RubyGems - vault - Versions diffs - 0.3.0 → 0.4.0 - Mend

vault 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f44b1c7408f1606c17e1b1aea67b3547aae80873
-  data.tar.gz: f908452ae3a2117b1b12c5305921f59242ef89ce
+  metadata.gz: c591681b73cba4f23a6c399ce65ecb232be4c8bb
+  data.tar.gz: 7f01da9d58aae383b63dd8bc666db5ca7e2181d8
 SHA512:
-  metadata.gz: 00352ca38411b6340b145dfad3bbe8c1f6d49535fbf169717ee60c37198e07e229e56b1f4b1e30fe907d5d542cfe7656ad3386570e2d2894d922935416ce6b0e
-  data.tar.gz: 5a4d53a45ee70b529d03e77fa3e73adabd2e538c3b18aa4547a1d0f78f733cea6337940b70105952b9067df7b9e5d40327bdef45b6b6b5b933eead0e59a46381
+  metadata.gz: 1efa7198ad5a0713ba37826978cd417ac6de66da5023d220890b092c8758af7fb9a7a494ea9db685e1e21011e4f62fc4379c42b50f0d3fa6992a68d57ad8a319
+  data.tar.gz: 415e4410e7f5ba98827996d47ad10ef8f81caa12dd0a213698b019306717bfb08694a2ea598428a72629c3c6180739a49f6541c9553f3355f33391efcd6adc73

data/.travis.yml CHANGED Viewed

@@ -3,7 +3,7 @@ cache: bundler
 sudo: false
 before_install: |-
-  wget -O vault.zip -q https://releases.hashicorp.com/vault/0.5.0-rc1/vault_0.5.0-rc1_linux_amd64.zip
+  wget -O vault.zip -q https://releases.hashicorp.com/vault/0.5.2/vault_0.5.2_linux_amd64.zip
   unzip vault.zip
   mkdir ~/bin
   mv vault ~/bin

data/CHANGELOG.md CHANGED Viewed

@@ -1,8 +1,21 @@
 # Vault Ruby Changelog
-## v0.3.0.dev (Unreleased)
+## v0.4.0 (March 31, 2016)
+NEW FEATURES
+- Add LDAP authentication method [GH-61]
+- Add GitHub authentication method [GH-37]
+- Add `create_orphan` method [GH-65]
+- Add `lookup` and `lookup_self` for tokens
+- Accept `VAULT_SKIP_VERIFY` environment variable [GH-66]
+BUG FIXES
+- Prefer `VAULT_TOKEN` environment variable over disk to mirror Vault's own
+  behavior [GH-98]
+- Do not duplicate query parameters on HEAD/GET requests [GH-62]
+- Yield exception in `with_retries` [GH-68]
 ## v0.3.0 (February 16, 2016)

data/README.md CHANGED Viewed

@@ -68,7 +68,7 @@ Vault.configure do |config|
 end
 ```
-If you do not want the Vault singleton, of if you need to communicate with multiple Vault servers at once, you can create indepenent client objects:
+If you do not want the Vault singleton, or if you need to communicate with multiple Vault servers at once, you can create independent client objects:
 ```ruby
 client_1 = Vault::Client.new(address: "https://vault.mycompany.com")

