2018-03-17 04:39:26 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
2018-03-21 19:42:42 +00:00
|
|
|
"fmt"
|
2018-03-17 04:39:26 +00:00
|
|
|
"net/http"
|
|
|
|
|
2018-05-25 17:28:18 +00:00
|
|
|
"github.com/hashicorp/consul/agent/connect/ca"
|
2018-03-17 04:39:26 +00:00
|
|
|
"github.com/hashicorp/consul/agent/structs"
|
|
|
|
)
|
|
|
|
|
|
|
|
// GET /v1/connect/ca/roots
|
|
|
|
func (s *HTTPServer) ConnectCARoots(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
var args structs.DCSpecificRequest
|
|
|
|
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var reply structs.IndexedCARoots
|
|
|
|
defer setMeta(resp, &reply.QueryMeta)
|
|
|
|
if err := s.agent.RPC("ConnectCA.Roots", &args, &reply); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2018-03-19 05:07:52 +00:00
|
|
|
return reply, nil
|
2018-03-17 04:39:26 +00:00
|
|
|
}
|
2018-03-21 19:42:42 +00:00
|
|
|
|
|
|
|
// /v1/connect/ca/configuration
|
|
|
|
func (s *HTTPServer) ConnectCAConfiguration(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
switch req.Method {
|
2018-04-09 04:59:08 +00:00
|
|
|
case "GET":
|
|
|
|
return s.ConnectCAConfigurationGet(resp, req)
|
|
|
|
|
2018-03-21 19:42:42 +00:00
|
|
|
case "PUT":
|
|
|
|
return s.ConnectCAConfigurationSet(resp, req)
|
|
|
|
|
|
|
|
default:
|
|
|
|
return nil, MethodNotAllowedError{req.Method, []string{"GET", "POST"}}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-04-09 04:59:08 +00:00
|
|
|
// GEt /v1/connect/ca/configuration
|
|
|
|
func (s *HTTPServer) ConnectCAConfigurationGet(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
// Method is tested in ConnectCAConfiguration
|
|
|
|
var args structs.DCSpecificRequest
|
|
|
|
if done := s.parse(resp, req, &args.Datacenter, &args.QueryOptions); done {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var reply structs.CAConfiguration
|
|
|
|
err := s.agent.RPC("ConnectCA.ConfigurationGet", &args, &reply)
|
2018-05-25 17:28:18 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2018-05-23 21:43:40 +00:00
|
|
|
fixupConfig(&reply)
|
2018-05-25 17:28:18 +00:00
|
|
|
return reply, nil
|
2018-04-09 04:59:08 +00:00
|
|
|
}
|
|
|
|
|
2018-03-21 19:42:42 +00:00
|
|
|
// PUT /v1/connect/ca/configuration
|
|
|
|
func (s *HTTPServer) ConnectCAConfigurationSet(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
// Method is tested in ConnectCAConfiguration
|
|
|
|
|
2018-04-09 04:59:08 +00:00
|
|
|
var args structs.CARequest
|
|
|
|
s.parseDC(req, &args.Datacenter)
|
|
|
|
s.parseToken(req, &args.Token)
|
|
|
|
if err := decodeBody(req, &args.Config, nil); err != nil {
|
2018-03-21 19:42:42 +00:00
|
|
|
resp.WriteHeader(http.StatusBadRequest)
|
|
|
|
fmt.Fprintf(resp, "Request decode failed: %v", err)
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
var reply interface{}
|
|
|
|
err := s.agent.RPC("ConnectCA.ConfigurationSet", &args, &reply)
|
|
|
|
return nil, err
|
|
|
|
}
|
2018-05-23 21:43:40 +00:00
|
|
|
|
|
|
|
// A hack to fix up the config types inside of the map[string]interface{}
|
|
|
|
// so that they get formatted correctly during json.Marshal. Without this,
|
2018-06-06 17:46:34 +00:00
|
|
|
// string values that get converted to []uint8 end up getting output back
|
2018-05-23 21:43:40 +00:00
|
|
|
// to the user in base64-encoded form.
|
|
|
|
func fixupConfig(conf *structs.CAConfiguration) {
|
2018-06-13 08:40:03 +00:00
|
|
|
for k, v := range conf.Config {
|
|
|
|
if raw, ok := v.([]uint8); ok {
|
|
|
|
conf.Config[k] = ca.Uint8ToString(raw)
|
2018-06-16 00:59:08 +00:00
|
|
|
switch conf.Provider {
|
|
|
|
case structs.ConsulCAProvider:
|
|
|
|
if k == "PrivateKey" && ca.Uint8ToString(raw) != "" {
|
|
|
|
conf.Config["PrivateKey"] = "hidden"
|
|
|
|
}
|
|
|
|
case structs.VaultCAProvider:
|
|
|
|
if k == "Token" && ca.Uint8ToString(raw) != "" {
|
|
|
|
conf.Config["Token"] = "hidden"
|
|
|
|
}
|
2018-06-14 17:56:17 +00:00
|
|
|
}
|
2018-06-06 17:46:34 +00:00
|
|
|
}
|
2018-05-23 21:43:40 +00:00
|
|
|
}
|
|
|
|
}
|