pki.views.owner_credentialsΒΆ
Views for Owner Credential (DevOwnerID) management.
Module ContentsΒΆ
- class pki.views.owner_credentials.OwnerCredentialContextMixin[source]ΒΆ
Bases:
trustpoint.views.base.ContextDataMixinMixin which adds context_data for the PKI -> Issuing CAs pages.
- class pki.views.owner_credentials.OwnerCredentialTableView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,trustpoint.views.base.SortableTableMixin[pki.models.OwnerCredentialModel],django.views.generic.list.ListView[pki.models.OwnerCredentialModel]Owner Credential Table View.
- class pki.views.owner_credentials.OwnerCredentialDetailView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.detail.DetailView[pki.models.OwnerCredentialModel]View to display the details of an Issuing CA.
- get_context_data(**kwargs)[source]ΒΆ
Adds the IDevID reference list to the context.
Each entry in
idevid_refsis anIDevIDReferenceModelinstance. Thedev_owner_id_certificateFK on each ref points directly to theCertificateModelof the DevOwnerID certificate whose SAN contained this reference (orNonefor locally uploaded credentials where the certificate was not stored separately), so no extra DB lookup is needed here.- Parameters:
kwargs (Any)
- Return type:
dict[str, Any]
- class pki.views.owner_credentials.OwnerCredentialAddMethodSelectView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialFileImportForm]View to select the method for adding a new DevOwnerID.
- class pki.views.owner_credentials.OwnerCredentialFileImportView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialFileImportForm]View to import a DevOwnerID from separate PEM files.
- class pki.views.owner_credentials.OwnerCredentialAddRequestEstMethodSelectView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialFileImportForm]View to select between onboarding and no-onboarding for EST-based DevOwnerID enrollment.
- class pki.views.owner_credentials.OwnerCredentialAddRequestEstNoOnboardingView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialAddRequestEstNoOnboardingForm]View to request a DevOwnerID via EST using username/password (no IDevID onboarding).
- get_context_data(**kwargs)[source]ΒΆ
Add heading context.
- Parameters:
kwargs (Any)
- Return type:
dict[str, Any]
- form_valid(form)[source]ΒΆ
Save the OwnerCredentialModel with its EST configuration.
The key pair and IssuedCredentialModel are created later when the user triggers an actual DevOwnerID issuance via the CLM page.
- Parameters:
form (pki.forms.OwnerCredentialAddRequestEstNoOnboardingForm)
- Return type:
django.http.HttpResponse
- class pki.views.owner_credentials.OwnerCredentialAddRequestEstOnboardingView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialAddRequestEstOnboardingForm]View to request a DevOwnerID via EST using IDevID-based onboarding (mTLS client certificate).
- get_context_data(**kwargs)[source]ΒΆ
Add heading context.
- Parameters:
kwargs (Any)
- Return type:
dict[str, Any]
- form_valid(form)[source]ΒΆ
Save the OwnerCredentialModel with its EST onboarding configuration.
Creates the
OwnerCredentialModelwith all remote-endpoint fields and redirects to the truststore-association step, mirroring the no-onboarding workflow.- Parameters:
form (pki.forms.OwnerCredentialAddRequestEstOnboardingForm)
- Return type:
django.http.HttpResponse
- class pki.views.owner_credentials.OwnerCredentialTruststoreAssociationView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.OwnerCredentialTruststoreAssociationForm]View for associating a TLS truststore with a DevOwnerID EST no-onboarding configuration.
- get_owner_credential()[source]ΒΆ
Get the OwnerCredentialModel from the URL pk.
- Return type:
pki.models.OwnerCredentialModel
- get_form_kwargs()[source]ΒΆ
Pass the OwnerCredentialModel instance to the form.
- Return type:
dict[str, Any]
- post(request, *args, **kwargs)[source]ΒΆ
Handle both association and truststore-import form submissions.
- Parameters:
request (django.http.HttpRequest)
args (Any)
kwargs (Any)
- Return type:
django.http.HttpResponse
- class pki.views.owner_credentials.OwnerCredentialCLMView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,django.views.generic.detail.DetailView[pki.models.OwnerCredentialModel]Certificate Lifecycle Management view for a DevOwnerID credential.
- class pki.views.owner_credentials.OwnerCredentialBulkDeleteConfirmView[source]ΒΆ
Bases:
OwnerCredentialContextMixin,trustpoint.views.base.BulkDeleteViewView to confirm the deletion of multiple owner credentials.
