From c9b18c43ea0ed3a06127ad22dec0a13d094ee06d Mon Sep 17 00:00:00 2001
From: Max Bowsher <maxbowsher@gmail.com>
Date: Tue, 4 Jul 2023 01:09:12 +0100
Subject: [PATCH] Fix incorrect OpenAPI operation ID (#21543)

The operation ID for `GET auth/token/lookup` has been overridden in
a way which *implies* it can only perform lookup-self operations.

This is not true, as shown:

1) Here is my current token:
```
$ vault read -field=display_name auth/token/lookup
userpass-admin
```

2) I create a second token, with a different display name to distinguish
   it:
```
$ othertoken=$(vault token create -field=token -display-name=testing123)
```

3) I use this operation, still authenticated with the first token, to
   lookup the second token, proving it does not have lookup-self nature:
```
$ vault read -field=display_name auth/token/lookup token=$othertoken
token-testing123
```

I have set the new operation ID suffix to `"2"` adhering to current
conventions in `vault-client-go` and `vault-client-dotnet` for secondary
versions of APIs which should be excluded from the generated library
code.
---
 vault/token_store.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vault/token_store.go b/vault/token_store.go
index 815785960d..18d5f37806 100644
--- a/vault/token_store.go
+++ b/vault/token_store.go
@@ -430,7 +430,7 @@ func (ts *TokenStore) paths() []*framework.Path {
 				logical.ReadOperation: &framework.PathOperation{
 					Callback: ts.handleLookup,
 					DisplayAttrs: &framework.DisplayAttributes{
-						OperationSuffix: "self3", // avoid collision with lookup-self
+						OperationSuffix: "2",
 					},
 				},
 				logical.UpdateOperation: &framework.PathOperation{