Skip to main content

nominal_api/conjure/endpoints/secrets/api/
internal_secret_service.rs

1use conjure_http::endpoint;
2/// The internal secrets service provides functionality for retrieving customer secrets where the "user" is a service.
3#[conjure_http::conjure_endpoints(
4    name = "InternalSecretService",
5    use_legacy_error_serialization
6)]
7pub trait InternalSecretService {
8    /// Get decrypted secret by rid. This is a privileged operation that is restricted to services only.
9    /// This endpoint must be a conjure endpoint in order to support TLS.
10    #[endpoint(
11        method = GET,
12        path = "/secrets/internal/v1/secrets/{rid}/decrypted",
13        name = "getDecrypted",
14        produces = conjure_http::server::StdResponseSerializer
15    )]
16    fn get_decrypted(
17        &self,
18        #[auth]
19        auth_: conjure_object::BearerToken,
20        #[path(
21            name = "rid",
22            decoder = conjure_http::server::conjure::FromPlainDecoder,
23            safe
24        )]
25        rid: super::super::super::super::objects::secrets::api::SecretRid,
26    ) -> Result<
27        super::super::super::super::objects::secrets::api::DecryptedSecret,
28        conjure_http::private::Error,
29    >;
30}
31/// The internal secrets service provides functionality for retrieving customer secrets where the "user" is a service.
32#[conjure_http::conjure_endpoints(
33    name = "InternalSecretService",
34    use_legacy_error_serialization
35)]
36pub trait AsyncInternalSecretService {
37    /// Get decrypted secret by rid. This is a privileged operation that is restricted to services only.
38    /// This endpoint must be a conjure endpoint in order to support TLS.
39    #[endpoint(
40        method = GET,
41        path = "/secrets/internal/v1/secrets/{rid}/decrypted",
42        name = "getDecrypted",
43        produces = conjure_http::server::StdResponseSerializer
44    )]
45    async fn get_decrypted(
46        &self,
47        #[auth]
48        auth_: conjure_object::BearerToken,
49        #[path(
50            name = "rid",
51            decoder = conjure_http::server::conjure::FromPlainDecoder,
52            safe
53        )]
54        rid: super::super::super::super::objects::secrets::api::SecretRid,
55    ) -> Result<
56        super::super::super::super::objects::secrets::api::DecryptedSecret,
57        conjure_http::private::Error,
58    >;
59}
60/// The internal secrets service provides functionality for retrieving customer secrets where the "user" is a service.
61#[conjure_http::conjure_endpoints(
62    name = "InternalSecretService",
63    use_legacy_error_serialization,
64    local
65)]
66pub trait LocalAsyncInternalSecretService {
67    /// Get decrypted secret by rid. This is a privileged operation that is restricted to services only.
68    /// This endpoint must be a conjure endpoint in order to support TLS.
69    #[endpoint(
70        method = GET,
71        path = "/secrets/internal/v1/secrets/{rid}/decrypted",
72        name = "getDecrypted",
73        produces = conjure_http::server::StdResponseSerializer
74    )]
75    async fn get_decrypted(
76        &self,
77        #[auth]
78        auth_: conjure_object::BearerToken,
79        #[path(
80            name = "rid",
81            decoder = conjure_http::server::conjure::FromPlainDecoder,
82            safe
83        )]
84        rid: super::super::super::super::objects::secrets::api::SecretRid,
85    ) -> Result<
86        super::super::super::super::objects::secrets::api::DecryptedSecret,
87        conjure_http::private::Error,
88    >;
89}