Skip to content

Commit

Permalink
Update to enable vault namespace support
Browse files Browse the repository at this point in the history
  • Loading branch information
@nicholasjackson
nicholasjackson committed Sep 3, 2023
1 parent c20d794 commit 7ab1247
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 6 deletions.
14 changes: 11 additions & 3 deletions src/main/java/com/hashicorp/hashicraft/block/entity/VaultDispenserEntity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,14 @@
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.http.HttpRequest.Builder;
import java.net.http.HttpResponse.BodyHandlers;
import java.util.Base64;

public class VaultDispenserEntity extends StatefulBlockEntity {
public static final String vaultAddress = System.getenv().getOrDefault("VAULT_ADDR", "http://localhost:8200");
public static final String vaultToken = System.getenv().getOrDefault("VAULT_TOKEN", "root");
public static final String vaultNamespace = System.getenv().getOrDefault("VAULT_NAMESPACE", "");

@Syncable
// userpass could contain a variable substitution like ${env.userpass}
Expand Down Expand Up @@ -69,11 +71,17 @@ public Login login(PlayerEntity player) {
""", password);

HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
Builder builder = HttpRequest.newBuilder()
.uri(URI.create(vaultAddress + "/v1/auth/" + resolveUserpass() + "/login/" + username))
.header("Accept", "application/json")
.header("X-Vault-Token", vaultToken)
.POST(HttpRequest.BodyPublishers.ofString(payload))
.header("X-Vault-Token", vaultToken);

// if a namespace is set, use it
if (vaultNamespace != "") {
builder = builder.header("X-Vault-Namespace", vaultNamespace);
}

HttpRequest request = builder.POST(HttpRequest.BodyPublishers.ofString(payload))
.build();

HttpResponse<String> response = client.send(request, BodyHandlers.ofString());
Expand Down
19 changes: 16 additions & 3 deletions src/main/java/com/hashicorp/hashicraft/block/entity/VaultLockEntity.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,14 @@
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.net.http.HttpRequest.Builder;
import java.net.http.HttpResponse.BodyHandlers;
import java.util.Base64;

public class VaultLockEntity extends StatefulBlockEntity {
public static final String vaultAddress = System.getenv().getOrDefault("VAULT_ADDR", "http://localhost:8200");
public static final String vaultToken = System.getenv().getOrDefault("VAULT_TOKEN", "root");
public static final String vaultNamespace = System.getenv().getOrDefault("VAULT_NAMESPACE", "");

@Syncable
// the path of the Vault secret
Expand Down Expand Up @@ -87,13 +89,24 @@ public VaultLockEntity(BlockPos pos, BlockState state, Block parent) {
public boolean checkAccess(String token, String policy) {
try {
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
Builder builder = HttpRequest.newBuilder()
.uri(URI.create(vaultAddress + "/v1/" + resolvePath()))
.header("Accept", "application/json")
.header("X-Vault-Token", token)
.GET()
.header("X-Vault-Token", token);

// if a namespace is set, use it
if (vaultNamespace != "") {
builder = builder.header("X-Vault-Namespace", vaultNamespace);
}

HttpRequest request = builder.GET()
.build();

// if a namespace is set, use it
if (vaultNamespace != "") {
builder = builder.header("X-Vault-Namespace", vaultNamespace);
}

HttpResponse<String> response = client.send(request, BodyHandlers.ofString());
if (response.statusCode() >= 400) {
Mod.LOGGER.warn(response.body());
Expand Down

0 comments on commit 7ab1247

Please sign in to comment.