open-vault/command/util.go

164 lines
3.9 KiB
Go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package command
import (
"fmt"
"io"
"os"
"time"
"github.com/fatih/color"
"github.com/hashicorp/vault/api"
"github.com/hashicorp/vault/command/config"
"github.com/hashicorp/vault/command/token"
"github.com/mitchellh/cli"
)
// DefaultTokenHelper returns the token helper that is configured for Vault.
// This helper should only be used for non-server CLI commands.
func DefaultTokenHelper() (token.TokenHelper, error) {
return config.DefaultTokenHelper()
}
// RawField extracts the raw field from the given data and returns it as a
// string for printing purposes.
func RawField(secret *api.Secret, field string) interface{} {
var val interface{}
switch {
case secret.Auth != nil:
switch field {
case "token":
val = secret.Auth.ClientToken
case "token_accessor":
val = secret.Auth.Accessor
case "token_duration":
val = secret.Auth.LeaseDuration
case "token_renewable":
val = secret.Auth.Renewable
case "token_policies":
val = secret.Auth.TokenPolicies
case "identity_policies":
val = secret.Auth.IdentityPolicies
case "policies":
val = secret.Auth.Policies
default:
val = secret.Data[field]
}
case secret.WrapInfo != nil:
switch field {
case "wrapping_token":
val = secret.WrapInfo.Token
case "wrapping_accessor":
val = secret.WrapInfo.Accessor
case "wrapping_token_ttl":
val = secret.WrapInfo.TTL
case "wrapping_token_creation_time":
val = secret.WrapInfo.CreationTime.Format(time.RFC3339Nano)
case "wrapping_token_creation_path":
val = secret.WrapInfo.CreationPath
case "wrapped_accessor":
val = secret.WrapInfo.WrappedAccessor
default:
val = secret.Data[field]
}
default:
switch field {
case "lease_duration":
val = secret.LeaseDuration
case "lease_id":
val = secret.LeaseID
case "request_id":
val = secret.RequestID
case "renewable":
val = secret.Renewable
case "refresh_interval":
val = secret.LeaseDuration
case "data":
var ok bool
val, ok = secret.Data["data"]
if !ok {
val = secret.Data
}
default:
val = secret.Data[field]
}
}
return val
}
// PrintRawField prints raw field from the secret.
func PrintRawField(ui cli.Ui, data interface{}, field string) int {
var val interface{}
switch data := data.(type) {
case *api.Secret:
val = RawField(data, field)
case map[string]interface{}:
val = data[field]
}
if val == nil {
ui.Error(fmt.Sprintf("Field %q not present in secret", field))
return 1
}
format := Format(ui)
if format == "" || format == "table" || format == "raw" {
return PrintRaw(ui, fmt.Sprintf("%v", val))
}
// Handle specific format flags as best as possible
formatter, ok := Formatters[format]
if !ok {
ui.Error(fmt.Sprintf("Invalid output format: %s", format))
return 1
}
b, err := formatter.Format(val)
if err != nil {
ui.Error(fmt.Sprintf("Error formatting output: %s", err))
return 1
}
return PrintRaw(ui, string(b))
}
// PrintRaw prints a raw value to the terminal. If the process is being "piped"
// to something else, the "raw" value is printed without a newline character.
// Otherwise the value is printed as normal.
func PrintRaw(ui cli.Ui, str string) int {
if !color.NoColor {
ui.Output(str)
} else {
// The cli.Ui prints a CR, which is not wanted since the user probably wants
// just the raw value.
w := getWriterFromUI(ui)
fmt.Fprint(w, str)
}
return 0
}
// getWriterFromUI accepts a cli.Ui and returns the underlying io.Writer by
// unwrapping as many wrapped Uis as necessary. If there is an unknown UI
// type, this falls back to os.Stdout.
func getWriterFromUI(ui cli.Ui) io.Writer {
switch t := ui.(type) {
case *VaultUI:
return getWriterFromUI(t.Ui)
case *cli.BasicUi:
return t.Writer
case *cli.ColoredUi:
return getWriterFromUI(t.Ui)
case *cli.ConcurrentUi:
return getWriterFromUI(t.Ui)
case *cli.MockUi:
return t.OutputWriter
default:
return os.Stdout
}
}