open-vault/builtin/credential/github/path_config.go

package github

import (
	"fmt"
	"net/url"
	"time"

	"github.com/hashicorp/vault/logical"
	"github.com/hashicorp/vault/logical/framework"
	"github.com/fatih/structs"
)

func pathConfig(b *backend) *framework.Path {
	return &framework.Path{
		Pattern: "config",
		Fields: map[string]*framework.FieldSchema{
			"organization": &framework.FieldSchema{
				Type:        framework.TypeString,
				Description: "The organization users must be part of",
			},

			"base_url": &framework.FieldSchema{
				Type: framework.TypeString,
				Description: `The API endpoint to use. Useful if you
are running GitHub Enterprise or an
API-compatible authentication server.`,
			},
			"ttl": &framework.FieldSchema{
				Type:        framework.TypeString,
				Description: `Duration after which authentication will be expired`,
			},
			"max_ttl": &framework.FieldSchema{
				Type:        framework.TypeString,
				Description: `Maximum duration after which authentication will be expired`,
			},
		},

		Callbacks: map[logical.Operation]framework.OperationFunc{
			logical.UpdateOperation: b.pathConfigWrite,
			logical.ReadOperation: b.pathConfigRead,
		},
	}
}

func (b *backend) pathConfigWrite(
	req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	organization := data.Get("organization").(string)
	baseURL := data.Get("base_url").(string)
	if len(baseURL) != 0 {
		_, err := url.Parse(baseURL)
		if err != nil {
			return logical.ErrorResponse(fmt.Sprintf("Error parsing given base_url: %s", err)), nil
		}
	}

	var ttl time.Duration
	var err error
	ttlRaw, ok := data.GetOk("ttl")
	if !ok || len(ttlRaw.(string)) == 0 {
		ttl = 0
	} else {
		ttl, err = time.ParseDuration(ttlRaw.(string))
		if err != nil {
			return logical.ErrorResponse(fmt.Sprintf("Invalid 'ttl':%s", err)), nil
		}
	}

	var maxTTL time.Duration
	maxTTLRaw, ok := data.GetOk("max_ttl")
	if !ok || len(maxTTLRaw.(string)) == 0 {
		maxTTL = 0
	} else {
		maxTTL, err = time.ParseDuration(maxTTLRaw.(string))
		if err != nil {
			return logical.ErrorResponse(fmt.Sprintf("Invalid 'max_ttl':%s", err)), nil
		}
	}

	entry, err := logical.StorageEntryJSON("config", config{
		Organization:	organization,
		BaseURL: 	baseURL,
		TTL:     	ttl,
		MaxTTL:  	maxTTL,
	})

	if err != nil {
		return nil, err
	}

	if err := req.Storage.Put(entry); err != nil {
		return nil, err
	}

	return nil, nil
}

func (b *backend) pathConfigRead(req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
	config, err := b.Config(req.Storage)
	if err != nil {
		return nil, err
	}

	if config == nil {
		return nil, fmt.Errorf("configuration object not found")
	}

	config.TTL /= time.Second
	config.MaxTTL /= time.Second

	resp := &logical.Response{
		Data: structs.New(config).Map(),
	}
	return resp, nil
}

// Config returns the configuration for this backend.
func (b *backend) Config(s logical.Storage) (*config, error) {
	entry, err := s.Get("config")
	if err != nil {
		return nil, err
	}

	var result config
	if entry != nil {
		if err := entry.DecodeJSON(&result); err != nil {
			return nil, fmt.Errorf("error reading configuration: %s", err)
		}
	}

	return &result, nil
}

type config struct {
	Organization string        `json:"organization" structs:"organization" mapstructure:"organization"`
	BaseURL      string        `json:"base_url" structs:"base_url" mapstructure:"base_url"`
	TTL          time.Duration `json:"ttl" structs:"ttl" mapstructure:"ttl"`
	MaxTTL       time.Duration `json:"max_ttl" structs:"max_ttl" mapstructure:"max_ttl"`
}
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`package github`

			`import (`
			`"fmt"`
Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572. 2015-08-28 13:28:35 +00:00			`"net/url"`
Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`"time"`
credential/github: auth with github 2015-04-01 22:46:21 +00:00
			`"github.com/hashicorp/vault/logical"`
			`"github.com/hashicorp/vault/logical/framework"`
Added a 'read' for github config 2017-01-11 00:21:31 +00:00			`"github.com/fatih/structs"`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`)`

Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`func pathConfig(b backend) framework.Path {`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`return &framework.Path{`
			`Pattern: "config",`
			`Fields: map[string]*framework.FieldSchema{`
			`"organization": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			`Description: "The organization users must be part of",`
			`},`
Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572. 2015-08-28 13:28:35 +00:00
			`"base_url": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			Description: `The API endpoint to use. Useful if you
			`are running GitHub Enterprise or an`
			API-compatible authentication server.`,
			`},`
Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`"ttl": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			Description: `Duration after which authentication will be expired`,
			`},`
			`"max_ttl": &framework.FieldSchema{`
			`Type: framework.TypeString,`
			Description: `Maximum duration after which authentication will be expired`,
			`},`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`},`

