rebase: bump github.com/hashicorp/vault/api from 1.4.1 to 1.5.0

Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.4.1...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot] 2022-03-28 20:10:58 +00:00 committed by mergify[bot]
parent 190504713a
commit 4652b8facf
30 changed files with 1189 additions and 522 deletions

2
go.mod
View File

@ -14,7 +14,7 @@ require (
github.com/golang/protobuf v1.5.2
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
github.com/hashicorp/vault/api v1.4.1
github.com/hashicorp/vault/api v1.5.0
github.com/kubernetes-csi/csi-lib-utils v0.11.0
github.com/kubernetes-csi/external-snapshotter/client/v4 v4.2.0
github.com/libopenstorage/secrets v0.0.0-20210908194121-a1d19aa9713a

4
go.sum
View File

@ -648,8 +648,8 @@ github.com/hashicorp/vault/api v1.0.5-0.20191122173911-80fcc7907c78/go.mod h1:Uf
github.com/hashicorp/vault/api v1.0.5-0.20200215224050-f6547fa8e820/go.mod h1:3f12BMfgDGjTsTtIUj+ZKZwSobQpZtYGFIEehOv5z1o=
github.com/hashicorp/vault/api v1.0.5-0.20200317185738-82f498082f02/go.mod h1:3f12BMfgDGjTsTtIUj+ZKZwSobQpZtYGFIEehOv5z1o=
github.com/hashicorp/vault/api v1.0.5-0.20200902155336-f9d5ce5a171a/go.mod h1:R3Umvhlxi2TN7Ex2hzOowyeNb+SfbVWI973N+ctaFMk=
github.com/hashicorp/vault/api v1.4.1 h1:mWLfPT0RhxBitjKr6swieCEP2v5pp/M//t70S3kMLRo=
github.com/hashicorp/vault/api v1.4.1/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM=
github.com/hashicorp/vault/api v1.5.0 h1:Bp6yc2bn7CWkOrVIzFT/Qurzx528bdavF3nz590eu28=
github.com/hashicorp/vault/api v1.5.0/go.mod h1:LkMdrZnWNrFaQyYYazWVn7KshilfDidgVBq6YiTq/bM=
github.com/hashicorp/vault/sdk v0.1.8/go.mod h1:tHZfc6St71twLizWNHvnnbiGFo1aq0eD2jGPLtP8kAU=
github.com/hashicorp/vault/sdk v0.1.14-0.20190730042320-0dc007d98cc8/go.mod h1:B+hVj7TpuQY1Y/GPbCpffmgd+tSEwvhkWnjtSYCaS2M=
github.com/hashicorp/vault/sdk v0.1.14-0.20191108161836-82f2b5571044/go.mod h1:PcekaFGiPJyHnFy+NZhP6ll650zEw51Ag7g/YEa+EOU=

View File

@ -2,6 +2,7 @@ package api
import (
"context"
"net/http"
)
// TokenAuth is used to perform token backend operations on Vault
@ -15,14 +16,19 @@ func (a *Auth) Token() *TokenAuth {
}
func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/create")
return c.CreateWithContext(context.Background(), opts)
}
func (c *TokenAuth) CreateWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create")
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -32,14 +38,19 @@ func (c *TokenAuth) Create(opts *TokenCreateRequest) (*Secret, error) {
}
func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/create-orphan")
return c.CreateOrphanWithContext(context.Background(), opts)
}
func (c *TokenAuth) CreateOrphanWithContext(ctx context.Context, opts *TokenCreateRequest) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create-orphan")
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -49,14 +60,19 @@ func (c *TokenAuth) CreateOrphan(opts *TokenCreateRequest) (*Secret, error) {
}
func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/create/"+roleName)
return c.CreateWithRoleWithContext(context.Background(), opts, roleName)
}
func (c *TokenAuth) CreateWithRoleWithContext(ctx context.Context, opts *TokenCreateRequest, roleName string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/create/"+roleName)
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -66,16 +82,21 @@ func (c *TokenAuth) CreateWithRole(opts *TokenCreateRequest, roleName string) (*
}
func (c *TokenAuth) Lookup(token string) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/lookup")
return c.LookupWithContext(context.Background(), token)
}
func (c *TokenAuth) LookupWithContext(ctx context.Context, token string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/lookup")
if err := r.SetJSONBody(map[string]interface{}{
"token": token,
}); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -85,16 +106,21 @@ func (c *TokenAuth) Lookup(token string) (*Secret, error) {
}
func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/lookup-accessor")
return c.LookupAccessorWithContext(context.Background(), accessor)
}
func (c *TokenAuth) LookupAccessorWithContext(ctx context.Context, accessor string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/lookup-accessor")
if err := r.SetJSONBody(map[string]interface{}{
"accessor": accessor,
}); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -104,11 +130,16 @@ func (c *TokenAuth) LookupAccessor(accessor string) (*Secret, error) {
}
func (c *TokenAuth) LookupSelf() (*Secret, error) {
r := c.c.NewRequest("GET", "/v1/auth/token/lookup-self")
return c.LookupSelfWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *TokenAuth) LookupSelfWithContext(ctx context.Context) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/auth/token/lookup-self")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -118,7 +149,14 @@ func (c *TokenAuth) LookupSelf() (*Secret, error) {
}
func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, error) {
r := c.c.NewRequest("POST", "/v1/auth/token/renew-accessor")
return c.RenewAccessorWithContext(context.Background(), accessor, increment)
}
func (c *TokenAuth) RenewAccessorWithContext(ctx context.Context, accessor string, increment int) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/renew-accessor")
if err := r.SetJSONBody(map[string]interface{}{
"accessor": accessor,
"increment": increment,
@ -126,9 +164,7 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -138,7 +174,14 @@ func (c *TokenAuth) RenewAccessor(accessor string, increment int) (*Secret, erro
}
func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/auth/token/renew")
return c.RenewWithContext(context.Background(), token, increment)
}
func (c *TokenAuth) RenewWithContext(ctx context.Context, token string, increment int) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew")
if err := r.SetJSONBody(map[string]interface{}{
"token": token,
"increment": increment,
@ -146,9 +189,7 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -158,16 +199,21 @@ func (c *TokenAuth) Renew(token string, increment int) (*Secret, error) {
}
func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self")
return c.RenewSelfWithContext(context.Background(), increment)
}
func (c *TokenAuth) RenewSelfWithContext(ctx context.Context, increment int) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew-self")
body := map[string]interface{}{"increment": increment}
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -176,10 +222,18 @@ func (c *TokenAuth) RenewSelf(increment int) (*Secret, error) {
return ParseSecret(resp.Body)
}
// RenewTokenAsSelf behaves like renew-self, but authenticates using a provided
// token instead of the token attached to the client.
// RenewTokenAsSelf wraps RenewTokenAsSelfWithContext using context.Background.
func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/auth/token/renew-self")
return c.RenewTokenAsSelfWithContext(context.Background(), token, increment)
}
// RenewTokenAsSelfWithContext behaves like renew-self, but authenticates using a provided
// token instead of the token attached to the client.
func (c *TokenAuth) RenewTokenAsSelfWithContext(ctx context.Context, token string, increment int) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/renew-self")
r.ClientToken = token
body := map[string]interface{}{"increment": increment}
@ -187,9 +241,7 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -198,19 +250,25 @@ func (c *TokenAuth) RenewTokenAsSelf(token string, increment int) (*Secret, erro
return ParseSecret(resp.Body)
}
// RevokeAccessor revokes a token associated with the given accessor
// along with all the child tokens.
// RevokeAccessor wraps RevokeAccessorWithContext using context.Background.
func (c *TokenAuth) RevokeAccessor(accessor string) error {
r := c.c.NewRequest("POST", "/v1/auth/token/revoke-accessor")
return c.RevokeAccessorWithContext(context.Background(), accessor)
}
// RevokeAccessorWithContext revokes a token associated with the given accessor
// along with all the child tokens.
func (c *TokenAuth) RevokeAccessorWithContext(ctx context.Context, accessor string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/auth/token/revoke-accessor")
if err := r.SetJSONBody(map[string]interface{}{
"accessor": accessor,
}); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -219,19 +277,25 @@ func (c *TokenAuth) RevokeAccessor(accessor string) error {
return nil
}
// RevokeOrphan revokes a token without revoking the tree underneath it (so
// child tokens are orphaned rather than revoked)
// RevokeOrphan wraps RevokeOrphanWithContext using context.Background.
func (c *TokenAuth) RevokeOrphan(token string) error {
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-orphan")
return c.RevokeOrphanWithContext(context.Background(), token)
}
// RevokeOrphanWithContext revokes a token without revoking the tree underneath it (so
// child tokens are orphaned rather than revoked)
func (c *TokenAuth) RevokeOrphanWithContext(ctx context.Context, token string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke-orphan")
if err := r.SetJSONBody(map[string]interface{}{
"token": token,
}); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -240,15 +304,21 @@ func (c *TokenAuth) RevokeOrphan(token string) error {
return nil
}
// RevokeSelf revokes the token making the call. The `token` parameter is kept
// RevokeSelf wraps RevokeSelfWithContext using context.Background.
func (c *TokenAuth) RevokeSelf(token string) error {
return c.RevokeSelfWithContext(context.Background(), token)
}
// RevokeSelfWithContext revokes the token making the call. The `token` parameter is kept
// for backwards compatibility but is ignored; only the client's set token has
// an effect.
func (c *TokenAuth) RevokeSelf(token string) error {
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke-self")
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *TokenAuth) RevokeSelfWithContext(ctx context.Context, token string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke-self")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -257,20 +327,26 @@ func (c *TokenAuth) RevokeSelf(token string) error {
return nil
}
// RevokeTree is the "normal" revoke operation that revokes the given token and
// RevokeTree wraps RevokeTreeWithContext using context.Background.
func (c *TokenAuth) RevokeTree(token string) error {
return c.RevokeTreeWithContext(context.Background(), token)
}
// RevokeTreeWithContext is the "normal" revoke operation that revokes the given token and
// the entire tree underneath -- all of its child tokens, their child tokens,
// etc.
func (c *TokenAuth) RevokeTree(token string) error {
r := c.c.NewRequest("PUT", "/v1/auth/token/revoke")
func (c *TokenAuth) RevokeTreeWithContext(ctx context.Context, token string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/auth/token/revoke")
if err := r.SetJSONBody(map[string]interface{}{
"token": token,
}); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}

