-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #24 from Infisical/ssh-cert
Add SSH issue and sign operations to SDK
- Loading branch information
Showing
7 changed files
with
208 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package api | ||
|
||
import ( | ||
"github.com/go-resty/resty/v2" | ||
"github.com/infisical/go-sdk/packages/errors" | ||
) | ||
|
||
const callIssueSshCredsOperation = "CallIssueSshCredsV1" | ||
|
||
func CallIssueSshCredsV1(httpClient *resty.Client, request IssueSshCredsV1Request) (IssueSshCredsV1Response, error) { | ||
issueSshCredsResponse := IssueSshCredsV1Response{} | ||
|
||
res, err := httpClient.R(). | ||
SetResult(&issueSshCredsResponse). | ||
SetBody(request). | ||
Post("/v1/ssh/issue") | ||
|
||
if err != nil { | ||
return IssueSshCredsV1Response{}, errors.NewRequestError(callIssueSshCredsOperation, err) | ||
} | ||
|
||
if res.IsError() { | ||
return IssueSshCredsV1Response{}, errors.NewAPIErrorWithResponse(callIssueSshCredsOperation, res) | ||
} | ||
|
||
return issueSshCredsResponse, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
package api | ||
|
||
import ( | ||
"github.com/infisical/go-sdk/packages/util" | ||
) | ||
|
||
type SignSshPublicKeyV1Request struct { | ||
ProjectID string `json:"projectId"` | ||
TemplateName string `json:"templateName"` | ||
PublicKey string `json:"publicKey"` | ||
KeyAlgorithm util.CertKeyAlgorithm `json:"keyAlgorithm,omitempty"` | ||
CertType util.SshCertType `json:"certType,omitempty"` | ||
Principals []string `json:"principals"` | ||
TTL string `json:"ttl,omitempty"` | ||
KeyID string `json:"keyId,omitempty"` | ||
} | ||
|
||
type SignSshPublicKeyV1Response struct { | ||
SerialNumber string `json:"serialNumber"` | ||
SignedKey string `json:"signedKey"` | ||
} | ||
|
||
type IssueSshCredsV1Request struct { | ||
ProjectID string `json:"projectId"` | ||
TemplateName string `json:"templateName"` | ||
KeyAlgorithm util.CertKeyAlgorithm `json:"keyAlgorithm,omitempty"` | ||
CertType util.SshCertType `json:"certType,omitempty"` | ||
Principals []string `json:"principals"` | ||
TTL string `json:"ttl,omitempty"` | ||
KeyID string `json:"keyId,omitempty"` | ||
} | ||
|
||
type IssueSshCredsV1Response struct { | ||
SerialNumber string `json:"serialNumber"` | ||
SignedKey string `json:"signedKey"` | ||
PrivateKey string `json:"privateKey"` | ||
PublicKey string `json:"publicKey"` | ||
KeyAlgorithm util.CertKeyAlgorithm `json:"keyAlgorithm"` | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package api | ||
|
||
import ( | ||
"github.com/go-resty/resty/v2" | ||
"github.com/infisical/go-sdk/packages/errors" | ||
) | ||
|
||
const callSignSshPublicKeyOperation = "CallSignSshPublicKeyV1" | ||
|
||
func CallSignSshPublicKeyV1(httpClient *resty.Client, request SignSshPublicKeyV1Request) (SignSshPublicKeyV1Response, error) { | ||
signSshPublicKeyResponse := SignSshPublicKeyV1Response{} | ||
|
||
res, err := httpClient.R(). | ||
SetResult(&signSshPublicKeyResponse). | ||
SetBody(request). | ||
Post("/v1/ssh/sign") | ||
|
||
if err != nil { | ||
return SignSshPublicKeyV1Response{}, errors.NewRequestError(callSignSshPublicKeyOperation, err) | ||
