azure-cli
Version:
Microsoft Azure Cross Platform Command Line tool
1,058 lines (442 loc) • 83.3 kB
JavaScript
/*** Generated by streamline 0.10.17 (callbacks) - DO NOT EDIT ***/ "use strict"; var __rt=require('streamline/lib/callbacks/runtime').runtime(__filename, false),__func=__rt.__func,__cb=__rt.__cb,__catch=__rt.__catch,__tryCatch=__rt.__tryCatch; var util = require("util");
var fs = require("fs");
var profile = require("../../../util/profile");
var utils = require("../../../util/utils");
var kvUtils = require("./kv-utils");
var jsonlint = require("jsonlint");
var $ = utils.getLocaleString;
var ENCODINGS = ["base64",];
var KEY_TYPES = ["RSA","RSA-HSM",];
var SECRET_CONTENT_TYPES = ["application/x-pkcs12","application/x-pem-file",];
exports.init = function(cli) {
var log = cli.output;
var certificate = cli.category("keyvault").category("certificate").description($("Commands to manage certificates in the Azure Key Vault service"));
certificate.command("list [vault-name]").description($("Lists certificates of a vault")).usage("[options] <vault-name>").option("-u, --vault-name <vault-name>", $("the vault name")).execute(function __1(vaultName, options, _) { var client, certificates, progress, result; var __frame = { name: "__1", line: 45 }; return __func(_, this, arguments, __1, 2, __frame, function __$__1() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
certificates = [];
progress = cli.interaction.progress(util.format($("Loading certificates of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__1() {
return client.getCertificates(options.vaultUri, __cb(_, __frame, 26, 28, function ___(__0, __1) { result = __1; return (function __$__1(__then) {
if (result) {
certificates = result; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__1() { __more = false;
var __4 = (result && result.nextLink); if (__4) {
log.verbose(util.format($("Found %d certificates, loading more"), certificates.length));
return client.getCertificatesNext(result.nextLink, __cb(_, __frame, 32, 28, function ___(__0, __2) { result = __2;
if (result) {
certificates = certificates.concat(result); } ; while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(__then); } else { __then(); } ; })(function __$__1() { _(null, null, true); }); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__1() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__1() {
log.table(certificates, showCertificateRow);
log.info(util.format($("Found %d certificates"), certificates.length)); _(); }); }); }); });
certificate.command("list-versions [vault-name] [certificate-name]").description($("Lists certificate versions")).usage("[options] <vault-name> [certificate-name]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("lists only versions of this certificate")).execute(function __2(vaultName, certificateName, options, _) { var client, certificates, certificateIdentifier, certificateVersions, progress, result, i, j; var __frame = { name: "__2", line: 97 }; return __func(_, this, arguments, __2, 3, __frame, function __$__2() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options); return (function __$__2(__then) {
if (!options.certificateName) {
certificates = [];
progress = cli.interaction.progress(util.format($("Loading certificates of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__2() {
return client.getCertificates(options.vaultUri, __cb(_, __frame, 32, 30, function ___(__0, __1) { result = __1; return (function __$__2(__then) {
if ((result && result.length)) {
i = 0; var __8 = false; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__2() { __more = false; if (__8) { ++i; } else { __8 = true; } ; var __7 = (i < result.length); if (__7) {
certificateIdentifier = kvUtils.parseCertificateIdentifier(result[i].id);
return getCertificateVersions(client, certificateIdentifier.vaultUri, certificateIdentifier.name, __cb(_, __frame, 36, 36, function ___(__0, __2) { certificateVersions = __2;
certificates = certificates.concat(certificateVersions); while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(function __$__2() { return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__2() { __more = false;
var __10 = (result && result.nextLink); if (__10) {
log.verbose(util.format($("Found %d certificates, loading more"), certificates.length));
return client.getCertificatesNext(result.nextLink, __cb(_, __frame, 42, 30, function ___(__0, __3) { result = __3; return (function __$__2(__then) {
if ((result && result.length)) {
