[Key Vault Certificates] Added missing parameters to createIssuer() and updateIssuer() requests. (Azure#29260)

* Updated the CertificateIssuer create and update methods in `CertificateAsyncClient` to ensure they send the `organizationId` and `enabled` parameters to the service.

* Updated tests.

* Updated test recordings.

* Updated CHANGELOG.

Author: vcolin7

sdk/keyvault/azure-security-keyvault-certificates/CHANGELOG.md

@@ -7,6 +7,7 @@
 ### Breaking Changes
 
 ### Bugs Fixed
+- Fixed an issue that caused the `organizationId` and `enabled` parameters not be sent to the Key Vault service when creating or updating a `CertificateIssuer`.
 
 ### Other Changes
 

sdk/keyvault/azure-security-keyvault-certificates/src/main/java/com/azure/security/keyvault/certificates/CertificateAsyncClient.java

@@ -34,6 +34,7 @@
 import com.azure.security.keyvault.certificates.implementation.CertificateService;
 import com.azure.security.keyvault.certificates.implementation.CertificateUpdateParameters;
 import com.azure.security.keyvault.certificates.implementation.Contacts;
+import com.azure.security.keyvault.certificates.implementation.IssuerAttributes;
 import com.azure.security.keyvault.certificates.implementation.IssuerCredentials;
 import com.azure.security.keyvault.certificates.implementation.OrganizationDetails;
 import com.azure.security.keyvault.certificates.models.CertificateContact;
@@ -1617,14 +1618,23 @@ Mono<Response<CertificateIssuer>> createIssuerWithResponse(CertificateIssuer iss
         context = context == null ? Context.NONE : context;
         CertificateIssuerSetParameters parameters = new CertificateIssuerSetParameters()
             .provider(issuer.getProvider())
-            .credentials(new IssuerCredentials().accountId(issuer.getAccountId()).password(issuer.getPassword()))
-            .organizationDetails(new OrganizationDetails().adminDetails(issuer.getAdministratorContacts()))
-            .credentials(new IssuerCredentials().password(issuer.getPassword()).accountId(issuer.getAccountId()));
-        return service.setCertificateIssuer(vaultUrl, apiVersion, ACCEPT_LANGUAGE, issuer.getName(), parameters, CONTENT_TYPE_HEADER_VALUE,
-            context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
-            .doOnRequest(ignored -> logger.verbose("Creating certificate issuer - {}",  issuer.getName()))
-            .doOnSuccess(response -> logger.verbose("Created the certificate issuer - {}", response.getValue().getName()))
-            .doOnError(error -> logger.warning("Failed to create the certificate issuer - {}", issuer.getName(), error));
+            .organizationDetails(new OrganizationDetails()
+                .id(issuer.getOrganizationId())
+                .adminDetails(issuer.getAdministratorContacts()))
+            .credentials(new IssuerCredentials()
+                .password(issuer.getPassword())
+                .accountId(issuer.getAccountId()))
+            .attributes(new IssuerAttributes()
+                .enabled(issuer.isEnabled()));
+
+        return service.setCertificateIssuer(vaultUrl, apiVersion, ACCEPT_LANGUAGE, issuer.getName(), parameters,
+            CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
+            .doOnRequest(ignored ->
+                logger.verbose("Creating certificate issuer - {}",  issuer.getName()))
+            .doOnSuccess(response ->
+                logger.verbose("Created the certificate issuer - {}", response.getValue().getName()))
+            .doOnError(error ->
+                logger.warning("Failed to create the certificate issuer - {}", issuer.getName(), error));
     }
 
     /**
@@ -1694,11 +1704,14 @@ public Mono<CertificateIssuer> getIssuer(String issuerName) {
 
