func TestSysRenew(t *testing.T) { core, _, token := vault.TestCoreUnsealed(t) ln, addr := TestServer(t, core) defer ln.Close() TestServerAuth(t, addr, token) // write secret resp := testHttpPut(t, token, addr+"/v1/secret/foo", map[string]interface{}{ "data": "bar", "lease": "1h", }) testResponseStatus(t, resp, 204) // read secret resp = testHttpGet(t, token, addr+"/v1/secret/foo") var result struct { LeaseId string `json:"lease_id"` } if err := jsonutil.DecodeJSONFromReader(resp.Body, &result); err != nil { t.Fatalf("bad: %s", err) } resp = testHttpPut(t, token, addr+"/v1/sys/renew/"+result.LeaseId, nil) testResponseStatus(t, resp, 200) }
func parseRequest(r *http.Request, out interface{}) error { err := jsonutil.DecodeJSONFromReader(r.Body, out) if err != nil && err != io.EOF { return fmt.Errorf("Failed to parse JSON input: %s", err) } return err }
func testResponseBody(t *testing.T, resp *http.Response, out interface{}) { defer resp.Body.Close() if err := jsonutil.DecodeJSONFromReader(resp.Body, out); err != nil { t.Fatalf("err: %s", err) } }
func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { origToken := c.c.Token() defer c.c.SetToken(origToken) c.c.SetToken(wrappingToken) secret, err := c.Read(wrappedResponseLocation) if err != nil { return nil, fmt.Errorf("error reading %s: %s", wrappedResponseLocation, err) } if secret == nil { return nil, fmt.Errorf("no value found at %s", wrappedResponseLocation) } if secret.Data == nil { return nil, fmt.Errorf("\"data\" not found in wrapping response") } if _, ok := secret.Data["response"]; !ok { return nil, fmt.Errorf("\"response\" not found in wrapping response \"data\" map") } wrappedSecret := new(Secret) buf := bytes.NewBufferString(secret.Data["response"].(string)) if err := jsonutil.DecodeJSONFromReader(buf, wrappedSecret); err != nil { return nil, fmt.Errorf("error unmarshaling wrapped secret: %s", err) } return wrappedSecret, nil }
func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { var data map[string]interface{} if wrappingToken != "" && wrappingToken != c.c.Token() { data = map[string]interface{}{ "token": wrappingToken, } } r := c.c.NewRequest("PUT", "/v1/sys/wrapping/unwrap") if err := r.SetJSONBody(data); err != nil { return nil, err } resp, err := c.c.RawRequest(r) if resp != nil { defer resp.Body.Close() } if err != nil && resp.StatusCode != 404 { return nil, err } switch resp.StatusCode { case http.StatusOK: // New method is supported return ParseSecret(resp.Body) case http.StatusNotFound: // Fall back to old method default: return nil, nil } if wrappingToken != "" { origToken := c.c.Token() defer c.c.SetToken(origToken) c.c.SetToken(wrappingToken) } secret, err := c.Read(wrappedResponseLocation) if err != nil { return nil, fmt.Errorf("error reading %s: %s", wrappedResponseLocation, err) } if secret == nil { return nil, fmt.Errorf("no value found at %s", wrappedResponseLocation) } if secret.Data == nil { return nil, fmt.Errorf("\"data\" not found in wrapping response") } if _, ok := secret.Data["response"]; !ok { return nil, fmt.Errorf("\"response\" not found in wrapping response \"data\" map") } wrappedSecret := new(Secret) buf := bytes.NewBufferString(secret.Data["response"].(string)) if err := jsonutil.DecodeJSONFromReader(buf, wrappedSecret); err != nil { return nil, fmt.Errorf("error unmarshaling wrapped secret: %s", err) } return wrappedSecret, nil }
func parseRequest(r *http.Request, w http.ResponseWriter, out interface{}) error { // Limit the maximum number of bytes to MaxRequestSize to protect // against an indefinite amount of data being read. limit := http.MaxBytesReader(w, r.Body, MaxRequestSize) err := jsonutil.DecodeJSONFromReader(limit, out) if err != nil && err != io.EOF { return errwrap.Wrapf("failed to parse JSON input: {{err}}", err) } return err }
func parseRequest(r *http.Request, out interface{}) error { // Limit the maximum number of bytes to MaxRequestSize to protect // against an indefinite amount of data being read. limit := &io.LimitedReader{R: r.Body, N: MaxRequestSize} err := jsonutil.DecodeJSONFromReader(limit, out) if err != nil && err != io.EOF { return fmt.Errorf("Failed to parse JSON input: %s", err) } return err }
func (b *FileBackend) Get(k string) (*Entry, error) { b.l.Lock() defer b.l.Unlock() path, key := b.path(k) path = filepath.Join(path, key) f, err := os.Open(path) if err != nil { if os.IsNotExist(err) { return nil, nil } return nil, err } defer f.Close() var entry Entry if err := jsonutil.DecodeJSONFromReader(f, &entry); err != nil { return nil, err } return &entry, nil }
// DecodeJSON will decode the response body to a JSON structure. This // will consume the response body, but will not close it. Close must // still be called. func (r *Response) DecodeJSON(out interface{}) error { return jsonutil.DecodeJSONFromReader(r.Body, out) }
// FetchKeybasePubkeys fetches public keys from Keybase given a set of // usernames, which are derived from correctly formatted input entries. It // doesn't use their client code due to both the API and the fact that it is // considered alpha and probably best not to rely on it. The keys are returned // as base64-encoded strings. func FetchKeybasePubkeys(input []string) (map[string]string, error) { client := cleanhttp.DefaultClient() if client == nil { return nil, fmt.Errorf("unable to create an http client") } if len(input) == 0 { return nil, nil } usernames := make([]string, 0, len(input)) for _, v := range input { if strings.HasPrefix(v, kbPrefix) { usernames = append(usernames, strings.TrimPrefix(v, kbPrefix)) } } if len(usernames) == 0 { return nil, nil } ret := make(map[string]string, len(usernames)) url := fmt.Sprintf("https://keybase.io/_/api/1.0/user/lookup.json?usernames=%s&fields=public_keys", strings.Join(usernames, ",")) resp, err := client.Get(url) if err != nil { return nil, err } defer resp.Body.Close() type publicKeys struct { Primary struct { Bundle string } } type them struct { publicKeys `json:"public_keys"` } type kbResp struct { Status struct { Name string } Them []them } out := &kbResp{ Them: []them{}, } if err := jsonutil.DecodeJSONFromReader(resp.Body, out); err != nil { return nil, err } if out.Status.Name != "OK" { return nil, fmt.Errorf("got non-OK response: %s", out.Status.Name) } missingNames := make([]string, 0, len(usernames)) var keyReader *bytes.Reader serializedEntity := bytes.NewBuffer(nil) for i, themVal := range out.Them { if themVal.Primary.Bundle == "" { missingNames = append(missingNames, usernames[i]) continue } keyReader = bytes.NewReader([]byte(themVal.Primary.Bundle)) entityList, err := openpgp.ReadArmoredKeyRing(keyReader) if err != nil { return nil, err } if len(entityList) != 1 { return nil, fmt.Errorf("primary key could not be parsed for user %s", usernames[i]) } if entityList[0] == nil { return nil, fmt.Errorf("primary key was nil for user %s", usernames[i]) } serializedEntity.Reset() err = entityList[0].Serialize(serializedEntity) if err != nil { return nil, fmt.Errorf("error serializing entity for user %s: %s", usernames[i], err) } // The API returns values in the same ordering requested, so this should properly match ret[kbPrefix+usernames[i]] = base64.StdEncoding.EncodeToString(serializedEntity.Bytes()) } if len(missingNames) > 0 { return nil, fmt.Errorf("unable to fetch keys for user(s) %s from keybase", strings.Join(missingNames, ",")) } return ret, nil }
func (b *Builder) addReader(r io.Reader) error { return jsonutil.DecodeJSONFromReader(r, &b.result) }