From: Kiran <kiran.k.kamineni@intel.com>
Date: Thu, 22 Feb 2018 22:53:58 +0000 (-0800)
Subject: Get Secret implementation
X-Git-Tag: 2.0.0-ONAP~81
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=3909b2b804fcb7fdb2b8e5087f51a5d33aa2342f;p=aaf%2Fsms.git

Get Secret implementation

Completing getsecret backend implementation and handler call
Also adding in checktoken call before secret is read from vault

Issue-ID: AAF-137
Change-Id: Ia987af51c039290d1a06b7e2b4a8aa6a63e469c6
Signed-off-by: Kiran <kiran.k.kamineni@intel.com>
---

diff --git a/sms-service/src/sms/backend/vault.go b/sms-service/src/sms/backend/vault.go
index 2a0b3cd..1359adb 100644
--- a/sms-service/src/sms/backend/vault.go
+++ b/sms-service/src/sms/backend/vault.go
@@ -95,9 +95,25 @@ func (v *Vault) GetSecretDomain(name string) (SecretDomain, error) {
 // GetSecret returns a secret mounted on a particular domain name
 // The secret itself is referenced via its name which translates to
 // a mount path in vault
-func (v *Vault) GetSecret(dom string, sec string) (Secret, error) {
+func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
+	err := v.checkToken()
+	if err != nil {
+		return Secret{}, errors.New("Token check returned error: " + err.Error())
+	}
+
+	dom = v.vaultMount + "/" + dom
+
+	sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
+	if err != nil {
+		return Secret{}, errors.New("unable to read Secret at provided path")
+	}
+
+	// sec and err are nil in the case where a path does not exist
+	if sec == nil {
+		return Secret{}, errors.New("Secret not found at the provided path")
+	}
 
-	return Secret{}, nil
+	return Secret{Name: name, Values: sec.Data}, nil
 }
 
 // CreateSecretDomain mounts the kv backend on a path with the given name
diff --git a/sms-service/src/sms/handler/handler.go b/sms-service/src/sms/handler/handler.go
index ed68c81..3798023 100644
--- a/sms-service/src/sms/handler/handler.go
+++ b/sms-service/src/sms/handler/handler.go
@@ -102,8 +102,17 @@ func (h handler) getSecretHandler(w http.ResponseWriter, r *http.Request) {
 	domName := vars["domName"]
 	secName := vars["secretName"]
 
-	h.secretBackend.GetSecret(domName, secName)
-	//encode and return response
+	sec, err := h.secretBackend.GetSecret(domName, secName)
+	if err != nil {
+		http.Error(w, err.Error(), 500)
+		return
+	}
+
+	err = json.NewEncoder(w).Encode(sec)
+	if err != nil {
+		http.Error(w, err.Error(), 400)
+		return
+	}
 }
 
 // deleteSecretHandler handles deleting a secret by given domain name and secret name