncClient.transformCertificateForImport;
import static com.azure.security.keyvault.certificates.implementation.CertificateIssuerHelper.getIssuerBundle;
import static com.azure.security.keyvault.certificates.implementation.CertificateOperationHelper.createCertificateOperation;
import static com.azure.security.keyvault.certificates.implementation.CertificatePolicyHelper.getImplCertificatePolicy;
import static com.azure.security.keyvault.certificates.implementation.DeletedCertificateHelper.createDeletedCertificate;
import static com.azure.security.keyvault.certificates.implementation.KeyVaultCertificateWithPolicyHelper.createCertificateWithPolicy;
/**
* The CertificateClient provides synchronous methods to manage {@link KeyVaultCertificate certifcates} in the key
* vault. The client supports creating, retrieving, updating, merging, deleting, purging, backing up, restoring and
* listing the {@link KeyVaultCertificate certificates}. The client also supports listing
* {@link DeletedCertificate deleted certificates} for a soft-delete enabled key vault.
*
* The client further allows creating, retrieving, updating, deleting and listing the
* {@link CertificateIssuer certificate issuers}. The client also supports creating, listing and deleting
* {@link CertificateContact certificate contacts}
*
* Getting Started
*
* In order to interact with the Azure Key Vault service, you will need to create an instance of the
* {@link CertificateClient} class, a vault url and a credential object.
*
* The examples shown in this document use a credential object named DefaultAzureCredential for authentication,
* which is appropriate for most scenarios, including local development and production environments. Additionally,
* we recommend using a
*
* managed identity for authentication in production environments.
* You can find more information on different ways of authenticating and their corresponding credential types in the
*
* Azure Identity documentation".
*
* Sample: Construct Synchronous Certificate Client
*
* The following code sample demonstrates the creation of a {@link CertificateClient},
* using the {@link CertificateClientBuilder} to configure it.
*
*
*
* CertificateClient certificateClient = new CertificateClientBuilder()
* .credential(new DefaultAzureCredentialBuilder().build())
* .vaultUrl("<your-key-vault-url>")
* .httpLogOptions(new HttpLogOptions().setLogLevel(HttpLogDetailLevel.BODY_AND_HEADERS))
* .buildClient();
*
*
*
*
*
*
*
* Create a Certificate
* The {@link CertificateClient} can be used to create a certificate in the key vault.
*
* Code Sample:
* The following code sample demonstrates how to synchronously create a certificate in the key vault,
* using the {@link CertificateClient#beginCreateCertificate(String, CertificatePolicy)} API.
*
*
*
* CertificatePolicy certPolicy = new CertificatePolicy("Self",
* "CN=SelfSignedJavaPkcs12");
* SyncPoller<CertificateOperation, KeyVaultCertificateWithPolicy> certPoller = certificateClient
* .beginCreateCertificate("certificateName", certPolicy);
* certPoller.waitUntil(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED);
* KeyVaultCertificate cert = certPoller.getFinalResult();
* System.out.printf("Certificate created with name %s%n", cert.getName());
*
*
*
* Note: For the asynchronous sample, refer to {@link CertificateAsyncClient}.
*
*
*
*
*
* Get a Certificate
* The {@link CertificateClient} can be used to retrieve a certificate from the key vault.
*
* Code Sample:
* The following code sample demonstrates how to synchronously retrieve a certificate from the key vault, using
* the {@link CertificateClient#getCertificate(String)} API.
*
*
*
* CertificatePolicy policy = certificateClient.getCertificatePolicy("certificateName");
* System.out.printf("Received policy with subject name %s%n", policy.getSubject());
*
*
*
* Note: For the asynchronous sample, refer to {@link CertificateAsyncClient}.
*
*
*
*
*
* Delete a Certificate
* The {@link CertificateClient} can be used to delete a certificate from the key vault.
*
* Code Sample:
* The following code sample demonstrates how to synchronously delete a certificate from the
* key vault, using the {@link CertificateClient#beginDeleteCertificate(String)} API.
*
*
*
* SyncPoller<DeletedCertificate, Void> deleteCertPoller =
* certificateClient.beginDeleteCertificate("certificateName");
* // Deleted Certificate is accessible as soon as polling beings.
* PollResponse<DeletedCertificate> deleteCertPollResponse = deleteCertPoller.poll();
* System.out.printf("Deleted certificate with name %s and recovery id %s%n",
* deleteCertPollResponse.getValue().getName(), deleteCertPollResponse.getValue().getRecoveryId());
* deleteCertPoller.waitForCompletion();
*
*
*
* Note: For the asynchronous sample, refer to {@link CertificateAsyncClient}.
*
* @see com.azure.security.keyvault.certificates
* @see CertificateClientBuilder
*/
@ServiceClient(builder = CertificateClientBuilder.class,
serviceInterfaces = CertificateClientImpl.CertificateClientService.class)
public final class CertificateClient {
private static final ClientLogger LOGGER = new ClientLogger(CertificateClient.class);
private final CertificateClientImpl implClient;
private final String vaultUrl;
/**
* Creates a CertificateClient that uses {@code pipeline} to service requests
*
* @param implClient The implementation client to route requests through.
* @param vaultUrl The vault url.
*/
CertificateClient(CertificateClientImpl implClient, String vaultUrl) {
this.implClient = implClient;
this.vaultUrl = vaultUrl;
}
/**
* Get the vault endpoint url to which service requests are sent to.
* @return the vault endpoint url
*/
public String getVaultUrl() {
return vaultUrl;
}
/**
* Creates a new certificate. If this is the first version, the certificate resource is created. This operation
* requires the certificates/create permission.
*
* Create certificate is a long running operation. It indefinitely waits for the create certificate operation to
* complete on service side.
*
* Code Samples
* Create certificate is a long running operation. The createCertificate indefinitely waits for the operation to
* complete and returns its last status. The details of the last certificate operation status are printed when a
* response is received
*
*
*
* CertificatePolicy certificatePolicyPkcsSelf = new CertificatePolicy("Self",
* "CN=SelfSignedJavaPkcs12");
* SyncPoller<CertificateOperation, KeyVaultCertificateWithPolicy> certificateSyncPoller = certificateClient
* .beginCreateCertificate("certificateName", certificatePolicyPkcsSelf, true, new HashMap<>());
* certificateSyncPoller.waitUntil(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED);
* KeyVaultCertificate createdCertificate = certificateSyncPoller.getFinalResult();
* System.out.printf("Certificate created with name %s%n", createdCertificate.getName());
*
*
*
* @param certificateName The name of the certificate to be created.
* @param policy The policy of the certificate to be created.
* @param isEnabled The enabled status of the certificate.
* @param tags The application specific metadata to set.
* @throws NullPointerException if {@code policy} is null.
* @throws ResourceModifiedException when invalid certificate policy configuration is provided.
* @return A {@link SyncPoller} to poll on the create certificate operation status.
*/
@ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
public SyncPoller beginCreateCertificate(
String certificateName, CertificatePolicy policy, Boolean isEnabled, Map tags) {
if (policy == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'policy' cannot be null."));
}
return SyncPoller.createPoller(Duration.ofSeconds(1),
ignored -> createCertificateActivation(certificateName, policy, isEnabled, tags),
ignored -> certificatePollOperation(certificateName),
(ignored1, ignored2) -> certificateCancellationOperation(certificateName),
ignored -> fetchCertificateOperation(certificateName));
}
private PollResponse createCertificateActivation(String certificateName,
CertificatePolicy policy, Boolean isEnabled, Map tags) {
com.azure.security.keyvault.certificates.implementation.models.CertificatePolicy implPolicy =
getImplCertificatePolicy(policy);
return new PollResponse<>(LongRunningOperationStatus.NOT_STARTED, createCertificateOperation(
callWithMappedException(() -> implClient.createCertificate(vaultUrl, certificateName, implPolicy,
new CertificateAttributes().setEnabled(isEnabled), tags),
CertificateAsyncClient::mapCreateCertificateException)));
}
private PollResponse certificatePollOperation(String certificateName) {
return processCertificateOperationResponse(callWithMappedException(() -> implClient.getCertificateOperation(
vaultUrl, certificateName), CertificateAsyncClient::mapGetCertificateOperationException));
}
private CertificateOperation certificateCancellationOperation(String certificateName) {
return createCertificateOperation(callWithMappedException(() -> implClient.updateCertificateOperation(vaultUrl,
certificateName, true), CertificateAsyncClient::mapUpdateCertificateOperationException));
}
private KeyVaultCertificateWithPolicy fetchCertificateOperation(String certificateName) {
return createCertificateWithPolicy(callWithMappedException(() -> implClient.getCertificate(vaultUrl,
certificateName, null), CertificateAsyncClient::mapGetCertificateException));
}
/**
* Creates a new certificate. If this is the first version, the certificate resource is created. This operation
* requires the certificates/create permission.
*
* Create certificate is a long running operation. It indefinitely waits for the create certificate operation to
* complete on service side.
