-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathauth_token.go
84 lines (72 loc) · 2.57 KB
/
auth_token.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
// Copyright 2021 Outreach Corporation. All Rights Reserved.
//
// Description: Stores functions to interact with basic /auth/token endpoints
package vault_client //nolint:revive // Why: We're using - in the name
import (
"context"
"net/http"
"time"
"github.com/getoutreach/gobox/pkg/cfg"
)
// TokenAuthMethod implements a AuthMethod backed by a static authentication token
type TokenAuthMethod struct {
token cfg.SecretData
}
// NewTokenAuthMethod returns a new TokenAuthMethod with the given token
func NewTokenAuthMethod(token cfg.SecretData) *TokenAuthMethod {
return &TokenAuthMethod{token}
}
// GetToken returns the static token while implementing AuthMethod.GetToken()
func (a *TokenAuthMethod) GetToken(ctx context.Context) (cfg.SecretData, time.Time, error) {
return a.token, time.Time{}, nil
}
func (*TokenAuthMethod) Options(*Options) {}
// LookupTokenResponse is the response returned by LookupToken, docs:
// https://www.vaultproject.io/api/auth/token#sample-response-2
type LookupTokenResponse struct {
Accessor string `json:"accessor"`
CreationTime int `json:"creation_time"`
CreationTTL int `json:"creation_ttl"`
DisplayName string `json:"display_name"`
EntityID string `json:"entity_id"`
ExpireTime time.Time `json:"expire_time"`
ExplicitMaxTTL int `json:"explicit_max_ttl"`
ID string `json:"id"`
IdentityPolicies []string `json:"identity_policies"`
IssueTime string `json:"issue_time"`
Meta struct {
Username string `json:"username"`
} `json:"meta"`
NumUses int `json:"num_uses"`
Orphan bool `json:"orphan"`
Path string `json:"path"`
Policies []string `json:"policies"`
Renewable bool `json:"renewable"`
TTL int `json:"ttl"`
}
// LookupToken looks up the provided token and returns information about it
func (c *Client) LookupToken(ctx context.Context, token cfg.SecretData) (*LookupTokenResponse, error) {
req := map[string]string{
"token": string(token),
}
var resp struct {
Data LookupTokenResponse
}
err := c.doRequest(ctx, http.MethodPost, "auth/token/lookup", req, &resp)
if err != nil {
return nil, err
}
return &resp.Data, nil
}
// LookupCurrentToken lookups the current active token (self) and returns information
// about it.
func (c *Client) LookupCurrentToken(ctx context.Context) (*LookupTokenResponse, error) {
var resp struct {
Data LookupTokenResponse
}
err := c.doRequest(ctx, http.MethodPost, "auth/token/lookup-self", nil, &resp)
if err != nil {
return nil, err
}
return &resp.Data, nil
}