2016-04-01 18:23:15 +00:00
|
|
|
package command
|
|
|
|
|
2016-05-19 15:25:15 +00:00
|
|
|
import (
|
|
|
|
"fmt"
|
2017-09-03 01:05:13 +00:00
|
|
|
"io"
|
2016-05-19 15:25:15 +00:00
|
|
|
"os"
|
2016-09-29 04:01:28 +00:00
|
|
|
"time"
|
2016-05-19 15:25:15 +00:00
|
|
|
|
2017-09-05 03:56:58 +00:00
|
|
|
"golang.org/x/crypto/ssh/terminal"
|
|
|
|
|
2016-05-19 15:25:15 +00:00
|
|
|
"github.com/hashicorp/vault/api"
|
|
|
|
"github.com/hashicorp/vault/command/token"
|
|
|
|
"github.com/mitchellh/cli"
|
|
|
|
)
|
2016-04-01 18:23:15 +00:00
|
|
|
|
|
|
|
// DefaultTokenHelper returns the token helper that is configured for Vault.
|
2016-04-01 20:02:18 +00:00
|
|
|
func DefaultTokenHelper() (token.TokenHelper, error) {
|
|
|
|
config, err := LoadConfig("")
|
2016-04-01 18:23:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
path := config.TokenHelper
|
|
|
|
if path == "" {
|
|
|
|
return &token.InternalTokenHelper{}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
path, err = token.ExternalTokenHelperPath(path)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &token.ExternalTokenHelper{BinaryPath: path}, nil
|
|
|
|
}
|
2016-05-19 15:25:15 +00:00
|
|
|
|
2017-08-28 20:45:39 +00:00
|
|
|
// RawField extracts the raw field from the given data and returns it as a
|
|
|
|
// string for printing purposes.
|
|
|
|
func RawField(secret *api.Secret, field string) (string, bool) {
|
2016-05-19 15:25:15 +00:00
|
|
|
var val interface{}
|
2016-06-28 03:19:09 +00:00
|
|
|
switch {
|
|
|
|
case secret.Auth != nil:
|
|
|
|
switch field {
|
|
|
|
case "token":
|
|
|
|
val = secret.Auth.ClientToken
|
|
|
|
case "token_accessor":
|
|
|
|
val = secret.Auth.Accessor
|
|
|
|
case "token_duration":
|
|
|
|
val = secret.Auth.LeaseDuration
|
|
|
|
case "token_renewable":
|
|
|
|
val = secret.Auth.Renewable
|
|
|
|
case "token_policies":
|
|
|
|
val = secret.Auth.Policies
|
|
|
|
default:
|
|
|
|
val = secret.Data[field]
|
2016-05-19 15:25:15 +00:00
|
|
|
}
|
2016-06-28 03:19:09 +00:00
|
|
|
|
|
|
|
case secret.WrapInfo != nil:
|
|
|
|
switch field {
|
|
|
|
case "wrapping_token":
|
|
|
|
val = secret.WrapInfo.Token
|
|
|
|
case "wrapping_token_ttl":
|
2016-05-19 15:25:15 +00:00
|
|
|
val = secret.WrapInfo.TTL
|
2016-06-28 03:19:09 +00:00
|
|
|
case "wrapping_token_creation_time":
|
2016-09-29 04:01:28 +00:00
|
|
|
val = secret.WrapInfo.CreationTime.Format(time.RFC3339Nano)
|
2017-08-02 22:28:58 +00:00
|
|
|
case "wrapping_token_creation_path":
|
|
|
|
val = secret.WrapInfo.CreationPath
|
2016-06-28 03:19:09 +00:00
|
|
|
case "wrapped_accessor":
|
2016-06-13 23:58:17 +00:00
|
|
|
val = secret.WrapInfo.WrappedAccessor
|
2016-06-28 03:19:09 +00:00
|
|
|
default:
|
|
|
|
val = secret.Data[field]
|
2016-06-13 23:58:17 +00:00
|
|
|
}
|
2016-06-28 03:19:09 +00:00
|
|
|
|
2016-05-19 15:25:15 +00:00
|
|
|
default:
|
2016-06-28 03:19:09 +00:00
|
|
|
switch field {
|
|
|
|
case "refresh_interval":
|
|
|
|
val = secret.LeaseDuration
|
|
|
|
default:
|
|
|
|
val = secret.Data[field]
|
|
|
|
}
|
2016-05-19 15:25:15 +00:00
|
|
|
}
|
|
|
|
|
2017-08-28 20:45:39 +00:00
|
|
|
str := fmt.Sprintf("%v", val)
|
|
|
|
return str, val != nil
|
|
|
|
}
|
|
|
|
|
2017-09-05 03:56:58 +00:00
|
|
|
// PrintRawField prints raw field from the secret.
|
2017-08-28 20:45:39 +00:00
|
|
|
func PrintRawField(ui cli.Ui, secret *api.Secret, field string) int {
|
|
|
|
str, ok := RawField(secret, field)
|
|
|
|
if !ok {
|
2017-09-03 01:05:13 +00:00
|
|
|
ui.Error(fmt.Sprintf("Field %q not present in secret", field))
|
2016-05-19 15:25:15 +00:00
|
|
|
return 1
|
|
|
|
}
|
2017-08-28 20:45:39 +00:00
|
|
|
|
2017-09-05 03:56:58 +00:00
|
|
|
return PrintRaw(ui, str)
|
|
|
|
}
|
|
|
|
|
|
|
|
// PrintRaw prints a raw value to the terminal. If the process is being "piped"
|
|
|
|
// to something else, the "raw" value is printed without a newline character.
|
|
|
|
// Otherwise the value is printed as normal.
|
|
|
|
func PrintRaw(ui cli.Ui, str string) int {
|
|
|
|
if terminal.IsTerminal(int(os.Stdout.Fd())) {
|
|
|
|
ui.Output(str)
|
|
|
|
} else {
|
|
|
|
// The cli.Ui prints a CR, which is not wanted since the user probably wants
|
|
|
|
// just the raw value.
|
|
|
|
w := getWriterFromUI(ui)
|
|
|
|
fmt.Fprintf(w, str)
|
|
|
|
}
|
2017-08-28 20:45:39 +00:00
|
|
|
return 0
|
2016-05-19 15:25:15 +00:00
|
|
|
}
|
2017-09-03 01:05:13 +00:00
|
|
|
|
|
|
|
// getWriterFromUI accepts a cli.Ui and returns the underlying io.Writer by
|
|
|
|
// unwrapping as many wrapped Uis as necessary. If there is an unknown UI
|
|
|
|
// type, this falls back to os.Stdout.
|
|
|
|
func getWriterFromUI(ui cli.Ui) io.Writer {
|
|
|
|
switch t := ui.(type) {
|
|
|
|
case *cli.BasicUi:
|
|
|
|
return t.Writer
|
|
|
|
case *cli.ColoredUi:
|
|
|
|
return getWriterFromUI(t.Ui)
|
|
|
|
case *cli.ConcurrentUi:
|
|
|
|
return getWriterFromUI(t.Ui)
|
|
|
|
case *cli.MockUi:
|
|
|
|
return t.OutputWriter
|
|
|
|
default:
|
|
|
|
return os.Stdout
|
|
|
|
}
|
|
|
|
}
|