/*
* Tapis Security API
*
* The Tapis Security API provides for management of Security Kernel (SK) role-based authorization and secrets resources.
*
* The version of the OpenAPI document: 1.8.2
* Contact: cicsupport@tacc.utexas.edu
* Generated by: https://openapi-generator.tech
*/
use super::{configuration, ContentType, Error};
use crate::{apis::ResponseContent, models};
use reqwest;
use serde::{de::Error as _, Deserialize, Serialize};
/// struct for typed errors of method [`delete_secret`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum DeleteSecretError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status404(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`destroy_secret`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum DestroySecretError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`destroy_secret_meta`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum DestroySecretMetaError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`list_secret_meta`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ListSecretMetaError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`read_secret`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ReadSecretError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status404(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`read_secret_meta`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ReadSecretMetaError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`undelete_secret`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum UndeleteSecretError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`validate_service_password`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ValidateServicePasswordError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`validate_site_admin_password`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ValidateSiteAdminPasswordError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`write_secret`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum WriteSecretError {
Status400(models::RespBasic),
Status401(models::RespBasic),
Status403(models::RespBasic),
Status500(models::RespBasic),
UnknownValue(serde_json::Value),
}
/// Soft delete one or more versions of a secret. Each version can be deleted individually or as part of a group specified in the input array. Deletion can be reversed using the *secret/undelete/{secretName}* endpoint, which make this a _soft_ deletion operation. The input versions array is interpreted as follows: * [-] - empty = delete all versions * [0] - zero = delete only the latest version * [1, 3, ...] - list = delete the specified versions A valid tenant and user must also be specified in the body. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn delete_secret(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
req_versions: models::ReqVersions,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespVersions, Error<DeleteSecretError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_body_req_versions = req_versions;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/delete/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_versions);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespVersions`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespVersions`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<DeleteSecretError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Destroy one or more versions of a secret. Destroy implements a hard delete which delete that cannot be undone. It does not, however, remove any metadata associated with the secret. The input versions array is interpreted as follows: * [-] - empty = destroy all versions * [0] - zero = destroy only the latest version * [1, 3, ...] - list = destroy the specified versions A valid tenant and user must be specified in the body. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn destroy_secret(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
req_versions: models::ReqVersions,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespVersions, Error<DestroySecretError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_body_req_versions = req_versions;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/destroy/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_versions);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespVersions`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespVersions`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<DestroySecretError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Erase all traces of a secret: its key, all versions of its value and all its metadata. Specifying a folder erases all secrets in that folder. A valid tenant and user must be specified as query parameters. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn destroy_secret_meta(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
tenant: Option<&str>,
user: Option<&str>,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespBasic, Error<DestroySecretMetaError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_query_tenant = tenant;
let p_query_user = user;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/destroy/meta/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::DELETE, &uri_str);
if let Some(ref param_value) = p_query_tenant {
req_builder = req_builder.query(&[("tenant", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_user {
req_builder = req_builder.query(&[("user", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespBasic`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespBasic`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<DestroySecretMetaError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// List the secret names at the specified path. The path must represent a folder, not an actual secret name. If the path does not have a trailing slash one will be inserted. Secret names should not encode private information. A valid tenant and user must be specified as query parameters. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the secret name. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* path parameter and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn list_secret_meta(
configuration: &configuration::Configuration,
secret_type: &str,
tenant: Option<&str>,
user: Option<&str>,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespSecretList, Error<ListSecretMetaError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_query_tenant = tenant;
let p_query_user = user;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/list/meta/{secretType}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type)