     Mono<Response<CertificateIssuer>> getIssuerWithResponse(String issuerName, Context context) {
         context = context == null ? Context.NONE : context;
-        return service.getCertificateIssuer(vaultUrl, apiVersion, ACCEPT_LANGUAGE, issuerName, CONTENT_TYPE_HEADER_VALUE,
-            context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
-            .doOnRequest(ignored -> logger.verbose("Retrieving certificate issuer - {}",  issuerName))
-            .doOnSuccess(response -> logger.verbose("Retrieved the certificate issuer - {}", response.getValue().getName()))
-            .doOnError(error -> logger.warning("Failed to retreive the certificate issuer - {}", issuerName, error));
+        return service.getCertificateIssuer(vaultUrl, apiVersion, ACCEPT_LANGUAGE, issuerName,
+            CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
+            .doOnRequest(ignored ->
+                logger.verbose("Retrieving certificate issuer - {}",  issuerName))
+            .doOnSuccess(response ->
+                logger.verbose("Retrieved the certificate issuer - {}", response.getValue().getName()))
+            .doOnError(error ->
+                logger.warning("Failed to retreive the certificate issuer - {}", issuerName, error));
     }
 
     /**
@@ -1766,11 +1779,15 @@ public Mono<CertificateIssuer> deleteIssuer(String issuerName) {
 
     Mono<Response<CertificateIssuer>> deleteIssuerWithResponse(String issuerName, Context context) {
         context = context == null ? Context.NONE : context;
-        return service.deleteCertificateIssuer(vaultUrl, issuerName, apiVersion, ACCEPT_LANGUAGE, CONTENT_TYPE_HEADER_VALUE,
-            context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
-            .doOnRequest(ignored -> logger.verbose("Deleting certificate issuer - {}",  issuerName))
-            .doOnSuccess(response -> logger.verbose("Deleted the certificate issuer - {}", response.getValue().getName()))
-            .doOnError(error -> logger.warning("Failed to delete the certificate issuer - {}", issuerName, error));
+
+        return service.deleteCertificateIssuer(vaultUrl, issuerName, apiVersion, ACCEPT_LANGUAGE,
+            CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
+            .doOnRequest(ignored ->
+                logger.verbose("Deleting certificate issuer - {}",  issuerName))
+            .doOnSuccess(response ->
+                logger.verbose("Deleted the certificate issuer - {}", response.getValue().getName()))
+            .doOnError(error ->
+                logger.warning("Failed to delete the certificate issuer - {}", issuerName, error));
     }
 
 
@@ -1814,8 +1831,8 @@ PagedFlux<IssuerProperties> listPropertiesOfIssuers(Context context) {
 