View File

@ -53,6 +53,14 @@ const (
HeaderIndex = "X-Vault-Index"
HeaderForward = "X-Vault-Forward"
HeaderInconsistent = "X-Vault-Inconsistent"
TLSErrorString = "This error usually means that the server is running with TLS disabled\n" +
"but the client is configured to use TLS. Please either enable TLS\n" +
"on the server or run the client with -address set to an address\n" +
"that uses the http protocol:\n\n" +
" vault <command> -address http://<address>\n\n" +
"You can also set the VAULT_ADDR environment variable:\n\n\n" +
" VAULT_ADDR=http://<address> vault <command>\n\n" +
"where <address> is replaced by the actual address to the server."
)
// Deprecated values
@ -1089,6 +1097,9 @@ func (c *Client) NewRequest(method, requestPath string) *Request {
// RawRequest performs the raw request given. This request may be against
// a Vault server not configured with this client. This is an advanced operation
// that generally won't need to be called externally.
//
// Deprecated: This method should not be used directly. Use higher level
// methods instead.
func (c *Client) RawRequest(r *Request) (*Response, error) {
return c.RawRequestWithContext(context.Background(), r)
}
@ -1096,7 +1107,19 @@ func (c *Client) RawRequest(r *Request) (*Response, error) {
// RawRequestWithContext performs the raw request given. This request may be against
// a Vault server not configured with this client. This is an advanced operation
// that generally won't need to be called externally.
//
// Deprecated: This method should not be used directly. Use higher level
// methods instead.
func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
// Note: we purposefully do not call cancel manually. The reason is
// when canceled, the request.Body will EOF when reading due to the way
// it streams data in. Cancel will still be run when the timeout is
// hit, so this doesn't really harm anything.
ctx, _ = c.withConfiguredTimeout(ctx)
return c.rawRequestWithContext(ctx, r)
}
func (c *Client) rawRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
c.modifyLock.RLock()
token := c.token
@ -1108,7 +1131,6 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon
checkRetry := c.config.CheckRetry
backoff := c.config.Backoff
httpClient := c.config.HttpClient
timeout := c.config.Timeout
outputCurlString := c.config.OutputCurlString
logger := c.config.Logger
c.config.modifyLock.RUnlock()
@ -1127,12 +1149,9 @@ func (c *Client) RawRequestWithContext(ctx context.Context, r *Request) (*Respon
limiter.Wait(ctx)
}
// Sanity check the token before potentially erroring from the API
idx := strings.IndexFunc(token, func(c rune) bool {
return !unicode.IsPrint(c)
})
if idx != -1 {
return nil, fmt.Errorf("configured Vault token contains non-printable characters and cannot be used")
// check the token before potentially erroring from the API
if err := validateToken(token); err != nil {
return nil, err
}
redirectCount := 0
@ -1157,13 +1176,6 @@ START:
return nil, LastOutputStringError
}
if timeout != 0 {
// Note: we purposefully do not call cancel manually. The reason is
// when canceled, the request.Body will EOF when reading due to the way
// it streams data in. Cancel will still be run when the timeout is
// hit, so this doesn't really harm anything.
ctx, _ = context.WithTimeout(ctx, timeout)
}
req.Request = req.Request.WithContext(ctx)
if backoff == nil {
@ -1192,17 +1204,7 @@ START:
}
if err != nil {
if strings.Contains(err.Error(), "tls: oversized") {
err = errwrap.Wrapf(
"{{err}}\n\n"+
"This error usually means that the server is running with TLS disabled\n"+
"but the client is configured to use TLS. Please either enable TLS\n"+
"on the server or run the client with -address set to an address\n"+
"that uses the http protocol:\n\n"+
" vault <command> -address http://<address>\n\n"+
"You can also set the VAULT_ADDR environment variable:\n\n\n"+
" VAULT_ADDR=http://<address> vault <command>\n\n"+
"where <address> is replaced by the actual address to the server.",
err)
err = errwrap.Wrapf("{{err}}\n\n"+TLSErrorString, err)
}
return result, err
}
@ -1249,6 +1251,120 @@ START:
return result, nil
}
// httpRequestWithContext avoids the use of the go-retryable library found in RawRequestWithContext and is
// useful when making calls where a net/http client is desirable. A single redirect (status code 301, 302,
// or 307) will be followed but all retry and timeout logic is the responsibility of the caller as is
// closing the Response body.
func (c *Client) httpRequestWithContext(ctx context.Context, r *Request) (*Response, error) {
req, err := http.NewRequestWithContext(ctx, r.Method, r.URL.RequestURI(), r.Body)
if err != nil {
return nil, err
}
c.modifyLock.RLock()
token := c.token
c.config.modifyLock.RLock()
limiter := c.config.Limiter
httpClient := c.config.HttpClient
outputCurlString := c.config.OutputCurlString
if c.headers != nil {
for header, vals := range c.headers {
for _, val := range vals {
req.Header.Add(header, val)
}
}
}
c.config.modifyLock.RUnlock()
c.modifyLock.RUnlock()
// OutputCurlString logic relies on the request type to be retryable.Request as
if outputCurlString {
return nil, fmt.Errorf("output-curl-string is not implemented for this request")
}
req.URL.User = r.URL.User
req.URL.Scheme = r.URL.Scheme
req.URL.Host = r.URL.Host
req.Host = r.URL.Host
if len(r.ClientToken) != 0 {
req.Header.Set(consts.AuthHeaderName, r.ClientToken)
}
if len(r.WrapTTL) != 0 {
req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL)
}
if len(r.MFAHeaderVals) != 0 {
for _, mfaHeaderVal := range r.MFAHeaderVals {
req.Header.Add("X-Vault-MFA", mfaHeaderVal)
}
}
if r.PolicyOverride {
req.Header.Set("X-Vault-Policy-Override", "true")
}
if limiter != nil {
limiter.Wait(ctx)
}
// check the token before potentially erroring from the API
if err := validateToken(token); err != nil {
return nil, err
}
var result *Response
resp, err := httpClient.Do(req)
if resp != nil {
result = &Response{Response: resp}
}
if err != nil {
if strings.Contains(err.Error(), "tls: oversized") {
err = errwrap.Wrapf("{{err}}\n\n"+TLSErrorString, err)
}
return result, err
}
// Check for a redirect, only allowing for a single redirect
if resp.StatusCode == 301 || resp.StatusCode == 302 || resp.StatusCode == 307 {
// Parse the updated location
respLoc, err := resp.Location()
if err != nil {
return result, fmt.Errorf("redirect failed: %s", err)
}
// Ensure a protocol downgrade doesn't happen
if req.URL.Scheme == "https" && respLoc.Scheme != "https" {
return result, fmt.Errorf("redirect would cause protocol downgrade")
}
// Update the request
req.URL = respLoc
// Reset the request body if any
if err := r.ResetJSONBody(); err != nil {
return result, fmt.Errorf("redirect failed: %s", err)
}
// Retry the request
resp, err = httpClient.Do(req)
if err != nil {
return result, fmt.Errorf("redirect failed: %s", err)
}
}
if err := result.Error(); err != nil {
return nil, err
}
return result, nil
}
type (
RequestCallback func(*Request)
ResponseCallback func(*Response)
@ -1278,6 +1394,17 @@ func (c *Client) WithResponseCallbacks(callbacks ...ResponseCallback) *Client {
return &c2
}
// withConfiguredTimeout wraps the context with a timeout from the client configuration.
func (c *Client) withConfiguredTimeout(ctx context.Context) (context.Context, context.CancelFunc) {
timeout := c.ClientTimeout()
if timeout > 0 {
return context.WithTimeout(ctx, timeout)
}
return ctx, func() {}
}
// RecordState returns a response callback that will record the state returned
// by Vault in a response header.
func RecordState(state *string) ResponseCallback {
@ -1466,3 +1593,14 @@ func (w *replicationStateStore) states() []string {
copy(c, w.store)
return c
}
// validateToken will check for non-printable characters to prevent a call that will fail at the api
func validateToken(t string) error {
idx := strings.IndexFunc(t, func(c rune) bool {
return !unicode.IsPrint(c)
})
if idx != -1 {
return fmt.Errorf("configured Vault token contains non-printable characters and cannot be used")
}
return nil
}