*
* Code Samples
* Create certificate is a long running operation. The createCertificate indefinitely waits for the operation to
* complete and returns its last status. The details of the last certificate operation status are printed when a
* response is received
*
*
*
* CertificatePolicy certPolicy = new CertificatePolicy("Self",
* "CN=SelfSignedJavaPkcs12");
* SyncPoller<CertificateOperation, KeyVaultCertificateWithPolicy> certPoller = certificateClient
* .beginCreateCertificate("certificateName", certPolicy);
* certPoller.waitUntil(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED);
* KeyVaultCertificate cert = certPoller.getFinalResult();
* System.out.printf("Certificate created with name %s%n", cert.getName());
*
*
*
* @param certificateName The name of the certificate to be created.
* @param policy The policy of the certificate to be created.
* @throws NullPointerException if {@code policy} is null.
* @throws ResourceModifiedException when invalid certificate policy configuration is provided.
* @return A {@link SyncPoller} to poll on the create certificate operation status.
*/
@ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
public SyncPoller beginCreateCertificate(
String certificateName, CertificatePolicy policy) {
return beginCreateCertificate(certificateName, policy, true, null);
}
/**
* Gets a pending {@link CertificateOperation} from the key vault. This operation requires the certificates/get
* permission.
*
* Code Samples
* Geta a pending certificate operation. The {@link SyncPoller poller} allows users to automatically poll on the
* certificate operation status.
*
*
*
* SyncPoller<CertificateOperation, KeyVaultCertificateWithPolicy> getCertPoller = certificateClient
* .getCertificateOperation("certificateName");
* getCertPoller.waitUntil(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED);
* KeyVaultCertificate cert = getCertPoller.getFinalResult();
* System.out.printf("Certificate created with name %s%n", cert.getName());
*
*
*
* @param certificateName The name of the certificate.
* @throws ResourceNotFoundException when a certificate operation for a certificate with {@code certificateName}
* doesn't exist.
* @return A {@link SyncPoller} to poll on the certificate operation status.
*/
@ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
public SyncPoller getCertificateOperation(
String certificateName) {
return SyncPoller.createPoller(Duration.ofSeconds(1),
ignored -> new PollResponse<>(LongRunningOperationStatus.NOT_STARTED, null),
ignored -> certificatePollOperation(certificateName),
(ignored1, ignored2) -> certificateCancellationOperation(certificateName),
ignored -> fetchCertificateOperation(certificateName));
}
/**
* Gets information about the latest version of the specified certificate. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets a specific version of the certificate in the key vault. Prints out the returned certificate details when
* a response has been received.
*
*
*
* KeyVaultCertificateWithPolicy certificate = certificateClient.getCertificate("certificateName");
* System.out.printf("Received certificate with name %s and version %s and secret id %s%n",
* certificate.getProperties().getName(),
* certificate.getProperties().getVersion(), certificate.getSecretId());
*
*
*
* @param certificateName The name of the certificate to retrieve, cannot be null
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return The requested {@link KeyVaultCertificateWithPolicy certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificateWithPolicy getCertificate(String certificateName) {
return getCertificateWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Gets information about the latest version of the specified certificate. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets a specific version of the certificate in the key vault. Prints out the returned certificate details when
* a response has been received.
*
*
*
* Response<KeyVaultCertificateWithPolicy> certificateWithResponse = certificateClient
* .getCertificateWithResponse("certificateName", new Context(key1, value1));
* System.out.printf("Received certificate with name %s and version %s and secret id %s%n",
* certificateWithResponse.getValue().getProperties().getName(),
* certificateWithResponse.getValue().getProperties().getVersion(), certificate.getSecretId());
*
*
*
* @param certificateName The name of the certificate to retrieve, cannot be null
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the requested
* {@link KeyVaultCertificateWithPolicy certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response getCertificateWithResponse(String certificateName, Context context) {
return callWithMappedResponseAndException(() -> implClient.getCertificateWithResponse(
vaultUrl, certificateName, null, context), KeyVaultCertificateWithPolicyHelper::createCertificateWithPolicy,
CertificateAsyncClient::mapGetCertificateException);
}
/**
* Gets information about the latest version of the specified certificate. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets a specific version of the certificate in the key vault. Prints out the returned certificate details when
* a response has been received.
*
*
*
* Response<KeyVaultCertificate> returnedCertificateWithResponse = certificateClient
* .getCertificateVersionWithResponse("certificateName", "certificateVersion",
* new Context(key1, value1));
* System.out.printf("Received certificate with name %s and version %s and secret id %s%n",
* returnedCertificateWithResponse.getValue().getProperties().getName(),
* returnedCertificateWithResponse.getValue().getProperties().getVersion(),
* returnedCertificateWithResponse.getValue().getSecretId());
*
*
*
* @param certificateName The name of the certificate to retrieve, cannot be null
* @param version The version of the certificate to retrieve. If this is an empty String or null then latest version
* of the certificate is retrieved.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the requested
* {@link KeyVaultCertificate certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response getCertificateVersionWithResponse(String certificateName, String version,
Context context) {
return callWithMappedResponseAndException(() -> implClient.getCertificateWithResponse(vaultUrl, certificateName,
version, context), KeyVaultCertificateWithPolicyHelper::createCertificateWithPolicy,
CertificateAsyncClient::mapGetCertificateException);
}
/**
* Gets information about the specified version of the specified certificate. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets a specific version of the certificate in the key vault. Prints out the returned certificate details when
* a response has been received.
*
*
*
* KeyVaultCertificate returnedCertificate = certificateClient.getCertificateVersion("certificateName",
* "certificateVersion");
* System.out.printf("Received certificate with name %s and version %s and secret id %s%n",
* returnedCertificate.getProperties().getName(), returnedCertificate.getProperties().getVersion(),
* returnedCertificate.getSecretId());
*
*
*
* @param certificateName The name of the certificate to retrieve, cannot be null
* @param version The version of the certificate to retrieve. If this is an empty String or null then latest version
* of the certificate is retrieved.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return The requested {@link KeyVaultCertificate certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificate getCertificateVersion(String certificateName, String version) {
return getCertificateVersionWithResponse(certificateName, version, Context.NONE).getValue();
}
/**
* Updates the specified attributes associated with the specified certificate. The update operation changes
* specified attributes of an existing stored certificate and attributes that are not specified in the request are
* left unchanged. This operation requires the certificates/update permission.
*
* Code Samples
* Gets latest version of the certificate, changes its tags and enabled status and then updates it in the Azure
* Key Vault. Prints out the returned certificate details when a response has been received.
*
*
*
* KeyVaultCertificate certificate = certificateClient.getCertificate("certificateName");
* // Update certificate enabled status
* certificate.getProperties().setEnabled(false);
* KeyVaultCertificate updatedCertificate = certificateClient.updateCertificateProperties(certificate.getProperties());
* System.out.printf("Updated Certificate with name %s and enabled status %s%n",
* updatedCertificate.getProperties().getName(), updatedCertificate.getProperties().isEnabled());
*
*
*
* @param properties The {@link CertificateProperties} object with updated properties.
* @throws NullPointerException if {@code properties} is null.
* @throws ResourceNotFoundException when a certificate with {@link CertificateProperties#getName() certificateName}
* and {@link CertificateProperties#getVersion() version} doesn't exist in the key vault.
* @throws HttpRequestException if {@link CertificateProperties#getName() certificateName} or
* {@link CertificateProperties#getVersion() version} is empty string.
* @return The {@link CertificateProperties updated certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificate updateCertificateProperties(CertificateProperties properties) {
return updateCertificatePropertiesWithResponse(properties, Context.NONE).getValue();
}
/**
* Updates the specified attributes associated with the specified certificate. The update operation changes
* specified attributes of an existing stored certificate and attributes that are not specified in the request are
* left unchanged. This operation requires the certificates/update permission.
*
* Code Samples
* Gets latest version of the certificate, changes its tags and enabled status and then updates it in the Azure
* Key Vault. Prints out the returned certificate details when a response has been received.
*
*
*
* KeyVaultCertificate certificateToUpdate = certificateClient.getCertificate("certificateName");
* // Update certificate enabled status
* certificateToUpdate.getProperties().setEnabled(false);
* Response<KeyVaultCertificate> updatedCertificateResponse = certificateClient.
* updateCertificatePropertiesWithResponse(certificateToUpdate.getProperties(), new Context(key1, value1));
* System.out.printf("Updated Certificate with name %s and enabled status %s%n",
* updatedCertificateResponse.getValue().getProperties().getName(),
* updatedCertificateResponse.getValue().getProperties().isEnabled());
*
*
*
* @param properties The {@link CertificateProperties} object with updated properties.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws NullPointerException if {@code properties} is null.
* @throws ResourceNotFoundException when a certificate with {@link CertificateProperties#getName() certificateName}
* and {@link CertificateProperties#getVersion() version} doesn't exist in the key vault.
