vault_client_rs/api/sys/
rekey.rs

1use std::collections::HashMap;
2
3use reqwest::Method;
4use secrecy::{ExposeSecret, SecretString};
5use serde::Deserialize;
6
7use crate::client::to_body;
8use crate::types::error::VaultError;
9use crate::types::response::{VaultResponse, WrapInfo};
10use crate::types::sys::*;
11
12use super::SysHandler;
13
14#[derive(Deserialize)]
15struct VersionHistoryResponse {
16    #[serde(default)]
17    key_info: HashMap<String, VersionHistoryEntry>,
18}
19
20impl SysHandler<'_> {
21    pub async fn rekey_init(&self, params: &RekeyInitRequest) -> Result<RekeyStatus, VaultError> {
22        let body = to_body(params)?;
23        self.client
24            .exec_direct(Method::PUT, "sys/rekey/init", Some(&body))
25            .await
26    }
27
28    pub async fn rekey_status(&self) -> Result<RekeyStatus, VaultError> {
29        self.client
30            .exec_direct(Method::GET, "sys/rekey/init", None)
31            .await
32    }
33
34    pub async fn rekey_cancel(&self) -> Result<(), VaultError> {
35        self.client
36            .exec_empty(Method::DELETE, "sys/rekey/init", None)
37            .await
38    }
39
40    pub async fn rekey_update(
41        &self,
42        key: &SecretString,
43        nonce: &str,
44    ) -> Result<RekeyStatus, VaultError> {
45        let body = serde_json::json!({
46            "key": key.expose_secret(),
47            "nonce": nonce,
48        });
49        self.client
50            .exec_direct(Method::PUT, "sys/rekey/update", Some(&body))
51            .await
52    }
53
54    pub async fn generate_root_init(
55        &self,
56        params: &GenerateRootInitRequest,
57    ) -> Result<GenerateRootStatus, VaultError> {
58        let body = to_body(params)?;
59        self.client
60            .exec_direct(Method::PUT, "sys/generate-root/attempt", Some(&body))
61            .await
62    }
63
64    pub async fn generate_root_status(&self) -> Result<GenerateRootStatus, VaultError> {
65        self.client
66            .exec_direct(Method::GET, "sys/generate-root/attempt", None)
67            .await
68    }
69
70    pub async fn generate_root_cancel(&self) -> Result<(), VaultError> {
71        self.client
72            .exec_empty(Method::DELETE, "sys/generate-root/attempt", None)
73            .await
74    }
75
76    pub async fn generate_root_update(
77        &self,
78        key: &SecretString,
79        nonce: &str,
80    ) -> Result<GenerateRootStatus, VaultError> {
81        let body = serde_json::json!({
82            "key": key.expose_secret(),
83            "nonce": nonce,
84        });
85        self.client
86            .exec_direct(Method::PUT, "sys/generate-root/update", Some(&body))
87            .await
88    }
89
90    pub async fn remount(&self, from: &str, to: &str) -> Result<RemountStatus, VaultError> {
91        let body = serde_json::json!({ "from": from, "to": to });
92        self.client
93            .exec_with_data(Method::POST, "sys/remount", Some(&body))
94            .await
95    }
96
97    pub async fn metrics_json(&self) -> Result<serde_json::Value, VaultError> {
98        self.client
99            .exec_direct(Method::GET, "sys/metrics", None)
100            .await
101    }
102
103    pub async fn host_info(&self) -> Result<HostInfo, VaultError> {
104        self.client
105            .exec_with_data(Method::GET, "sys/host-info", None)
106            .await
107    }
108
109    pub async fn internal_counters_activity(&self) -> Result<serde_json::Value, VaultError> {
110        self.client
111            .exec_with_data(Method::GET, "sys/internal/counters/activity", None)
112            .await
113    }
114
115    pub async fn version_history(&self) -> Result<Vec<VersionHistoryEntry>, VaultError> {
116        let resp: VersionHistoryResponse = self
117            .client
118            .exec_with_data(Method::GET, "sys/version-history", None)
119            .await?;
120        let mut entries: Vec<VersionHistoryEntry> = resp
121            .key_info
122            .into_iter()
123            .map(|(ver, mut entry)| {
124                entry.version = ver;
125                entry
126            })
127            .collect();
128        entries.sort_by(|a, b| a.timestamp_installed.cmp(&b.timestamp_installed));
129        Ok(entries)
130    }
131
132    pub async fn rewrap(&self, token: &SecretString) -> Result<WrapInfo, VaultError> {
133        let body = serde_json::json!({ "token": token.expose_secret() });
134        let resp: VaultResponse<serde_json::Value> = self
135            .client
136            .exec_with_auth(Method::POST, "sys/wrapping/rewrap", Some(&body))
137            .await?;
138        resp.wrap_info.ok_or(VaultError::EmptyResponse)
139    }
140
141    pub async fn in_flight_requests(&self) -> Result<HashMap<String, InFlightRequest>, VaultError> {
142        self.client
143            .exec_direct(Method::GET, "sys/in-flight-req", None)
144            .await
145    }
146}
vault_client_rs/api/sys/rekey.rs

vault_client_rs/api/sys/
rekey.rs