j = 0; var __13 = false; return (function ___(__break) { var __more; var __loop = __cb(_, __frame, 0, 0, function __$__2() { __more = false; if (__13) { ++j; } else { __13 = true; } ; var __12 = (j < result.length); if (__12) {
certificateIdentifier = kvUtils.parseCertificateIdentifier(result[j].id);
return getCertificateVersions(client, certificateIdentifier.vaultUri, certificateIdentifier.name, __cb(_, __frame, 46, 40, function ___(__0, __4) { certificateVersions = __4;
certificates = certificates.concat(certificateVersions); while (__more) { __loop(); }; __more = true; }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(__then); } else { __then(); } ; })(function __$__2() { while (__more) { __loop(); }; __more = true; }); }, true)); } else { __break(); } ; }); do { __loop(); } while (__more); __more = true; })(__then); }); } else { __then(); } ; })(function __$__2() { _(null, null, true); }); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__2() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, __then); }); } else {
progress = cli.interaction.progress(util.format($("Loading certificates of vault %s"), options.vaultUri)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__2() {
return getCertificateVersions(client, options.vaultUri, options.certificateName, __cb(_, __frame, 58, 25, function ___(__0, __5) { certificates = __5; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__2() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, __then); }); } ; })(function __$__2() {
log.table(certificates, showCertificateRow);
log.info(util.format($("Found %d certificates"), certificates.length)); _(); }); }); });
certificate.command("show [vault-name] [certificate-name] [certificate-version]").description($("Shows a vault certificate")).usage("[options] <vault-name> <certificate-name> [certificate-version]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-r, --certificate-version <certificate-version>", $("the certificate version; if omited, uses the most recent")).execute(function __3(vaultName, certificateName, certificateVersion, options, _) { var client, certificateIdentifier, progress; var __frame = { name: "__3", line: 172 }; return __func(_, this, arguments, __3, 4, __frame, function __$__3() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
certificateVersion: certificateVersion,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
options.certificateVersion = (options.certificateVersion || certificateVersion);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
certificateIdentifier = getCertificateIdentifier(options);
progress = cli.interaction.progress(util.format($("Getting certificate %s"), certificateIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__3() {
return client.getCertificate(certificateIdentifier, __cb(_, __frame, 35, 29, function ___(__0, __1) { certificate = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__3() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__3() {
showCertificate(options, certificate); _(); }); }); }); });
certificate.command("get [vault-name] [certificate-name] [certificate-version] [file]").description($("Downloads a certificate from the vault")).usage("[options] <vault-name> <certificate-name> [certificate-version] <file>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-r, --certificate-version <certificate-version>", $("the certificate version; if omited, uses the most recent")).option("--file <file>", $("the file to receive certificate contents; the file must not exist otherwise the command fails")).option("--encode <encoding>", util.format($("tells to write a file by encoding certificate contents with the informed encoding; valid values: [%s]"), ENCODINGS.join(", "))).execute(function __4(vaultName, certificateName, certificateVersion, file, options, _) { var client, certificateIdentifier, progress, data; var __frame = { name: "__4", line: 223 }; return __func(_, this, arguments, __4, 5, __frame, function __$__4() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
certificateVersion: certificateVersion,
file: file,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
options.certificateVersion = (options.certificateVersion || certificateVersion);
options.file = (options.file || file);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
if (!options.file) {
return _(null, cli.missingArgument("file")); } ;
if (options.encode) {
