vault: Adding hooks for auth loading

vault/auth.go

@@ -0,0 +1,13 @@
+package vault
+
+// setupCredentials is invoked after we've loaded the mount table to
+// initialize the credential backends and setup the router
+func (c *Core) setupCredentials() error {
+	return nil
+}
+
+// teardownCredentials is used before we seal the vault to reset the credential
+// backends to their unloaded state. This is reversed by loadCredentials.
+func (c *Core) teardownCredentials() error {
+	return nil
+}

vault/core.go

@@ -492,12 +492,18 @@ func (c *Core) postUnseal() error {
 	if err := c.setupTokenStore(); err != nil {
 		return nil
 	}
+	if err := c.setupCredentials(); err != nil {
+		return nil
+	}
 	return nil
 }
 
 // preSeal is invoked before the barrier is sealed, allowing
 // for any state teardown required.
 func (c *Core) preSeal() error {
+	if err := c.teardownCredentials(); err != nil {
+		return err
+	}
 	if err := c.teardownTokenStore(); err != nil {
 		return err
 	}