vaultrs/auth/
cert.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
use crate::{
    api::{
        self,
        auth::cert::requests::{
            ConfigureTlsCertificateMethod, ConfigureTlsCertificateMethodBuilder, LoginRequest,
        },
        AuthInfo,
    },
    client::Client,
    error::ClientError,
};

// Fetch a token with policies corresponding to the certificate.
//
// See [LoginRequest]
pub async fn login(
    client: &impl Client,
    mount: &str,
    cert_name: &str,
) -> Result<AuthInfo, ClientError> {
    let endpoint = LoginRequest::builder()
        .mount(mount)
        .cert_name(cert_name)
        .build()
        .unwrap();
    api::auth(client, endpoint).await
}

/// ConfigureTlsCertificateMethod
///
/// See [ConfigureTlsCertificateMethod]
pub async fn configure_tls_certificate_method(
    client: &impl Client,
    mount: &str,
    opts: Option<&mut ConfigureTlsCertificateMethodBuilder>,
) -> Result<(), ClientError> {
    let mut t = ConfigureTlsCertificateMethod::builder();
    let endpoint = opts.unwrap_or(&mut t).mount(mount).build().unwrap();
    api::exec_with_empty(client, endpoint).await
}

pub mod ca_cert_role {
    use crate::{
        api::{
            self,
            auth::cert::{
                requests::{
                    CreateCaCertificateRoleRequest, CreateCaCertificateRoleRequestBuilder,
                    DeleteCaCertificateRoleRequest, ListCaCertificateRoleRequest,
                    ReadCaCertificateRoleRequest,
                },
                responses::{ListCaCertificateRoleResponse, ReadCaCertificateRoleResponse},
            },
        },
        client::Client,
        error::ClientError,
    };

    /// Deletes a CA certificate role.
    ///
    /// See [DeleteCaCertificateRoleRequest]
    pub async fn delete(client: &impl Client, mount: &str, name: &str) -> Result<(), ClientError> {
        let endpoint = DeleteCaCertificateRoleRequest::builder()
            .mount(mount)
            .name(name)
            .build()
            .unwrap();
        api::exec_with_empty(client, endpoint).await
    }

    /// Lists CA certificate roles.
    ///
    /// See [ListCaCertificateRoleRequest]
    pub async fn list(
        client: &impl Client,
        mount: &str,
    ) -> Result<ListCaCertificateRoleResponse, ClientError> {
        let endpoint = ListCaCertificateRoleRequest::builder()
            .mount(mount)
            .build()
            .unwrap();
        api::exec_with_result(client, endpoint).await
    }

    /// Reads information about a CA certificate role.
    ///
    /// See [ReadCaCertificateRoleRequest]
    pub async fn read(
        client: &impl Client,
        mount: &str,
        username: &str,
    ) -> Result<ReadCaCertificateRoleResponse, ClientError> {
        let endpoint = ReadCaCertificateRoleRequest::builder()
            .mount(mount)
            .name(username)
            .build()
            .unwrap();
        api::exec_with_result(client, endpoint).await
    }

    /// Creates a new CA certificate role
    ///
    /// See [CreateCaCertificateRoleRequest]
    pub async fn set(
        client: &impl Client,
        mount: &str,
        name: &str,
        certificate: &str,
        opts: Option<&mut CreateCaCertificateRoleRequestBuilder>,
    ) -> Result<(), ClientError> {
        let mut t = CreateCaCertificateRoleRequest::builder();
        let endpoint = opts
            .unwrap_or(&mut t)
            .mount(mount)
            .name(name)
            .certificate(certificate)
            .build()
            .unwrap();
        api::exec_with_empty(client, endpoint).await
    }
}