summaryrefslogtreecommitdiffstats
path: root/sms-service
diff options
context:
space:
mode:
Diffstat (limited to 'sms-service')
-rw-r--r--sms-service/src/sms/Gopkg.lock143
-rw-r--r--sms-service/src/sms/backend/vault.go96
-rw-r--r--sms-service/src/sms/backend/vault_test.go26
-rw-r--r--sms-service/src/sms/handler/handler.go34
4 files changed, 246 insertions, 53 deletions
diff --git a/sms-service/src/sms/Gopkg.lock b/sms-service/src/sms/Gopkg.lock
index d02e074..89cecd4 100644
--- a/sms-service/src/sms/Gopkg.lock
+++ b/sms-service/src/sms/Gopkg.lock
@@ -2,12 +2,15 @@
[[projects]]
+ digest = "1:7202718ddfaa07d3c88e6d7bee854aa2ddceea5c75fa74c6c9f33de4db677ece"
name = "github.com/Jeffail/gabs"
packages = ["."]
+ pruneopts = ""
revision = "2a3aa15961d5fee6047b8151b67ac2f08ba2c48c"
version = "1.0"
[[projects]]
+ digest = "1:9226e1f08ec042456f59a403f534962176c6e2acc4153feb4416698e92ee5a80"
name = "github.com/SAP/go-hdb"
packages = [
"driver",
@@ -15,185 +18,237 @@
"internal/bufio",
"internal/protocol",
"internal/unicode",
- "internal/unicode/cesu8"
+ "internal/unicode/cesu8",
]
+ pruneopts = ""
revision = "18b52f9f36b84988ed1fa70daa79e4a7d9618f33"
version = "v0.11.0"
[[projects]]
+ digest = "1:8855efc2aff3afd6319da41b22a8ca1cfd1698af05a24852c01636ba65b133f0"
name = "github.com/SermoDigital/jose"
packages = [
".",
"crypto",
"jws",
- "jwt"
+ "jwt",
]
+ pruneopts = ""
revision = "f6df55f235c24f236d11dbcf665249a59ac2021f"
version = "1.1"
[[projects]]
branch = "master"
+ digest = "1:436959adf1a11c1ee93ee7cd3b25dfa63f235f9cc283d86f1606626d0b7efbb3"
name = "github.com/armon/go-metrics"
packages = ["."]
+ pruneopts = ""
revision = "783273d703149aaeb9897cf58613d5af48861c25"
[[projects]]
branch = "master"
+ digest = "1:2a1e6af234d7de1ccf4504f397cf7cfa82922ee59b29252e3c34cb38d0b91989"
name = "github.com/armon/go-radix"
packages = ["."]
+ pruneopts = ""
revision = "1fca145dffbcaa8fe914309b1ec0cfc67500fe61"
[[projects]]
branch = "master"
+ digest = "1:a87de848db7e19b41b06e5d672f8ed47b6f8ceb8b696d53fc9b5b7fba2b42f77"
name = "github.com/denisenkom/go-mssqldb"
packages = [
".",
- "internal/cp"
+ "internal/cp",
]
+ pruneopts = ""
revision = "e32faac87a2220f9342289f2c3b567d1424b8ec5"
[[projects]]
+ digest = "1:044b2f1eea2f5cfb0d3678baf60892734f59d5c2ea3932cb6ed894a97ccba15c"
name = "github.com/elazarl/go-bindata-assetfs"
packages = ["."]
+ pruneopts = ""
revision = "30f82fa23fd844bd5bb1e5f216db87fd77b5eb43"
version = "v1.0.0"
[[projects]]
+ digest = "1:55848e643a99a9dfceb19e090ce67111328fbb1780f34c62a0430994ff85fb90"
name = "github.com/fatih/structs"
packages = ["."]
+ pruneopts = ""
revision = "a720dfa8df582c51dee1b36feabb906bde1588bd"
version = "v1.0"
[[projects]]
+ digest = "1:24f8932912fd9331367d38715bb74be889dc2f94d401109c3aa3db8b3aa246c5"
name = "github.com/go-sql-driver/mysql"
packages = ["."]
