scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 03:27:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Vault: Fix wild card paths for all backends

Browse Source
This commit is contained in:
vishalnayak
2015-08-21 00:56:13 -07:00
parent cdf2b4895d
commit 41678f18ae
25 changed files with 52 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
builtin/credential/cert/path_certs.go
View File

@@ -10,7 +10,7 @@ import (
func pathCerts(b *backend) *framework.Path {
return &framework.Path{
Pattern: `certs/(?P<name>\w+)`,
Pattern: "certs/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/credential/userpass/path_login.go
View File

@@ -12,7 +12,7 @@ import (
func pathLogin(b *backend) *framework.Path {
return &framework.Path{
Pattern: `login/(?P<name>\w+)`,
Pattern: "login/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/credential/userpass/path_users.go
View File

@@ -10,7 +10,7 @@ import (
func pathUsers(b *backend) *framework.Path {
return &framework.Path{
Pattern: `users/(?P<name>\w+)`,
Pattern: "users/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/aws/path_roles.go
View File

@@ -11,7 +11,7 @@ import (
func pathRoles() *framework.Path {
return &framework.Path{
Pattern: `roles/(?P<name>\w+)`,
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/aws/path_user.go
View File

@@ -12,7 +12,7 @@ import (
func pathUser(b *backend) *framework.Path {
return &framework.Path{
Pattern: `creds/(?P<name>\w+)`,
Pattern: "creds/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/cassandra/path_creds_create.go
View File

@@ -12,7 +12,7 @@ import (
func pathCredsCreate(b *backend) *framework.Path {
return &framework.Path{
Pattern: `creds/(?P<name>\w+)`,
Pattern: "creds/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/cassandra/path_roles.go
View File

@@ -16,7 +16,7 @@ const (
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: "roles/(?P<name>\\w+)",
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/consul/path_roles.go
View File

@@ -11,7 +11,7 @@ import (
func pathRoles() *framework.Path {
return &framework.Path{
Pattern: `roles/(?P<name>\w+)`,
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/consul/path_token.go
View File

@@ -11,7 +11,7 @@ import (
func pathToken(b *backend) *framework.Path {
return &framework.Path{
Pattern: `creds/(?P<name>\w+)`,
Pattern: "creds/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

14
builtin/logical/jwt/path_issue.go
View File

@@ -1,9 +1,9 @@
package jwt
import (
"encoding/json"
"fmt"
"time"
"encoding/json"
jwt "github.com/dgrijalva/jwt-go"
@@ -14,10 +14,10 @@ import (
func pathIssue(b *backend) *framework.Path {
return &framework.Path{
Pattern: `issue/(?P<role>\w[\w-]+\w)`,
Pattern: "issue/" + framework.GenericNameRegex("role"),
Fields: map[string]*framework.FieldSchema{
"role": &framework.FieldSchema{
Type: framework.TypeString,
Type: framework.TypeString,
Description: "The desired role with configuration for this request",
},
"issuer": &framework.FieldSchema{
@@ -63,7 +63,7 @@ func pathIssue(b *backend) *framework.Path {
func (b *backend) pathIssueWrite(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
roleName := data.Get("role").(string)
// Get the role
role, err := b.getRole(req.Storage, roleName)
if err != nil {
@@ -126,7 +126,7 @@ func (b *backend) pathIssueWrite(
if err != nil {
return nil, err
}
for k, v := range uc {
claims[k] = v
}
@@ -144,10 +144,10 @@ func (b *backend) pathIssueWrite(
resp := &logical.Response{
Data: map[string]interface{}{
"jti": claims["jti"].(string),
"jti": claims["jti"].(string),
"token": tokenString,
},
}
return resp, nil
}

34
builtin/logical/jwt/path_roles.go
View File

@@ -1,13 +1,13 @@
package jwt
import (
"fmt"
"crypto/x509"
"encoding/pem"
"fmt"
"strings"
"github.com/fatih/structs"
jwt "github.com/dgrijalva/jwt-go"
"github.com/fatih/structs"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/logical/framework"
@@ -15,7 +15,7 @@ import (
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: `roles/(?P<name>\w+)`,
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,
@@ -106,9 +106,9 @@ func (b *backend) pathRoleRead(
func (b *backend) pathRoleCreate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
name := data.Get("name").(string)
key := data.Get("key").(string)
alg := data.Get("algorithm").(string)
key := data.Get("key").(string)
alg := data.Get("algorithm").(string)
signingMethod := jwt.GetSigningMethod(data.Get("algorithm").(string))
if signingMethod == nil {
return nil, fmt.Errorf("Invalid Signing Algorithm")
@@ -148,15 +148,15 @@ func (b *backend) pathRoleCreate(
}
entry := &roleEntry{
Algorithm: alg,
Key: key,
Issuer: data.Get("default_issuer").(string),
Subject: data.Get("default_subject").(string),
Audience: data.Get("default_audience").(string),
Algorithm: alg,
Key: key,
Issuer: data.Get("default_issuer").(string),
Subject: data.Get("default_subject").(string),
Audience: data.Get("default_audience").(string),
}
// Store it
jsonEntry, err := logical.StorageEntryJSON("role/" + name, entry)
jsonEntry, err := logical.StorageEntryJSON("role/"+name, entry)
if err != nil {
return nil, err
}
@@ -168,11 +168,11 @@ func (b *backend) pathRoleCreate(
}
type roleEntry struct {
Algorithm string `json:"algorithm" structs:"algorithm" mapstructure:"algorithm"`
Key string `json:"key" structs:"key" mapstructure:"key"`
Issuer string `json:"iss" structs:"iss" mapstructure:"iss"`
Subject string `json:"sub" structs:"sub" mapstructure:"sub"`
Audience string `json:"aud" structs:"aud" mapstructure:"aud"`
Algorithm string `json:"algorithm" structs:"algorithm" mapstructure:"algorithm"`
Key string `json:"key" structs:"key" mapstructure:"key"`
Issuer string `json:"iss" structs:"iss" mapstructure:"iss"`
Subject string `json:"sub" structs:"sub" mapstructure:"sub"`
Audience string `json:"aud" structs:"aud" mapstructure:"aud"`
}
const pathRolesHelpSyn = `

