forked from cyberark/conjur-api-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variable.go
99 lines (80 loc) · 2.29 KB
/
variable.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
package conjurapi
import (
"io"
"net/http"
"encoding/json"
"github.com/cyberark/conjur-api-go/conjurapi/response"
)
// RetrieveBatchSecrets fetches values for all variables in a slice using a
// single API call
//
// The authenticated user must have execute privilege on all variables.
func (c *Client) RetrieveBatchSecrets(variableIDs []string) (map[string][]byte, error) {
resp, err := c.retrieveBatchSecrets(variableIDs)
if err != nil {
return nil, err
}
data, err := response.DataResponse(resp)
if err != nil {
return nil, err
}
jsonResponse := map[string]string{}
err = json.Unmarshal(data, &jsonResponse)
if err != nil {
return nil, err
}
resolvedVariables := map[string][]byte{}
for id, value := range jsonResponse {
resolvedVariables[id] = []byte(value)
}
return resolvedVariables, nil
}
// RetrieveSecret fetches a secret from a variable.
//
// The authenticated user must have execute privilege on the variable.
func (c *Client) RetrieveSecret(variableID string) ([]byte, error) {
resp, err := c.retrieveSecret(variableID)
if err != nil {
return nil, err
}
return response.DataResponse(resp)
}
// RetrieveSecretReader fetches a secret from a variable and returns it as a
// data stream.
//
// The authenticated user must have execute privilege on the variable.
func (c *Client) RetrieveSecretReader(variableID string) (io.ReadCloser, error) {
resp, err := c.retrieveSecret(variableID)
if err != nil {
return nil, err
}
return response.SecretDataResponse(resp)
}
func (c *Client) retrieveBatchSecrets(variableIDs []string) (*http.Response, error) {
req, err := c.router.RetrieveBatchSecretsRequest(variableIDs)
if err != nil {
return nil, err
}
return c.SubmitRequest(req)
}
func (c *Client) retrieveSecret(variableID string) (*http.Response, error) {
req, err := c.router.RetrieveSecretRequest(variableID)
if err != nil {
return nil, err
}
return c.SubmitRequest(req)
}
// AddSecret adds a secret value to a variable.
//
// The authenticated user must have update privilege on the variable.
func (c *Client) AddSecret(variableID string, secretValue string) error {
req, err := c.router.AddSecretRequest(variableID, secretValue)
if err != nil {
return err
}
resp, err := c.SubmitRequest(req)
if err != nil {
return err
}
return response.EmptyResponse(resp)
}