* @throws HttpRequestException if {@link CertificateProperties#getName() certificateName} or
* {@link CertificateProperties#getVersion() version} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the {@link CertificateProperties updated certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response updateCertificatePropertiesWithResponse(CertificateProperties properties,
Context context) {
if (properties == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'properties' cannot be null."));
}
CertificateAttributes certificateAttributes = new CertificateAttributes()
.setEnabled(properties.isEnabled())
.setExpires(properties.getExpiresOn())
.setNotBefore(properties.getNotBefore());
Response response = implClient.updateCertificateWithResponse(vaultUrl, properties.getName(),
properties.getVersion(), null, certificateAttributes, properties.getTags(), context);
return new SimpleResponse<>(response, createCertificateWithPolicy(response.getValue()));
}
/**
* Deletes a certificate from a specified key vault. All the versions of the certificate along with its associated
* policy get deleted. If soft-delete is enabled on the key vault then the certificate is placed in the deleted
* state and requires to be purged for permanent deletion else the certificate is permanently deleted. The delete
* operation applies to any certificate stored in Azure Key Vault, but it cannot be applied to an individual version
* of a certificate. This operation requires the certificates/delete permission.
*
* Code Samples
* Deletes the certificate in the Azure Key Vault. Prints out the deleted certificate details when a response has
* been received.
*
*
*
* SyncPoller<DeletedCertificate, Void> deleteCertPoller =
* certificateClient.beginDeleteCertificate("certificateName");
* // Deleted Certificate is accessible as soon as polling beings.
* PollResponse<DeletedCertificate> deleteCertPollResponse = deleteCertPoller.poll();
* System.out.printf("Deleted certificate with name %s and recovery id %s%n",
* deleteCertPollResponse.getValue().getName(), deleteCertPollResponse.getValue().getRecoveryId());
* deleteCertPoller.waitForCompletion();
*
*
*
* @param certificateName The name of the certificate to be deleted.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link SyncPoller} to poll on and retrieve {@link DeletedCertificate deleted certificate}.
*/
@ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
public SyncPoller beginDeleteCertificate(String certificateName) {
return SyncPoller.createPoller(Duration.ofSeconds(1), ignored -> deleteCertificateActivation(certificateName),
pollingContext -> deleteCertificatePollOperation(certificateName, pollingContext),
(pollingContext, firstResponse) -> null, pollingContext -> null);
}
private PollResponse deleteCertificateActivation(String certificateName) {
return new PollResponse<>(LongRunningOperationStatus.NOT_STARTED,
createDeletedCertificate(callWithMappedException(() -> implClient.deleteCertificate(vaultUrl,
certificateName), CertificateAsyncClient::mapDeleteCertificateException)));
}
private PollResponse deleteCertificatePollOperation(String certificateName,
PollingContext pollingContext) {
try {
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
createDeletedCertificate(implClient.getDeletedCertificate(vaultUrl, certificateName)));
} catch (KeyVaultErrorException ex) {
if (ex.getResponse().getStatusCode() == HttpURLConnection.HTTP_NOT_FOUND) {
return new PollResponse<>(LongRunningOperationStatus.IN_PROGRESS,
pollingContext.getLatestResponse().getValue());
} else {
// This means either vault has soft-delete disabled or permission is not granted for the get deleted
// certificate operation. In both cases deletion operation was successful when activation operation
// succeeded before reaching here.
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
pollingContext.getLatestResponse().getValue());
}
} catch (Exception ex) {
// This means either vault has soft-delete disabled or permission is not granted for the get deleted
// certificate operation. In both cases deletion operation was successful when activation operation
// succeeded before reaching here.
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
pollingContext.getLatestResponse().getValue());
}
}
/**
* Retrieves information about the specified deleted certificate. The GetDeletedCertificate operation is applicable
* for soft-delete enabled vaults and additionally retrieves deleted certificate's attributes, such as retention
* interval, scheduled permanent deletion and the current deletion recovery level. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets the deleted certificate from the key vault enabled for soft-delete. Prints out the deleted certificate
* details when a response has been received.
*
*
*
* DeletedCertificate deletedCertificate = certificateClient.getDeletedCertificate("certificateName");
* System.out.printf("Deleted certificate with name %s and recovery id %s%n", deletedCertificate.getName(),
* deletedCertificate.getRecoveryId());
*
*
*
* @param certificateName The name of the deleted certificate.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return The {@link DeletedCertificate deleted certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public DeletedCertificate getDeletedCertificate(String certificateName) {
return getDeletedCertificateWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Retrieves information about the specified deleted certificate. The GetDeletedCertificate operation is applicable
* for soft-delete enabled vaults and additionally retrieves deleted certificate's attributes, such as retention
* interval, scheduled permanent deletion and the current deletion recovery level. This operation requires the
* certificates/get permission.
*
* Code Samples
* Gets the deleted certificate from the key vault enabled for soft-delete. Prints out the deleted certificate
* details when a response has been received.
*
*
*
* Response<DeletedCertificate> deletedCertificateWithResponse = certificateClient
* .getDeletedCertificateWithResponse("certificateName", new Context(key1, value1));
* System.out.printf("Deleted certificate with name %s and recovery id %s%n",
* deletedCertificateWithResponse.getValue().getName(),
* deletedCertificateWithResponse.getValue().getRecoveryId());
*
*
*
* @param certificateName The name of the deleted certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link DeletedCertificate deleted certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response getDeletedCertificateWithResponse(String certificateName, Context context) {
return callWithMappedResponseAndException(() -> implClient.getDeletedCertificateWithResponse(vaultUrl,
certificateName, context), DeletedCertificateHelper::createDeletedCertificate,
CertificateAsyncClient::mapGetDeletedCertificateException);
}
/**
* Permanently deletes the specified deleted certificate without possibility for recovery. The Purge Deleted
* Certificate operation is applicable for soft-delete enabled vaults and is not available if the recovery level
* does not specify 'Purgeable'. This operation requires the certificate/purge permission.
*
* Code Samples
* Purges the deleted certificate from the key vault enabled for soft-delete. Prints out the status code from the
* server response when a response has been received.
*
*
* certificateClient.purgeDeletedCertificate("certificateName");
*
*
*
* @param certificateName The name of the deleted certificate.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public void purgeDeletedCertificate(String certificateName) {
purgeDeletedCertificateWithResponse(certificateName, Context.NONE);
}
/**
* Permanently deletes the specified deleted certificate without possibility for recovery. The Purge Deleted
* Certificate operation is applicable for soft-delete enabled vaults and is not available if the recovery level
* does not specify 'Purgeable'. This operation requires the certificate/purge permission.
*
* Code Samples
* Purges the deleted certificate from the key vault enabled for soft-delete. Prints out the status code from the
* server response when a response has been received.
*
*
* Response<Void> purgeResponse = certificateClient.purgeDeletedCertificateWithResponse("certificateName",
* new Context(key1, value1));
* System.out.printf("Purged Deleted certificate with status %d%n", purgeResponse.getStatusCode());
*
*
*
* @param certificateName The name of the deleted certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A response containing status code and HTTP headers.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response purgeDeletedCertificateWithResponse(String certificateName, Context context) {
return callWithMappedResponseAndException(() -> implClient.purgeDeletedCertificateWithResponse(vaultUrl,
certificateName, context), t -> t, CertificateAsyncClient::mapPurgeDeletedCertificateException);
}
/**
* Recovers the deleted certificate back to its current version under /certificates and can only be performed on a
* soft-delete enabled vault. The RecoverDeletedCertificate operation performs the reversal of the Delete operation
* and must be issued during the retention interval (available in the deleted certificate's attributes). This
* operation requires the certificates/recover permission.
*
* Code Samples
* Recovers the deleted certificate from the key vault enabled for soft-delete. Prints out the recovered
* certificate details when a response has been received.
*
*
*
* SyncPoller<KeyVaultCertificateWithPolicy, Void> recoverDeletedCertPoller = certificateClient
* .beginRecoverDeletedCertificate("deletedCertificateName");
* // Recovered certificate is accessible as soon as polling beings
* PollResponse<KeyVaultCertificateWithPolicy> recoverDeletedCertPollResponse = recoverDeletedCertPoller.poll();
* System.out.printf(" Recovered Deleted certificate with name %s and id %s%n",
* recoverDeletedCertPollResponse.getValue().getProperties().getName(),
* recoverDeletedCertPollResponse.getValue().getProperties().getId());
* recoverDeletedCertPoller.waitForCompletion();
*
*
*
* @param certificateName The name of the deleted certificate to be recovered.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the
* certificate vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link SyncPoller} to poll on and retrieve {@link KeyVaultCertificateWithPolicy recovered certificate}.
*/
@ServiceMethod(returns = ReturnType.LONG_RUNNING_OPERATION)
public SyncPoller beginRecoverDeletedCertificate(String certificateName) {
return SyncPoller.createPoller(Duration.ofSeconds(1),
ignored -> recoverDeletedCertificateActivation(certificateName),
pollingContext -> recoverDeletedCertificatePollOperation(certificateName, pollingContext),
(pollingContext, firstResponse) -> null, pollingContext -> null);
}
private PollResponse recoverDeletedCertificateActivation(String certificateName) {
return new PollResponse<>(LongRunningOperationStatus.NOT_STARTED, createCertificateWithPolicy(
callWithMappedException(() -> implClient.recoverDeletedCertificate(vaultUrl, certificateName),
CertificateAsyncClient::mapRecoverDeletedCertificateException)));
}
private PollResponse recoverDeletedCertificatePollOperation(String certificateName,
PollingContext pollingContext) {
try {
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
createCertificateWithPolicy(implClient.getCertificate(vaultUrl, certificateName, null)));
} catch (KeyVaultErrorException ex) {
if (ex.getResponse().getStatusCode() == HttpURLConnection.HTTP_NOT_FOUND) {
return new PollResponse<>(LongRunningOperationStatus.IN_PROGRESS,
pollingContext.getLatestResponse().getValue());
} else {
// This means permission is not granted for the get deleted key operation.