     private Mono<PagedResponse<IssuerProperties>> listPropertiesOfIssuersFirstPage(Context context) {
         try {
-            return service.getCertificateIssuers(vaultUrl, DEFAULT_MAX_PAGE_RESULTS, apiVersion, ACCEPT_LANGUAGE, CONTENT_TYPE_HEADER_VALUE,
-                context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
+            return service.getCertificateIssuers(vaultUrl, DEFAULT_MAX_PAGE_RESULTS, apiVersion, ACCEPT_LANGUAGE,
+                CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
                 .doOnRequest(ignored -> logger.verbose("Listing certificate issuers - {}"))
                 .doOnSuccess(response -> logger.verbose("Listed certificate issuers - {}"))
                 .doOnError(error -> logger.warning("Failed to list certificate issuers - {}", error));
@@ -1833,11 +1850,15 @@ private Mono<PagedResponse<IssuerProperties>> listPropertiesOfIssuersFirstPage(C
      */
     private Mono<PagedResponse<IssuerProperties>> listPropertiesOfIssuersNextPage(String continuationToken, Context context) {
         try {
-            return service.getCertificateIssuers(vaultUrl, continuationToken, ACCEPT_LANGUAGE, CONTENT_TYPE_HEADER_VALUE,
-                context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
-                .doOnRequest(ignored -> logger.verbose("Listing next certificate issuers page - Page {} ", continuationToken))
-                .doOnSuccess(response -> logger.verbose("Listed next certificate issuers page - Page {} ", continuationToken))
-                .doOnError(error -> logger.warning("Failed to list next certificate issuers page - Page {} ", continuationToken, error));
+            return service.getCertificateIssuers(vaultUrl, continuationToken, ACCEPT_LANGUAGE,
+                CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
+                .doOnRequest(ignored ->
+                    logger.verbose("Listing next certificate issuers page - Page {} ", continuationToken))
+                .doOnSuccess(response ->
+                    logger.verbose("Listed next certificate issuers page - Page {} ", continuationToken))
+                .doOnError(error ->
+                    logger.warning("Failed to list next certificate issuers page - Page {} ", continuationToken,
+                        error));
         } catch (RuntimeException ex) {
             return monoError(logger, ex);
         }
@@ -1927,13 +1948,24 @@ Mono<Response<CertificateIssuer>> updateIssuerWithResponse(CertificateIssuer iss
         context = context == null ? Context.NONE : context;
         CertificateIssuerUpdateParameters updateParameters = new CertificateIssuerUpdateParameters()
             .provider(issuer.getProvider())
-            .organizationDetails(new OrganizationDetails().adminDetails(issuer.getAdministratorContacts()))
-            .credentials(new IssuerCredentials().password(issuer.getPassword()).accountId(issuer.getAccountId()));
-        return service.updateCertificateIssuer(vaultUrl, issuer.getName(), apiVersion, ACCEPT_LANGUAGE, updateParameters, CONTENT_TYPE_HEADER_VALUE,
-            context.addData(AZ_TRACING_NAMESPACE_KEY, KEYVAULT_TRACING_NAMESPACE_VALUE))
-            .doOnRequest(ignored -> logger.verbose("Updating certificate issuer - {}",  issuer.getName()))
-            .doOnSuccess(response -> logger.verbose("Updated up the certificate issuer - {}", response.getValue().getName()))
-            .doOnError(error -> logger.warning("Failed to updated the certificate issuer - {}", issuer.getName(), error));
+            .organizationDetails(new OrganizationDetails()
+                .id(issuer.getOrganizationId())
+                .adminDetails(issuer.getAdministratorContacts()))
+            .credentials(new IssuerCredentials()
+                .password(issuer.getPassword())
+                .accountId(issuer.getAccountId()))
+            .attributes(new IssuerAttributes()
+                .enabled(issuer.isEnabled()));
+
+        return service.updateCertificateIssuer(vaultUrl, issuer.getName(), apiVersion, ACCEPT_LANGUAGE,
+            updateParameters, CONTENT_TYPE_HEADER_VALUE, context.addData(AZ_TRACING_NAMESPACE_KEY,
+                KEYVAULT_TRACING_NAMESPACE_VALUE))
+            .doOnRequest(ignored ->
+                logger.verbose("Updating certificate issuer - {}",  issuer.getName()))
+            .doOnSuccess(response ->
+                logger.verbose("Updated up the certificate issuer - {}", response.getValue().getName()))
+            .doOnError(error ->
+                logger.warning("Failed to updated the certificate issuer - {}", issuer.getName(), error));
     }
 
     /**

sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTest.java

@@ -608,7 +608,7 @@ public void createIssuer(HttpClient httpClient, CertificateServiceVersion servic
         createIssuerRunner((issuer) -> {
             CertificateIssuer createdIssuer = certificateClient.createIssuer(issuer);
 
-            validateIssuer(issuer, createdIssuer);
+            assertTrue(issuerCreatedCorrectly(issuer, createdIssuer));
         });
     }
 
@@ -647,7 +647,7 @@ public void getCertificateIssuer(HttpClient httpClient, CertificateServiceVersio
             CertificateIssuer createdIssuer = certificateClient.createIssuer(issuer);
             CertificateIssuer retrievedIssuer = certificateClient.getIssuer(issuer.getName());
 
-            validateIssuer(issuer, retrievedIssuer);
+            assertTrue(issuerCreatedCorrectly(issuer, retrievedIssuer));
         });
     }
 
@@ -669,7 +669,7 @@ public void deleteCertificateIssuer(HttpClient httpClient, CertificateServiceVer
             CertificateIssuer createdIssuer = certificateClient.createIssuer(issuer);
             CertificateIssuer deletedIssuer = certificateClient.deleteIssuer(issuer.getName());
 
