request.authorization.cmp

Provides the ‘CmpAuthorization’ class using the Composite pattern for modular CMP authorization.

Classes

CmpOperationAuthorization

Ensures the request is authorized for the specified operation.

CmpAuthorization

Composite authorization handler for EST requests.

Module Contents

class request.authorization.cmp.CmpOperationAuthorization(allowed_operations)[source]

Bases: request.authorization.base.AuthorizationComponent, trustpoint.logger.LoggerMixin

Ensures the request is authorized for the specified operation.

Parameters:

allowed_operations (list[str])

allowed_operations[source]
authorize(context)[source]

Authorize the request based on the operation type.

Parameters:

context (request.request_context.BaseRequestContext)

Return type:

None

_raise_value_error(message)[source]

Raise a ValueError with the given message.

Parameters:

message (str)

Return type:

Never

_authorize_asn1_body(serialized_pyasn1_message, expected_body_type)[source]

Extract and validate the specified body type from the CMP message.

Parameters:

  • serialized_pyasn1_message (pyasn1_modules.rfc4210.PKIMessage) – The CMP message to extract the body from.

  • expected_body_type (str) – The expected body type (‘cr’ or ‘ir’).

Return type:

None

class request.authorization.cmp.CmpAuthorization(allowed_operations=None)[source]

Bases: request.authorization.base.CompositeAuthorization

Composite authorization handler for EST requests.

Parameters:

allowed_operations (list[str] | None)