// In both cases deletion operation was successful when activation operation succeeded before
// reaching here.
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
pollingContext.getLatestResponse().getValue());
}
} catch (Exception ex) {
// This means permission is not granted for the get deleted key operation.
// In both cases deletion operation was successful when activation operation succeeded before reaching
// here.
return new PollResponse<>(LongRunningOperationStatus.SUCCESSFULLY_COMPLETED,
pollingContext.getLatestResponse().getValue());
}
}
/**
* Requests that a backup of the specified certificate be downloaded to the client. All versions of the certificate
* will be downloaded. This operation requires the certificates/backup permission.
*
* Code Samples
* Backs up the certificate from the key vault. Prints out the length of the certificate's backup byte array
* returned in the response.
*
*
*
* byte[] certificateBackup = certificateClient.backupCertificate("certificateName");
* System.out.printf("Backed up certificate with back up blob length %d%n", certificateBackup.length);
*
*
*
* @param certificateName The name of the certificate.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return The backed up certificate blob.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public byte[] backupCertificate(String certificateName) {
return backupCertificateWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Requests that a backup of the specified certificate be downloaded to the client. All versions of the certificate
* will be downloaded. This operation requires the certificates/backup permission.
*
* Code Samples
* Backs up the certificate from the key vault. Prints out the length of the certificate's backup byte array
* returned in the response.
*
*
*
* Response<byte[]> certificateBackupWithResponse = certificateClient
* .backupCertificateWithResponse("certificateName", new Context(key1, value1));
* System.out.printf("Backed up certificate with back up blob length %d%n",
* certificateBackupWithResponse.getValue().length);
*
*
*
* @param certificateName The certificateName of the certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the backed up certificate blob.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response backupCertificateWithResponse(String certificateName, Context context) {
return callWithMappedResponseAndException(() -> implClient.backupCertificateWithResponse(vaultUrl,
certificateName, context), BackupCertificateResult::getValue,
CertificateAsyncClient::mapBackupCertificateException);
}
/**
* Restores a backed up certificate to the vault. All the versions of the certificate are restored to the vault.
* This operation requires the certificates/restore permission.
*
* Code Samples
* Restores the certificate in the key vault from its backup. Prints out the restored certificate details when a
* response has been received.
*
*
*
* byte[] certificateBackupBlob = {};
* KeyVaultCertificate certificate = certificateClient.restoreCertificateBackup(certificateBackupBlob);
* System.out.printf(" Restored certificate with name %s and id %s%n",
* certificate.getProperties().getName(), certificate.getProperties().getId());
*
*
*
* @param backup The backup blob associated with the certificate.
* @throws ResourceModifiedException when {@code backup} blob is malformed.
* @return The {@link KeyVaultCertificate restored certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificateWithPolicy restoreCertificateBackup(byte[] backup) {
return restoreCertificateBackupWithResponse(backup, Context.NONE).getValue();
}
/**
* Restores a backed up certificate to the vault. All the versions of the certificate are restored to the vault.
* This operation requires the certificates/restore permission.
*
* Code Samples
* Restores the certificate in the key vault from its backup. Prints out the restored certificate details when a
* response has been received.
*
*
*
* byte[] certificateBackupBlobArray = {};
* Response<KeyVaultCertificateWithPolicy> certificateResponse = certificateClient
* .restoreCertificateBackupWithResponse(certificateBackupBlobArray, new Context(key1, value1));
* System.out.printf(" Restored certificate with name %s and id %s%n",
* certificateResponse.getValue().getProperties().getName(),
* certificateResponse.getValue().getProperties().getId());
*
*
*
* @param backup The backup blob associated with the certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceModifiedException when {@code backup} blob is malformed.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link KeyVaultCertificate restored certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response restoreCertificateBackupWithResponse(byte[] backup, Context context) {
return callWithMappedResponseAndException(() -> implClient.restoreCertificateWithResponse(vaultUrl, backup,
context), KeyVaultCertificateWithPolicyHelper::createCertificateWithPolicy,
CertificateAsyncClient::mapRestoreCertificateException);
}
/**
* List certificates in the key vault. Retrieves the set of certificates resources in the key vault and the
* individual certificate response in the iterable is represented by {@link CertificateProperties} as only the
* certificate identifier, thumbprint, attributes and tags are provided in the response. The policy and individual
* certificate versions are not listed in the response. This operation requires the certificates/list permission.
*
* It is possible to get certificates with all the properties excluding the policy from this information. Loop
* over the {@link CertificateProperties} and call {@link CertificateClient#getCertificateVersion(String, String)} .
* This will return the {@link KeyVaultCertificate certificate} with all its properties excluding the policy.
*
*
*
* for (CertificateProperties certificateProperties : certificateClient.listPropertiesOfCertificates()) {
* KeyVaultCertificate certificateWithAllProperties = certificateClient
* .getCertificateVersion(certificateProperties.getName(), certificateProperties.getVersion());
* System.out.printf("Received certificate with name %s and secret id %s%n",
* certificateWithAllProperties.getProperties().getName(),
* certificateWithAllProperties.getSecretId());
* }
*
*
*
* @return A {@link PagedIterable} containing {@link CertificateProperties certificate} for all the certificates in
* the vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfCertificates() {
return listPropertiesOfCertificates(false, Context.NONE);
}
/**
* List certificates in the key vault. Retrieves the set of certificates resources in the key vault and the
* individual certificate response in the iterable is represented by {@link CertificateProperties} as only the
* certificate identifier, thumbprint, attributes and tags are provided in the response. The policy and individual
* certificate versions are not listed in the response. This operation requires the certificates/list permission.
*
* It is possible to get certificates with all the properties excluding the policy from this information. Loop
* over the {@link CertificateProperties} and call {@link CertificateClient#getCertificateVersion(String, String)} .
* This will return the {@link KeyVaultCertificate certificate} with all its properties excluding the policy.
*
*
*
* for (CertificateProperties certificateProperties : certificateClient
* .listPropertiesOfCertificates(true, new Context(key1, value1))) {
* KeyVaultCertificate certificateWithAllProperties = certificateClient
* .getCertificateVersion(certificateProperties.getName(), certificateProperties.getVersion());
* System.out.printf("Received certificate with name %s and secret id %s%n",
* certificateWithAllProperties.getProperties().getName(),
* certificateWithAllProperties.getSecretId());
* }
*
*
*
* @param includePending indicate if pending certificates should be included in the results.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link PagedIterable} containing {@link CertificateProperties certificate} for all the certificates in
* the vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfCertificates(boolean includePending, Context context) {
return new PagedIterable<>(maxResults ->
mapCertificateItemPage(implClient.getCertificatesSinglePage(vaultUrl, maxResults, includePending, context)),
(continuationToken, maxResults) -> mapCertificateItemPage(implClient.getCertificatesNextSinglePage(
continuationToken, vaultUrl, context)));
}
/**
* Lists the {@link DeletedCertificate deleted certificates} in the key vault currently available for recovery. This
* operation includes deletion-specific information and is applicable for vaults enabled for soft-delete. This
* operation requires the certificates/get/list permission.
*
* Code Samples
* Lists the deleted certificates in the key vault. Prints out the recovery id of each deleted certificate when a
* response has been received.
*
*
*
* for (DeletedCertificate deletedCertificate : certificateClient.listDeletedCertificates()) {
* System.out.printf("Deleted certificate's recovery Id %s%n", deletedCertificate.getRecoveryId());
* }
*
*
*
* @return A {@link PagedIterable} containing all of the {@link DeletedCertificate deleted certificates} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listDeletedCertificates() {
return listDeletedCertificates(false, Context.NONE);
}
/**
* Lists the {@link DeletedCertificate deleted certificates} in the key vault currently available for recovery. This
* operation includes deletion-specific information and is applicable for vaults enabled for soft-delete. This
* operation requires the certificates/get/list permission.
*
* Code Samples
* Lists the deleted certificates in the key vault. Prints out the recovery id of each deleted certificate when a
* response has been received.
*
*
*
* for (DeletedCertificate deletedCertificate : certificateClient
* .listDeletedCertificates(true, new Context(key1, value1))) {
* System.out.printf("Deleted certificate's recovery Id %s%n", deletedCertificate.getRecoveryId());
* }
*
*
*
* @param includePending indicate if pending deleted certificates should be included in the results.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link PagedIterable} containing all of the {@link DeletedCertificate deleted certificates} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listDeletedCertificates(boolean includePending, Context context) {
return new PagedIterable<>(maxResults -> mapDeletedCertificateItemPage(
implClient.getDeletedCertificatesSinglePage(vaultUrl, maxResults, includePending, context)),
(continuationToken, maxResults) -> mapDeletedCertificateItemPage(
implClient.getDeletedCertificatesNextSinglePage(continuationToken, vaultUrl, context)));
}
/**
* List all versions of the specified certificate. The individual certificate response in the iterable is
* represented by {@link CertificateProperties} as only the certificate identifier, thumbprint, attributes and tags
* are provided in the response. The policy is not listed in the response. This operation requires the
* certificates/list permission.
