本文整理汇总了Golang中github.com/hashicorp/vault/logical.StorageEntryJSON函数的典型用法代码示例。如果您正苦于以下问题:Golang StorageEntryJSON函数的具体用法?Golang StorageEntryJSON怎么用?Golang StorageEntryJSON使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了StorageEntryJSON函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: TestBackend_upgradeToSalted
// Verify that we are able to update from non-salted (<0.2) to
// using a Salt for the paths
func TestBackend_upgradeToSalted(t *testing.T) {
inm := new(logical.InmemStorage)
// Create some fake keys
se, _ := logical.StorageEntryJSON("struct/map/app-id/foo",
map[string]string{"value": "test"})
inm.Put(se)
se, _ = logical.StorageEntryJSON("struct/map/user-id/bar",
map[string]string{"value": "foo"})
inm.Put(se)
// Initialize the backend, this should do the automatic upgrade
conf := &logical.BackendConfig{
StorageView: inm,
}
backend, err := Factory(conf)
if err != nil {
t.Fatalf("err: %v", err)
}
// Check the keys have been upgraded
out, err := inm.Get("struct/map/app-id/foo")
if err != nil {
t.Fatalf("err: %v", err)
}
if out != nil {
t.Fatalf("unexpected key")
}
out, err = inm.Get("struct/map/user-id/bar")
if err != nil {
t.Fatalf("err: %v", err)
}
if out != nil {
t.Fatalf("unexpected key")
}
// Backend should still be able to resolve
req := logical.TestRequest(t, logical.ReadOperation, "map/app-id/foo")
req.Storage = inm
resp, err := backend.HandleRequest(req)
if err != nil {
t.Fatalf("err: %v", err)
}
if resp.Data["value"] != "test" {
t.Fatalf("bad: %#v", resp)
}
req = logical.TestRequest(t, logical.ReadOperation, "map/user-id/bar")
req.Storage = inm
resp, err = backend.HandleRequest(req)
if err != nil {
t.Fatalf("err: %v", err)
}
if resp.Data["value"] != "foo" {
t.Fatalf("bad: %#v", resp)
}
}
开发者ID:vincentaubert,项目名称:vault,代码行数:59,代码来源:backend_test.go
示例2: pathConfigWrite
func pathConfigWrite(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
conf := config{
Org: data.Get("organization").(string),
}
baseURL := data.Get("base_url").(string)
if len(baseURL) != 0 {
_, err := url.Parse(baseURL)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf("Error parsing given base_url: %s", err)), nil
}
conf.BaseURL = baseURL
}
entry, err := logical.StorageEntryJSON("config", conf)
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:nicr9,项目名称:vault,代码行数:25,代码来源:path_config.go
示例3: SetPolicy
// SetPolicy is used to create or update the given policy
func (ps *PolicyStore) SetPolicy(p *Policy) error {
defer metrics.MeasureSince([]string{"policy", "set_policy"}, time.Now())
if p.Name == "root" {
return fmt.Errorf("cannot update root policy")
}
if p.Name == "" {
return fmt.Errorf("policy name missing")
}
// Create the entry
entry, err := logical.StorageEntryJSON(p.Name, &PolicyEntry{
Version: 2,
Raw: p.Raw,
})
if err != nil {
return fmt.Errorf("failed to create entry: %v", err)
}
if err := ps.view.Put(entry); err != nil {
return fmt.Errorf("failed to persist policy: %v", err)
}
// Update the LRU cache
ps.lru.Add(p.Name, p)
return nil
}
开发者ID:nicr9,项目名称:vault,代码行数:26,代码来源:policy_store.go
示例4: pathConfigLeaseWrite
func (b *backend) pathConfigLeaseWrite(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
ttlRaw := d.Get("ttl").(string)
ttlMaxRaw := d.Get("max_ttl").(string)
if len(ttlMaxRaw) == 0 {
ttlMaxRaw = d.Get("ttl_max").(string)
}
ttl, err := time.ParseDuration(ttlRaw)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Invalid ttl: %s", err)), nil
}
ttlMax, err := time.ParseDuration(ttlMaxRaw)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Invalid max_ttl: %s", err)), nil
}
