summaryrefslogtreecommitdiffstats
path: root/sms-service/src
diff options
context:
space:
mode:
authorKiran <kiran.k.kamineni@intel.com>2018-02-23 12:23:03 -0800
committerKiran <kiran.k.kamineni@intel.com>2018-02-23 15:22:18 -0800
commit2272f46277dfaebe05a9781ae2e629a1c0c49194 (patch)
tree0b8d2384c7b815717a6777c28ce7b1270c69d00c /sms-service/src
parente3d682c5f14994c2b85ff26ddf6ae3148b499de3 (diff)
Adding Listsecret capability
A GET HTTP request on domainname/secret will now list all the secret names stored in that domain The content of the secrets are not returned here. Issue-ID: AAF-140 Change-Id: I0e0491f642e1ff82f11cb90a93df4a71393bc5ac Signed-off-by: Kiran <kiran.k.kamineni@intel.com>
Diffstat (limited to 'sms-service/src')
-rw-r--r--sms-service/src/sms/backend/backend.go2
-rw-r--r--sms-service/src/sms/backend/vault.go35
-rw-r--r--sms-service/src/sms/handler/handler.go19
-rw-r--r--sms-service/src/sms/handler/handler_test.go4
4 files changed, 59 insertions, 1 deletions
diff --git a/sms-service/src/sms/backend/backend.go b/sms-service/src/sms/backend/backend.go
index 3ea651a..2cc3798 100644
--- a/sms-service/src/sms/backend/backend.go
+++ b/sms-service/src/sms/backend/backend.go
@@ -48,6 +48,8 @@ type SecretBackend interface {
GetSecretDomain(name string) (SecretDomain, error)
GetSecret(dom string, sec string) (Secret, error)
+ ListSecret(dom string) ([]string, error)
+
CreateSecretDomain(name string) (SecretDomain, error)
CreateSecret(dom string, sec Secret) error
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 7fc1747..bfc3367 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -105,7 +105,7 @@ func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
if err != nil {
- return Secret{}, errors.New("unable to read Secret at provided path")
+ return Secret{}, errors.New("Unable to read Secret at provided path")
}
// sec and err are nil in the case where a path does not exist
@@ -116,6 +116,39 @@ func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
return Secret{Name: name, Values: sec.Data}, nil
}
+// ListSecret returns a list of secret names on a particular domain
+// The values of the secret are not returned
+func (v *Vault) ListSecret(dom string) ([]string, error) {
+ err := v.checkToken()
+ if err != nil {
+ return nil, errors.New("Token check returned error: " + err.Error())
+ }
+
+ dom = v.vaultMount + "/" + dom
+
+ sec, err := v.vaultClient.Logical().List(dom)
+ if err != nil {
+ return nil, errors.New("Unable to read Secret at provided path")
+ }
+
+ // sec and err are nil in the case where a path does not exist
+ if sec == nil {
+ return nil, errors.New("Secret not found at the provided path")
+ }
+
+ val, ok := sec.Data["keys"].([]interface{})
+ if !ok {
+ return nil, errors.New("Secret not found at the provided path")
+ }
+
+ retval := make([]string, len(val))
+ for i, v := range val {
+ retval[i] = fmt.Sprint(v)
+ }
+
+ return retval, nil
+}
+
// CreateSecretDomain mounts the kv backend on a path with the given name
func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
// Check if token is still valid
diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go
index 3798023..5fdbf3b 100644
--- a/sms-service/src/sms/handler/handler.go
+++ b/sms-service/src/sms/handler/handler.go
@@ -115,6 +115,24 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
}
}
+// listSecretHandler handles listing all secrets under a particular domain name
+func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
+ vars := mux.Vars(r)
+ domName := vars["domName"]
+
+ sec, err := h.secretBackend.ListSecret(domName)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+
+ err = json.NewEncoder(w).Encode(sec)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+}
+
// deleteSecretHandler handles deleting a secret by given domain name and secret name
func (h handler) deleteSecretHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
@@ -181,6 +199,7 @@ func CreateRouter(b smsbackend.SecretBackend) http.Handler {
router.HandleFunc("/v1/sms/domain/{domName}", h.deleteSecretDomainHandler).Methods("DELETE")
router.HandleFunc("/v1/sms/domain/{domName}/secret", h.createSecretHandler).Methods("POST")
+ router.HandleFunc("/v1/sms/domain/{domName}/secret", h.listSecretHandler).Methods("GET")
router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.getSecretHandler).Methods("GET")
router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.deleteSecretHandler).Methods("DELETE")
diff --git a/sms-service/src/sms/handler/handler_test.go b/sms-service/src/sms/handler/handler_test.go
index affa6f7..d8f9f9f 100644
--- a/sms-service/src/sms/handler/handler_test.go
+++ b/sms-service/src/sms/handler/handler_test.go
@@ -50,6 +50,10 @@ func (b *TestBackend) GetSecret(dom string, sec string) (smsbackend.Secret, erro
return smsbackend.Secret{}, nil
}
+func (b *TestBackend) ListSecret(dom string) ([]string, error) {
+ return nil, nil
+}
+
func (b *TestBackend) CreateSecretDomain(name string) (smsbackend.SecretDomain, error) {
return smsbackend.SecretDomain{}, nil
}