*
* It is possible to get the certificates with properties excluding the policy for all the versions from this
* information. Loop over the {@link CertificateProperties} and call
* {@link CertificateClient#getCertificateVersion(String, String)}. This will return the
* {@link KeyVaultCertificate certificate} with all its properties excluding the policy.
*
*
*
* for (CertificateProperties certificateProperties : certificateClient
* .listPropertiesOfCertificateVersions("certificateName")) {
* KeyVaultCertificate certificateWithAllProperties = certificateClient
* .getCertificateVersion(certificateProperties.getName(), certificateProperties.getVersion());
* System.out.printf("Received certificate's version with name %s, version %s and secret id %s%n",
* certificateWithAllProperties.getProperties().getName(),
* certificateWithAllProperties.getProperties().getVersion(), certificateWithAllProperties.getSecretId());
* }
*
*
*
* @param certificateName The name of the certificate.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link PagedIterable} containing {@link CertificateProperties certificate} of all the versions of the
* specified certificate in the vault. Paged Iterable is empty if certificate with {@code certificateName} does not
* exist in key vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfCertificateVersions(String certificateName) {
return listPropertiesOfCertificateVersions(certificateName, Context.NONE);
}
/**
* List all versions of the specified certificate. The individual certificate response in the iterable is
* represented by {@link CertificateProperties} as only the certificate identifier, thumbprint, attributes and tags
* are provided in the response. The policy is not listed in the response. This operation requires the
* certificates/list permission.
*
* It is possible to get the certificates with properties excluding the policy for all the versions from this
* information. Loop over the {@link CertificateProperties} and call
* {@link CertificateClient#getCertificateVersion(String, String)}. This will return the
* {@link KeyVaultCertificate certificate} with all its properties excluding the policy.
*
*
*
* for (CertificateProperties certificateProperties : certificateClient
* .listPropertiesOfCertificateVersions("certificateName")) {
* KeyVaultCertificate certificateWithAllProperties = certificateClient
* .getCertificateVersion(certificateProperties.getName(), certificateProperties.getVersion());
* System.out.printf("Received certificate's version with name %s, version %s and secret id %s%n",
* certificateWithAllProperties.getProperties().getName(),
* certificateWithAllProperties.getProperties().getVersion(), certificateWithAllProperties.getSecretId());
* }
*
*
*
* @param certificateName The name of the certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException when a certificate with {@code certificateName} is empty string.
* @return A {@link PagedIterable} containing {@link CertificateProperties certificate} of all the versions of the
* specified certificate in the vault. Iterable is empty if certificate with {@code certificateName} does not exist
* in key vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfCertificateVersions(String certificateName,
Context context) {
return new PagedIterable<>(maxResults -> mapCertificateItemPage(implClient.getCertificateVersionsSinglePage(
vaultUrl, certificateName, maxResults, context)),
(continuationToken, maxResults) -> mapCertificateItemPage(implClient.getCertificateVersionsNextSinglePage(
continuationToken, vaultUrl, context)));
}
/**
* Retrieves the policy of the specified certificate in the key vault. This operation requires the certificates/get
* permission.
*
* Code Samples
* Gets the policy of a certificate in the key vault. Prints out the returned certificate policy details when a
* response has been received.
*
*
*
* CertificatePolicy policy = certificateClient.getCertificatePolicy("certificateName");
* System.out.printf("Received policy with subject name %s%n", policy.getSubject());
*
*
*
* @param certificateName The name of the certificate whose policy is to be retrieved, cannot be null
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return The requested {@link CertificatePolicy certificate policy}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificatePolicy getCertificatePolicy(String certificateName) {
return getCertificatePolicyWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Retrieves the policy of the specified certificate in the key vault. This operation requires the certificates/get
* permission.
*
* Code Samples
* Gets the policy of a certificate in the key vault. Prints out the returned certificate policy details when a
* response has been received.
*
*
*
* Response<CertificatePolicy> returnedPolicyWithResponse = certificateClient.getCertificatePolicyWithResponse(
* "certificateName", new Context(key1, value1));
* System.out.printf("Received policy with subject name %s%n",
* returnedPolicyWithResponse.getValue().getSubject());
*
*
*
* @param certificateName The name of the certificate whose policy is to be retrieved, cannot be null
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the requested
* {@link CertificatePolicy certificate policy}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response getCertificatePolicyWithResponse(String certificateName, Context context) {
return callWithMappedResponseAndException(() -> implClient.getCertificatePolicyWithResponse(vaultUrl,
certificateName, context), CertificatePolicyHelper::createCertificatePolicy,
CertificateAsyncClient::mapGetCertificatePolicyException);
}
/**
* Updates the policy for a certificate. The update operation changes specified attributes of the certificate policy
* and attributes that are not specified in the request are left unchanged. This operation requires the
* certificates/update permission.
*
* Code Samples
* Gets the certificate policy, changes its properties and then updates it in the Azure Key Vault. Prints out the
* returned policy details when a response has been received.
*
*
*
* CertificatePolicy certificatePolicy = certificateClient.getCertificatePolicy("certificateName");
* //Update the certificate policy cert transparency property.
* certificatePolicy.setCertificateTransparent(true);
* CertificatePolicy updatedCertPolicy = certificateClient.updateCertificatePolicy("certificateName",
* certificatePolicy);
* System.out.printf("Updated Certificate Policy transparency status %s%n",
* updatedCertPolicy.isCertificateTransparent());
*
*
*
* @param certificateName The name of the certificate whose policy is to be updated.
* @param policy The certificate policy to be updated.
* @throws NullPointerException if {@code policy} is null.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string or if {@code policy} is invalid.
* @return The updated {@link CertificatePolicy certificate policy}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificatePolicy updateCertificatePolicy(String certificateName, CertificatePolicy policy) {
return updateCertificatePolicyWithResponse(certificateName, policy, Context.NONE).getValue();
}
/**
* Updates the policy for a certificate. The update operation changes specified attributes of the certificate policy
* and attributes that are not specified in the request are left unchanged. This operation requires the
* certificates/update permission.
*
* Code Samples
* Gets the certificate policy, changes its properties and then updates it in the Azure Key Vault. Prints out the
* returned policy details when a response has been received.
*
*
*
* CertificatePolicy certificatePolicyToUpdate = certificateClient.getCertificatePolicy("certificateName");
* //Update the certificate policy cert transparency property.
* certificatePolicyToUpdate.setCertificateTransparent(true);
* Response<CertificatePolicy> updatedCertPolicyWithResponse = certificateClient
* .updateCertificatePolicyWithResponse("certificateName", certificatePolicyToUpdate,
* new Context(key1, value1));
* System.out.printf("Updated Certificate Policy transparency status %s%n", updatedCertPolicyWithResponse
* .getValue().isCertificateTransparent());
*
*
*
* @param certificateName The certificateName of the certificate whose policy is to be updated.
* @param policy The certificate policy to be updated.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws NullPointerException if {@code policy} is null.
* @throws ResourceNotFoundException when a certificate with {@code certificateName} doesn't exist in the key vault.
* @throws HttpRequestException if {@code certificateName} is empty string or if {@code policy} is invalid.
* @return A {@link Response} whose {@link Response#getValue() value} contains the updated
* {@link CertificatePolicy certificate policy}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response updateCertificatePolicyWithResponse(String certificateName,
CertificatePolicy policy, Context context) {
if (policy == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'policy' cannot be null."));
}
return callWithMappedResponseAndException(() -> implClient.updateCertificatePolicyWithResponse(vaultUrl,
certificateName, getImplCertificatePolicy(policy), context),
CertificatePolicyHelper::createCertificatePolicy,
CertificateAsyncClient::mapUpdateCertificatePolicyException);
}
/**
* Creates the specified certificate issuer. The SetCertificateIssuer operation updates the specified certificate
* issuer if it already exists or adds it if it doesn't exist. This operation requires the
* certificates/setissuers permission.
*
* Code Samples
* Creates a new certificate issuer in the key vault. Prints out the created certificate issuer details when a
* response has been received.
*
*
*
* CertificateIssuer issuerToCreate = new CertificateIssuer("myissuer", "myProvider")
* .setAccountId("testAccount")
* .setAdministratorContacts(Collections.singletonList(new AdministratorContact().setFirstName("test")
* .setLastName("name").setEmail("test@example.com")));
* CertificateIssuer returnedIssuer = certificateClient.createIssuer(issuerToCreate);
* System.out.printf("Created Issuer with name %s provider %s%n", returnedIssuer.getName(),
* returnedIssuer.getProvider());
*
*
*
* @param issuer The configuration of the certificate issuer to be created.
* @throws NullPointerException if {@code issuer} is null.
* @throws ResourceModifiedException when invalid certificate issuer {@code issuer} configuration is provided.
* @throws HttpRequestException when a certificate issuer with {@link CertificateIssuer#getName() name} is empty
* string.