// Store it
entry, err := logical.StorageEntryJSON("config/lease", &configLease{
TTL: ttl,
TTLMax: ttlMax,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:quixoten,项目名称:vault,代码行数:33,代码来源:path_config_lease.go
示例5: pathRoleUpdate
func (b *backend) pathRoleUpdate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
name, err := validateName(data)
if err != nil {
return nil, err
}
tags := data.Get("tags").(string)
rawVHosts := data.Get("vhosts").(string)
var vhosts map[string]vhostPermission
if len(rawVHosts) > 0 {
err := json.Unmarshal([]byte(rawVHosts), &vhosts)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf("failed to unmarshal vhosts: %s", err)), nil
}
}
// Store it
entry, err := logical.StorageEntryJSON("role/"+name, &roleEntry{
Tags: tags,
VHosts: vhosts,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:doubledutch,项目名称:vault,代码行数:31,代码来源:path_roles.go
示例6: pathRoleCreate
func (b *backend) pathRoleCreate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
name := data.Get("name").(string)
sql := data.Get("sql").(string)
// Get our connection
db, err := b.DB(req.Storage)
if err != nil {
return nil, err
}
// Test the query by trying to prepare it, HANA don't support grant if user not exist
query := SplitSQL(sql)[0]
stmt, err := db.Prepare(Query(query, map[string]string{
"name": "VAULT_TEST_ACCOUNT",
"password": "Initial08",
}))
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error testing query: %s", err)), nil
}
stmt.Close()
// Store it
entry, err := logical.StorageEntryJSON("role/"+name, &roleEntry{
SQL: sql,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:citywander,项目名称:vault,代码行数:35,代码来源:path_roles.go
示例7: createSecretIDAccessorEntry
// createSecretIDAccessorEntry creates an identifier for the SecretID. A storage index,
// mapping the accessor to the SecretID is also created. This method should
// be called when the lock for the corresponding SecretID is held.
func (b *backend) createSecretIDAccessorEntry(s logical.Storage, entry *secretIDStorageEntry, secretIDHMAC string) error {
// Create a random accessor
accessorUUID, err := uuid.GenerateUUID()
if err != nil {
return err
}
entry.SecretIDAccessor = accessorUUID
// Create index entry, mapping the accessor to the token ID
entryIndex := "accessor/" + b.salt.SaltID(entry.SecretIDAccessor)
accessorLock := b.secretIDAccessorLock(accessorUUID)
accessorLock.Lock()
defer accessorLock.Unlock()
if entry, err := logical.StorageEntryJSON(entryIndex, &secretIDAccessorStorageEntry{
SecretIDHMAC: secretIDHMAC,
}); err != nil {
return err
} else if err = s.Put(entry); err != nil {
return fmt.Errorf("failed to persist accessor index entry: %s", err)
}
return nil
}
开发者ID:nawien-sharma,项目名称:vault,代码行数:28,代码来源:validation.go
示例8: GenerateOTPCredential
// Generates an UUID OTP and creates an entry for the same in storage backend with its salted string.
func (b *backend) GenerateOTPCredential(req *logical.Request, username, ip string) (string, error) {
otp, otpSalted := b.GenerateSaltedOTP()
// Check if there is an entry already created for the newly generated OTP.
entry, err := b.getOTP(req.Storage, otpSalted)
// If entry already exists for the OTP, make sure that new OTP is not
// replacing an existing one by recreating new ones until an unused
// OTP is generated. It is very unlikely that this is the case and this
// code is just for safety.
for err == nil && entry != nil {
otp, otpSalted = b.GenerateSaltedOTP()
entry, err = b.getOTP(req.Storage, otpSalted)
if err != nil {
return "", err
}
}
// Store an entry for the salt of OTP.