options.encodeFile = kvUtils.parseEnumArgument("encode", options.encodeFile, ENCODINGS); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
certificateIdentifier = getCertificateIdentifier(options);
progress = cli.interaction.progress(util.format($("Getting certificate %s"), certificateIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__4() {
return client.getCertificate(certificateIdentifier, __cb(_, __frame, 45, 29, function ___(__0, __1) { certificate = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__4() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__4() {
log.info(util.format($("Writing certificate to %s"), options.file));
data = certificate.cer;
if ((options.encode === "base64")) {
data = kvUtils.bufferToBase64(certificate.cer); } ;
fs.writeFileSync(options.file, data, { flag: "wx" }); _(); }); }); }); });
certificate.command("create [vault-name] [certificate-name]").description($("Creates a certificate in the vault")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-p --certificate-policy <certificate-policy>", $("a JSON-formatted string containing the certificate policy.")).fileRelatedOption("-e --certificate-policy-file <certificate-policy-file>", $("a file containing the certificate policy. Mutually exlcusive with --certificate-policy.")).option("-t, --tags <tags>", $("Tags to set on the certificate. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).execute(function __5(vaultName, certificateName, options, _) { var certificatePolicyOptions, certificatePolicyOptionsProvided, certificatePolicy, jsonFile, client, certificateOperation, progress; var __frame = { name: "__5", line: 291 }; return __func(_, this, arguments, __5, 3, __frame, function __$__5() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
certificatePolicyOptions = [options.certificatePolicy,options.certificatePolicyFile,];
certificatePolicyOptionsProvided = certificatePolicyOptions.filter(function(value) { return (value !== undefined); }).length;
if ((certificatePolicyOptionsProvided > 1)) {
return _(new Error($("Specify exactly one of the --certificate-policy, or --certificate-policy-file options."))); } ;
if (options.certificatePolicyFile) {
jsonFile = fs.readFileSync(options.certificatePolicyFile);
certificatePolicy = jsonlint.parse(utils.stripBOM(jsonFile)); } else {
if (options.certificatePolicy) {
certificatePolicy = jsonlint.parse(options.certificatePolicy); } ; } ;
options.tags = kvUtils.parseTagsArgument("tags", options.tags);
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Creating certificate %s in vault %s"), options.certificateName, options.vaultName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__5() {
return client.createCertificate(options.vaultUri, options.certificateName, { certificatePolicy: certificatePolicy, tags: options.tags }, __cb(_, __frame, 53, 38, function ___(__0, __1) { certificateOperation = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__5() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__5() {
showCertificateOperation(options, certificateOperation); _(); }); }); }); });
certificate.command("import [vault-name] [certificate-name]").description($("Imports a certificate into the vault")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-b --content <content>", $("a base64 encoded string containing the certificate and private key (optional) to be imported")).fileRelatedOption("-e --content-file <content-file>", $("a file containing the certificate and private key (optional) to be imported")).option("--content-file-binary <boolean>", $("indicates if the content file is binary. valid values: [false, true]. default is false.")).option("-d, --password <password>", $("password of the file if it contains a encrypted private key")).option("-p --certificate-policy <certificate-policy>", $("a JSON-formatted string containing the certificate policy.")).fileRelatedOption("-e --certificate-policy-file <certificate-policy-file>", $("a file containing the certificate policy. Mutually exlusive with --certificate-policy.")).option("-t, --tags <tags>", $("Tags to set on the certificate. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).execute(function __6(vaultName, certificateName, options, _) { var contentOptions, contentOptionsProvided, certificateContent, contentFile, certificatePolicyOptions, certificatePolicyOptionsProvided, certificatePolicy, jsonFile, client, certificate, progress; var __frame = { name: "__6", line: 364 }; return __func(_, this, arguments, __6, 3, __frame, function __$__6() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
