open-vault/command/token_lookup.go

129 lines
3 KiB
Go
Raw Normal View History

package command
import (
"fmt"
"strings"
"github.com/hashicorp/vault/api"
2017-09-05 04:05:01 +00:00
"github.com/mitchellh/cli"
"github.com/posener/complete"
)
2017-09-05 04:05:01 +00:00
var _ cli.Command = (*TokenLookupCommand)(nil)
var _ cli.CommandAutocomplete = (*TokenLookupCommand)(nil)
type TokenLookupCommand struct {
2017-09-05 04:05:01 +00:00
*BaseCommand
flagAccessor bool
}
func (c *TokenLookupCommand) Synopsis() string {
2017-09-08 01:58:13 +00:00
return "Display information about a token"
2017-09-05 04:05:01 +00:00
}
func (c *TokenLookupCommand) Help() string {
helpText := `
2017-09-08 01:58:13 +00:00
Usage: vault token lookup [options] [TOKEN | ACCESSOR]
2017-09-05 04:05:01 +00:00
Displays information about a token or accessor. If a TOKEN is not provided,
the locally authenticated token is used.
Get information about the locally authenticated token (this uses the
/auth/token/lookup-self endpoint and permission):
2017-09-08 01:58:13 +00:00
$ vault token lookup
2017-09-05 04:05:01 +00:00
Get information about a particular token (this uses the /auth/token/lookup
endpoint and permission):
2017-09-08 01:58:13 +00:00
$ vault token lookup 96ddf4bc-d217-f3ba-f9bd-017055595017
2017-09-05 04:05:01 +00:00
Get information about a token via its accessor:
2017-09-08 01:58:13 +00:00
$ vault token lookup -accessor 9793c9b3-e04a-46f3-e7b8-748d7da248da
2017-09-05 04:05:01 +00:00
For a full list of examples, please see the documentation.
` + c.Flags().Help()
return strings.TrimSpace(helpText)
}
func (c *TokenLookupCommand) Flags() *FlagSets {
set := c.flagSet(FlagSetHTTP | FlagSetOutputFormat)
f := set.NewFlagSet("Command Options")
f.BoolVar(&BoolVar{
Name: "accessor",
Target: &c.flagAccessor,
Default: false,
EnvVar: "",
Completion: complete.PredictNothing,
2017-09-08 01:58:13 +00:00
Usage: "Treat the argument as an accessor instead of a token. When " +
2017-09-05 04:05:01 +00:00
"this option is selected, the output will NOT include the token.",
})
return set
}
func (c *TokenLookupCommand) AutocompleteArgs() complete.Predictor {
return c.PredictVaultFiles()
}
func (c *TokenLookupCommand) AutocompleteFlags() complete.Flags {
return c.Flags().Completions()
}
func (c *TokenLookupCommand) Run(args []string) int {
2017-09-05 04:05:01 +00:00
f := c.Flags()
if err := f.Parse(args); err != nil {
c.UI.Error(err.Error())
return 1
}
2017-09-05 04:05:01 +00:00
token := ""
args = f.Args()
switch {
case c.flagAccessor && len(args) < 1:
c.UI.Error(fmt.Sprintf("Not enough arguments with -accessor (expected 1, got %d)", len(args)))
return 1
case c.flagAccessor && len(args) > 1:
c.UI.Error(fmt.Sprintf("Too many arguments with -accessor (expected 1, got %d)", len(args)))
return 1
case len(args) == 0:
// Use the local token
case len(args) == 1:
token = strings.TrimSpace(args[0])
case len(args) > 1:
c.UI.Error(fmt.Sprintf("Too many arguments (expected 0-1, got %d)", len(args)))
return 1
}
client, err := c.Client()
if err != nil {
2017-09-05 04:05:01 +00:00
c.UI.Error(err.Error())
return 2
}
var secret *api.Secret
switch {
2017-09-05 04:05:01 +00:00
case token == "":
secret, err = client.Auth().Token().LookupSelf()
2017-09-05 04:05:01 +00:00
case c.flagAccessor:
secret, err = client.Auth().Token().LookupAccessor(token)
default:
2017-09-05 04:05:01 +00:00
secret, err = client.Auth().Token().Lookup(token)
}
if err != nil {
2017-09-05 04:05:01 +00:00
c.UI.Error(fmt.Sprintf("Error looking up token: %s", err))
return 2
}
2017-09-05 04:05:01 +00:00
return OutputSecret(c.UI, c.flagFormat, secret)
}