Revert change to UUID and go back to domain names

UUID based urls are pain points for clients as per feedback Reverting to using known domain names Issue-ID: AAF-502 Change-Id: If3d5861ad8cc40adf84d41cd90c90fcde60446ab Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
author: Kiran Kamineni <kiran.k.kamineni@intel.com> 2018-09-17 12:44:40 -0700
committer: Kiran Kamineni <kiran.k.kamineni@intel.com> 2018-09-17 12:44:47 -0700
commit: a33fe5704dddd5018c131677f114c0952ff47d86 (patch)
tree: 52cc6eefa8ea6025ebc9c76579312b42e29b7069
parent: 7f82c1d604c9941ebd028a5bf2c47e56492aa3eb (diff)
3 files changed, 41 insertions, 119 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 50e1b61..ba3e502 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -40,8 +40,6 @@ type Vault struct {
 	vaultClient           *vaultapi.Client
 	vaultMountPrefix      string
 	internalDomain        string
-	internalDomainUUID    string
-	internalDomainCache   map[string]string
 	internalDomainMounted bool
 	vaultTempTokenTTL     time.Time
 	vaultToken            string
@@ -67,8 +65,6 @@ func (v *Vault) initVaultClient() error {
 	v.vaultClient = client
 	v.vaultMountPrefix = "sms"
 	v.internalDomain = "smsinternaldomain"
-	v.internalDomainUUID, _ = uuid.GenerateUUID()
-	v.internalDomainCache = make(map[string]string)
 	v.internalDomainMounted = false
 	v.prkey = ""
 	return nil
@@ -147,19 +143,14 @@ func (v *Vault) Unseal(shard string) error {
 // GetSecret returns a secret mounted on a particular domain name
 // The secret itself is referenced via its name which translates to
 // a mount path in vault
-func (v *Vault) GetSecret(uuid string, name string) (Secret, error) {
+func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
 
 	err := v.checkToken()
 	if smslogger.CheckError(err, "Tocken Check") != nil {
 		return Secret{}, errors.New("Token check failed")
 	}
 
-	uuid = strings.TrimSpace(uuid)
-	dom, err := v.getDomainNameFromUUID(uuid)
-	if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
-		return Secret{}, errors.New("Unable to Get secret")
-	}
-
+	dom = strings.TrimSpace(dom)
 	dom = v.vaultMountPrefix + "/" + dom
 
 	sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
@@ -178,19 +169,14 @@ func (v *Vault) GetSecret(uuid string, name string) (Secret, error) {
 
 // ListSecret returns a list of secret names on a particular domain
 // The values of the secret are not returned
-func (v *Vault) ListSecret(uuid string) ([]string, error) {
+func (v *Vault) ListSecret(dom string) ([]string, error) {
 
 	err := v.checkToken()
 	if smslogger.CheckError(err, "Token Check") != nil {
 		return nil, errors.New("Token check failed")
 	}
 
-	uuid = strings.TrimSpace(uuid)
-	dom, err := v.getDomainNameFromUUID(uuid)
-	if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
-		return nil, errors.New("Unable to list secrets in domain")
-	}
-
+	dom = strings.TrimSpace(dom)
 	dom = v.vaultMountPrefix + "/" + dom
 
 	sec, err := v.vaultClient.Logical().List(dom)
@@ -240,7 +226,6 @@ func (v *Vault) mountInternalDomain(name string) error {
 		if strings.Contains(err.Error(), "existing mount") {
 			// It is already mounted
 			v.internalDomainMounted = true
-			v.internalDomainCache[v.internalDomainUUID] = v.internalDomain
 			return nil
 		}
 		// Ran into some other error mounting it.
@@ -248,7 +233,6 @@ func (v *Vault) mountInternalDomain(name string) error {
 	}
 
 	v.internalDomainMounted = true
-	v.internalDomainCache[v.internalDomainUUID] = v.internalDomain
 	return nil
 }
 
@@ -274,61 +258,14 @@ func (v *Vault) storeUUID(uuid string, name string) error {
 		},
 	}
 
