scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 11:08:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Non-HMAC audit values (#4033)

Browse Source 
* Add non-hmac request keys

* Update comment

* Initial audit request keys implementation

* Add audit_non_hmac_response_keys

* Move where req.NonHMACKeys gets set

* Minor refactor

* Add params to auth tune endpoints

* Sync cache on loadCredentials

* Explicitly unset req.NonHMACKeys

* Do not error if entry is nil

* Add tests

* docs: Add params to api sections

* Refactor audit.Backend and Formatter interfaces, update audit broker methods

* Add audit_broker.go

* Fix method call params in audit backends

* Remove fields from logical.Request and logical.Response, pass keys via LogInput

* Use data.GetOk to allow unsetting existing values

* Remove debug lines

* Add test for unsetting values

* Address review feedback

* Initialize values in FormatRequest and FormatResponse using input values

* Update docs

* Use strutil.StrListContains

* Use strutil.StrListContains
This commit is contained in:
Calvin Leung Huang
2018-03-02 12:18:39 -05:00
committed by GitHub
parent 90f245995a
commit 01eecf9d1a
25 changed files with 820 additions and 351 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
builtin/audit/socket/backend.go
View File

@@ -121,6 +121,8 @@ type Backend struct {
saltView logical.Storage
}
var _ audit.Backend = (*Backend)(nil)
func (b *Backend) GetHash(data string) (string, error) {
salt, err := b.Salt()
if err != nil {
@@ -129,9 +131,9 @@ func (b *Backend) GetHash(data string) (string, error) {
return audit.HashString(salt, data), nil
}
func (b *Backend) LogRequest(ctx context.Context, auth *logical.Auth, req *logical.Request, outerErr error) error {
func (b *Backend) LogRequest(ctx context.Context, in *audit.LogInput) error {
var buf bytes.Buffer
if err := b.formatter.FormatRequest(&buf, b.formatConfig, auth, req, outerErr); err != nil {
if err := b.formatter.FormatRequest(&buf, b.formatConfig, in); err != nil {
return err
}
@@ -152,10 +154,9 @@ func (b *Backend) LogRequest(ctx context.Context, auth *logical.Auth, req *logic
return err
}
func (b *Backend) LogResponse(ctx context.Context, auth *logical.Auth, req *logical.Request,
resp *logical.Response, outerErr error) error {
func (b *Backend) LogResponse(ctx context.Context, in *audit.LogInput) error {
var buf bytes.Buffer
if err := b.formatter.FormatResponse(&buf, b.formatConfig, auth, req, resp, outerErr); err != nil {
if err := b.formatter.FormatResponse(&buf, b.formatConfig, in); err != nil {
return err
}