+ pruneopts = ""
revision = "a0583e0143b1624142adab07e0e97fe106d99561"
version = "v1.3"
[[projects]]
branch = "master"
+ digest = "1:27ee7c7530501d991022ab7b289a3e023314cdd9f7072f135e1c86f6a8f645ee"
name = "github.com/gocql/gocql"
packages = [
".",
"internal/lru",
"internal/murmur",
- "internal/streams"
+ "internal/streams",
]
+ pruneopts = ""
revision = "3540fc649cd7fc57cef5612b7bacac7a4fc443d6"
[[projects]]
+ digest = "1:0a3f6a0c68ab8f3d455f8892295503b179e571b7fefe47cc6c556405d1f83411"
name = "github.com/gogo/protobuf"
packages = ["proto"]
+ pruneopts = ""
revision = "1adfc126b41513cc696b209667c8656ea7aac67c"
version = "v1.0.0"
[[projects]]
+ digest = "1:bcb38c8fc9b21bb8682ce2d605a7d4aeb618abc7f827e3ac0b27c0371fdb23fb"
name = "github.com/golang/protobuf"
packages = [
"proto",
"ptypes",
"ptypes/any",
"ptypes/duration",
- "ptypes/timestamp"
+ "ptypes/timestamp",
]
+ pruneopts = ""
revision = "925541529c1fa6821df4e44ce2723319eb2be768"
version = "v1.0.0"
[[projects]]
branch = "master"
+ digest = "1:09307dfb1aa3f49a2bf869dcfa4c6c06ecd3c207221bd1c1a1141f0e51f209eb"
name = "github.com/golang/snappy"
packages = ["."]
+ pruneopts = ""
revision = "553a641470496b2327abcac10b36396bd98e45c9"
[[projects]]
+ digest = "1:20ed7daa9b3b38b6d1d39b48ab3fd31122be5419461470d0c28de3e121c93ecf"
name = "github.com/gorilla/context"
packages = ["."]
+ pruneopts = ""
revision = "1ea25387ff6f684839d82767c1733ff4d4d15d0a"
version = "v1.1"
[[projects]]
+ digest = "1:aa016bbb412f496a7baed9e02787a60cd15c9a3edfa72da9c4a95d6cea610334"
name = "github.com/gorilla/mux"
packages = ["."]
+ pruneopts = ""
revision = "53c1911da2b537f792e7cafcb446b05ffe33b996"
version = "v1.6.1"
[[projects]]
branch = "master"
+ digest = "1:60b7bc5e043a11213472ae05252527287d20e0a6ccc18f6ae67fad88e41004de"
name = "github.com/hailocab/go-hostpool"
packages = ["."]
+ pruneopts = ""
revision = "e80d13ce29ede4452c43dea11e79b9bc8a15b478"
[[projects]]
branch = "master"
+ digest = "1:304c322b62533a48ac052ffee80f67087fce1bc07186cd4e610a1b0e77765836"
name = "github.com/hashicorp/errwrap"
packages = ["."]
+ pruneopts = ""
revision = "7554cd9344cec97297fa6649b055a8c98c2a1e55"
[[projects]]
branch = "master"
+ digest = "1:f5d25fd7bdda08e39e01193ef94a1ebf7547b1b931bcdec785d08050598f306c"
name = "github.com/hashicorp/go-cleanhttp"
packages = ["."]
+ pruneopts = ""
revision = "d5fe4b57a186c716b0e00b8c301cbd9b4182694d"
[[projects]]
branch = "master"
+ digest = "1:fc9a2736d92cf885c9b3c7f202d3aaf783bb2cc4124078f0ef7667b72173b66c"
name = "github.com/hashicorp/go-hclog"
packages = ["."]
+ pruneopts = ""
revision = "69ff559dc25f3b435631604f573a5fa1efdb6433"
[[projects]]
branch = "master"
+ digest = "1:4423ee95d6ee30bb22f680445c58889bb5b91e1b955405bf34374a053784a8a2"
name = "github.com/hashicorp/go-immutable-radix"
packages = ["."]
+ pruneopts = ""
revision = "7f3cd4390caab3250a57f30efdb2a65dd7649ecf"
[[projects]]
branch = "master"
+ digest = "1:7a6871e9a44517c0010ac9310c6629370839a22ab5ef3d9aedbe6cd96d130c33"
name = "github.com/hashicorp/go-memdb"
packages = ["."]
+ pruneopts = ""
revision = "1289e7fffe71d8fd4d4d491ba9a412c50f244c44"
[[projects]]
branch = "master"
+ digest = "1:b46ef59de1f724e8a2b508ea2b329eaf6cac4d71cbd44ad5e3dbd4e8fd49de9b"
name = "github.com/hashicorp/go-multierror"
packages = ["."]