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_tenant {
req_builder = req_builder.query(&[("tenant", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_user {
req_builder = req_builder.query(&[("user", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespSecretList`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespSecretList`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<ListSecretMetaError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Read a versioned secret. By default, the latest version of the secret is read. If the *version* query parameter is specified then that version of the secret is read. The *version* parameter should be passed as an integer with zero indicating the latest version of the secret. A NOT FOUND status code is returned if the secret version does not exist or if it's deleted or destroyed. The response object includes the map of zero or more key/value pairs and metadata that describes the secret. The metadata includes which version of the secret was returned. A valid tenant and user must be specified as query parameters. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn read_secret(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
tenant: Option<&str>,
user: Option<&str>,
version: Option<i32>,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespSecret, Error<ReadSecretError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_query_tenant = tenant;
let p_query_user = user;
let p_query_version = version;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_tenant {
req_builder = req_builder.query(&[("tenant", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_user {
req_builder = req_builder.query(&[("user", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_version {
req_builder = req_builder.query(&[("version", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespSecret`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespSecret`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<ReadSecretError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// List a secret's metadata including its version information. The input parameter must be a secret name, not a folder. The result includes which version of the secret is the latest. A valid tenant and user must be specified as query parameters. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn read_secret_meta(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
tenant: Option<&str>,
user: Option<&str>,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespSecretVersionMetadata, Error<ReadSecretMetaError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_query_tenant = tenant;
let p_query_user = user;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/read/meta/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_tenant {
req_builder = req_builder.query(&[("tenant", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_user {
req_builder = req_builder.query(&[("user", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespSecretVersionMetadata`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespSecretVersionMetadata`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<ReadSecretMetaError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Restore one or more versions of a secret that have previously been deleted. This endpoint undoes soft deletions performed using the *secret/delete/{secretType}/{secretName}* endpoint. The input versions array is interpreted as follows: * [-] - empty = undelete all versions * [0] - zero = undelete only the latest version * [1, 3, ...] - list = undelete the specified versions A valid tenant and user must be specified in the body. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service
pub async fn undelete_secret(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
req_versions: models::ReqVersions,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespVersions, Error<UndeleteSecretError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_body_req_versions = req_versions;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/undelete/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_versions);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespVersions`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespVersions`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<UndeleteSecretError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Validate a service's password. The JSON payload contains the password that needs to be validated against the password stored in the vault for the service specifie din the X-Tapis-User header. The secret name is the path under which the password was stored. A valid tenant and user must also be specified in the payload. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. Only services can make this request.
pub async fn validate_service_password(
configuration: &configuration::Configuration,
secret_name: &str,
req_validate_pwd: models::ReqValidatePwd,
) -> Result<models::RespAuthorized, Error<ValidateServicePasswordError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_name = secret_name;
let p_body_req_validate_pwd = req_validate_pwd;
let uri_str = format!(
"{}/security/vault/secret/validateServicePassword/{secretName}",
configuration.base_path,
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_validate_pwd);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespAuthorized`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespAuthorized`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<ValidateServicePasswordError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Validate a Site Admin's password. The JSON payload contains the password that needs to be validated against the password stored in the vault for the site admin specified in the X-Tapis-User header. The secret name is the path under which the password was stored. A valid tenant and user must also be specified in the payload. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. Only services can make this request.
pub async fn validate_site_admin_password(
configuration: &configuration::Configuration,
secret_name: &str,
req_validate_pwd: models::ReqValidatePwd,
) -> Result<models::RespAuthorized, Error<ValidateSiteAdminPasswordError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_name = secret_name;
let p_body_req_validate_pwd = req_validate_pwd;
let uri_str = format!(
"{}/security/vault/secret/validateSiteAdminPassword/{secretName}",
configuration.base_path,
