Source code for request.profile_validator

"""Handles Request Conversion to JSON and Profile Validation."""
import json

from pydantic_core import ValidationError

from cmp.util import PKIFailureInfo as CMPErrs
from pki.util.cert_profile import JSONProfileVerifier, ProfileValidationError
from pki.util.cert_req_converter import JSONCertRequestConverter
from request.request_context import BaseCertificateRequestContext, BaseRequestContext
from trustpoint.logger import LoggerMixin


[docs] class ProfileValidator(LoggerMixin): """Converts and validates certificate requests against profiles.""" @classmethod
[docs] def validate(cls, context: BaseRequestContext) -> None: """Validates the certificate request against the profile. Args: context (BaseRequestContext): The request context containing the certificate request. """ if not isinstance(context, BaseCertificateRequestContext): exc_msg = 'Profile validation can only be performed on certificate request contexts.' context.error('Invalid request context for profile validation.', http_status=500, cmp_code=CMPErrs.SYSTEM_FAILURE) raise TypeError(exc_msg) cert_request_json = JSONCertRequestConverter.to_json(context.cert_requested) cls.logger.info('Cert Request JSON: %s', cert_request_json) if not context.certificate_profile_model: exc_msg = 'Certificate profile model is not set in the context.' context.error('Corresponding certificate profile is missing.', http_status=422, cmp_code=CMPErrs.UNACCEPTED_POLICY) raise ValueError(exc_msg) try: cert_profile = context.certificate_profile_model.profile except json.JSONDecodeError as e: exc_msg = f'Error decoding certificate profile JSON: {e}' context.error('Certificate profile data is corrupted.', http_status=500, cmp_code=CMPErrs.UNACCEPTED_POLICY) raise ValueError(exc_msg) from e try: validated_request = JSONProfileVerifier(cert_profile).apply_profile_to_request(cert_request_json) except (ValidationError, ProfileValidationError) as e: exc_msg = f'Certificate request validation against profile failed: {e}' context.error('Request does not match the certificate profile.', http_status=400, cmp_code=CMPErrs.UNACCEPTED_POLICY) raise ValueError(exc_msg) from e cls.logger.info('Validated Cert Request JSON: %s', validated_request) context.cert_requested_profile_validated = JSONCertRequestConverter.from_json( validated_request, )