* @return The created {@link CertificateIssuer certificate issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateIssuer createIssuer(CertificateIssuer issuer) {
return createIssuerWithResponse(issuer, Context.NONE).getValue();
}
/**
* Creates the specified certificate issuer. The SetCertificateIssuer operation updates the specified certificate
* issuer if it already exists or adds it if it doesn't exist. This operation requires the
* certificates/setissuers permission.
*
* Code Samples
* Creates a new certificate issuer in the key vault. Prints out the created certificate issuer details when a
* response has been received.
*
*
*
* CertificateIssuer issuer = new CertificateIssuer("issuerName", "myProvider")
* .setAccountId("testAccount")
* .setAdministratorContacts(Collections.singletonList(new AdministratorContact().setFirstName("test")
* .setLastName("name").setEmail("test@example.com")));
* Response<CertificateIssuer> issuerResponse = certificateClient.createIssuerWithResponse(issuer,
* new Context(key1, value1));
* System.out.printf("Created Issuer with name %s provider %s%n", issuerResponse.getValue().getName(),
* issuerResponse.getValue().getProvider());
*
*
*
* @param issuer The configuration of the certificate issuer to be created.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws NullPointerException if {@code issuer} is null.
* @throws ResourceModifiedException when invalid certificate issuer {@code issuer} configuration is provided.
* @throws HttpRequestException when a certificate issuer with {@link CertificateIssuer#getName() name} is empty
* string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the created
* {@link CertificateIssuer certificate issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response createIssuerWithResponse(CertificateIssuer issuer, Context context) {
if (issuer == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'issuer' cannot be null."));
}
IssuerBundle issuerBundle = getIssuerBundle(issuer);
return callWithMappedResponseAndException(() -> implClient.setCertificateIssuerWithResponse(vaultUrl,
issuer.getName(), issuer.getProvider(), issuerBundle.getCredentials(),
issuerBundle.getOrganizationDetails(), issuerBundle.getAttributes(), context),
CertificateIssuerHelper::createCertificateIssuer, ex -> ex);
}
/**
* Retrieves the specified certificate issuer from the key vault. This operation requires the
* certificates/manageissuers/getissuers permission.
*
* Code Samples
* Gets the specified certificate issuer in the key vault. Prints out the returned certificate issuer details
* when a response has been received.
*
*
*
* Response<CertificateIssuer> issuerResponse = certificateClient.getIssuerWithResponse("issuerName",
* new Context(key1, value1));
* System.out.printf("Retrieved issuer with name %s and provider %s%n", issuerResponse.getValue().getName(),
* issuerResponse.getValue().getProvider());
*
*
*
* @param issuerName The name of the certificate issuer to retrieve, cannot be null
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate issuer with {@code issuerName} doesn't exist in the key
* vault.
* @throws HttpRequestException if {@code issuerName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the requested
* {@link CertificateIssuer certificate issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response getIssuerWithResponse(String issuerName, Context context) {
return callWithMappedResponseAndException(() -> implClient.getCertificateIssuerWithResponse(vaultUrl,
issuerName, context), CertificateIssuerHelper::createCertificateIssuer, ex -> ex);
}
/**
* Retrieves the specified certificate issuer from the key vault. This operation requires the
* certificates/manageissuers/getissuers permission.
*
* Code Samples
* Gets the specified certificate issuer in the key vault. Prints out the returned certificate issuer details
* when a response has been received.
*
*
*
* CertificateIssuer returnedIssuer = certificateClient.getIssuer("issuerName");
* System.out.printf("Retrieved issuer with name %s and provider %s%n", returnedIssuer.getName(),
* returnedIssuer.getProvider());
*
*
*
* @param issuerName The name of the certificate issuer to retrieve, cannot be null
* @throws ResourceNotFoundException when a certificate issuer with {@code issuerName} doesn't exist in the key
* vault.
* @throws HttpRequestException if {@code issuerName} is empty string.
* @return The requested {@link CertificateIssuer certificate issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateIssuer getIssuer(String issuerName) {
return getIssuerWithResponse(issuerName, Context.NONE).getValue();
}
/**
* Deletes the specified certificate issuer. The DeleteCertificateIssuer operation permanently removes the specified
* certificate issuer from the key vault. This operation requires the certificates/manageissuers/deleteissuers
* permission.
*
* Code Samples
* Deletes the certificate issuer in the Azure Key Vault. Prints out the
* deleted certificate details when a response has been received.
*
*
*
* CertificateIssuer deletedIssuer = certificateClient.deleteIssuer("issuerName");
* System.out.printf("Deleted certificate issuer with name %s and provider id %s%n", deletedIssuer.getName(),
* deletedIssuer.getProvider());
*
*
*
* @param issuerName The name of the certificate issuer to be deleted.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate issuer with {@code issuerName} doesn't exist in the key
* vault.
* @throws HttpRequestException when a certificate issuer with {@code issuerName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link CertificateIssuer deleted issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response deleteIssuerWithResponse(String issuerName, Context context) {
return callWithMappedResponseAndException(() -> implClient.deleteCertificateIssuerWithResponse(vaultUrl,
issuerName, context), CertificateIssuerHelper::createCertificateIssuer,
CertificateAsyncClient::mapDeleteCertificateIssuerException);
}
/**
* Deletes the specified certificate issuer. The DeleteCertificateIssuer operation permanently removes the specified
* certificate issuer from the key vault. This operation requires the certificates/manageissuers/deleteissuers
* permission.
*
* Code Samples
* Deletes the certificate issuer in the Azure Key Vault. Prints out the deleted certificate details when a
* response has been received.
*
*
*
* Response<CertificateIssuer> deletedIssuerWithResponse = certificateClient.
* deleteIssuerWithResponse("issuerName", new Context(key1, value1));
* System.out.printf("Deleted certificate issuer with name %s and provider id %s%n",
* deletedIssuerWithResponse.getValue().getName(),
* deletedIssuerWithResponse.getValue().getProvider());
*
*
*
* @param issuerName The name of the certificate issuer to be deleted.
* @throws ResourceNotFoundException when a certificate issuer with {@code issuerName} doesn't exist in the key
* vault.
* @throws HttpRequestException when a certificate issuer with {@code issuerName} is empty string.
* @return The {@link CertificateIssuer deleted issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateIssuer deleteIssuer(String issuerName) {
return deleteIssuerWithResponse(issuerName, Context.NONE).getValue();
}
/**
* List all the certificate issuers resources in the key vault. The individual certificate issuer response in the
* iterable is represented by {@link IssuerProperties} as only the certificate issuer identifier and provider are
* provided in the response. This operation requires the certificates/manageissuers/getissuers permission.
*
* It is possible to get the certificate issuer with all of its properties from this information. Loop over the
* {@link IssuerProperties issuerProperties} and call {@link CertificateClient#getIssuer(String)}. This will return
* the {@link CertificateIssuer issuer} with all its properties.
.
*
*
*
* for (IssuerProperties issuer : certificateClient.listPropertiesOfIssuers()) {
* CertificateIssuer retrievedIssuer = certificateClient.getIssuer(issuer.getName());
* System.out.printf("Received issuer with name %s and provider %s%n", retrievedIssuer.getName(),
* retrievedIssuer.getProvider());
* }
*
*
*
* @return A {@link PagedIterable} containing all of the {@link IssuerProperties certificate issuers} in the vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfIssuers() {
return listPropertiesOfIssuers(Context.NONE);
}
/**
* List all the certificate issuers resources in the key vault. The individual certificate issuer response in the
* iterable is represented by {@link IssuerProperties} as only the certificate issuer identifier and provider are
* provided in the response. This operation requires the certificates/manageissuers/getissuers permission.
*
* It is possible to get the certificate issuer with all of its properties from this information. Loop over the
* {@link IssuerProperties issuerProperties} and call {@link CertificateClient#getIssuer(String)}. This will return
* the {@link CertificateIssuer issuer} with all its properties.
.
*
*
*
* for (IssuerProperties issuer : certificateClient.listPropertiesOfIssuers(new Context(key1, value1))) {
* CertificateIssuer retrievedIssuer = certificateClient.getIssuer(issuer.getName());
* System.out.printf("Received issuer with name %s and provider %s%n", retrievedIssuer.getName(),
* retrievedIssuer.getProvider());
* }
*
*
*
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link PagedIterable} containing all of the {@link IssuerProperties certificate issuers} in the vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listPropertiesOfIssuers(Context context) {
return new PagedIterable<>(maxResults -> mapIssuersPagedResponse(implClient.getCertificateIssuersSinglePage(
vaultUrl, maxResults, context)),
(continuationToken, maxResults) -> mapIssuersPagedResponse(implClient.getCertificateIssuersNextSinglePage(
continuationToken, vaultUrl, context)));
}
/**
* Updates the specified certificate issuer. The UpdateCertificateIssuer operation updates the specified attributes
* of the certificate issuer entity. This operation requires the certificates/setissuers permission.
*
* Code Samples
* Gets the certificate issuer, changes its attributes/properties then updates it in the Azure Key Vault. Prints
* out the returned certificate issuer details when a response has been received.
