scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use RenewSelf instead of Renew if the token we're renewing is the same as the client

Browse Source
This commit is contained in:
Jeff Mitchell
2015-12-30 14:41:50 -05:00
parent c1c1dbee1e
commit 70561c0fe2
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
command/token_renew.go
View File

@@ -4,6 +4,8 @@ import (
"fmt"
"strconv"
"strings"
"github.com/hashicorp/vault/api"
)
// TokenRenewCommand is a Command that mounts a new mount.
@@ -47,7 +49,14 @@ func (c *TokenRenewCommand) Run(args []string) int {
return 2
}
secret, err := client.Auth().Token().Renew(token, increment)
// If the given token is the same as the client's, use renew-self instead
// as this is far more likely to be allowed via policy
var secret *api.Secret
if client.Token() == token {
secret, err = client.Auth().Token().RenewSelf(increment)
} else {
secret, err = client.Auth().Token().Renew(token, increment)
}
if err != nil {
c.Ui.Error(fmt.Sprintf(
"Error renewing token: %s", err))