events: Add websockets and command (#19057)

Also updates the event receieved to include a timestamp. Websockets support both JSON and protobuf binary formats. This can be used by either `wscat` or the new `vault events subscribe`: e.g., ```sh $ wscat -H "X-Vault-Token: $(vault print token)" --connect ws://127.0.0.1:8200/v1/sys/events/subscribe/abc?json=true {"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"} ... ``` and ```sh $ vault events subscribe abc {"event":{"id":"5c5c8c83-bf43-7da5-fe88-fc3cac814b2e", "note":"testing"}, "eventType":"abc", "timestamp":"2023-02-07T18:40:50.598408Z"} ... ``` Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2025-11-02 11:38:02 +00:00 · 2023-02-09 13:18:58 -08:00
parent 2685dd02e2
commit 6e233e567b
15 changed files with 565 additions and 73 deletions
--- a/sdk/logical/response.go
+++ b/sdk/logical/response.go
@@ -1,9 +1,11 @@
 package logical

 import (
+	"bufio"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"net"
 	"net/http"
 	"strconv"
 	"sync/atomic"
@@ -242,6 +244,13 @@ func NewStatusHeaderResponseWriter(w http.ResponseWriter, h map[string][]*Custom
 	}
 }

+func (w *StatusHeaderResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
+	if h, ok := w.wrapped.(http.Hijacker); ok {
+		return h.Hijack()
+	}
+	return nil, nil, fmt.Errorf("could not hijack because wrapped connection is %T and it does not implement http.Hijacker", w.wrapped)
+}
+
 func (w *StatusHeaderResponseWriter) Wrapped() http.ResponseWriter {
 	return w.wrapped
 }