View File

@ -3,16 +3,23 @@ package api
import (
"context"
"fmt"
"net/http"
)
// Help reads the help information for the given path.
// Help wraps HelpWithContext using context.Background.
func (c *Client) Help(path string) (*Help, error) {
r := c.NewRequest("GET", fmt.Sprintf("/v1/%s", path))
return c.HelpWithContext(context.Background(), path)
}
// HelpWithContext reads the help information for the given path.
func (c *Client) HelpWithContext(ctx context.Context, path string) (*Help, error) {
ctx, cancelFunc := c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/%s", path))
r.Params.Add("help", "1")
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.RawRequestWithContext(ctx, r)
resp, err := c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -5,6 +5,7 @@ import (
"context"
"fmt"
"io"
"net/http"
"net/url"
"os"
"strings"
@ -30,7 +31,7 @@ var (
return os.Getenv(EnvVaultWrapTTL)
}
if (operation == "PUT" || operation == "POST") && path == "sys/wrapping/wrap" {
if (operation == http.MethodPut || operation == http.MethodPost) && path == "sys/wrapping/wrap" {
return DefaultWrappingTTL
}
@ -49,11 +50,22 @@ func (c *Client) Logical() *Logical {
}
func (c *Logical) Read(path string) (*Secret, error) {
return c.ReadWithData(path, nil)
return c.ReadWithDataWithContext(context.Background(), path, nil)
}
func (c *Logical) ReadWithContext(ctx context.Context, path string) (*Secret, error) {
return c.ReadWithDataWithContext(ctx, path, nil)
}
func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret, error) {
r := c.c.NewRequest("GET", "/v1/"+path)
return c.ReadWithDataWithContext(context.Background(), path, data)
}
func (c *Logical) ReadWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodGet, "/v1/"+path)
var values url.Values
for k, v := range data {
@ -69,9 +81,7 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret,
r.Params = values
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
}
@ -97,15 +107,20 @@ func (c *Logical) ReadWithData(path string, data map[string][]string) (*Secret,
}
func (c *Logical) List(path string) (*Secret, error) {
return c.ListWithContext(context.Background(), path)
}
func (c *Logical) ListWithContext(ctx context.Context, path string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest("LIST", "/v1/"+path)
// Set this for broader compatibility, but we use LIST above to be able to
// handle the wrapping lookup function
r.Method = "GET"
r.Method = http.MethodGet
r.Params.Set("list", "true")
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
}
@ -131,10 +146,11 @@ func (c *Logical) List(path string) (*Secret, error) {
}
func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, error) {
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
return c.WriteWithContext(context.Background(), path, data)
}
r := c.c.NewRequest("PUT", "/v1/"+path)
func (c *Logical) WriteWithContext(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest(http.MethodPut, "/v1/"+path)
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
@ -143,7 +159,7 @@ func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, erro
}
func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest("PATCH", "/v1/"+path)
r := c.c.NewRequest(http.MethodPatch, "/v1/"+path)
r.Headers.Set("Content-Type", "application/merge-patch+json")
if err := r.SetJSONBody(data); err != nil {
return nil, err
@ -153,14 +169,21 @@ func (c *Logical) JSONMergePatch(ctx context.Context, path string, data map[stri
}
func (c *Logical) WriteBytes(path string, data []byte) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/"+path)
return c.WriteBytesWithContext(context.Background(), path, data)
}
func (c *Logical) WriteBytesWithContext(ctx context.Context, path string, data []byte) (*Secret, error) {
r := c.c.NewRequest(http.MethodPut, "/v1/"+path)
r.BodyBytes = data
return c.write(context.Background(), path, r)
return c.write(ctx, path, r)
}
func (c *Logical) write(ctx context.Context, path string, request *Request) (*Secret, error) {
resp, err := c.c.RawRequestWithContext(ctx, request)
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.rawRequestWithContext(ctx, request)
if resp != nil {
defer resp.Body.Close()
}
@ -185,11 +208,22 @@ func (c *Logical) write(ctx context.Context, path string, request *Request) (*Se
}
func (c *Logical) Delete(path string) (*Secret, error) {
return c.DeleteWithData(path, nil)
return c.DeleteWithContext(context.Background(), path)
}
func (c *Logical) DeleteWithContext(ctx context.Context, path string) (*Secret, error) {
return c.DeleteWithDataWithContext(ctx, path, nil)
}
func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret, error) {
r := c.c.NewRequest("DELETE", "/v1/"+path)
return c.DeleteWithDataWithContext(context.Background(), path, data)
}
func (c *Logical) DeleteWithDataWithContext(ctx context.Context, path string, data map[string][]string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodDelete, "/v1/"+path)
var values url.Values
for k, v := range data {
@ -205,9 +239,7 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret
r.Params = values
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
}
@ -232,6 +264,13 @@ func (c *Logical) DeleteWithData(path string, data map[string][]string) (*Secret
}
func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) {
return c.UnwrapWithContext(context.Background(), wrappingToken)
}
func (c *Logical) UnwrapWithContext(ctx context.Context, wrappingToken string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
var data map[string]interface{}
wt := strings.TrimSpace(wrappingToken)
if wrappingToken != "" {
@ -244,14 +283,12 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) {
}
}
r := c.c.NewRequest("PUT", "/v1/sys/wrapping/unwrap")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/wrapping/unwrap")
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
}

View File

@ -2,6 +2,7 @@ package api
import (
"fmt"
"net/http"
"strings"
retryablehttp "github.com/hashicorp/go-retryablehttp"
@ -45,7 +46,7 @@ func (d *OutputStringError) parseRequest() {
if d.TLSSkipVerify {
d.parsedCurlString += "--insecure "
}
if d.Request.Method != "GET" {
if d.Request.Method != http.MethodGet {
d.parsedCurlString = fmt.Sprintf("%s-X %s ", d.parsedCurlString, d.Request.Method)
}
if d.ClientCACert != "" {

View File

@ -1,6 +1,7 @@
package api
import (
"context"
"crypto/tls"
"crypto/x509"
"encoding/base64"
@ -67,9 +68,14 @@ func (f *PluginAPIClientMeta) GetTLSConfig() *TLSConfig {
return nil
}
// VaultPluginTLSProvider is run inside a plugin and retrieves the response
// wrapped TLS certificate from vault. It returns a configured TLS Config.
// VaultPluginTLSProvider wraps VaultPluginTLSProviderContext using context.Background.
func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error) {
return VaultPluginTLSProviderContext(context.Background(), apiTLSConfig)
}
// VaultPluginTLSProviderContext is run inside a plugin and retrieves the response
// wrapped TLS certificate from vault. It returns a configured TLS Config.
func VaultPluginTLSProviderContext(ctx context.Context, apiTLSConfig *TLSConfig) func() (*tls.Config, error) {
if os.Getenv(PluginMetadataModeEnv) == "true" {
return nil
}
@ -121,7 +127,7 @@ func VaultPluginTLSProvider(apiTLSConfig *TLSConfig) func() (*tls.Config, error)
// Reset token value to make sure nothing has been set by default
client.ClearToken()
secret, err := client.Logical().Unwrap(unwrapToken)
secret, err := client.Logical().UnwrapWithContext(ctx, unwrapToken)
if err != nil {
return nil, errwrap.Wrapf("error during token unwrap request: {{err}}", err)
}