} | ||
|
||
if res.IsError() { | ||
return SignSshPublicKeyV1Response{}, errors.NewAPIErrorWithResponse(callSignSshPublicKeyOperation, res) | ||
} | ||
|
||
return signSshPublicKeyResponse, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
package infisical | ||
|
||
import ( | ||
api "github.com/infisical/go-sdk/packages/api/ssh" | ||
) | ||
|
||
type SignSshPublicKeyOptions = api.SignSshPublicKeyV1Request | ||
type IssueSshCredsOptions = api.IssueSshCredsV1Request | ||
|
||
type SshInterface interface { | ||
SignKey(options SignSshPublicKeyOptions) (api.SignSshPublicKeyV1Response, error) | ||
IssueCredentials(options IssueSshCredsOptions) (api.IssueSshCredsV1Response, error) | ||
} | ||
|
||
type Ssh struct { | ||
client *InfisicalClient | ||
} | ||
|
||
func (f *Ssh) SignKey(options SignSshPublicKeyOptions) (api.SignSshPublicKeyV1Response, error) { | ||
res, err := api.CallSignSshPublicKeyV1(f.client.httpClient, options) | ||
|
||
if err != nil { | ||
return api.SignSshPublicKeyV1Response{}, err | ||
} | ||
|
||
return res, nil | ||
} | ||
|
||
func (f *Ssh) IssueCredentials(options IssueSshCredsOptions) (api.IssueSshCredsV1Response, error) { | ||
res, err := api.CallIssueSshCredsV1(f.client.httpClient, options) | ||
|
||
if err != nil { | ||
return api.IssueSshCredsV1Response{}, err | ||
} | ||
|
||
return res, nil | ||
} | ||
|
||
func NewSsh(client *InfisicalClient) SshInterface { | ||
return &Ssh{client: client} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
package test | ||
|
||
// import ( | ||
// "context" | ||
// "fmt" | ||
// "os" | ||
// "testing" | ||
|
||
// infisical "github.com/infisical/go-sdk" | ||
// ) | ||
|
||
// func TestSshIssueCreds(t *testing.T) { | ||
// client := infisical.NewInfisicalClient(context.Background(), infisical.Config{ | ||
// SiteUrl: "http://localhost:8080", | ||
// AutoTokenRefresh: true, | ||
// }) | ||
|
||
// // Authenticate using Universal Auth | ||
// _, err := client.Auth().UniversalAuthLogin(os.Getenv("GO_SDK_TEST_UNIVERSAL_AUTH_CLIENT_ID"), os.Getenv("GO_SDK_TEST_UNIVERSAL_AUTH_CLIENT_SECRET")) | ||
// if err != nil { | ||
// fmt.Printf("Authentication failed: %v\n", err) | ||
// os.Exit(1) | ||
// } | ||
|
||
// // Test issuing SSH credentials | ||
// creds, err := client.Ssh().IssueCredentials(infisical.IssueSshCredsOptions{ | ||
// ProjectID: os.Getenv("GO_SDK_TEST_PROJECT_ID"), | ||
// TemplateName: "template-name", | ||
// Principals: []string{"ec2-user"}, | ||
// }) | ||
|
||
// if err != nil { | ||
// t.Fatalf("Failed to issue SSH credentials: %v", err) | ||
// } | ||
|
||
// // Test signing SSH public key | ||
// creds2, err := client.Ssh().SignKey(infisical.SignSshPublicKeyOptions{ | ||
// ProjectID: os.Getenv("GO_SDK_TEST_PROJECT_ID"), | ||
// TemplateName: "template-name", | ||
// Principals: []string{"ec2-user"}, | ||
// PublicKey: "ssh-rsa ...", | ||
// }) | ||
|
||
// if err != nil { | ||
// t.Fatalf("Failed to sign SSH public key: %v", err) | ||
// } | ||
|
||
// fmt.Print("Newly-issued SSH credentials: ", creds) | ||
// fmt.Print("Signed SSH credential: ", creds2) | ||
// } |