open-vault/sdk/database/helper/credsutil/sql.go

57 lines
1.3 KiB
Go
Raw Normal View History

2019-04-15 15:36:10 +00:00
package credsutil
import (
"context"
2019-04-15 15:36:10 +00:00
"time"
2019-04-15 16:14:20 +00:00
"github.com/hashicorp/vault/sdk/database/dbplugin"
2019-04-15 15:36:10 +00:00
)
const (
NoneLength int = -1
)
// SQLCredentialsProducer implements CredentialsProducer and provides a generic credentials producer for most sql database types.
type SQLCredentialsProducer struct {
DisplayNameLen int
RoleNameLen int
UsernameLen int
Separator string
LowercaseUsername bool
2019-04-15 15:36:10 +00:00
}
func (scp *SQLCredentialsProducer) GenerateCredentials(ctx context.Context) (string, error) {
password, err := scp.GeneratePassword()
if err != nil {
return "", err
}
return password, nil
}
2019-04-15 15:36:10 +00:00
func (scp *SQLCredentialsProducer) GenerateUsername(config dbplugin.UsernameConfig) (string, error) {
caseOp := KeepCase
if scp.LowercaseUsername {
caseOp = Lowercase
}
return GenerateUsername(
DisplayName(config.DisplayName, scp.DisplayNameLen),
RoleName(config.RoleName, scp.RoleNameLen),
Case(caseOp),
Separator(scp.Separator),
MaxLength(scp.UsernameLen),
)
2019-04-15 15:36:10 +00:00
}
func (scp *SQLCredentialsProducer) GeneratePassword() (string, error) {
password, err := RandomAlphaNumeric(20, true)
if err != nil {
return "", err
}
return password, nil
}
func (scp *SQLCredentialsProducer) GenerateExpiration(ttl time.Time) (string, error) {
return ttl.Format("2006-01-02 15:04:05-0700"), nil
}