use reqwest::Method;
use crate::VaultClient;
use crate::api::traits::CertAuthOperations;
use crate::client::{encode_path, to_body};
use crate::types::auth::{CertRoleInfo, CertRoleRequest};
use crate::types::error::VaultError;
use crate::types::response::AuthInfo;
#[derive(Debug)]
pub struct CertAuthHandler<'a> {
pub(crate) client: &'a VaultClient,
pub(crate) mount: String,
}
impl CertAuthOperations for CertAuthHandler<'_> {
async fn login(&self, name: Option<&str>) -> Result<AuthInfo, VaultError> {
let body = name.map(|n| serde_json::json!({ "name": n }));
let resp = self
.client
.exec_with_auth::<serde_json::Value>(
Method::POST,
&format!("auth/{}/login", self.mount),
body.as_ref(),
)
.await?;
let auth = resp.auth.ok_or(VaultError::EmptyResponse)?;
self.client.update_token_from_auth(&auth)?;
Ok(auth)
}
async fn create_role(&self, name: &str, params: &CertRoleRequest) -> Result<(), VaultError> {
let body = to_body(params)?;
self.client
.exec_empty(
Method::POST,
&format!("auth/{}/certs/{}", self.mount, encode_path(name)),
Some(&body),
)
.await
}
async fn read_role(&self, name: &str) -> Result<CertRoleInfo, VaultError> {
self.client
.exec_with_data(
Method::GET,
&format!("auth/{}/certs/{}", self.mount, encode_path(name)),
None,
)
.await
}
async fn delete_role(&self, name: &str) -> Result<(), VaultError> {
self.client
.exec_empty(
Method::DELETE,
&format!("auth/{}/certs/{}", self.mount, encode_path(name)),
None,
)
.await
}
async fn list_roles(&self) -> Result<Vec<String>, VaultError> {
self.client
.exec_list(&format!("auth/{}/certs", self.mount))
.await
}
}