newEntry, err := logical.StorageEntryJSON("otp/"+otpSalted, sshOTP{
Username: username,
IP: ip,
})
if err != nil {
return "", err
}
if err := req.Storage.Put(newEntry); err != nil {
return "", err
}
return otp, nil
}
开发者ID:hotelzululima,项目名称:vault,代码行数:32,代码来源:path_creds_create.go
示例9: pathLeaseWrite
func (b *backend) pathLeaseWrite(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
leaseRaw := d.Get("lease").(string)
leaseMaxRaw := d.Get("lease_max").(string)
lease, err := time.ParseDuration(leaseRaw)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Invalid lease: %s", err)), nil
}
leaseMax, err := time.ParseDuration(leaseMaxRaw)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Invalid lease: %s", err)), nil
}
// Store it
entry, err := logical.StorageEntryJSON("config/lease", &configLease{
Lease: lease,
LeaseMax: leaseMax,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:binxiong,项目名称:vault,代码行数:30,代码来源:path_config_lease.go
示例10: pathRoleUpdate
// Registers a new role with the backend
func (b *backend) pathRoleUpdate(req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
name := d.Get("name").(string)
if name == "" {
return logical.ErrorResponse("missing name"), nil
}
tags := d.Get("tags").(string)
rawVHosts := d.Get("vhosts").(string)
if tags == "" && rawVHosts == "" {
return logical.ErrorResponse("both tags and vhosts not specified"), nil
}
var vhosts map[string]vhostPermission
if len(rawVHosts) > 0 {
err := json.Unmarshal([]byte(rawVHosts), &vhosts)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf("failed to unmarshal vhosts: %s", err)), nil
}
}
// Store it
entry, err := logical.StorageEntryJSON("role/"+name, &roleEntry{
Tags: tags,
VHosts: vhosts,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:citywander,项目名称:vault,代码行数:36,代码来源:path_roles.go
示例11: pathKeysWrite
func (b *backend) pathKeysWrite(req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
keyName := d.Get("key_name").(string)
if keyName == "" {
return logical.ErrorResponse("Missing key_name"), nil
}
keyString := d.Get("key").(string)
// Check if the key provided is infact a private key
signer, err := ssh.ParsePrivateKey([]byte(keyString))
if err != nil || signer == nil {
return logical.ErrorResponse("Invalid key"), nil
}
if keyString == "" {
return logical.ErrorResponse("Missing key"), nil
}
keyPath := fmt.Sprintf("keys/%s", keyName)
// Store the key
entry, err := logical.StorageEntryJSON(keyPath, map[string]interface{}{
"key": keyString,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:kgutwin,项目名称:vault,代码行数:32,代码来源:path_keys.go
示例12: pathRoleCreate
func (b *backend) pathRoleCreate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
name := data.Get("name").(string)
creationCQL := data.Get("creation_cql").(string)
rollbackCQL := data.Get("rollback_cql").(string)
leaseRaw := data.Get("lease").(string)
lease, err := time.ParseDuration(leaseRaw)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error parsing lease value of %s: %s", leaseRaw, err)), nil
}
entry := &roleEntry{
Lease: lease,
CreationCQL: creationCQL,
RollbackCQL: rollbackCQL,
}
// Store it
entryJSON, err := logical.StorageEntryJSON("role/"+name, entry)
if err != nil {
return nil, err
}
if err := req.Storage.Put(entryJSON); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:GauntletWizard,项目名称:vault,代码行数:32,代码来源:path_roles.go
示例13: pathConnectionWrite
func (b *backend) pathConnectionWrite(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
connValue := data.Get("value").(string)
connURL := data.Get("connection_url").(string)
if connURL == "" {
if connValue == "" {
return logical.ErrorResponse("connection_url parameter must be supplied"), nil
} else {
connURL = connValue
}
}
maxOpenConns := data.Get("max_open_connections").(int)
if maxOpenConns == 0 {
maxOpenConns = 2
}
