Module: VaultPlugin::API::Backend

Includes:

VaultPlugin::Authentication, Helpers

Defined in:

lib/smart_proxy_vault/api.rb

Defined Under Namespace

Classes: Client

Instance Method Summary

• #creation_ttl ⇒ Object
• #issue(ttl, role) ⇒ Object
• #metadata ⇒ Object
• #options(ttl) ⇒ Object
• #renew ⇒ Object
• #start_renewal ⇒ Object
• #vault ⇒ Object

Methods included from Helpers

#add_token_metadata?, #settings_ttl, #to_seconds, #token_options, #valid_ttl?, #vault_settings

Methods included from VaultPlugin::Authentication

#auth_backend, #auth_module, #authorized?, #create_setting_accessors, #vault_client

Instance Method Details

#creation_ttl ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 65

def creation_ttl
  vault.lookup_self[:data][:creation_ttl]
end

#issue(ttl, role) ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 56

def issue(ttl, role)
  begin
    opts = options ttl
    role.nil? ? vault.issue_token(opts) : vault.issue_role_token(role, opts)
  rescue StandardError => e
    log_halt 500, 'Failed to generate Vault token ' + e.message
  end
end

#metadata ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 41

def metadata
  return {} unless add_token_metadata?
  { display_name: vault_client,
    meta: { client: vault_client, smartproxy_generated: true } }
end

#options(ttl) ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 47

def options(ttl)
  options = metadata.merge token_options
  options.merge(ttl: ttl) unless ttl.nil?
end

#renew ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 69

def renew
  begin
    vault.renew_self
  rescue StandardError => e
    puts 'Failed to renew Vault token ' + e.message
  end
end

#start_renewal ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 77

def start_renewal
  Thread.new do
    while true do
      renew
      sleep to_seconds(creation_ttl/3)
    end
  end
end

#vault ⇒ Object

# File 'lib/smart_proxy_vault/api.rb', line 52

def vault
  Client.new
end