View File

@ -3,6 +3,7 @@ package api
import (
"context"
"fmt"
"net/http"
)
// SSH is used to return a client to invoke operations on SSH backend.
@ -24,16 +25,22 @@ func (c *Client) SSHWithMountPoint(mountPoint string) *SSH {
}
}
// Credential invokes the SSH backend API to create a credential to establish an SSH session.
// Credential wraps CredentialWithContext using context.Background.
func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
return c.CredentialWithContext(context.Background(), role, data)
}
// CredentialWithContext invokes the SSH backend API to create a credential to establish an SSH session.
func (c *SSH) CredentialWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/creds/%s", c.MountPoint, role))
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -42,17 +49,23 @@ func (c *SSH) Credential(role string, data map[string]interface{}) (*Secret, err
return ParseSecret(resp.Body)
}
// SignKey signs the given public key and returns a signed public key to pass
// along with the SSH request.
// SignKey wraps SignKeyWithContext using context.Background.
func (c *SSH) SignKey(role string, data map[string]interface{}) (*Secret, error) {
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
return c.SignKeyWithContext(context.Background(), role, data)
}
// SignKeyWithContext signs the given public key and returns a signed public key to pass
// along with the SSH request.
func (c *SSH) SignKeyWithContext(ctx context.Context, role string, data map[string]interface{}) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/%s/sign/%s", c.MountPoint, role))
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -6,6 +6,7 @@ import (
"crypto/x509"
"fmt"
"io/ioutil"
"net/http"
"os"
"github.com/hashicorp/errwrap"
@ -206,18 +207,24 @@ func (c *Client) SSHHelperWithMountPoint(mountPoint string) *SSHHelper {
// an echo response message is returned. This feature is used by ssh-helper to verify if
// its configured correctly.
func (c *SSHHelper) Verify(otp string) (*SSHVerifyResponse, error) {
return c.VerifyWithContext(context.Background(), otp)
}
// VerifyWithContext the same as Verify but with a custom context.
func (c *SSHHelper) VerifyWithContext(ctx context.Context, otp string) (*SSHVerifyResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
data := map[string]interface{}{
"otp": otp,
}
verifyPath := fmt.Sprintf("/v1/%s/verify", c.MountPoint)
r := c.c.NewRequest("PUT", verifyPath)
r := c.c.NewRequest(http.MethodPut, verifyPath)
if err := r.SetJSONBody(data); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -4,23 +4,29 @@ import (
"context"
"errors"
"fmt"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) AuditHash(path string, input string) (string, error) {
return c.AuditHashWithContext(context.Background(), path, input)
}
func (c *Sys) AuditHashWithContext(ctx context.Context, path string, input string) (string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"input": input,
}
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/audit-hash/%s", path))
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/audit-hash/%s", path))
if err := r.SetJSONBody(body); err != nil {
return "", err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return "", err
}
@ -47,11 +53,16 @@ func (c *Sys) AuditHash(path string, input string) (string, error) {
}
func (c *Sys) ListAudit() (map[string]*Audit, error) {
r := c.c.NewRequest("GET", "/v1/sys/audit")
return c.ListAuditWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) ListAuditWithContext(ctx context.Context) (map[string]*Audit, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/audit")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -85,14 +96,19 @@ func (c *Sys) EnableAudit(
}
func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) error {
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/audit/%s", path))
return c.EnableAuditWithOptionsWithContext(context.Background(), path, options)
}
func (c *Sys) EnableAuditWithOptionsWithContext(ctx context.Context, path string, options *EnableAuditOptions) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/audit/%s", path))
if err := r.SetJSONBody(options); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -102,11 +118,16 @@ func (c *Sys) EnableAuditWithOptions(path string, options *EnableAuditOptions) e
}
func (c *Sys) DisableAudit(path string) error {
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/audit/%s", path))
return c.DisableAuditWithContext(context.Background(), path)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) DisableAuditWithContext(ctx context.Context, path string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/audit/%s", path))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()

View File

@ -4,16 +4,22 @@ import (
"context"
"errors"
"fmt"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) ListAuth() (map[string]*AuthMount, error) {
r := c.c.NewRequest("GET", "/v1/sys/auth")
return c.ListAuthWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) ListAuthWithContext(ctx context.Context) (map[string]*AuthMount, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/auth")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -45,14 +51,19 @@ func (c *Sys) EnableAuth(path, authType, desc string) error {
}
func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) error {
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/auth/%s", path))
return c.EnableAuthWithOptionsWithContext(context.Background(), path, options)
}
func (c *Sys) EnableAuthWithOptionsWithContext(ctx context.Context, path string, options *EnableAuthOptions) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/auth/%s", path))
if err := r.SetJSONBody(options); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -62,11 +73,16 @@ func (c *Sys) EnableAuthWithOptions(path string, options *EnableAuthOptions) err
}
func (c *Sys) DisableAuth(path string) error {
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/auth/%s", path))
return c.DisableAuthWithContext(context.Background(), path)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) DisableAuthWithContext(ctx context.Context, path string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/auth/%s", path))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}

View File

@ -4,15 +4,30 @@ import (
"context"
"errors"
"fmt"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) CapabilitiesSelf(path string) ([]string, error) {
return c.Capabilities(c.c.Token(), path)
return c.CapabilitiesSelfWithContext(context.Background(), path)
}
func (c *Sys) CapabilitiesSelfWithContext(ctx context.Context, path string) ([]string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
return c.CapabilitiesWithContext(ctx, c.c.Token(), path)
}
func (c *Sys) Capabilities(token, path string) ([]string, error) {
return c.CapabilitiesWithContext(context.Background(), token, path)
}
func (c *Sys) CapabilitiesWithContext(ctx context.Context, token, path string) ([]string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]string{
"token": token,
"path": path,
@ -23,14 +38,12 @@ func (c *Sys) Capabilities(token, path string) ([]string, error) {
reqPath = fmt.Sprintf("%s-self", reqPath)
}
r := c.c.NewRequest("POST", reqPath)
r := c.c.NewRequest(http.MethodPost, reqPath)
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -3,16 +3,22 @@ package api
import (
"context"
"errors"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) CORSStatus() (*CORSResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/config/cors")
return c.CORSStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) CORSStatusWithContext(ctx context.Context) (*CORSResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/config/cors")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -36,14 +42,19 @@ func (c *Sys) CORSStatus() (*CORSResponse, error) {
}
func (c *Sys) ConfigureCORS(req *CORSRequest) error {
r := c.c.NewRequest("PUT", "/v1/sys/config/cors")
return c.ConfigureCORSWithContext(context.Background(), req)
}
func (c *Sys) ConfigureCORSWithContext(ctx context.Context, req *CORSRequest) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/config/cors")
if err := r.SetJSONBody(req); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -51,11 +62,16 @@ func (c *Sys) ConfigureCORS(req *CORSRequest) error {
}
func (c *Sys) DisableCORS() error {
r := c.c.NewRequest("DELETE", "/v1/sys/config/cors")
return c.DisableCORSWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) DisableCORSWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/config/cors")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}

