drv54591 2017-02-28 18:08
浏览 50
已采纳

使用Vault API软件包的身份验证方法

I am trying to use the Vault Golang Package to authenticate using the API.

I created a new client, and then can set my token:

client, err := api.NewClient(&api.Config{Address: vaultAddr, HttpClient: httpClient})

 if err != nil {
   return nil, errors.Wrap(err, "could not create vault client")
 }

client.SetToken(token)

That's great and all, but I want to auth against the API using one of the other auth methods, (LDAP, Userpass etc)

Is this even possible? How can I retrieve a token using the API?

I guess I could just use net/http to retrieve the token using an API call, but is there any method to actually auth in another way?

  • 写回答

1条回答 默认 最新

  • dsdsm2016 2017-03-04 01:19
    关注

    I managed to figure this out, eventually. It's not totally obvious, but makes sense.

    Vault has a generic write method it uses to write data. You can utilise this to perform a login with the API by simply building the URL and sending a PUT request to that endpoint

    It looks a bit like this:

    // create a vault client
client, err := api.NewClient(&api.Config{Address: url, HttpClient: httpClient})
if err != nil {
    panic(err)
}

// to pass the password
options := map[string]interface{}{
   "password": password,        
}

// the login path
// this is configurable, change userpass to ldap etc
path := fmt.Sprintf("auth/userpass/login/%s", username)

// PUT call to get a token
secret, err := client.Logical().Write(path, options)
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥35 平滑拟合曲线该如何生成
  • ¥100 c语言,请帮蒟蒻写一个题的范例作参考
  • ¥15 名为“Product”的列已属于此 DataTable
  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 自己瞎改改,结果现在又运行不了了
  • ¥15 链式存储应该如何解决
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站