Skip to content

Commit

Permalink
fix: get secret endpoint not reading path params (#155)
Browse files Browse the repository at this point in the history
  • Loading branch information
sagojez authored Sep 18, 2024
1 parent cf42822 commit 1ea027c
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 10 deletions.
2 changes: 1 addition & 1 deletion Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 4 additions & 2 deletions integrationos-api/src/logic/secrets.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
use crate::server::AppState;
use axum::{
extract::{Path, State},
routing::post,
routing::{get, post},
Extension, Json, Router,
};
use bson::doc;
Expand All @@ -11,7 +11,9 @@ use serde_json::Value;
use std::sync::Arc;

pub fn get_router() -> Router<Arc<AppState>> {
Router::new().route("/", post(create_secret).get(get_secret))
Router::new()
.route("/", post(create_secret))
.route("/:id", get(get_secret))
}

#[derive(Serialize, Deserialize)]
Expand Down
2 changes: 1 addition & 1 deletion integrationos-domain/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name = "integrationos-domain"
description = "Shared library for IntegrationOS"
license = "GPL-3.0"
version = "6.0.1"
version = "7.0.0"
edition = "2021"
repository = "https://github.com/integration-os/integrationos-domain"

Expand Down
12 changes: 9 additions & 3 deletions integrationos-domain/src/algebra/crypto.rs
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ use google_cloud_kms::{
grpc::kms::v1::DecryptRequest,
};
use secrecy::ExposeSecret;
use tracing::debug;

#[async_trait]
pub trait CryptoExt {
Expand Down Expand Up @@ -159,18 +160,23 @@ impl GoogleCryptoKms {
key_id = self.config.google_kms_key_id,
),
ciphertext: BASE64_STANDARD.decode(encrypted_secret.as_bytes())
.map_err(|_| InternalError::deserialize_error("The provided value is not a valid UTF-8 string", None))?,
.map_err(|e| {
debug!("Error decoding secret: {e}");
InternalError::deserialize_error("The provided value is not a valid UTF-8 string", None)
})?,
..Default::default()
};

let decriptes_bytes = self.client.decrypt(request, None).await.map_err(|_| {
let decriptes_bytes = self.client.decrypt(request, None).await.map_err(|e| {
debug!("Error decrypting secret: {e}");
InternalError::connection_error(
"The provided value is not a valid UTF-8 string",
None,
)
})?;

let plaintext = String::from_utf8(decriptes_bytes.plaintext).map_err(|_| {
let plaintext = String::from_utf8(decriptes_bytes.plaintext).map_err(|e| {
debug!("Error converting decrypted secret to string: {e}");
InternalError::deserialize_error(
"The provided value is not a valid UTF-8 string",
None,
Expand Down
1 change: 0 additions & 1 deletion integrationos-domain/src/algebra/secret.rs
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,6 @@ impl SecretExt for GoogleKms {
.ok_or_else(|| InternalError::key_not_found("Secret", None))?;

let encrypted_secret = secret.encrypted_secret().expose_secret().to_owned();

let version = secret.version();

let decrypted_secret = self.crypto.decrypt(encrypted_secret, version).await?;
Expand Down
7 changes: 5 additions & 2 deletions integrationos-domain/src/domain/configuration/secrets.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,12 @@ pub struct SecretsConfig {
pub google_kms_project_id: String,
#[envconfig(from = "GOOGLE_KMS_LOCATION_ID", default = "global")]
pub google_kms_location_id: String,
#[envconfig(from = "GOOGLE_KMS_KEY_RING_ID", default = "secrets-service-local")]
#[envconfig(
from = "GOOGLE_KMS_KEY_RING_ID",
default = "secrets-service-development"
)]
pub google_kms_key_ring_id: String,
#[envconfig(from = "GOOGLE_KMS_KEY_ID", default = "secrets-service-local")]
#[envconfig(from = "GOOGLE_KMS_KEY_ID", default = "secrets-service-development")]
pub google_kms_key_id: String,
#[envconfig(
from = "IOS_CRYPTO_SECRET",
Expand Down

0 comments on commit 1ea027c

Please sign in to comment.