-	err = v.CreateSecret(v.internalDomainUUID, secret)
+	err = v.CreateSecret(v.internalDomain, secret)
 	if smslogger.CheckError(err, "Write UUID to domain") != nil {
 		return err
 	}
 
-	// Cache the value for reverse lookups
-	// Note: Cache is lost when service restarts
-	v.internalDomainCache[uuid] = name
-
 	return nil
 }
 
-// Retrieves UUID for domain name stored in smsinternal domain
-// under v.vaultMountPrefix / smsinternal domain
-func (v *Vault) getDomainNameFromUUID(uuid string) (string, error) {
-
-	// Check Cache
-	if val, ok := v.internalDomainCache[uuid]; ok {
-		return val, nil
-	}
-
-	// If not found in Cache, check in vault
-	// Check if token is still valid
-	err := v.checkToken()
-	if smslogger.CheckError(err, "Token Check") != nil {
-		return "", errors.New("Token Check failed")
-	}
-
-	// Should already be mounted by the initial store command
-	err = v.mountInternalDomain(v.internalDomain)
-	if smslogger.CheckError(err, "Mount Internal Domain") != nil {
-		return "", err
-	}
-
-	secList, err := v.ListSecret(v.internalDomainUUID)
-	if smslogger.CheckError(err, "List Domain Names") != nil {
-		return "", err
-	}
-
-	// Search for domain name in internal domain
-	// Also, refresh the cache with latest content
-	for _, secName := range secList {
-		sec, err := v.GetSecret(v.internalDomainUUID, secName)
-		if smslogger.CheckError(err, "Read Secret Internal Domain") != nil {
-			return "", err
-		}
-		if sec.Values["uuid"] == uuid {
-			v.internalDomainCache[uuid] = sec.Name
-			return sec.Name, nil
-		}
-	}
-
-	return "", errors.New("Unable to find entry in InternalDomain")
-}
-
 // CreateSecretDomain mounts the kv backend on a path with the given name
 func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
 
@@ -368,19 +305,14 @@ func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
 
 // CreateSecret creates a secret mounted on a particular domain name
 // The secret itself is mounted on a path specified by name
-func (v *Vault) CreateSecret(uuid string, sec Secret) error {
+func (v *Vault) CreateSecret(dom string, sec Secret) error {
 
 	err := v.checkToken()
 	if smslogger.CheckError(err, "Token Check") != nil {
 		return errors.New("Token check failed")
 	}
 
-	uuid = strings.TrimSpace(uuid)
-	dom, err := v.getDomainNameFromUUID(uuid)
-	if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
-		return errors.New("Unable to create secret")
-	}
-
+	dom = strings.TrimSpace(dom)
 	dom = v.vaultMountPrefix + "/" + dom
 
 	// Vault return is empty on successful write
@@ -395,20 +327,15 @@ func (v *Vault) CreateSecret(uuid string, sec Secret) error {
 
 // DeleteSecretDomain deletes a secret domain which translates to
 // an unmount operation on the given path in Vault
-func (v *Vault) DeleteSecretDomain(uuid string) error {
+func (v *Vault) DeleteSecretDomain(dom string) error {
 
 	err := v.checkToken()
 	if smslogger.CheckError(err, "Token Check") != nil {
 		return errors.New("Token Check Failed")
 	}
 
-	uuid = strings.TrimSpace(uuid)
-	name, err := v.getDomainNameFromUUID(uuid)
-	if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
-		return errors.New("Unable to delete secret domain")
-	}
-
-	mountPath := v.vaultMountPrefix + "/" + name
+	dom = strings.TrimSpace(dom)
+	mountPath := v.vaultMountPrefix + "/" + dom
 
 	err = v.vaultClient.Sys().Unmount(mountPath)
 	if smslogger.CheckError(err, "Delete Domain") != nil {
@@ -419,19 +346,14 @@ func (v *Vault) DeleteSecretDomain(uuid string) error {
 }
 
 // DeleteSecret deletes a secret mounted on the path provided
-func (v *Vault) DeleteSecret(uuid string, name string) error {
+func (v *Vault) DeleteSecret(dom string, name string) error {
 
 	err := v.checkToken()
 	if smslogger.CheckError(err, "Token Check") != nil {
 		return errors.New("Token check failed")
 	}
 