+ pruneopts = ""
revision = "b7773ae218740a7be65057fc60b366a49b538a44"
[[projects]]
branch = "master"
+ digest = "1:de20979176f5f326a028fd0d3698f4ec18f6921b46c9d68a35200355c6e8e6b9"
name = "github.com/hashicorp/go-plugin"
packages = ["."]
+ pruneopts = ""
revision = "e8d22c780116115ae5624720c9af0c97afe4f551"
[[projects]]
branch = "master"
+ digest = "1:ff65bf6fc4d1116f94ac305342725c21b55c16819c2606adc8f527755716937f"
name = "github.com/hashicorp/go-rootcerts"
packages = ["."]
+ pruneopts = ""
revision = "6bb64b370b90e7ef1fa532be9e591a81c3493e00"
[[projects]]
branch = "master"
+ digest = "1:a531cc8f8d78655eaec90f714bf81015badc2bc6682ff1eda3fa03b6568b602b"
name = "github.com/hashicorp/go-uuid"
packages = ["."]
+ pruneopts = ""
revision = "27454136f0364f2d44b1276c552d69105cf8c498"
[[projects]]
branch = "master"
+ digest = "1:94158926759c3333201f81eee5a21112f7ae9d000b4d6926455008c7ab3fb7fc"
name = "github.com/hashicorp/go-version"
packages = ["."]
+ pruneopts = ""
revision = "23480c0665776210b5fbbac6eaaee40e3e6a96b7"
[[projects]]
branch = "master"
+ digest = "1:9c776d7d9c54b7ed89f119e449983c3f24c0023e75001d6092442412ebca6b94"
name = "github.com/hashicorp/golang-lru"
packages = [
".",
- "simplelru"
+ "simplelru",
]
+ pruneopts = ""
revision = "0fb14efe8c47ae851c0034ed7a448854d3d34cf3"
[[projects]]
branch = "master"
+ digest = "1:9b7c5846d70f425d7fe279595e32a20994c6075e87be03b5c367ed07280877c5"
name = "github.com/hashicorp/hcl"
packages = [
".",
@@ -204,11 +259,13 @@
"hcl/token",
"json/parser",
"json/scanner",
- "json/token"
+ "json/token",
]
+ pruneopts = ""
revision = "ef8a98b0bbce4a65b5aa4c368430a80ddc533168"
[[projects]]
+ digest = "1:820c02b39c079c8919901ea9cc75b93ae8bc0864271494f40f7eb78fd69a8cbb"
name = "github.com/hashicorp/vault"
packages = [
"api",
@@ -255,25 +312,31 @@
"plugins/helper/database/dbutil",
"shamir",
"vault",
- "version"
+ "version",
]
+ pruneopts = ""
revision = "5dd7f25f5c4b541f2da62d70075b6f82771a650d"
version = "v0.10.0"
[[projects]]
branch = "master"
+ digest = "1:502c6c45a693da0396113cf025f65da5c9ad15c542328cfbc8c4663a10cc707d"
name = "github.com/hashicorp/yamux"
packages = ["."]
+ pruneopts = ""
revision = "3520598351bb3500a49ae9563f5539666ae0a27c"
[[projects]]
branch = "master"
+ digest = "1:5d8602d6ebb444e0c18792d61fd4bb302a0d4d0b02cebf50c475f9dbeaabb884"
name = "github.com/jefferai/jsonx"
packages = ["."]
+ pruneopts = ""
revision = "9cc31c3135eef39b8e72585f37efa92b6ca314d0"
[[projects]]
branch = "master"
+ digest = "1:4497f215ab79ea03a5f8f29e971718e1de8ca1d063a7b727c408b807545236b0"
name = "github.com/keybase/go-crypto"
packages = [
"brainpool",
@@ -288,75 +351,97 @@
"openpgp/errors",
"openpgp/packet",
"openpgp/s2k",
- "rsa"
+ "rsa",
]
+ pruneopts = ""
revision = "d11a37f123888ff060339f516e392032dfcb98ff"
[[projects]]
branch = "master"
+ digest = "1:8f0ecac344e2c0a4a55df0306994ed2ce3b9e9598da959ce4e5831aaa05f1e1e"
name = "github.com/lib/pq"
packages = [
".",
- "oid"
+ "oid",
]
+ pruneopts = ""
revision = "d34b9ff171c21ad295489235aec8b6626023cd04"
[[projects]]
branch = "master"
+ digest = "1:ae14aee05347b333fd7ab0c801c789438ef559cfb1307b53d5c42ea3cf6d61b6"
name = "github.com/mitchellh/copystructure"
packages = ["."]