data/lib/vault/api/auth.rb CHANGED Viewed

@@ -98,5 +98,45 @@ module Vault
       client.token = secret.auth.client_token
       return secret
     end
+    # Authenticate via the "ldap" authentication method. If authentication
+    # is successful, the resulting token will be stored on the client and used
+    # for future requests.
+    #
+    # @example
+    #   Vault.auth.ldap("sethvargo", "s3kr3t") #=> #<Vault::Secret lease_id="">
+    #
+    # @param [String] username
+    # @param [String] password
+    # @param [Hash] options
+    #   additional options to pass to the authentication call, such as a custom
+    #   mount point
+    #
+    # @return [Secret]
+    def ldap(username, password, options = {})
+      payload = { password: password }.merge(options)
+      json = client.post("/v1/auth/ldap/login/#{CGI.escape(username)}", JSON.fast_generate(payload))
+      secret = Secret.decode(json)
+      client.token = secret.auth.client_token
+      return secret
+    end
+    # Authenticate via the GitHub authentication method. If authentication is
+    # successful, the resulting token will be stored on the client and used
+    # for future requests.
+    #
+    # @example
+    #   Vault.auth.github("mypersonalgithubtoken") #=> #<Vault::Secret lease_id="">
+    #
+    # @param [String] github_token
+    #
+    # @return [Secret]
+    def github(github_token)
+      payload = {token: github_token}
+      json = client.post("/v1/auth/github/login", JSON.fast_generate(payload))
+      secret = Secret.decode(json)
+      client.token = secret.auth.client_token
+      return secret
+    end
   end
 end

data/lib/vault/api/auth_token.rb CHANGED Viewed

@@ -28,6 +28,43 @@ module Vault
       return Secret.decode(json)
     end
+    # Create an orphaned authentication token.
+    #
+    # @example
+    #   Vault.auth_token.create_orphan #=> #<Vault::Secret lease_id="">
+    #
+    # @param [Hash] options
+    #
+    # @return [Secret]
+    def create_orphan(options = {})
+      json = client.post("/v1/auth/token/create-orphan", JSON.fast_generate(options))
+      return Secret.decode(json)
+    end
+    # Lookup information about the current token.
+    #
+    # @example
+    #   Vault.auth_token.lookup_self("abcd-...") #=> #<Vault::Secret lease_id="">
+    #
+    # @param [String] token
+    #
+    # @return [Secret]
+    def lookup(token)
+      json = client.get("/v1/auth/token/lookup/#{CGI.escape(token)}")
+      return Secret.decode(json)
+    end
+    # Lookup information about the given token.
+    #
+    # @example
+    #   Vault.auth_token.lookup_self #=> #<Vault::Secret lease_id="">
+    #
+    # @return [Secret]
+    def lookup_self
+      json = client.get("/v1/auth/token/lookup-self")
+      return Secret.decode(json)
+    end
     # Renew the given authentication token.
     #
     # @example

data/lib/vault/client.rb CHANGED Viewed

@@ -217,6 +217,11 @@ module Vault
           case response
           when Net::HTTPRedirection
+            # On a redirect of a GET or HEAD request, the URL already contains
+            # the data as query string parameters.
+            if [:head, :get].include?(verb)
+              data = {}
+            end
             request(verb, response[LOCATION_HEADER], data, headers)
           when Net::HTTPSuccess
             success(response)
@@ -353,7 +358,7 @@ module Vault
       backoff_max  = options[:max_wait] || Defaults::RETRY_MAX_WAIT
       begin
-        return yield retries
+        return yield retries, exception
       rescue *rescued => e
         exception = e

data/lib/vault/defaults.rb CHANGED Viewed

@@ -42,11 +42,15 @@ module Vault
       # The vault token to use for authentiation.
       # @return [String, nil]
       def token
+        if !ENV["VAULT_TOKEN"].nil?
+          return ENV["VAULT_TOKEN"]
+        end
         if VAULT_DISK_TOKEN.exist? && VAULT_DISK_TOKEN.readable?
-          VAULT_DISK_TOKEN.read
-        else
-          ENV["VAULT_TOKEN"]
+          return VAULT_DISK_TOKEN.read
         end
+        nil
       end
       # The number of seconds to wait when trying to open a connection before
@@ -122,6 +126,11 @@ module Vault
       # Verify SSL requests (default: true)
       # @return [true, false]
       def ssl_verify
+        # Vault CLI uses this envvar, so accept it by precedence
+        if !ENV["VAULT_SKIP_VERIFY"].nil?
+          return true
+        end
         if ENV["VAULT_SSL_VERIFY"].nil?
           true
         else

data/lib/vault/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Vault
-  VERSION = "0.3.0"
+  VERSION = "0.4.0"
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: vault
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Seth Vargo
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2016-02-16 00:00:00.000000000 Z
+date: 2016-03-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler