diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2018-06-20 22:39:07 +0100 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2018-06-20 22:39:07 +0100 |
commit | de6d2c524430287c699aaa898c1325da6afea539 (patch) | |
tree | f78eb841208d667668a7bc92a9290d693cc7103b /vendor/github.com/hashicorp/vault/api/request.go | |
parent | eb99016e1629e690e55633de6fc63a14c53e7ea2 (diff) |
Update dependencies
Diffstat (limited to 'vendor/github.com/hashicorp/vault/api/request.go')
-rw-r--r-- | vendor/github.com/hashicorp/vault/api/request.go | 102 |
1 files changed, 83 insertions, 19 deletions
diff --git a/vendor/github.com/hashicorp/vault/api/request.go b/vendor/github.com/hashicorp/vault/api/request.go index 83a28bd..5bcff8c 100644 --- a/vendor/github.com/hashicorp/vault/api/request.go +++ b/vendor/github.com/hashicorp/vault/api/request.go @@ -4,54 +4,108 @@ import ( "bytes" "encoding/json" "io" + "io/ioutil" "net/http" "net/url" + + retryablehttp "github.com/hashicorp/go-retryablehttp" ) // Request is a raw request configuration structure used to initiate // API requests to the Vault server. type Request struct { - Method string - URL *url.URL - Params url.Values - Headers http.Header - ClientToken string - WrapTTL string - Obj interface{} - Body io.Reader - BodySize int64 + Method string + URL *url.URL + Params url.Values + Headers http.Header + ClientToken string + MFAHeaderVals []string + WrapTTL string + Obj interface{} + + // When possible, use BodyBytes as it is more efficient due to how the + // retry logic works + BodyBytes []byte + + // Fallback + Body io.Reader + BodySize int64 + + // Whether to request overriding soft-mandatory Sentinel policies (RGPs and + // EGPs). If set, the override flag will take effect for all policies + // evaluated during the request. + PolicyOverride bool } // SetJSONBody is used to set a request body that is a JSON-encoded value. func (r *Request) SetJSONBody(val interface{}) error { - buf := bytes.NewBuffer(nil) - enc := json.NewEncoder(buf) - if err := enc.Encode(val); err != nil { + buf, err := json.Marshal(val) + if err != nil { return err } r.Obj = val - r.Body = buf - r.BodySize = int64(buf.Len()) + r.BodyBytes = buf return nil } // ResetJSONBody is used to reset the body for a redirect func (r *Request) ResetJSONBody() error { - if r.Body == nil { + if r.BodyBytes == nil { return nil } return r.SetJSONBody(r.Obj) } -// ToHTTP turns this request into a valid *http.Request for use with the -// net/http package. +// DEPRECATED: ToHTTP turns this request into a valid *http.Request for use +// with the net/http package. func (r *Request) ToHTTP() (*http.Request, error) { + req, err := r.toRetryableHTTP() + if err != nil { + return nil, err + } + + switch { + case r.BodyBytes == nil && r.Body == nil: + // No body + + case r.BodyBytes != nil: + req.Request.Body = ioutil.NopCloser(bytes.NewReader(r.BodyBytes)) + + default: + if c, ok := r.Body.(io.ReadCloser); ok { + req.Request.Body = c + } else { + req.Request.Body = ioutil.NopCloser(r.Body) + } + } + + return req.Request, nil +} + +func (r *Request) toRetryableHTTP() (*retryablehttp.Request, error) { // Encode the query parameters r.URL.RawQuery = r.Params.Encode() - // Create the HTTP request - req, err := http.NewRequest(r.Method, r.URL.RequestURI(), r.Body) + // Create the HTTP request, defaulting to retryable + var req *retryablehttp.Request + + var err error + var body interface{} + + switch { + case r.BodyBytes == nil && r.Body == nil: + // No body + + case r.BodyBytes != nil: + // Use bytes, it's more efficient + body = r.BodyBytes + + default: + body = r.Body + } + + req, err = retryablehttp.NewRequest(r.Method, r.URL.RequestURI(), body) if err != nil { return nil, err } @@ -77,5 +131,15 @@ func (r *Request) ToHTTP() (*http.Request, error) { req.Header.Set("X-Vault-Wrap-TTL", r.WrapTTL) } + if len(r.MFAHeaderVals) != 0 { + for _, mfaHeaderVal := range r.MFAHeaderVals { + req.Header.Add("X-Vault-MFA", mfaHeaderVal) + } + } + + if r.PolicyOverride { + req.Header.Set("X-Vault-Policy-Override", "true") + } + return req, nil } |