maxIdleConns := data.Get("max_idle_connections").(int)
if maxIdleConns == 0 {
maxIdleConns = maxOpenConns
}
if maxIdleConns > maxOpenConns {
maxIdleConns = maxOpenConns
}
// Don't check the connection_url if verification is disabled
verifyConnection := data.Get("verify_connection").(bool)
if verifyConnection {
// Verify the string
db, err := sql.Open("postgres", connURL)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error validating connection info: %s", err)), nil
}
defer db.Close()
if err := db.Ping(); err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error validating connection info: %s", err)), nil
}
}
// Store it
entry, err := logical.StorageEntryJSON("config/connection", connectionConfig{
ConnectionString: connValue,
ConnectionURL: connURL,
MaxOpenConnections: maxOpenConns,
MaxIdleConnections: maxIdleConns,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
// Reset the DB connection
b.ResetDB()
return nil, nil
}
开发者ID:GauntletWizard,项目名称:vault,代码行数:60,代码来源:path_config_connection.go
示例14: pathConfigTidyRoletagBlacklistCreateUpdate
func (b *backend) pathConfigTidyRoletagBlacklistCreateUpdate(req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
b.configMutex.Lock()
defer b.configMutex.Unlock()
configEntry, err := b.nonLockedConfigTidyRoleTags(req.Storage)
if err != nil {
return nil, err
}
if configEntry == nil {
configEntry = &tidyBlacklistRoleTagConfig{}
}
safetyBufferInt, ok := data.GetOk("safety_buffer")
if ok {
configEntry.SafetyBuffer = safetyBufferInt.(int)
} else if req.Operation == logical.CreateOperation {
configEntry.SafetyBuffer = data.Get("safety_buffer").(int)
}
disablePeriodicTidyBool, ok := data.GetOk("disable_periodic_tidy")
if ok {
configEntry.DisablePeriodicTidy = disablePeriodicTidyBool.(bool)
} else if req.Operation == logical.CreateOperation {
configEntry.DisablePeriodicTidy = data.Get("disable_periodic_tidy").(bool)
}
entry, err := logical.StorageEntryJSON(roletagBlacklistConfigPath, configEntry)
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:GauntletWizard,项目名称:vault,代码行数:35,代码来源:path_config_tidy_roletag_blacklist.go
示例15: pathUserWrite
func (b *backend) pathUserWrite(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
name := strings.ToLower(d.Get("name").(string))
password := d.Get("password").(string)
policies := strings.Split(d.Get("policies").(string), ",")
for i, p := range policies {
policies[i] = strings.TrimSpace(p)
}
// Generate a hash of the password
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return nil, err
}
// Store it
entry, err := logical.StorageEntryJSON("user/"+name, &UserEntry{
PasswordHash: hash,
Policies: policies,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:rlhatcher,项目名称:vault,代码行数:29,代码来源:path_users.go
示例16: pathConfigCertificateCreateUpdate
// pathConfigCertificateCreateUpdate is used to register an AWS Public Key that is
// used to verify the PKCS#7 signature of the instance identity document.
func (b *backend) pathConfigCertificateCreateUpdate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
certName := data.Get("cert_name").(string)
if certName == "" {
return logical.ErrorResponse("missing cert_name"), nil
}
b.configMutex.Lock()
defer b.configMutex.Unlock()
// Check if there is already a certificate entry registered.
certEntry, err := b.nonLockedAWSPublicCertificateEntry(req.Storage, certName)
if err != nil {
return nil, err
}
if certEntry == nil {
certEntry = &awsPublicCert{}
}
// Check if the value is provided by the client.
certStrData, ok := data.GetOk("aws_public_cert")
if ok {
if certBytes, err := base64.StdEncoding.DecodeString(certStrData.(string)); err == nil {
certEntry.AWSPublicCert = string(certBytes)
} else {
certEntry.AWSPublicCert = certStrData.(string)
}
} else {
// aws_public_cert should be supplied for both create and update operations.
