open-vault/builtin/logical/ssh/path_fetch.go

50 lines
1.4 KiB
Go
Raw Normal View History

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
2016-12-26 14:03:27 +00:00
package ssh
import (
"context"
"github.com/hashicorp/vault/sdk/framework"
"github.com/hashicorp/vault/sdk/logical"
2016-12-26 14:03:27 +00:00
)
func pathFetchPublicKey(b *backend) *framework.Path {
return &framework.Path{
Pattern: `public_key`,
DisplayAttrs: &framework.DisplayAttributes{
OperationPrefix: operationPrefixSSH,
OperationSuffix: "public-key",
},
2016-12-26 14:03:27 +00:00
Callbacks: map[logical.Operation]framework.OperationFunc{
logical.ReadOperation: b.pathFetchPublicKey,
},
HelpSynopsis: `Retrieve the public key.`,
HelpDescription: `This allows the public key of the SSH CA certificate that this backend has been configured with to be fetched. This is a raw response endpoint without JSON encoding; use -format=raw or an external tool (e.g., curl) to fetch this value.`,
2016-12-26 14:03:27 +00:00
}
}
func (b *backend) pathFetchPublicKey(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
publicKeyEntry, err := caKey(ctx, req.Storage, caPublicKey)
2016-12-26 14:03:27 +00:00
if err != nil {
return nil, err
}
if publicKeyEntry == nil || publicKeyEntry.Key == "" {
return nil, nil
}
2016-12-26 14:03:27 +00:00
response := &logical.Response{
Data: map[string]interface{}{
logical.HTTPContentType: "text/plain",
logical.HTTPRawBody: []byte(publicKeyEntry.Key),
2016-12-26 14:03:27 +00:00
logical.HTTPStatusCode: 200,
},
}
2016-12-26 14:03:27 +00:00
return response, nil
}