2023-03-15 16:00:52 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2015-06-26 01:47:32 +00:00
|
|
|
package api
|
|
|
|
|
2018-07-24 22:49:55 +00:00
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"fmt"
|
2022-03-24 17:58:03 +00:00
|
|
|
"net/http"
|
2018-07-24 22:49:55 +00:00
|
|
|
)
|
2015-06-26 01:47:32 +00:00
|
|
|
|
2015-07-02 21:23:09 +00:00
|
|
|
// SSH is used to return a client to invoke operations on SSH backend.
|
2015-07-01 15:58:49 +00:00
|
|
|
type SSH struct {
|
2015-08-12 17:30:50 +00:00
|
|
|
c *Client
|
|
|
|
MountPoint string
|
2015-06-26 01:47:32 +00:00
|
|
|
}
|
|
|
|
|
2015-09-29 07:35:16 +00:00
|
|
|
// SSH returns the client for logical-backend API calls.
|
2015-08-12 16:56:17 +00:00
|
|
|
func (c *Client) SSH() *SSH {
|
2016-02-23 05:08:21 +00:00
|
|
|
return c.SSHWithMountPoint(SSHHelperDefaultMountPoint)
|
2015-08-12 16:56:17 +00:00
|
|
|
}
|
|
|
|
|
2015-09-29 07:35:16 +00:00
|
|
|
// SSHWithMountPoint returns the client with specific SSH mount point.
|
2015-08-12 17:30:50 +00:00
|
|
|
func (c *Client) SSHWithMountPoint(mountPoint string) *SSH {
|
2015-07-29 18:21:36 +00:00
|
|
|
return &SSH{
|
2015-08-12 17:30:50 +00:00
|
|
|
c: c,
|
|
|
|
MountPoint: mountPoint,
|
2015-07-06 15:05:02 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-03-23 21:47:43 +00:00
|
|
|
// Credential wraps CredentialWithContext using context.Background.
|
2015-07-29 18:21:36 +00:00
|
|
|
func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, error) {
|
2022-03-23 21:47:43 +00:00
|
|
|
return c.CredentialWithContext(context.Background(), role, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
// CredentialWithContext invokes the SSH backend API to create a credential to establish an SSH session.
|
|
|
|
func (c *SSH) CredentialWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
|
|
|
|
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
|
|
|
defer cancelFunc()
|
|
|
|
|
2022-03-24 17:58:03 +00:00
|
|
|
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
|
2015-06-26 01:47:32 +00:00
|
|
|
if err := r.SetJSONBody(data); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2022-03-23 21:47:43 +00:00
|
|
|
resp, err := c.c.rawRequestWithContext(ctx, r)
|
2015-06-26 01:47:32 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
|
|
|
|
return ParseSecret(resp.Body)
|
|
|
|
}
|
2017-08-16 22:44:28 +00:00
|
|
|
|
2022-03-23 21:47:43 +00:00
|
|
|
// SignKey wraps SignKeyWithContext using context.Background.
|
2017-08-16 22:44:28 +00:00
|
|
|
func (c *SSH) SignKey(role string, data map[string]interface{}) (*Secret, error) {
|
2022-03-23 21:47:43 +00:00
|
|
|
return c.SignKeyWithContext(context.Background(), role, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
// SignKeyWithContext signs the given public key and returns a signed public key to pass
|
|
|
|
// along with the SSH request.
|
|
|
|
func (c *SSH) SignKeyWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
|
|
|
|
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
|
|
|
|
defer cancelFunc()
|
|
|
|
|
2022-03-24 17:58:03 +00:00
|
|
|
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
|
2017-08-16 22:44:28 +00:00
|
|
|
if err := r.SetJSONBody(data); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2022-03-23 21:47:43 +00:00
|
|
|
resp, err := c.c.rawRequestWithContext(ctx, r)
|
2017-08-16 22:44:28 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer resp.Body.Close()
|
|
|
|
|
|
|
|
return ParseSecret(resp.Body)
|
|
|
|
}
|