Example 1 with BinaryDataSecret
use of com.walmartlabs.concord.common.secret.BinaryDataSecret in project concord by walmartlabs.
the class GitClient method execWithCredentials.
private String execWithCredentials(Command cmd, Secret secret) {
Path key = null;
Path ssh = null;
Path askpass = null;
Map<String, String> env = new HashMap<>();
env.put("GIT_TERMINAL_PROMPT", "0");
try {
if (secret instanceof KeyPair) {
KeyPair keyPair = (KeyPair) secret;
key = createSshKeyFile(keyPair);
ssh = createUnixGitSSH(key);
env.put("GIT_SSH", ssh.toAbsolutePath().toString());
env.put("GIT_SSH_COMMAND", ssh.toAbsolutePath().toString());
// supply a dummy value for DISPLAY so ssh will invoke SSH_ASKPASS
if (!env.containsKey("DISPLAY")) {
env.put("DISPLAY", ":");
}
log.info("using GIT_SSH to set credentials");
} else if (secret instanceof UsernamePassword) {
UsernamePassword userPass = (UsernamePassword) secret;
askpass = createUnixStandardAskpass(userPass);
env.put("GIT_ASKPASS", askpass.toAbsolutePath().toString());
env.put("SSH_ASKPASS", askpass.toAbsolutePath().toString());
log.info("using GIT_ASKPASS to set credentials ");
} else if (secret instanceof BinaryDataSecret) {
BinaryDataSecret token = (BinaryDataSecret) secret;
askpass = createUnixStandardAskpass(new UsernamePassword(new String(token.getData()), "".toCharArray()));
env.put("GIT_ASKPASS", askpass.toAbsolutePath().toString());
log.info("using GIT_ASKPASS to set credentials ");
}
env.put("GIT_HTTP_LOW_SPEED_LIMIT", String.valueOf(cfg.httpLowSpeedLimit()));
env.put("GIT_HTTP_LOW_SPEED_TIME", String.valueOf(cfg.httpLowSpeedTime().getSeconds()));
return exec(Command.builder().from(cmd).putAllEnv(env).build());
} catch (IOException e) {
throw new RepositoryException("Failed to setup credentials", e);
} finally {
deleteTempFile(key);
deleteTempFile(ssh);
deleteTempFile(askpass);
}
}
Also used :
Path(java.nio.file.Path)
KeyPair(com.walmartlabs.concord.common.secret.KeyPair)
BinaryDataSecret(com.walmartlabs.concord.common.secret.BinaryDataSecret)
UsernamePassword(com.walmartlabs.concord.common.secret.UsernamePassword)
Example 2 with BinaryDataSecret
use of com.walmartlabs.concord.common.secret.BinaryDataSecret in project concord by walmartlabs.
the class SecretManager method createBinaryData.
/**
* Stores a new single value secret.
*/
public DecryptedBinaryData createBinaryData(DSLContext tx, UUID orgId, UUID projectId, String name, String storePassword, InputStream data, SecretVisibility visibility, String storeType, SecretDao.InsertMode insertMode) throws IOException {
orgManager.assertAccess(tx, orgId, true);
BinaryDataSecret d = buildBinaryData(data);
UUID id = create(tx, name, orgId, projectId, d, storePassword, visibility, storeType, insertMode);
return new DecryptedBinaryData(id);
}
Also used :
BinaryDataSecret(com.walmartlabs.concord.common.secret.BinaryDataSecret)
Example 3 with BinaryDataSecret
use of com.walmartlabs.concord.common.secret.BinaryDataSecret in project concord by walmartlabs.
the class SecretManager method assertApiKey.
public ApiKeyEntry assertApiKey(AccessScope accessScope, UUID orgId, String secretName, String password) {
DecryptedSecret secret = getSecret(accessScope, orgId, secretName, password, SecretType.DATA);
BinaryDataSecret data = (BinaryDataSecret) secret.getSecret();
ApiKeyEntry result = apiKeyDao.find(new String(data.getData()));
if (result == null) {
throw new ConcordApplicationException("Api key from secret '" + secretName + "' not found", Status.NOT_FOUND);
}
return result;
}
Also used :
ApiKeyEntry(com.walmartlabs.concord.server.security.apikey.ApiKeyEntry)
ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException)
BinaryDataSecret(com.walmartlabs.concord.common.secret.BinaryDataSecret)
Example 4 with BinaryDataSecret
use of com.walmartlabs.concord.common.secret.BinaryDataSecret in project concord by walmartlabs.
the class SecretServiceImpl method exportAsFile.
@Override
public String exportAsFile(Context ctx, String instanceId, String workDir, String orgName, String name, String password) throws Exception {
BinaryDataSecret bds = get(ctx, orgName, name, password, SecretEntry.TypeEnum.DATA);
Path baseDir = Paths.get(workDir);
Path tmpDir = assertTempDir(baseDir);
Path p = Files.createTempFile(tmpDir, "file", ".bin");
Files.write(p, bds.getData());
return baseDir.relativize(p).toString();
}
Also used :
Path(java.nio.file.Path)
BinaryDataSecret(com.walmartlabs.concord.common.secret.BinaryDataSecret)
Example 5 with BinaryDataSecret
use of com.walmartlabs.concord.common.secret.BinaryDataSecret in project concord by walmartlabs.
the class DefaultSecretService method exportAsFile.
@Override
public Path exportAsFile(String orgName, String secretName, String password) throws Exception {
BinaryDataSecret bds = get(orgName, secretName, password, SecretEntry.TypeEnum.DATA);
Path p = fileService.createTempFile("secret-service-file", ".bin");
Files.write(p, bds.getData());
return p;
}
Also used :
Path(java.nio.file.Path)
BinaryDataSecret(com.walmartlabs.concord.common.secret.BinaryDataSecret)
Aggregations
BinaryDataSecret (com.walmartlabs.concord.common.secret.BinaryDataSecret)6
Path (java.nio.file.Path)3
KeyPair (com.walmartlabs.concord.common.secret.KeyPair)1
UsernamePassword (com.walmartlabs.concord.common.secret.UsernamePassword)1
ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)1
ApiKeyEntry (com.walmartlabs.concord.server.security.apikey.ApiKeyEntry)1
InputStream (java.io.InputStream)1
