describe example api handler
This commit is contained in:
parent
fae33ba8e0
commit
3d37b8638a
112
vault-api.go
112
vault-api.go
@ -1,6 +1,9 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"log"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
"github.com/gofiber/fiber/v2"
|
"github.com/gofiber/fiber/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -9,60 +12,95 @@ const (
|
|||||||
uriSecretMetadata = "/:secret/metadata/:path"
|
uriSecretMetadata = "/:secret/metadata/:path"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func vaultApiSimpleKv2(c *fiber.Ctx, action string) error {
|
||||||
|
secret := c.Params("secret")
|
||||||
|
path := c.Params("path")
|
||||||
|
if (secret == "") || (path == "") {
|
||||||
|
return fiberNone(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Printf("%v %v %v", action, secret, path)
|
||||||
|
|
||||||
|
return fiberOk(c)
|
||||||
|
}
|
||||||
|
|
||||||
func setupVaultApi(router fiber.Router) {
|
func setupVaultApi(router fiber.Router) {
|
||||||
// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2
|
// https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2
|
||||||
|
|
||||||
/* read secret */
|
/* read secret */
|
||||||
router.Get(uriSecretData, fiberOk, func(c *fiber.Ctx) error {
|
router.Get(uriSecretData, func(c *fiber.Ctx) error {
|
||||||
/*
|
// return vaultApiSimpleKv2(c, "GET")
|
||||||
ver_s := c.Query("version")
|
|
||||||
if ver_s != "" {
|
secret := c.Params("secret")
|
||||||
ver, err := strconv.ParseInt(ver_s, 10, 0)
|
path := c.Params("path")
|
||||||
if err != nil {
|
if (secret == "") || (path == "") {
|
||||||
c.Status(fiber.StatusBadRequest)
|
return fiberNone(c)
|
||||||
return nil
|
}
|
||||||
}
|
|
||||||
// do job with ver
|
var version int64 = -1
|
||||||
|
if ver_s := c.Query("version"); ver_s != "" {
|
||||||
|
var err error
|
||||||
|
version, err = strconv.ParseInt(ver_s, 10, 0)
|
||||||
|
if err != nil {
|
||||||
|
return fiberNone(c)
|
||||||
}
|
}
|
||||||
*/
|
}
|
||||||
return nil
|
|
||||||
|
if version >= 0 {
|
||||||
|
// version is sane
|
||||||
|
log.Printf("GET %v %v v=%v", secret, path, version)
|
||||||
|
} else {
|
||||||
|
log.Printf("GET %v %v", secret, path)
|
||||||
|
}
|
||||||
|
|
||||||
|
return fiberOk(c)
|
||||||
})
|
})
|
||||||
/* create/update/patch secret */
|
/* create/update/patch secret */
|
||||||
router.Post(uriSecretData, fiberOk)
|
router.Post(uriSecretData, func(c *fiber.Ctx) error {
|
||||||
router.Patch(uriSecretData, fiberOk)
|
return vaultApiSimpleKv2(c, "SET")
|
||||||
|
})
|
||||||
|
router.Patch(uriSecretData, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "SET")
|
||||||
|
})
|
||||||
/* delete secret */
|
/* delete secret */
|
||||||
router.Delete(uriSecretData, fiberOk)
|
router.Delete(uriSecretData, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "DELETE")
|
||||||
|
})
|
||||||
/* delete/undelete secret */
|
/* delete/undelete secret */
|
||||||
router.Post("/:secret/delete/:path", fiberOk)
|
router.Post("/:secret/delete/:path", func(c *fiber.Ctx) error {
|
||||||
router.Post("/:secret/undelete/:path", fiberOk)
|
return vaultApiSimpleKv2(c, "DELETE")
|
||||||
|
})
|
||||||
|
router.Post("/:secret/undelete/:path", func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "UNDELETE")
|
||||||
|
})
|
||||||
/* destroy secret */
|
/* destroy secret */
|
||||||
router.Post("/:secret/destroy/:path", fiberOk)
|
router.Post("/:secret/destroy/:path", func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "DESTROY")
|
||||||
|
})
|
||||||
|
|
||||||
/* read subkeys */
|
/* read subkeys */
|
||||||
// router.Get("/:secret/subkeys/:path?version=:version&depth=:depth", fiberOk)
|
// router.Get("/:secret/subkeys/:path?version=:version&depth=:depth", fiberOk)
|
||||||
router.Get("/:secret/subkeys/:path", fiberOk, func(c *fiber.Ctx) error {
|
router.Get("/:secret/subkeys/:path", func(c *fiber.Ctx) error {
|
||||||
/*
|
return vaultApiSimpleKv2(c, "SUBKEYS")
|
||||||
ver_s := c.Query("version")
|
|
||||||
if ver_s != "" {
|
|
||||||
ver, err := strconv.ParseInt(ver_s, 10, 0)
|
|
||||||
if err != nil {
|
|
||||||
c.Status(fiber.StatusBadRequest)
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
// do job with ver
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
return nil
|
|
||||||
})
|
})
|
||||||
|
|
||||||
/* read metadata */
|
/* read metadata */
|
||||||
router.Get(uriSecretMetadata, fiberOk)
|
router.Get(uriSecretMetadata, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "META-GET")
|
||||||
|
})
|
||||||
/* create/update metadata */
|
/* create/update metadata */
|
||||||
router.Post(uriSecretMetadata, fiberOk)
|
router.Post(uriSecretMetadata, func(c *fiber.Ctx) error {
|
||||||
router.Patch(uriSecretMetadata, fiberOk)
|
return vaultApiSimpleKv2(c, "META-SET")
|
||||||
|
})
|
||||||
|
router.Patch(uriSecretMetadata, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "META-SET")
|
||||||
|
})
|
||||||
/* delete metadata */
|
/* delete metadata */
|
||||||
router.Delete(uriSecretMetadata, fiberOk)
|
router.Delete(uriSecretMetadata, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "META-DELETE")
|
||||||
|
})
|
||||||
/* list secrets */
|
/* list secrets */
|
||||||
router.Add(MethodList, uriSecretMetadata, fiberOk)
|
router.Add(MethodList, uriSecretMetadata, func(c *fiber.Ctx) error {
|
||||||
|
return vaultApiSimpleKv2(c, "LIST")
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user