-            validateIssuer(issuer, deletedIssuer);
+            assertTrue(issuerCreatedCorrectly(issuer, deletedIssuer));
         });
     }
 
@@ -693,7 +693,7 @@ public void listCertificateIssuers(HttpClient httpClient, CertificateServiceVers
             for (CertificateIssuer issuer : certificateIssuersToList.values()) {
                 CertificateIssuer certificateIssuer = certificateClient.createIssuer(issuer);
 
-                validateIssuer(issuer, certificateIssuer);
+                assertTrue(issuerCreatedCorrectly(issuer, certificateIssuer));
             }
 
             for (IssuerProperties issuerProperties : certificateClient.listPropertiesOfIssuers()) {
@@ -708,6 +708,19 @@ public void listCertificateIssuers(HttpClient httpClient, CertificateServiceVers
         });
     }
 
+    @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
+    @MethodSource("getTestParameters")
+    public void updateIssuer(HttpClient httpClient, CertificateServiceVersion serviceVersion) {
+        createCertificateClient(httpClient, serviceVersion);
+
+        updateIssuerRunner((issuerToCreate, issuerToUpdate) -> {
+            CertificateIssuer createdIssuer = certificateClient.createIssuer(issuerToCreate);
+            CertificateIssuer updatedIssuer = certificateClient.updateIssuer(issuerToUpdate);
+
+            assertTrue(issuerUpdatedCorrectly(issuerToCreate, updatedIssuer));
+        });
+    }
+
     @ParameterizedTest(name = DISPLAY_NAME_WITH_ARGUMENTS)
     @MethodSource("getTestParameters")
     @SuppressWarnings("ArraysAsListWithZeroOrOneArgument")

sdk/keyvault/azure-security-keyvault-certificates/src/test/java/com/azure/security/keyvault/certificates/CertificateClientTestBase.java

@@ -375,6 +375,23 @@ void listCertificateIssuersRunner(Consumer<HashMap<String, CertificateIssuer>> t
         testRunner.accept(certificateIssuers);
     }
 
+    void updateIssuerRunner(BiConsumer<CertificateIssuer, CertificateIssuer> testRunner) {
+        String issuerName = testResourceNamer.randomName("testIssuer", 25);
+        final CertificateIssuer certificateIssuer = setupIssuer(issuerName);
+        final CertificateIssuer issuerForUpdate = new CertificateIssuer(issuerName, "Test")
+            .setAdministratorContacts(Arrays.asList(new AdministratorContact()
+                .setFirstName("otherFirst")
+                .setLastName("otherLast")
+                .setEmail("otherFirst.otherLast@hotmail.com")
+                .setPhone("67890")))
+            .setAccountId("otherIssuerAccountId")
+            .setEnabled(false)
+            .setOrganizationId("otherOrgId")
+            .setPassword("test456");
+
+        testRunner.accept(certificateIssuer, issuerForUpdate);
+    }
+
     @Test
     public abstract void setContacts(HttpClient httpClient, CertificateServiceVersion serviceVersion);
 
@@ -540,7 +557,7 @@ X509Certificate loadCerToX509Certificate(KeyVaultCertificateWithPolicy certifica
         return x509Certificate;
     }
 
-    Boolean validateIssuer(CertificateIssuer expected, CertificateIssuer actual) {
+    boolean issuerCreatedCorrectly(CertificateIssuer expected, CertificateIssuer actual) {
         return expected.getAccountId().equals(actual.getAccountId())
             && expected.isEnabled().equals(actual.isEnabled())
             && (actual.getCreatedOn() != null)
@@ -552,6 +569,18 @@ Boolean validateIssuer(CertificateIssuer expected, CertificateIssuer actual) {
             && expected.getAdministratorContacts().size() == actual.getAdministratorContacts().size();
     }
 