+ pruneopts = ""
revision = "d23ffcb85de31694d6ccaa23ccb4a03e55c1303f"
[[projects]]
branch = "master"
+ digest = "1:59d11e81d6fdd12a771321696bb22abdd9a94d26ac864787e98c9b419e428734"
name = "github.com/mitchellh/go-homedir"
packages = ["."]
+ pruneopts = ""
revision = "b8bc1bf767474819792c23f32d8286a45736f1c6"
[[projects]]
branch = "master"
+ digest = "1:51c98e2c9a8d0a724a69f46421876af14e12132cb02f1d0e144785d752247162"
name = "github.com/mitchellh/go-testing-interface"
packages = ["."]
+ pruneopts = ""
revision = "a61a99592b77c9ba629d254a693acffaeb4b7e28"
[[projects]]
branch = "master"
+ digest = "1:59fa50d593e5673a0dfffa1852b66fd700c05b35e368680b4b89a68fdb2c1379"
name = "github.com/mitchellh/mapstructure"
packages = ["."]
+ pruneopts = ""
revision = "00c29f56e2386353d58c599509e8dc3801b0d716"
[[projects]]
branch = "master"
+ digest = "1:a5aebbd13aa160140a1fd1286b94cd8c6ba3d1522014fd04508d7f36d5bb8d19"
name = "github.com/mitchellh/reflectwalk"
packages = ["."]
+ pruneopts = ""
revision = "63d60e9d0dbc60cf9164e6510889b0db6683d98c"
[[projects]]
+ digest = "1:94e9081cc450d2cdf4e6886fc2c06c07272f86477df2d74ee5931951fa3d2577"
name = "github.com/oklog/run"
packages = ["."]
+ pruneopts = ""
revision = "4dadeb3030eda0273a12382bb2348ffc7c9d1a39"
version = "v1.0.0"
[[projects]]
+ digest = "1:4c0404dc03d974acd5fcd8b8d3ce687b13bd169db032b89275e8b9d77b98ce8c"
name = "github.com/patrickmn/go-cache"
packages = ["."]
+ pruneopts = ""
revision = "a3647f8e31d79543b2d0f0ae2fe5c379d72cedc0"
version = "v2.1.0"
[[projects]]
+ digest = "1:29df111893b87bd947307aab294c042e900c2f29c53ad3896127955b4283728a"
name = "github.com/ryanuber/go-glob"
packages = ["."]
+ pruneopts = ""
revision = "572520ed46dbddaed19ea3d9541bdd0494163693"
version = "v0.1"
[[projects]]
branch = "master"
+ digest = "1:4592f9136f6d4289dbdea1b5aed5f23234bf75bbabc094203aea0363a760ddec"
name = "github.com/sethgrid/pester"
packages = ["."]
+ pruneopts = ""
revision = "ed9870dad3170c0b25ab9b11830cc57c3a7798fb"
[[projects]]
branch = "master"
+ digest = "1:47ff8b3229cff95d3cf3738c7a8461fdeacd3f46801e54d301a62500605ce202"
name = "golang.org/x/crypto"
packages = [
"cast5",
@@ -372,12 +457,14 @@
"openpgp/packet",
"openpgp/s2k",
"poly1305",
- "ssh"
+ "ssh",
]
+ pruneopts = ""
revision = "d6449816ce06963d9d136eee5a56fca5b0616e7e"
[[projects]]
branch = "master"
+ digest = "1:e578690e68b81d979995373286a9625f00c0381a67ed86e10334ace86d780d91"
name = "golang.org/x/net"
packages = [
"context",
@@ -387,17 +474,21 @@
"idna",
"internal/timeseries",
"lex/httplex",
- "trace"
+ "trace",
]
+ pruneopts = ""
revision = "d41e8174641f662c5a2d1c7a5f9e828788eb8706"
[[projects]]
branch = "master"
+ digest = "1:d4eda90cc85514f76c499c16e3ef2a6c65a58edac31c57a69c2a1e6105413667"
name = "golang.org/x/sys"
packages = ["unix"]
+ pruneopts = ""
revision = "3ccc7e5779793fd54564baf60c51bf017955e0ba"
[[projects]]
+ digest = "1:5acd3512b047305d49e8763eef7ba423901e85d5dd2fd1e71778a0ea8de10bd4"
name = "golang.org/x/text"
packages = [
"collate",
@@ -413,18 +504,22 @@
"unicode/bidi",
"unicode/cldr",
"unicode/norm",
- "unicode/rangetable"
+ "unicode/rangetable",
]
+ pruneopts = ""
revision = "f21a4dfb5e38f5895301dc265a8def02365cc3d0"
version = "v0.3.0"
[[projects]]
branch = "master"
+ digest = "1:8cfa91d1b7f6b66fa9b1a738a4bc1325837b861e63fb9a2919931d68871bb770"
name = "google.golang.org/genproto"
packages = ["googleapis/rpc/status"]
+ pruneopts = ""
revision = "7fd901a49ba6a7f87732eb344f6e3c5b19d1b200"
[[projects]]
+ digest = "1:e5e4d08a5e43727ae54ea371823ce14b2d5b454536cfa7e6b08cc309a51d9fe5"
name = "google.golang.org/grpc"
packages = [
".",
@@ -451,32 +546,48 @@
"stats",
"status",
"tap",
- "transport"
+ "transport",
]
+ pruneopts = ""
revision = "d11072e7ca9811b1100b80ca0269ac831f06d024"
version = "v1.11.3"
[[projects]]
+ digest = "1:75fb3fcfc73a8c723efde7777b40e8e8ff9babf30d8c56160d01beffea8a95a6"
name = "gopkg.in/inf.v0"
packages = ["."]