-	uuid = strings.TrimSpace(uuid)
-	dom, err := v.getDomainNameFromUUID(uuid)
-	if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
-		return errors.New("Unable to delete secret")
-	}
-
+	dom = strings.TrimSpace(dom)
 	dom = v.vaultMountPrefix + "/" + dom
 
 	// Vault return is empty on successful delete
diff --git a/sms-service/src/sms/backend/vault_test.go b/sms-service/src/sms/backend/vault_test.go
index c26cfa7..bc72337 100644
--- a/sms-service/src/sms/backend/vault_test.go
+++ b/sms-service/src/sms/backend/vault_test.go
@@ -133,12 +133,12 @@ func TestDeleteSecretDomain(t *testing.T) {
 	tc, v := createLocalVaultServer(t)
 	defer tc.Cleanup()
 
-	sd, err := v.CreateSecretDomain("testdomain")
+	_, err := v.CreateSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.DeleteSecretDomain(sd.UUID)
+	err = v.DeleteSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal("DeleteSecretDomain: Unable to delete domain")
 	}
@@ -149,12 +149,12 @@ func TestCreateSecret(t *testing.T) {
 	tc, v := createLocalVaultServer(t)
 	defer tc.Cleanup()
 
-	sd, err := v.CreateSecretDomain("testdomain")
+	_, err := v.CreateSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.CreateSecret(sd.UUID, secret)
+	err = v.CreateSecret("testdomain", secret)
 
 	if err != nil {
 		t.Fatal("CreateSecret: Error Creating secret")
@@ -166,19 +166,19 @@ func TestGetSecret(t *testing.T) {
 	tc, v := createLocalVaultServer(t)
 	defer tc.Cleanup()
 
-	sd, err := v.CreateSecretDomain("testdomain")
+	_, err := v.CreateSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.CreateSecret(sd.UUID, secret)
+	err = v.CreateSecret("testdomain", secret)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	sec, err := v.GetSecret(sd.UUID, secret.Name)
+	sec, err := v.GetSecret("testdomain", secret.Name)
 	if err != nil {
-		t.Fatal("GetSecret: Error Creating secret")
+		t.Fatal("GetSecret: Error Getting secret")
 	}
 
 	if sec.Name != secret.Name {
@@ -195,17 +195,17 @@ func TestListSecret(t *testing.T) {
 	tc, v := createLocalVaultServer(t)
 	defer tc.Cleanup()
 
-	sd, err := v.CreateSecretDomain("testdomain")
+	_, err := v.CreateSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.CreateSecret(sd.UUID, secret)
+	err = v.CreateSecret("testdomain", secret)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	_, err = v.ListSecret(sd.UUID)
+	_, err = v.ListSecret("testdomain")
 	if err != nil {
 		t.Fatal("ListSecret: Returned error")
 	}
@@ -216,17 +216,17 @@ func TestDeleteSecret(t *testing.T) {
 	tc, v := createLocalVaultServer(t)
 	defer tc.Cleanup()
 
-	sd, err := v.CreateSecretDomain("testdomain")
+	_, err := v.CreateSecretDomain("testdomain")
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.CreateSecret(sd.UUID, secret)
+	err = v.CreateSecret("testdomain", secret)
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	err = v.DeleteSecret(sd.UUID, secret.Name)
+	err = v.DeleteSecret("testdomain", secret.Name)
 	if err != nil {
 		t.Fatal("DeleteSecret: Error Creating secret")
 	}
diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go
index 2d9e7c7..902d170 100644
--- a/sms-service/src/sms/handler/handler.go
+++ b/sms-service/src/sms/handler/handler.go
@@ -61,9 +61,9 @@ func (h handler) createSecretDomainHandler(w http.ResponseWriter, r *http.Reques
 // deleteSecretDomainHandler deletes a secret domain with the name provided
 func (h handler) deleteSecretDomainHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
-	domUUID := vars["domUUID"]
+	domName := vars["domName"]
 
