/// <summary>
/// Returns a Token object of the Token that is currently being used to access Vault with. This routine also exists within the VaultAuthentication Backend.
/// </summary>
/// <remarks>This routine and the one in VaultAuthenticationBackend should be kept in sync.</remarks>
/// <returns>Token object of the current token used to access Vault Instance with.</returns>
public async Task <Token> GetMyTokenInfo()
{
string path = "/v1/auth/token/lookup-self";
try {
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "GetMyTokenInfo");
if (vdro.Success)
{
return(await vdro.GetDotNetObject <Token>());
}
else
{
throw new VaultUnexpectedCodePathException();
}
}
// If Vault is telling us it is a bad token, then return null.
catch (VaultForbiddenException e) {
if (e.Message.Contains("bad token"))
{
return(null);
}
else
{
throw e;
}
}
}
/// <summary>
/// Returns a Dictionary of objects and the permissions they contains, as well as an overall Capabilities object that summarizes the
/// permissions that a Token has on the List of paths provided.
/// <para>https://www.vaultproject.io/api/system/capabilities.html</para>
/// </summary>
/// <param name="tokenID">The Token to evaluate</param>
/// <param name="paths">A list of paths to check the token against</param>
/// <returns></returns>
public async Task <Dictionary <string, List <string> > > GetTokenCapabilityOnPaths(string tokenID, List <string> paths)
{
string path = MountPointPath + "capabilities";
// Add the token and paths parameters
Dictionary <string, object> contentParams = new Dictionary <string, object>()
{
{ "token", tokenID },
{ "paths", paths }
};
try {
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.PostAsync_B(path, "GetTokenCapabilityOnPaths", contentParams);
if (vdro.Success)
{
Dictionary <string, List <string> > capabilities = await vdro.GetDotNetObject <Dictionary <string, List <string> > >();
return(capabilities);
}
throw new ApplicationException("IdentitySecretEngine:ListEntitiesByName -> Arrived at unexpected code block.");
}
// 404 Errors mean there were no entities. We just return an empty list.
catch (VaultInvalidPathException) {
return(null);
}
}
/// <summary>
/// Reads the configuration for the given backend mount point.
/// </summary>
/// <param name="mountPath">The Name(path) of the backend to read the configuration for.</param>
/// <returns><see cref="VaultSysMountConfig"/>VaultSysMountConfig object containing the configuration settings.</returns>
public async Task <VaultSysMountConfig> SysMountReadConfig(string mountPath)
{
// Build Path
string path = MountPointPath + pathMounts + mountPath + "/tune";
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "SysMountReadConfig", null);
if (vdro.Success)
{
return(await vdro.GetDotNetObject <VaultSysMountConfig>());
}
return(null);
}
/// <summary>
/// Returns true if the authentication provider with the given name exists. False otherwise.
/// </summary>
/// <param name="authName"></param>
/// <returns></returns>
public async Task <bool> AuthExists(string authName)
{
string path = MountPointPath + "auth";
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "AuthExists");
if (vdro.Success)
{
Dictionary <string, AuthMethod> methods = await vdro.GetDotNetObject <Dictionary <string, AuthMethod> >();
// Now see if path exists - Auth names from vault have a trailing slash.
if (methods.ContainsKey(authName + "/"))
{
return(true);
}
}
return(false);
}
/// <summary>
/// Lists all authentication methods in the current Vault System.
/// <returns>Dictionary\string,AuthMethod> containing all Authentication Methods</returns>
/// </summary>
public async Task <Dictionary <string, AuthMethod> > AuthListAll()
{
string path = MountPointPath + "auth";
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "AuthListAll");
if (vdro.Success)
{
Dictionary <string, AuthMethod> methods = await vdro.GetDotNetObject <Dictionary <string, AuthMethod> >();
// We need to place the dictionary key into each objects path value.
foreach (KeyValuePair <string, AuthMethod> kv in methods)
{
kv.Value.Path = kv.Key;
}
return(methods);
}
throw new ApplicationException("KeyValueSecretEngine:ListSecrets Arrived at unexpected code block.");
}
/// <summary>
/// Returns a list of all ACL Policies in the Vault Instance
/// </summary>
/// <returns>List[string] of all ACL policies by name.</returns>
public async Task <List <string> > SysPoliciesACLList()
{
// Build Path
string path = MountPointPath + "policies/acl";
// Setup List Parameters
Dictionary <string, string> sendParams = new Dictionary <string, string>();
sendParams.Add("list", "true");
VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "SysPoliciesACLList", sendParams);
return(await vdro.GetDotNetObject <List <string> >("data.keys"));
//TODO Cleanup
/*
*
* string js = vdro.GetJSONPropertyValue (vdro.GetDataPackageAsJSON(), "keys");
*
* List<string> keys = VaultUtilityFX.ConvertJSON<List<string>> (js);
* return keys;
*/
}