View File

@ -1,25 +1,41 @@
package api
import "context"
import (
"context"
"net/http"
)
func (c *Sys) GenerateRootStatus() (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommon("/v1/sys/generate-root/attempt")
return c.GenerateRootStatusWithContext(context.Background())
}
func (c *Sys) GenerateDROperationTokenStatus() (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
return c.GenerateDROperationTokenStatusWithContext(context.Background())
}
func (c *Sys) GenerateRecoveryOperationTokenStatus() (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommon("/v1/sys/generate-recovery-token/attempt")
return c.GenerateRecoveryOperationTokenStatusWithContext(context.Background())
}
func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse, error) {
r := c.c.NewRequest("GET", path)
func (c *Sys) GenerateRootStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-root/attempt")
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) GenerateDROperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
}
func (c *Sys) GenerateRecoveryOperationTokenStatusWithContext(ctx context.Context) (*GenerateRootStatusResponse, error) {
return c.generateRootStatusCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt")
}
func (c *Sys) generateRootStatusCommonWithContext(ctx context.Context, path string) (*GenerateRootStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, path)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -31,31 +47,44 @@ func (c *Sys) generateRootStatusCommon(path string) (*GenerateRootStatusResponse
}
func (c *Sys) GenerateRootInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommon("/v1/sys/generate-root/attempt", otp, pgpKey)
return c.GenerateRootInitWithContext(context.Background(), otp, pgpKey)
}
func (c *Sys) GenerateDROperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey)
return c.GenerateDROperationTokenInitWithContext(context.Background(), otp, pgpKey)
}
func (c *Sys) GenerateRecoveryOperationTokenInit(otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommon("/v1/sys/generate-recovery-token/attempt", otp, pgpKey)
return c.GenerateRecoveryOperationTokenInitWithContext(context.Background(), otp, pgpKey)
}
func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
func (c *Sys) GenerateRootInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-root/attempt", otp, pgpKey)
}
func (c *Sys) GenerateDROperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt", otp, pgpKey)
}
func (c *Sys) GenerateRecoveryOperationTokenInitWithContext(ctx context.Context, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
return c.generateRootInitCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt", otp, pgpKey)
}
func (c *Sys) generateRootInitCommonWithContext(ctx context.Context, path, otp, pgpKey string) (*GenerateRootStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"otp": otp,
"pgp_key": pgpKey,
}
r := c.c.NewRequest("PUT", path)
r := c.c.NewRequest(http.MethodPut, path)
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -67,23 +96,36 @@ func (c *Sys) generateRootInitCommon(path, otp, pgpKey string) (*GenerateRootSta
}
func (c *Sys) GenerateRootCancel() error {
return c.generateRootCancelCommon("/v1/sys/generate-root/attempt")
return c.GenerateRootCancelWithContext(context.Background())
}
func (c *Sys) GenerateDROperationTokenCancel() error {
return c.generateRootCancelCommon("/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
return c.GenerateDROperationTokenCancelWithContext(context.Background())
}
func (c *Sys) GenerateRecoveryOperationTokenCancel() error {
return c.generateRootCancelCommon("/v1/sys/generate-recovery-token/attempt")
return c.GenerateRecoveryOperationTokenCancelWithContext(context.Background())
}
func (c *Sys) generateRootCancelCommon(path string) error {
r := c.c.NewRequest("DELETE", path)
func (c *Sys) GenerateRootCancelWithContext(ctx context.Context) error {
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-root/attempt")
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) GenerateDROperationTokenCancelWithContext(ctx context.Context) error {
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/attempt")
}
func (c *Sys) GenerateRecoveryOperationTokenCancelWithContext(ctx context.Context) error {
return c.generateRootCancelCommonWithContext(ctx, "/v1/sys/generate-recovery-token/attempt")
}
func (c *Sys) generateRootCancelCommonWithContext(ctx context.Context, path string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, path)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -91,31 +133,44 @@ func (c *Sys) generateRootCancelCommon(path string) error {
}
func (c *Sys) GenerateRootUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommon("/v1/sys/generate-root/update", shard, nonce)
return c.GenerateRootUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) GenerateDROperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommon("/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce)
return c.GenerateDROperationTokenUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) GenerateRecoveryOperationTokenUpdate(shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommon("/v1/sys/generate-recovery-token/update", shard, nonce)
return c.GenerateRecoveryOperationTokenUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) generateRootUpdateCommon(path, shard, nonce string) (*GenerateRootStatusResponse, error) {
func (c *Sys) GenerateRootUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-root/update", shard, nonce)
}
func (c *Sys) GenerateDROperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/replication/dr/secondary/generate-operation-token/update", shard, nonce)
}
func (c *Sys) GenerateRecoveryOperationTokenUpdateWithContext(ctx context.Context, shard, nonce string) (*GenerateRootStatusResponse, error) {
return c.generateRootUpdateCommonWithContext(ctx, "/v1/sys/generate-recovery-token/update", shard, nonce)
}
func (c *Sys) generateRootUpdateCommonWithContext(ctx context.Context, path, shard, nonce string) (*GenerateRootStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"key": shard,
"nonce": nonce,
}
r := c.c.NewRequest("PUT", path)
r := c.c.NewRequest(http.MethodPut, path)
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -2,15 +2,21 @@ package api
import (
"context"
"net/http"
"time"
)
func (c *Sys) HAStatus() (*HAStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/ha-status")
return c.HAStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) HAStatusWithContext(ctx context.Context) (*HAStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/ha-status")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -1,9 +1,19 @@
package api
import "context"
import (
"context"
"net/http"
)
func (c *Sys) Health() (*HealthResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/health")
return c.HealthWithContext(context.Background())
}
func (c *Sys) HealthWithContext(ctx context.Context) (*HealthResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodGet, "/v1/sys/health")
// If the code is 400 or above it will automatically turn into an error,
// but the sys/health API defaults to returning 5xx when not sealed or
// inited, so we force this code to be something else so we parse correctly
@ -13,9 +23,7 @@ func (c *Sys) Health() (*HealthResponse, error) {
r.Params.Add("drsecondarycode", "299")
r.Params.Add("performancestandbycode", "299")
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -1,13 +1,21 @@
package api
import "context"
import (
"context"
"net/http"
)
func (c *Sys) InitStatus() (bool, error) {
r := c.c.NewRequest("GET", "/v1/sys/init")
return c.InitStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) InitStatusWithContext(ctx context.Context) (bool, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/init")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return false, err
}
@ -19,14 +27,19 @@ func (c *Sys) InitStatus() (bool, error) {
}
func (c *Sys) Init(opts *InitRequest) (*InitResponse, error) {
r := c.c.NewRequest("PUT", "/v1/sys/init")
return c.InitWithContext(context.Background(), opts)
}
func (c *Sys) InitWithContext(ctx context.Context, opts *InitRequest) (*InitResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/init")
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -2,15 +2,21 @@ package api
import (
"context"
"net/http"
"time"
)
func (c *Sys) Leader() (*LeaderResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/leader")
return c.LeaderWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) LeaderWithContext(ctx context.Context) (*LeaderResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/leader")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -3,10 +3,18 @@ package api
import (
"context"
"errors"
"net/http"
)
func (c *Sys) Renew(id string, increment int) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/sys/leases/renew")
return c.RenewWithContext(context.Background(), id, increment)
}
func (c *Sys) RenewWithContext(ctx context.Context, id string, increment int) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/renew")
body := map[string]interface{}{
"increment": increment,
@ -16,9 +24,7 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -28,7 +34,14 @@ func (c *Sys) Renew(id string, increment int) (*Secret, error) {
}
func (c *Sys) Lookup(id string) (*Secret, error) {
r := c.c.NewRequest("PUT", "/v1/sys/leases/lookup")
return c.LookupWithContext(context.Background(), id)
}
func (c *Sys) LookupWithContext(ctx context.Context, id string) (*Secret, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/lookup")
body := map[string]interface{}{
"lease_id": id,
@ -37,9 +50,7 @@ func (c *Sys) Lookup(id string) (*Secret, error) {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -49,7 +60,14 @@ func (c *Sys) Lookup(id string) (*Secret, error) {
}
func (c *Sys) Revoke(id string) error {
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke")
return c.RevokeWithContext(context.Background(), id)
}
func (c *Sys) RevokeWithContext(ctx context.Context, id string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke")
body := map[string]interface{}{
"lease_id": id,
}
@ -57,9 +75,7 @@ func (c *Sys) Revoke(id string) error {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -67,11 +83,16 @@ func (c *Sys) Revoke(id string) error {
}
func (c *Sys) RevokePrefix(id string) error {
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-prefix/"+id)
return c.RevokePrefixWithContext(context.Background(), id)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RevokePrefixWithContext(ctx context.Context, id string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke-prefix/"+id)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -79,11 +100,16 @@ func (c *Sys) RevokePrefix(id string) error {
}
func (c *Sys) RevokeForce(id string) error {
r := c.c.NewRequest("PUT", "/v1/sys/leases/revoke-force/"+id)
return c.RevokeForceWithContext(context.Background(), id)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RevokeForceWithContext(ctx context.Context, id string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodPut, "/v1/sys/leases/revoke-force/"+id)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -91,6 +117,13 @@ func (c *Sys) RevokeForce(id string) error {
}
func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
return c.RevokeWithOptionsWithContext(context.Background(), opts)
}
func (c *Sys) RevokeWithOptionsWithContext(ctx context.Context, opts *RevokeOptions) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
if opts == nil {
return errors.New("nil options provided")
}
@ -105,7 +138,7 @@ func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
}
path += opts.LeaseID
r := c.c.NewRequest("PUT", path)
r := c.c.NewRequest(http.MethodPut, path)
if !opts.Force {
body := map[string]interface{}{
"sync": opts.Sync,
@ -115,9 +148,7 @@ func (c *Sys) RevokeWithOptions(opts *RevokeOptions) error {
}
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}

View File

@ -4,12 +4,13 @@ import (
"bufio"
"context"
"fmt"
"net/http"
)
// Monitor returns a channel that outputs strings containing the log messages
// coming from the server.
func (c *Sys) Monitor(ctx context.Context, logLevel string) (chan string, error) {
r := c.c.NewRequest("GET", "/v1/sys/monitor")
r := c.c.NewRequest(http.MethodGet, "/v1/sys/monitor")
if logLevel == "" {
r.Params.Add("log_level", "info")