options.tags = kvUtils.parseTagsArgument("tags", options.tags);
contentOptions = [options.content,options.contentFile,];
contentOptionsProvided = contentOptions.filter(function(value) { return (value !== undefined); }).length;
if ((contentOptionsProvided > 1)) {
return _(new Error($("Specify exactly one of the --content, or --content-file options."))); } ;
if (options.contentFile) {
options.contentFileBinary = kvUtils.parseBooleanArgument("content-file-binary", options.contentFileBinary, false);
if (options.contentFileBinary) {
contentFile = fs.readFileSync(options.contentFile);
certificateContent = kvUtils.bufferToBase64(contentFile); }
else {
contentFile = fs.readFileSync(options.contentFile, "UTF-8");
certificateContent = contentFile; } ; } else {
if (options.content) {
certificateContent = options.content; } ; } ;
certificatePolicyOptions = [options.certificatePolicy,options.certificatePolicyFile,];
certificatePolicyOptionsProvided = certificatePolicyOptions.filter(function(value) { return (value !== undefined); }).length;
if ((certificatePolicyOptionsProvided > 1)) {
return _(new Error($("Specify exactly one of the --certificate-policy, or --certificate-policy-file options."))); } ;
if (options.certificatePolicyFile) {
jsonFile = fs.readFileSync(options.certificatePolicyFile);
certificatePolicy = jsonlint.parse(utils.stripBOM(jsonFile)); } else {
if (options.certificatePolicy) {
certificatePolicy = jsonlint.parse(options.certificatePolicy); } ; } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Importing certificate %s in vault %s"), options.certificateName, options.vaultName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__6() {
return client.importCertificate(options.vaultUri, options.certificateName, certificateContent, { password: options.password, certificatePolicy: certificatePolicy, tags: options.tags }, __cb(_, __frame, 78, 29, function ___(__0, __1) { certificate = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__6() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__6() {
showCertificate(options, certificate); _(); }); }); }); });
certificate.command("merge [vault-name] [certificate-name] [content]").description($("Merges certificate(s)into the vault")).usage("[options] <vault-name> <certificate-name> <content>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-b --content <content>", $("certificate chain to merge; must be JSON-encoded array of base64 encoded certificate")).option("-t, --tags <tags>", $("Tags to set on the certificate. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).execute(function __7(vaultName, certificateName, content, options, _) { var i, client, certificate, progress; var __frame = { name: "__7", line: 457 }; return __func(_, this, arguments, __7, 4, __frame, function __$__7() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
content: content,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
options.content = (options.content || content);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
if (!options.content) {
return _(null, cli.missingArgument("content")); } ;
options.tags = kvUtils.parseTagsArgument("tags", options.tags);
options.content = kvUtils.validateArrayArgument("content", options.content);
for (i = 0; (i < options.content.length); ++i) {
options.content[i] = new Buffer(options.content[i], "base64"); };
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Merging certificate %s in vault %s"), options.certificateName, options.vaultName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__7() {
return client.mergeCertificate(options.vaultUri, options.certificateName, options.content, { tags: options.tags }, __cb(_, __frame, 45, 29, function ___(__0, __1) { certificate = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__7() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__7() {
showCertificate(options, certificate); _(); }); }); }); });