+    boolean issuerUpdatedCorrectly(CertificateIssuer expected, CertificateIssuer actual) {
+        return !expected.getAccountId().equals(actual.getAccountId())
+            && !expected.isEnabled().equals(actual.isEnabled())
+            && (actual.getCreatedOn() != null)
+            && (actual.getUpdatedOn() != null)
+            && (actual.getId() != null)
+            && (actual.getId().length() > 0)
+            && expected.getName().equals(actual.getName())
+            && !expected.getOrganizationId().equals(actual.getOrganizationId())
+            && expected.getAdministratorContacts().size() == actual.getAdministratorContacts().size();
+    }
+
     CertificatePolicy setupPolicy() {
         return new CertificatePolicy(WellKnownIssuerNames.SELF, "CN=default")
             .setKeyUsage(CertificateKeyUsage.KEY_CERT_SIGN, CertificateKeyUsage.KEY_AGREEMENT)

sdk/keyvault/azure-security-keyvault-certificates/src/test/resources/session-records/CertificateClientTest.createIssuer[1].json

@@ -1,30 +1,29 @@
 {
   "networkCallRecords" : [ {
     "Method" : "PUT",
-    "Uri" : "https://REDACTED.vault.azure.net/certificates/issuers/testissuer95254923fe?api-version=7.3",
+    "Uri" : "https://REDACTED.vault.azure.net/certificates/issuers/testissuer201354f3c0?api-version=7.3",
     "Headers" : {
       "User-Agent" : "azsdk-java-client_name/client_version (11.0.6; Windows 10; 10.0)",
       "Content-Type" : "application/json"
     },
     "Response" : {
-      "content-length" : "360",
+      "content-length" : "373",
       "X-Content-Type-Options" : "nosniff",
       "Pragma" : "no-cache",
       "retry-after" : "0",
       "StatusCode" : "200",
-      "Date" : "Thu, 31 Mar 2022 00:15:16 GMT",
+      "Date" : "Tue, 07 Jun 2022 09:07:52 GMT",
       "Strict-Transport-Security" : "max-age=31536000;includeSubDomains",
       "Cache-Control" : "no-cache",
       "x-ms-keyvault-region" : "westus",
       "x-ms-keyvault-network-info" : "conn_type=Ipv4;addr=172.92.148.195;act_addr_fam=InterNetwork;",
       "Expires" : "-1",
-      "x-ms-request-id" : "d34b188f-f36b-4294-8aea-2e09af43e184",
-      "x-ms-keyvault-service-version" : "1.9.331.5",
-      "Body" : "{\"id\":\"https://azsdktests.vault.azure.net/certificates/issuers/testissuer95254923fe\",\"provider\":\"Test\",\"credentials\":{\"account_id\":\"issuerAccountId\"},\"org_details\":{\"zip\":0,\"admin_details\":[{\"first_name\":\"first\",\"last_name\":\"last\",\"email\":\"first.last@hotmail.com\",\"phone\":\"12345\"}]},\"attributes\":{\"enabled\":true,\"created\":1648685716,\"updated\":1648685716}}",
-      "Content-Type" : "application/json; charset=utf-8",
-      "X-Powered-By" : "ASP.NET"
+      "x-ms-request-id" : "69a3e9f4-0e74-4b0e-9f90-0ab5fee0bd2c",
+      "x-ms-keyvault-service-version" : "1.9.422.1",
+      "Body" : "{\"id\":\"https://azure-kv-tests2.vault.azure.net/certificates/issuers/testissuer201354f3c0\",\"provider\":\"Test\",\"credentials\":{\"account_id\":\"issuerAccountId\"},\"org_details\":{\"id\":\"orgId\",\"zip\":0,\"admin_details\":[{\"first_name\":\"first\",\"last_name\":\"last\",\"email\":\"first.last@hotmail.com\",\"phone\":\"12345\"}]},\"attributes\":{\"enabled\":true,\"created\":1654592872,\"updated\":1654592872}}",
+      "Content-Type" : "application/json; charset=utf-8"
     },
     "Exception" : null
   } ],
-  "variables" : [ "testissuer95254923fe" ]
+  "variables" : [ "testissuer201354f3c0" ]
 }