mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-11-18 19:05:03 +00:00
60 lines
1.7 KiB
Go
60 lines
1.7 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package pluginidentityutil
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/hashicorp/vault/sdk/framework"
|
|
)
|
|
|
|
// PluginIdentityTokenParams contains a set of common parameters that plugins
|
|
// can use for setting plugin identity token behavior
|
|
type PluginIdentityTokenParams struct {
|
|
// IdentityTokenKey is the named key used to sign tokens
|
|
IdentityTokenKey string `json:"identity_token_key"`
|
|
// IdentityTokenTTLSeconds is the duration that tokens will be valid for
|
|
IdentityTokenTTLSeconds int `json:"identity_token_ttl_seconds"`
|
|
// IdentityTokenAudience identifies the recipient of the token
|
|
IdentityTokenAudience string `json:"identity_token_audience"`
|
|
}
|
|
|
|
// AddPluginIdentityTokenFields adds plugin identity token fields to the given
|
|
// field schema map.
|
|
func AddPluginIdentityTokenFields(m map[string]*framework.FieldSchema) {
|
|
fields := map[string]*framework.FieldSchema{
|
|
"identity_token_audience": {
|
|
Type: framework.TypeString,
|
|
Description: "",
|
|
Default: "",
|
|
DisplayAttrs: &framework.DisplayAttributes{
|
|
Name: "Audience of plugin identity tokens",
|
|
},
|
|
},
|
|
"identity_token_key": {
|
|
Type: framework.TypeString,
|
|
Description: "",
|
|
Default: "",
|
|
DisplayAttrs: &framework.DisplayAttributes{
|
|
Name: "Key used to sign plugin identity tokens",
|
|
},
|
|
},
|
|
"identity_token_ttl": {
|
|
Type: framework.TypeDurationSecond,
|
|
Description: "",
|
|
DisplayAttrs: &framework.DisplayAttributes{
|
|
Name: "Time-to-live of plugin identity tokens",
|
|
},
|
|
Default: 3600,
|
|
},
|
|
}
|
|
|
|
for name, schema := range fields {
|
|
if _, ok := m[name]; ok {
|
|
panic(fmt.Sprintf("adding field %q would overwrite existing field", name))
|
|
}
|
|
m[name] = schema
|
|
}
|
|
}
|