certificate.command("set-attributes [vault-name] [certificate-name] [certificate-version]").description($("Changes attributes of an existing certificate")).usage("[options] <vault-name> <certificate-name> [certificate-version]").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("name of the certificate to be modified")).option("-r, --certificate-version <certificate-version>", $("the version to be modified; if omited, modifies only the most recent")).option("--enabled <boolean>", $("if informed, command will change the enabled state; valid values: [false, true]")).option("-t, --tags <tags>", $("Tags to set on the certificate. Can be multiple in the format 'name=value'. Name is required and value is optional. For example, -t tag1=value1;tag2")).option("--reset-tags", $("remove previously existing tags; can combined with --tags")).execute(function __8(vaultName, certificateName, certificateVersion, options, _) { var informed, client, certificateIdentifier, currentTags, request, progress; var __frame = { name: "__8", line: 519 }; return __func(_, this, arguments, __8, 4, __frame, function __$__8() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
certificateVersion: certificateVersion,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
options.certificateVersion = (options.certificateVersion || certificateName);
informed = {
enabled: (options.enabled || false),
tags: (options.tags || false),
resetTags: (options.resetTags || false) };
options.enabled = kvUtils.parseBooleanArgument("enabled", options.enabled, true);
options.tags = kvUtils.parseTagsArgument("tags", options.tags);
options.vaultUri = createVaultUri(options);
client = createClient(options);
certificateIdentifier = getCertificateIdentifier(options); return (function __$__8(__then) {
if (informed.tags) { return (function __$__8(__then) {
if (!informed.resetTags) {
log.info(util.format($("Getting certificate %s"), certificateIdentifier));
return client.getCertificate(certificateIdentifier, __cb(_, __frame, 36, 31, function ___(__0, __1) { certificate = __1;
currentTags = certificate.tags;
if (!currentTags) {
currentTags = { }; } ;
options.tags = kvUtils.mergeTags(currentTags, options.tags); __then(); }, true)); } else { __then(); } ; })(__then); } else {
if (informed.resetTags) {
informed.tags = true;
options.tags = { }; } ; __then(); } ; })(function __$__8() {
request = {
certificateAttributes: { } };
if (informed.enabled) { request.certificateAttributes.enabled = options.enabled; } ;
if (informed.tags) { request.tags = options.tags; } ;
progress = cli.interaction.progress(util.format($("Setting attributes on certificate %s"), certificateIdentifier)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__8() {
return client.updateCertificate(certificateIdentifier, request, __cb(_, __frame, 67, 29, function ___(__0, __2) { certificate = __2; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__8() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__8() { _(); }); }); }); }); });
certificate.command("delete [vault-name] [certificate-name]").description($("Deletes a certificate from the vault")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-q, --quiet", $("quiet mode (do not ask for delete confirmation)")).execute(function __9(vaultName, certificateName, options, _) { var client, certificate, progress; var __frame = { name: "__9", line: 598 }; return __func(_, this, arguments, __9, 3, __frame, function __$__9() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ; return (function __$__9(_) {
var __1 = !options.quiet; if (!__1) { return _(null, __1); } ; return cli.interaction.confirm(util.format($("Delete certificate %s from vault %s? [y/n] "), options.certificateName, options.vaultName), __cb(_, __frame, 23, 45, function ___(__0, __3) { var __2 = !__3; return _(null, __2); }, true)); })(__cb(_, __frame, -597, 17, function ___(__0, __2) { return (function __$__9(__then) { if (__2) {
return _(new Error($("Aborted by user"))); } else { __then(); } ; })(function __$__9() {
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Deleting certificate %s in vault %s"), options.certificateName, options.vaultName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__9() {
return client.deleteCertificate(options.vaultUri, options.certificateName, __cb(_, __frame, 37, 29, function ___(__0, __3) { certificate = __3; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__9() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__9() {
showCertificate(options, certificate); _(); }); }); }); }, true)); }); });
var certificatePolicy = cli.category("keyvault").category("certificate").category("policy").description($("Commands to manage a certificate policy in the Azure Key Vault service"));
