diff options
Diffstat (limited to 'vendor/github.com/hashicorp/vault/api/logical.go')
-rw-r--r-- | vendor/github.com/hashicorp/vault/api/logical.go | 87 |
1 files changed, 72 insertions, 15 deletions
diff --git a/vendor/github.com/hashicorp/vault/api/logical.go b/vendor/github.com/hashicorp/vault/api/logical.go index 0d5e7d4..346a711 100644 --- a/vendor/github.com/hashicorp/vault/api/logical.go +++ b/vendor/github.com/hashicorp/vault/api/logical.go @@ -3,9 +3,10 @@ package api import ( "bytes" "fmt" - "net/http" + "io" "os" + "github.com/hashicorp/errwrap" "github.com/hashicorp/vault/helper/jsonutil" ) @@ -50,6 +51,17 @@ func (c *Logical) Read(path string) (*Secret, error) { defer resp.Body.Close() } if resp != nil && resp.StatusCode == 404 { + secret, parseErr := ParseSecret(resp.Body) + switch parseErr { + case nil: + case io.EOF: + return nil, nil + default: + return nil, err + } + if secret != nil && (len(secret.Warnings) > 0 || len(secret.Data) > 0) { + return secret, nil + } return nil, nil } if err != nil { @@ -70,6 +82,17 @@ func (c *Logical) List(path string) (*Secret, error) { defer resp.Body.Close() } if resp != nil && resp.StatusCode == 404 { + secret, parseErr := ParseSecret(resp.Body) + switch parseErr { + case nil: + case io.EOF: + return nil, nil + default: + return nil, err + } + if secret != nil && (len(secret.Warnings) > 0 || len(secret.Data) > 0) { + return secret, nil + } return nil, nil } if err != nil { @@ -89,6 +112,19 @@ func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, erro if resp != nil { defer resp.Body.Close() } + if resp != nil && resp.StatusCode == 404 { + secret, parseErr := ParseSecret(resp.Body) + switch parseErr { + case nil: + case io.EOF: + return nil, nil + default: + return nil, err + } + if secret != nil && (len(secret.Warnings) > 0 || len(secret.Data) > 0) { + return secret, err + } + } if err != nil { return nil, err } @@ -106,6 +142,19 @@ func (c *Logical) Delete(path string) (*Secret, error) { if resp != nil { defer resp.Body.Close() } + if resp != nil && resp.StatusCode == 404 { + secret, parseErr := ParseSecret(resp.Body) + switch parseErr { + case nil: + case io.EOF: + return nil, nil + default: + return nil, err + } + if secret != nil && (len(secret.Warnings) > 0 || len(secret.Data) > 0) { + return secret, err + } + } if err != nil { return nil, err } @@ -138,35 +187,43 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { if resp != nil { defer resp.Body.Close() } - if err != nil { - if resp != nil && resp.StatusCode != 404 { + if resp == nil || resp.StatusCode != 404 { + if err != nil { return nil, err } - } - if resp == nil { - return nil, nil + if resp == nil { + return nil, nil + } + return ParseSecret(resp.Body) } - switch resp.StatusCode { - case http.StatusOK: // New method is supported - return ParseSecret(resp.Body) - case http.StatusNotFound: // Fall back to old method - default: + // In the 404 case this may actually be a wrapped 404 error + secret, parseErr := ParseSecret(resp.Body) + switch parseErr { + case nil: + case io.EOF: return nil, nil + default: + return nil, err + } + if secret != nil && (len(secret.Warnings) > 0 || len(secret.Data) > 0) { + return secret, nil } + // Otherwise this might be an old-style wrapping token so attempt the old + // method if wrappingToken != "" { origToken := c.c.Token() defer c.c.SetToken(origToken) c.c.SetToken(wrappingToken) } - secret, err := c.Read(wrappedResponseLocation) + secret, err = c.Read(wrappedResponseLocation) if err != nil { - return nil, fmt.Errorf("error reading %s: %s", wrappedResponseLocation, err) + return nil, errwrap.Wrapf(fmt.Sprintf("error reading %q: {{err}}", wrappedResponseLocation), err) } if secret == nil { - return nil, fmt.Errorf("no value found at %s", wrappedResponseLocation) + return nil, fmt.Errorf("no value found at %q", wrappedResponseLocation) } if secret.Data == nil { return nil, fmt.Errorf("\"data\" not found in wrapping response") @@ -178,7 +235,7 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { wrappedSecret := new(Secret) buf := bytes.NewBufferString(secret.Data["response"].(string)) if err := jsonutil.DecodeJSONFromReader(buf, wrappedSecret); err != nil { - return nil, fmt.Errorf("error unmarshaling wrapped secret: %s", err) + return nil, errwrap.Wrapf("error unmarshalling wrapped secret: {{err}}", err) } return wrappedSecret, nil |