scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 11:38:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use RenewSelf instead of Renew if the token we're renewing is the same as the client

Browse Source
This commit is contained in:
Jeff Mitchell
2015-12-30 14:41:50 -05:00
parent c1c1dbee1e
commit 70561c0fe2
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
command/token_renew.go
View File

@@ -4,6 +4,8 @@ import (
"fmt" "fmt"
"strconv" "strconv"
"strings" "strings"
"github.com/hashicorp/vault/api"
) )
// TokenRenewCommand is a Command that mounts a new mount. // TokenRenewCommand is a Command that mounts a new mount.
@@ -47,7 +49,14 @@ func (c *TokenRenewCommand) Run(args []string) int {
return 2 return 2
} }
secret, err := client.Auth().Token().Renew(token, increment) // If the given token is the same as the client's, use renew-self instead
// as this is far more likely to be allowed via policy
var secret *api.Secret
if client.Token() == token {
secret, err = client.Auth().Token().RenewSelf(increment)
} else {
secret, err = client.Auth().Token().Renew(token, increment)
}
if err != nil { if err != nil {
c.Ui.Error(fmt.Sprintf( c.Ui.Error(fmt.Sprintf(
"Error renewing token: %s", err)) "Error renewing token: %s", err))