open-vault/sdk/database/helper/credsutil/sql.go

package credsutil

import (
	"context"
	"fmt"
	"strings"
	"time"

	"github.com/hashicorp/vault/sdk/database/dbplugin"
)

const (
	NoneLength int = -1
)

// SQLCredentialsProducer implements CredentialsProducer and provides a generic credentials producer for most sql database types.
type SQLCredentialsProducer struct {
	DisplayNameLen    int
	RoleNameLen       int
	UsernameLen       int
	Separator         string
	LowercaseUsername bool
}

func (scp *SQLCredentialsProducer) GenerateCredentials(ctx context.Context) (string, error) {
	password, err := scp.GeneratePassword()
	if err != nil {
		return "", err
	}
	return password, nil
}

func (scp *SQLCredentialsProducer) GenerateUsername(config dbplugin.UsernameConfig) (string, error) {
	username := "v"

	displayName := config.DisplayName
	if scp.DisplayNameLen > 0 && len(displayName) > scp.DisplayNameLen {
		displayName = displayName[:scp.DisplayNameLen]
	} else if scp.DisplayNameLen == NoneLength {
		displayName = ""
	}

	if len(displayName) > 0 {
		username = fmt.Sprintf("%s%s%s", username, scp.Separator, displayName)
	}

	roleName := config.RoleName
	if scp.RoleNameLen > 0 && len(roleName) > scp.RoleNameLen {
		roleName = roleName[:scp.RoleNameLen]
	} else if scp.RoleNameLen == NoneLength {
		roleName = ""
	}

	if len(roleName) > 0 {
		username = fmt.Sprintf("%s%s%s", username, scp.Separator, roleName)
	}

	userUUID, err := RandomAlphaNumeric(20, false)
	if err != nil {
		return "", err
	}

	username = fmt.Sprintf("%s%s%s", username, scp.Separator, userUUID)
	username = fmt.Sprintf("%s%s%s", username, scp.Separator, fmt.Sprint(time.Now().Unix()))
	if scp.UsernameLen > 0 && len(username) > scp.UsernameLen {
		username = username[:scp.UsernameLen]
	}

	if scp.LowercaseUsername {
		username = strings.ToLower(username)
	}

	return username, nil
}

func (scp *SQLCredentialsProducer) GeneratePassword() (string, error) {
	password, err := RandomAlphaNumeric(20, true)
	if err != nil {
		return "", err
	}

	return password, nil
}

func (scp *SQLCredentialsProducer) GenerateExpiration(ttl time.Time) (string, error) {
	return ttl.Format("2006-01-02 15:04:05-0700"), nil
}
Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`package credsutil`

			`import (`
Combined Database backend: Add GenerateCredentials to the CredentialsProducer Interface (#7010) * Add GenerateCredentials to the CredentialsProducer Interface, add default implementation * Remove GenerateCredentials implementation from database plugins 2019-07-05 18:34:47 +00:00			`"context"`
Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`"fmt"`
Add redshift database plugin (#8299) * feat: add redshift database plugin * build: update vendored libraries * docs: add reference doc for redshift variant of the database secrets engine * feat: set middlewear type name for better metrics naming (#8346) Co-authored-by: Becca Petrin <beccapetrin@gmail.com> 2020-02-13 17:42:30 +00:00			`"strings"`
Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`"time"`

Move some things around in api/sdk 2019-04-15 16:14:20 +00:00			`"github.com/hashicorp/vault/sdk/database/dbplugin"`
Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`)`

			`const (`
			`NoneLength int = -1`
			`)`

			`// SQLCredentialsProducer implements CredentialsProducer and provides a generic credentials producer for most sql database types.`
			`type SQLCredentialsProducer struct {`
Add redshift database plugin (#8299) * feat: add redshift database plugin * build: update vendored libraries * docs: add reference doc for redshift variant of the database secrets engine * feat: set middlewear type name for better metrics naming (#8346) Co-authored-by: Becca Petrin <beccapetrin@gmail.com> 2020-02-13 17:42:30 +00:00			`DisplayNameLen int`
			`RoleNameLen int`
			`UsernameLen int`
			`Separator string`
			`LowercaseUsername bool`
Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`}`

Combined Database backend: Add GenerateCredentials to the CredentialsProducer Interface (#7010) * Add GenerateCredentials to the CredentialsProducer Interface, add default implementation * Remove GenerateCredentials implementation from database plugins 2019-07-05 18:34:47 +00:00			`func (scp *SQLCredentialsProducer) GenerateCredentials(ctx context.Context) (string, error) {`
			`password, err := scp.GeneratePassword()`
			`if err != nil {`
			`return "", err`
			`}`
			`return password, nil`
			`}`

Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`func (scp *SQLCredentialsProducer) GenerateUsername(config dbplugin.UsernameConfig) (string, error) {`
			`username := "v"`

			`displayName := config.DisplayName`
			`if scp.DisplayNameLen > 0 && len(displayName) > scp.DisplayNameLen {`
			`displayName = displayName[:scp.DisplayNameLen]`
			`} else if scp.DisplayNameLen == NoneLength {`
			`displayName = ""`
			`}`

			`if len(displayName) > 0 {`
			`username = fmt.Sprintf("%s%s%s", username, scp.Separator, displayName)`
			`}`

			`roleName := config.RoleName`
			`if scp.RoleNameLen > 0 && len(roleName) > scp.RoleNameLen {`
			`roleName = roleName[:scp.RoleNameLen]`
			`} else if scp.RoleNameLen == NoneLength {`
			`roleName = ""`
			`}`

			`if len(roleName) > 0 {`
			`username = fmt.Sprintf("%s%s%s", username, scp.Separator, roleName)`
			`}`

			`userUUID, err := RandomAlphaNumeric(20, false)`
			`if err != nil {`
			`return "", err`
			`}`

			`username = fmt.Sprintf("%s%s%s", username, scp.Separator, userUUID)`
			`username = fmt.Sprintf("%s%s%s", username, scp.Separator, fmt.Sprint(time.Now().Unix()))`
			`if scp.UsernameLen > 0 && len(username) > scp.UsernameLen {`
			`username = username[:scp.UsernameLen]`
			`}`

Add redshift database plugin (#8299) * feat: add redshift database plugin * build: update vendored libraries * docs: add reference doc for redshift variant of the database secrets engine * feat: set middlewear type name for better metrics naming (#8346) Co-authored-by: Becca Petrin <beccapetrin@gmail.com> 2020-02-13 17:42:30 +00:00			`if scp.LowercaseUsername {`
			`username = strings.ToLower(username)`
			`}`

Migrate database plugin methods to sdk 2019-04-15 15:36:10 +00:00			`return username, nil`
			`}`

			`func (scp *SQLCredentialsProducer) GeneratePassword() (string, error) {`
			`password, err := RandomAlphaNumeric(20, true)`
			`if err != nil {`
			`return "", err`
			`}`

			`return password, nil`
			`}`

			`func (scp *SQLCredentialsProducer) GenerateExpiration(ttl time.Time) (string, error) {`
			`return ttl.Format("2006-01-02 15:04:05-0700"), nil`
			`}`