diff options
Diffstat (limited to 'sms-service')
-rw-r--r-- | sms-service/src/sms/backend/vault.go | 20 | ||||
-rw-r--r-- | sms-service/src/sms/handler/handler.go | 13 |
2 files changed, 29 insertions, 4 deletions
diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go index 2a0b3cd..1359adb 100644 --- a/sms-service/src/sms/backend/vault.go +++ b/sms-service/src/sms/backend/vault.go @@ -95,9 +95,25 @@ func (v *Vault) GetSecretDomain(name string) (SecretDomain, error) { // GetSecret returns a secret mounted on a particular domain name // The secret itself is referenced via its name which translates to // a mount path in vault -func (v *Vault) GetSecret(dom string, sec string) (Secret, error) { +func (v *Vault) GetSecret(dom string, name string) (Secret, error) { + err := v.checkToken() + if err != nil { + return Secret{}, errors.New("Token check returned error: " + err.Error()) + } + + dom = v.vaultMount + "/" + dom + + sec, err := v.vaultClient.Logical().Read(dom + "/" + name) + if err != nil { + return Secret{}, errors.New("unable to read Secret at provided path") + } + + // sec and err are nil in the case where a path does not exist + if sec == nil { + return Secret{}, errors.New("Secret not found at the provided path") + } - return Secret{}, nil + return Secret{Name: name, Values: sec.Data}, nil } // CreateSecretDomain mounts the kv backend on a path with the given name diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go index ed68c81..3798023 100644 --- a/sms-service/src/sms/handler/handler.go +++ b/sms-service/src/sms/handler/handler.go @@ -102,8 +102,17 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) { domName := vars["domName"] secName := vars["secretName"] - h.secretBackend.GetSecret(domName, secName) - //encode and return response + sec, err := h.secretBackend.GetSecret(domName, secName) + if err != nil { + http.Error(w, err.Error(), 500) + return + } + + err = json.NewEncoder(w).Encode(sec) + if err != nil { + http.Error(w, err.Error(), 400) + return + } } // deleteSecretHandler handles deleting a secret by given domain name and secret name |