如何使用GO包github.com/hashicorp/vault/api配置OIDC配置。

huangapple go评论84阅读模式
英文:

How to configure the OIDC config with GO package-github.com/hashicorp/vault/api

问题

我们可以使用以下代码初始化/解封和启用Vault。

newres, err := client.Sys().Init(&intireq)
resseal, err := client.Sys().Unseal("xxxxxxxxxxxxxxxxxxxxx")
fmt.Println("resseal:", resseal)
enableopt := vault.MountInput{}
enableopt.Type = "oidc"
client.SetToken("xxxxxxxxxxxxxxxxxx")

err = client.Sys().EnableAuthWithOptions("oidc", &enableopt)

我们也可以在UI中看到已启用oidc。
现在我们需要配置oidc,如果在UI中完成,将使用以下POST API和配置id:"oidc",oidc_discovery_url:"xxxxxx"......

https://vault.xxxxxx.com/v1/auth/oidc/config

我们需要在使用go客户端vault "github.com/hashicorp/vault/api"的GO代码中进行相同的配置。
无法找到用于身份验证配置的方法,请帮助找到正确的方法。

英文:

We are able to initialize/unseal and enable the vault using bellow code.

newres, err := client.Sys().Init(&intireq)
resseal, err := client.Sys().Unseal("xxxxxxxxxxxxxxxxxxxxx")
fmt.Println("resseal:", resseal)
enableopt := vault.MountInput{}
enableopt.Type = "oidc"
client.SetToken("xxxxxxxxxxxxxxxxxx")

err = client.Sys().EnableAuthWithOptions("oidc", &enableopt)

We can see oidc enabled in UI also.
Now we need to configure the oidc, which if done from UI it is using below POST api with configs id: "oidc", oidc_discovery_url:"xxxxxx"......

https://vault.xxxxxx.com/v1/auth/oidc/config

We need to configure the same from our GO code where we are using go client vault "github.com/hashicorp/vault/api"

Not able to get the method for auth configuration need help on correct method.

答案1

得分: 1

API在Logical()结构中公开,所以你可以像这样使用:

type oidcConfig struct {
    OIDCDiscoveryURL string `json:"oidc_discovery_url"`
    // ...snip...
}

// 在函数调用中
config := oidcConfig{
    OIDCDiscoveryURL: "https://sample.url/oidc"
    // ..snip..
}
resp, err := client.Logical().Write("auth/oidc/config", config)

当然,还有更好的设置配置键的方法,但希望这个简单的示例对你有所帮助。

英文:

The API is exposed in the Logical() struct, so you can use something like

type oidcConfig struct {
    OIDCDiscoveryURL string `json:"oidc_discovery_url"`
    // ...snip...
}

// in function call
config := oidcConfig{
    OIDCDiscoveryURL: "https://sample.url/oidc"
    // ..snip..
}
resp, err := client.Logical().Write("auth/oidc/config", config)

There are better ways of setting the config keys than this of course but hopefully gives you a trivial example.

huangapple
  • 本文由 发表于 2022年8月30日 22:24:42
  • 转载请务必保留本文链接:https://go.coder-hub.com/73544094.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定