View File

@ -4,17 +4,23 @@ import (
"context"
"errors"
"fmt"
"net/http"
"time"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) ListMounts() (map[string]*MountOutput, error) {
r := c.c.NewRequest("GET", "/v1/sys/mounts")
return c.ListMountsWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) ListMountsWithContext(ctx context.Context) (map[string]*MountOutput, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/mounts")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -38,14 +44,19 @@ func (c *Sys) ListMounts() (map[string]*MountOutput, error) {
}
func (c *Sys) Mount(path string, mountInfo *MountInput) error {
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s", path))
return c.MountWithContext(context.Background(), path, mountInfo)
}
func (c *Sys) MountWithContext(ctx context.Context, path string, mountInfo *MountInput) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/mounts/%s", path))
if err := r.SetJSONBody(mountInfo); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -55,27 +66,37 @@ func (c *Sys) Mount(path string, mountInfo *MountInput) error {
}
func (c *Sys) Unmount(path string) error {
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/mounts/%s", path))
return c.UnmountWithContext(context.Background(), path)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) UnmountWithContext(ctx context.Context, path string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/mounts/%s", path))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
return err
}
// Remount kicks off a remount operation, polls the status endpoint using
// the migration ID till either success or failure state is observed
// Remount wraps RemountWithContext using context.Background.
func (c *Sys) Remount(from, to string) error {
remountResp, err := c.StartRemount(from, to)
return c.RemountWithContext(context.Background(), from, to)
}
// RemountWithContext kicks off a remount operation, polls the status endpoint using
// the migration ID till either success or failure state is observed
func (c *Sys) RemountWithContext(ctx context.Context, from, to string) error {
remountResp, err := c.StartRemountWithContext(ctx, from, to)
if err != nil {
return err
}
for {
remountStatusResp, err := c.RemountStatus(remountResp.MigrationID)
remountStatusResp, err := c.RemountStatusWithContext(ctx, remountResp.MigrationID)
if err != nil {
return err
}
@ -89,21 +110,27 @@ func (c *Sys) Remount(from, to string) error {
}
}
// StartRemount kicks off a mount migration and returns a response with the migration ID
// StartRemount wraps StartRemountWithContext using context.Background.
func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) {
return c.StartRemountWithContext(context.Background(), from, to)
}
// StartRemountWithContext kicks off a mount migration and returns a response with the migration ID
func (c *Sys) StartRemountWithContext(ctx context.Context, from, to string) (*MountMigrationOutput, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"from": from,
"to": to,
}
r := c.c.NewRequest("POST", "/v1/sys/remount")
r := c.c.NewRequest(http.MethodPost, "/v1/sys/remount")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -125,13 +152,19 @@ func (c *Sys) StartRemount(from, to string) (*MountMigrationOutput, error) {
return &result, err
}
// RemountStatus checks the status of a mount migration operation with the provided ID
// RemountStatus wraps RemountStatusWithContext using context.Background.
func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, error) {
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/remount/status/%s", migrationID))
return c.RemountStatusWithContext(context.Background(), migrationID)
}
ctx, cancelFunc := context.WithCancel(context.Background())
// RemountStatusWithContext checks the status of a mount migration operation with the provided ID
func (c *Sys) RemountStatusWithContext(ctx context.Context, migrationID string) (*MountMigrationStatusOutput, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/remount/status/%s", migrationID))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -154,14 +187,19 @@ func (c *Sys) RemountStatus(migrationID string) (*MountMigrationStatusOutput, er
}
func (c *Sys) TuneMount(path string, config MountConfigInput) error {
r := c.c.NewRequest("POST", fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
return c.TuneMountWithContext(context.Background(), path, config)
}
func (c *Sys) TuneMountWithContext(ctx context.Context, path string, config MountConfigInput) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
if err := r.SetJSONBody(config); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -169,11 +207,16 @@ func (c *Sys) TuneMount(path string, config MountConfigInput) error {
}
func (c *Sys) MountConfig(path string) (*MountConfigOutput, error) {
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
return c.MountConfigWithContext(context.Background(), path)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) MountConfigWithContext(ctx context.Context, path string) (*MountConfigOutput, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/mounts/%s/tune", path))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -29,14 +29,22 @@ type ListPluginsResponse struct {
Names []string `json:"names"`
}
// ListPlugins lists all plugins in the catalog and returns their names as a
// list of strings.
// ListPlugins wraps ListPluginsWithContext using context.Background.
func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
return c.ListPluginsWithContext(context.Background(), i)
}
// ListPluginsWithContext lists all plugins in the catalog and returns their names as a
// list of strings.
func (c *Sys) ListPluginsWithContext(ctx context.Context, i *ListPluginsInput) (*ListPluginsResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := ""
method := ""
if i.Type == consts.PluginTypeUnknown {
path = "/v1/sys/plugins/catalog"
method = "GET"
method = http.MethodGet
} else {
path = fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Type)
method = "LIST"
@ -46,13 +54,11 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
if method == "LIST" {
// Set this for broader compatibility, but we use LIST above to be able
// to handle the wrapping lookup function
req.Method = "GET"
req.Method = http.MethodGet
req.Params.Set("list", "true")
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err != nil && resp == nil {
return nil, err
}
@ -66,7 +72,7 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
// switch it to a LIST.
if resp.StatusCode == 405 {
req.Params.Set("list", "true")
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err != nil {
return nil, err
}
@ -142,14 +148,20 @@ type GetPluginResponse struct {
SHA256 string `json:"sha256"`
}
// GetPlugin retrieves information about the plugin.
// GetPlugin wraps GetPluginWithContext using context.Background.
func (c *Sys) GetPlugin(i *GetPluginInput) (*GetPluginResponse, error) {
return c.GetPluginWithContext(context.Background(), i)
}
// GetPluginWithContext retrieves information about the plugin.
func (c *Sys) GetPluginWithContext(ctx context.Context, i *GetPluginInput) (*GetPluginResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := catalogPathByType(i.Type, i.Name)
req := c.c.NewRequest(http.MethodGet, path)
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err != nil {
return nil, err
}
@ -183,8 +195,16 @@ type RegisterPluginInput struct {
SHA256 string `json:"sha256,omitempty"`
}
// RegisterPlugin registers the plugin with the given information.
// RegisterPlugin wraps RegisterPluginWithContext using context.Background.
func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
return c.RegisterPluginWithContext(context.Background(), i)
}
// RegisterPluginWithContext registers the plugin with the given information.
func (c *Sys) RegisterPluginWithContext(ctx context.Context, i *RegisterPluginInput) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := catalogPathByType(i.Type, i.Name)
req := c.c.NewRequest(http.MethodPut, path)
@ -192,9 +212,7 @@ func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err == nil {
defer resp.Body.Close()
}
@ -210,15 +228,21 @@ type DeregisterPluginInput struct {
Type consts.PluginType `json:"type"`
}
// DeregisterPlugin removes the plugin with the given name from the plugin
// catalog.
// DeregisterPlugin wraps DeregisterPluginWithContext using context.Background.
func (c *Sys) DeregisterPlugin(i *DeregisterPluginInput) error {
return c.DeregisterPluginWithContext(context.Background(), i)
}
// DeregisterPluginWithContext removes the plugin with the given name from the plugin
// catalog.
func (c *Sys) DeregisterPluginWithContext(ctx context.Context, i *DeregisterPluginInput) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := catalogPathByType(i.Type, i.Name)
req := c.c.NewRequest(http.MethodDelete, path)
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err == nil {
defer resp.Body.Close()
}
@ -237,9 +261,17 @@ type ReloadPluginInput struct {
Scope string `json:"scope"`
}
// ReloadPlugin reloads mounted plugin backends, possibly returning
// reloadId for a cluster scoped reload
// ReloadPlugin wraps ReloadPluginWithContext using context.Background.
func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
return c.ReloadPluginWithContext(context.Background(), i)
}
// ReloadPluginWithContext reloads mounted plugin backends, possibly returning
// reloadId for a cluster scoped reload
func (c *Sys) ReloadPluginWithContext(ctx context.Context, i *ReloadPluginInput) (string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := "/v1/sys/plugins/reload/backend"
req := c.c.NewRequest(http.MethodPut, path)
@ -247,10 +279,7 @@ func (c *Sys) ReloadPlugin(i *ReloadPluginInput) (string, error) {
return "", err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err != nil {
return "", err
}
@ -287,16 +316,21 @@ type ReloadPluginStatusInput struct {
ReloadID string `json:"reload_id"`
}
// ReloadPluginStatus retrieves the status of a reload operation
// ReloadPluginStatus wraps ReloadPluginStatusWithContext using context.Background.
func (c *Sys) ReloadPluginStatus(reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) {
return c.ReloadPluginStatusWithContext(context.Background(), reloadStatusInput)
}
// ReloadPluginStatusWithContext retrieves the status of a reload operation
func (c *Sys) ReloadPluginStatusWithContext(ctx context.Context, reloadStatusInput *ReloadPluginStatusInput) (*ReloadStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
path := "/v1/sys/plugins/reload/backend/status"
req := c.c.NewRequest(http.MethodGet, path)
req.Params.Add("reload_id", reloadStatusInput.ReloadID)
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, req)
resp, err := c.c.rawRequestWithContext(ctx, req)
if err != nil {
return nil, err
}

View File

@ -4,20 +4,26 @@ import (
"context"
"errors"
"fmt"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) ListPolicies() ([]string, error) {
return c.ListPoliciesWithContext(context.Background())
}
func (c *Sys) ListPoliciesWithContext(ctx context.Context) ([]string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest("LIST", "/v1/sys/policies/acl")
// Set this for broader compatibility, but we use LIST above to be able to
// handle the wrapping lookup function
r.Method = "GET"
r.Method = http.MethodGet
r.Params.Set("list", "true")
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -41,11 +47,16 @@ func (c *Sys) ListPolicies() ([]string, error) {
}
func (c *Sys) GetPolicy(name string) (string, error) {
r := c.c.NewRequest("GET", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
return c.GetPolicyWithContext(context.Background(), name)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) GetPolicyWithContext(ctx context.Context, name string) (string, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
if resp.StatusCode == 404 {
@ -72,18 +83,23 @@ func (c *Sys) GetPolicy(name string) (string, error) {
}
func (c *Sys) PutPolicy(name, rules string) error {
return c.PutPolicyWithContext(context.Background(), name, rules)
}
func (c *Sys) PutPolicyWithContext(ctx context.Context, name, rules string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]string{
"policy": rules,
}
r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
r := c.c.NewRequest(http.MethodPut, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
if err := r.SetJSONBody(body); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -93,11 +109,16 @@ func (c *Sys) PutPolicy(name, rules string) error {
}
func (c *Sys) DeletePolicy(name string) error {
r := c.c.NewRequest("DELETE", fmt.Sprintf("/v1/sys/policies/acl/%s", name))
return c.DeletePolicyWithContext(context.Background(), name)
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) DeletePolicyWithContext(ctx context.Context, name string) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, fmt.Sprintf("/v1/sys/policies/acl/%s", name))
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}

