mod auth;
pub use auth::*;
use std::collections::BTreeMap;
use serde_derive::{Deserialize, Serialize};
use serde_json::Value;
#[derive(Clone, Debug, Default, Deserialize)]
pub struct VaultAuthReadResponse {
pub uuid: String,
#[serde(rename="type")]
pub type_: String,
pub accessor: String,
pub local: bool,
pub seal_wrap: bool,
pub external_entropy_access: bool,
pub options: Value,
pub config: Value,
pub description: String,
pub request_id: String,
pub lease_id: String,
pub renewable: bool,
pub lease_duration: u64,
pub data: VaultAuthReadResponseData,
pub wrap_info: Value,
pub warnings: Value,
pub auth: Value
}
#[derive(Clone, Debug, Default, Deserialize)]
pub struct VaultAuthReadResponseData {
pub accessor: String,
pub config: VaultAuthReadResponseDataConfig,
pub description: String,
pub external_entropy_access: bool,
pub local: bool,
pub options: Value,
pub seal_wrap: bool,
#[serde(rename="type")]
pub type_: String,
pub uuid: String,
}
#[derive(Clone, Debug, Default, Deserialize)]
pub struct VaultAuthReadResponseDataConfig {
pub default_lease_ttl: u64,
pub force_no_cache: bool,
pub max_lease_ttl: u64,
pub token_type: String
}
#[derive(Clone, Debug, Default, Serialize)]
pub struct VaultEnableAuthRequest {
pub description: Option<String>,
#[serde(rename="type")]
pub type_: String,
pub config: Option<BTreeMap<String, String>>,
pub local: Option<bool>,
pub seal_wrap: Option<bool>,
}
#[derive(Clone, Debug, Default, Serialize)]
pub struct VaultEnableSecretsEngineRequest {
#[serde(rename="type")]
pub type_: String,
pub description: Option<String>,
pub config: Option<BTreeMap<String, String>>,
pub options: Option<BTreeMap<String, String>>,
pub local: Option<bool>,
pub seal_wrap: Option<bool>,
pub external_entropy_access: Option<bool>
}
#[derive(Clone, Debug, Serialize)]
pub struct VaultInitRequest {
pub pgp_keys: Option<Vec<String>>,
pub root_token_pgp_key: Option<String>,
pub secret_shares: usize,
pub secret_threshold: usize,
pub stored_shares: Option<u32>,
pub recovery_shares: Option<usize>,
pub recovery_threshold: Option<usize>,
pub recovery_pgp_keys: Option<Vec<String>>
}
#[allow(clippy::derivable_impls)] impl Default for VaultInitRequest {
fn default() -> Self {
Self {
pgp_keys: None,
root_token_pgp_key: None,
secret_shares: 0, secret_threshold: 0, stored_shares: None,
recovery_shares: None,
recovery_threshold: None,
recovery_pgp_keys: None
}
}
}
#[derive(Clone, Debug, Deserialize, Eq, PartialEq)]
pub struct VaultInitResponse {
pub keys: Vec<String>,
pub keys_base64: Vec<String>,
pub root_token: String,
pub recovery_keys: Option<Vec<String>>,
pub recovery_keys_base64: Option<Vec<String>>
}
#[derive(Clone, Debug, Deserialize, Eq, PartialEq)]
pub struct VaultPluginCatalog {
pub request_id: String,
pub lease_id: String,
pub renewable: bool,
pub lease_duration: u64,
pub data: VaultPluginCatalogData,
pub wrap_info: Value,
pub warnings: Value,
pub auth: Value,
}
#[derive(Clone, Debug, Deserialize, Eq, PartialEq)]
pub struct VaultPluginCatalogData {
pub auth: Vec<String>,
pub database: Vec<String>,
pub secret: Vec<String>,
}
#[derive(Clone, Debug, Deserialize, Eq, PartialEq)]
pub struct VaultSealStatus {
#[serde(rename="type")]
pub type_: String,
pub initialized: bool,
pub sealed: bool,
#[serde(rename="n")]
pub total_shares: i32,
#[serde(rename="t")]
pub unseal_threshold: i32,
#[serde(rename="progress")]
pub unseal_progress: i32,
pub nonce: String,
pub version: String,
pub build_date: String,
pub migration: bool,
pub cluster_name: Option<String>,
pub cluster_id: Option<String>,
pub recovery_seal: bool,
pub storage_type: String,
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultMountResponse {
pub description: Option<String>,
pub accessor: String,
pub uuid: String,
#[serde(rename="type")]
pub type_: String,