// If it is not provided, throw an error.
return logical.ErrorResponse("missing aws_public_cert"), nil
}
// If explicitly set to empty string, error out.
if certEntry.AWSPublicCert == "" {
return logical.ErrorResponse("invalid aws_public_cert"), nil
}
// Verify the certificate by decoding it and parsing it.
publicCert, err := decodePEMAndParseCertificate(certEntry.AWSPublicCert)
if err != nil {
return nil, err
}
if publicCert == nil {
return logical.ErrorResponse("invalid certificate; failed to decode and parse certificate"), nil
}
// Ensure that we have not
// If none of the checks fail, save the provided certificate.
entry, err := logical.StorageEntryJSON("config/certificate/"+certName, certEntry)
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:GauntletWizard,项目名称:vault,代码行数:62,代码来源:path_config_certificate.go
示例17: pathRolesWrite
func pathRolesWrite(
req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
name := d.Get("name").(string)
policyRaw, err := base64.StdEncoding.DecodeString(d.Get("policy").(string))
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error decoding policy base64: %s", err)), nil
}
lease, err := time.ParseDuration(d.Get("lease").(string))
if err != nil || lease == time.Duration(0) {
lease = DefaultLeaseDuration
}
entry, err := logical.StorageEntryJSON("policy/"+name, roleConfig{
Policy: string(policyRaw),
Lease: lease,
})
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
return nil, nil
}
开发者ID:worldspawn,项目名称:vault,代码行数:27,代码来源:path_roles.go
示例18: pathConnectionWrite
func (b *backend) pathConnectionWrite(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
connString := data.Get("value").(string)
// Verify the string
db, err := sql.Open("postgres", connString)
if err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error validating connection info: %s", err)), nil
}
defer db.Close()
if err := db.Ping(); err != nil {
return logical.ErrorResponse(fmt.Sprintf(
"Error validating connection info: %s", err)), nil
}
// Store it
entry, err := logical.StorageEntryJSON("config/connection", connString)
if err != nil {
return nil, err
}
if err := req.Storage.Put(entry); err != nil {
return nil, err
}
// Reset the DB connection
b.ResetDB()
return nil, nil
}
开发者ID:eladapps,项目名称:vault,代码行数:30,代码来源:path_config_connection.go
示例19: pathGenerateIntermediate
func (b *backend) pathGenerateIntermediate(
req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
var err error
exported, format, role, errorResp := b.getGenerationParams(data)
if errorResp != nil {
return errorResp, nil
}
var resp *logical.Response
parsedBundle, err := generateIntermediateCSR(b, role, nil, req, data)
if err != nil {
switch err.(type) {
case certutil.UserError:
return logical.ErrorResponse(err.Error()), nil
case certutil.InternalError:
return nil, err
}
}
csrb, err := parsedBundle.ToCSRBundle()
if err != nil {
return nil, fmt.Errorf("Error converting raw CSR bundle to CSR bundle: %s", err)
}
resp = &logical.Response{
Data: map[string]interface{}{},
}
switch format {
case "pem":
resp.Data["csr"] = csrb.CSR
if exported {
resp.Data["private_key"] = csrb.PrivateKey
resp.Data["private_key_type"] = csrb.PrivateKeyType
}
case "der":
resp.Data["csr"] = base64.StdEncoding.EncodeToString(parsedBundle.CSRBytes)
if exported {
resp.Data["private_key"] = base64.StdEncoding.EncodeToString(parsedBundle.PrivateKeyBytes)
resp.Data["private_key_type"] = csrb.PrivateKeyType
}
}
cb := &certutil.CertBundle{}
cb.PrivateKey = csrb.PrivateKey
cb.PrivateKeyType = csrb.PrivateKeyType
entry, err := logical.StorageEntryJSON("config/ca_bundle", cb)
if err != nil {
return nil, err
}
err = req.Storage.Put(entry)
if err != nil {
return nil, err
}
return resp, nil
}
开发者ID:vincentaubert,项目名称:vault,代码行数:59,代码来源:path_intermediate.go
示例20: setUser
func (b *backend) setUser(s logical.Storage, username string, userEntry *UserEntry) error {
entry, err := logical.StorageEntryJSON("user/"+username, userEntry)
if err != nil {
return err
}
return s.Put(entry)
}
开发者ID:GauntletWizard,项目名称:vault,代码行数:8,代码来源:path_users.go
注:本文中的github.com/hashicorp/vault/logical.StorageEntryJSON函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论