certificatePolicy.command("show [vault-name] [certificate-name]").description($("Shows a vault certificate policy")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).execute(function __10(vaultName, certificateName, options, _) { var client, certificatePolicy, progress; var __frame = { name: "__10", line: 651 }; return __func(_, this, arguments, __10, 3, __frame, function __$__10() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Getting policy for certificate %s"), options.certificateName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__10() {
return client.getCertificatePolicy(options.vaultUri, options.certificateName, __cb(_, __frame, 33, 35, function ___(__0, __1) { certificatePolicy = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__10() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__10() {
showCertificatePolicy(options, certificatePolicy); _(); }); }); }); });
certificatePolicy.command("get [vault-name] [certificate-name] [file]").description($("Gets a vault certificate policy")).usage("[options] <vault-name> <certificate-name> <file>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("--file <file>", $("the file to receive certificate policy contents; the file must not exist otherwise the command fails")).execute(function __11(vaultName, certificateName, file, options, _) { var client, certificatePolicy, progress; var __frame = { name: "__11", line: 698 }; return __func(_, this, arguments, __11, 4, __frame, function __$__11() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
file: file,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
options.file = (options.file || file);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Getting policy for certificate %s"), options.certificateName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__11() {
return client.getCertificatePolicy(options.vaultUri, options.certificateName, __cb(_, __frame, 35, 35, function ___(__0, __1) { certificatePolicy = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__11() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__11() {
fs.writeFileSync(options.file, JSON.stringify(certificatePolicy), { flag: "wx" }); _(); }); }); }); });
certificatePolicy.command("create [issuer-name] [subject-name] [file]").description($("Creates a new certificate policy JSON object. This policy object can be used as input to other certificate commands such as certificate create.")).usage("options <issuer-name> [subject-name] [file]").option("-i, --issuer-name <issuer-name>", $("issuer name")).option("-n, --subject-name <subject-name>", $("subject name")).option("--file <file>", $("the file to receive certificate policy object; the file must not exist otherwise the command fails")).option("-k, --key-type <key-type>", util.format($("tells if the key backing the certificate is software-protected or HSM-protected; valid values: [%s]"), KEY_TYPES.join(", "))).option("--reuse-key-on-renewal", $("indicates if the key should be reused on renewal; defaults to key is not reused")).option("--key-not-exportable", $("indicates if the key should not be exportable; defaults to key is exportable")).option("-t, --secret-content-type <secret-content-type>", util.format($("secret content type; valid values: [%s]"), SECRET_CONTENT_TYPES.join(", "))).option("-d, --dns-names <dns-name>", $("subject alternative dns names; must be JSON-encoded array of strings")).option("-e, --ekus <ekus>", $("extended key usages; must be JSON-encoded array of strings")).option("-m, --validity-in-months <validity-in-months>", $("validity of the certificate in months")).option("-c, --certificate-type <certificate-type>", $("Type of certificate to be requested from the issuer")).option("--renew-days-before-expiry <renew-days-before-expiry>", $("number of days before expiry to automatically renew the certificate")).option("--renew-at-percentage-lifetime <renew-at-percentage-lifetime>", $("lifetime percentage at which automatically renew the certificate")).option("--email-days-before-expiry <email-days-before-expiry>", $("number of days before expiry to send notification")).option("--email-at-percentage-lifetime <email-at-percentage-lifetime>", $("lifetime percentage at which send notification")).execute(function __12(issuerName, subjectName, file, options, _) { var policy, lifetimeActionOptions, lifetimeActionOptionsProvided; var __frame = { name: "__12", line: 760 }; return __func(_, this, arguments, __12, 4, __frame, function __$__12() {
log.verbose(("arguments: " + JSON.stringify({
issuerName: issuerName,
subjectName: subjectName,
file: file,
options: options })));
options.issuerName = (options.issuerName || issuerName);
options.subjectName = (options.subjectName || subjectName);