- class pki.views.owner_credentials.IssuedCredentialDeleteView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.detail.DetailView[pki.models.RemoteIssuedCredentialModel]Confirm and delete a single RemoteIssuedCredentialModel (DEV_OWNER_ID or DOMAIN_CREDENTIAL).
Only credentials owned by an
OwnerCredentialModelare accessible via this view. The parentOwnerCredentialModelis resolved from the URLowner_pkparameter so the back-link can always return to the correct CLM page.- dispatch(request, *args, **kwargs)[source]ΒΆ
Verify the RemoteIssuedCredential belongs to the given OwnerCredential.
- Parameters:
request (django.http.HttpRequest)
args (Any)
kwargs (Any)
- Return type:
django.http.HttpResponse
- get_object(queryset=None)[source]ΒΆ
Return the pre-fetched issued credential.
- Parameters:
queryset (Any)
- Return type:
pki.models.RemoteIssuedCredentialModel
- class pki.views.owner_credentials.OwnerCredentialDefineCertContentEstView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.CertificateIssuanceForm]Step 1 - Define the certificate content for a new DevOwnerID EST enrollment.
On every GET/POST a fresh EC P-256 key pair is generated and a key-only
IssuedCredentialModel(typeDEV_OWNER_ID) is created. Its primary key is stored in the session together with the certificate content so that Step 2 can fetch exactly this credential.Loads the selected certificate profile (defaulting to
dev_owner_id), renders theCertificateIssuanceForm, and stores the validated field values in the session underdev_owner_id_cert_content_<pk>.- available_profiles: list[pki.models.cert_profile.CertificateProfileModel][source]ΒΆ
- dispatch(request, *args, **kwargs)[source]ΒΆ
Resolve the OwnerCredentialModel and the selected certificate profile.
On each visit a fresh key-only RemoteIssuedCredentialModel is created. If there is already a pending (certificate-less) credential from a previous visit its pk is reused so we do not accumulate orphan credentials.
- Parameters:
request (django.http.HttpRequest)
args (Any)
kwargs (Any)
- Return type:
django.http.HttpResponse
- get_context_data(**kwargs)[source]ΒΆ
Add owner credential, profile and profile list to template context.
- Parameters:
kwargs (Any)
- Return type:
dict[str, Any]
- class pki.views.owner_credentials.OwnerCredentialRequestCertEstView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.detail.DetailView[pki.models.OwnerCredentialModel]Step 2 - Review and trigger the EST enrollment for a new DevOwnerID certificate.
Reads the certificate content stored by
OwnerCredentialDefineCertContentEstView, builds a CSR using thedev_owner_idprofile, signs it with the existing DevOwnerID key, sends it to the configured EST server and stores the issued certificate back in theIssuedCredentialModel.
- class pki.views.owner_credentials.OwnerCredentialDefineCertContentDomainCredentialEstView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.edit.FormView[pki.forms.CertificateIssuanceForm]Step 1 - Define the certificate content for a new Domain Credential EST enrollment.
Only available for REMOTE_EST_ONBOARDING owner credentials. The user can select any available certificate profile via a dropdown. Defaults to
devownerid_domain_credentialwhen present.- available_profiles: list[pki.models.cert_profile.CertificateProfileModel][source]ΒΆ
- dispatch(request, *args, **kwargs)[source]ΒΆ
Resolve the OwnerCredentialModel and the selected certificate profile.
- Parameters:
request (django.http.HttpRequest)
args (Any)
kwargs (Any)
- Return type:
django.http.HttpResponse
- get_context_data(**kwargs)[source]ΒΆ
Add owner credential, profile and profile list to template context.
- Parameters:
kwargs (Any)
- Return type:
dict[str, Any]
- class pki.views.owner_credentials.OwnerCredentialRequestDomainCredentialEstView[source]ΒΆ
Bases:
trustpoint.logger.LoggerMixin,OwnerCredentialContextMixin,django.views.generic.detail.DetailView[pki.models.OwnerCredentialModel]Step 2 - Review and trigger the EST enrollment for a new Domain Credential.
Uses
remote_path_domain_credentialfrom OwnerCredentialModel,trust_storefrom OnboardingConfigModel,est_usernamefrom OwnerCredentialModel,est_passwordfrom OnboardingConfigModel.