Skip to content

Commit

Permalink
Add logic to retrieve public keys
Browse files Browse the repository at this point in the history
  • Loading branch information
jtuttle committed Jan 25, 2023
1 parent 8eda51f commit 33d1e31
Show file tree
Hide file tree
Showing 3 changed files with 72 additions and 0 deletions.
14 changes: 14 additions & 0 deletions conjurapi/authn.go
Original file line number Diff line number Diff line change
Expand Up @@ -314,3 +314,17 @@ func (c *Client) rotateAPIKey(roleID string) (*http.Response, error) {

return c.SubmitRequest(req)
}

func (c *Client) PublicKeys(kind string, identifier string) ([]byte, error) {
req, err := c.PublicKeysRequest(kind, identifier)
if err != nil {
return nil, err
}

res, err := c.SubmitRequest(req)
if err != nil {
return nil, err
}

return response.DataResponse(res)
}
53 changes: 53 additions & 0 deletions conjurapi/authn_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -594,3 +594,56 @@ func runChangeUserPasswordAssertions(t *testing.T, tc changeUserPasswordTestCase
_, err = conjur.Authenticate(authn.LoginPair{Login: tc.login, APIKey: string(userAPIKey)})
assert.NoError(t, err)
}

var publicKeysTestPolicy = `
- !user
id: alice
public_keys:
- ssh-rsa test-key-1 laptop
- ssh-rsa test-key-2 workstation
`

type publicKeysTestCase struct {
name string
kind string
identifier string
}

func TestClient_PublicKeys(t *testing.T) {
testCases := []publicKeysTestCase{
{
name: "Display public keys",
kind: "user",
identifier: "alice",
},
}

for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
// SETUP
config := &Config{
CredentialStorage: "none",
}
conjur, err := conjurSetup(config, publicKeysTestPolicy)
assert.NoError(t, err)

// EXERCISE
runPublicKeysAssertions(t, tc, conjur)
})
}
}

func runPublicKeysAssertions(t *testing.T, tc publicKeysTestCase, conjur *Client) {
var publicKeys []byte
var err error

publicKeys, err = conjur.PublicKeys(tc.kind, tc.identifier)

assert.NoError(t, err)

expectedOutput := `ssh-rsa test-key-1 laptop
ssh-rsa test-key-2 workstation
`

assert.Equal(t, expectedOutput, string(publicKeys))
}
5 changes: 5 additions & 0 deletions conjurapi/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -606,6 +606,11 @@ func (c *Client) CreateHostRequest(body string, token string) (*http.Request, er
return request, nil
}

func (c *Client) PublicKeysRequest(kind string, identifier string) (*http.Request, error) {
publicKeysURL := makeRouterURL(c.config.ApplianceURL, "public_keys", c.config.Account, kind, identifier)
return http.NewRequest("GET", publicKeysURL.String(), nil)
}

func (c *Client) createTokenURL() string {
return makeRouterURL(c.config.ApplianceURL, "host_factory_tokens").String()
}
Expand Down

0 comments on commit 33d1e31

Please sign in to comment.