2
builtin/logical/mysql/path_role_create.go
View File

@@ -12,7 +12,7 @@ import (
func pathRoleCreate(b *backend) *framework.Path {
return &framework.Path{
Pattern: `creds/(?P<name>\w+)`,
Pattern: "creds/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/mysql/path_roles.go
View File

@@ -10,7 +10,7 @@ import (
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: "roles/(?P<name>\\w+)",
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/pki/path_issue.go
View File

@@ -14,7 +14,7 @@ import (
func pathIssue(b *backend) *framework.Path {
return &framework.Path{
Pattern: `issue/(?P<role>\w[\w-]+\w)`,
Pattern: "issue/" + framework.GenericNameRegex("role"),
Fields: map[string]*framework.FieldSchema{
"role": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/pki/path_roles.go
View File

@@ -11,7 +11,7 @@ import (
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: `roles/(?P<name>\w[\w-]+\w)`,
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/postgresql/path_role_create.go
View File

@@ -12,7 +12,7 @@ import (
func pathRoleCreate(b *backend) *framework.Path {
return &framework.Path{
Pattern: `creds/(?P<name>\w+)`,
Pattern: "creds/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/postgresql/path_roles.go
View File

@@ -10,7 +10,7 @@ import (
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: "roles/(?P<name>\\w+)",
Pattern: "roles/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/ssh/path_creds_create.go
View File

@@ -18,7 +18,7 @@ type sshOTP struct {
func pathCredsCreate(b *backend) *framework.Path {
return &framework.Path{
Pattern: "creds/(?P<role>[-\\w]+)",
Pattern: "creds/" + framework.GenericNameRegex("role"),
Fields: map[string]*framework.FieldSchema{
"role": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/ssh/path_keys.go
View File

@@ -15,7 +15,7 @@ type sshHostKey struct {
func pathKeys(b *backend) *framework.Path {
return &framework.Path{
Pattern: "keys/(?P<key_name>[-\\w]+)",
Pattern: "keys/" + framework.GenericNameRegex("key_name"),
Fields: map[string]*framework.FieldSchema{
"key_name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/ssh/path_roles.go
View File

@@ -30,7 +30,7 @@ type sshRole struct {
func pathRoles(b *backend) *framework.Path {
return &framework.Path{
Pattern: "roles/(?P<role>[-\\w]+)",
Pattern: "roles/" + framework.GenericNameRegex("role"),
Fields: map[string]*framework.FieldSchema{
"role": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/transit/path_decrypt.go
View File

@@ -12,7 +12,7 @@ import (
func pathDecrypt() *framework.Path {
return &framework.Path{
Pattern: `decrypt/(?P<name>\w+)`,
Pattern: "decrypt/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/transit/path_encrypt.go
View File

@@ -13,7 +13,7 @@ import (
func pathEncrypt() *framework.Path {
return &framework.Path{
Pattern: `encrypt/(?P<name>\w+)`,
Pattern: "encrypt/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/transit/path_keys.go
View File

@@ -123,7 +123,7 @@ func generatePolicy(storage logical.Storage, name string, derived bool) (*Policy
func pathKeys() *framework.Path {
return &framework.Path{
Pattern: `keys/(?P<name>\w+)`,
Pattern: "keys/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

2
builtin/logical/transit/path_raw.go
View File

@@ -7,7 +7,7 @@ import (
func pathRaw() *framework.Path {
return &framework.Path{
Pattern: `raw/(?P<name>\w+)`,
Pattern: "raw/" + framework.GenericNameRegex("name"),
Fields: map[string]*framework.FieldSchema{
"name": &framework.FieldSchema{
Type: framework.TypeString,

6
logical/framework/path.go
View File

@@ -8,6 +8,12 @@ import (
"github.com/hashicorp/vault/logical"
)
// Helper which returns a generic regex string for creating endpoint patterns
// that are identified by the given name in the backends
func GenericNameRegex(name string) string {
return fmt.Sprintf("(?P<%s>\\w[\\w-]+\\w)", name)
}
// PathAppend is a helper for appending lists of paths into a single
// list.
func PathAppend(paths ...[]*Path) []*Path {