feat: Add the ability to use OAuth2 to authenticate to the REST API

fix: All dunder variables with single
fix: Missing DomainControlValidation in module init
feat: Add unit tests for new class
chore: Update support files
feat: Update README
chore: Update Poetry and the package version
feat: Add a mise.toml file

Author: coreone

.bumpversion.cfg

@@ -1,6 +1,6 @@
 [bumpversion]
 commit = True
-current_version = 2.4.0
+current_version = 3.0.0
 tag = True
 tag_name = {new_version}
 

.editorconfig

@@ -10,16 +10,16 @@ indent_style = space
 insert_final_newline = true
 trim_trailing_whitespace = true
 
-[*.md]
-indent_size = 2
-indent_style = space
-
 [LICENSE.txt]
 insert_final_newline = false
 
 [*.{diff,patch}]
 trim_trailing_whitespace = false
 
-[*.{json,yaml,yml}]
+[*.{json,md,yaml,yml}]
+indent_size = 2
+indent_style = space
+
+[.{prettierrc,yamllint}]
 indent_size = 2
 indent_style = space

.github/release.yaml

@@ -0,0 +1,26 @@
+---
+changelog:
+  exclude:
+    labels:
+      - duplicate
+      - ignore-for-release
+      - invalid
+      - maintenance
+      - question
+      - wontfix
+  categories:
+    - title: Breaking Changes 🛠
+      labels:
+        - backwards-incompatible
+        - breaking
+    - title: Fixed Bugs 🐛
+      labels:
+        - bug
+        - fix
+    - title: Exciting New Features 🎉
+      labels:
+        - enhancement
+        - feature
+    - title: 👒 Dependencies
+      labels:
+        - dependencies

.pre-commit-config.yaml

@@ -17,7 +17,7 @@ repos:
           - --allow-missing-credentials
       - id: detect-private-key
       - id: end-of-file-fixer
-        exclude: '.bumpversion.cfg'
+        exclude: ".bumpversion.cfg"
       - id: mixed-line-ending
       - id: name-tests-test
         args:

cert_manager/__init__.py

@@ -3,7 +3,8 @@
 from ._helpers import PendingError
 from .acme import ACMEAccount
 from .admin import Admin
-from .client import Client
+from .client import Client, OAuth2Client
+from .dcv import DomainControlValidation
 from .domain import Domain
 from .organization import Organization
 from .person import Person
@@ -12,5 +13,16 @@
 from .ssl import SSL
 
 __all__ = [
-    "ACMEAccount", "Admin", "Client", "Domain", "Organization", "PendingError", "Person", "Report", "SMIME", "SSL"
+    "ACMEAccount",
+    "Admin",
+    "Client",
+    "Domain",
+    "DomainControlValidation",
+    "OAuth2Client",
+    "Organization",
+    "PendingError",
+    "Person",
+    "Report",
+    "SMIME",
+    "SSL",
 ]

cert_manager/__version__.py

@@ -3,4 +3,4 @@
 __title__ = "cert_manager"
 __description__ = "Python interface to the Sectigo Certificate Manager REST API"
 __url__ = "https://github.com/broadinstitute/python-cert_manager"
-__version__ = "2.4.0"
+__version__ = "3.0.0"

cert_manager/_certificates.py

@@ -39,9 +39,9 @@ def __init__(self, client, endpoint, api_version="v1"):
         super().__init__(client=client, endpoint=endpoint, api_version=api_version)
 
         # Set to None initially.  Will be filled in by methods later.
-        self.__cert_types = None
-        self.__custom_fields = None
-        self.__reason_maxlen = 512
+        self._cert_types = None
+        self._custom_fields = None
+        self._reason_maxlen = 512
 
     @property
     def types(self):
@@ -51,19 +51,19 @@ def types(self):
         """
         # Only go to the API if we haven't done the API call yet, or if someone
         # specifically wants to refresh the internal cache
-        if not self.__cert_types:
+        if not self._cert_types:
             url = self._url("/types")
             result = self._client.get(url)
 
             # Build a dictionary instead of a flat list of dictionaries
-            self.__cert_types = {}
+            self._cert_types = {}
             for res in result.json():
                 name = res["name"]
-                self.__cert_types[name] = {}
-                self.__cert_types[name]["id"] = res["id"]
-                self.__cert_types[name]["terms"] = res["terms"]
+                self._cert_types[name] = {}
+                self._cert_types[name]["id"] = res["id"]
+                self._cert_types[name]["terms"] = res["terms"]
 
-        return self.__cert_types
+        return self._cert_types
 
     @property
     def custom_fields(self):
@@ -73,13 +73,13 @@ def custom_fields(self):
         """
         # Only go to the API if we haven't done the API call yet, or if someone
         # specifically wants to refresh the internal cache
-        if not self.__custom_fields:
+        if not self._custom_fields:
             url = self._url("/customFields")
             result = self._client.get(url)
 
-            self.__custom_fields = result.json()
+            self._custom_fields = result.json()
 
-        return self.__custom_fields
+        return self._custom_fields
 
     def _validate_custom_fields(self, custom_fields):
         """Check the structure and contents of a list of custom fields dicts. Raise exceptions if validation fails.
@@ -230,8 +230,8 @@ def revoke(self, cert_id, reason=""):
         url = self._url(f"/revoke/{cert_id}")
 
         # Sectigo has a 512 character limit on the "reason" message, so catch that here.
-        if not reason or len(reason) >= self.__reason_maxlen:
-            raise ValueError(f"Sectigo limit: reason must be > 0 character and < {self.__reason_maxlen} characters")
+        if not reason or len(reason) >= self._reason_maxlen:
+            raise ValueError(f"Sectigo limit: reason must be > 0 character and < {self._reason_maxlen} characters")
 
         data = {"reason": reason}
 

cert_manager/acme.py

@@ -35,7 +35,7 @@ def __init__(self, client, api_version="v1"):
         """
         super().__init__(client=client, endpoint="/acme", api_version=api_version)
         self._api_url = self._url("/account")
-        self.__acme_accounts = None
+        self._acme_accounts = None
 
     def all(self, org_id, force=False):
         """Return a list of acme accounts from Sectigo.
@@ -45,15 +45,15 @@ def all(self, org_id, force=False):
 
         :return list: A list of dictionaries representing the acme accounts
         """
-        if (self.__acme_accounts) and (not force):
-            return self.__acme_accounts
+        if (self._acme_accounts) and (not force):
+            return self._acme_accounts
 
-        self.__acme_accounts = []
+        self._acme_accounts = []
         result = self.find(org_id)
         for acct in result:
-            self.__acme_accounts.append(acct)
+            self._acme_accounts.append(acct)
 
-        return self.__acme_accounts
+        return self._acme_accounts
 
     @paginate
     def find(self, org_id, **kwargs):

cert_manager/admin.py

@@ -25,7 +25,7 @@ def __init__(self, client, api_version="v1"):
         """
         super().__init__(client=client, endpoint="/admin", api_version=api_version)
 
-        self.__admins = None
+        self._admins = None
         self.all()
 
     def all(self, force=False):
@@ -35,14 +35,14 @@ def all(self, force=False):
 
         :return list: A list of dictionaries representing the admins
         """
-        if (self.__admins) and (not force):
-            return self.__admins
+        if (self._admins) and (not force):
+            return self._admins
 
         result = self._client.get(self._api_url)
 
-        self.__admins = result.json()
+        self._admins = result.json()
 
-        return self.__admins
+        return self._admins
 
     def create(self, login, email, forename, surname, password, credentials, **kwargs):  # noqa: PLR0913
         """Create a new administrator.