// GetSecret returns a secret mounted on a particular domain name
// The secret itself is referenced via its name which translates to
// a mount path in vault
-func (v *Vault) GetSecret(dom string, sec string) (Secret, error) {
+func (v *Vault) GetSecret(dom string, name string) (Secret, error) {
+ err := v.checkToken()
+ if err != nil {
+ return Secret{}, errors.New("Token check returned error: " + err.Error())
+ }
+
+ dom = v.vaultMount + "/" + dom
+
+ sec, err := v.vaultClient.Logical().Read(dom + "/" + name)
+ if err != nil {
+ return Secret{}, errors.New("unable to read Secret at provided path")
+ }
+
+ // sec and err are nil in the case where a path does not exist
+ if sec == nil {
+ return Secret{}, errors.New("Secret not found at the provided path")
+ }
- return Secret{}, nil
+ return Secret{Name: name, Values: sec.Data}, nil
}
// CreateSecretDomain mounts the kv backend on a path with the given name
domName := vars["domName"]
secName := vars["secretName"]
- h.secretBackend.GetSecret(domName, secName)
- //encode and return response
+ sec, err := h.secretBackend.GetSecret(domName, secName)
+ if err != nil {
+ http.Error(w, err.Error(), 500)
+ return
+ }
+
+ err = json.NewEncoder(w).Encode(sec)
+ if err != nil {
+ http.Error(w, err.Error(), 400)
+ return
+ }
}
// deleteSecretHandler handles deleting a secret by given domain name and secret name
Code Review / aaf / sms.git / commitdiff