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultMountsResponse {
pub data: BTreeMap<String, VaultMountsResponseItem>
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultMountsResponseItem {
pub accessor: String,
pub description: Option<String>,
#[serde(rename="type")]
pub type_: String,
pub uuid: String
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultPoliciesAclListResponse {
pub request_id: String,
pub lease_id: String,
pub renewable: bool,
pub lease_duration: u64,
pub data: VaultPoliciesAclListResponseData,
pub wrap_info: Value,
pub warnings: Value,
pub auth: Value
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultPoliciesAclListResponseData {
pub keys: Vec<String>
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultPoliciesAclReadResponse {
pub request_id: String,
pub lease_id: String,
pub renewable: bool,
pub lease_duration: u64,
pub data: VaultPoliciesAclReadResponseData,
pub wrap_info: Value,
pub warnings: Value,
pub auth: Value
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultPoliciesAclReadResponseData {
pub name: String,
pub policy: String
}
#[derive(Clone, Debug, Serialize)]
pub(crate) struct VaultPoliciesAclUpsertRequest {
pub policy: String
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultTransitKeyReadResponse {
pub data: VaultTransitKeyReadResponseData
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultTransitKeyReadResponseData {
#[serde(rename="type")]
pub type_: String,
pub deletion_allowed: bool,
pub derived: bool,
pub exportable: bool,
pub allow_plaintext_backup: bool,
pub keys: BTreeMap<String, u64>,
pub min_decryption_version: u32,
pub min_encryption_version: u32,
pub name: String,
pub supports_encryption: bool,
pub supports_decryption: bool,
pub supports_derivation: bool,
pub supports_signing: bool,
pub imported: Option<bool>
}
#[derive(Clone, Debug, Serialize)]
pub struct VaultUnsealRequest {
pub key: Option<String>,
pub reset: bool,
pub migrate: bool
}
#[derive(Clone, Debug, Deserialize)]
pub struct VaultUnsealResponse {
pub sealed: bool,
#[serde(rename="t")]
pub unseal_threshold: i32,
#[serde(rename="n")]
pub total_shares: i32,
#[serde(rename="progress")]
pub unseal_progress: i32,
pub version: String,
pub cluster_name: Option<String>,
pub cluster_id: Option<String>
}
pub trait VaultUnsealProgress {
fn sealed(&self) -> bool;
fn unseal_threshold(&self) -> i32;
fn unseal_progress(&self) -> i32;
fn unseal_progress_string(&self) -> String {
let threshold = self.unseal_threshold();
let progress = if self.sealed() {
self.unseal_progress()
}
else {
self.unseal_threshold()
};
format!("{}/{}", progress, threshold)
}
}
impl VaultUnsealProgress for VaultSealStatus {
fn sealed(&self) -> bool {
self.sealed
}
fn unseal_threshold(&self) -> i32 {
self.unseal_threshold
}
fn unseal_progress(&self) -> i32 {
self.unseal_progress
}
}
impl VaultUnsealProgress for VaultUnsealResponse {
fn sealed(&self) -> bool {
self.sealed
}
fn unseal_threshold(&self) -> i32 {
self.unseal_threshold
}
fn unseal_progress(&self) -> i32 {
self.unseal_progress
}
}
#[cfg(test)]
mod test_vault_unseal_progress_string {
use super::{VaultUnsealProgress, VaultUnsealResponse};
#[test]
pub fn when_sealed() {
let response: Box<dyn VaultUnsealProgress> = Box::new(VaultUnsealResponse {
sealed: true,
unseal_threshold: 3,
total_shares: 0,
unseal_progress: 1,
version: "".to_string(),
cluster_name: None,
cluster_id: None
});
assert_eq!("1/3".to_string(), response.unseal_progress_string());
}
#[test]
pub fn when_unsealed() {
let response: Box<dyn VaultUnsealProgress> = Box::new(VaultUnsealResponse {
sealed: false,
unseal_threshold: 2,
total_shares: 0,
unseal_progress: 0,
version: "".to_string(),
cluster_name: None,
cluster_id: None
});
assert_eq!("2/2".to_string(), response.unseal_progress_string());
}
}