+ pruneopts = ""
revision = "d2d2541c53f18d2a059457998ce2876cc8e67cbf"
version = "v0.9.1"
[[projects]]
branch = "v2"
+ digest = "1:c80894778314c7fb90d94a5ab925214900e1341afeddc953cda7398b8cdcd006"
name = "gopkg.in/mgo.v2"
packages = [
".",
"bson",
"internal/json",
"internal/sasl",
- "internal/scram"
+ "internal/scram",
]
+ pruneopts = ""
revision = "3f83fa5005286a7fe593b055f0d7771a7dce4655"
[solve-meta]
analyzer-name = "dep"
analyzer-version = 1
- inputs-digest = "8280cde72a3ab78ad00d13c192de5920d188f3052f45884563896cab659469f9"
+ input-imports = [
+ "github.com/gorilla/mux",
+ "github.com/hashicorp/go-uuid",
+ "github.com/hashicorp/vault/api",
+ "github.com/hashicorp/vault/builtin/credential/approle",
+ "github.com/hashicorp/vault/http",
+ "github.com/hashicorp/vault/logical",
+ "github.com/hashicorp/vault/physical/inmem",
+ "github.com/hashicorp/vault/vault",
+ "golang.org/x/crypto/openpgp",
+ "golang.org/x/crypto/openpgp/packet",
+ ]
solver-name = "gps-cdcl"
solver-version = 1
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 7fee097..50e1b61 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -40,6 +40,8 @@ type Vault struct {
vaultClient *vaultapi.Client
vaultMountPrefix string
internalDomain string
+ internalDomainUUID string
+ internalDomainCache map[string]string
internalDomainMounted bool
vaultTempTokenTTL time.Time
vaultToken string
@@ -65,6 +67,8 @@ func (v *Vault) initVaultClient() error {
v.vaultClient = client
v.vaultMountPrefix = "sms"
v.internalDomain = "smsinternaldomain"
+ v.internalDomainUUID, _ = uuid.GenerateUUID()
+ v.internalDomainCache = make(map[string]string)
v.internalDomainMounted = false
v.prkey = ""
return nil
@@ -143,13 +147,19 @@ func (v *Vault) Unseal(shard string) error {
// GetSecret returns a secret mounted on a particular domain name
// The secret itself is referenced via its name which translates to
// a mount path in vault
-func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
+func (v *Vault) GetSecret(uuid string, name string) (Secret, error) {
err := v.checkToken()
if smslogger.CheckError(err, "Tocken Check") != nil {
return Secret{}, errors.New("Token check failed")
}
+ uuid = strings.TrimSpace(uuid)
+ dom, err := v.getDomainNameFromUUID(uuid)
+ if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
+ return Secret{}, errors.New("Unable to Get secret")
+ }
+
dom = v.vaultMountPrefix + "/" + dom
sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
@@ -168,13 +178,19 @@ func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
// ListSecret returns a list of secret names on a particular domain
// The values of the secret are not returned
-func (v *Vault) ListSecret(dom string) ([]string, error) {
+func (v *Vault) ListSecret(uuid string) ([]string, error) {
err := v.checkToken()
if smslogger.CheckError(err, "Token Check") != nil {
return nil, errors.New("Token check failed")
}
+ uuid = strings.TrimSpace(uuid)
+ dom, err := v.getDomainNameFromUUID(uuid)
+ if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
+ return nil, errors.New("Unable to list secrets in domain")
+ }
+
dom = v.vaultMountPrefix + "/" + dom
sec, err := v.vaultClient.Logical().List(dom)
@@ -224,6 +240,7 @@ func (v *Vault) mountInternalDomain(name string) error {
if strings.Contains(err.Error(), "existing mount") {
// It is already mounted
v.internalDomainMounted = true
+ v.internalDomainCache[v.internalDomainUUID] = v.internalDomain
return nil
}
// Ran into some other error mounting it.