options.file = (options.file || file);
if (!options.issuerName) {
return _(new Error(util.format($("Issuer name must be provided")))); } ;
policy = {
keyProperties: {
exportable: !options.keyNotExportable,
reuseKey: options.reuseKeyOnRenewal },
x509CertificateProperties: { },
issuerParameters: {
name: options.issuerName,
certificateType: options.certificateType } };
if (options.keyType) {
if (!KEY_TYPES.some(function(e) { return (e.toUpperCase() === options.keyType.toUpperCase()); })) {
return _(new Error(util.format($("Invalid value for key type argument. Accepted values are: %s"), KEY_TYPES.join(", ")))); } ;
policy.keyProperties.keyType = options.keyType.toUpperCase(); } ;
if (options.secretContentType) {
if (!SECRET_CONTENT_TYPES.some(function(e) { return (e === options.secretContentType); })) {
return _(new Error(util.format($("Invalid value for secret content type argument. Accepted values are: %s"), SECRET_CONTENT_TYPES.join(", ")))); } ;
policy.secretProperties = {
contentType: options.secretContentType }; } ;
if ((!options.subjectName && !options.dnsNames)) {
return _(new Error(util.format($("Either subject name or dns names must be provided")))); } ;
if (options.subjectName) {
policy.x509CertificateProperties.subject = options.subjectName; } ;
if (options.dnsNames) {
options.dnsNames = kvUtils.validateArrayArgument("dns-names", options.dnsNames);
policy.x509CertificateProperties.subjectAlternativeNames = {
dnsNames: options.dnsNames }; } ;
if (options.ekus) {
options.ekus = kvUtils.validateArrayArgument("ekus", options.ekus);
policy.x509CertificateProperties.ekus = options.ekus; } ;
if (options.validityInMonths) {
options.validityInMonths = kvUtils.parseIntegerArgument("validity-in-months", options.validityInMonths);
policy.x509CertificateProperties.validityInMonths = options.validityInMonths; } ;
lifetimeActionOptions = [options.renewDaysBeforeExpiry,options.renewAtPercentageLifetime,options.emailDaysBeforeExpiry,options.emailAtPercentageLifetime,];
lifetimeActionOptionsProvided = lifetimeActionOptions.filter(function(value) { return (value !== undefined); }).length;
if ((lifetimeActionOptionsProvided > 1)) {
return _(new Error($("Specify exactly one of the --renew-days-before-expiry, --renew-at-percentage-lifetime, --email-days-before-expiry, or --email-at-percentage-lifetime options."))); } ;
if (options.renewDaysBeforeExpiry) {
policy.lifetimeActions = [{
trigger: {
daysBeforeExpiry: options.renewDaysBeforeExpiry },
action: {
actionType: "AutoRenew" } },]; } ;
if (options.renewAtPercentageLifetime) {
policy.lifetimeActions = [{
trigger: {
lifetimePercentage: options.renewAtPercentageLifetime },
action: {
actionType: "AutoRenew" } },]; } ;
if (options.emailDaysBeforeExpiry) {
policy.lifetimeActions = [{
trigger: {
daysBeforeExpiry: options.emailDaysBeforeExpiry },
action: {
actionType: "EmailContacts" } },]; } ;
if (options.emailAtPercentageLifetime) {
policy.lifetimeActions = [{
trigger: {
lifetimePercentage: options.emailAtPercentageLifetime },
action: {
actionType: "EmailContacts" } },]; } ;
if (options.file) {
fs.writeFileSync(options.file, JSON.stringify(policy), { flag: "wx" }); }
else {
showCertificatePolicy(options, policy); } ; _(); }); });
certificatePolicy.command("set [vault-name] [certificate-name]").description($("Sets a vault certificate policy")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-p --certificate-policy <certificate-policy>", $("a JSON-formatted string containing the certificate policy")).fileRelatedOption("-e --certificate-policy-file <certificate-policy-file>", $("a file containing the certificate policy.Mutually exlcusive with --certificate-policy.")).execute(function __13(vaultName, certificateName, options, _) { var certificatePolicyOptions, certificatePolicyOptionsProvided, certificatePolicy, jsonFile, client, progress; var __frame = { name: "__13", line: 906 }; return __func(_, this, arguments, __13, 3, __frame, function __$__13() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
certificatePolicyOptions = [options.certificatePolicy,options.certificatePolicyFile,];
certificatePolicyOptionsProvided = certificatePolicyOptions.filter(function(value) { return (value !== undefined); }).length;
if ((certificatePolicyOptionsProvided > 1)) {
return _(new Error($("Specify exactly one of the --certificate-policy, or --certificate-policy-file options."))); } else {
if ((certificatePolicyOptionsProvided === 0)) {