View File

@ -6,7 +6,6 @@ import (
"context"
"encoding/json"
"errors"
"fmt"
"io"
"io/ioutil"
"net/http"
@ -14,7 +13,6 @@ import (
"time"
"github.com/hashicorp/go-secure-stdlib/parseutil"
"github.com/hashicorp/vault/sdk/helper/consts"
"github.com/mitchellh/mapstructure"
)
@ -110,18 +108,24 @@ type AutopilotServer struct {
Meta map[string]string `mapstructure:"meta"`
}
// RaftJoin adds the node from which this call is invoked from to the raft
// cluster represented by the leader address in the parameter.
// RaftJoin wraps RaftJoinWithContext using context.Background.
func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) {
r := c.c.NewRequest("POST", "/v1/sys/storage/raft/join")
return c.RaftJoinWithContext(context.Background(), opts)
}
// RaftJoinWithContext adds the node from which this call is invoked from to the raft
// cluster represented by the leader address in the parameter.
func (c *Sys) RaftJoinWithContext(ctx context.Context, opts *RaftJoinRequest) (*RaftJoinResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/sys/storage/raft/join")
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -132,87 +136,22 @@ func (c *Sys) RaftJoin(opts *RaftJoinRequest) (*RaftJoinResponse, error) {
return &result, err
}
// RaftSnapshot invokes the API that takes the snapshot of the raft cluster and
// writes it to the supplied io.Writer.
// RaftSnapshot wraps RaftSnapshotWithContext using context.Background.
func (c *Sys) RaftSnapshot(snapWriter io.Writer) error {
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/snapshot")
return c.RaftSnapshotWithContext(context.Background(), snapWriter)
}
// RaftSnapshotWithContext invokes the API that takes the snapshot of the raft cluster and
// writes it to the supplied io.Writer.
func (c *Sys) RaftSnapshotWithContext(ctx context.Context, snapWriter io.Writer) error {
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/snapshot")
r.URL.RawQuery = r.Params.Encode()
req, err := http.NewRequest(http.MethodGet, r.URL.RequestURI(), nil)
resp, err := c.c.httpRequestWithContext(ctx, r)
if err != nil {
return err
}
req.URL.User = r.URL.User
req.URL.Scheme = r.URL.Scheme
req.URL.Host = r.URL.Host
req.Host = r.URL.Host
if r.Headers != nil {
for header, vals := range r.Headers {
for _, val := range vals {
req.Header.Add(header, val)
}
}
}
if len(r.ClientToken) != 0 {
req.Header.Set(consts.AuthHeaderName, r.ClientToken)
}
if len(r.WrapTTL) != 0 {
req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL)
}
if len(r.MFAHeaderVals) != 0 {
for _, mfaHeaderVal := range r.MFAHeaderVals {
req.Header.Add("X-Vault-MFA", mfaHeaderVal)
}
}
if r.PolicyOverride {
req.Header.Set("X-Vault-Policy-Override", "true")
}
// Avoiding the use of RawRequestWithContext which reads the response body
// to determine if the body contains error message.
var result *Response
resp, err := c.c.config.HttpClient.Do(req)
if err != nil {
return err
}
if resp == nil {
return nil
}
// Check for a redirect, only allowing for a single redirect
if resp.StatusCode == 301 || resp.StatusCode == 302 || resp.StatusCode == 307 {
// Parse the updated location
respLoc, err := resp.Location()
if err != nil {
return err
}
// Ensure a protocol downgrade doesn't happen
if req.URL.Scheme == "https" && respLoc.Scheme != "https" {
return fmt.Errorf("redirect would cause protocol downgrade")
}
// Update the request
req.URL = respLoc
// Retry the request
resp, err = c.c.config.HttpClient.Do(req)
if err != nil {
return err
}
}
result = &Response{Response: resp}
if err := result.Error(); err != nil {
return err
}
defer resp.Body.Close()
// Make sure that the last file in the archive, SHA256SUMS.sealed, is present
// and non-empty. This is to catch cases where the snapshot failed midstream,
@ -271,20 +210,23 @@ func (c *Sys) RaftSnapshot(snapWriter io.Writer) error {
return nil
}
// RaftSnapshotRestore reads the snapshot from the io.Reader and installs that
// snapshot, returning the cluster to the state defined by it.
// RaftSnapshotRestore wraps RaftSnapshotRestoreWithContext using context.Background.
func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error {
return c.RaftSnapshotRestoreWithContext(context.Background(), snapReader, force)
}
// RaftSnapshotRestoreWithContext reads the snapshot from the io.Reader and installs that
// snapshot, returning the cluster to the state defined by it.
func (c *Sys) RaftSnapshotRestoreWithContext(ctx context.Context, snapReader io.Reader, force bool) error {
path := "/v1/sys/storage/raft/snapshot"
if force {
path = "/v1/sys/storage/raft/snapshot-force"
}
r := c.c.NewRequest("POST", path)
r := c.c.NewRequest(http.MethodPost, path)
r.Body = snapReader
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.httpRequestWithContext(ctx, r)
if err != nil {
return err
}
@ -293,13 +235,19 @@ func (c *Sys) RaftSnapshotRestore(snapReader io.Reader, force bool) error {
return nil
}
// RaftAutopilotState returns the state of the raft cluster as seen by autopilot.
// RaftAutopilotState wraps RaftAutopilotStateWithContext using context.Background.
func (c *Sys) RaftAutopilotState() (*AutopilotState, error) {
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/state")
return c.RaftAutopilotStateWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
// RaftAutopilotStateWithContext returns the state of the raft cluster as seen by autopilot.
func (c *Sys) RaftAutopilotStateWithContext(ctx context.Context) (*AutopilotState, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/autopilot/state")
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
if resp.StatusCode == 404 {
@ -327,13 +275,19 @@ func (c *Sys) RaftAutopilotState() (*AutopilotState, error) {
return &result, err
}
// RaftAutopilotConfiguration fetches the autopilot config.
// RaftAutopilotConfiguration wraps RaftAutopilotConfigurationWithContext using context.Background.
func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) {
r := c.c.NewRequest("GET", "/v1/sys/storage/raft/autopilot/configuration")
return c.RaftAutopilotConfigurationWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
// RaftAutopilotConfigurationWithContext fetches the autopilot config.
func (c *Sys) RaftAutopilotConfigurationWithContext(ctx context.Context) (*AutopilotConfig, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/storage/raft/autopilot/configuration")
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil {
defer resp.Body.Close()
if resp.StatusCode == 404 {
@ -369,17 +323,23 @@ func (c *Sys) RaftAutopilotConfiguration() (*AutopilotConfig, error) {
return &result, err
}
// PutRaftAutopilotConfiguration allows modifying the raft autopilot configuration
// PutRaftAutopilotConfiguration wraps PutRaftAutopilotConfigurationWithContext using context.Background.
func (c *Sys) PutRaftAutopilotConfiguration(opts *AutopilotConfig) error {
r := c.c.NewRequest("POST", "/v1/sys/storage/raft/autopilot/configuration")
return c.PutRaftAutopilotConfigurationWithContext(context.Background(), opts)
}
// PutRaftAutopilotConfigurationWithContext allows modifying the raft autopilot configuration
func (c *Sys) PutRaftAutopilotConfigurationWithContext(ctx context.Context, opts *AutopilotConfig) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPost, "/v1/sys/storage/raft/autopilot/configuration")
if err := r.SetJSONBody(opts); err != nil {
return err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}