-	err := h.secretBackend.DeleteSecretDomain(domUUID)
+	err := h.secretBackend.DeleteSecretDomain(domName)
 	if smslogger.CheckError(err, "DeleteSecretDomainHandler") != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -76,7 +76,7 @@ func (h handler) deleteSecretDomainHandler(w http.ResponseWriter, r *http.Reques
 func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
 	// Get domain name from URL
 	vars := mux.Vars(r)
-	domUUID := vars["domUUID"]
+	domName := vars["domName"]
 
 	// Get secrets to be stored from body
 	var b smsbackend.Secret
@@ -86,7 +86,7 @@ func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = h.secretBackend.CreateSecret(domUUID, b)
+	err = h.secretBackend.CreateSecret(domName, b)
 	if smslogger.CheckError(err, "CreateSecretHandler") != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -98,10 +98,10 @@ func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
 // getSecretHandler handles reading a secret by given domain name and secret name
 func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
-	domUUID := vars["domUUID"]
+	domName := vars["domName"]
 	secName := vars["secretName"]
 
-	sec, err := h.secretBackend.GetSecret(domUUID, secName)
+	sec, err := h.secretBackend.GetSecret(domName, secName)
 	if smslogger.CheckError(err, "GetSecretHandler") != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -118,9 +118,9 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 // listSecretHandler handles listing all secrets under a particular domain name
 func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
-	domUUID := vars["domUUID"]
+	domName := vars["domName"]
 
-	secList, err := h.secretBackend.ListSecret(domUUID)
+	secList, err := h.secretBackend.ListSecret(domName)
 	if smslogger.CheckError(err, "ListSecretHandler") != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -144,10 +144,10 @@ func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
 // deleteSecretHandler handles deleting a secret by given domain name and secret name
 func (h handler) deleteSecretHandler(w http.ResponseWriter, r *http.Request) {
 	vars := mux.Vars(r)
-	domUUID := vars["domUUID"]
+	domName := vars["domName"]
 	secName := vars["secretName"]
 
-	err := h.secretBackend.DeleteSecret(domUUID, secName)
+	err := h.secretBackend.DeleteSecret(domName, secName)
 	if smslogger.CheckError(err, "DeleteSecretHandler") != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -299,12 +299,12 @@ func CreateRouter(b smsbackend.SecretBackend) http.Handler {
 
 	router.HandleFunc("/v1/sms/healthcheck", h.healthCheckHandler).Methods("GET")
 	router.HandleFunc("/v1/sms/domain", h.createSecretDomainHandler).Methods("POST")
-	router.HandleFunc("/v1/sms/domain/{domUUID}", h.deleteSecretDomainHandler).Methods("DELETE")
+	router.HandleFunc("/v1/sms/domain/{domName}", h.deleteSecretDomainHandler).Methods("DELETE")
 
-	router.HandleFunc("/v1/sms/domain/{domUUID}/secret", h.createSecretHandler).Methods("POST")
-	router.HandleFunc("/v1/sms/domain/{domUUID}/secret", h.listSecretHandler).Methods("GET")
-	router.HandleFunc("/v1/sms/domain/{domUUID}/secret/{secretName}", h.getSecretHandler).Methods("GET")
-	router.HandleFunc("/v1/sms/domain/{domUUID}/secret/{secretName}", h.deleteSecretHandler).Methods("DELETE")
+	router.HandleFunc("/v1/sms/domain/{domName}/secret", h.createSecretHandler).Methods("POST")
+	router.HandleFunc("/v1/sms/domain/{domName}/secret", h.listSecretHandler).Methods("GET")
+	router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.getSecretHandler).Methods("GET")
+	router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.deleteSecretHandler).Methods("DELETE")
 
 	return router
 }
author	Kiran Kamineni <kiran.k.kamineni@intel.com>	2018-09-17 12:44:40 -0700
committer	Kiran Kamineni <kiran.k.kamineni@intel.com>	2018-09-17 12:44:47 -0700
commit	a33fe5704dddd5018c131677f114c0952ff47d86 (patch)
tree	52cc6eefa8ea6025ebc9c76579312b42e29b7069
parent	7f82c1d604c9941ebd028a5bf2c47e56492aa3eb (diff)