/// <summary>
        /// Returns a Token object of the Token that is currently being used to access Vault with.  This routine also exists within the VaultAuthentication Backend.
        /// </summary>
        /// <remarks>This routine and the one in VaultAuthenticationBackend should be kept in sync.</remarks>
        /// <returns>Token object of the current token used to access Vault Instance with.</returns>
        public async Task <Token> GetMyTokenInfo()
        {
            string path = "/v1/auth/token/lookup-self";

            try {
                VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "GetMyTokenInfo");

                if (vdro.Success)
                {
                    return(await vdro.GetDotNetObject <Token>());
                }
                else
                {
                    throw new VaultUnexpectedCodePathException();
                }
            }

            // If Vault is telling us it is a bad token, then return null.
            catch (VaultForbiddenException e) {
                if (e.Message.Contains("bad token"))
                {
                    return(null);
                }
                else
                {
                    throw e;
                }
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Returns a Dictionary of objects and the permissions they contains, as well as an overall Capabilities object that summarizes the
        /// permissions that a Token has on the List of paths provided.
        /// <para>https://www.vaultproject.io/api/system/capabilities.html</para>
        /// </summary>
        /// <param name="tokenID">The Token to evaluate</param>
        /// <param name="paths">A list of paths to check the token against</param>
        /// <returns></returns>
        public async Task <Dictionary <string, List <string> > > GetTokenCapabilityOnPaths(string tokenID, List <string> paths)
        {
            string path = MountPointPath + "capabilities";

            // Add the token and paths parameters
            Dictionary <string, object> contentParams = new Dictionary <string, object>()
            {
                { "token", tokenID },
                { "paths", paths }
            };


            try {
                VaultDataResponseObjectB vdro = await ParentVault._httpConnector.PostAsync_B(path, "GetTokenCapabilityOnPaths", contentParams);

                if (vdro.Success)
                {
                    Dictionary <string, List <string> > capabilities = await vdro.GetDotNetObject <Dictionary <string, List <string> > >();

                    return(capabilities);
                }

                throw new ApplicationException("IdentitySecretEngine:ListEntitiesByName -> Arrived at unexpected code block.");
            }

            // 404 Errors mean there were no entities.  We just return an empty list.
            catch (VaultInvalidPathException) {
                return(null);
            }
        }
Exemplo n.º 3
0
        /// <summary>
        /// Reads the configuration for the given backend mount point.
        /// </summary>
        /// <param name="mountPath">The Name(path) of the backend to read the configuration for.</param>
        /// <returns><see cref="VaultSysMountConfig"/>VaultSysMountConfig object containing the configuration settings.</returns>
        public async Task <VaultSysMountConfig> SysMountReadConfig(string mountPath)
        {
            // Build Path
            string path = MountPointPath + pathMounts + mountPath + "/tune";

            VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "SysMountReadConfig", null);

            if (vdro.Success)
            {
                return(await vdro.GetDotNetObject <VaultSysMountConfig>());
            }

            return(null);
        }
Exemplo n.º 4
0
        /// <summary>
        /// Returns true if the authentication provider with the given name exists.  False otherwise.
        /// </summary>
        /// <param name="authName"></param>
        /// <returns></returns>
        public async Task <bool> AuthExists(string authName)
        {
            string path = MountPointPath + "auth";

            VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "AuthExists");

            if (vdro.Success)
            {
                Dictionary <string, AuthMethod> methods = await vdro.GetDotNetObject <Dictionary <string, AuthMethod> >();

                // Now see if path exists - Auth names from vault have a trailing slash.
                if (methods.ContainsKey(authName + "/"))
                {
                    return(true);
                }
            }
            return(false);
        }
Exemplo n.º 5
0
        /// <summary>
        /// Lists all authentication methods in the current Vault System.
        /// <returns>Dictionary\string,AuthMethod> containing all Authentication Methods</returns>
        /// </summary>
        public async Task <Dictionary <string, AuthMethod> > AuthListAll()
        {
            string path = MountPointPath + "auth";

            VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "AuthListAll");

            if (vdro.Success)
            {
                Dictionary <string, AuthMethod> methods = await vdro.GetDotNetObject <Dictionary <string, AuthMethod> >();

                // We need to place the dictionary key into each objects path value.
                foreach (KeyValuePair <string, AuthMethod> kv in methods)
                {
                    kv.Value.Path = kv.Key;
                }

                return(methods);
            }

            throw new ApplicationException("KeyValueSecretEngine:ListSecrets  Arrived at unexpected code block.");
        }
Exemplo n.º 6
0
        /// <summary>
        /// Returns a list of all ACL Policies in the Vault Instance
        /// </summary>
        /// <returns>List[string] of all ACL policies by name.</returns>
        public async Task <List <string> > SysPoliciesACLList()
        {
            // Build Path
            string path = MountPointPath + "policies/acl";

            // Setup List Parameters
            Dictionary <string, string> sendParams = new Dictionary <string, string>();

            sendParams.Add("list", "true");

            VaultDataResponseObjectB vdro = await ParentVault._httpConnector.GetAsync_B(path, "SysPoliciesACLList", sendParams);

            return(await vdro.GetDotNetObject <List <string> >("data.keys"));

            //TODO Cleanup

            /*
             *
             * string js = vdro.GetJSONPropertyValue (vdro.GetDataPackageAsJSON(), "keys");
             *
             * List<string> keys = VaultUtilityFX.ConvertJSON<List<string>> (js);
             * return keys;
             */
        }