2019-04-15 15:36:10 +00:00
|
|
|
package credsutil
|
|
|
|
|
|
|
|
import (
|
2019-07-05 18:34:47 +00:00
|
|
|
"context"
|
2019-04-15 15:36:10 +00:00
|
|
|
"time"
|
|
|
|
|
2019-04-15 16:14:20 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/database/dbplugin"
|
2019-04-15 15:36:10 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
NoneLength int = -1
|
|
|
|
)
|
|
|
|
|
|
|
|
// SQLCredentialsProducer implements CredentialsProducer and provides a generic credentials producer for most sql database types.
|
|
|
|
type SQLCredentialsProducer struct {
|
2020-02-13 17:42:30 +00:00
|
|
|
DisplayNameLen int
|
|
|
|
RoleNameLen int
|
|
|
|
UsernameLen int
|
|
|
|
Separator string
|
|
|
|
LowercaseUsername bool
|
2019-04-15 15:36:10 +00:00
|
|
|
}
|
|
|
|
|
2019-07-05 18:34:47 +00:00
|
|
|
func (scp *SQLCredentialsProducer) GenerateCredentials(ctx context.Context) (string, error) {
|
|
|
|
password, err := scp.GeneratePassword()
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
return password, nil
|
|
|
|
}
|
|
|
|
|
2019-04-15 15:36:10 +00:00
|
|
|
func (scp *SQLCredentialsProducer) GenerateUsername(config dbplugin.UsernameConfig) (string, error) {
|
2020-09-29 22:54:34 +00:00
|
|
|
caseOp := KeepCase
|
2020-02-13 17:42:30 +00:00
|
|
|
if scp.LowercaseUsername {
|
2020-09-29 22:54:34 +00:00
|
|
|
caseOp = Lowercase
|
|
|
|
}
|
|
|
|
return GenerateUsername(
|
|
|
|
DisplayName(config.DisplayName, scp.DisplayNameLen),
|
|
|
|
RoleName(config.RoleName, scp.RoleNameLen),
|
|
|
|
Case(caseOp),
|
|
|
|
Separator(scp.Separator),
|
|
|
|
MaxLength(scp.UsernameLen),
|
|
|
|
)
|
2019-04-15 15:36:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (scp *SQLCredentialsProducer) GeneratePassword() (string, error) {
|
|
|
|
password, err := RandomAlphaNumeric(20, true)
|
|
|
|
if err != nil {
|
|
|
|
return "", err
|
|
|
|
}
|
|
|
|
|
|
|
|
return password, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (scp *SQLCredentialsProducer) GenerateExpiration(ttl time.Time) (string, error) {
|
|
|
|
return ttl.Format("2006-01-02 15:04:05-0700"), nil
|
|
|
|
}
|