			`Callbacks: map[logical.Operation]framework.OperationFunc{`
WriteOperation -> UpdateOperation 2016-01-07 15:30:47 +00:00			`logical.UpdateOperation: b.pathConfigWrite,`
Added a 'read' for github config 2017-01-11 00:21:31 +00:00			`logical.ReadOperation: b.pathConfigRead,`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`},`
			`}`
			`}`

Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`func (b *backend) pathConfigWrite(`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`req logical.Request, data framework.FieldData) (*logical.Response, error) {`
Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`organization := data.Get("organization").(string)`
Add base_url option to GitHub auth provider to allow selecting a custom endpoint. Fixes #572. 2015-08-28 13:28:35 +00:00			`baseURL := data.Get("base_url").(string)`
			`if len(baseURL) != 0 {`
			`_, err := url.Parse(baseURL)`
			`if err != nil {`
			`return logical.ErrorResponse(fmt.Sprintf("Error parsing given base_url: %s", err)), nil`
			`}`
			`}`

Use SanitizeTTL in credential request path instead of config 2015-10-02 19:41:35 +00:00			`var ttl time.Duration`
			`var err error`
			`ttlRaw, ok := data.GetOk("ttl")`
Added a test case. Removed setting of defaultTTL in config. 2015-10-03 19:36:57 +00:00			`if !ok \|\| len(ttlRaw.(string)) == 0 {`
Use SanitizeTTL in credential request path instead of config 2015-10-02 19:41:35 +00:00			`ttl = 0`
			`} else {`
			`ttl, err = time.ParseDuration(ttlRaw.(string))`
			`if err != nil {`
			`return logical.ErrorResponse(fmt.Sprintf("Invalid 'ttl':%s", err)), nil`
			`}`
			`}`

			`var maxTTL time.Duration`
			`maxTTLRaw, ok := data.GetOk("max_ttl")`
Added a test case. Removed setting of defaultTTL in config. 2015-10-03 19:36:57 +00:00			`if !ok \|\| len(maxTTLRaw.(string)) == 0 {`
Use SanitizeTTL in credential request path instead of config 2015-10-02 19:41:35 +00:00			`maxTTL = 0`
			`} else {`
			`maxTTL, err = time.ParseDuration(maxTTLRaw.(string))`
			`if err != nil {`
			`return logical.ErrorResponse(fmt.Sprintf("Invalid 'max_ttl':%s", err)), nil`
			`}`
Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`}`

			`entry, err := logical.StorageEntryJSON("config", config{`
Added a nil check for config and renamed org field internally. 2017-01-11 17:04:15 +00:00			`Organization: organization,`
			`BaseURL: baseURL,`
			`TTL: ttl,`
			`MaxTTL: maxTTL,`
Github backend: enable auth renewals 2015-10-02 17:33:19 +00:00			`})`

credential/github: auth with github 2015-04-01 22:46:21 +00:00			`if err != nil {`
			`return nil, err`
			`}`

			`if err := req.Storage.Put(entry); err != nil {`
			`return nil, err`
			`}`

			`return nil, nil`
			`}`

Added a 'read' for github config 2017-01-11 00:21:31 +00:00			`func (b backend) pathConfigRead(req logical.Request, data framework.FieldData) (logical.Response, error) {`
			`config, err := b.Config(req.Storage)`
			`if err != nil {`
			`return nil, err`
			`}`
Added a nil check for config and renamed org field internally. 2017-01-11 17:04:15 +00:00
			`if config == nil {`
			`return nil, fmt.Errorf("configuration object not found")`
			`}`

Added a 'read' for github config 2017-01-11 00:21:31 +00:00			`config.TTL /= time.Second`
			`config.MaxTTL /= time.Second`

			`resp := &logical.Response{`
			`Data: structs.New(config).Map(),`
			`}`
			`return resp, nil`
			`}`

credential/github: auth with github 2015-04-01 22:46:21 +00:00			`// Config returns the configuration for this backend.`
			`func (b backend) Config(s logical.Storage) (config, error) {`
			`entry, err := s.Get("config")`
			`if err != nil {`
			`return nil, err`
			`}`

			`var result config`
			`if entry != nil {`
			`if err := entry.DecodeJSON(&result); err != nil {`
			`return nil, fmt.Errorf("error reading configuration: %s", err)`
			`}`
			`}`

			`return &result, nil`
			`}`

			`type config struct {`
Added a nil check for config and renamed org field internally. 2017-01-11 17:04:15 +00:00			Organization string `json:"organization" structs:"organization" mapstructure:"organization"`
			BaseURL string `json:"base_url" structs:"base_url" mapstructure:"base_url"`
			TTL time.Duration `json:"ttl" structs:"ttl" mapstructure:"ttl"`
			MaxTTL time.Duration `json:"max_ttl" structs:"max_ttl" mapstructure:"max_ttl"`
credential/github: auth with github 2015-04-01 22:46:21 +00:00			`}`