View File

@ -3,16 +3,22 @@ package api
import (
"context"
"errors"
"net/http"
"github.com/mitchellh/mapstructure"
)
func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey/init")
return c.RekeyStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/init")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -24,11 +30,16 @@ func (c *Sys) RekeyStatus() (*RekeyStatusResponse, error) {
}
func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/init")
return c.RekeyRecoveryKeyStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRecoveryKeyStatusWithContext(ctx context.Context) (*RekeyStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey-recovery-key/init")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -40,11 +51,16 @@ func (c *Sys) RekeyRecoveryKeyStatus() (*RekeyStatusResponse, error) {
}
func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey/verify")
return c.RekeyVerificationStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/verify")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -56,11 +72,16 @@ func (c *Sys) RekeyVerificationStatus() (*RekeyVerificationStatusResponse, error
}
func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey-recovery-key/verify")
return c.RekeyRecoveryKeyVerificationStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRecoveryKeyVerificationStatusWithContext(ctx context.Context) (*RekeyVerificationStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey-recovery-key/verify")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -72,14 +93,19 @@ func (c *Sys) RekeyRecoveryKeyVerificationStatus() (*RekeyVerificationStatusResp
}
func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) {
r := c.c.NewRequest("PUT", "/v1/sys/rekey/init")
return c.RekeyInitWithContext(context.Background(), config)
}
func (c *Sys) RekeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/init")
if err := r.SetJSONBody(config); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -91,14 +117,19 @@ func (c *Sys) RekeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error)
}
func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusResponse, error) {
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/init")
return c.RekeyRecoveryKeyInitWithContext(context.Background(), config)
}
func (c *Sys) RekeyRecoveryKeyInitWithContext(ctx context.Context, config *RekeyInitRequest) (*RekeyStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/init")
if err := r.SetJSONBody(config); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -110,11 +141,16 @@ func (c *Sys) RekeyRecoveryKeyInit(config *RekeyInitRequest) (*RekeyStatusRespon
}
func (c *Sys) RekeyCancel() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/init")
return c.RekeyCancelWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyCancelWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/init")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -122,11 +158,16 @@ func (c *Sys) RekeyCancel() error {
}
func (c *Sys) RekeyRecoveryKeyCancel() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/init")
return c.RekeyRecoveryKeyCancelWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRecoveryKeyCancelWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey-recovery-key/init")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -134,11 +175,16 @@ func (c *Sys) RekeyRecoveryKeyCancel() error {
}
func (c *Sys) RekeyVerificationCancel() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/verify")
return c.RekeyVerificationCancelWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyVerificationCancelWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/verify")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -146,11 +192,16 @@ func (c *Sys) RekeyVerificationCancel() error {
}
func (c *Sys) RekeyRecoveryKeyVerificationCancel() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey-recovery-key/verify")
return c.RekeyRecoveryKeyVerificationCancelWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRecoveryKeyVerificationCancelWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey-recovery-key/verify")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -158,19 +209,24 @@ func (c *Sys) RekeyRecoveryKeyVerificationCancel() error {
}
func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
return c.RekeyUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) RekeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"key": shard,
"nonce": nonce,
}
r := c.c.NewRequest("PUT", "/v1/sys/rekey/update")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/update")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -182,19 +238,24 @@ func (c *Sys) RekeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
}
func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse, error) {
return c.RekeyRecoveryKeyUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) RekeyRecoveryKeyUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyUpdateResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"key": shard,
"nonce": nonce,
}
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/update")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/update")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -206,11 +267,16 @@ func (c *Sys) RekeyRecoveryKeyUpdate(shard, nonce string) (*RekeyUpdateResponse,
}
func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey/backup")
return c.RekeyRetrieveBackupWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRetrieveBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/backup")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -234,11 +300,16 @@ func (c *Sys) RekeyRetrieveBackup() (*RekeyRetrieveResponse, error) {
}
func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/rekey/recovery-key-backup")
return c.RekeyRetrieveRecoveryBackupWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyRetrieveRecoveryBackupWithContext(ctx context.Context) (*RekeyRetrieveResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/rekey/recovery-key-backup")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -262,11 +333,16 @@ func (c *Sys) RekeyRetrieveRecoveryBackup() (*RekeyRetrieveResponse, error) {
}
func (c *Sys) RekeyDeleteBackup() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/backup")
return c.RekeyDeleteBackupWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyDeleteBackupWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/backup")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -275,11 +351,16 @@ func (c *Sys) RekeyDeleteBackup() error {
}
func (c *Sys) RekeyDeleteRecoveryBackup() error {
r := c.c.NewRequest("DELETE", "/v1/sys/rekey/recovery-key-backup")
return c.RekeyDeleteRecoveryBackupWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RekeyDeleteRecoveryBackupWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodDelete, "/v1/sys/rekey/recovery-key-backup")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -288,19 +369,24 @@ func (c *Sys) RekeyDeleteRecoveryBackup() error {
}
func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
return c.RekeyVerificationUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) RekeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"key": shard,
"nonce": nonce,
}
r := c.c.NewRequest("PUT", "/v1/sys/rekey/verify")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey/verify")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}
@ -312,19 +398,24 @@ func (c *Sys) RekeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUp
}
func (c *Sys) RekeyRecoveryKeyVerificationUpdate(shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
return c.RekeyRecoveryKeyVerificationUpdateWithContext(context.Background(), shard, nonce)
}
func (c *Sys) RekeyRecoveryKeyVerificationUpdateWithContext(ctx context.Context, shard, nonce string) (*RekeyVerificationUpdateResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
body := map[string]interface{}{
"key": shard,
"nonce": nonce,
}
r := c.c.NewRequest("PUT", "/v1/sys/rekey-recovery-key/verify")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/rekey-recovery-key/verify")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
ctx, cancelFunc := context.WithCancel(context.Background())
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -4,15 +4,21 @@ import (
"context"
"encoding/json"
"errors"
"net/http"
"time"
)
func (c *Sys) Rotate() error {
r := c.c.NewRequest("POST", "/v1/sys/rotate")
return c.RotateWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) RotateWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodPost, "/v1/sys/rotate")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
}
@ -20,11 +26,16 @@ func (c *Sys) Rotate() error {
}
func (c *Sys) KeyStatus() (*KeyStatus, error) {
r := c.c.NewRequest("GET", "/v1/sys/key-status")
return c.KeyStatusWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) KeyStatusWithContext(ctx context.Context) (*KeyStatus, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodGet, "/v1/sys/key-status")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -1,59 +1,87 @@
package api
import "context"
import (
"context"
"net/http"
)
func (c *Sys) SealStatus() (*SealStatusResponse, error) {
r := c.c.NewRequest("GET", "/v1/sys/seal-status")
return sealStatusRequest(c, r)
return c.SealStatusWithContext(context.Background())
}
func (c *Sys) SealStatusWithContext(ctx context.Context) (*SealStatusResponse, error) {
r := c.c.NewRequest(http.MethodGet, "/v1/sys/seal-status")
return sealStatusRequestWithContext(ctx, c, r)
}
func (c *Sys) Seal() error {
r := c.c.NewRequest("PUT", "/v1/sys/seal")
return c.SealWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) SealWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
if err == nil {
defer resp.Body.Close()
r := c.c.NewRequest(http.MethodPut, "/v1/sys/seal")
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return err
}
return err
defer resp.Body.Close()
return nil
}
func (c *Sys) ResetUnsealProcess() (*SealStatusResponse, error) {
return c.ResetUnsealProcessWithContext(context.Background())
}
func (c *Sys) ResetUnsealProcessWithContext(ctx context.Context) (*SealStatusResponse, error) {
body := map[string]interface{}{"reset": true}
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
return sealStatusRequest(c, r)
return sealStatusRequestWithContext(ctx, c, r)
}
func (c *Sys) Unseal(shard string) (*SealStatusResponse, error) {
return c.UnsealWithContext(context.Background(), shard)
}
func (c *Sys) UnsealWithContext(ctx context.Context, shard string) (*SealStatusResponse, error) {
body := map[string]interface{}{"key": shard}
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
if err := r.SetJSONBody(body); err != nil {
return nil, err
}
return sealStatusRequest(c, r)
return sealStatusRequestWithContext(ctx, c, r)
}
func (c *Sys) UnsealWithOptions(opts *UnsealOpts) (*SealStatusResponse, error) {
r := c.c.NewRequest("PUT", "/v1/sys/unseal")
return c.UnsealWithOptionsWithContext(context.Background(), opts)
}
func (c *Sys) UnsealWithOptionsWithContext(ctx context.Context, opts *UnsealOpts) (*SealStatusResponse, error) {
r := c.c.NewRequest(http.MethodPut, "/v1/sys/unseal")
if err := r.SetJSONBody(opts); err != nil {
return nil, err
}
return sealStatusRequest(c, r)
return sealStatusRequestWithContext(ctx, c, r)
}
func sealStatusRequest(c *Sys, r *Request) (*SealStatusResponse, error) {
ctx, cancelFunc := context.WithCancel(context.Background())
func sealStatusRequestWithContext(ctx context.Context, c *Sys, r *Request) (*SealStatusResponse, error) {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
resp, err := c.c.rawRequestWithContext(ctx, r)
if err != nil {
return nil, err
}

View File

@ -1,13 +1,21 @@
package api
import "context"
import (
"context"
"net/http"
)
func (c *Sys) StepDown() error {
r := c.c.NewRequest("PUT", "/v1/sys/step-down")
return c.StepDownWithContext(context.Background())
}
ctx, cancelFunc := context.WithCancel(context.Background())
func (c *Sys) StepDownWithContext(ctx context.Context) error {
ctx, cancelFunc := c.c.withConfiguredTimeout(ctx)
defer cancelFunc()
resp, err := c.c.RawRequestWithContext(ctx, r)
r := c.c.NewRequest(http.MethodPut, "/v1/sys/step-down")
resp, err := c.c.rawRequestWithContext(ctx, r)
if resp != nil && resp.Body != nil {
resp.Body.Close()
}

2
vendor/modules.txt vendored
View File

@ -289,7 +289,7 @@ github.com/hashicorp/hcl/json/token
## explicit; go 1.13
github.com/hashicorp/vault/command/agent/auth
github.com/hashicorp/vault/command/agent/auth/kubernetes
# github.com/hashicorp/vault/api v1.4.1
# github.com/hashicorp/vault/api v1.5.0
## explicit; go 1.13
github.com/hashicorp/vault/api
# github.com/hashicorp/vault/sdk v0.4.1