@@ -231,6 +248,7 @@ func (v *Vault) mountInternalDomain(name string) error {
}
v.internalDomainMounted = true
+ v.internalDomainCache[v.internalDomainUUID] = v.internalDomain
return nil
}
@@ -256,14 +274,61 @@ func (v *Vault) storeUUID(uuid string, name string) error {
},
}
- err = v.CreateSecret(v.internalDomain, secret)
+ err = v.CreateSecret(v.internalDomainUUID, secret)
if smslogger.CheckError(err, "Write UUID to domain") != nil {
return err
}
+ // Cache the value for reverse lookups
+ // Note: Cache is lost when service restarts
+ v.internalDomainCache[uuid] = name
+
return nil
}
+// Retrieves UUID for domain name stored in smsinternal domain
+// under v.vaultMountPrefix / smsinternal domain
+func (v *Vault) getDomainNameFromUUID(uuid string) (string, error) {
+
+ // Check Cache
+ if val, ok := v.internalDomainCache[uuid]; ok {
+ return val, nil
+ }
+
+ // If not found in Cache, check in vault
+ // Check if token is still valid
+ err := v.checkToken()
+ if smslogger.CheckError(err, "Token Check") != nil {
+ return "", errors.New("Token Check failed")
+ }
+
+ // Should already be mounted by the initial store command
+ err = v.mountInternalDomain(v.internalDomain)
+ if smslogger.CheckError(err, "Mount Internal Domain") != nil {
+ return "", err
+ }
+
+ secList, err := v.ListSecret(v.internalDomainUUID)
+ if smslogger.CheckError(err, "List Domain Names") != nil {
+ return "", err
+ }
+
+ // Search for domain name in internal domain
+ // Also, refresh the cache with latest content
+ for _, secName := range secList {
+ sec, err := v.GetSecret(v.internalDomainUUID, secName)
+ if smslogger.CheckError(err, "Read Secret Internal Domain") != nil {
+ return "", err
+ }
+ if sec.Values["uuid"] == uuid {
+ v.internalDomainCache[uuid] = sec.Name
+ return sec.Name, nil
+ }
+ }
+
+ return "", errors.New("Unable to find entry in InternalDomain")
+}
+
// CreateSecretDomain mounts the kv backend on a path with the given name
func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
@@ -303,13 +368,19 @@ func (v *Vault) CreateSecretDomain(name string) (SecretDomain, error) {
// CreateSecret creates a secret mounted on a particular domain name
// The secret itself is mounted on a path specified by name
-func (v *Vault) CreateSecret(dom string, sec Secret) error {
+func (v *Vault) CreateSecret(uuid string, sec Secret) error {
err := v.checkToken()
if smslogger.CheckError(err, "Token Check") != nil {
return errors.New("Token check failed")
}
+ uuid = strings.TrimSpace(uuid)
+ dom, err := v.getDomainNameFromUUID(uuid)
+ if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
+ return errors.New("Unable to create secret")
+ }
+
dom = v.vaultMountPrefix + "/" + dom
// Vault return is empty on successful write
@@ -324,14 +395,19 @@ func (v *Vault) CreateSecret(dom string, sec Secret) error {
// DeleteSecretDomain deletes a secret domain which translates to
// an unmount operation on the given path in Vault
-func (v *Vault) DeleteSecretDomain(name string) error {
+func (v *Vault) DeleteSecretDomain(uuid string) error {
err := v.checkToken()
if smslogger.CheckError(err, "Token Check") != nil {
return errors.New("Token Check Failed")
}
- name = strings.TrimSpace(name)
+ uuid = strings.TrimSpace(uuid)
+ name, err := v.getDomainNameFromUUID(uuid)
+ if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
+ return errors.New("Unable to delete secret domain")
+ }
+
mountPath := v.vaultMountPrefix + "/" + name
err = v.vaultClient.Sys().Unmount(mountPath)
@@ -343,13 +419,19 @@ func (v *Vault) DeleteSecretDomain(name string) error {
}
// DeleteSecret deletes a secret mounted on the path provided
-func (v *Vault) DeleteSecret(dom string, name string) error {
+func (v *Vault) DeleteSecret(uuid string, name string) error {
err := v.checkToken()
if smslogger.CheckError(err, "Token Check") != nil {
