Skip to content

feat: fetch secrets via Phase application ID #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
nimish-ks merged 6 commits into from
Aug 26, 2024
Merged

feat: fetch secrets via Phase application ID #8

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
9b3f315
feat: parse AppID over AppName
nimish-ks Aug 26, 2024
a91029f
feat: updated types, added AppID
nimish-ks Aug 26, 2024
6cbeb1d
chore: added types, bumped version
nimish-ks Aug 26, 2024
471a739
feat: updated README
nimish-ks Aug 26, 2024
ee6e54f
fix: version
nimish-ks Aug 26, 2024
5a25197
feat: add support for custom user agent for SDK wrappers
nimish-ks Aug 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
feat: updated types, added AppID
  • Loading branch information
@nimish-ks
nimish-ks committed Aug 26, 2024
commit a91029f3e5dd5a89df2e65715ca083bda979778a
197 changes: 112 additions & 85 deletions phase/phase.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,40 +24,45 @@ type Phase struct {
}

type GetSecretOptions struct {
EnvName string
AppName string
KeyToFind string
Tag string
SecretPath string
EnvName string
AppName string
AppID string
KeyToFind string
Tag string
SecretPath string
}

type GetAllSecretsOptions struct {
EnvName string
AppName string
Tag string
SecretPath string
EnvName string
AppName string
AppID string
Tag string
SecretPath string
}

type CreateSecretsOptions struct {
KeyValuePairs []map[string]string
EnvName string
AppName string
SecretPath map[string]string
KeyValuePairs []map[string]string
EnvName string
AppName string
AppID string
SecretPath map[string]string
}

type SecretUpdateOptions struct {
EnvName string
AppName string
Key string
Value string
SecretPath string
EnvName string
AppName string
AppID string
Key string
Value string
SecretPath string
}

type DeleteSecretOptions struct {
EnvName string
AppName string
KeyToDelete string
SecretPath string
EnvName string
AppName string
AppID string
KeyToDelete string
SecretPath string
}

// Init initializes a new instance of Phase with the provided service token, host, and debug flag.
Expand Down Expand Up @@ -167,31 +172,35 @@ func (p *Phase) resolveSecretValue(value string, currentEnvName string) (string,

// Get fetches and decrypts a secret, resolving any secret references within its value.
func (p *Phase) Get(opts GetSecretOptions) (*map[string]interface{}, error) {
// Fetch user data
resp, err := network.FetchPhaseUser(p.AppToken, p.Host)
if err != nil {
if p.Debug {
log.Printf("Failed to fetch user data: %v", err)
}
return nil, err
}
defer resp.Body.Close()

var userData misc.AppKeyResponse
if err := json.NewDecoder(resp.Body).Decode(&userData); err != nil {
if p.Debug {
log.Printf("Failed to decode user data: %v", err)
}
return nil, err
}

envKey, err := misc.FindEnvironmentKey(userData, opts.EnvName, opts.AppName)
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return nil, err
}
// Fetch user data
resp, err := network.FetchPhaseUser(p.AppToken, p.Host)
if err != nil {
if p.Debug {
log.Printf("Failed to fetch user data: %v", err)
}
return nil, err
}
defer resp.Body.Close()

var userData misc.AppKeyResponse
if err := json.NewDecoder(resp.Body).Decode(&userData); err != nil {
if p.Debug {
log.Printf("Failed to decode user data: %v", err)
}
return nil, err
}

envKey, err := misc.FindEnvironmentKey(userData, misc.FindEnvironmentKeyOptions{
EnvName: opts.EnvName,
AppName: opts.AppName,
AppID: opts.AppID,
})
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return nil, err
}

decryptedSeed, err := crypto.DecryptWrappedKeyShare(envKey.WrappedSeed, p.Keyshare0, p.AppToken, p.Keyshare1UnwrapKey, p.PssUserPublicKey, p.Host)
if err != nil {
Expand Down Expand Up @@ -302,14 +311,17 @@ func (p *Phase) GetAll(opts GetAllSecretsOptions) ([]map[string]interface{}, err
return nil, err
}

// Identify the correct environment and application
envKey, err := misc.FindEnvironmentKey(userData, opts.EnvName, opts.AppName)
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return nil, err
}
envKey, err := misc.FindEnvironmentKey(userData, misc.FindEnvironmentKeyOptions{
EnvName: opts.EnvName,
AppName: opts.AppName,
AppID: opts.AppID,
})
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return nil, err
}

// Decrypt the wrapped seed
decryptedSeed, err := crypto.DecryptWrappedKeyShare(envKey.WrappedSeed, p.Keyshare0, p.AppToken, p.Keyshare1UnwrapKey, p.PssUserPublicKey, p.Host)
Expand Down Expand Up @@ -415,22 +427,29 @@ func (p *Phase) Create(opts CreateSecretsOptions) error {
return err
}

_, envID, publicKey, err := misc.PhaseGetContext(userData, opts.AppName, opts.EnvName)
if err != nil {
if p.Debug {
log.Printf("Failed to get context: %v", err)
}
return err
}

// Identify the correct environment and application
envKey, err := misc.FindEnvironmentKey(userData, opts.EnvName, opts.AppName)
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}
_, envID, publicKey, err := misc.PhaseGetContext(userData, misc.GetContextOptions{
AppName: opts.AppName,
AppID: opts.AppID,
EnvName: opts.EnvName,
})
if err != nil {
if p.Debug {
log.Printf("Failed to get context: %v", err)
}
return err
}

envKey, err := misc.FindEnvironmentKey(userData, misc.FindEnvironmentKeyOptions{
EnvName: opts.EnvName,
AppName: opts.AppName,
AppID: opts.AppID,
})
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}

decryptedSalt, err := crypto.DecryptWrappedKeyShare(envKey.WrappedSalt, p.Keyshare0, p.AppToken, p.Keyshare1UnwrapKey, p.PssUserPublicKey, p.Host)
if err != nil {
Expand Down Expand Up @@ -518,13 +537,17 @@ func (p *Phase) Update(opts SecretUpdateOptions) error {
return err
}

envKey, err := misc.FindEnvironmentKey(userData, opts.EnvName, opts.AppName)
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}
envKey, err := misc.FindEnvironmentKey(userData, misc.FindEnvironmentKeyOptions{
EnvName: opts.EnvName,
AppName: opts.AppName,
AppID: opts.AppID,
})
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}

decryptedSalt, err := crypto.DecryptWrappedKeyShare(envKey.WrappedSalt, p.Keyshare0, p.AppToken, p.Keyshare1UnwrapKey, p.PssUserPublicKey, p.Host)
if err != nil {
Expand Down Expand Up @@ -625,13 +648,17 @@ func (p *Phase) Delete(opts DeleteSecretOptions) error {
return err
}

envKey, err := misc.FindEnvironmentKey(userData, opts.EnvName, opts.AppName)
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}
envKey, err := misc.FindEnvironmentKey(userData, misc.FindEnvironmentKeyOptions{
EnvName: opts.EnvName,
AppName: opts.AppName,
AppID: opts.AppID,
})
if err != nil {
if p.Debug {
log.Printf("Failed to find environment key: %v", err)
}
return err
}

decryptedSalt, err := crypto.DecryptWrappedKeyShare(envKey.WrappedSalt, p.Keyshare0, p.AppToken, p.Keyshare1UnwrapKey, p.PssUserPublicKey, p.Host)
if err != nil {
Expand Down