*
*
*
* CertificateIssuer returnedIssuer = certificateClient.getIssuer("issuerName");
* returnedIssuer.setAccountId("newAccountId");
* CertificateIssuer updatedIssuer = certificateClient.updateIssuer(returnedIssuer);
* System.out.printf("Updated issuer with name %s, provider %s and account Id %s%n", updatedIssuer.getName(),
* updatedIssuer.getProvider(), updatedIssuer.getAccountId());
*
*
*
* @param issuer The {@link CertificateIssuer issuer} with updated properties.
* @throws NullPointerException if {@code issuer} is null.
* @throws ResourceNotFoundException when a certificate issuer with {@link CertificateIssuer#getName() name} doesn't
* exist in the key vault.
* @throws HttpRequestException if {@link CertificateIssuer#getName() name} is empty string.
* @return The {@link CertificateIssuer updated issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateIssuer updateIssuer(CertificateIssuer issuer) {
return updateIssuerWithResponse(issuer, Context.NONE).getValue();
}
/**
* Updates the specified certificate issuer. The UpdateCertificateIssuer operation updates the specified attributes
* of the certificate issuer entity. This operation requires the certificates/setissuers permission.
*
* Code Samples
* Gets the certificate issuer, changes its attributes/properties then updates it in the Azure Key Vault. Prints
* out the returned certificate issuer details when a response has been received.
*
*
*
* CertificateIssuer issuer = certificateClient.getIssuer("issuerName");
* returnedIssuer.setAccountId("newAccountId");
* Response<CertificateIssuer> updatedIssuerWithResponse = certificateClient.updateIssuerWithResponse(issuer,
* new Context(key1, value1));
* System.out.printf("Updated issuer with name %s, provider %s and account Id %s%n",
* updatedIssuerWithResponse.getValue().getName(),
* updatedIssuerWithResponse.getValue().getProvider(),
* updatedIssuerWithResponse.getValue().getAccountId());
*
*
*
* @param issuer The {@link CertificateIssuer issuer} with updated properties.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws NullPointerException if {@code issuer} is null.
* @throws ResourceNotFoundException when a certificate issuer with {@link CertificateIssuer#getName() name} doesn't
* exist in the key vault.
* @throws HttpRequestException if {@link CertificateIssuer#getName() name} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link CertificateIssuer updated issuer}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response updateIssuerWithResponse(CertificateIssuer issuer, Context context) {
if (issuer == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'issuer' cannot be null."));
}
IssuerBundle issuerBundle = CertificateIssuerHelper.getIssuerBundle(issuer);
return callWithMappedResponseAndException(() -> implClient.updateCertificateIssuerWithResponse(vaultUrl,
issuer.getName(), issuer.getProvider(), issuerBundle.getCredentials(),
issuerBundle.getOrganizationDetails(), issuerBundle.getAttributes(), context),
CertificateIssuerHelper::createCertificateIssuer, ex -> ex);
}
/**
* Sets the certificate contacts on the key vault. This operation requires the certificates/managecontacts
* permission.
*
*The {@link LifetimeAction} of type {@link CertificatePolicyAction#EMAIL_CONTACTS} set on a
* {@link CertificatePolicy} emails the contacts set on the vault when triggered.
*
* Code Samples
* Sets the certificate contacts in the Azure Key Vault. Prints out the returned contacts details.
*
*
*
* CertificateContact contactToAdd = new CertificateContact().setName("user").setEmail("useremail@example.com");
* for (CertificateContact contact : certificateClient.setContacts(Collections.singletonList(contactToAdd))) {
* System.out.printf("Added contact with name %s and email %s to key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @param contacts The list of contacts to set on the vault.
* @throws HttpRequestException when a contact information provided is invalid/incomplete.
* @return A {@link PagedIterable} containing all of the {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable setContacts(List contacts) {
return setContacts(contacts, Context.NONE);
}
/**
* Sets the certificate contacts on the key vault. This operation requires the certificates/managecontacts
* permission.
*
*The {@link LifetimeAction} of type {@link CertificatePolicyAction#EMAIL_CONTACTS} set on a
* {@link CertificatePolicy} emails the contacts set on the vault when triggered.
*
* Code Samples
* Sets the certificate contacts in the Azure Key Vault. Prints out the returned contacts details.
*
*
*
* CertificateContact sampleContact = new CertificateContact().setName("user").setEmail("useremail@example.com");
* for (CertificateContact contact : certificateClient.setContacts(Collections.singletonList(sampleContact),
* new Context(key1, value1))) {
* System.out.printf("Added contact with name %s and email %s to key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @param contacts The list of contacts to set on the vault.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws HttpRequestException when a contact information provided is invalid/incomplete.
* @return A {@link PagedIterable} containing all of the {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable setContacts(List contacts, Context context) {
return new PagedIterable<>(() -> mapContactsToPagedResponse(implClient.setCertificateContactsWithResponse(
vaultUrl, new Contacts().setContactList(contacts), context)));
}
/**
* Lists the certificate contacts in the key vault. This operation requires the certificates/managecontacts
* permission.
*
* Code Samples
* Lists the certificate contacts in the Azure Key Vault. Prints out the returned contacts details in the
* response.
*
*
*
* for (CertificateContact contact : certificateClient.listContacts()) {
* System.out.printf("Added contact with name %s and email %s to key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @return A {@link PagedIterable} containing all of the {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listContacts() {
return listContacts(Context.NONE);
}
/**
* Lists the certificate contacts in the key vault. This operation requires the certificates/managecontacts
* permission.
*
* Code Samples
* Lists the certificate contacts in the Azure Key Vault. Prints out the returned contacts details in the
* response.
*
*
*
* for (CertificateContact contact : certificateClient.listContacts(new Context(key1, value1))) {
* System.out.printf("Added contact with name %s and email %s to key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link PagedIterable} containing all of the {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable listContacts(Context context) {
return new PagedIterable<>(
() -> mapContactsToPagedResponse(implClient.getCertificateContactsWithResponse(vaultUrl, context)));
}
/**
* Deletes the certificate contacts in the key vault. This operation requires the certificates/managecontacts
* permission.
*
* Code Samples
* Deletes the certificate contacts in the Azure Key Vault. Subscribes to the call and prints out the deleted
* contacts details.
*
*
*
* for (CertificateContact contact : certificateClient.deleteContacts()) {
* System.out.printf("Deleted contact with name %s and email %s from key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @return A {@link PagedIterable} containing the deleted {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable deleteContacts() {
return deleteContacts(Context.NONE);
}
/**
* Deletes the certificate contacts in the key vault. This operation requires the certificates/managecontacts
* permission.
*
* Code Samples
* Deletes the certificate contacts in the Azure Key Vault. Prints out the deleted contacts details in the
* response.
*
*
*
* for (CertificateContact contact : certificateClient.deleteContacts(new Context(key1, value1))) {
* System.out.printf("Deleted contact with name %s and email %s from key vault%n", contact.getName(),
* contact.getEmail());
* }
*
*
*
* @param context Additional context that is passed through the Http pipeline during the service call.
* @return A {@link PagedIterable} containing the deleted {@link CertificateContact certificate contacts} in the
* vault.
*/
@ServiceMethod(returns = ReturnType.COLLECTION)
public PagedIterable deleteContacts(Context context) {
return new PagedIterable<>(
() -> mapContactsToPagedResponse(implClient.deleteCertificateContactsWithResponse(vaultUrl, context)));
}
/**
* Deletes the creation operation for the specified certificate that is in the process of being created. The
* certificate is no longer created. This operation requires the certificates/update permission.
*
* Code Samples
* Triggers certificate creation and then deletes the certificate creation operation in the Azure Key Vault.
* Subscribes to the call and prints out the deleted certificate operation details when a response has been
* received.
*
*
*
* Response<CertificateOperation> deletedCertificateOperationWithResponse = certificateClient
* .deleteCertificateOperationWithResponse("certificateName", new Context(key1, value1));
* System.out.printf("Deleted Certificate Operation's last status %s%n",
* deletedCertificateOperationWithResponse.getValue().getStatus());
*
*
*
* @param certificateName The name of the certificate.
* @throws ResourceNotFoundException when a certificate operation for a certificate with {@code certificateName}
* doesn't exist in the key vault.
* @throws HttpRequestException when the {@code certificateName} is empty string.
* @return The deleted {@link CertificateOperation certificate operation}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateOperation deleteCertificateOperation(String certificateName) {
return deleteCertificateOperationWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Deletes the creation operation for the specified certificate that is in the process of being created. The
* certificate is no longer created. This operation requires the certificates/update permission.
*
* Code Samples
* Triggers certificate creation and then deletes the certificate creation operation in the Azure Key Vault.
* Subscribes to the call and prints out the deleted certificate operation details when a response has been
* received.
*
*
*
* CertificateOperation deletedCertificateOperation = certificateClient
* .deleteCertificateOperation("certificateName");
* System.out.printf("Deleted Certificate Operation's last status %s%n", deletedCertificateOperation.getStatus());
*
*
*
* @param certificateName The name of the certificate.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate operation for a certificate with {@code certificateName}
* doesn't exist in the key vault.
