2015-03-12 00:46:25 +00:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/json"
|
|
|
|
"io"
|
2016-06-07 20:01:09 +00:00
|
|
|
"time"
|
2015-03-12 00:46:25 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// Secret is the structure returned for every secret within Vault.
|
|
|
|
type Secret struct {
|
2015-04-14 00:40:05 +00:00
|
|
|
LeaseID string `json:"lease_id"`
|
|
|
|
LeaseDuration int `json:"lease_duration"`
|
|
|
|
Renewable bool `json:"renewable"`
|
|
|
|
|
|
|
|
// Data is the actual contents of the secret. The format of the data
|
|
|
|
// is arbitrary and up to the secret backend.
|
|
|
|
Data map[string]interface{} `json:"data"`
|
|
|
|
|
2015-10-07 19:30:54 +00:00
|
|
|
// Warnings contains any warnings related to the operation. These
|
|
|
|
// are not issues that caused the command to fail, but that the
|
|
|
|
// client should be aware of.
|
|
|
|
Warnings []string `json:"warnings"`
|
|
|
|
|
2015-04-14 00:40:05 +00:00
|
|
|
// Auth, if non-nil, means that there was authentication information
|
|
|
|
// attached to this response.
|
|
|
|
Auth *SecretAuth `json:"auth,omitempty"`
|
2016-05-02 05:58:58 +00:00
|
|
|
|
|
|
|
// WrapInfo, if non-nil, means that the initial response was wrapped in the
|
|
|
|
// cubbyhole of the given token (which has a TTL of the given number of
|
|
|
|
// seconds)
|
|
|
|
WrapInfo *SecretWrapInfo `json:"wrap_info,omitempty"`
|
|
|
|
}
|
|
|
|
|
2016-06-13 23:58:17 +00:00
|
|
|
// SecretWrapInfo contains wrapping information if we have it. If what is
|
|
|
|
// contained is an authentication token, the accessor for the token will be
|
|
|
|
// available in WrappedAccessor.
|
2016-05-02 05:58:58 +00:00
|
|
|
type SecretWrapInfo struct {
|
2016-06-13 23:58:17 +00:00
|
|
|
Token string `json:"token"`
|
|
|
|
TTL int `json:"ttl"`
|
|
|
|
CreationTime time.Time `json:"creation_time"`
|
|
|
|
WrappedAccessor string `json:"wrapped_accessor"`
|
2015-04-04 22:40:41 +00:00
|
|
|
}
|
|
|
|
|
2015-09-29 07:35:16 +00:00
|
|
|
// SecretAuth is the structure containing auth information if we have it.
|
2015-04-04 22:40:41 +00:00
|
|
|
type SecretAuth struct {
|
2015-04-24 16:00:00 +00:00
|
|
|
ClientToken string `json:"client_token"`
|
2016-03-09 11:23:31 +00:00
|
|
|
Accessor string `json:"accessor"`
|
2015-04-04 22:40:41 +00:00
|
|
|
Policies []string `json:"policies"`
|
|
|
|
Metadata map[string]string `json:"metadata"`
|
|
|
|
|
|
|
|
LeaseDuration int `json:"lease_duration"`
|
|
|
|
Renewable bool `json:"renewable"`
|
2015-03-12 00:46:25 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// ParseSecret is used to parse a secret value from JSON from an io.Reader.
|
|
|
|
func ParseSecret(r io.Reader) (*Secret, error) {
|
|
|
|
// First decode the JSON into a map[string]interface{}
|
2015-03-16 03:35:33 +00:00
|
|
|
var secret Secret
|
2015-03-12 00:46:25 +00:00
|
|
|
dec := json.NewDecoder(r)
|
2016-04-20 18:38:20 +00:00
|
|
|
dec.UseNumber()
|
2015-03-16 03:35:33 +00:00
|
|
|
if err := dec.Decode(&secret); err != nil {
|
2015-03-12 00:46:25 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2015-03-16 03:35:33 +00:00
|
|
|
return &secret, nil
|
2015-03-12 00:46:25 +00:00
|
|
|
}
|