27bb03bbc0
* adding copyright header * fix fmt and a test
134 lines
3.1 KiB
Go
134 lines
3.1 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package command
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/hashicorp/vault/api"
|
|
"github.com/mitchellh/cli"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
var (
|
|
_ cli.Command = (*TokenLookupCommand)(nil)
|
|
_ cli.CommandAutocomplete = (*TokenLookupCommand)(nil)
|
|
)
|
|
|
|
type TokenLookupCommand struct {
|
|
*BaseCommand
|
|
|
|
flagAccessor bool
|
|
}
|
|
|
|
func (c *TokenLookupCommand) Synopsis() string {
|
|
return "Display information about a token"
|
|
}
|
|
|
|
func (c *TokenLookupCommand) Help() string {
|
|
helpText := `
|
|
Usage: vault token lookup [options] [TOKEN | ACCESSOR]
|
|
|
|
Displays information about a token or accessor. If a TOKEN is not provided,
|
|
the locally authenticated token is used.
|
|
|
|
Get information about the locally authenticated token (this uses the
|
|
/auth/token/lookup-self endpoint and permission):
|
|
|
|
$ vault token lookup
|
|
|
|
Get information about a particular token (this uses the /auth/token/lookup
|
|
endpoint and permission):
|
|
|
|
$ vault token lookup 96ddf4bc-d217-f3ba-f9bd-017055595017
|
|
|
|
Get information about a token via its accessor:
|
|
|
|
$ vault token lookup -accessor 9793c9b3-e04a-46f3-e7b8-748d7da248da
|
|
|
|
For a full list of examples, please see the documentation.
|
|
|
|
` + c.Flags().Help()
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *TokenLookupCommand) Flags() *FlagSets {
|
|
set := c.flagSet(FlagSetHTTP | FlagSetOutputFormat)
|
|
|
|
f := set.NewFlagSet("Command Options")
|
|
|
|
f.BoolVar(&BoolVar{
|
|
Name: "accessor",
|
|
Target: &c.flagAccessor,
|
|
Default: false,
|
|
EnvVar: "",
|
|
Completion: complete.PredictNothing,
|
|
Usage: "Treat the argument as an accessor instead of a token. When " +
|
|
"this option is selected, the output will NOT include the token.",
|
|
})
|
|
|
|
return set
|
|
}
|
|
|
|
func (c *TokenLookupCommand) AutocompleteArgs() complete.Predictor {
|
|
return c.PredictVaultFiles()
|
|
}
|
|
|
|
func (c *TokenLookupCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Flags().Completions()
|
|
}
|
|
|
|
func (c *TokenLookupCommand) Run(args []string) int {
|
|
f := c.Flags()
|
|
|
|
if err := f.Parse(args); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
token := ""
|
|
|
|
args = f.Args()
|
|
switch {
|
|
case c.flagAccessor && len(args) < 1:
|
|
c.UI.Error(fmt.Sprintf("Not enough arguments with -accessor (expected 1, got %d)", len(args)))
|
|
return 1
|
|
case c.flagAccessor && len(args) > 1:
|
|
c.UI.Error(fmt.Sprintf("Too many arguments with -accessor (expected 1, got %d)", len(args)))
|
|
return 1
|
|
case len(args) == 0:
|
|
// Use the local token
|
|
case len(args) == 1:
|
|
token = strings.TrimSpace(args[0])
|
|
case len(args) > 1:
|
|
c.UI.Error(fmt.Sprintf("Too many arguments (expected 0-1, got %d)", len(args)))
|
|
return 1
|
|
}
|
|
|
|
client, err := c.Client()
|
|
if err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 2
|
|
}
|
|
|
|
var secret *api.Secret
|
|
switch {
|
|
case token == "":
|
|
secret, err = client.Auth().Token().LookupSelf()
|
|
case c.flagAccessor:
|
|
secret, err = client.Auth().Token().LookupAccessor(token)
|
|
default:
|
|
secret, err = client.Auth().Token().Lookup(token)
|
|
}
|
|
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error looking up token: %s", err))
|
|
return 2
|
|
}
|
|
|
|
return OutputSecret(c.UI, secret)
|
|
}
|