devices.models¶

This modules contains all models specific to the device abstractions.

Classes¶

`DeviceModel`	The DeviceModel.
`IssuedCredentialModel`	Model for all credentials and certificates that have been issued or requested by the Trustpoint.
`RemoteDeviceCredentialDownloadModel`	Model to associate a credential model with an OTP and token for unauthenticated remoted download.

Module Contents¶

class devices.models.DeviceModel(*args, **kwargs)[source]¶

Bases: util.db.CustomDeleteActionModel

The DeviceModel.

common_name[source]¶

serial_number[source]¶

ip_address[source]¶

opc_server_port[source]¶

domain[source]¶

onboarding_config[source]¶

no_onboarding_config[source]¶

class DeviceType(*args, **kwds)[source]¶

Bases: django.db.models.IntegerChoices

Enum for device type.

GENERIC_DEVICE[source]¶

OPC_UA_GDS[source]¶

OPC_UA_GDS_PUSH[source]¶

device_type[source]¶

created_at[source]¶

__str__()[source]¶

Returns a human-readable string representation.

Return type:: str

pre_delete()[source]¶

Delete all issued credentials for this device before deleting the device itself.

Return type:: None

property est_username: str[source]¶

Gets the EST username.

Return type:: str

clean()[source]¶

Validation before saving the model.

Return type:: None

class devices.models.IssuedCredentialModel(*args, **kwargs)[source]¶

Bases: util.db.CustomDeleteActionModel

Model for all credentials and certificates that have been issued or requested by the Trustpoint.

class IssuedCredentialType(*args, **kwds)[source]¶

Bases: django.db.models.IntegerChoices

The type of the credential.

DOMAIN_CREDENTIAL[source]¶

APPLICATION_CREDENTIAL[source]¶

id[source]¶

common_name[source]¶

issued_credential_type[source]¶

issued_using_cert_profile[source]¶

credential[source]¶

device[source]¶

domain[source]¶

created_at[source]¶

class Meta[source]¶

Bases: django_stubs_ext.db.models.TypedModelMeta

Meta class configuration.

__str__()[source]¶

Returns a human-readable string representation.

Return type:: str

revoke()[source]¶

Revokes all active certificates associated with this credential.

Return type:: None

pre_delete()[source]¶

Revoke all active certificates and delete the credential.

Return type:: None

is_valid_domain_credential()[source]¶

Determines if this issued credential is valid for enrolling new application credentials.

This method performs the following checks:

The IssuedCredentialModel type must be of type DOMAIN_CREDENTIAL.
The credential must be of type ISSUED_CREDENTIAL.
A primary certificate must exist.
The certificate’s status must be ‘OK’.

Returns:

A tuple where:

The first value is True if the credential meets all criteria, False otherwise.
The second value is a reason string explaining why the credential is invalid.

Return type:

tuple[bool, str]

static get_credential_for_certificate(cert)[source]¶

Retrieve an IssuedCredentialModel instance for the given certificate.

Parameters:: cert (cryptography.x509.Certificate) – x509.Certificate to search for.
Returns:: The corresponding IssuedCredentialModel instance.
Raises:: ClientCertificateAuthenticationError – if no matching issued credential is found.
Return type:: IssuedCredentialModel

class devices.models.RemoteDeviceCredentialDownloadModel(*args, **kwargs)[source]¶

Bases: django.db.models.Model

Model to associate a credential model with an OTP and token for unauthenticated remoted download.

BROWSER_MAX_OTP_ATTEMPTS = 3[source]¶

TOKEN_VALIDITY[source]¶

issued_credential_model[source]¶

otp[source]¶

device[source]¶

attempts[source]¶

download_token[source]¶

token_created_at[source]¶

class Meta[source]¶

Bases: django_stubs_ext.db.models.TypedModelMeta

Meta class configuration.

__str__()[source]¶

Return a string representation of the model.

Return type:: str

save(*args, **kwargs)[source]¶

Generates a new random OTP on initial save of the model.

Parameters:

args (Any)
kwargs (Any)

Return type:

None

get_otp_display()[source]¶

Return the OTP in the format ‘credential_id.otp’ for display within the admin view.

Returns:: The str to display.
Return type:: str

check_otp(otp)[source]¶

Check if the provided OTP matches the stored OTP.

Parameters:: otp (str) – The OTP to check.
Returns:: True if the OTP is valid, False otherwise.
Return type:: bool

check_token(token)[source]¶

Check if the provided token matches the stored token and whether it is still valid.

Parameters:: token (str) – The token to check.
Returns:: True if the token is valid, false otherwise.
Return type:: bool