return errors.New("Token check failed")
}
+ uuid = strings.TrimSpace(uuid)
+ dom, err := v.getDomainNameFromUUID(uuid)
+ if smslogger.CheckError(err, "Lookup Domain Name from UUID") != nil {
+ return errors.New("Unable to delete secret")
+ }
+
dom = v.vaultMountPrefix + "/" + dom
// Vault return is empty on successful delete
diff --git a/sms-service/src/sms/backend/vault_test.go b/sms-service/src/sms/backend/vault_test.go
index 4862665..c26cfa7 100644
--- a/sms-service/src/sms/backend/vault_test.go
+++ b/sms-service/src/sms/backend/vault_test.go
@@ -133,12 +133,12 @@ func TestDeleteSecretDomain(t *testing.T) {
tc, v := createLocalVaultServer(t)
defer tc.Cleanup()
- _, err := v.CreateSecretDomain("testdomain")
+ sd, err := v.CreateSecretDomain("testdomain")
if err != nil {
t.Fatal(err)
}
- err = v.DeleteSecretDomain("testdomain")
+ err = v.DeleteSecretDomain(sd.UUID)
if err != nil {
t.Fatal("DeleteSecretDomain: Unable to delete domain")
}
@@ -149,12 +149,12 @@ func TestCreateSecret(t *testing.T) {
tc, v := createLocalVaultServer(t)
defer tc.Cleanup()
- _, err := v.CreateSecretDomain("testdomain")
+ sd, err := v.CreateSecretDomain("testdomain")
if err != nil {
t.Fatal(err)
}
- err = v.CreateSecret("testdomain", secret)
+ err = v.CreateSecret(sd.UUID, secret)
if err != nil {
t.Fatal("CreateSecret: Error Creating secret")
@@ -166,17 +166,17 @@ func TestGetSecret(t *testing.T) {
tc, v := createLocalVaultServer(t)
defer tc.Cleanup()
- _, err := v.CreateSecretDomain("testdomain")
+ sd, err := v.CreateSecretDomain("testdomain")
if err != nil {
t.Fatal(err)
}
- err = v.CreateSecret("testdomain", secret)
+ err = v.CreateSecret(sd.UUID, secret)
if err != nil {
t.Fatal(err)
}
- sec, err := v.GetSecret("testdomain", secret.Name)
+ sec, err := v.GetSecret(sd.UUID, secret.Name)
if err != nil {
t.Fatal("GetSecret: Error Creating secret")
}
@@ -195,17 +195,17 @@ func TestListSecret(t *testing.T) {
tc, v := createLocalVaultServer(t)
defer tc.Cleanup()
- _, err := v.CreateSecretDomain("testdomain")
+ sd, err := v.CreateSecretDomain("testdomain")
if err != nil {
t.Fatal(err)
}
- err = v.CreateSecret("testdomain", secret)
+ err = v.CreateSecret(sd.UUID, secret)
if err != nil {
t.Fatal(err)
}
- _, err = v.ListSecret("testdomain")
+ _, err = v.ListSecret(sd.UUID)
if err != nil {
t.Fatal("ListSecret: Returned error")
}
@@ -216,17 +216,17 @@ func TestDeleteSecret(t *testing.T) {
tc, v := createLocalVaultServer(t)
defer tc.Cleanup()
- _, err := v.CreateSecretDomain("testdomain")
+ sd, err := v.CreateSecretDomain("testdomain")
if err != nil {
t.Fatal(err)
}
- err = v.CreateSecret("testdomain", secret)
+ err = v.CreateSecret(sd.UUID, secret)
if err != nil {
t.Fatal(err)
}
- err = v.DeleteSecret("testdomain", secret.Name)
+ err = v.DeleteSecret(sd.UUID, secret.Name)
if err != nil {
t.Fatal("DeleteSecret: Error Creating secret")
}
diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go
index 805f7a8..2d9e7c7 100644
--- a/sms-service/src/sms/handler/handler.go
+++ b/sms-service/src/sms/handler/handler.go
@@ -61,9 +61,9 @@ func (h handler) createSecretDomainHandler(w http.ResponseWriter, r *http.Reques
// deleteSecretDomainHandler deletes a secret domain with the name provided
func (h handler) deleteSecretDomainHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
- domName := vars["domName"]
+ domUUID := vars["domUUID"]
- err := h.secretBackend.DeleteSecretDomain(domName)
+ err := h.secretBackend.DeleteSecretDomain(domUUID)
if smslogger.CheckError(err, "DeleteSecretDomainHandler") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -76,7 +76,7 @@ func (h handler) deleteSecretDomainHandler(w http.ResponseWriter, r *http.Reques
func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
// Get domain name from URL
vars := mux.Vars(r)
- domName := vars["domName"]