* @throws HttpRequestException when the {@code certificateName} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link CertificateOperation deleted certificate operation}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response deleteCertificateOperationWithResponse(String certificateName,
Context context) {
return callWithMappedResponseAndException(() -> implClient.deleteCertificateOperationWithResponse(vaultUrl,
certificateName, context), CertificateOperationHelper::createCertificateOperation,
CertificateAsyncClient::mapDeleteCertificateOperationException);
}
/**
* Cancels a certificate creation operation that is already in progress. This operation requires the
* certificates/update permission.
*
* Code Samples
* Triggers certificate creation and then cancels the certificate creation operation in the Azure Key Vault.
* Subscribes to the call and prints out the updated certificate operation details when a response has been
* received.
*
*
*
* CertificateOperation certificateOperation = certificateClient
* .cancelCertificateOperation("certificateName");
* System.out.printf("Certificate Operation status %s%n", certificateOperation.getStatus());
*
*
*
* @param certificateName The name of the certificate which is in the process of being created.
* @throws ResourceNotFoundException when a certificate operation for a certificate with {@code name} doesn't exist
* in the key vault.
* @throws HttpRequestException when the {@code name} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link CertificateOperation cancelled certificate operation}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public CertificateOperation cancelCertificateOperation(String certificateName) {
return cancelCertificateOperationWithResponse(certificateName, Context.NONE).getValue();
}
/**
* Cancels a certificate creation operation that is already in progress. This operation requires the
* certificates/update permission.
*
* Code Samples
* Triggers certificate creation and then cancels the certificate creation operation in the Azure Key Vault.
* Subscribes to the call and prints out the updated certificate operation details when a response has been
* received.
*
*
*
* Response<CertificateOperation> certificateOperationWithResponse = certificateClient
* .cancelCertificateOperationWithResponse("certificateName", new Context(key1, value1));
* System.out.printf("Certificate Operation status %s%n", certificateOperationWithResponse.getValue().getStatus());
*
*
*
* @param certificateName The name of the certificate which is in the process of being created.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws ResourceNotFoundException when a certificate operation for a certificate with {@code name} doesn't exist
* in the key vault.
* @throws HttpRequestException when the {@code name} is empty string.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link CertificateOperation cancelled certificate operation}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response cancelCertificateOperationWithResponse(String certificateName,
Context context) {
return callWithMappedResponseAndException(() -> implClient.updateCertificateOperationWithResponse(vaultUrl,
certificateName, true, context), CertificateOperationHelper::createCertificateOperation,
CertificateAsyncClient::mapUpdateCertificateOperationException);
}
/**
* Merges a certificate or a certificate chain with a key pair currently available in the service. This operation
* requires the certificates/create permission.
*
* Code Samples
* Merges a certificate with a kay pair available in the service.
*
*
*
* List<byte[]> x509CertificatesToMerge = new ArrayList<>();
* MergeCertificateOptions config =
* new MergeCertificateOptions("certificateName", x509CertificatesToMerge)
* .setEnabled(false);
* KeyVaultCertificate mergedCertificate = certificateClient.mergeCertificate(config);
* System.out.printf("Received Certificate with name %s and key id %s%n",
* mergedCertificate.getProperties().getName(), mergedCertificate.getKeyId());
*
*
*
* @param mergeCertificateOptions the merge certificate configuration holding the x509 certificates.
* @throws NullPointerException when {@code mergeCertificateOptions} is null.
* @throws HttpRequestException if {@code mergeCertificateOptions} is invalid/corrupt.
* @return The merged certificate.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificateWithPolicy mergeCertificate(MergeCertificateOptions mergeCertificateOptions) {
return mergeCertificateWithResponse(mergeCertificateOptions, Context.NONE).getValue();
}
/**
* Merges a certificate or a certificate chain with a key pair currently available in the service. This operation
* requires the certificates/create permission.
*
* Code Samples
* Merges a certificate with a kay pair available in the service.
*
*
*
* List<byte[]> x509CertsToMerge = new ArrayList<>();
* MergeCertificateOptions mergeConfig =
* new MergeCertificateOptions("certificateName", x509CertsToMerge)
* .setEnabled(false);
* Response<KeyVaultCertificateWithPolicy> mergedCertificateWithResponse =
* certificateClient.mergeCertificateWithResponse(mergeConfig, new Context(key2, value2));
* System.out.printf("Received Certificate with name %s and key id %s%n",
* mergedCertificateWithResponse.getValue().getProperties().getName(),
* mergedCertificateWithResponse.getValue().getKeyId());
*
*
*
* @param mergeCertificateOptions the merge certificate configuration holding the x509 certificates.
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws NullPointerException when {@code mergeCertificateOptions} is null.
* @throws HttpRequestException if {@code mergeCertificateOptions} is invalid/corrupt.
* @return A {@link Response} whose {@link Response#getValue() value} contains the merged certificate.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response mergeCertificateWithResponse(
MergeCertificateOptions mergeCertificateOptions, Context context) {
if (mergeCertificateOptions == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'mergeCertificateOptions' cannot be null."));
}
return callWithMappedResponseAndException(() -> implClient.mergeCertificateWithResponse(vaultUrl,
mergeCertificateOptions.getName(), mergeCertificateOptions.getX509Certificates(),
new CertificateAttributes().setEnabled(mergeCertificateOptions.isEnabled()),
mergeCertificateOptions.getTags(),
context), KeyVaultCertificateWithPolicyHelper::createCertificateWithPolicy, ex -> ex);
}
/**
* Imports a pre-existing certificate to the key vault. The specified certificate must be in PFX or PEM format,
* and must contain the private key as well as the x509 certificates. This operation requires the
* certificates/import permission.
*
* Code Samples
* Imports a certificate into the key vault.
*
*
*
* byte[] certificateToImport = new byte[100];
* ImportCertificateOptions config =
* new ImportCertificateOptions("certificateName", certificateToImport).setEnabled(false);
* KeyVaultCertificate importedCertificate = certificateClient.importCertificate(config);
* System.out.printf("Received Certificate with name %s and key id %s%n",
* importedCertificate.getProperties().getName(), importedCertificate.getKeyId());
*
*
*
* @param importCertificateOptions The details of the certificate to import to the key vault
* @throws HttpRequestException when the {@code importCertificateOptions} are invalid.
* @throws NullPointerException when {@code importCertificateOptions} is null.
* @return the {@link KeyVaultCertificateWithPolicy imported certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public KeyVaultCertificateWithPolicy importCertificate(ImportCertificateOptions importCertificateOptions) {
return importCertificateWithResponse(importCertificateOptions, Context.NONE).getValue();
}
/**
* Imports a pre-existing certificate to the key vault. The specified certificate must be in PFX or PEM format,
* and must contain the private key as well as the x509 certificates. This operation requires the
* certificates/import permission.
*
* Code Samples
* Imports a certificate into the key vault.
*
*
*
* byte[] certToImport = new byte[100];
* ImportCertificateOptions importCertificateOptions =
* new ImportCertificateOptions("certificateName", certToImport).setEnabled(false);
* Response<KeyVaultCertificateWithPolicy> importedCertificateWithResponse =
* certificateClient.importCertificateWithResponse(importCertificateOptions, new Context(key2, value2));
* System.out.printf("Received Certificate with name %s and key id %s%n",
* importedCertificateWithResponse.getValue().getProperties().getName(),
* importedCertificateWithResponse.getValue().getKeyId());
*
*
*
* @param importCertificateOptions The details of the certificate to import to the key vault
* @param context Additional context that is passed through the Http pipeline during the service call.
* @throws HttpRequestException when the {@code importCertificateOptions} are invalid.
* @throws NullPointerException when {@code importCertificateOptions} is null.
* @return A {@link Response} whose {@link Response#getValue() value} contains the
* {@link KeyVaultCertificateWithPolicy imported certificate}.
*/
@ServiceMethod(returns = ReturnType.SINGLE)
public Response importCertificateWithResponse(
ImportCertificateOptions importCertificateOptions, Context context) {
if (importCertificateOptions == null) {
throw LOGGER.logExceptionAsError(new NullPointerException("'importCertificateOptions' cannot be null."));
}
com.azure.security.keyvault.certificates.implementation.models.CertificatePolicy implPolicy
= getImplCertificatePolicy(importCertificateOptions.getPolicy());
return callWithMappedResponseAndException(() -> implClient.importCertificateWithResponse(vaultUrl,
importCertificateOptions.getName(), transformCertificateForImport(importCertificateOptions),
importCertificateOptions.getPassword(), implPolicy,
implPolicy == null ? null : implPolicy.getAttributes(), importCertificateOptions.getTags(), context),
KeyVaultCertificateWithPolicyHelper::createCertificateWithPolicy, ex -> ex);
}
private static T callWithMappedException(Supplier apiCall,
Function exceptionMapper) {
try {
return apiCall.get();
} catch (KeyVaultErrorException ex) {
throw exceptionMapper.apply(ex);
}
}
private static Response callWithMappedResponseAndException(Supplier> apiCall,
Function responseValueMapper, Function exceptionMapper) {
try {
Response responseInn = apiCall.get();
return new SimpleResponse<>(responseInn, responseValueMapper.apply(responseInn.getValue()));
} catch (KeyVaultErrorException ex) {
throw exceptionMapper.apply(ex);
}
}
}