open-vault/builtin/logical/ssh/secret_one_time_key.go

package ssh

import (
	"log"
	"time"

	"github.com/hashicorp/vault/logical"
	"github.com/hashicorp/vault/logical/framework"
)

const SecretSshHostKeyType = "secret_ssh_host_key_type"

func secretOneTimeKey(b *backend) *framework.Secret {
	log.Printf("Vishal: ssh.secretPrivateKey\n")
	return &framework.Secret{
		Type: SecretSshHostKeyType,
		Fields: map[string]*framework.FieldSchema{
			"username": &framework.FieldSchema{
				Type:        framework.TypeString,
				Description: "Username in host",
			},
			"ip": &framework.FieldSchema{
				Type:        framework.TypeString,
				Description: "ip address of host",
			},
		},
		DefaultDuration:    1 * time.Hour,
		DefaultGracePeriod: 10 * time.Minute,
		Renew:              b.secretPrivateKeyRenew,
		Revoke:             b.secretPrivateKeyRevoke,
	}
}

func (b *backend) secretPrivateKeyRenew(req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	log.Printf("Vishal: ssh.secretPrivateKeyRenew\n")
	lease, err := b.Lease(req.Storage)
	if err != nil {
		return nil, err
	}
	if lease == nil {
		lease = &configLease{Lease: 1 * time.Hour}
	}
	f := framework.LeaseExtend(lease.Lease, lease.LeaseMax, false)
	return f(req, d)
}

func (b *backend) secretPrivateKeyRevoke(req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
	log.Printf("Vishal: ssh.secretPrivateKeyRevoke\n")
	//TODO: implement here
	return nil, nil
}
Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00			`package ssh`

			`import (`
			`"log"`
			`"time"`

			`"github.com/hashicorp/vault/logical"`
			`"github.com/hashicorp/vault/logical/framework"`
			`)`

Roles, key renewal handled. End-to-end basic flow working. 2015-06-19 00:48:41 +00:00			`const SecretSshHostKeyType = "secret_ssh_host_key_type"`
Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00
			`func secretOneTimeKey(b backend) framework.Secret {`
			`log.Printf("Vishal: ssh.secretPrivateKey\n")`
			`return &framework.Secret{`
Roles, key renewal handled. End-to-end basic flow working. 2015-06-19 00:48:41 +00:00			`Type: SecretSshHostKeyType,`
Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00			`Fields: map[string]*framework.FieldSchema{`
			`"username": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			`Description: "Username in host",`
			`},`
			`"ip": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			`Description: "ip address of host",`
			`},`
			`},`
			`DefaultDuration: 1 * time.Hour,`
			`DefaultGracePeriod: 10 * time.Minute,`
Roles, key renewal handled. End-to-end basic flow working. 2015-06-19 00:48:41 +00:00			`Renew: b.secretPrivateKeyRenew,`
Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00			`Revoke: b.secretPrivateKeyRevoke,`
			`}`
			`}`

Roles, key renewal handled. End-to-end basic flow working. 2015-06-19 00:48:41 +00:00			`func (b backend) secretPrivateKeyRenew(req logical.Request, d framework.FieldData) (logical.Response, error) {`
			`log.Printf("Vishal: ssh.secretPrivateKeyRenew\n")`
			`lease, err := b.Lease(req.Storage)`
			`if err != nil {`
			`return nil, err`
			`}`
			`if lease == nil {`
			`lease = &configLease{Lease: 1 * time.Hour}`
			`}`
			`f := framework.LeaseExtend(lease.Lease, lease.LeaseMax, false)`
			`return f(req, d)`
			`}`

Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00			`func (b backend) secretPrivateKeyRevoke(req logical.Request, d framework.FieldData) (logical.Response, error) {`
			`log.Printf("Vishal: ssh.secretPrivateKeyRevoke\n")`
Roles, key renewal handled. End-to-end basic flow working. 2015-06-19 00:48:41 +00:00			`//TODO: implement here`
Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 20:58:54 +00:00			`return nil, nil`
			`}`