diff options
| author |   Kiran <kiran.k.kamineni@intel.com> | 2018-02-22 14:53:58 -0800 |
|---|---|---|
| committer | Kiran <kiran.k.kamineni@intel.com> | 2018-02-22 15:20:45 -0800 |
| commit | 3909b2b804fcb7fdb2b8e5087f51a5d33aa2342f (patch) | |
| tree | 918c40b671591cdb928036cd246bb098c1af4f95 | |
| parent | cfc939f3cb2042c220d38ad730e993d133d926e9 (diff) | |
Get Secret implementation
Completing getsecret backend implementation and handler call
Also adding in checktoken call before secret is read from vault
Issue-ID: AAF-137
Change-Id: Ia987af51c039290d1a06b7e2b4a8aa6a63e469c6
Signed-off-by: Kiran <kiran.k.kamineni@intel.com>
| -rw-r--r-- | sms-service/src/sms/backend/vault.go | 20 | ||||
| -rw-r--r-- | sms-service/src/sms/handler/handler.go | 13 |
2 files changed, 29 insertions, 4 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go index 2a0b3cd..1359adb 100644 --- a/sms-service/src/sms/backend/vault.go +++ b/sms-service/src/sms/backend/vault.go @@ -95,9 +95,25 @@ func (v *Vault) GetSecretDomain(name string) (SecretDomain, error) { // GetSecret returns a secret mounted on a particular domain name // The secret itself is referenced via its name which translates to // a mount path in vault -func (v *Vault) GetSecret(dom string, sec string) (Secret, error) { +func (v *Vault) GetSecret(dom string, name string) (Secret, error) { + err := v.checkToken() + if err != nil { + return Secret{}, errors.New("Token check returned error: " + err.Error()) + } + + dom = v.vaultMount + "/" + dom + + sec, err := v.vaultClient.Logical().Read(dom + "/" + name) + if err != nil { + return Secret{}, errors.New("unable to read Secret at provided path") + } + + // sec and err are nil in the case where a path does not exist + if sec == nil { + return Secret{}, errors.New("Secret not found at the provided path") + } - return Secret{}, nil + return Secret{Name: name, Values: sec.Data}, nil } // CreateSecretDomain mounts the kv backend on a path with the given name diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go index ed68c81..3798023 100644 --- a/sms-service/src/sms/handler/handler.go +++ b/sms-service/src/sms/handler/handler.go @@ -102,8 +102,17 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) { domName := vars["domName"] secName := vars["secretName"] - h.secretBackend.GetSecret(domName, secName) - //encode and return response + sec, err := h.secretBackend.GetSecret(domName, secName) + if err != nil { + http.Error(w, err.Error(), 500) + return + } + + err = json.NewEncoder(w).Encode(sec) + if err != nil { + http.Error(w, err.Error(), 400) + return + } } // deleteSecretHandler handles deleting a secret by given domain name and secret name |