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_validate_pwd);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespAuthorized`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespAuthorized`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<ValidateSiteAdminPasswordError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
/// Create or update a secret. The JSON payload contains a required *data* object and an optional *options* object. It also contains the required tenant and user fields. The *data* object is a JSON object that contains one or more key/value pairs in which both the key and value are strings. These are the individual secrets that are saved under the path name. The secrets are automatically versioned, which allows a pre-configured number of past secret values to be accessible even after new values are assigned. See the various GET operations for details on how to access different aspects of secrets. NOTE: The *cas* option is currently ignored but documented here for future reference. The *options* object can contain a *cas* key and with an integer value that represents a secret version. CAS stands for check-and-set and will check an existing secret's version before updating. If cas is not set the write will be always be allowed. If set to 0, a write will only be allowed if the key doesn’t exist. If the index is greater than zero, then the write will only be allowed if the key’s current version matches the version specified in the cas parameter. ### Naming Secrets Secrets can be arranged hierarchically by using the \"+\" characters in the *secretName*. These characters will be converted to slashes upon receipt, allowing secrets to be arranged in folders. A secret is assigned a path name constructed from the *secretType* and *secretName* path parameters and, optionally, from query parameters determined by the *secretType*. Each *secretType* determines a specific transformation from the url path to a path in the vault. The *secretType* may require certain query parameters to be present on the request in order to construct the vault path. See the next section for details. ### Secret Types The list below documents each *secretType* and their applicable query parameters. Highlighted parameter names indicate required parameters. When present, default values are listed first and also highlighted. - **system** - *sysid*: the unique system id - *sysuser*: the accessing user (except when keytype=cert) - keytype: *sshkey* | password | accesskey | token | tmskey | cert - **dbcred** - *dbhost*: the DBMS hostname, IP address or alias - *dbname*: the database name or alias - *dbservice*: service name - **jwtsigning** - *no query parameters* - **user** - *no query parameters* - **service** - *no query parameters* ### Authorization Requestors are authorized based on the secret type specified in the URL path. The following authorizations are enforced: - system: limited to the systems service - dbcred: any service - jwtsigning: limited to the tokens service - user: any user - service: any service ### Generating Secrets Passwords and public/private key pairs appropriate for Tapis use can be generated as part of this secret write call. To direct SK to create a secret, assign the special value `<generate-secret>` to a key. When SK detects this value, it generates a password or key pair depending on context, and replaces the `<generate-secret>` text with the generated secret. In the case of a key pair, both the public and private keys are saved. Key pairs are always generated for secrets of type JWTSigning, while passwords are generated for all other secret types unless the key is named *privateKey*. To generate a key pair, insert the following key/value pair into the payload's data map: key=\"privateKey\", value=\"<generate-secret>\" When the key pair is generated, the above key/value item is replaced by these two key/value pairs: key=\"privateKey\", value=<private key in pem format> key=\"publicKey\", value=<public key in pem format> In non-JWTSigning secret types, passwords are generated whenever the following key/value pair is encountered in the payload's data map: key=<name other than privateKey>, value=\"<generate-secret>\" The generated password simply replaces the item's value and the key name is left unchanged.
pub async fn write_secret(
configuration: &configuration::Configuration,
secret_type: &str,
secret_name: &str,
req_write_secret: models::ReqWriteSecret,
sysid: Option<&str>,
sysuser: Option<&str>,
keytype: Option<&str>,
dbhost: Option<&str>,
dbname: Option<&str>,
dbservice: Option<&str>,
) -> Result<models::RespSecretMeta, Error<WriteSecretError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_path_secret_type = secret_type;
let p_path_secret_name = secret_name;
let p_body_req_write_secret = req_write_secret;
let p_query_sysid = sysid;
let p_query_sysuser = sysuser;
let p_query_keytype = keytype;
let p_query_dbhost = dbhost;
let p_query_dbname = dbname;
let p_query_dbservice = dbservice;
let uri_str = format!(
"{}/security/vault/secret/{secretType}/{secretName}",
configuration.base_path,
secretType = crate::apis::urlencode(p_path_secret_type),
secretName = crate::apis::urlencode(p_path_secret_name)
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_sysid {
req_builder = req_builder.query(&[("sysid", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sysuser {
req_builder = req_builder.query(&[("sysuser", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_keytype {
req_builder = req_builder.query(&[("keytype", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbhost {
req_builder = req_builder.query(&[("dbhost", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbname {
req_builder = req_builder.query(&[("dbname", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_dbservice {
req_builder = req_builder.query(&[("dbservice", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref apikey) = configuration.api_key {
let key = apikey.key.clone();
let value = match apikey.prefix {
Some(ref prefix) => format!("{} {}", prefix, key),
None => key,
};
req_builder = req_builder.header("X-Tapis-Token", value);
};
req_builder = req_builder.json(&p_body_req_write_secret);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => Err(Error::from(serde_json::Error::custom("Received `text/plain` content type response that cannot be converted to `models::RespSecretMeta`"))),
ContentType::Unsupported(unknown_type) => Err(Error::from(serde_json::Error::custom(format!("Received `{unknown_type}` content type response that cannot be converted to `models::RespSecretMeta`")))),
}
} else {
let content = resp.text().await?;
let entity: Option<WriteSecretError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}