Commit graph

7 commits

Author SHA1 Message Date
Jeff Mitchell 627082b838 Remove grace periods 2016-01-31 19:33:16 -05:00
Jeff Mitchell 93ef9a54bd Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
Armon Dadgar 4679febdf3 logical: Refactor LeaseOptions to share between Secret and Auth 2015-04-09 12:14:04 -07:00
Armon Dadgar 7df486482b vault: Adding LeaseIssue for renew to allow limiting maximum lease length 2015-04-09 11:54:32 -07:00
Armon Dadgar 466c7575d3 Replace VaultID with LeaseID for terminology simplification 2015-04-08 13:35:32 -07:00
Mitchell Hashimoto 856f1e854a logical: validation should allow 0 leases 2015-03-31 21:11:23 -07:00
Mitchell Hashimoto c349e97168 vault: clean up VaultID duplications, make secret responses clearer
/cc @armon - This is a reasonably major refactor that I think cleans up
a lot of the logic with secrets in responses. The reason for the
refactor is that while implementing Renew/Revoke in logical/framework I
found the existing API to be really awkward to work with.

Primarily, we needed a way to send down internal data for Vault core to
store since not all the data you need to revoke a key is always sent
down to the user (for example the user than AWS key belongs to).

At first, I was doing this manually in logical/framework with
req.Storage, but this is going to be such a common event that I think
its something core should assist with. Additionally, I think the added
context for secrets will be useful in the future when we have a Vault
API for returning orphaned out keys: we can also return the internal
data that might help an operator.

So this leads me to this refactor. I've removed most of the fields in
`logical.Response` and replaced it with a single `*Secret` pointer. If
this is non-nil, then the response represents a secret. The Secret
struct encapsulates all the lease info and such.

It also has some fields on it that are only populated at _request_ time
for Revoke/Renew operations. There is precedent for this sort of
behavior in the Go stdlib where http.Request/http.Response have fields
that differ based on client/server. I copied this style.

All core unit tests pass. The APIs fail for obvious reasons but I'll fix
that up in the next commit.
2015-03-19 23:11:42 +01:00