+ domUUID := vars["domUUID"]
// Get secrets to be stored from body
var b smsbackend.Secret
@@ -86,7 +86,7 @@ func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
return
}
- err = h.secretBackend.CreateSecret(domName, b)
+ err = h.secretBackend.CreateSecret(domUUID, b)
if smslogger.CheckError(err, "CreateSecretHandler") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -98,10 +98,10 @@ func (h handler) createSecretHandler(w http.ResponseWriter, r *http.Request) {
// getSecretHandler handles reading a secret by given domain name and secret name
func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
- domName := vars["domName"]
+ domUUID := vars["domUUID"]
secName := vars["secretName"]
- sec, err := h.secretBackend.GetSecret(domName, secName)
+ sec, err := h.secretBackend.GetSecret(domUUID, secName)
if smslogger.CheckError(err, "GetSecretHandler") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -118,9 +118,9 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
// listSecretHandler handles listing all secrets under a particular domain name
func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
- domName := vars["domName"]
+ domUUID := vars["domUUID"]
- secList, err := h.secretBackend.ListSecret(domName)
+ secList, err := h.secretBackend.ListSecret(domUUID)
if smslogger.CheckError(err, "ListSecretHandler") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -144,10 +144,10 @@ func (h handler) listSecretHandler(w http.ResponseWriter, r *http.Request) {
// deleteSecretHandler handles deleting a secret by given domain name and secret name
func (h handler) deleteSecretHandler(w http.ResponseWriter, r *http.Request) {
vars := mux.Vars(r)
- domName := vars["domName"]
+ domUUID := vars["domUUID"]
secName := vars["secretName"]
- err := h.secretBackend.DeleteSecret(domName, secName)
+ err := h.secretBackend.DeleteSecret(domUUID, secName)
if smslogger.CheckError(err, "DeleteSecretHandler") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -266,13 +266,13 @@ func (h handler) healthCheckHandler(w http.ResponseWriter, r *http.Request) {
// backend is not sealed
dname, _ := uuid.GenerateUUID()
- _, err = h.secretBackend.CreateSecretDomain(dname)
+ dom, err := h.secretBackend.CreateSecretDomain(dname)
if smslogger.CheckError(err, "HealthCheck Create Domain") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
- err = h.secretBackend.DeleteSecretDomain(dname)
+ err = h.secretBackend.DeleteSecretDomain(dom.UUID)
if smslogger.CheckError(err, "HealthCheck Delete Domain") != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
@@ -299,12 +299,12 @@ func CreateRouter(b smsbackend.SecretBackend) http.Handler {
router.HandleFunc("/v1/sms/healthcheck", h.healthCheckHandler).Methods("GET")
router.HandleFunc("/v1/sms/domain", h.createSecretDomainHandler).Methods("POST")
- router.HandleFunc("/v1/sms/domain/{domName}", h.deleteSecretDomainHandler).Methods("DELETE")
+ router.HandleFunc("/v1/sms/domain/{domUUID}", h.deleteSecretDomainHandler).Methods("DELETE")
- router.HandleFunc("/v1/sms/domain/{domName}/secret", h.createSecretHandler).Methods("POST")
- router.HandleFunc("/v1/sms/domain/{domName}/secret", h.listSecretHandler).Methods("GET")
- router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.getSecretHandler).Methods("GET")
- router.HandleFunc("/v1/sms/domain/{domName}/secret/{secretName}", h.deleteSecretHandler).Methods("DELETE")
+ router.HandleFunc("/v1/sms/domain/{domUUID}/secret", h.createSecretHandler).Methods("POST")
+ router.HandleFunc("/v1/sms/domain/{domUUID}/secret", h.listSecretHandler).Methods("GET")
+ router.HandleFunc("/v1/sms/domain/{domUUID}/secret/{secretName}", h.getSecretHandler).Methods("GET")
+ router.HandleFunc("/v1/sms/domain/{domUUID}/secret/{secretName}", h.deleteSecretHandler).Methods("DELETE")
return router
}