scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix incorrect OpenAPI operation ID (#21543)

Browse Source 
The operation ID for `GET auth/token/lookup` has been overridden in
a way which *implies* it can only perform lookup-self operations.

This is not true, as shown:

1) Here is my current token:
```
$ vault read -field=display_name auth/token/lookup
userpass-admin
```

2) I create a second token, with a different display name to distinguish
   it:
```
$ othertoken=$(vault token create -field=token -display-name=testing123)
```

3) I use this operation, still authenticated with the first token, to
   lookup the second token, proving it does not have lookup-self nature:
```
$ vault read -field=display_name auth/token/lookup token=$othertoken
token-testing123
```

I have set the new operation ID suffix to `"2"` adhering to current
conventions in `vault-client-go` and `vault-client-dotnet` for secondary
versions of APIs which should be excluded from the generated library
code.
This commit is contained in:
Max Bowsher
2023-07-04 01:09:12 +01:00
committed by GitHub
parent f4f0412b6a
commit c9b18c43ea
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
vault/token_store.go
View File

@@ -430,7 +430,7 @@ func (ts *TokenStore) paths() []*framework.Path {
logical.ReadOperation: &framework.PathOperation{ logical.ReadOperation: &framework.PathOperation{
Callback: ts.handleLookup, Callback: ts.handleLookup,
DisplayAttrs: &framework.DisplayAttributes{ DisplayAttrs: &framework.DisplayAttributes{
OperationSuffix: "self3", // avoid collision with lookup-self OperationSuffix: "2",
}, },
}, },
logical.UpdateOperation: &framework.PathOperation{ logical.UpdateOperation: &framework.PathOperation{