open-vault/api/ssh.go

56 lines
1.4 KiB
Go
Raw Normal View History

package api
import "fmt"
2015-07-02 21:23:09 +00:00
// SSH is used to return a client to invoke operations on SSH backend.
2015-07-01 15:58:49 +00:00
type SSH struct {
c *Client
MountPoint string
}
2015-09-29 07:35:16 +00:00
// SSH returns the client for logical-backend API calls.
func (c *Client) SSH() *SSH {
2016-02-23 05:08:21 +00:00
return c.SSHWithMountPoint(SSHHelperDefaultMountPoint)
}
2015-09-29 07:35:16 +00:00
// SSHWithMountPoint returns the client with specific SSH mount point.
func (c *Client) SSHWithMountPoint(mountPoint string) *SSH {
2015-07-29 18:21:36 +00:00
return &SSH{
c: c,
MountPoint: mountPoint,
}
}
2015-09-29 07:35:16 +00:00
// Credential invokes the SSH backend API to create a credential to establish an SSH session.
2015-07-29 18:21:36 +00:00
func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
resp, err := c.c.RawRequest(r)
if err != nil {
return nil, err
}
defer resp.Body.Close()
return ParseSecret(resp.Body)
}
// SignKey signs the given public key and returns a signed public key to pass
// along with the SSH request.
func (c *SSH) SignKey(role string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
resp, err := c.c.RawRequest(r)
if err != nil {
return nil, err
}
defer resp.Body.Close()
return ParseSecret(resp.Body)
}