return _(new Error($("One of the --certificate-policy, or --certificate-policy-file options is required."))); } ; } ;
if (options.certificatePolicyFile) {
jsonFile = fs.readFileSync(options.certificatePolicyFile);
certificatePolicy = jsonlint.parse(utils.stripBOM(jsonFile)); }
else {
certificatePolicy = jsonlint.parse(options.certificatePolicy); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Updating policy for certificate %s"), options.certificateName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__13() {
return client.updateCertificatePolicy(options.vaultUri, options.certificateName, certificatePolicy, __cb(_, __frame, 52, 35, function ___(__0, __1) { certificatePolicy = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__13() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__13() {
showCertificatePolicy(options, certificatePolicy); _(); }); }); }); });
var certificateOperation = cli.category("keyvault").category("certificate").category("operation").description($("Commands to manage certificate operations in the Azure Key Vault service"));
certificateOperation.command("show [vault-name] [certificate-name]").description($("Shows a vault certificate operation")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).execute(function __14(vaultName, certificateName, options, _) { var client, certificateOperation, progress; var __frame = { name: "__14", line: 974 }; return __func(_, this, arguments, __14, 3, __frame, function __$__14() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ;
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Getting operation for certificate %s"), options.certificateName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__14() {
return client.getCertificateOperation(options.vaultUri, options.certificateName, __cb(_, __frame, 33, 38, function ___(__0, __1) { certificateOperation = __1; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__14() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then(); } else { _(__e, __r); }; }); }); }); })(function ___() { __tryCatch(_, function __$__14() {
showCertificateOperation(options, certificateOperation); _(); }); }); }); });
certificateOperation.command("cancel [vault-name] [certificate-name]").description($("Cancels a vault certificate operation")).usage("[options] <vault-name> <certificate-name>").option("-u, --vault-name <vault-name>", $("the vault name")).option("-c, --certificate-name <certificate-name>", $("the certificate name")).option("-q, --quiet", $("quiet mode (do not ask for cancel confirmation)")).execute(function __15(vaultName, certificateName, options, _) { var client, certificateOperation, progress; var __frame = { name: "__15", line: 1021 }; return __func(_, this, arguments, __15, 3, __frame, function __$__15() {
log.verbose(("arguments: " + JSON.stringify({
vaultName: vaultName,
certificateName: certificateName,
options: options })));
options.vaultName = (options.vaultName || vaultName);
options.certificateName = (options.certificateName || certificateName);
if (!options.vaultName) {
return _(null, cli.missingArgument("vault-name")); } ;
if (!options.certificateName) {
return _(null, cli.missingArgument("certificate-name")); } ; return (function __$__15(_) {
var __1 = !options.quiet; if (!__1) { return _(null, __1); } ; return cli.interaction.confirm(util.format($("Cancel certificate operation for certificate %s from vault %s? [y/n] "), options.certificateName, options.vaultName), __cb(_, __frame, 23, 45, function ___(__0, __3) { var __2 = !__3; return _(null, __2); }, true)); })(__cb(_, __frame, -1020, 17, function ___(__0, __2) { return (function __$__15(__then) { if (__2) {
return _(new Error($("Aborted by user"))); } else { __then(); } ; })(function __$__15() {
options.vaultUri = createVaultUri(options);
client = createClient(options);
progress = cli.interaction.progress(util.format($("Cancelling operation for certificate %s"), options.certificateName)); return (function ___(__then) { (function ___(_) { __tryCatch(_, function __$__15() {
return client.updateCertificateOperation(options.vaultUri, options.certificateName, { cancellationRequested: true }, __cb(_, __frame, 35, 38, function ___(__0, __3) { certificateOperation = __3; _(null, null, true); }, true)); }); })(function ___(__e, __r, __cont) { (function ___(__then) { __tryCatch(_, function __$__15() {
progress.end(); __then(); }); })(function ___() { __tryCatch(_, function ___() { if (__cont) { __then