mirror of
https://github.com/hashicorp/vault.git
synced 2025-09-19 12:51:08 +02:00
66a27fd4bd
* allow restoring ssh config/ca * add some unit tests * address PR review * imports and test upgrades * linter complaints * add PR comment and linter fixes * address review Co-authored-by: Bruno Oliveira de Souza <bruno.souza@hashicorp.com>
51 lines
1.4 KiB
Go
51 lines
1.4 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package ssh
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/hashicorp/vault/sdk/framework"
|
|
"github.com/hashicorp/vault/sdk/logical"
|
|
)
|
|
|
|
func pathFetchPublicKey(b *backend) *framework.Path {
|
|
return &framework.Path{
|
|
Pattern: `public_key`,
|
|
|
|
DisplayAttrs: &framework.DisplayAttributes{
|
|
OperationPrefix: operationPrefixSSH,
|
|
OperationSuffix: "public-key",
|
|
},
|
|
|
|
Callbacks: map[logical.Operation]framework.OperationFunc{
|
|
logical.ReadOperation: b.pathFetchPublicKey,
|
|
},
|
|
|
|
HelpSynopsis: `Retrieve the public key.`,
|
|
HelpDescription: `This allows the public key of the SSH CA certificate that this backend has been configured with to be fetched. This is a raw response endpoint without JSON encoding; use -format=raw or an external tool (e.g., curl) to fetch this value.`,
|
|
}
|
|
}
|
|
|
|
func (b *backend) pathFetchPublicKey(ctx context.Context, req *logical.Request, data *framework.FieldData) (*logical.Response, error) {
|
|
const allowMigration = true // only paths that support snapshot reads are
|
|
publicKey, err := getCAPublicKey(ctx, req.Storage, allowMigration)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if publicKey == "" {
|
|
return nil, nil
|
|
}
|
|
|
|
response := &logical.Response{
|
|
Data: map[string]interface{}{
|
|
logical.HTTPContentType: "text/plain",
|
|
logical.HTTPRawBody: []byte(publicKey),
|
|
logical.HTTPStatusCode: 200,
|
|
},
|
|
}
|
|
|
|
return response, nil
|
|
}
|