Update github to tokenutil (#7031)

* Update github to tokenutil

* Update phrasing

builtin/credential/github/path_config.go

@@ -4,15 +4,17 @@ import (
 	"context"
 	"fmt"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/hashicorp/errwrap"
 	"github.com/hashicorp/vault/sdk/framework"
+	"github.com/hashicorp/vault/sdk/helper/tokenutil"
 	"github.com/hashicorp/vault/sdk/logical"
 )
 
 func pathConfig(b *backend) *framework.Path {
-	return &framework.Path{
+	p := &framework.Path{
 		Pattern: "config",
 		Fields: map[string]*framework.FieldSchema{
 			"organization": &framework.FieldSchema{
@@ -31,18 +33,14 @@ API-compatible authentication server.`,
 				},
 			},
 			"ttl": &framework.FieldSchema{
-				Type:        framework.TypeString,
-				Description: `Duration after which authentication will be expired`,
-				DisplayAttrs: &framework.DisplayAttributes{
-					Name: "TTL",
-				},
+				Type:        framework.TypeDurationSecond,
+				Description: tokenutil.DeprecationText("token_ttl"),
+				Deprecated:  true,
 			},
 			"max_ttl": &framework.FieldSchema{
-				Type:        framework.TypeString,
-				Description: `Maximum duration after which authentication will be expired`,
-				DisplayAttrs: &framework.DisplayAttributes{
-					Name: "Max TTL",
-				},
+				Type:        framework.TypeDurationSecond,
+				Description: tokenutil.DeprecationText("token_max_ttl"),
+				Deprecated:  true,
 			},
 		},
 
@@ -51,48 +49,77 @@ API-compatible authentication server.`,
 			logical.ReadOperation:   b.pathConfigRead,
 		},
 	}
+
+	tokenutil.AddTokenFields(p.Fields)
+	p.Fields["token_policies"].Description += ". This will apply to all tokens generated by this auth method, in addition to any policies configured for specific users/groups."
+	return p
 }
 
 func (b *backend) pathConfigWrite(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
-	organization := data.Get("organization").(string)
-	baseURL := data.Get("base_url").(string)
-	if len(baseURL) != 0 {
+	c, err := b.Config(ctx, req.Storage)
+	if err != nil {
+		return nil, err
+	}
+	if c == nil {
+		c = &config{}
+	}
+
+	if organizationRaw, ok := data.GetOk("organization"); ok {
+		c.Organization = organizationRaw.(string)
+	}
+
+	if baseURLRaw, ok := data.GetOk("base_url"); ok {
+		baseURL := baseURLRaw.(string)
 		_, err := url.Parse(baseURL)
 		if err != nil {
 			return logical.ErrorResponse(fmt.Sprintf("Error parsing given base_url: %s", err)), nil
 		}
+		if !strings.HasSuffix(baseURL, "/") {
+			baseURL += "/"
+		}
+		c.BaseURL = baseURL
 	}
 
-	var ttl time.Duration
-	var err error
-	ttlRaw, ok := data.GetOk("ttl")
-	if !ok || len(ttlRaw.(string)) == 0 {
-		ttl = 0
-	} else {
-		ttl, err = time.ParseDuration(ttlRaw.(string))
-		if err != nil {
-			return logical.ErrorResponse(fmt.Sprintf("Invalid 'ttl':%s", err)), nil
+	if err := c.ParseTokenFields(req, data); err != nil {
+		return logical.ErrorResponse(err.Error()), logical.ErrInvalidRequest
+	}
+
+	// Handle upgrade cases
+	{
+		ttlRaw, ok := data.GetOk("token_ttl")
+		if !ok {
+			ttlRaw, ok = data.GetOk("ttl")
+			if ok {
+				c.TTL = time.Duration(ttlRaw.(int)) * time.Second
+				c.TokenTTL = c.TTL
+			}
+		} else {
+			_, ok = data.GetOk("ttl")
+			if ok {
+				c.TTL = c.TokenTTL
+			} else {
+				c.TTL = 0
+			}
+		}
+
+		maxTTLRaw, ok := data.GetOk("token_max_ttl")
+		if !ok {
+			maxTTLRaw, ok = data.GetOk("max_ttl")
+			if ok {
+				c.MaxTTL = time.Duration(maxTTLRaw.(int)) * time.Second
+				c.TokenMaxTTL = c.MaxTTL
+			}
+		} else {
+			_, ok = data.GetOk("max_ttl")
+			if ok {
+				c.MaxTTL = c.TokenMaxTTL
+			} else {
+				c.MaxTTL = 0
+			}
 		}
 	}
 
-	var maxTTL time.Duration
-	maxTTLRaw, ok := data.GetOk("max_ttl")
-	if !ok || len(maxTTLRaw.(string)) == 0 {
-		maxTTL = 0
-	} else {
-		maxTTL, err = time.ParseDuration(maxTTLRaw.(string))
-		if err != nil {
-			return logical.ErrorResponse(fmt.Sprintf("Invalid 'max_ttl':%s", err)), nil
-		}
-	}
-
-	entry, err := logical.StorageEntryJSON("config", config{
-		Organization: organization,
-		BaseURL:      baseURL,
-		TTL:          ttl,
-		MaxTTL:       maxTTL,
-	})
-
+	entry, err := logical.StorageEntryJSON("config", c)
 	if err != nil {
 		return nil, err
 	}
@@ -109,23 +136,26 @@ func (b *backend) pathConfigRead(ctx context.Context, req *logical.Request, data
 	if err != nil {
 		return nil, err
 	}
-
 	if config == nil {
 		return nil, fmt.Errorf("configuration object not found")
 	}
 
-	config.TTL /= time.Second
-	config.MaxTTL /= time.Second
-
-	resp := &logical.Response{
-		Data: map[string]interface{}{
-			"organization": config.Organization,
-			"base_url":     config.BaseURL,
-			"ttl":          config.TTL,
-			"max_ttl":      config.MaxTTL,
-		},
+	d := map[string]interface{}{
+		"organization": config.Organization,
+		"base_url":     config.BaseURL,
 	}
-	return resp, nil
+	config.PopulateTokenData(d)
+
+	if config.TTL > 0 {
+		d["ttl"] = int64(config.TTL.Seconds())
+	}
+	if config.MaxTTL > 0 {
+		d["max_ttl"] = int64(config.MaxTTL.Seconds())
+	}
+
+	return &logical.Response{
+		Data: d,
+	}, nil
 }
 
 // Config returns the configuration for this backend.
@@ -135,6 +165,10 @@ func (b *backend) Config(ctx context.Context, s logical.Storage) (*config, error
 		return nil, err
 	}
 
+	if entry == nil {
+		return nil, nil
+	}
+
 	var result config
 	if entry != nil {
 		if err := entry.DecodeJSON(&result); err != nil {
@@ -142,10 +176,19 @@ func (b *backend) Config(ctx context.Context, s logical.Storage) (*config, error
 		}
 	}
 
+	if result.TokenTTL == 0 && result.TTL > 0 {
+		result.TokenTTL = result.TTL
+	}
+	if result.TokenMaxTTL == 0 && result.MaxTTL > 0 {
+		result.TokenMaxTTL = result.MaxTTL
+	}
+
 	return &result, nil
 }
 
 type config struct {
+	tokenutil.TokenParams
+
 	Organization string        `json:"organization" structs:"organization" mapstructure:"organization"`
 	BaseURL      string        `json:"base_url" structs:"base_url" mapstructure:"base_url"`
 	TTL          time.Duration `json:"ttl" structs:"ttl" mapstructure:"ttl"`